Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment grass "roots" effort to stop this (Score 1) 198

I think if consumers were aware they had more options, this wouldn't happen. I would like to see some consumer friendly web sites that let people know what options are available for each model phone and carrier in terms of controlling apps and bloat. I find it very frustrating Verizon has a bunch of stuff bundled on my phone that I can't un-install, but I'm not sure what my options are if I want to take matters into my own hands?

Comment Re:WebRTC (Score 1) 237

Not for ever - they are working on a method of doing bridge-based WebRTC which is nevertheless end-to-end secure - see https://datatracker.ietf.org/w... . AIUI, the way it works is that it established point-to-point encrypted tunnels between the endpoints for key distribution so the bridge isn't able to decrypt the data even if it wanted to, and yet, you don't need N->N transmission of streams.

Gerv

Comment Re:Bad permission naming (Score 1) 109

>And privacy is already hard enough without naming permissions "full account access" when it does not include full access to an account, rather than to a certain subset of the account.

Assuming "full access" means "all access" is not a mistake.

It's probably a good idea to assume the worst in situations like this.

The fact that "full" wasn't "all" and people assumed otherwise, may result in better protection of peoples privacy and personal information.

Comment Re:What is this? (Score 1) 109

There's more substance to the article than there is inaccuracy. It may be true that the app doesn't have access to a person's gmail account, but the privacy policy makes it clear users should have no actual sense of "privacy" for the data that is collected:

“We may disclose any information about you (or your authorized child) that is in our possession or control to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate”

On top of that all versions of the app request access to a person's contact database, which does contain a tremendous amount of information that is totally not relevant to game play, including e-mail addresses of everybody in a person's contact database. In this manner, even if you don't play the game, if someone does who has your personal info in their contact list, then your privacy has been compromised as well.

Submission + - SPAM: Qualcomm To Manufacture Custom Chips For Chinese Market

An anonymous reader writes: Qualcomm president Derek Aberle has suggested that the semiconductor giant is preparing to produce its own custom chips for the Chinese market. Aberle revealed that the American company had entered into a joint venture with the local government in Guizhou province to manufacture custom chips starting in the second half of 2016. According to Aberle, the Guizhou government owns 55% of the venture, while Qualcomm owns the remaining 45%.

Aberle told the Wall Street Journal that he expects China’s server demand to dwarf that of the U.S. He said of the government-backed venture: “This is really going to be the primary vehicle from which we build our data center business in China We are actually trying to create the company that is going to be able to win the market here as opposed to just licensing old technology.”

Submission + - First attempt to deploy inflatable habitat on space station is a no-go (gizmag.com)

Eloking writes: The first attempt to inflate the Bigelow Expandable Activity Module (BEAM) attached to the International Space Station (ISS) ended in failure today as astronauts and engineers assess the situation. At 6:10 am EDT, NASA astronaut Jeff Williams partially inflated the experimental habitat module docked to the station's' Tranquility module in what should have been 45-minute operation, but despite several hours of work, the balloon-like fabric only expanded a few inches instead of the planned several feet.

Submission + - FBI Raids Dental Software Researcher Who Found Patient Records On Public Server

blottsie writes: Yet another security researcher is facing possible prosecution under the CFAA for accessing data on a publicly accessible server. The FBI on Tuesday raided Texas-based dental software security researcher Justin Shafer, who found the protected health records of 22,000 patients stored on an anonymous FTP.

“This is a troubling development. I hope the government doesn't think that accessing unsecured files on a public FTP server counts as an unauthorized access under the CFAA,” Orin Kerr, a George Washington University law professor and CFAA scholar told the Daily Dot. “If that turns out to be the government's theory—which we don't know yet, as we only have the warrant so far—it will be a significant overreach that raises the same issues as were briefed but not resolved in [Andrew 'weev' Auernheimer's] case. I'll be watching this closely.”

Submission + - HP 12c, Thirty-Five Years of The Calculator that Never Dies

dkatana writes: Two revolutionary computer products were born in 1981: the IBM PC, that brought computing to the masses, now a museum piece, and the HP 12c, a financial calculator that has been one of the most successful products of our generation.

The HP 12c was designed by a team led by Dennis Harms, a former Iowa farm boy, under orders of Bill Hewlett. Now, thirty-five years later, it is still selling in its original form and is used by over 100 million people worldwide.

Submission + - "SandJacking" Attack Allows Install of Evil iOS Apps (securityweek.com)

wiredmikey writes: An unpatched iOS vulnerability can be exploited to replace legitimate applications with a rogue version that allows attackers to access sensitive information without raising any suspicion.

While Apple's iOS 8.3 prevents the installation of an app that has an ID similar to an existing one, security researcher Chilik Tamir discovered a new method, which he dubbed “SandJacking."

Tamir demonstrated the SandJacking attack at the Hack In The Box (HITB) conference in Amsterdam on Thursday using Skype as the targeted application. However, the researcher told SecurityWeek that SandJacking attacks have been successfully tested against numerous popular applications.

The vulnerability was discovered in December 2015 and reported to Apple in January. The tech giant has confirmed the issue, but a patch has yet to be developed. Once Apple addresses the flaw, Tamir says he will release a SandJacker tool that automates the entire process of pushing malicious apps to iOS devices via the SandJacking vulnerability.

Slashdot Top Deals

It is difficult to soar with the eagles when you work with turkeys.

Working...