2188 posts • joined Tuesday 17th April 2007 15:29 GMT
Am I stupid 3...
Just triple checked in case it was a dream, but yes, my Desire Z also has a wifi hotspot app and offers to share the connection when I plug in the USB lead, and I didn't install them.
It's odd that it is only recently tethering has become an issue, I had a long line of Nokia's which all tethered, Nokia Suite has an icon for it. It came in very useful when the builders went through the phone line.
I guess we can thank the iphone for making what was a standard feature for years a new "pay for" option.
I think the rootkit they embedded in the audio CD would be classed as criminal. Installing software onto a machine without the user's consent.
You mean you trust users?!!!
You only need to see the number of people repeatedly being taken in by the "See who viewed you profile" and the topical "See Bin Laden execution" link worm on facebook to see that users of any platform are:
2) Don't learn even if you explain it to them with a length of 4 by 2.
Combine something like that with an exploit and away you go!
As the old saying goes, remember that 50% of the population are of below average intelligence.
I bet that Osama is kicking himself for not having an internet connection into his compound now!
Oh, well okay, if he could kick himself of course.
Spot on Graham
Speed cameras take no account of driving style and conditions. They are are purely
if speed>limit then driver.fine(£60)
At least with a speed trap there is a real policeman about, so someone driving like an idiot (tail gating), but below the limit, might actually get caught, but usually it is a speed camera and not a real person able to use judgement. The yellow automatic boxes are far more cost effective.
I'd be quite in favour of magic boxes which could tackle inconsiderate/incompetent drivers who tail gate, never indicate or leave their rear fog lights turned on for a month after a slight mist (preventing anyone behind from seeing their brake lights coming on).
And before anyone says this is sour grapes, I haven't been caught speeding in 20 years, and I don't hold a grudge that long!
Re: Looks like they host their own stuff
Hell yeah, if you had 100-500Mb/s coming into your building, would you bother using a hosting company?
Well if you have any sense you would... but people don't see that, they think, yeah, that's fast enough. They don't stop to think about what else a good hosting company does like firewalls, IDS, OS/DB and application patches etc etc.
I've called 999 (uk) from my mobile several times over the years, they always know where you are the second you call from the cell info. I don't the resolution, but when I've called it's been pretty close and that's including calls from old 2g S40 Nokias with no wifi or gps.
My post was giving an example of an artificially low speed limit. I certainly did not say people should be allowed to drive round at whatever speed they like.
A road that is big, wide (wide enough for 3 lanes as I originally mentioned), and a 60mph zone for decades that suddenly becomes a 40/30 zone. Not to mention that in that time cars have gained ABS and better tyres, so are actually *less* likely to have an accident.
It is *not* through a village, it is between two villages, approx 2 miles long. It does have a few buildings on one side, which are all set back from the road by quite some distance, most of them light industrial. On the other side are fields. That is it!
I live round the corner, so any serious accidents would be in my local rag, and believe me, there was certainly no problem with this road as a 60mph zone.
Oh, and BTW, this road isn't a minor road carrying A road traffic, is *IS* an A road!
Now go take you own arrogance somewhere else, and at least have the balls to not hide behind A/C.
Is there nobody supplying location aware devices that isn't screwing us over?!!!
Surely speed traps should be set up where there are an excessive number of accidents. The fact people are speeding down a road that has no accidents just goes to show that the speed limit on that road is artificially low.
I know of a road round the corner from me which went from 60 to 40 a few years ago, and then had a 30 mph bit inserted in the middle. I had used the road daily to and from work, and never seen an accident. The biggest problem it had was from farmer Jones trundling down it at 20mph in his tractor sometimes, but it was big and wide so you could pass farmer Jones by making a 3rd lane in the middle, which is exactly what everyone did.
According to the local paper, the reason for the new lower limit was to make the road easier to cross, and they added pedestrian islands in the middle of the road to highlight the new pedestrian friendly nature. This of course completely ruined any chance of more than one car passing farmer Jones at a time before having to duck back in to avoid the next pedestrian island.
The whole thing falls apart when you actually see the road. It only has a pavement on one side, and some fields on the other side. Nobody want to cross to the other side! In the years since the islands appeared I have seen a grand total of zero pedestrians cross the road. They just decided to screw it up with islands nobody uses, and cause more accidents because people get irate in the traffic queues, try to overtake with the red mist descending, and invariably smash all the keep left bollards off the traffic islands! I've seen the effects of at least 5 of these accidents!
Lucky they haven't bothered plotting up with a speed camera yet. I'm sure they will as the locals generally ignore the artificially introduced limit and do 50mph (farmer Jones permitting of course).
Words are cheap.
“The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.”
I would say that events suggest the security system wasn't that sophisticated at all!
The fact it took Sony several days work out exactly what was accessed says a lot for the capabilities of their intrusion detection system and auditing, assuming they have either of course. Unless the few days delay was due to them hoping the story would just go away on its own.
It's actually worse than that. Most routers in the UK seem to turn up with a preconfigured wireless password, which is a step on from the always supplied open situation of the past.
Unfortunately some manufacturers set the password to one which can be deduced from the MAC address!
There's an app on Android called penetrate (cue 12 year old snigger) which knows these routers and preset password algorithms. It's quite worrying to walk about with it running and see the known ones pop up one by one. From my short test, it's above 1 in 20.
Yes, you are quite correct sir... I should stop posting at 4am!
Interesting maths... Ignoring that only a fraction of the video frames are complete images, and most are actually transitional frames stored as differences to a complete reference frame, 60 seconds at 30 frames per second is 1800 images. So they could have hyped it far more.
I guess you don't have the Daily Mail in the USA to push this kind of mathematical correction!
Bad news. Your connection could be breached within minutes.
Hiding the ID doesn't make your network invisible, it just means the ID has to be provided by the connecting party as another form of confirmation. The trouble is if you are using your wireless network, that "secret" ID is whizzing about in the airwaves all the time in the packets... And your packet are only encrypted with WEP.
WEP can be broken very quickly. Once the key has been extracted the next packet that comes past with the ID in it will be broken, and there is the ID, and a MAC address which you allow.
It will stop someone accidentally using your network, but to anyone who *really* wants to use it anything not secured by WPA2 is as good as open.
But there is a gaping void between quantity and quality in the world of cameras. You can easily see the difference between a smart phone photograph and one taken with a "real" camera. Sharpness, white balance, dynamic range are just a few things that will betray a phone. It gets even worse when the light starts to drop. It's a pity Nokia's play with a xenon flash equipped phone didn't catch on, that was quite impressive.
Facebook is full of "taken with my iphone" pictures, and I have to wonder why they feel the need to put that tag on, even Stevie Wonder can spot the iphone shots! At least now they have a pseudo-flash the number of daylight silhouette shots might reduce a bit!
For my part, despite owning a Nikon D300, I do still use my phone camera sometimes. It's convenient and I think that is probably why there are so many phone camera shots appearing. You can take a picture, press an icon and beam it straight up onto flickr/facebook etc before you even get home.You nearly always have it with you if something happens worth shooting (however badly). It's also far safer to have a phone in your pocket when doing various activities such as snowboarding and motorcycling than a Nikon DSLR being smashed into your ribs if it all goes a bit wrong!
Hand held games consoles on the other hand have very little to offer which a mobile phone cannot. The phone actually has the advantage of connectivity, and the games are somewhat cheaper! The saving grace for the console is probably battery life, and the fact that you can use it until the battery is flat without leaving yourself with no phone, mp3 player and camera.
@Dave 126 - I don't know what generation you are, but I haven't worn a watch for over 10 years since the last one clapped out and died.
For passwords to be stolen, Sony must be storing them, which in security terms is a total fail.
Sony, you *never* store a password, you store a hash of the password, preferably from a known and trusted algorithm which you initially seed with a secret phrase to prevent those pesky rainbow lists from allowing a reverse.
I wonder how things would go in the UK with BT's home supplied routers which act as FON hotspots for anyone with an account. I don't know, as I don't have either the AP or an account, but I hope for the broadband customers sake that BT can and do log access made via these hotspots.
Yup, you're reading the register. Did you really expect everything in the comments to be serious? Come on, REALLY!
I could tell you my IP... but then I reboot the router and I get a different one :-)
To be honest I think the attack possibilities of knowing an IP far exceed those of knowing the approximate location of a wifi MAC. For a start, anyone more that a few miles away isn't going to bother driving round to your house to attempt to exploit the wifi.
Knowing the IP that someone is using allows you to "have a go" from anywhere on the planet. Knowing who the person is gives you a good leg up on the social engineering side of hacking. I'm lucky that my name is only slightly more unique than John Smith, so even assuming I had a public facebook page, you'd still be pulling up 500+ matches in London alone. That does still leave you with the chance my router is set for remote admin, and the password is steverocks...
So on that note I'm going to go change my password :o)
Oooh, what are the odds on that!
Well you do spell "neighbours" correctly, so there's a distinct possibility!
It's a bank holiday, first round is on you!
@Ian Michael Gumby
I'm in the UK.
I agree that accessing a wifi point, and actually using it as is the case with your countryman and the coffee shop would be illegal here too (I think!). Although depending on the situation (i.e. accidentally accessing the neighbours open wifi) you could probably get away with it... Not so much if you have driven round and parked to "borrow" some bandwidth though, shows intent.
Kinda odd really, as in England, the physical trespass laws are such that if you leave the front door open, and somebody walks in, they aren't actually committing a criminal offense.
Anyway, the difference here is that the content of the message isn't been recorded, the MAC is in the header, and the connection being offered isn't actually being used or exploited.
After all, every wifi client device in existence that spits up a list of available access points, both encrypted and open when you say "scan for wireless access point" is reading and displaying exactly the same data which google is listening out for.
Maybe the fact it is recorded/logged might make a difference in the eyes of the law.
BTW, many years ago the cops tried to make speed camera detectors illegal over here by saying it was listening to police broadcasts. One of the manufacturers successfully defended their position by saying it wasn't allowing the owner to listen to a police broadcast, it was merely indicating the presence of one. IIRC the cops then changed tack and went at it from a "obstructing the course of justice"... sneaky so and sos.
At least this data really is useful for using wifi points for A-GPS, and yes, the Android phone does ask for your agreement if you enable the wifi location options... Only problem is IIRC, this was enabled by default when I got mine, so I didn't ever see the box to agree to!
Oh well, at least it can be turned off easily.
So compared to the iphone tracking the data does actually have a proper use, and you can turn it off with a check box... So not quite as evil as apple, but still sneaky.
Now if you don't mind I've got to go change the MAC on my AP.
@By their own admission
What country are you in? Is war driving illegal?
Breaking the WEP/WPA and accessing the network would be illegal under hacking laws. Accessing an open AP is a bit greyer depending on your country, but just detecting the existence of a wireless point is simply listening what it is publicly broadcasting.
There is a bit of a difference in being able to ask a phone to remotely tell you of its location when it has been lost/stolen (as is done with MobileMe on the iphone and countless applications on Android including "Where's My droid" and "Lookout") and having a device "pre-emptively" recording your every move and recording it for month after month without any permission requested or granted!
Would you say "OK" to an a new application that said it would record all your movements and store them in an unencrypted file when you backup? I certainly wouldn't.
Whilst there are reasons to need to know the current location, there are no reasons I can see that would require this to be stored in a historical log. I'm sure the security services could find lots of reasons this is a good idea, but then they aren't interested in your privacy.
It does sound like a bit of debugging code which has been left in, but whatever the reason, it's not a nice discovery.
,,,"Yeah, it's not perfect"...
Blasphemy! Burn him!
Enough of this megapixel willy waving! 5mp is enough!
On a sensor the size of hanging chad, squeezing 12mp onto it is insanity! The more photo-sites you cram into that little space, the more photons you need to "see" the image. Sure technology is improving, and sensitivity is increasing, but not that fast! My *real* DSLR with it's comparatively huge sensor is *only* 12 megapixels, and even with an f/1.4 lens it can get challenging in low light, but at least I have the option of deploying a real big flash.
Phone cameras are fine in sunlight, but as soon as night falls, or people move inside, the little LED flashes just can't provide enough illumination to maintain a fast enough shutter speed, or keep the amplification applied to the sensor (which increases the noise) to a reasonable level.
Can we look forward to some nice clear and stable "posted from my iphone" images on facebook please? Because at the moment most of the ones taken at night look as blurred and drunk as most of the people in the picture!
Re: 3.5", 4" yaddy yaddah
The flip size of the coin is that us with sausage fingers don't get on with small screens. My fingers obscure an area 4 letters wide on most touch keyboards!
I used to get on well with the very unfashionable resistive screens because I could tap with my finger nails, unfortunately now I have a capacitive touch screen, my typing speed has certainly slowed down. It doesn't help that tip of my fingers appear to be too tough and leathery for them to be detected on most phones and I have to tilt them a bit. HTC Desire HD seems to be the only one I've tried that recognises my fingers straight on. Unfortunately the HD isn't mine, it belong to my girlfriend who loves having the big screen, it's probably something to do with Angry Birds!
On the subject of the iphones, this is somewhere Apple's single model plan does fall over. Sure it does make for a simple upgrade path (assuming you follow the "way"), but it does means that if your hands aren't the apple definition of "standard", you've either going to find the device too big, or too small.
Maybe they should errr on the side of smaller, I can't imagine any guys needing to hold a phone on a call for an hour!
Unencrypted, badly set permissions, predictable location...
Not good... At least they managed to send an email out...
Thank you for downloading and using the Skype for Android software. Unfortunately, it has come to our attention that if you were to install a malicious third-party application onto your Android device, it could access the locally stored Skype for Android files. These files include cached profile information and your instant message chat history.
We take our users’ privacy very seriously and are working quickly to protect you from this vulnerability, including securing the file permissions on the Skype for Android application. This update will be available shortly and as always we urge you to install updates to benefit from our continuous fixes and improvements.
Until the update is released, to protect your personal information, we advise that you as always take care when selecting which applications to download and install onto your device from the Android Marketplace.
For more information see our Security Blog at blogs.skype.com/security or our security section at skype.com/security.
Re: Is it just me...
I wouldn't call unlocking an iphone easy.
Why haven't they made it 100% impossible? Well I think they might have tried, but remember we are talking about a company who can't make a scheduled alarm ring at the correct when daylight saving changes, and has tried to fix that several times without 100% success!
I can't ever imagine Apple releasing their control over the phone, and until people can install whatever application they like, be it animated boobies or whatever, there will always be a market for jail breaking techniques.
@A/C 12:16 GMT
Yes, the USB electronics only implement the very basics, the CPU is used to do all the hard work.
Firewire on the other hand is far kinder on the CPU and handles far more itself in the interface.
If you have a little Atom powered netbook or nettop, try copying a file on a USB stick back to the same drive, and watch the task manager CPU usage.
Viruses did exist before the internet, they just spread more slowly on infected floppy boot sectors and couldn't create spam email. They did however destroy local data and do "fun" things like make all the letters fall down the screen.
If you want to run a machine without AV then you'd better hope the machine has no network connection or *any* removable storage support.
If you want to try a honeypot, simply connect a windows 95 machine to the internet via a USB router. I'll be amazed if it has lasted the day before is turns belly up under the weight of infections.
IIRC one of the techie sites did this a few years ago and had to unplug it after 45 minutes!
The legal mine field...
Yup, you got it. Sending a command to something which is already on the machine and telling it to "stop" is one thing, actually installing or uninstalling something starts to fall fowl of various computer misuse laws.
Then again, the machine is already infected, so how the end user would know that he should blame the feds for his now dead PC is a good question... If he wasn't clued up enough to install antivirus in the first place, nor to notice his router or network icon blinking away excessively then I vote the feds keep quiet and just issue the format command...
Or maybe just set up a persistent route for everything back to 127.0.0.1, then hopefully Jim-Bob would call someone in to fix his errant machine.
From a technical point of view it's a great hack.
From a political/legal point of view, ummm, I'm not going to even go there!
So I shall raise a pint to their technical abilities, and audacity.
Yes, but the breaking relies on exploring a flaw in an older bootloader. To do a Desire Z or HD today you'd first have to downgrade the firmware to one with the bug, then exploit it and get S-OFF.
If the new phones don't have the flaw, there isn't an older version of firmware for them with the flaw to roll back to, it's going to make things a little tricky!
Re: Way to win a debate!
My point was purely that the iphone1 cannot be described as being five years ahead of its time in 2007. Although it's very possible Nokia won't have anything to beat it in 2012!
So you are going to have to forgive me for arguing over the time scale, because that was my point!
SMS is far more widely used for phone to phone communication outside of America than email, the reason mobile email got a hold in the USA is because the US networks couldn't sort out their interconnects to deliver messages between networks. So not being able to send a group text message was quite a source of amusement to us non-Americans when the iphone1 appeared.
I'll freely admit that the iphone did give the other manufacturer a good kick up the arse, the user interface is nice. Unfortunately Nokia were still sitting in the meeting when the kick arrived and it just made them fall off the chair, banging their head on the edge of the table on the way down.
So thank you Apple for causing the Android smartphone sitting on my desk to come into existence.
Feel better now?
Logging the IPs and working with ISPs to inform the end user...
Impressive if it works... I tried that once. I was getting several thousand emails from one IP every day. I contacted the ISP and it stopped. I was impressed. A month later it started again. Same IP, so the user had obviously learnt very little. I contacted the ISP again, nothing happened, the spam continued.
The IP is still blocked on my email server. Glad it was fixed and not dynamic!
I think MS should be made to force an update onto PCs which works like the browser choice app, but gives a choice of antivirus.
It's amazing to think how close the music industry have got (or are getting) to getting laws introduced which can have you disconnected from the internet, yet infected PCs which cause problems for far more people are just left to spew their infections penis and enlargement emails unchecked.
I'm sure if they introduced a 3 strikes and you're off the net until you complete a PC driving licence course would be far more widely supported.
Oh damn, I hope I haven't just given HMgovt a way to spin the music industries plans onto us under the guise of internet health.
Re: Gas or powder?
Indeed... For the tank to be damaged it would either have to had the explosion occur inside it, or it would have had to be subjected to prolonged heat. Neither happened here, but a leak of gas into the building sounds good to me.
What ignited it is a good question, but congratulations on getting the mixture spot on! Approx 15:1 of C3H8 in a shed that size... Gonna be impressive!
I make no apology for being a chin stroking techie, but the iphone1 was lacking more than just a "bleedin'" SD card slot.
It was little more than an ipod touch with a phone slapped on, and it was a phone design they based on the US market only, which is why they didn't notice the rest of the world was already moving onto 3G, cameras and used SMS extensively.
Please at least pretend to read the original post my reply was addressed to. Why did I dig out a "5" year phone for comparison? Because the OP said (or repeated a quote) that the iPhone1 (please note, iPhone ONE) was five years ahead of its time. So a logical comparison would be against a competitor at the time.
Maybe you would prefer I compare the iphone1 against something from five years after its release which will be something next year...?
So anyone claiming the iphone1 was five years ahead of anything at the time is at best a troll, at worst mentally deluded.
The N95's biggest issue was that carriers were allowed to customise and often prevent firmware updates. Best thing I ever did to mine was to change it to a generic Euro model. They nailed a lot of the bug within a few months, something which they never managed with the N97
N97, oh god yes, what a pile of poo. Had one of them. Nokia made a royal mess of trying to put touch onto Symbian. Only phone I have replaced outside of a contract just to get away from it. The old N95 remains my "just works" backup phone. The N97 is in a draw.
Very true, dominating the digital "walkman" market, and then grafting a phone onto it was a smart sideways move. It avoided trying to go head to head with the big phone manufacturers right from the word go. Build up your customer base in the mp3 player market, then offer them an ipod with a built in phone.
In summary, I wasn't saying the N95 was better or worse than the iphone1. I was just comparing two phones of the same era to counter the claim that the iphone1 was 5 years ahead of its time. If the iphone1 was truly 5 years ahead there should be a gaping chasm between them. There isn't.
Technically the N95 was ahead with a better camera, real 3G video calling, true multitasking, copy/paste, 3G support, full support for the GPRS messaging specification, battery life etc etc.
The iphone wins on the user interface which it brought from it's father the ipod touch, but as a phone it was lacking some pretty basic features, and lets not forget, it was supposed to be a phone!
Sorry? Are you saying the iphone1 was 5 years ahead of its time?
Oh go on then, I'll feed ya!
This would be the iphone1 that didn't do 3G, multitasking (of any style), couldn't do MMS messages, couldn't do group SMS and had a tiny camera with no flash?!
It could barely be called a phone given it's poor support for the standards. It would have been better to call it an iPod chat.
All it had was a pretty UI and a touch screen... It was a retarded beauty queen... All very pretty to look at, but don't expect it to be able to do much more.
In 2007 I had a Nokia N95, sure, no touch screen, but real multitasking, hot-swappable MicroSD storage, built in RDS radio, 3G, video calling with front and rear cameras (5meg with flash on the back) and it supported all the mobile messaging standard correctly etc etc etc.