Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Submission + - Remote control of a car, with no phone or network connection required

Albanach writes: Following on from this week's Wired report showing the remote control of a Jeep using a cell phone, security researchers claim to have achieved a similar result using just the car radio. Using off the shelf components to create a fake radio station, the researchers sent signals using the DAB digital radio standard used in Europe and the Asia Pacific region. After taking control of the car's entertainment system it was possible to gain control of vital car systems such as the brakes. In the wild, such an exploit could allow widespread simultaneous deployment of a hack affecting huge numbers of vehicles.

Comment Re:Oh the irony (Score 1) 111 111

Oh... you mean like thinking HTTPS stops anyone from seeing the URL you just visited so they can view it for themselves?..... yeah, some people just don't get that.

Well, https won't protect you from others identifying which site you visited, but the entirety of your GET request is encrypted and that's important. It means if which actual pages you view is protected from snooping unless, say, you're on a work computer and your employer is using some nefarious https proxy that issues certificates to your browser.

So your employer might know you were looking at a local news site, but cannot see that you were reading the situations vacant pages. Or they can tell you were at the Mayo Clinic site, but not that you were reading pages about STDs.

You can typically spot such proxies pretty easily though - visit Google and see if their certificate was signed by or by some other entity. If it wasn't signed by Google, you have reason to be concerned. If you're really suspicious you can check fingerprints too, but for some sites these may change and you may be better picking a small server that likely has a single certificate to check the fingerprint against.

Comment Re: Yes, but can it launch Waze (Score 1) 235 235

You do realize that Google Now will happily open Waze if you say "open Waze app"? Give it some context and it knows exactly what to do.

That said, I agree that s statement beginning " open ..." could automatically be interpreted as meaning an app, but there may be reluctance I do that in case it interferes with future expansion into the internet of things, e.g. "open the curtains", or " open the garage ".

Comment Re:Difficult? (Score 5, Insightful) 152 152

at least until somebody reverse-engineers the password manager and disables the "give fake password upon decryption failure" logic

Why should a password manager like this know if it's generating a valid or invalid password. Surely all it needs to do is generate a salted hash based on the website name, a random value it generated when you installed the software and your entered password that protects the vault. Any salt entered will generate a result, but only the salt you are expected to remember will generate valid passwords.

You should get the advantage of strong lengthy random passwords for the websites you use, and some added value in that if your password file is compromised it remains challenging to brute force since each generated password needs to be tested. The disadvantage is that some sites may not place limits on the number of login attempts making brute forcing possible and then the overall security comes down to the strength of the salt you chose.

Comment Re: Enlighten me please (Score 1) 450 450

I didn't for a minute suggest it couldn't. Rather, that a single wire doing all that plus power is going to be a spaghetti like mess, and a dock might be the better solution. I don't see anyone crying out for a single cable that has two adapters going off to monitors, another to the keyboard, another to the mouse, another to network, another to an external drive and then a few spare for regular USB use like SD cards, charging your phone, etc. Presumably, the solution is a usb-c hub, which begs the question why that's better than a dock which provides all the same at your desk, plus the laptop having sufficient ports for when your away from the mega cable?

Also, from my understanding, usb-c does have some practical bandwidth limitations that could be an issue if your driving a multi-head setup and want decent bandwidth remaining for external disk and Ethernet. Admittedly that's going to be less common.

Comment Re: Enlighten me please (Score 1) 450 450

I can understand the sentiment, but I wonder what sort of wire is going to give me 2 or 3 HDMI ports, a half dozen USB ports, audio in/out and Ethernet? Surely some Mac users also use dual head displays, an external disc drive (two if you need an external hard drive and CD/DVD/bluray) desktop speakers and a keyboard/mouse?

Comment Re:Seriously? (Score 4, Insightful) 282 282

Then again, Orwell did write that tyranny in UK would come in the guise of nationalism and security

Well, he isn't apparently suggesting the police or state should be able to place a camera in every home, just that it's a smart idea for a homeowner. Personally, I'd have thought that for anyone willing to pay for a home security system this would be a no brainer today. There's countless wireless enabled camera systems that are obviously going to be useful in the event of a burglary.

That said, it's a short term fix. As burglars become more aware of the presence of cameras, they'll start wearing a mask just like folk robbing stores and banks where CCTV is expected already do. Once outdoor cameras become more prevalent, they won't use your driveway to park. There might be a small deterrence factor that would encourage an opportunistic thief to go next door if they can see cameras outside your house, but equally you might just be advertising that you have stuff worth stealing.

Comment Re:A laptop with almost no ports?! (Score 1) 529 529

You're a student. They're marketed to you. That doesn't mean they are marketed particularly to students. Here's a clue... They're marketed to everybody.

Sure, they're marketed at a wide variety of people. The Apple Store for Education does, however, suggest they market directly at students. Particularly since the new MacBook is sold to students at a discount.

Comment Re:A laptop with almost no ports?! (Score 1) 529 529

What is it you are not understanding about products being built for different purposes, and Apple having different lines to meet different requirements?

I've yet to see an Apple laptop that's not heavily marketed at students. Perhaps you're right and this will be the first.

Right. It's life might have halved. To 5 fucking hours.

And that means for my afternoon classes it's going to be plugged in. And if I need to use a USB stick I'm either using adapters or juggling wires.

Given that USB-C is a standard connector (albeit implemented by Apple first) there will be whatever fucking hubs you want.

Of course there will be 'whatever fucking hubs you want.' What I was questioning was whether they would add USB port(s) to an official power supply in the same manner as Lenovo do with the Thinkpad (obviously Apple's would be more beautiful). Such a decision would certainly make the design choice more understandable. Otherwise many users are going to be using third party chargers, or have hubs sitting between their laptop and the power supply which could be awkward in the tight confines of a lecture hall.

Comment Re:A laptop with almost no ports?! (Score 2) 529 529

Surely it's purpose is to be functional. It certainly seems a bit strange to require you unplug your laptop - even if it has excellent battery life - in order to use a USB stick.

Regardless of 'the cloud', students make plenty of use of USB sticks. And in four years time, nearing the completion of your undergrad degree, that battery life might not be so hot. Maybe the power brick will have a USB hub?

Comment Re:News (Score 3, Insightful) 211 211

their premiums more than double thanks to obamacare

Do you ave any evidence to cite that justifies this as the reason for the increase? Or is it possible their employer saw an opportunity to screw the workforce and blame the President?

Obamacare did little to change most employer plans, so unless your friends had extremely limited insurance coverage, a > 100% increase seems implausible.

Comment Re:Don't be naive (Score 1) 232 232

They already have been told. The case has been litigated and SCOTUS held the police need a warrant to conduct a search. Letting the police look at what is displayed on your phone screen is not a voluntary consent to a search of the phone.

As for the cost of fighting them, if it's litigated again it will be as a civil rights violation under 42 U.S. Code section 1983 which includes a fee shifting provision.

(for some reason /. doesn't permit § to generate a section symbol)

Machines certainly can solve problems, store information, correlate, and play games -- but not with pleasure. -- Leo Rosten