Comment Random things sticking out of the wall? (Score 1) 21
Damn, that place is cluttered.
It's like they only built the Jefferies tube and forgot the rest of the starship!
/greger
Damn, that place is cluttered.
It's like they only built the Jefferies tube and forgot the rest of the starship!
/greger
I'd go even further and call it the Visual Basic of CMSes.
It's a playground for amateurs, and I'm amazed every time I see a well known business or organisation using it.
WordPress quickly degenerates into a mess of plugins and crappy hacks to do any remotely useful content management outside of a banal blog.
- greger
Them aliens sure hacked Slashdot good!
Sometimes I think the editors intentionally posts dupes just to rile people up. This article was a hilariously good choice.
- greger
I guess I'll just have to wait for the YouTube Director's Cut.
- greger
What?!
Entierly shot on an iPhone and there is no VV syndrome? I don't believe it!
https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3F...
- greger
I thought commonly used TrustZone firmwares do have revocation/rollback protection but the OEMs doesn't use it when upgrading the OS. E.g. they bundle a new Widevine version in the update but they don't actually revoke old vulnerable ones.
As explored in depth by Google's Project Zero here:
https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fgoogleprojectzero.blog...
Or is this a real bypass that allows installing a revoked trustlet? The article was light on details.
/ greger47
Opera Mini is Webcore, not Presto
No, Opera Mini uses both.
With data savings set to extreme it runs everything through Opera servers that run Presto. This is the traditional Mini mode that has been around since the beginning.
With data savings set to high it will indeed use WebView on the phone. This is a rather new feature introduced last year. The traffic is still directed through Opera servers, now using the "Opera Turbo" mode from Opera's desktop browser and the Opera for Android mobile browser.
/greger
I ny case the OEM driver is simply stupid.
I have a Lenovo laptop with 3 buttons next to the touchpad. I prefer using the center button as just button 3, same as clicking the mouse wheel. The default simple mouse driver included in Windows works just like this.
However Windows 10 will detect that there is an "enhanced" Lenovo provided Synaptics driver and insist on installing that. This driver changes the center button to some "scroll" mode, hold the button and swipe the touchpad and it will send scroll events. This behaviour is not configurable.
To add extra insult to injury the touchpad is perfectly capable of 2-finger multitouch scrolling. The center button scroll mode is some leftover mouse-wheel emulation crap from 10 years ago before multitouch touchpads where common. It's totally not needed.
If I uninstall the "enhanced" driver Windows 10 will forcibly reinstall it for me in the evening. Gee thanks!
Nowadays I run Fedora on the laptop.
- greger
Gruzen envisions a future in which EV owners can send autonomous cars to charging stations remotely, a future that would only be possible with wireless charging stations.
This dude and his garage begs to differ http://www.theverge.com/2016/6....
GM if anyone would have the engineering resources to put together a reliable and automatic physical charging connection.
/greger
I expected Elliot to be elite enough to be part of the top site scene, grabbing his warez of choice through chained ftp-bouncers. All while enjoying free leech thanks to services rendered like writing up a couple of SecuROM and C-Dilla unpackers on the side of his regular network intrusion schtick.
The thought of him crawling in the BitTorrent muck with us regular plebs just makes me sad.
/greger
Neither does a RFID tag.
/greger
But who teaches the AI the meaning of the commentaries?
/greger
Yea you are right, that sounds like a plausible way to do it.
A notification will still show up, but the app will probably have time to launch it's malicious payload using a broadcast receiver or such before the user has a chance to do anything about it.
/greger
It is also notable in that it is a single clean exploit that does not require multiple chained vulnerabilities to work, the researchers say.
I have a hard time believing that. On Android V8 and the rest of the layout engine run in a restricted sandbox service that has no permissions to install apps.
In addition to exploiting V8 they must be using a separate privilege escalation in the Android userspace or Linux kernel to install the APK, especially if there is no interaction needed like accepting the standard install dialog.
I'm sure curious to hear the real story when Google releases a fix.
/greger
Work expands to fill the time available. -- Cyril Northcote Parkinson, "The Economist", 1955