Forgot your password?
typodupeerror

Comment: Re:Open SSL (Score 0, Offtopic) 351

by megabeck42 (#46701903) Attached to: Isolated Tribes Die Shortly After We Meet Them
Are you new here? I'm surprised he isn't citing a petrified Natalie Portman covered in grits and vetted by the GNAA. "Netcraft confirms X" is an old, old, late 90s slashdot comment "joke." Granted, it's as funny as those forwarded email I get from my aunt; but it's the thought that counts, right?

+ - Fifty Years Ago IBM 'Bet the Company' on the 360 Series Mainframe

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com (2995471) writes "Those of us of a certain age remember well the breakthrough that the IBM 360 series mainframes represented when it was unveiled fifty years ago on 7 April 1964. Now Mark Ward reports at BBC that the first System 360 mainframe marked a break with all general purpose computers that came before because it was possible to upgrade the processors but still keep using the same code and peripherals from earlier models. "Before System 360 arrived, businesses bought a computer, wrote programs for it and then when it got too old or slow they threw it away and started again from scratch," says Barry Heptonstall. IBM bet the company when they developed the 360 series. At the time IBM had a huge array of conflicting and incompatible lines of computers, and this was the case with the computer industry in general at the time, it was largely a custom or small scale design and production industry, but IBM was such a large company and the problems of this was getting obvious: When upgrading from one of the smaller series of IBM computers to a larger one, the effort in doing that transition was so big so you might as well go for a competing product from the "BUNCH" (Burroughs, Univac, NCR, CDC and Honeywell). Fred Brooks managed the development of IBM's System/360 family of computers and the OS/360 software support package and based his software classic "The Mythical Man-Month" on his observation that "adding manpower to a late software project makes it later." The S/360 was also the first computer to use microcode to implement many of its machine instructions, as opposed to having all of its machine instructions hard-wired into its circuitry. Despite their age, mainframes are still in wide use today and are behind many of the big information systems that keep the modern world humming handling such things as airline reservations, cash machine withdrawals and credit card payments. "We don't see mainframes as legacy technology," says Charlie Ewen. "They are resilient, robust and are very cost-effective for some of the work we do.""

+ - WebM support on 4chan ->

Submitted by Anonymous Coward
An anonymous reader writes "Today we added support for WebM files on 4chan’s image boards.

While WebM is technically a video file format, it offers many advantages over animated GIFs—namely superior image quality, support for more than 256 colors, and reduced file size. Its main disadvantage is browser compatibility, however 86% of 4chan’s visits come from browsers that include full or partial support for WebM, and plug-ins are available for those that don’t (like Internet Explorer and Safari)."

Link to Original Source

Comment: Re:No contract, wifi-only (Score 1) 126

by megabeck42 (#46488397) Attached to: Replicant OS Developers Find Backdoor In Samsung Galaxy Devices
If you're the same anonymous coward, then I am flattered that you returned to check your post for my reply.

> And pardon me, but could you explain to me what the need is for a(n undocumented!) way to gain access to "certain files" on a phone by a remote person ? As far as I can tell there is nothing on a phone a remote person should have access to without the explicit say-so of the owner.

Sweet jesus. The system is not an undocumented way to allow a reomte, third party unauthenticated arbitrary access to your data. It's a system used to allow the modem firmware running on a separate DSP core to save and recall information. Yes, there exists a <b>possibility</b> that a flaw in the modem firmware could allow a third party to command the modem to make IPC requests to the device's host processor to read information and then, potentially, transmit it back. There is no evidence to suggest that such a flaw exists.

> You mean to say that as they all have got similar backdoors (do they ?) its OK ? Strange reasoning ...

No I don't mean to say all have any backdoors; a backdoor is a camouflaged or otherwise hidden system installed to circumvent access restrictions. This is niether camouflaged nor hidden. It's purpose is not to circumvent access controls. It is not a backdoor.

> Bottom line: A phone which has got RPC file-IO calls from the cellular into the smart part of the phone is at least questionable.

Questionable? Yes, of course. But do not attribute to malice what is adequately explained as incompetence.

Comment: Re:OTA updates (Score 1) 126

by megabeck42 (#46475925) Attached to: Replicant OS Developers Find Backdoor In Samsung Galaxy Devices

I'm replying again because it occurred to me. to check the dictionary.

A backdoor is an indirect and devious system conceived for the purpose of allowing access to resources by circumventing security protections.

This is not. This is a set of IPC requests an "API" to allow the modem firmware to store non-volatile information in a specific location of the host phone's filesystem.

You're absolutely right that a backdoor is a backdoor; however, this is not a backdoor. If they'd really meant to introduce backdoors, don't you think they'd have made even a trivial effort to hide or obfuscate it? For example, D-Link's special request header “xmlset_roodkcableoj28840ybtide” that would bypass the web admin authentication. That's a backdoor. Minterpreting wrappers for read() and write() is not.

Comment: Re:No contract, wifi-only (Score 1) 126

by megabeck42 (#46475811) Attached to: Replicant OS Developers Find Backdoor In Samsung Galaxy Devices

I do believe you missed the point of my comment entirely. These IPC requests for doing file I/O are there to allow the to read and write to a small subset of files constrained to a specific portion of directory hierarchy.

Yes, the modem could potentially read other files - limited by unix access controls, but it cannot read nor write from arbitrary files.

> Maybe you're right and it should be called "criminal negligence" instead.

I was growing the impression you'd authored a post with value worth contributing to the discussion until I noticed this statement. I thank you for announcing your ignorance so clearly.

Want to prevent people from destroying/modifying your IMEI using a yet-unknown-and-incredibly-unlikely-but-still-technically-possible hypothetical remote privilege escalation? Use the chmod(1) command with the argument 640 to remove the group write permissions.

Really, how is this unlike any other phone that has a cellmodem with firmware and nvram?

If you really wanted to limit what files the rild could interact with on behalf of the modem, a trivial bind mount and chroot( ) would suffice.

Comment: Re:OTA updates (Score 1) 126

by megabeck42 (#46475563) Attached to: Replicant OS Developers Find Backdoor In Samsung Galaxy Devices

Unfortunately, the daemon that opens, reads, and writes files on behalf of the modem, is running as a specific unprivileged user, radio (uid 1001 on my phone.) It could only wipe out the information I have in /efs and a few specific files in /data. Nothing bars it from triggering some other system/daemon/process responsible for more thorough wiping of data.
 

Comment: Re:No contract, wifi-only (Score 3, Informative) 126

by megabeck42 (#46469857) Attached to: Replicant OS Developers Find Backdoor In Samsung Galaxy Devices

Two things, "Even Ham radio operators?" When did they become the retards of the RF world - I thought that title belonged to CB'ers? Honestly, hams are not interested in your phone.

While, yes, technically anyone can communicate with your modem; anyone can communicate with your wifi card or your bluetooth adapter as well. And it would appear that the samsung radio interface IPC layer at least has a modicum less access to the entirety of your device than your wifi driver - which is in the kernel. People have, in the past, exploited mistakes in wifi drivers and wifi card firmware to remote exploit via wifi. (*: The specific instance I remember, was with an old intel 802.11b/g card and specially crafted management frames which could be trivially spoofed and didn't need to be encrypted to be accepted by the wireless card. The proof of concept was able to issue busmaster DMA read/writes which, ostensibly, would allow rewriting arbitrary kernel ram, etc.)

Across the scope of samsung phones I was able to check (ok, two of them), the radio interface, the android host side of this communications channel, runs as uid 1001 (radio). As far as my cursory inspection revealed, meant that the radio/modem can read/write the files in /efs and only read a number of other places, such as /sdcard. Granted, /sdcard contains a lot of your personal data. My point is that, in this case, a compromised modem is still less privileged than a compromised android service or, worse, compromised driver/kernel. Also, given that these IPC instructions are used for reading/writing modem "nvram" data such as the handset IMEI, to describe them as a "backdoor" is horribly inappropriate.

So, yeah, as you said, "huge technological challenge." Agreed. But, the idea that a data modem may be exploitable is by no means new.

Comment: Re:OTA updates (Score 4, Interesting) 126

by megabeck42 (#46469717) Attached to: Replicant OS Developers Find Backdoor In Samsung Galaxy Devices

I couldn't agree more. There is no evidence to suggest that it's a malicious backdoor.

A quick strings on my samsung captivate glide's modem firmware, reveals all manner of novel debug messages and log strings:

err/CP_MA_TRACE_%d_%04d%02d%02d%02d%02d%02d.bin
[DUMP] FILE OPEN FAIL
[ERROR]%s,%d,%s
[DUMP] FILE CREATE FAIL
[DUMP] Write MA Trace To /data/efs/err =====
aurrcbp: discard cell due to system information read error
[Net]NV Read Fail! OEM_NVM_TESTBED

etc..

I do know that a lot of data persistence for the radio is done with dotfiles scattered around and throughout /data and /efs (because real nvram is expensive).

I'm curious what functionality is affected, if any is, by rejecting any of these IPC_RFS_ I/O.

I don't think it's clearly a backdoor. But, I do believe the concern is warranted. The radio/modem's firmware blob is not auditable. Perhaps a combination of logging/auditing filesystem requests and limiting which files are accessible by the RILD? Actually, isn't the rild run as an unprivileged user, radio? (Possibly for this very reason?)

Comment: Re:Privacy Risks (Score 4, Insightful) 157

by megabeck42 (#46134175) Attached to: Rome Police Use Twitter To Battle Illegal Parking

At risk of being put online? Don't people risk exposing their license plates every time they back out of the garage?

I think the real concern is, "This just puts millions of illegally parking individuals at risk of being publicly shamed."

The best protection for any one concerned their license plate may end up online seems pretty simple and obvious: think ahead, be considerate, and don't park like an asshole.

Life's the same, except for the shoes. - The Cars

Working...