Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Vault 7 (Score 2) 82

Except there isn't a DLL hijacking vulnerability at all. The CIA "issue" is that on an already-compromised computer, an administrator-privileged attacker can replace a Notepad++ DLL with one that does something else.

Notepad++ itself cannot do anything to protect itself from being hijacked in such a way.

Comment This is idiotic. (Score 1, Insightful) 82

From the Notepad++ page (and even the Slashdot summary): "Note that once usersâ(TM) PCs are compromised, the hackers can do anything on the PCs."

Repeat after me: If my computer is compromised, there's nothing that any individual app on the system can do to protect itself from being hijacked.

There's nothing to see here.

Comment What are you getting? Support. (Score 2) 183

What am I getting for 3x the price?

You are getting a phone that won't be immediately abandoned, like most other Android phones. You are paying for the support contract.

What does one get out of a support contract? Security updates. Sure, you can save money on a cheaper phone. Just make sure that you factor in the cost of a potential device compromise due to lacking security updates.

Comment Re:That's not what I'm seeing here, image posted (Score 1) 38

I am viewing that setting through the process you described. It's well-known that Uber pushed out the change to remove the "while using" option at the beginning of December. https://www.eff.org/deeplinks/...

I'd say that you should consider yourself lucky to be the outlier. How you got there, I have no idea...

Comment Re:Anyone have any more info? (Score 1) 147

It's remotely exploitable with no user interaction if the web admin stuff is exposed to the internet. If the remote web admin is not enabled, then it's exploitable as the result of a user on the network viewing a malicious or compromised website.

Changing the IP address or subnet of your router will only stop the laziest/inept of attackers.

Comment 24 Hours? (Score 1) 97

What's the point of mentioning deceptive measures of time like this? It's not like this person started from scratch, decided to jailbreak an iPhone 7, and then 24 hours later was done.

The individual likely had an iOS jailbreak, which likely chained together a number of vulnerabilities and took some undisclosed amount of time to develop, and then tweaked / confirmed it on the new hardware. The 24-hour specification means nothing.

Slashdot Top Deals

Intel CPUs are not defective, they just act that way. -- Henry Spencer

Working...