Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:Your shitty product kills jobs? (Score 5, Informative) 153

Yeah and not limited to insecure transmissions to foreign servers, embedded stock passwords and keys too. If you check out his other reviews, he actually outs them on another product. For example:

Morjava®MJ-SmallK Intelligent Smart Wifi Plug Socket Wireless Switch Timer Wifi Socket Wifi Smart US Plug for iPhone iPad Android Smartphone APP
https://www.amazon.com/dp/B01F...

"The ugly:

Oh this is all pretty terrible. To start: the security on this device is a joke. The communication between the app and the device is encrypted with AES, but the encryption key is the same for all devices and is contained within the app - it's "fdsl;mewrjope456fds4fbvfnjwaugfo". This means that it's easy to decrypt any traffic you can see other people send, and also easy to encrypt your own commands. This isn't too much of a problem on your local network (the majority of smart devices will allow anybody on your wifi to control them), but it's awful when it comes to the cloud interface. By default, anyone in the world can send a command to the plug and it'll just perform it. That means anyone can just turn your plugs on and off, and also set the timer. You can avoid the worst of this by setting a password in the app, but there's no sort of rate limiting on the queries so if someone has identified your plug it won't take too long for them to crack your password.

But wait! There's more!

It runs ssh by default and has a default root password (" p9z34c"), so anyone on your network can log into it and run whatever they want on it. Anyone who can see your network traffic can decrypt the commands and extract the password, so don't use the app on any untrusted networks. It downloads app updates and plug firmware updates over http and doesn't do signature validation, so anyone can man in the middle you and get you to flash backdoored firmware onto your plug."

Needless to say, a big thank you to Mr. Garrett for exposing these issues. This is the kind of thing I might buy on a whim and certainly don't have time to figure out what level of security these things are operating at. He's performing a much needed public service.

Comment Google vs Facebook, etc. (Score 5, Interesting) 114

I may be naive and eventually end up with egg on my face but here goes. In today's world we all know the horse has left the gate wrt privacy. It seems the issue now isn't who's collecting the data, it's what happens to your data after it's been scooped up. And what keeps the data from escaping comes down to the question of how that data is being exploited for generating revenue.

Google gets a lot of flack around here but if you follow the money, they have a pretty good incentive to do whatever it takes to keep the tracking data high-quality and most definitely in-house. Mainly because they own the search market and the better the ad targeting, the more protected Alphabet's revenue stream is.

Apple is obviously dependent on hardware sales so not much needs to be said about that. Plus they really don't want bad PR from data escaping.

So let's compare that to the other 800lb gorilla(s). I don't see any reason why Facebook, Pinterest, etc. wouldn't incorporate outright sale of their tracking data to third parties (if they don't ship it out the back door already). Sure, they're dependent on ad/affiliate revenue too but with one other important difference. Google has an (effective) search monopoly where data exposure would stir up a hornet's nest of legal issues directly or indirectly.

Facebook has little to lose since their product (users) don't seem to care what happens to their data as long as they can post their cat pictures. And they've built a Terms of Use that guarantees they own every aspect of the data (https://en.wikipedia.org/wiki/Criticism_of_Facebook#Terms_of_Use_controversy). Not to mention there's not been much talk of anyone caring about a company holding a monopoly in the social network sphere. It's a 'meh' issue when compared to search market share.

So what's keeping Facebook from transforming more of their revenue stream from ad sales to data sales down the road? Especially with the ad controversies that were swirling around (https://youtu.be/oVfHeWTKjag)? Following the money...not much?

P.S. - s/tailer/tailor

Submission + - Maverick scientist thinks he has discovered a magnetic sixth sense in humans (sciencemag.org)

sciencehabit writes: It is now widely accepted that many animals sense Earth’s magnetic field and use it for navigation, and researchers are getting ever closer to the cellular foundations of magnetoreception. But what about humans? Researchers in Tokyo and Pasadena, California, think they have found glimmers of a vestigial sense. Screening out electromagnetic noise, and applying weak magnetic fields on human subjects in a dark, metal box, the researchers think they have found brain waves that signal a passive response to the fields.

Submission + - Mark Zuckerberg covers his Laptop Camera by putting Tape over it.

rtoz writes: Facebook CEO Mark Zuckerberg posted a photo to his personal Facebook, to celebrate Instagram’s growth to 500 million monthly users.
Many people in Social Media noticed his laptop on the desk. They observed that his computer’s webcam and microphone jack are covered by putting a Tape over them.
Some people questioned about how can we decide that this is his desk? But the question was answered by referring a video released by Marzk Zuckerberg few months back. In that video he was showing this desk and his books on that desk.

Desk in this new photo is matching with that one. So, obviously it should be Mark zuckerberg's laptop.

Submission + - SPAM: Tesla Extends Losses After SolarCity Deal Announcement

tradeonetwo writes: Early news on the Tesla’s bid for SolarCity hit a negative tone, calling the deal a significant change to Tesla’s business model that could hinder its attempt to boost production of its fully-electric vehicles.

Tesla made an unexpected offer to acquire solar energy company SolarCity in a stock amounting to approximately $2.8 billion. Musk is chairman of SolarCity, which is run by his cousins.

Link to Original Source

Submission + - California's last nuclear power plant to close in 2025 (engadget.com)

mdsolar writes: California's nuclear-powered dream has an expiration date. The state's utility conglomerate Pacific Gas and Electric (PG&E) announced yesterday that they will close the last remaining nuclear plants by 2025. They'll replace the output with renewable energy and better efficiency in other stations. But, barring any changes to the moratorium on new plants, it's likely the end for atomic power in the Golden State.

The plant closures were negotiated with environmentalists and labor unions, but unique state policies sealed their fates, PG&E's CEO Anthony Earley told Scientific American. Specifically, SB 350 passed last year raised the state's minimum energy needed to come from renewables to 50 percent. Despite PG&E's requests, the bill left nuclear energy out of the sources it considers "renewable." This, combined with the bill's doubling of mandated energy efficiency, along with the rise of homegrown electricity, contributed to their decision to close the plants.

The moratorium on building new nuclear plants only exists until California finds a permanent solution for existing radioactive waste, but that's another hurdle that doesn't exist for renewable energy sources. Environmentalists believe this agreement could be a template for other states to shutter nuclear or fossil-fuel plants and replace them with renewable energy sources

Submission + - Google Fiber To Acquire Gigabit Internet Provider Webpass (techcrunch.com)

An anonymous reader writes: Google Fiber has announced a deal to acquire high-speed internet service provider Webpass. Webpass is a 13-year-old company that provides high-speed internet, including gigabit service, for businesses and residential customers across parts of the U.S.. Webpass is most widely known in California, with service running in San Fransisco, Oakland, Emeryville, Berkeley and San Diego. It also has service in Miami, Miami Beach, Coral Gables, Chicago, and Boston. The President of Webpass, Charles Barr, said in a blog post: "Joining Google Fiber will be a great development for our users because the companies share the same vision of the future and commitment to the customer," he said. "Google Fiber's resources will enable Webpass to grow faster and reach many more customers than we could as a standalone company." The acquisition should help Google Fiber with its plans to grow to more than 20 U.S. cities in the near future, helping connect to business and residential markets.

Submission + - Computer Simulations Point To The Source of Gravitational Waves (theverge.com)

An anonymous reader writes: On February 11th, scientists at the LIGO observatory made history when they announced the detection of the first gravitational waves. A new study says the gravitational waves likely came from two massive suns that formed about 12 billion years ago, or two billion years after the Big Bang. The researcher's calculations have been published today in the journal Nature, and were determined by running a complex simulation called the Synthetic Universe: a computer model that simulates how the Universe may have evolved since the start of the Big Bang. The simulation even includes a synthetic LIGO detector to determine the types of objects that the observatory would detect over time. The Synthetic Universe can also make predictions as it includes a mock-LIGO to chronologically sync when we detected the waves. If the model is correct, we should see LIGO pick up to 60 detections when it begins its next observation run this fall. It could hear up to 1,000 detections annually at its peak sensitivity. The lead study author Chris Belczynski speculates specifically the size of black hole mergers that the LIGO should be able to detect from gravitational waves, a combined mass between 20 and 80 times the mass of our sun, indicating that they're likely from soon after the Big Bang when stars had lower metal content and formed proportionately larger black holes. His model suggests that the ones that collided to make these gravitational waves were stars that formed 12 billion years ago, became black holes 5 million years later, and then merged 10.3 billion years after that.

Slashdot Top Deals

Nothing will ever be attempted if all possible objections must be first overcome. -- Dr. Johnson

Working...