Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Iphone

Researchers Use Siri To Steal Data From iPhones 55

Posted by samzenpus from the protect-ya-neck dept.
wiredmikey writes "Using Apple's voice-activated Siri function, security researchers have managed to steal sensitive information from iOS smartphones in a stealthy manner. Luca Caviglione of the National Research Council of Italy and Wojciech Mazurczy of the Warsaw University of Technology warn that malicious actors could use Siri for stealthy data exfiltration by using a method that's based on steganography, the practice of hiding information. Dubbed "iStegSiri" by the researchers, the attack can be effective because it doesn't require the installation of additional software components and it doesn't need the device's alteration. On the other hand, it only works on jailbroken devices and attackers somehow need to be able to intercept the modified Siri traffic. The attack method involves controlling the "shape" of this traffic to embed sensitive data from the device. This covert channel could be used to send credit card numbers, Apple IDs, passwords, and other sensitive information from the phone to the criminal mastermind, researchers said in their paper.

Comment Re:Waiting for Republicans to come in and defend t (Score 1) 316

by coinreturn (#48851335) Attached to: Eric Holder Severely Limits Civil Forfeiture

I think this sounds like a great thing, however I do have to question why it took so long for him to do this. How long have Obama and Holder been in office? Now, finally, when we're in Obama's last two lame-duck years, Holder decides to finally do something useful?

So yeah, it's great that he's finally fixed this horrible problem, but he sure could have done it earlier.

He did this because of all the press it's been getting lately - it probably wasn't on his radar before that.
Bitcoin

Bitcoin Volatility Puts Miners Under Pressure 290

Posted by timothy from the coulda-shoulda-woulda dept.
An anonymous reader writes "The virtual currency Bitcoin lost 21 per cent of its value yesterday, equating to a total loss this year of 44 per cent. Reports have suggested that this rapid fall is squeezing computer supporting systems and is raising alarm about its future viability. Bitcoin's value fell to $179.37, 85 per cent lower than its record peak of $1,165 at the end of 2013. In total, nearly $11.3bn has been lost in Bitcoin's value since its 2013 high. The decline has raised concern for Bitcoin 'miners' who support the transactions made in the digital currency, and whose profits become squeezed as its price falls against traditional currencies." The Coindesk article in the linked story gives a blow-by-blow on yesterday's valuation drop; right now, Bitcoin has jumped back up and stands at just over $216.
Input Devices

Apple Awarded Gesture-Control Patent 105

Posted by Soulskill from the nothing-is-obvious-to-the-uspto dept.
mpicpp points out a report that Apple has been awarded a broad patent for gesture control of a computer interface (8,933,876). The company inherited the patent after their acquisition of motion-sensor company PrimeSense in 2013. (PrimeSense's technology is used in Microsoft's Kinect gesture control system.) Here's the patent's abstract: A method, including receiving, by a computer executing a non-tactile three dimensional (3D) user interface, a set of multiple 3D coordinates representing a gesture by a hand positioned within a field of view of a sensing device coupled to the computer, the gesture including a first motion in a first direction along a selected axis in space, followed by a second motion in a second direction, opposite to the first direction, along the selected axis. Upon detecting completion of the gesture, the non-tactile 3D user interface is transitioned from a first state to a second state.

Comment Re:Secret Ballot? (Score 2) 480

by coinreturn (#48796257) Attached to: How Bitcoin Could Be Key To Online Voting

You know...someone that cannot be troubled to take the small amount of time and effort to register to vote, and go to the poll to vote, likely is also NOT the type of person to take any amount of time to study the issues or people up for election and therefore, not someone I'd actively encourage to make a vote.

No vote is better than an ill-informed / non-informed vote.

You're just one small step away from a poll tax or an intelligence test. Watch it, buster.
Security

Google Throws Microsoft Under Bus, Then Won't Patch Android Flaw 629

Posted by timothy from the well-that's-one-way-to-view-it dept.
An anonymous reader writes Last month, Google took the bold steps to release the details of a security vulnerability ahead of Microsoft. Microsoft responded and said that there was a patch in works which was set to be released two days after Google went live with the details. Microsoft accuses Google for refusing to wait an extra 48 hours so that the patch would have been released along with the details of the exploit. Now, let's see what is happening on the Google side of software development. Recently, an exploit has been uncovered in the WebView component of Android 4.3 — estimated to cover roughly 60% of Android install base — and Google is saying that they will not patch the flaw. Google's only reasoning seems to be that they are not fixing vulnerabilities in 4.3 (introduced in June 2012) anymore, as they have moved focus to newer releases. It would appear that over 930 million Android phones in use are out of official Google security patch support.
Cloud

Would You Rent Out Your Unused Drive Space? 331

Posted by timothy from the how-plausible-is-your-denial? dept.
Press2ToContinue writes "There is a new idea out there, proposed by Shawn Wilkinson, Tome Boshevski & Josh Brandof, that if you have unused disk space on your HD that you should rent it out. It is a great idea and the concept may have a whole range of implementations. The 3 guys describe their endeavor as: "Storj is a peer-to-peer cloud storage network implementing end-to-end encryption would allow users to transfer and share data without reliance on a third party data provider. The removal of central controls would eliminate most traditional data failures and outages, as well as significantly increasing security, privacy, and data control. A peer-to-peer network and basic encryption serve as a solution for most problems, but we must offer proper incentivisation for users to properly participate in this network."
Crime

In Paris, Terrorists Kill 2 More, Take At Least 7 Hostages 490

Posted by timothy from the illiberality-in-action dept.
As reported by The Daily Beast, news on the ongoing terror attack (or attacks) in Paris. Chérif and Saïd Kouachi, who are accused of slaughtering 12 in an attack on Charlie Hebdo magazine, have been cornered by hundreds of security officials close to Charles de Gaulle Airport, north of Paris. Officials say they believe the heavily armed brothers are holding one hostage. Twenty miles south, in the east of the city, at least one gunman is believed to have taken six hostages at a Jewish store. Police suspect that the third gunman is the same man who shot and killed a policewoman on Thursday morning before escaping in a bulletproof vest. Update: 01/09 17:44 GMT by T : And now all three of the gunmen involved in today's hostage taking are dead. Watch this space for updates. Update: 01/09 17:15 GMT by T : CNN's story features a stream of updates (and an autoplaying video ad to beware), as does The Telegraph. Latest news is that brothers Cherif and Said Kouachi have been killed by police, but it's unclear whether the same is true of the third hostage-taker.
Electronic Frontier Foundation

EFF: Apple's Dev Agreement Means No EFF Mobile App For iOS 220

Posted by samzenpus from the not-for-you dept.
schwit1 writes The EFF launched a new app that will make it easier for people to take action on digital rights issues using their phone. The app allows folks to connect to their action center quickly and easily, using a variety of mobile devices. Sadly, though, they had to leave out Apple devices and the folks who use them. Why? Because they could not agree to the terms in Apple's Developer Agreement and Apple's DRM requirements.
Government

Lawmaker's Facebook Rant Threatens Media For "Unauthorized" Use of His Name 136

Posted by samzenpus from the keep-my-name-out-of-it dept.
An anonymous reader points out that Frederick County Councilman Kirby Delauter may be in need of a First Amendment lesson. "Apparently, a local Maryland politician ditched his civics class the day press freedoms were discussed. How else to explain Frederick County Councilman Kirby Delauter's recent Facebook rant in which he threatened a local newspaper with litigation because—wait for it—his name was used in print without his permission. 'Use my name again unauthorized and you'll be paying for an Attorney. Your rights stop where mine start,' Kirby Delauter, the councilman, posted on his Facebook page. He added: 'So let me be clear.........do not contact me and do not use my name or reference me in an authorized form in the future.'"
Programming

Tumblr Co-Founder: Apple's Software Is In a Nosedive 598

Posted by samzenpus from the clean-up-your-act dept.
mrspoonsi writes Respected developer Marco Arment is worried about Apple's future. In a blog post, he writes, "Apple's hardware today is amazing — it has never been better. But the software quality has taken such a nosedive in the last few years that I'm deeply concerned for its future." Arment was CTO at Tumblr, before he left to start Instapaper. "Apple has completely lost the functional high ground," says Arment. "'It just works' was never completely true, but I don't think the list of qualifiers and asterisks has ever been longer." He blames Apple prioritizing marketing for the problems with Apple's software. Apple wants to have new software releases each year as a marketing hook, but the annual cycles of updating Apple's software are leading to too many bugs and problems, he says: I suspect the rapid decline of Apple's software is a sign that marketing has a bit too much power at Apple today: the marketing priority of having major new releases every year is clearly impossible for the engineering teams to keep up with while maintaining quality. Maybe it's an engineering problem, but I suspect not — I doubt that any cohesive engineering team could keep up with these demands and maintain significantly higher quality."
Bitcoin

Bitstamp Bitcoin Exchange Suspended Due To "Compromised Wallet" 161

Posted by samzenpus from the that-old-familiar-story dept.
twitnutttt writes Customers of Bistamp, the successor (until recently) to MtGox as the highest-volume dollar-denominated Bitcoin exchange, and still the preferred source of trading data for many technical analysts, sent an email at about 4:00 UTC today warning that, "Today our transaction processing server detected problems with our hot wallet and stopped processing withdrawals." They also instructed users to stop sending any deposits immediately or they may be lost. The Bitstamp website has now also suspended all exchange/trading services, and the homepage contains only a maintenance message warning users of a "compromised" wallet. Numerous references to security imply that this is a hacking attack, but Bitstamp reassures that they maintain "more than enough offline reserves to cover the compromised bitcoins."
United Kingdom

Professor: Young People Are "Lost Generation" Who Can No Longer Fix Gadgets 840

Posted by samzenpus from the beyond-fixing dept.
antdude points out this story about one of the problems with our ever increasingly disposable world. "Young people in Britain have become a lost generation who can no longer mend gadgets and appliances because they have grown up in a disposable world, the professor giving this year's Royal Institution Christmas lectures has warned. Danielle George, Professor of Radio Frequency Engineering, at the University of Manchester, claims that the under 40s expect everything to 'just work' and have no idea what to do when things go wrong. Unlike previous generations who would ‘make do and mend’ now young people will just chuck out their faulty appliances and buy new ones. But Prof George claims that many broken or outdated gadgets could be fixed or repurposed with only a brief knowledge of engineering and electronics. "

Slashdot Top Deals

"May your future be limited only by your dreams." -- Christa McAuliffe

Close