Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Samsung's reputation... (Score 1) 122

...is not so good. Such an app store is more likely to abuse developers than Apple or Google (who themselves are no angels).

...Some Samsung executives saw a path for boosting profits by boldly and illegally fixing prices with competitors in some of their top businesses... competitors secretly got together in what they called “Glass Meetings” at hotels and resorts around the world... Samsung was fined $32 million in the U.S., $21.5 million in South Korea, and $197 million by the European Commission.

..but by 2006 the L.C.D. jig was up. Rumors began circulating among the conspirators that one of the victims of their crime—a company they referred to by the code name NYer—suspected that the suppliers were rigging prices. And Samsung executives presumably feared that NYer could spark a criminal investigation by the U.S. government; after all, NYer—in reality Apple Inc.—was pretty powerful. Samsung ran to the Justice Department under an anti-trust leniency program and ratted out its co-conspirators. But that didn’t lessen the pain much—the company was still forced to pay hundreds of millions of dollars to settle claims against it by state attorneys general and direct purchasers of L.C.D.’s.

...The decision to fess up to the L.C.D. scheme may not have been driven just by Apple’s suspicions. Samsung was already in law enforcement’s sights: sometime earlier a co-conspirator in another criminal price-fixing conspiracy had given up Samsung. That scheme, beginning in 1999, involved Samsung’s huge business for dynamic random-access memory, or DRAM, which is used in computer memories. In 2005, after it was caught, Samsung agreed to pay $300 million in fines to the U.S. government. Six of its executives pleaded guilty and agreed to serve sentences of 7 to 14 months in American prisons.

Kim Yong-chul, who made his name as a star prosecutor in South Korea before joining Samsung, blew the whistle on what he said was massive corruption at the company. He accused senior executives of engaging in bribery, money-laundering, evidence tampering, stealing as much as $9 billion, and other crimes.

In January 2008, government investigators raided the home and office of Lee Kun-hee, the chairman of Samsung, who was subsequently convicted of dodging some $37 million in taxes. He was given a three-year suspended sentence and ordered to pay $89 million in fines. A year and a half later, South Korean president Lee Myung-bak pardoned Lee.

...a Korean lawmaker claimed that Samsung had once offered her a golf bag stuffed with cash, and a former presidential aide said the company had given him a cash gift of $5,400, which he returned.

Comment In addition (Score 1) 63

  • - Google should be shipping the master kernel for all platforms, without carrier ability to block. Like RedHat, they should allow 3rd-party drivers by backporting patches into a kernel under long-term-support. All components of the master kernel should be in AOSP. This should have started with JellyBean.
  • - Android Webview is now updated from Play. This should also include Stagefright, OpenSSL/libcrypto/libssl, and libc.a. Everything in /system/lib that is NOT updated by the store should have an independent security audit to assure that it's appropriate to burn into rom.
  • - The default cipher settings for all applications should now default to the proposed-TLS 1.3 symmetric cipher set, and allow only AEAD aes/gcm and chacha/poly, with everything else denied (allow the user to open TLS1.1 ciphers with extensive warnings).
  • - Mediaserver/libstagefright must be reconfigured to chroot(/var/empty) and setuid(nobody) with open file descriptors on the media. Android's Zygote launches these components as root - this should never have happened.
  • - Android *just* enabled -D_FORTIFY_SOURCE in the last 6 months. Seriously? All available code audits and runtime code/stack protection tools should be applied yesterday.

    ...

    Android is critical communications infrastructure, and it should act like it.

Comment RedHat patches (Score 1) 23

RedHat released backported Dirty Cow patches for the 2.6.18 kernel in EL5 last Friday.

Why isn't Google using a RedHat kernel in Android, and applying the backported updates to /boot and /system, around OEM drivers?

Why is the kernel "untouchable" by Google on non-Nexus devices? It didn't have to be this way. RedHat certainly makes kernel updates work with 3rd-party drivers. Oracle ksplice can even apply them without a reboot.

Comment Samsung: lying is business. Business is good. (Score 1) 98

http://www.cultofmac.com/254695/for-samsung-stealing-cheating-and-lying-are-business-as-usual/

"Samsung was recently fined $340,000 by Taiwan’s Fair Trade Commission (FTC) for astro-turfing — hiring people to post fake comments supporting Samsung in online forums... The fine came in the wake of reports that Samsung was caught cheating on benchmark tests, then lying about it. In the most recent case, the Samsung Galaxy Note 2 looked for the presence of any benchmarking program and when it detected one, kicked into a special, high-power CPU mode in order to enable the phone to lie to [said] benchmarking programs. After this was proved beyond any doubt, Samsung lied about it and said they didn’t do it despite incontrovertible evidence to the contrary. The company was also fined recently by Taiwan’s FTC for lying in ads about smartphone features. This recurring pattern of stealing, cheating and lying by Samsung is creepy because they must know they’ll get caught and publicly called out. Yet they continue to do it."

Comment Lawsuits and Bribes for the Galaxy Grenade (Score 1) 98

Does "bending over backwards" include lawsuits and bribes?

A YouTube video of a GTA gamer using the phone as a bomb has been pulled due to a copyright complaint by Samsung — which given that Samsung doesn’t own the game or the modification makes rather little sense... According to some reports, Samsung tried to bribe one man to keep quiet after his phone began spewing smoke and melting in front of him. So perhaps it’s no surprise the company is trying to keep a lid on the fallout from the recall once these videos began circulating.

Comment And while you're at it... (Score 1) 98

  • - Unlock all/my bootloader.
  • - Include sd-card slots on all models.
  • - Restore/clear the Knox bit when factory firmware is loaded.
  • I'm going to have to save photos from a European trip on a smashed Galaxy Active in the near future. I would not be doing this if there was an sd-card. I am sorely upset that I will need a guitar pick and a new digitizer, and I am saying unkind things about the Galaxy Grenade line peddled by Samsung. These phones should not be sold.

Comment Sure that will work. (Score 1) 67

Technical reviews of Samsung phones are now of (yet another) walled-garden that is horribly tended due to the vendor neglect of Android.

If Samsung relents, and allows their remarkably poor-quality code to be wiped, then technical reviews immediately improve. With market opinion eventually come sales.

This also involves Samsung growing a backbone against Verizon. That will never happen, so the stock price will continue to tank. More explosions might accelerate the effect.

Comment batteries (Score 1) 67

  • - Users certainly care about batteries at the end of the service life, and would rather not purchase a new phone because of the failure of a $10 component. The more expensive the phone, the more frustration when this point is reached.
  • - Users also certainly care about photos or other media on a damaged phone, the extraction of which is greatly complicated by the lack of an SD-Card.

Comment Dear Samsung: (Score 2, Insightful) 67

If you want to (re)attain market leadership in phone sales, then you must:

  • - Unlock all of your bootloaders,
  • - Implement removable batteries in all future designs,
  • - Likewise include SD-Card slots,
  • - Configure Knox alarms to be cleared when your stock firmware is reloaded with Odin.

If you do not do these things, then your days of market leadership are over, and they will not return.

Warmest regards from your user community.

Comment Google, what are you smoking? (Score 1) 173

Let's pick on Android's media player. Previous commentary from Jean-Baptiste Kempf, VideoLAN President and Lead VLC Developer:

Don't start me on Stagefright and Mediaserver, I could rant for 2 or 3 hours non-stop! Seriously, the code over there is crap, and has insane concepts, like aborting the whole mediaserver (and all related media decoding of all other applications running at the same time), when it parses a file with attributes it does not know, instead of skipping the file. We discovered some issues in Stagefright (busy loops, device reboots, mediaserver crashes) quite early, but we never thought about submitting them. As for your second question, a media player cannot be secure, you MUST keep it with the minimum privileges possible. But VLC is a good program to include in an Android device, since it reads a lot of formats.

The Android Zygote process links in Stagefright, and runs as root. Stagefright should be running in a chroot() as an unprivileged user.

THIS DESIGN CAN NEVER BE SECURE.

Comment SIT trust (Score 1) 97

The PSTN/POTS trust design is likely older than both of us combined.

Fortunately, autodialers also must trust "Special Information Tones" (SIT) that announce a disconnected number. I put this SIT tone on my voicemail.

Because I ported my longtime landline number, "Rachel from card services" was leaving me messages several times per day. With my SIT tone trick, she is now long gone. I really don't miss her.

Slashdot Top Deals

"If truth is beauty, how come no one has their hair done in the library?" -- Lily Tomlin

Working...