My inner monologue makes absolutely no sense at all when I'm reading the quotes!
5 posts • joined 23 Oct 2015
Unless you know something I don't, the pwn2own comp is aimed at attempting to breach the device from the perspective of a remote attacker? The software tool connects to the phone using a USB cable to take advantage of http://www.windowsphone.com/en-gb/how-to/wp7/basics/how-do-i-update-my-phone-software (basically the USB update mechanism). So the only way to breach the security or sandboxing is to purposely connect it to your computer and replace all that security with your own. So no built in security has been breached because it's using an update mechanism already provided to bypass the security for legit updating purposes?
Whilst I welcome this new ability to mod my phone from it's original purpose, to what end I wonder will this improve my device. As far as I know MS keeps all of it's devices up to date with the latest version of Windows software and I can think of no function I need to perform as root. Indeed to do this to a device that previously passed the pwn to own test (http://arstechnica.com/security/2014/11/windows-phone-security-sandbox-survives-pwn2own-unscathed/) because of it's security and sandboxing seems rather irrational to me. But as someone else pointed out some people just want to play with their *cough* devices - who am I to judge them? :)
This is a little bit boring. Honestly you would have thought lessons were learnt from other large companies losing customer data. There were lots of signs before this happened i.e. an increase in the number of fake talktalk phishing calls customers were receiving (yes I was one of them).
Now I have yet another company telling me my data has been lost to who knows who. Would be nice if they could lose a license to ISP or something. Then have to go through a stringent set of checks before they were allowed to ISP again - footing the bill to transfer their customers to other more competent ISPs until they were relicensed. This would definitely put these companies off skimping on security! Probably only get a small fine which isn't much of an incentive for not stopping this kind of thing in the future.
On the plus side the phishing call I received did amused me:
Scamguy: Hello this is talktalk there is a problem with your router
Me: Sorry that's absolute rubbish, let’s start again, you say you are from talktalk yes?
Scamguy: You are stupid <hangs up>
(Yes I phoned talktalk to check it wasn't them)
Biting the hand that feeds IT © 1998–2019