×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Schneier: Break Up the NSA

StealthHunter oh sure, that's exactly what we need. (324 comments)

more fragmentation in the government. Taxes will go up and there will be more agencies with various NSA-like powers.

about 2 months ago
top

Is Ruby Dying?

StealthHunter yes. (400 comments)

yes.

about 4 months ago
top

Ask Slashdot: Why Buy a Raspberry Pi When I Have a Perfectly Good Cellphone?

StealthHunter Depends on use-case (273 comments)

If your use-case is "leave attached to my TV" then a Pi makes a lot of sense. If you want to have a resilient case, be portable, have a small screen attached, etc, then maybe a phone makes more sense.

about a year ago
top

Nikon Agrees to Pay Microsoft "Android Tax" on Smart Cameras

StealthHunter This is getting (has gotten?) out of control (3 comments)

Let the companies innovate to make money, sitting on patents is getting ridiculous. Especially when the patent is awarded for something like (move your finger from left to right across a touch screen in order to effect some action"

The right solution is to award patents only for real innovation (for some definition of innovation) AND to arm the patent office with capable people that can actually understand what they are reviewing (which comes with the added cost of paying these competent people). Neither of these are likely to happen, so how do we go about fixing the situation?

about a year ago
top

Samsung Smartphones Vulnerable To Remote Wipe Hack

StealthHunter This not a samsung bug, and it's already fixed (151 comments)

The dialer no longer allows special characters that are part or USSD codes. see patch:
https://android.googlesource.com/platform/packages/apps/Contacts/+/39948dc7e34dc2041b801058dada28fedb80c388%5E!/#F0

now, everyone can still rant about how long it will take for owners to receive an updated version of Android (if ever).

and before anyone starts the iOS vs Android bantering. No, iOS does not have this particular flaw:
"Specifically, if a URL contains the * or # characters, the Phone application does not attempt to dial the corresponding phone number."
https://developer.apple.com/library/ios/#featuredarticles/iPhoneURLScheme_Reference/Articles/PhoneLinks.html

about a year ago
top

Erm, we have root. - Mark Shuttleworth

StealthHunter so? (2 comments)

"you have root, you can change it" is not an excuse for putting crap into a distribution.

about a year and a half ago
top

Raspberry Pi For the Rest of Us

StealthHunter Its easy to get working; ships (relatively) fast (170 comments)

I ordered my Pi from Element14 on Aug 14th and it shipped on Aug 28th. I don't know what you are doing wrong such that you haven't received yours yet.

Once my Pi arrived, I downloaded an SD card image, wrote it to a card using dd, added power to the Pi and everything worked straight away. The parts that took the most effort were retrieving my spare cell phone charger and finding an HDMI cable to connect it to my TV.

Where is all the hate coming from?

about a year and a half ago
top

Unauthorized iOS Apps Leak Private Data Less Than Approved Ones

StealthHunter android gets a bad rap (179 comments)

sure lookout and company find malware, google removes it, etc the android alternative markets can have loads of malware (percentage wise). but at least we are fairly aware of what's going on. the apple ecosystem is still a big black box where the nastiness is ignored and unknown. even the notion that apps are vetted is completely misleading - as shown by charlie miller in syscan. apple doesn't even release stats like what the market distribution is among the different iOS devices.

more than 2 years ago
top

China Now Top Patent Filer

StealthHunter of course numbers are up (135 comments)

companies are winning lawsuits on "clicking a phone number in an email in order to dial the number" and "switching to an app while on the phone." companies would be mad not to try to patent every tiny user interface action, technical revision, bugfix, etc. regardless of prior art or novelty. prediction, 2012 will be even bigger!!!

more than 2 years ago
top

Gaining a Remote Shell On Android

StealthHunter This isn't even close to new (124 comments)

Woah, if you install an app, it can do stuff! Presentations (Defcon 18), numerous student thesis and a number of academic papers do nearly (or exactly) this. (agreed that apps w/o INTERNET permission probably shouldn't be able to leverage the browser, etc, but again, not new or newsworthy)

more than 2 years ago
top

Apple Wins Injunction Banning Import of HTC Devices

StealthHunter when a win is barely a win (314 comments)

HTC gave Android Central the following statement (updated 6:20 EST): We are gratified that the Commission affirmed the judge’s initial determination on the ‘721 and ‘983 patents, and reversed its decision on the ‘263 patent and partially on the ‘647 patent. We are very pleased with the determination and we respect it. However, the ‘647 patent is a small UI experience and HTC will completely remove it from all of our phones soon.

more than 2 years ago
top

Cisco Products Have Backdoors

StealthHunter Re:You can't trust ANYONE. (555 comments)

Search google for "Reflections on Trusting Trust" it's a great ACM award speach by Ken Thompson about this very topic. try here

about 10 years ago

Submissions

top

Where do you host open source projects (for non-developer users)?

StealthHunter StealthHunter writes  |  about 2 months ago

StealthHunter (597677) writes "I know that github is popular as is Google code, but where do you host open source projects when your primary user base just wants to read webpages and download software? As in, the average person that doesn't want to figure out how to use svn or navigate wiki pages. Google code used to have "downloads" but those have recently been abandoned and github's norm is an awkward "tarball commit" for releases. Is SourceForge really the only option?"
top

Do you ever wonder where video game characters go when they die?

StealthHunter StealthHunter writes  |  about 4 months ago

StealthHunter (597677) writes "Recycled into another game! At least temporarily. That is the basis of continue?9876543210

"You are a dead, failed video game character wandering the recesses of the Random Access Memory, trying to find peace in the final moments of your existence before being deleted forever...."

This game is full of objects and scenarios that have deeper meanings. Can you identify the system bus, the creation of null pointers in the vimeo trailer?

Yes, it runs on Linux (and OSX, IOS, and Windows)."

Link to Original Source
top

Browser user-agent triggered backdoor found in D-Link home routers

StealthHunter StealthHunter writes  |  about 6 months ago

StealthHunter (597677) writes "It turned out that just by setting a browsers user-agent to "xmlset_roodkcableoj28840ybtide" anyone can remotely bypass all authentication on D-Link routers. It seems that thttpd was modified by Alphanetworks who inserted the backdoor. Unfortunately, vulnerable routers can be easily identified by services like shodanHQ. At least these models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240."
Link to Original Source
top

QR code phishing study demonstrates viability of the attack - users ARE curious!

StealthHunter StealthHunter writes  |  1 year,29 days

StealthHunter (597677) writes "QR codes are starting to appear everywhere. The 2D barcode is an easy way to get unauthenticated data into a smartphone, and many apps automatically visit URLs found in QR codes without allowing the user to see the URL first. We attempt to teach users not to click on links, but what about QR codes? A new study shows that people scan QR codes primarily out of curiosity, and that the devices used to scan are unpatched against the latest exploits leaving users fundamentally unprotected.

The work from Carnegie Mellon will be presented at the Workshop on Usable Security in Japan next week. The data collection period strangely correlates with news and Slashdot posts observing such an attack."

Link to Original Source
top

Study says users (at least a set that thinks about security) prefer Android

StealthHunter StealthHunter writes  |  1 year,29 days

StealthHunter (597677) writes "The survey, conducted by av-comparatives, asked 5000 users questions about browsers, mobile OS, etc. "The survey also asked about preferred mobile operating systems and preferred browsers. Android took 51 percent of mobile users, Symbian 17 percent, and iOS/Apple 17 percent. The report notes that the dominance of Android means it will remain the biggest target for malware."

This survey doesn't quite match recent market-share numbers by Neilson which shows 52% Android, 34% iOS, and 8% BlackBerry."

Link to Original Source
top

Breakthrough silicon scanning discovers hardware backdoor in military ASIC chip

StealthHunter StealthHunter writes  |  about a year and a half ago

StealthHunter (597677) writes "Cambridge researchers found a hardware backdoor after discovering additional functionality in the JTAG (hardware debugging / programming) interface. While such attacks have been theorized, this is thought to be the first real-world instance. The vulnerable product is the Actel ProASIC3, and, since the backdoor is in the hardware, there is no patch other than to physically replace the chip."
Link to Original Source
top

Linux update that looks like a redacted CIA doc

StealthHunter StealthHunter writes  |  more than 2 years ago

StealthHunter (597677) writes "When did updates start looking like recently unclassified and fully redacted documents? This recent update to the Fedora distribution leaves quite a bit to the imagination to the reader. Security folks may advise "apply security patches in a timely manner" while others may go a step further and say "read about what the patch does and consider the impact to the system before applying it." What is somebody supposed to do with this patch? Fav part: (See also _______)"
Link to Original Source
top

Android SDK updates, GoogleTV Market on the way

StealthHunter StealthHunter writes  |  more than 2 years ago

StealthHunter (597677) writes "In a note to registered Developers Google reannounced Android Market is coming to Google TV. "With the update coming later this summer, we want to give you the tools to start building now using theGoogle TV add-on for the Android SDK." After a Honeycomb update (pending) "the add-on will let you emulate Google TV and build apps using the standard Android SDK tools. We're also releasing APIs for TV interaction. Currently, Google TV emulation is supported on Linux with KVM only."
Link to Original Source
top

SANS sends readers to .ch site for US scholarships

StealthHunter StealthHunter writes  |  about 4 years ago

StealthHunter (597677) writes "sans suggests sending folks to www.uscc.org in order to get info on cyber security talents and help get an inside track on the coolest jobs in cyber space, the funny part is that www.uscc.org directs browsers to uscc.ch!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Do you know any college kids who are good at cyber security and go to
school in New York, Delaware, or California? If yes they can get an all
expenses paid scholarship to cyber camps this summer that could give
them an inside track to the coolest jobs in the coolest places in cyber
security. Send them to www.uscc.org. That's also where you will find
data on how cyber-security-talented high school kids all over the
country can qualify for full four year college scholarships (with summer
internships).

                                                                        Alan"

Link to Original Source

Journals

StealthHunter has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...