Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Gold plating on a dump truck (Score 1) 228

Dyson's true discoveries are to find people predilected to believe silly things and spend lots of money on fads. He claims his vacuum cleaners produce more "suction". The vacuum of any air-moving machine is limited by the natural air pressure, not by a fancy impeller design. It's like making an empty bottle more "empty". My grandma's Kirby from the 1950s produced just as much "suction" as a Dyson, and it had a metal housing that you could hit with a cannonball with no dent.

Now Dyson would have us believe that he has done what no one else in any company has been able to do for 50 years with the hairdryer. What he does with it is akin to putting gold-plating on a dump truck. The non-plated version does the same job for a whole lot less.

Comment Re:Capacitive doesn't work when wet: resistive doe (Score 1) 68

I'd be curious to know what kind of water that guy used. Distilled water is actually not very conductive. Salt water is. The phone might not work as well in something other than culinary water.

The fact that Galaxy S7 Edge worked at all underwater is impressive! The guy was able to swipe the screen with his finger, but I don't think it worked every time. I'd be interested in seeing a single-press test, and seeing if the phone can accurately locate the finger (XY) on the screen. Swiping is one thing, but if you can't press the visual buttons on the display, you're phone won't work under water.

Comment Capacitive doesn't work when wet: resistive does (Score 1) 68

Capacitive touchscreens work great ... until they get wet. With the recent push by Samsung into the water-resistive phone/tablet market, I imagine we'll be seeing an Android device that works entirely underwater within 12 months. Imagine taking your phone into the surf or the pool. It's coming!

Comment Re:This is not how the world works (Score 1) 434

No matter how "properly" you wash your hands with soap, you're never going to eliminate the population of germs on them. Germs grow exponentially: unless you get all of them, you're only delaying the infection. Soap reduces their number, leaving your immune system time to react.

If you want to eliminate the germs, you have to sanitize the surface completely. Restaurants use bleaches for that purpose; hospitals have their own methods (heat, steam, chemicals, etc.) Soap is only a surfactant, removing oils, not a sanitizer.

Comment Dyson dodges the issue... (Score 1) 434

So Dyson says: "Independent research shows that before they even reach the washroom, paper towels can contain large communities of culturable bacteria."

Yes, but those bacteria aren't likely to cause disease in humans. As I understand it, infectious viruses don't survive for long periods of time on dry surfaces, like paper towels. If one person having a cold or the flu uses a Dyson dryer, he aerosolizes the virus into tiny droplets hanging about in the air and splashing about on the doorknob. That's where the infection of the next visitor happens.

Comment Re:No hacking required... (Score 1) 286

I'm assuming that the function that produces the key used by the decrypter is well-known or is obtainable through experimentation (on other instances of the same model of phone). Even if Apple was using AES, it could still vary the function in non-cryptographically significant ways to obfuscate what it was doing (add a constant to the key, XOR particular bits, etc.) Provided that function is in hand, the set of 256-bit keys isn't numbered 2^256, but the number of likely/possible passwords. Where the password is a 4-digit PIN, that is a set comprised of 10,000 elements, which is trivial to brute-force.

Comment Re:No hacking required... (Score 1) 286

Yes ... and now that I think about it, it would make more sense to place that into EEPROM, because there would already be that kind of memory on the SoC part (or perhaps something close by) that would hold the firmware. To convert EEPROM to PROM, all the designer would need to do is prevent the erasing voltage from reaching the memory bits. That's as simple as leaving out the path from the charge pump (or whatever is used) to the UID memory cell. I have no idea whether an EEPROM can be read without turning the circuit on. There may be no color change (in an optical/UV/XRay wavelength) to pick up on with the state change of a bit. Bummer.

An SEM must be a fun toy to fiddle with ... a lot more fun than the microscopes in Biology class.

Comment Re:No hacking required... (Score 1) 286

Your article is well-thought out. I would wonder, though, if the UID could be read with a simple optical microscope. Presumably the UID is written to a memory cell on the SoC using links that open (like a fuse) when a high current is passed through (like the old PROM memories used to). Those links wouldn't be embedded in layers of silicon: the opening of the link would heat up and perhaps emit material that would need to be dissipated. (The link would look like this ===-=== or this === === if open.) If such a cell is on the top, then its links are exposed and can be observed. If one didn't know the pattern used for that cell, then one could use the procedure you suggest on separate phones to deduce what it is. If one could get to that point, then one could read the UID on the target phone without modifying the SoC part (but the 'lid' would still have to come off). That makes the procedure I'm thinking about much more viable.

Comment Re:No hacking required... (Score 1) 286


Those unique keys are probably recorded at the time of manufacture and saved to a DB (against the serial number of the phone or board). Apple complained about modifying their firmware to put in a backdoor bypassing the PIN entry procedure. I don't think they complained about handing over that CPU key when subpoenaed, or perhaps merely upon a request by the FBI. If the attacker knows the encryption function used by the NV memory controller, then they should be able to emulate that too.

For an attack using an emulated PIN entry, I would wonder how fast that could be done: I'd expect the software would filter out touches less than 10ms or so. (The touchscreen scan rate would have a period around that.) Using a single phone, I'd imagine you'd wind up with less than 10 potential key tries per second. Add to that the time needed to reset the emulated NAND, whatever that is, every 5 attempts or so. I think your procedure would work for a short numeric pin (with 10 possible characters, sequence length 5 or less), but more than that would seem impractical to me.

Comment Re:No hacking required... (Score 1) 286

You'd have a point, if it were possible to use all combinations of a 256-bit key. It's not, however, Chances are the key is an alphanumeric sequence, less than 8 characters long (most users don't have the patience to do more than that, and most websites don't require more.) That gets you down to the neighborhood of 50^8=3.9 x 10^13, which is far less than 2^256. But they probably don't even need to do that: the password is likely a short phrase out of the Quorran or a close variation on the name of a friend or relative. They might even analyze the wear pattern on the touch screen to find likely members of the password set. I'm sure they've already realized which sets to look at to bring this down to the neighborhood of 10^10 likely combinations, which in your example would yield a solution in less than 10 iterations per GPU. Assuming they have a likely-passphrase-generator that operates using the equivalent work as the decrypting engine, 20000 GPUs operating at 100 attempts per second would take 10^(10-4-2)=10,000 seconds, or about seven days. Brute-force seems very do-able to me.

Comment No hacking required... (Score 1) 286

I'm sure all they're doing is taking the plastic off of the NV memory part, attaching a probe, and reading out what's there. Those dies are tested that way at the factory: there will be lands on there for a probe. The government can buy a few phones of the same model for experimentation to get it right, then read out the contents of the NV memory of the phone they care about.

Once they have those contents, it's just a matter of brute-force decrypting whatever is in the personal/confidential files. Remember it is the files that are encrypted, not the memory itself. All that is needed is enough processing power to run through all the likely password combinations until they get something that looks like it was humanly input. It's not that difficult if you have the phone in your possession and a supercomputer cluster at your disposal.

Comment Re:"stand-your-ground law(s) ... increase gun deat (Score 1) 819

"Being somewhere they are not supposed to be is not, nor should it ever be, a valid reason to murder them."

Actually, it is if being there constitutes a felony (like a burglar entering your house, for example.) I should mention that "murder" is an unlawful killing: killing in self-defense isn't murder.

Comment Gun control isn't becoming more popular (Score 1) 819

"At one time, the US Constitution said it was legal for one human being to own another."

Which right was abolished by the 13th Amendment in 1865. The people decided long ago that slavery wasn't a good thing. They decided gun control (likely as proposed by this study) wasn't a good thing even earlier than that with the 2nd Amendment. The opinion of the populace doesn't seem to be moving in the direction of the promoters of restricting guns....

Slashdot Top Deals

You are always doing something marginal when the boss drops by your desk.