Until someone use one of those remote vulnerabilities that were used previously to jailbreak phones for malware (I remember one that did the jailbreak with just visiting a web page). We are talking about China here, so if this is some kind of government sponsored attack, they probably already have unreported security bugs at their disposal. It is true that iPhone security has being enhanced with every release, but at the same time code size has increased, so It must be something in ther to do more damage with enough resources
Because firmware updates become difficult, instead of binary differences between releases, you need a full fledged package manager and dependecy resolution to update the phone
Yahoo has something to tell you about their $250,000 per day fine if they didn't accept PRISM
The skype bug was not a skype bug, but one on some qualcomm camera driver that locked up using a lot of CPU, It had nothing to do with Android multitasking APIs
Google, stop chaging people that uses inum, those are SIP endpoints so it is wrong to charge money for a connection that is direct between SIP user agents, if not, don't complain about the lack of Net neutrality. You are giving advantage to people on your own IP network (Hangouts users) that those outside that want to communicate with Hangouts users.
Search rates for "International Networks - Voxbone" at their calling rate list
If I am out of my home for a night I should be able to use my watch the next day until I get home, without the need to carry another charger with me, 3 days Is something I want as a minimum
One of them, logind Manage user sessions with all the tools used with server processes. I for one welcome this.
Should a Linux kernel privilege scalation bugs be called a C vulnerability? no, those are bugs on code that use a particular language. If you say that the bug was found on the embeeed XML parser or any other library that is part of the Java Runtime, I would say yes, but this time no
The default is:
1. Allow User MITM (pinning not enforced if the trust anchor is a user inserted CA, default)
So CAs inserted by the corporate networks will be allowed, only verified for CAs shipped by Mozilla
I wish more people were sued to use a Linux distro
SELinux is another leyer of security people should learn. Is it difficult the first time you use it? true, but that doesn't mean it isn't useful.
Every time someone says that SELinux should be disabled, instead of learining how to use it, I remember the days when Windows changed from FAT to NTFS, and people said "disable NTFS, format FAT, filesystem permissions are difficult"
For once we beat Debian packaging then
# yum list java-1.8.0-openjdk
Loaded plugins: langpacks, refresh-packagekit, remove-with-leaves, show-leaves
Input this code I show you on screen with this virtual keyboard, and the OS filter everu other input event from that device that is not targeted to that keyboard, validate the input and accept or reject the device, annoying I know, but not impossible to protect
This kind of attack is not new, the new part are the examples of generic devices with hacked firmware to do that. This can be solved easily requesting user autorization before activating any USB device type, for example, before telling the system that there is a new USB network device, ask the user for confirmation. The trick is with input devices, where the new device could be replacing a broken one (keyboard or mouse), the confirmation can be done requesting the user to type a code displayed on screen or using the mouse to use a on screen keyboard in order to accept the input device for general usage. The other problem is with devices permanently attached, assume that any attached device at boot time is trusted, If someone replaced your USB device when you weren't present other more awful things couls have been done.
The Internet was done so well that most people think of it as a natural resource like the Pacific Ocean, rather than something that was man-made. When was the last time a technology with a scale like that was so error-free? The Web, in comparison, is a joke. The Web was done by amateurs