Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment 24 Hours? (Score 1) 97

What's the point of mentioning deceptive measures of time like this? It's not like this person started from scratch, decided to jailbreak an iPhone 7, and then 24 hours later was done.

The individual likely had an iOS jailbreak, which likely chained together a number of vulnerabilities and took some undisclosed amount of time to develop, and then tweaked / confirmed it on the new hardware. The 24-hour specification means nothing.

Comment Covert communications, eh? Where to even start... (Score 1) 91

This article has enough completely-wrong aspects that exempts it from the concept of "not even wrong" I suppose.

1) The watch does not engage in covert traffic. It's the pairing app for the watch that a user installs on a phone that does the communication.

2) What on earth does the redundant phrase "covert communications behind the users' back" even mean? Have you looked at network traffic when *any* application has been launched? If you think that any app talking on the internet without explicitly asking the user first counts as "covert communications", then I think you can label just about all of the software out there (esp. in the mobile space) as engaging in "covert communications."

3) The phrase "random IP address" used by the speaker is slang meant to convey that he didn't know what it is. In this case, it's a system referred to by its IP rather than its DNS name. So rather than looking up who owns the IP address, he says it's "random" and shrugs.

4) To give up and say that it's "very difficult to determine" what is being sent over the network because it's over an encrypted channel is ridiculous. For all we know, it's just talking to the software vendor via HTTPS. In which case it would be trivial to inspect by using MITM.

I'm not saying that there's nothing sketchy going on here. But to provide zero evidence of what's actually happening and just speculate and spread FUD is irresponsible.

Comment VideoCrypt (Score 1) 49

As always, it wasn't the crypto which was broken -- just the lousy method it was applied.

Where on earth did the information to back up this difficult-to-parse statement come from? The video was encoded with VideoCrypt. VideoCrypt, which was released in 1989, has a number of ways that it can be attacked. Including brute force, which was used here in the form of the Antisky app (from 1994).

Comment Disable flash on the OS level (Score 1) 102

Yet another example of why Flash should be uninstalled at the OS level. For example, on Windows this means removing the Flash ActiveX control. If you ever encounter a web page that needs Flash (they're becoming less and less common), just open it in Chrome, which you have configured to use Flash as click-to play.

Comment Voice recognition? (Score 1) 49

OK, this is the sort of question that could be answered by RTFA, however when it's a 40-minute long video, I don't feel as bad.

When configuring Siri for voice activation, you go through some steps that give the impression that it's tuning the activation for your specific pattern of speech. Which presumably is to prevent false activation when somebody next to you is using the feature on their phone.

Assuming this is actually happening, would that prevent this sort of attack?

Comment This article is ridiculous (Score 3, Interesting) 279

Phones are different than computers, yet people still try to apply the computer mentality to it. You don't just buy a smartphone and sit back and use it until it breaks. Unlike Windows XP, your smartphone OS has a very limited window in which it will receive security and other software updates. For iPhones, it seems to be a few years. For Android, it is worse and generally always less than two years. For some of the discount Android phones on discount carriers, the phone may have been abandoned before you even made the purchase!

In what world do you buy a smartphone and use it for the rest of your life? An upgrade plan that includes Apple Care "bad for most"? Hint to the author: You can't extrapolate your personal opinion to apply to the rest of the world.

Slashdot Top Deals

When we write programs that "learn", it turns out we do and they don't.

Working...