Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: I don't think so... (Score 2) 59

...except my cable modem does not share storage with my PC. On the other hand, the baseband and Android system (not to mention the device-specific efs/imei stuff and the user data stuff) are all located on the same emmc on many devices. (Hence the ability to "flash a new radio")

Could the baseband access or change data on the Android partitions or the efs data? I'm not sure, but the articles suggest to me that they could.

Also, my cable modem doesn't share memory with my PC either: ....the application processor (with Android e.g.) and the baseband processor can share memory, so that an attack and takeover of the baseband stack offers the possibility to attack Android.

The baseband may have a separate CPU from Android, but it could access peripherals, sensors, etc. As an example:

The baseband processor (and thus REX OS) has direct access to the phoneâ(TM)s hardware (speakers, microphones), and also seemingly the ability to write to the same memory as the SoC (or application processor).

That's bad.

Also, unlike your cable modem analogy, which communicates to your router via a known network protocol, the baseband communicates with Android in most cases via the involvement of closed-source, mysterious "binary blobs".

So I guess if your cable modem were fused to your computer, sharing a hard drive, with direct access to its memory and peripherals, and communicating to your computer via a mysterious unauditable binary, then maybe your analogy would hold up.

Comment: Re:Let me guess (Score 2, Interesting) 59

I know this is the second, uh, let's-just-say-"story" about Blackphone in four days, but I think it should be noted that the stolen Gemalto keys may have included "OTA keys" that can be used for over-the-air SIM card upgrades:

Access to these encryption keys do not give governmental agencies only the power to monitor cellular communications, including calls and data, but they also come with additional perks, such as the power of instructing a device to install specific programs.

Spyware could be installed on the SIM card itself, and then it could be used to install additional spy apps on a phone without the user's knowledge, or to retrieve data from it.

From the Verge story:

Manufacturers can send a binary text message directly to the SIM card, and as long as it's signed with the proper OTA key, the card will install the attached software without question. If those keys were compromised, it would give an attacker carte blanche to install all manner of spyware.

So apparently it does matter.

Comment: Lawrence Kasdan gets only a quick mention? (Score 3, Insightful) 422

by VValdo (#48888225) Attached to: Disney Turned Down George Lucas's Star Wars Scripts

I don't understand. A hundred comments and you're the only one I see who even mentions, let's alone puts due faith in co-writer Lawrence Kasdan.

Kasdan co-wrote "The Empire Strikes Back", co-wrote a movie called "Raiders of the Lost Ark", and wrote other, ehem, minor movies like "The Big Chill", and "The Bodyguard" and "Silverado".

He's co-writing this thing.

Comment: But- but- (Score 1) 291

by VValdo (#48209649) Attached to: Will Fiber-To-the-Home Create a New Digital Divide?

The maximum speed a DOCSYS modem can achieve is 171/122 Mbit/s (using four channels), just a fraction the 273 Gbit/s (per channel) already reached on fiber.

According to this page, the DOCSYS 3.0 ARRIS/Motorola SB6183 and Netgear C6300 can handle 300 Mbit/s.

The SB6183 uses 6 download & 4 upload channels.

+ - OpenStack Was Denied Non-Profit Status->

Submitted by WebMink
WebMink (258041) writes "Seems no-one noticed back in May, but it's not just Yorba that has fallen foul of the changing outlook of the IRS concerning open source foundations. The huge OpenStack Foundation has also been denied non-profit status by the IRS. They had applied for 501(c)(6) (trade association) status like Eclipse and Linux Foundation before them, so this is all the more surprising. Has the IRS decided the expected philanthropy of open source is being gamed by corporate abusers?"
Link to Original Source

+ - Open Source Initiative, Free Software Foundation unite against software patents->

Submitted by WebMink
WebMink (258041) writes "In rare joint move, the OSI and FSF have joined with Eben Moglen's Software Freedom Law Center to file a U.S. Supreme Court briefing in the CLS vs Alice case. The brief asserts the basic arguments that processes are not patentable if they are implemented solely through computer software, and that the best test for whether a software-implemented invention is solely implemented through software is whether special apparatus or the transformation of matter have been presented as part of the claims (the "machine or transformation" test). They assert that finding software-only inventions unpatentable will not imperil the pace of software innovation, citing the overwhelming success of open source in the software industry as proof."
Link to Original Source

+ - Will Nokia Turn Smartphone Troll?->

Submitted by WebMink
WebMink (258041) writes "While the focus of the news of Microsoft's acquisition of Nokia's devices businesses is the future of Microsoft as an Apple clone, there's another story too. What will become Nokia? Microsoft has left them with all the device & smartphone patents, plus a huge pile of cash to spend. Nokia is already aggressive with patents, but with no smartphones to sell (and thus no target for counter-suits) they have every incentive to follow the trail of others (like Kodak) before them and become a massive mobile troll."
Link to Original Source

+ - Shuttleworth Agrees To FSF Demands For Edge Phone->

Submitted by WebMink
WebMink (258041) writes "In an interview at OSCON, Mark Shuttleworth of Canonical spoke about the vision behind the Ubuntu Edge phone as a concept device to test features the mobile industry is too conservative to try. Notably, he agreed with the Free Software Foundation's demands that the device should carry no proprietary software and have Free drivers (transcript):

So what’s going to be in there? That’s all going to be free software?
Yes, we’ll ship this with Android and Ubuntu, no plans to put proprietary applications on it. We haven’t finalised the silicon selection so we’re looking at the next generation silicon from all major vendors. I would like to ship it with all Free drivers.

"

Link to Original Source

+ - Github Finally Agrees Public Repos Should Have Open Source Licenses-> 2

Submitted by WebMink
WebMink (258041) writes "After strong criticism last year, Github has finally accepted the view that public repositories with no open source license are a bad thing. Self-described as the "world's largest open source community," a significant number of GitHub projects come with no rights whatsoever for you to use their code in an open source project.

But from now on, creators of new repositories will have to pick from a small selection of OSI-approved licenses or explicitly opt for "no license". In Github's words, "please note that opting out of open source licenses doesn't mean you're opting out of copyright law.""

Link to Original Source

Never worry about theory as long as the machinery does what it's supposed to do. -- R. A. Heinlein

Working...