LichtSpektren - Slashdot User

Submission + - Paper demonstrates feasibility of brute-forcing iPhone 5c passcode (arxiv.org)

Submitted by LichtSpektren on Thursday September 15, 2016 @12:28PM

LichtSpektren writes: A 10-page paper submitted by Dr. Sergei Skorobogatov on September 14 reads:

This paper is a short summary of a real world mirroring attack on the Apple iPhone 5c passcode retry counter under iOS 9. This was achieved by desoldering the NAND Flash chip of a sample phone in order to physically access its connection to the SoC and partially reverse engineering its proprietary bus protocol. The process does not require any expensive and sophisticated equipment. All needed parts are low cost and were obtained from local electronics distributors. By using the described and successful hardware mirroring process it was possible to bypass the limit on passcode retry attempts. This is the first public demonstration of the working prototype and the real hardware mirroring process for iPhone 5c. Although the process can be improved, it is still a successful proof-of-concept project. Knowledge of the possibility of mirroring will definitely help in designing systems with better protection. Also some reliability issues related to the NAND memory allocation in iPhone 5c are revealed. Some future research directions are outlined in this paper and several possible countermeasures are suggested. We show that claims that iPhone 5c NAND mirroring was infeasible were ill-advised.

Bruce Schneier has this to say: "Remember the San Bernardino killer's iPhone, and how the FBI maintained that they couldn't get the encryption key without Apple providing them with a universal backdoor? Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from the phone, extracting the memory, and then running a brute-force attack without worrying about the phone deleting the key. The FBI said it was impossible. We all said they were wrong. Now, Sergei Skorobogatov has proved them wrong."

Submission + - Ubuntu torrent removed from Google due to DMCA complaint (omgubuntu.co.uk)

Submitted by LichtSpektren on Monday September 12, 2016 @10:56AM

LichtSpektren writes: OMG Ubuntu reports: "Cited in a DMCA takedown request filed against Google on behalf of Paramount Pictures, and spotted by TorrentFreak (and tipped to us by reader ~nonanonymous) is an innocuous link to a 32-bit alternate install image Ubuntu 12.04.2 LTS. The takedown request seeks to remove links to a number of torrent URLS that are alleged to infringe on Paramount movie 'Transformers: Age of Extinction'. Ubuntu clearly doesn’t. All it takes is a quick glance at the URL in question to see that. It’s very much a stock iso of an old Ubuntu release. And yet Google has complied with the request and scrubbed the link to the page in question from its search index."

Submission + - OpenBSD 6.0 released (openbsd.org)

Submitted by LichtSpektren on Thursday September 01, 2016 @10:20AM

LichtSpektren writes: Version 6.0 of the free operating system OpenBSD has just been released. This release features much improved hardware and armv7 support, a new tool called proot for building software ports in an isolated chroot environment, W^X is now strictly enforced by default, and removal of official support for Linux emulation, usermount, and systrace. The release announcement can be read here.

Submission + - Firefox 49 for Linux will ship with Netflix support (mozilla.org)

Submitted by LichtSpektren on Monday August 15, 2016 @09:35AM

LichtSpektren writes: Widevine, the media protocol that allows users to watch videos on Netflix, is already supported in Firefox for Windows and macOS. The next release, v. 49, will also ship with support for Linux.

Submission + - Ask Slashdot: Best browser extensions, 2016 edition?

Submitted by LichtSpektren on Friday July 29, 2016 @09:59AM

LichtSpektren writes: Almost eleven years ago, Slashdot featured an Ask titled "Favorite Firefox Extensions?". I thought it might be worthwhile to ask the question again, but expand the query to all web browsers now that there's more choices available.

Right now my main browser is Firefox, which I use with uBlock Origin, Disconnect, HTTPS Everywhere, Privacy Badger, NoScript, Self-Destructing Cookies, Decentraleyes, Privacy Settings, and Clean Links. (N.B. the first four of these are also available in Chromium-based browsers.) I use Chrome as a secondary browser, with the first four of the aforementioned extensions, plus also Clear Cache and occasionally Flashcontrol.

This one has nothing to do with security or privacy, but Reedy on Chromium is a really nice tool for speed reading.

What do you use?

Submission + - Linux desktop passes 2% market share (w3counter.com)

Submitted by LichtSpektren on Friday July 01, 2016 @09:26AM

LichtSpektren writes: W3Counter's stats for June 2016 are in, and Linux desktop accounts for 2.48% of all web visits from tracked websites. (N.B. Android is counted separately from "Linux desktop.")

Submission + - Symantec will acquire Blue Coat Systems for $4.65 billion (helpnetsecurity.com)

Submitted by LichtSpektren on Monday June 13, 2016 @08:23AM

LichtSpektren writes: According to Help Net Security, "Symantec will acquire Blue Coat for approximately $4.65 billion in cash. The transaction has been approved by the Boards of Directors of both companies and is expected to close in the third calendar quarter of 2016. Greg Clark, CEO of Blue Coat, will be appointed CEO of Symantec and join the Symantec Board upon closing of the transaction."

Submission + - Software Freedom Conservancy: Distributing Linux with ZFS is illegal (phoronix.com)

Submitted by LichtSpektren on Thursday February 25, 2016 @02:38PM

LichtSpektren writes: Phoronix reports that Bradley M. Kuhn and Karen M. Sandler at the Software Freedom Conservancy (SFS) have posted a blog post today arguing that Canonical's plan to distribute Ubuntu 16.04 LTS "Xenial Xerus" with support for the ZFS file system violates the Linux kernel's GPLv2 license.

On February 18, Dustin Kirkland at Canonical wrote on his blog: "We at Canonical have conducted a legal review, including discussion with the industry's leading software freedom legal counsel, of the licenses that apply to the Linux kernel and to ZFS. And in doing so, we have concluded that we are acting within the rights granted and in compliance with their terms of both of those licenses...The CDDL cannot apply to the Linux kernel because zfs.ko is a self-contained file system module — the kernel itself is quite obviously not a derivative work of this new file system. And zfs.ko, as a self-contained file system module, is clearly not a derivative work of the Linux kernel but rather quite obviously a derivative work of OpenZFS and OpenSolaris. Equivalent exceptions have existed for many years, for various other stand alone, self-contained, non-GPL kernel modules. Our conclusion is good for Ubuntu users, good for Linux, and good for all of free and open source software."

The SFS's blog post of today states: "We are sympathetic to Canonical's frustration in this desire to easily support more features for their users. However, as set out below, we have concluded that their distribution of zfs.ko violates the GPL."

Submission + - Ubuntu 16.04 LTS to have official support for ZFS file system (dustinkirkland.com)

Submitted by LichtSpektren on Wednesday February 17, 2016 @10:35AM

LichtSpektren writes: Ubuntu developer Dustin Kirkland has posted on his blog that Canonical plans to officially support the ZFS file system for the next Ubuntu LTS release, 16.04 "Xenial Xerus." The file system, which originates in Solaris UNIX, is renowned for its feature set (Kirkland touts "snapshots, copy-on-write cloning, continuous integrity checking against data corruption, automatic repair, efficient data compression") and its stability. "You'll find zfs.ko automatically built and installed on your Ubuntu systems. No more DKMS-built modules!"

N.B. ext4 will still be the default file system due to the unresolved licensing conflict between Linux's GPLv2 and ZFS's CDDL.

Submission + - Canonical reveals the BQ Aquaris M10 Ubuntu Tablet with convergence (omgubuntu.co.uk)

Submitted by LichtSpektren on Thursday February 04, 2016 @12:00PM

LichtSpektren writes: Several tech sites have now broke the news that Canonical has revealed their BQ Aquaris M10 Ubuntu Tablet. Joey-Elijah Sneddon builds the hype:

A stunning 10.1-inch IPS touch display powered a full HD 1920×1200 pixel resolution at 240 ppi. Inside is a 64-bit MediaTek MT8163A 1.5GHz quad-core processor, 2GB of RAM, and 16GB of internal memory. A micro SD memory card is included, adding storage expansion of up to 64GB. Furthermore, the converged slate includes an 8-megapixel rear camera with autofocus and dual LED flash (and capable of recording in full 1080p), plus a front facing 3-megapixel camera for video chats, vlogs and selfies. Front facing Dolby Atmos speakers will provide a superior sound experience during movie playback. The M10 measure 246mm x 171mm x 8.2mm, weighs just 470 grams — lighter than the Apple iPad Air — and has a 7280 mAh battery to give up to 10 hours of use.

... Tablet mode offers a side stage for running two apps side-by-side, plus a full range of legacy desktop applications, mobile apps and scopes. LibreOffice, Mozilla Firefox, The GIMP and Gedit are among a ‘curated collection of legacy apps’ to ship pre-installed on the tablet. It will also be possible for developers and enthusiasts to install virtually any ARM compatible app available on Ubuntu using the familiar ‘apt-get‘ command.

A photo gallery can also be seen on his website here. The price is not yet announced, but the Android version of the same tablet is currently on sale for €229.

Submission + - "Get Windows 10" turns itself on and nags Win7 and 8.1 users twice a day (infoworld.com)

Submitted by LichtSpektren on Monday January 11, 2016 @10:38AM

LichtSpektren writes: As you may recall, Microsoft has delivered KB3035583 as 'recommended update' to users of Windows 7 and 8.1. What this update does is install GWX ("Get Windows 10"), a program which diagnoses the system to see if it is eligible for a free upgrade to Windows 10, and if so, asks the user if they would like to upgrade (though recently, the option to decline has been removed). Some users have gotten around this by editing Windows Registry values for "AllowOSUpgrade", "DisableOSUpgrade", "DisableGWX", and "ReservationsAllowed" in order to disable the prompt altogether. This advice was endorsed by Microsoft on their support forums.

According to a report by Woody Leonhard at InfoWorld, the newest version of KB3035583 update includes a background process which scans the system's Windows Registry twice a day to see if the values for the four aforementioned registry inputs were manually edited to disable the upgrade prompt. If they were, the process will alter the values, silently re-download the Windows 10 installation files (about 6 GB in total), and prompt the user to upgrade.

Submission + - BlackBerry to release more Android phones in 2016, but no new BB10 devices (cnet.com)

Submitted by LichtSpektren on Thursday January 07, 2016 @04:02PM

LichtSpektren writes: BlackBerry Ltd. launched its first Android smartphone in October 2015, the BlackBerry Priv. CEO John Chen has commented "so far, so good" on the Priv's sales, two months in. Also in the same month, the BlackBerry developers' blog posted that there are no plans to make enhancements to BlackBerry OS 10 except for privacy and security updates.

Now CNET is reporting that BlackBerry will release "one or two" new Android phones in 2016, but nothing with BB10.

Submission + - Microsoft to resume its aggressive push of Windows 10 to machines with Win7, 8.1 (computerworld.com)

Submitted by LichtSpektren on Monday December 07, 2015 @11:23AM

LichtSpektren writes: After previously apologizing on October 16th (see here: http://tech.slashdot.org/story...) for forcing Windows 10 on some users of Windows 7 and 8.1 via the Windows Update mechanism, Microsoft disabled by default the update option for Windows 10, so that users eligible for the OS update would have to manually opt in. Gregg Keizer at ComputerWorld reports today that Microsoft will switch the default option back to "on" again starting tomorrow, December 8th. Users who do not want Windows 10 are strongly advised to turn off automatic updating to avoid accidentally installing the OS.

Submission + - Google Chrome 47 released (blogspot.ca)

Submitted by LichtSpektren on Wednesday December 02, 2015 @10:47AM

LichtSpektren writes: Google Chrome version 47 is now available for download. This release features 41 security fixes, very tiny UI changes (except for the built-in PDF viewer, which was redone entirely), and the removal of the desktop notification center. The iOS version has added new keyboard shortcuts and support for 3D touch.

Submission + - Tim Cook: Apple won't create 'converged' MacBook and iPad (independent.ie)

Submitted by LichtSpektren on Monday November 16, 2015 @10:12AM

LichtSpektren writes: In an interview with Independent.ie, Apple CEO Tim Cook has stated that Apple is currently not looking to create an iPad that runs Mac OS X.

“We feel strongly that customers are not really looking for a converged Mac and iPad, because what that would wind up doing, or what we’re worried would happen, is that neither experience would be as good as the customer wants. So we want to make the best tablet in the world and the best Mac in the world. And putting those two together would not achieve either. You’d begin to compromise in different ways.”

Cook also commented that he does not travel with a Mac anymore, only his iPad Pro and iPhone.

Slashdot Top Deals