|
RISCy Business posted:https://arstechnica.com/gadgets/2017/11/oneplus-engineering-apk-exposes-backdoor-to-root-access/
|
# ? Nov 14, 2017 21:41 |
|
|
# ? May 15, 2024 02:09 |
|
anthonypants posted:the oneplus is particularly bad, since it was known to transmit your device's imei, phone number, and other personally-identifiable information earlier this year more like onepiss!!!!!
|
# ? Nov 15, 2017 01:39 |
|
RISCy Business posted:more like onepiss!!!!! one plus one equals don't buy one!
|
# ? Nov 15, 2017 02:04 |
|
https://twitter.com/ric_cole/status/930381423814594560
|
# ? Nov 15, 2017 03:45 |
|
in the thread: https://twitter.com/zippyman818/status/930571284181897216 whoops
|
# ? Nov 15, 2017 03:49 |
|
is SM a russian facebook or instagram or something
|
# ? Nov 15, 2017 03:57 |
|
well the geotagged map has a vk icon, which is russian facebook. i just assumed SM meant social media
|
# ? Nov 15, 2017 04:00 |
|
i'm probably going to end up buying a pixel 2 before this day ends. how bad is this for an android phone? i had a nexus 5 until the power button killed itself
|
# ? Nov 15, 2017 05:36 |
|
Acer Pilot posted:i'm probably going to end up buying a pixel 2 before this day ends. how bad is this for an android phone? i had a nexus 5 until the power button killed itself the pixel 2s are good as hell and the people who are going to tell you otherwise are the kinds of idiots who cried when steve jobs died of terminal stupidity
|
# ? Nov 15, 2017 05:51 |
|
i see that it has a fingerprint scanner. i'm guessing it doesn't do that 5 presses disables the scanner thing that iphones do?
|
# ? Nov 15, 2017 06:10 |
|
fishmech posted:the pixel 2s are good as hell and the people who are going to tell you otherwise are the kinds of idiots who cried when steve jobs died of terminal stupidity agreeing with this as someone who isnt fishmech i have a pixel 2xl and my gf has a pixel 2, both are very needs suiting edit: why is this in the security thread
|
# ? Nov 15, 2017 06:45 |
|
Acer Pilot posted:i see that it has a fingerprint scanner. i'm guessing it doesn't do that 5 presses disables the scanner thing that iphones do? No, sadly. That's not in Android yet, to my knowledge.
|
# ? Nov 15, 2017 07:01 |
|
ratbert90 posted:one plus one equals don't buy one! they call it the one plus one because when you see it you turn two degrees and walk away
|
# ? Nov 15, 2017 08:12 |
ate all the Oreos posted:they call it the one plus one because when you see it you turn two degrees and walk away *two degrees of freedom
|
|
# ? Nov 15, 2017 08:21 |
|
I've made a few blog posts and a few talks in the past about the issues of JSON badly specifying duplicate keys. This can lead to two services taking on a role or username in different ways based on how they process them. It turns out there's been an RCE in CouchDB and possibly npm itself by lifting that ability: https://justi.cz/security/2017/11/14/couchdb-rce-npm.html
|
# ? Nov 15, 2017 13:31 |
|
https://twitter.com/adrjeffries/status/930784132682174464 Safe™©®Graph
|
# ? Nov 15, 2017 15:42 |
|
oh good finally a concrete reason to keep location services off on my phone unless i need it
|
# ? Nov 15, 2017 15:46 |
|
your carrier is probably selling tower triangulation data as a subscription service anyway
|
# ? Nov 15, 2017 15:48 |
|
ate all the Oreos posted:oh good finally a concrete reason to keep location services off on my phone unless i need it use iOS which rats out things abusing background location services because Steve cares about your privacy
|
# ? Nov 15, 2017 15:48 |
|
BangersInMyKnickers posted:use iOS which rats out things abusing background location services because Steve cares about your privacy is that the case for 1st-party apps too? I don't see the background location indicator running generally, but it knows where I am to offer traffic timing when I get in my car
|
# ? Nov 15, 2017 15:49 |
|
BangersInMyKnickers posted:use iOS which rats out things abusing background location services because Steve cares about your privacy i wasn't even thinking third party apps i was thinking google/apple reselling the data that they collect but ok Subjunctive posted:your carrier is probably selling tower triangulation data as a subscription service anyway yeah i figure something like this goes on too, i can pretend like I'm making a difference though
|
# ? Nov 15, 2017 15:53 |
|
You can't even delete your location history with Google if you accidentally turn it on
|
# ? Nov 15, 2017 16:13 |
|
Subjunctive posted:is that the case for 1st-party apps too? I don't see the background location indicator running generally, but it knows where I am to offer traffic timing when I get in my car apple knows everything but at least they aren't in the business of selling it
|
# ? Nov 15, 2017 16:15 |
|
sadus posted:You can't even delete your location history with Google if you accidentally turn it on Maps > Your Timeline > Pick a day and click the trashcan OR click on the settings gear in the lower right and delete everything. tbf, it wasn't obvious where the delete all option was tucked away.
|
# ? Nov 15, 2017 16:22 |
|
Subjunctive posted:is that the case for 1st-party apps too? I don't see the background location indicator running generally, but it knows where I am to offer traffic timing when I get in my car those are hidden but you can flip a switch to show all location access, just the system services crowd it so much the icon becomes meaningless. mostly thats the fault of reminders checking to see if you set a location for a geofence and the timezone setting of all things, which had a history of getting stuck early on and draining the battery privacy > location > system services > alllllll the way at the bottom - status bar icon you can clear frequent locations here and also stop things like location ads so the app store doesnt recommend what people download or use in the area actually that is funny sometimes so maybe dont if you like seeing the terrible things people at malls and the office enjoy
|
# ? Nov 15, 2017 17:30 |
|
tfw siri decides you live at a bar downtown and tells you how long it will take you to get "home"
|
# ? Nov 15, 2017 17:34 |
|
infernal machines posted:tfw siri decides you live at a bar downtown and tells you how long it will take you to get "home"
|
# ? Nov 15, 2017 17:51 |
|
vendors.txt 🤡 https://twitter.com/ian_infosec/status/930559338091110400
|
# ? Nov 15, 2017 18:28 |
|
research shows helmets encourage dangerous biking ipso facto encryption is bad CHECKMATE APPLE
|
# ? Nov 15, 2017 18:56 |
|
Perplx posted:apple knows everything but at least they aren't in the business of selling it Apple also takes pretty great pains to only ever store data in a non reversibly anonymized format.
|
# ? Nov 15, 2017 19:32 |
cis autodrag posted:Apple also takes pretty great pains to only ever store data in a non reversibly anonymized format. i think i saw some papers that its not as good as they paint it
|
|
# ? Nov 15, 2017 19:33 |
|
cis autodrag posted:Apple also takes pretty great pains to only ever store data in a non reversibly anonymized format. and to do it all client side in the first place when possible, this is now a banner feature of their big announcements they also talk a lot about differential privacy (basically mathematical methods for making it harder to disaggregate data)
|
# ? Nov 15, 2017 19:34 |
|
anthonypants fucked around with this message at 23:27 on Nov 15, 2017 |
# ? Nov 15, 2017 19:35 |
|
infernal machines posted:tfw siri decides you live at a bar downtown and tells you how long it will take you to get "home"
|
# ? Nov 15, 2017 19:36 |
|
infernal machines posted:tfw siri decides you live at a bar downtown and tells you how long it will take you to get "home" Google has done the same thing to me. I work from home, so it decided my house is "Work". If I leave my house after 5 PM there's about a 50/50 shot I'm going to a bar a few blocks away, so it I'm guessing that's what got their systems thinking it must be home.
|
# ? Nov 15, 2017 19:44 |
|
A little late to the party, but
|
# ? Nov 15, 2017 19:46 |
|
wolrah posted:Google has done the same thing to me. I work from home, so it decided my house is "Work". If I leave my house after 5 PM there's about a 50/50 shot I'm going to a bar a few blocks away, so it I'm guessing that's what got their systems thinking it must be home. Drinkshaming
|
# ? Nov 15, 2017 19:47 |
|
https://www.youtube.com/watch?v=dUMH6DVYskc
|
# ? Nov 15, 2017 23:22 |
|
lmao
|
# ? Nov 15, 2017 23:27 |
|
|
# ? May 15, 2024 02:09 |
|
wolrah posted:Google has done the same thing to me. I work from home, so it decided my house is "Work". If I leave my house after 5 PM there's about a 50/50 shot I'm going to a bar a few blocks away, so it I'm guessing that's what got their systems thinking it must be home. Yeah, same for me.
|
# ? Nov 16, 2017 00:00 |