Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Android? (Score 4, Informative) 405

I think it depends on the OEM. There are factors such as whether the device storage is encrypted by default, whether the bootloader is locked by default, what kind of security hardware is available on the SoC and whether it is used, whether exploits are patched, whether there is a continuing roll out for discovered exploits, whether updates are automatically installed w/o authentication, whether the baseband contains known exploits and attack vectors (cough), etc.

So there's no one answer because there's no one Android device and many phone OEMs (and the manufacturers of the underlying hardware platform) may be implementing security to different degrees. Though many of these considerations do have google guidelines and policies in place, some of which may be enforceable via google compatibility tests, there is a wide spectrum of what you can expect from Android generally speaking I think.

You might look to Google's policies and recommendations, and more importantly their Nexus devices themselves as models for what they consider best practices to be. Then there is blackphone and other distros that have security as their primary focus, so they may be good to consider as well.

Submission + - T-Mobile CEO: "Who the fuck are you anyway, EFF?"

An anonymous reader writes: After T-Mobile's opt-out "Binge On" was revealed as across-the-board throttling of all video downloads, the CEO of T-Mobile, John Legere, held a Twitter Q&A to calm the outrage and to redefine "throttling" so he could deny doing it. In answering a question from the EFF, he added "who the fuck are you anyway, EFF"? Things went downhill from there and partners are now at least one video company is dropping out of Binge On (but is still getting throttled)

Comment Well, if it weren't for snowden... (Score 5, Insightful) 204

The logic of authoritarians:

Thanks to Snowden's revelations, terrorists started using unbreakable encryption!!!!!!!

Right. Except they didn't.

That was pre-Snowden. Terrorists didn't know about encryption before that.

Right again. Except they did.

So, you see-- Snowden has "blood on his hands" for making terrorists aware of encryption, which they knew about for decades, so they could use it, which they didn't. And thank goodness for that, because if they had used encryption, the attacks might have been successful, which they were.

Got it.

Comment Re:Let me get this right.... (Score 5, Informative) 372

This sounds like the comments of someone obviously blind to the realities of stepping into a hostile crowd alone.

Yes, there is an escalating war against the police. In fact, with one shooting per week in 2015, it is a very dangerous time to be a.. toddler? (checks link) Wow.

In America, more preschoolers are shot dead each year (82 in 2013) than police officers are in the line of duty (27 in 2013), according to figures from the Centers for Disease Control and Prevention and the FBI.

                        --- sketchy source

Well, c'mon, that was back in 2013, before the "Ferguson Effect." What are the more recent statistics--oh...

2015 may be one of the safest years for law enforcement in a quarter century.

So how are these "realities" you speak of any different now than before the new "video scrutiny"?

Comment You can see the long-term picture. (Score 2) 177

It happens like this:

(1) Companies write TPP and other laws to indemnify themselves and resist modifications to their buggy routers.

(2) FCC makes the problem worse by effectively requiring DRM on routers.

(3) incidence of serious hacks skyrockets as people are unable to update their routers and other network-enabled devices.

(4) legislators react to spike in online crime/tragedies not by undoing (1)-(3) but with "get tough" anti-"hacking" laws that chill research and throw people in jail for minor transgressions, research, clock-building, vulnerability disclosure, security tools, or a anything not understood that politicians and aggressive prosecutors could perceive as "hacking".

(5) The problem gets MUCH MUCH worse as a result. Bright minds are tossed into jail, open research is chilled, and online crime continues to skyrocket.

(6) GOTO 4.

Submission + - Hot new WIFI microcontroller module under $5 Arduino programmable ( 5

An anonymous reader writes: Vibrant maker community rallies around this new Internet of Things chip and builds a huge collection of resources on the official Community Forum for this IC.

32 bit Xtensa architecture processor
12 I/O pins
modules from 512KB to 4096KB
WIFI b/g/n
Arduino IDE support

What I find truly amazing is when I search SLASHDOT I come up with zero ESP8266 results.... how was this missed???

Comment I don't think so... (Score 2) 59

...except my cable modem does not share storage with my PC. On the other hand, the baseband and Android system (not to mention the device-specific efs/imei stuff and the user data stuff) are all located on the same emmc on many devices. (Hence the ability to "flash a new radio")

Could the baseband access or change data on the Android partitions or the efs data? I'm not sure, but the articles suggest to me that they could.

Also, my cable modem doesn't share memory with my PC either: ....the application processor (with Android e.g.) and the baseband processor can share memory, so that an attack and takeover of the baseband stack offers the possibility to attack Android.

The baseband may have a separate CPU from Android, but it could access peripherals, sensors, etc. As an example:

The baseband processor (and thus REX OS) has direct access to the phoneâ(TM)s hardware (speakers, microphones), and also seemingly the ability to write to the same memory as the SoC (or application processor).

That's bad.

Also, unlike your cable modem analogy, which communicates to your router via a known network protocol, the baseband communicates with Android in most cases via the involvement of closed-source, mysterious "binary blobs".

So I guess if your cable modem were fused to your computer, sharing a hard drive, with direct access to its memory and peripherals, and communicating to your computer via a mysterious unauditable binary, then maybe your analogy would hold up.

Slashdot Top Deals

"Right now I feel that I've got my feet on the ground as far as my head is concerned." -- Baseball pitcher Bo Belinsky