Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:I would not be surprised... (Score 5, Informative) 136

Have you even checked how this attack looks like? The traffic is *NOT* coming from Chinese servers, but that's not the point. That's actually why it's so powerful. Baidu serves the malicious JavaScript in place of their analytics tracking script. Inside of China it's normal, but when it goes through the Great Firewall it gets changed to malicious script that turns any visitors of webpages with Baidu script (Google Analytics equivalent) attached to them into part of DDoS. The way that script worked initially was actually pretty hilarious. It attached new tag to the page with src attribute being github URL. This allowed github to replace content under those URLs to "alert('WARNING: malicious script detected');", which got executed in every browser that was turned into an attacker (and due to blocking nature of alert, limiting the impact). Of course there's more to that and the techniques used by attackers changed over past days - for instance, now TCP SYN floods started as well. But the fact is that there's definitely some big Chinese player behind it, even if it's actually not the most likely one - the government.

Comment: Re:Proof (Score 3, Informative) 136

But the actual traffic is international and there's nothing odd in it. It's the actual source of the attack - the hijacked Baidu script that changed non-Chinese visitors of Chinese pages into botnet (well, not really, but very botnet-like) nodes instructed to attack GitHub - that without any doubt came from the Great Firewall of China. It might not be the government, but unless there's a massive man-in-the-middle attack covering the whole non-Chinese Internet, it's definitely something that comes from China.

Comment: Re:White balance and contrast in camera. (Score 1) 420

by dos1 (#49153913) Attached to: Is That Dress White and Gold Or Blue and Black?
You're mistaken. The proper point to look at searching for white reference is in lower left part of the image - there's a part of some other, clearly black and white dress visible, and it has obvious orange - not blue - tint. Also, it's not hard to find other pictures of the same dress. There's also somewhere a confirmation of the taker of that photo saying that this dress is obviously blue and black. https://gs1.wac.edgecastcdn.ne... http://s3-ec.buzzfed.com/stati...

Comment: Re:Why do I want to upgrade? (Score 1) 437

by dos1 (#48763779) Attached to: Is Kitkat Killing Lollipop Uptake?

This was a problem before, and is probably due to SMS messaging standards (total guess, I've never investigated).

With SMS, you have no way to find out if the message has been sent to anyone else than you as well. If some messaging app lets you send message to multiple recipients, it actually just sends as many single, separate messages with the same content as there are recipients specified.

Comment: Re:Whoa (Score 3, Informative) 132

by dos1 (#48082869) Attached to: Test-Driving a $35 Firefox OS Smartphone

Looks like you have absolutely no experience in designing mobile devices. Arguments like "as cheap as RAM is" are bullshit. If you're not so big that you can design your own chips or at least be taken into consideration by manufacturers, you simply have to live with whatever is available on the market in quantities you need (and most of the options used by big gamers aren't even available on free market). For smaller projects (and I can imagine for a project like that with "as cheap as possible" constraint it's true as well), you're often limited to just a few SoC options, which in turn limit you further on available RAM packages (which aren't standardized in any way).

I'm working on Neo900 project and I know that finding 1GB PoP for DM3730 which wouldn't handicap our ability to connect NAND memory as well was a nightmare - and 1GB is actually hard limit on OMAP3 which was utilized only by a few devices out there. BTW, OMAP3's Cortex-A8 was actually meant for higher-end devices than A5 used in this phone.

Comment: Re:Why is this important? (Score 1) 136

by dos1 (#47625981) Attached to: Parallax Completes Open Hardware Vision With Open Source CPU

Actually, knowing the state of security in cellular networks - especially old 2G and availability of "downgrade to 2G" techniques for newer ones - despite of being strong FLOSS and OH supporter I'm kinda glad that any tech-curious kid next door can't easily play with baseband in his mobile phone.

Sadly, there's also kind of people that won't care that it's illegal and with enough motivation will get all needed hardware, so we're not really protected either way.

Comment: Re:Why? (Score 1) 136

by dos1 (#47592839) Attached to: Georgia Tech Researchers Jailbreak iOS 7.1.2

But how's that on-topic? What "rooting a phone" has in common with "disabling LTE cap"? (whatever you mean by that)
There is no "secret cap switch" that allows one to get ultra-speed while downgrading the connection to everyone else in neighborhood. The connection is managed by the modem with its own, closed and cryptographically signed firmware, which uses (or at least tries to use) 3GPP standards. It's completely unrelated to any "jailbreaking" or "rooting" that was discussed here.

Actually, when mangling with modem, "saturating LTE" is something you'd worry about as a last thing. There are much better things to do when you for instance force downgrade to 2G on your neighbors - then you can apply all sorts of man-in-the-middle, eavesdropping, spoofing, DoS attacks and much more. Cellular networks are built with an assumption that only certified hardware can transmit on them - and a lot of modems and BTSes blindly trust that this is really the case (after all, when you start to transmit with modified modem, like TI Calypso with OsmocomBB, you're breaking the laws, cause modifying its firmware made its certification void).

However, as I said, that has nothing to do with the concept of "jailbreaking" or "rooting". Maybe you know somehow the physical layer of GSM, but for sure don't really know how it's all implemented in modern smartphones.

Adding features does not necessarily increase functionality -- it just makes the manuals thicker.

Working...