I say!
Those chaps at Xinyinhe seem very decent indeed!
A Chinese advertising company has infected and 'completely' hijacked likely hundreds of thousands of Android handsets with an attack so careless it exposes a global botnet to easy hijacking and opens handsets to total compromise by any malware. FireEye (yet again, these guys need to get some sleep) researchers Yulong Zhang, …
I'd have to say that, except for the Linux part, that about sums up my online, 'connected' presence too. (Actually, I have a Linux desktop - and server - too but mostly stick with my Win box for day-to-day tasks.)
But even though I don't use these devices and services, I don't think you should have to avoid them just to be safe. As it happens, one of the reasons I don't have a smart phone is that I don't want all those vulnerabilities and all that invasion of privacy. It would be massively handy to be able to easily access the Internet on the go - whether that's using maps when travelling or looking up when the next bus is or booking a restaurant when you're out or just finding some contact details for a shop. But I have resisted the lure of that convenience and utility because I am not comfortable with the way the technology and is implemented.
When I eventually do make the jump, I will do my best to lock everything down as much as I can but for the everyday person, you shouldn't have hack your own device - voiding the warranty in the process - and disable every useful feature just to make it safe.
well... ... I don't even use Linux! I've got some slate, some chalk and a couple of rocks to bang together and that's good enough for all day to day business. If I need to do something on the intertubes (I've no idea what they are) then I use a bit of string and a couple of paper cups. I just don't understand why anyone would want to use anything else!
I spend most of my day trying to use telekenisis with the rock banging crowd but they never reply.... hence the internet is a very quiet place for me ... It's also cold outside and someone has stolen my last piece of rotten cheese..... maybe I should just lay my head down and sleep to make the shivering go away......
You are aware that telekinesis (all levels) has been shown to be completely open to the so-called "scanner exploit" and that over 80% of all rocks are believed by McAffee, Malwarebytes et al to have been infected with the "Mineral Inclusion" trojan, right?
"scanner exploit"
In that case I am going to start practicing a new form of telekenisis which would involve putting the heads of McAffee, Malwarebytes between two rocks and then telekinetically bringing the rocks together as quickly as possible.
Hey I just invented a "false positive destroyatron"
.
I have android phones but I don't randomly sideload apps from 3rd parties. My phone hasn't been pwned yet.
My PC doesn't get viruses either (windows) as in a similar vein I don't click install when a random adverts wants me to. My Linux extends to the router (centos), the NAS box (freenas), the filters (Ubuntu with diladele) and a mediabox with openelec on a RPi2
With these attacks you almost certainly won't know you've been pwned ever, or at least until we can figure out a detection tool resilient and reliable enough. This one is a beaut. PRC has been hiring the wrong people.
Windows? Today's malvertising with zero days own you without a click. Yada, yada. We have built a house of Cards inside a jet engine and the nation states and criminals both are starting engines. Two Internet facing/connected here: Laptop and tablet. I wouldn't she'd a tear to have to destroy both should the shit hit the fan. The valuable stuff will never connect again until the hacking equivalent of nuclear weapons stop going off and we get real Shields.
This post has been deleted by its author
http://www.theguardian.com/artanddesign/2015/sep/22/punkt-mobile-phone-london-design-festival
It looks like it's either that, a Doro phone (if you're in the right age group for that), a Samsung dumbphone, or an Alcatel dumbphone.
Or a refurbished Nokia from here...
I still have a small sony flip phone, might dig that out but it's probably got just enough i'net to be dangerous.
The connected life - a new form of Tuorrette's has arrived where the user starts swearing at night due to a small flashing LED reflecting off the ceiling, (Work phone, allways on, is it really important, will I manage to sleep if I ignore it...)
Not being snooty (okay, maybe a little) , but reading the link is enlightening https://www.fireeye.com/blog/threat-research/2015/09/guaranteed_clicksm.html
go to the page and go down to Figure 4 and you can see whats being added.
Anything unexpected in your Accessibility settings?
"Xinyinhe cannot be reached for comment as it has taken down its site and another linked to the malware. Web archives were not accessible at the time of publication.
"This is a worldwide, spreading malicious adware family with a high threat, likely controlled by a Chinese organisation," the researchers say ."
Spooky. Did they uncover something from their own government ?
/Black helicopters coming ...
What doesn't make sense is that they make this sophisticated takeover and then:
1) Leave evidence of who did it.
2) Leave an open back door allowing anyone to hijack "their" phones! (If I was so minded I would steal the whole botnet by changing the backdoor to something only I could access.)
Perhaps the evil genius got tired after not sleeping for a week and decided it's good enough, f**** it.
"Serve adult content"
How come every time something like this pops up, one of the primary "threats" cited is that we might be given free porn? Having my phone compromised and all my personal data stolen is a threat. Being given free porn is almost exactly the opposite of one.
Free Porn , no problem , here have some necrophilia, paedophilia, dwarfpornphilia, zoophilia, twogirlsandacupphilia, goatsephilia are all examples of "porn" that I am sure you wouldn't want to popup on your phones whilst visiting the inlaws.
That depends though, do you live in Liverpool, Australia or Arkansas.....?
No-one is safe :
http://www.theregister.co.uk/2011/03/21/sms_of_death_explained/