3733 posts • joined 10 Jun 2009
Re: Unique opportunity for Sailfish
Actually, we can. What's being stated is that the base Android OS is too lax on security (owing to a model intended to coax developers, not to woo users). The hope is that Sailfish will be built with user-selectable security being baked right into the kernel where it can't be removed. Thus, when a Sailfish app asks for something, it can be controlled by the user to a meticulous degree. For example, instead of being forced to say "yes, you have network access" or "no" in broad, you can perhaps be able to have it prompt you, either the first time or (and here's where it can top iOS) EVERY time or in specific timed intervals. With this level of control and a "deny-by-default" attitude, it would be very tough for anything underhanded (like perhaps Google Play Services) to slip in under the radar.
Re: Steganography to hide the whole thing
The big trick would be to conceal the payloads in ways that can withstand mangling, image conversion, and so on. Many hosting sites will routinely alter images to make them easier to store and transmit, and the extent of these alterations can break many stegos to date: including perhaps this method or a variant of concealing it in the EXIF data. I will admit that a 1080-sized wallpaper gives more real estate to work with, but that's again reduced by the robustness requirement.
Re: Not steganography
It's been so noted in the article and qualified appropriately (IOW these weren't El Reg's words).
I suspect, though, it won't be long before someone uses real stego to pull it off. I think the main concern is that many sites mangle images before posting to fit within dimension and/or size limits, and JPEG is a pretty forgiving format for that...except when you want to keep fine details which are necessary for stego, meaning mangling a JPEG will likely mangle the stego beyond the point of recognition.
So perhaps what we're seeing is a V1 attempt at hiding the list within an image file. V2 will see true robust stego.
Re: Crucial difference
"If wee little paperclip antennas installed in racks in the basement data centers actually worked, then why does everyone else spend so much time up on the roof struggling to get an OTA HD signal? Why doesn't Aereo drop this service model and start selling these amazing "antennas" to the public? Perhaps the same technology can be applied to directly detect signals from deep space missions using nothing more than a slightly larger paperclip?"
Because location is part of the reason Aereo works. Aereo carefully picks their facilities to optimize the reception, much like transmitters use tall masts and prefer the tops of hills and the like: the clearer your line of sight, the better. Put it this way: no matter how good your setup, trying to get good reception in a valley (or a concrete canyon) is pretty much going to be hit or miss: bad line of sight compounded with reflection echoes.
Re: Beer analogy
They pay by the eyeball on the TV. Thing is, TV watching has spread out lately, and the TV auditors lack the means to measure things like Aereo, computers, even DVRs.TV shifting been a brewing storm for the advertisers for a few years now because to date they lack a reliable means of measuring shifting.
Re: Crucial difference
"Also, insects have antennae; televisions have antennas. Once a loan-word has acquired a new meaning, it follows modern English pluralisation rules in its new sense."
Last I checked, it should be all or nothing. Multi-mast WiFI setups still use "ae" IIRC. Put it this way: either insects have antennas or wireless systems have antennae: no vacillating.
It's like with the "mouse" and "house" question. Why don't we say "mouses" or "hice"?
Re: dumb question but...
Plus what if the phone never gets the kill signal in the first place because it gets shielded before the kill signal is ever sent? Then it's sent someplace where the kill signal isn't supported?
They're not synced between countries. IOW, steal phone, sell overseas, profit.
Re: What good does bricking a stolen phone do?
I don't know about that. People have been mugged and killed apparently JUST for the phone (as in nothing else was stolen), which is then fenced.
Re: Land of The Free
Also, this gives the ability of authorities to stop all communication from a certain physical area. Say for example where there is a protest, they can just kill all phones within a mile radius. Or, kill all phones in area X, that arent specifically phone models used by police or military.
They've been able to do that for years, no killswitch required. Cell phones are pretty useless without CELLS. Governments simply shut down the cell towers and kill the reception. I recall that's a technique Iran used (that and killing Internet access in the affected area: thus killing WiFi and femtocells as well). Police and military don't need cell phones since they traditionally use two-way radios whose frequencies are already reserved for them (Know why the US can't use Band III? Military had dibs on the frequencies already).
Re: Buyer beware
Oh indeed. Probably the fate of many stolen phones is an advert on Fleabay two weeks later for cheap screens, or a casing, or sensor glass, or a battery, or whatever.
Which correlates well to a lot of stolen cars. If the car isn't stripped (sometimes on the spot) for black market parts, it's being hauled away intact to be sent overseas. Either way, Lojack would do jack about it (since the strippers would quickly locate the beacon and send it elsewhere and the exporters would move the car out of range).
Similarly, stolen phones are either stripped down and sold for parts or quickly stuffed in a shield bag and sold overseas where the kill signal won't reach.
Re: It's not phone calls, it's data
They made up for it by offering flat-rate pricing for calls, then for texts. Once you're flat, you stop caring. Data's only starting to go there but some of the data allowances can be generous.
Re: Funny thing is
Can one actually SEE Iceland from the English Channel?
Re: ASLR Bypass Apocalypse ..
So how do they keep the INNER circuit from being directly attacked. IOW, who guards the guards' guard? Similarly, wouldn't the malware writers simply target the hardware directly, which HAS happened, as BIOS/EFI exploits can attest.
I'm curious to know how the exploit is defeating both ASLR and DEP. Is the code using a JIT Spray or something else?
What failed the Dreamcast was a combination of bad timing and strong competition. By the time the Dreamcast came out, Sega was already perceived as on its last legs. They were desperate enough to try to jump the gun AND not use the new DVD format for its games. Both were gambles and in this case they didn't pay off.
Meanwhile, Sony went the other way and decided to wait. By using DVD media, they could paradigm shift gaming expectations away from whatever Sega could produce (and though Sega could produce superior graphics, the TVs of the time—HDTV wasn't even out yet—meant it wasn't easy for the average gamer to see it). Not to mention it also meant it could double as a DVD player at a time when the format was novel and in demand, fueling a synergy between the two. Furthermore, they chose to include PS1 backward compatibility, which meany anyone who missed out on the PS1 generation and its large number of great games could buy in with one purchase. Plus, in gaming terms Sony really is the gorilla in the room because it's not just a gaming company. It's a media company as well; they could perform media tie-ins none of the other companies can achieve. Only Nintendo with iconic decades-old franchises could come close to that level of media power. The deathblow probably came when EA (THE most-demanded sports gaming company) pretty much snubbed Sega. EA is considered the third party to watch when it comes to support. When EA snubs a platform, pretty much everyone else realizes it's a lost cause. Like it or not, when it came to sports gaming then and probably now, EA blazes the trail.
The trademarks associated with Minecraft and its assorted characters. Under USPTO law, these rights must be asserted in order for them to remain valid.
Re: Rendering on PC:s
"My first thought was Babylon 5, though they did have a special piece of hardware (Video Toaster). I'm sure there are plenty of other examples, though."
I personally like the series, but due to the technology, it is now easy to see when the CG was invoked (it reduces the resolution and is easy to notice in DVD releases). I personally would like to see the series upgraded to BluRay quality the way they're redoing Star Trek: The Next Generation, but I maintain skepticism over the possibility (mainly the availability of the original film footage).
This is truly a retarded argument that I keep hearing over and over again. Cable companies don't service rural areas they can't make money in. Many of these remote places have only crappy DSL or dial-up.
Point is you have big cities on BOTH coasts. In order for these cities to be able to talk to each other in high-speed, you need to make it high-speed all the way down, including out in the boonies. Otherwise, it'll be like planting a two-lane bridge in the middle of a four-lane highway: basically making a chokepoint. This is where geography plays a role. How much do you think it would cost to run high-speed fiber between New York and Los Angeles, considering in the meantime this fiber will have to negotiate two mountain ranges and more than a few rivers (including the Mississippi)? And that's not among the worst-case scenarios (consider a run from Miami to Seattle, longer and more convoluted).
"How does the population density argument explain the fact that I have faster broadband on my phone than at home? Shouldn't the cost of building those cell towers out in the boonies make mobile broadband impossible in urban areas too? But apparently they figured out that they can do better tech (LTE) in the cities, and keep older/cheaper tech (EDGE/EVDO/etc) in less populated areas and keep everyone reasonably serviced. Not that the cell companies are much better than Comcast or TW, but at least there is some overlap and competition between them. Honestly my only hope is that mobile+netflix will kill cablecos for good. Fuckin' leeches."
In many cases in the US, HISTORY gets in the way of cities' building up. Can you perhaps tell me the average AGE of a high-bandwidth city? I strongly suspect none of them to top 100. Meanwhile, the biggest cities in the US are also among the OLDEST (New York predates the country, Chicago, San Fran, LA, etc. were well-established before 1900). Heck, even across the water, I hear London's having its own teething issues with high-speed broadband (no wonder, that's an old city if there ever was one). I'll make it quick: NEW infrastructure in an OLD city (especially one with lots of OLD existing infrastructure) is difficult, especially if it's WIRED tech, which in dense cities probably have to go UNDERGROUND (and New York has SO MUCH existing underground infrastructure they don't even allow implosive demolition for fear of damaging stuff down there). At least wireless infrastructure has one key advantage in a city: you can use the buildings themselves to provide height, although concrete canyons have also proven to hamper ranges. Plus very dense cities present problems of contention and the problems when you try to relieve this problem by crowding masts.
The general rule of thumb is that the best countries with broadband are also typically the smallest and/or densest. The big thing retarding US broadband expansion is natural and unavoidable: geography. The US is a big country geographically with lots of rural space in the center. This skews the infrastructure costs upward and makes them less viable. To put it in perspective, consider how much it would probably cost to connect New York and Los Angeles (a very realistic prospect) with high-speed data. Miami to Seattle (longer and more convoluted) would be even worse. And let's not even start with trying to connect a place as remote as Hawaii.
Re: Some people regret the lost jobs of horse carriage maintenance.
It's not like you can choose between the two of them even now. If TWC is in your area, odds are none of the others are. Same goes for Comcast, Cox, whatever. And the reason for this is pretty simple: the communities don't like redundant infrastructure, which would be the inevitable result if two cable companies started overlapping. You'll note that the main competition for cable companies in a given area are the wireless and telephone companies, each of which use separate infrastructure.
In other areas, especially rural ones, the ROI to get to those communities wouldn't make it worthwhile unless the market was captive, and ALL the cable companies know it, so they can basically hold the towns and counties hostage with "all-or-nothing" offers. That's the natural way of utility companies and other industries where there is a high (in terms of money or undesirability) barrier of entry in the form of up-front infrastructure costs. These kinds of companies tend to form monopolies naturally.
This merger is less the AT&T-T-Mobile merger and more like the GTE-Bell Atlantic merger (which produced Verizon): more geographical and horizontal in nature. I'm just saying this isn't as similar as you think.
Re: Goose and Gander
Not if you as sender don't have a Google account, because you then have not signed up to their ToS (you cannot have a one-sided contract).
What he was trying to say was that anything that enters the Google ecosystem becomes subject to Google's infamous search scrutiny. IOW, if you send an e-mail to a gMail user, everything about it will be scrutinized, and even if you don't agree to use Google, they'll start building a profile on you, a la a Jigsaw attack. Merely interacting with anything pertaining to Google is all it takes. This isn't anything new; Facebook does it two by using the Like button as a sort of leech outside the Facebook ecosystem.
Re: You'll never convince...
The next time someone tells you natural is good, dare them to eat a castor seed (the source of ricin).
Re: Not a Dos/DDos attack but
Have you seen ransomware in action? Most of them encrypt the contents of your device, making backups useless. At this early stage, if I were an Android ransomware writer, I'd at the least use a root exploit amd remove/disable any and all backup programs. Given time, I'd encrypt the pertinent bits of data like call logs, contacts, etc. and move from there.
Re: meet the Law of Unintended Consequences...
And what happens when crooks stash stolen phones in Faraday bags so they never hear the brick signals and then fence them overseas so they never hear the signals again?
Re: But who has control...?
It's probably kept by the manufacturer. Otherwise, bricking can't be done by law enforcement.
Re: "how painfully slow migrations from Windows XP to Windows 7 are proceeding"
Sometimes, it's the software. Software that came from the Windows 2000 era, perhaps, still works in Windows XP but breaks on Vista and up. It's custom-made, mission-critical, must-be-up-at-all-times software, and the developers behind it don't exist anymore, meaning it can't be recoded for 7. The only possibility is to code a new program from scratch, but the budget probably doesn't allow it. So some places are caught between a rock and a hard place, being forced to stay with XP with no migration route.
Re: You can have it all!
Don't you suffer from data crossover problems, then, since you may need data on the 7 drive but have to run it on the XP or Ubuntu drive? Or do you keep a separate tray for the data?
Re: Bad writing
I don't think that's logically sound as "not A" would mean "nothing at all" in this case. We have an A-or-B situation, plus the null option (neither A nor B; again this would be "do nothing"). In this case, there's no intersect: doing A (going hard now) precludes doing B (go slow and over time) and vice versa.
I'd be curious to think about people who have no choice. Software that directly handles hardware (VM-incompatible), breaks in later OS's, doesn't exist on Linux, can't work on WINE, and must see the network.
Re: Is it possible for "crypto currencies"
Messages have been in the block chain since early times. As for secret transmission, that's hampered by the need to share the block chain.
Re: Once upon a time....
And now you're contradicting yourself, because we're BOTH arguing about the handle wire. I have already acknowledged that the lock basically disconnects the handle wire from the latch. I'm saying you WANT this in an accident because you want to reduce the odds of the door opening DURING the accident (raising the risk of you being thrown out as it opens; a distinct possibility with older cars that had the belt affixed to the door instead of the post; basically put, you're better off IN the car during the accident, and let the frame absorb the energy). The reason being that if the accident involves the door deforming in some way (for example, a side collision), this deformity can cause the door handle wire to go taut, (much like something flying into a balloon string) and potentially engage the latch if it's still engaged because the door is unlocked.
Under the scenario your describe, it wouldn't matter if the door was locked or not. After the accident, one should be able to unlock the door, thus re-engaging the handle wire to the lock, and then try to open the door, unless (as you say) the door is physically wedged in place, meaning you're stuck either way. And if the accident is such that the latch itself physically fails, then as you say the state of the lock is irrelevant and the whole argument is moot: whatever happens happens regardless of the lock state.
And you notice how minimal the fighter HUD is. Pilots have to be TRAINED to understand the sparse information in order to make it useful. A car HUD would have to be at least as easy to use as the current spate of gauges and dials so that the average driver can interpret them correctly. But that can prevent the HUD from being minimalist enough to not interfere with normal forward viewing.
Re: Once upon a time....
The lock disengages the catch from the door handle's wire. If the handle wire gets pulled during the accident (distinct possibility if the door gets bent and it goes taut), it could engage the catch and open the door Here, it isn't just me. NHTSA follows this philosophy. In addition, it wants to prevent doors opening while rolling. Read up:
Re: It's all shades of grey
"Obviously, the only way for the data to be completely anonymous is to contain no data at all."
Of course, because unique data, by definition, is identifiable in some way (otherwise it can't be distinguished and therefore cannot be unique). And as someone has mentioned before, collaboration of the data (which can even happen internally if a single company interacts with customers in different ways--no sharing required) can open the door for a jigsaw attack on data that is required for the company's services to function.
The takeaways I get from this are (1) one cannot interact with the world on a fully anonymous basis if the interaction must in some form be two-way, as one must be able to receive a reply, (2) if one is not fully anonymous, one will eventually be fully identified due to the natural courses of business and human nature (filling in the gaps), leading to (3) against a determined and resourceful adversary, anonymity of any sort is infeasible, as they only have to be lucky once.
Re: Damned Americana
I think the main justification for addressing the word "data" in the singular is because it can be considered a collective noun, much like how one can call a group or a set of things in the singular, though I recognize the rules can vary depending on location. For example, I'm quite aware that teams can frequently still be addressed in either the singular or the plural. In the end, I call it in the matter of context: singular if being addressed as a whole or collection, plural if being addressed as a multiple of datum.
And not be running the new Android Runtime. It's currently disabled and an option in 4.4, but the next version's expected to have this on by default, breaking the Xposed Framework needed to run XPrivacy.
Re: Root your droid then use a security app
I DON'T because governments will know whose arm to twist. If the security app comes from an unenforceable land or has a widespread community support, it would be much harder to squelch or tamper.
Re: This is why.... "Listening mode only"...
At some point, a rooted phone will become a RIGHT, and the sooner people wake up and tell the carriers to sod/screw/get off, the soone we collectively might be able to pressure google and the phone manufacturers to ease up on the lock-down.
Never happen. One of the parties that want the wide-open door is the government (in the generic, not the specific). They'll always want that access as a matter of course (governmental instinct), and any attempt to get them to sign anything otherwise just results in "ink on a page". After all, who can you turn to above them to keep them in line, given that the government is sovereign and, by definition, in control of its own destiny?
And before you ask why you don't hear the same thing about Apple phones? Bet you that's because they got an insider there years ago and twisted Apple's arm, allowing them to create a more sophisticated snaffer that can't be readily detected by spectrum analysis because it only transmits sideband.
BTW, to whoever mentioned the em-shielded bag, accelerometers and gyros don't need EM to work, so if it gets a fixed via radio (which it'll get at some point because you have to use the phone), then if it's shielded it can still keep track of itself for some time while in the bag, then when you take it out again it can correct for drift before sending.
Re: Obvious question. Do *devs* have to take *all* or nothing access to your data?
Rather, it's the devs forcing it on Google or they would never have migrated from the Apple store to begin with.
Searching for accounts sounds like a prerequisite for in-app purchases, which need an account on which to charge.
As for retrieving running apps, it's possible it could have a tie-in to a related or other app (perhaps partner apps or other apps from the same developer).
Trouble is, the Xposed framework needed for Xprivacy breaks on the new Android Runtime. Bet you it becomes standard next version. Also bet they find a way to block the permission blockers with under the hood changes, too.
Re: ACLU and EFF
And if users get control of the permission, what do you think will be among the first things turned off for adware apps (unless the app itself needs it for normal function)? Network access. This will probably start app devs packing some ads into their programs so they can't be blocked.
The point is, the app devs want the control, so you have a tug of war between the users who want control of their device and the devs who want control of their app, and Google's position will have them favoring the devs (they pay Google more both directly and through the ad network). Apple can dictate terms since the iDevice line is vertically integrated and has that mysterious "We Must Have It, Here's Our Life Savings" draw. Google lacks that level of control and can easily lose the plot if devs decide to defect.
Re: The browser
My last phone before I went Android was the N95 8GB. No touchscreen. It navigates pages and links Lynx-style using the D-pad, with a couple menus to help shortcut to the address bar and so on. Actually, for a while, it was still sturdy enough to handle the more-robust Opera Mobile.
That's what I've found to be my main draw to a smartphone: information on the go. I do not use my smartphone for social apps of any kind, but whenever I'm shopping around and come across something, I find it reassuring to be able to whip it out and pull up some quick but useful information on something. More than once, it's been able to help me shy away from something that looked good at the time but upon second opinion wasn't worth the trouble.
Re: @ Charles 9
It wasn't patented only because it COULDN'T be patented. Exception to the rule because it's inapplicable; edge case. A proper example would be one that COULD be patented but WASN'T.
And last I checked, yes, to say you don't want nonphysical patents means an examplar (and to be an exemplar, it usually has to be WORKING) is REQUIRED.
Re: You wouldn't have stop the caravan.
Sorry for the rant, it just pisses me off that we throw our soldiers (citizens) into war zones and actively undermine them by ignoring things paid for with millions and millions of lives. The recipes for successful war and successful business haven't changed in many millennia. War is pretty stupid, but if you're going to do it, go with what works and just do it. If you're a bit squeamish about the people dying in large quantities bit, maybe war isn't the path you should be on.
That's assuming you HAVE an alternative. If your opposition considers MAD a winning scenario AND loves to hide among noncombatants, how do you take them out without making new enemies along the way?
Re: Seems pretty pointless
Reach, perhaps? Suppose there isn't a friendly airfield nearby? And B-52s are too big to take off from carriers, which is why they're exclusive to the Air Force. Plus there's the matter of the fuel costs. Ground transport almost always uses less fuel than an airdrop.
Thus why I've stayed away from AT&T for a number of years now. T-Mobile's coverage may be subpar, but the price can't be beat. Even now they're offering the closest things to a no-strings-attached 3-way unlimited plan for $70 a month, no contract. And if you want to skimp in places, they offer various lower rates in exchange. No other big-name plan I know can match, and this comes with WiFi Calling and Visual Voicemail.
- Review This is why we CAN have nice things: Samsung Galaxy Alpha
- Ex-Soviet engines fingered after Antares ROCKET launch BLAST
- Hate the BlackBerry Z10 and Passport? How about this dusty old flashback instead?
- NASA: Spacecraft crash site FOUND ON MOON RIM
- Apple spent just ONE DOLLAR beefing up the latest iPad Air 2