Forgot your password?

Comment: Re:Advanced? Requires a Jailbreak & manual ins (Score 1) 72

by robmv (#48040113) Attached to: iOS Trojan Targets Hong Kong Protestors

Until someone use one of those remote vulnerabilities that were used previously to jailbreak phones for malware (I remember one that did the jailbreak with just visiting a web page). We are talking about China here, so if this is some kind of government sponsored attack, they probably already have unreported security bugs at their disposal. It is true that iPhone security has being enhanced with every release, but at the same time code size has increased, so It must be something in ther to do more damage with enough resources

Comment: inum (Score 1) 162

by robmv (#47875897) Attached to: Google Hangouts Gets Google Voice Integration And Free VoIP Calls

Google, stop chaging people that uses inum, those are SIP endpoints so it is wrong to charge money for a connection that is direct between SIP user agents, if not, don't complain about the lack of Net neutrality. You are giving advantage to people on your own IP network (Hangouts users) that those outside that want to communicate with Hangouts users.

Search rates for "International Networks - Voxbone" at their calling rate list

Comment: Re:JAVA (Score 1) 230

by robmv (#47818663) Attached to: Akamai Warns: Linux Systems Infiltrated and Controlled In a DDoS Botnet

Should a Linux kernel privilege scalation bugs be called a C vulnerability? no, those are bugs on code that use a particular language. If you say that the bug was found on the embeeed XML parser or any other library that is part of the Java Runtime, I would say yes, but this time no

Comment: Re:Dump SELinux and systemd, make it easier (Score 1) 232

by robmv (#47769571) Attached to: How Red Hat Can Recapture Developer Interest

SELinux is another leyer of security people should learn. Is it difficult the first time you use it? true, but that doesn't mean it isn't useful.

Every time someone says that SELinux should be disabled, instead of learining how to use it, I remember the days when Windows changed from FAT to NTFS, and people said "disable NTFS, format FAT, filesystem permissions are difficult" :)

Comment: Old attack (Score 4, Insightful) 205

by robmv (#47574549) Attached to: "BadUSB" Exploit Makes Devices Turn "Evil"

This kind of attack is not new, the new part are the examples of generic devices with hacked firmware to do that. This can be solved easily requesting user autorization before activating any USB device type, for example, before telling the system that there is a new USB network device, ask the user for confirmation. The trick is with input devices, where the new device could be replacing a broken one (keyboard or mouse), the confirmation can be done requesting the user to type a code displayed on screen or using the mouse to use a on screen keyboard in order to accept the input device for general usage. The other problem is with devices permanently attached, assume that any attached device at boot time is trusted, If someone replaced your USB device when you weren't present other more awful things couls have been done.

Comment: Re:Cry Me A River (Score 5, Interesting) 608

by robmv (#47414745) Attached to: Normal Humans Effectively Excluded From Developing Software

The Internet was done so well that most people think of it as a natural resource like the Pacific Ocean, rather than something that was man-made. When was the last time a technology with a scale like that was so error-free? The Web, in comparison, is a joke. The Web was done by amateurs

Alan Kay

What the scientists have in their briefcases is terrifying. -- Nikita Khruschev