|
truer words basically nobody talks to us at the office christmas party, which is squarely in "features aren't bugs" territory but still
|
#
?
Mar 21, 2019 13:30
|
|
|
|
| # ? May 20, 2024 10:36 |
|
|
stolen from the china thread, but nokia 7s are phoning home to china.LordArgh posted:so the norwegian news broadcaster nrk has discovered that the nokia 7 plus has been sending packets of data to someone in china which includes information such as the phone's geographical location, sim card number and the phone's serial number. after this was revealed today, the finnish data protection agency has started to look into it. the owners of nokia, hmd global, did not want to answer questions about whether the phones are required to do this in order to be sold in china, or about who owns the server the data are being sent to.
|
|
#
?
Mar 21, 2019 13:42
|
|
|
"" posted:Hver gang telefonen ble slått på, skjermen aktivert eller låst opp, gikk hans geografiske posisjon, samt SIM-kortnummer og telefonens serienummer til en server i Kina. "Every time the phone ('s screen) was turned on or unlocked his geo position, sim-number and phone serial number was sent to a server in china" IMEI, IMSI, phones numbers and goodies sent to china in plain text.
|
|
#
?
Mar 21, 2019 13:53
|
|
|
super-weird at first since they should be running a clean google image outside of the driver layer, but it seens most likely it is a qualcomm driver doing the call "home" https://raw.githubusercontent.com/b...rationTask.java
|
|
#
?
Mar 21, 2019 13:58
|
|
|
But don't use Huawei phones because they might be sending your data to China.
|
|
#
?
Mar 21, 2019 14:05
|
|
|
It's almost as if Android phones are not built with security in mind.
|
|
#
?
Mar 21, 2019 14:18
|
|
|
mystes posted:But don't use Huawei phones because they might be sending your data to China. ¿porque no los dos?
|
|
#
?
Mar 21, 2019 14:18
|
|
|
Mr. Nice! posted:stolen from the china thread, but nokia 7s are phoning home to china. technically wouldn't a nokia phone home to finland?
|
|
#
?
Mar 21, 2019 14:29
|
|
|
univbee posted:technically wouldn't a nokia phone home to finland? nokia mobile was owned by microsoft until 2016 when a former nokia exec began producing phones with foxconn and various other chinese manufacturers.
|
|
#
?
Mar 21, 2019 14:34
|
|
|
Mr. Nice! posted:nokia mobile was owned by microsoft until 2016 when a former nokia exec began producing phones with foxconn and various other chinese manufacturers. Not exactly. Nokia's mobile business was sold to Microsoft, yes, but the resulting entity was/is Microsoft Mobile. Nokia never sold their IP, just licensed it. HMD Global, the new licensee, is based in Finland - and the phones are designed in Finland too, by former Nokia designers. It's just that it's Foxconn manufacturing them.
|
|
#
?
Mar 21, 2019 15:22
|
|
|
So my company is implementing Stealth to microsegment parts of our DC and network, and I've talked about this previously, but my big concern is lack of info on known weaknesses to Stealth and I'm kinda pissed we are not just doing proper segmenting via VLANs and 802.1x certs. Anybody know some pertinent questions I should ask as a Red Team guy? My big one up front is "What are you doing to stop pivoting at entry points into the microsegments" and "What happens if someone compromises a common point of interest and MITMs the segment?"
|
|
#
?
Mar 21, 2019 15:27
|
|
|
endlessmonotony posted:Not exactly. thanks
|
|
#
?
Mar 21, 2019 15:30
|
|
|
Dammit I was going to buy that phone. What is considered a 'safe' mid-range phone, preferably with Android one.
|
|
#
?
Mar 21, 2019 16:24
|
|
|
exmachina posted:Dammit I was going to buy that phone. Just buy a nexus phone, they'll actually get security updates on a regular cadence.
|
|
#
?
Mar 21, 2019 16:27
|
|
|
exmachina posted:Dammit I was going to buy that phone. still that one i'd say, while it is a fuckup it seems an innocuous one (wrong qualcomm driver package loaded, this apparently being a "register with network" step that is required in china), and i would not really have more faith in some other manufacturer
|
|
#
?
Mar 21, 2019 16:32
|
|
|
Volmarias posted:Just buy a nexus phone, they'll actually get security updates on a regular cadence. The new Nokias will get them too for a while (that's why I bought one, a 7.1). Kassad fucked around with this message at 16:47 on Mar 21, 2019 |
|
#
?
Mar 21, 2019 16:38
|
|
|
lol Facebook https://krebsonsecurity.com/2019/03/facebook-stored-hundreds-of-millions-of-user-passwords-in-plain-text-for-years/ Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data.
|
|
#
?
Mar 21, 2019 17:02
|
|
|
I have a feeling that investigation should be done by a third party instead
|
|
#
?
Mar 21, 2019 17:20
|
|
|
exmachina posted:Dammit I was going to buy that phone. This doesn't change me recommending 6.1, given it was only the 7 and not "all models".
|
|
#
?
Mar 21, 2019 17:25
|
|
|
Volmarias posted:Just buy a nexus phone, they'll actually get security updates on a regular cadence. the nexus series is discontinued, google only makes pixels now ironically the nokia phones are actually part of the "android one" branding, which is a promise by the manufacturer to ship a stock OS image and to provide the device with google's monthly security patches for like 2-3 years
|
|
#
?
Mar 21, 2019 17:27
|
|
|
endlessmonotony posted:This doesn't change me recommending 6.1, given it was only the 7 and not "all models". The 7 Plus, the regular Nokia 7 is a different model.
|
|
#
?
Mar 21, 2019 18:07
|
|
|
geonetix posted:I have a feeling that investigation should be done by a third party instead I mean, not if you want the investigation to reach the conclusion Facebook wants it to reach?
|
|
#
?
Mar 21, 2019 18:10
|
|
|
Lutha Mahtin posted:the nexus series is discontinued, google only makes pixels now Pixel, sorry. WRT Android One, I've seen too many "We Promise To Actually Update This Phone For Years Guys We Really Really Mean It This Time" groups show up to not get jaded about this.
|
|
#
?
Mar 21, 2019 18:28
|
|
|
Volmarias posted:Pixel, sorry. did google carry on patching the nexus phones once they started doing the pixels or was it the normal "ooh shiny new thing, let's ignore the old thing" process they always do?
|
|
#
?
Mar 21, 2019 18:31
|
|
|
Lutha Mahtin posted:the nexus series is discontinued, google only makes pixels now did you not hear the rush of people moving from the 5x after no security updates were pushed after december e: make that january, but they officially stopped support after november: https://support.google.com/nexus/answer/4457705 Wiggly Wayne DDS fucked around with this message at 18:34 on Mar 21, 2019 |
|
#
?
Mar 21, 2019 18:31
|
|
|
The 5x only just stopped getting security updates at the end of 2018, after launching in 2015. It's not iPhone levels of support but it's the best you'll get for Android, for now.
|
|
#
?
Mar 21, 2019 18:35
|
|
|
Volmarias posted:Pixel, sorry. it is 100% googles fault if an android one phone ends up not getting updated though, as it is a standardized image that does just pull the monthly updates from google as noted the issue here is that the image is comingled with a soc support/driver package, and the qualcomm package used on a run of the 7 was incorrectly setup for china
|
|
#
?
Mar 21, 2019 18:47
|
|
|
like, not defending the fuckup, because it is a huge fuckup, but don't go buying samsungs or even overpaying hugely for a pixel now
|
|
#
?
Mar 21, 2019 18:49
|
|
|
i got a pixel 3 and it's very needs suiting and the camera is fantastic 
|
|
#
?
Mar 21, 2019 19:27
|
|
|
they are so loving expensive mostly. nokia has a good combo in being pretty cheap, getting updates, and mostly not being terrible
|
|
#
?
Mar 21, 2019 19:30
|
|
|
buy an iPhone
|
|
#
?
Mar 21, 2019 19:36
|
|
|
neutral milf hotel posted:lol Facebook lmao
|
|
#
?
Mar 21, 2019 19:37
|
|
|
pseudorandom name posted:buy an iPhone if you're spending that kind of money: yeah.
|
|
#
?
Mar 21, 2019 19:38
|
|
|
Cybernetic Vermin posted:they are so loving expensive mostly. nokia has a good combo in being pretty cheap, getting updates, and mostly not being terrible https://www.mirror.co.uk/tech/nokia-smartphones-been-secretly-sending-14167303
|
|
#
?
Mar 21, 2019 19:38
|
|
|
Janitor Prime posted:https://www.mirror.co.uk/tech/nokia-smartphones-been-secretly-sending-14167303  i guess v v
|
|
#
?
Mar 21, 2019 19:39
|
|
|
Volmarias posted:WRT Android One, I've seen too many "We Promise To Actually Update This Phone For Years Guys We Really Really Mean It This Time" groups show up to not get jaded about this. the current iteration of Android One (it's one of those names Google has used for multiple unrelated projects over the years) is supposedly some kind of actual contract that the device manufacturer has to sign in order to use the branding. it hasn't been around very long though so i am interested to see if any manufacturers try and weasel out of it
|
|
#
?
Mar 21, 2019 21:48
|
|
|
neutral milf hotel posted:lol Facebook 
|
|
#
?
Mar 22, 2019 01:59
|
|
|
how senior do you have to be at facebook to just get unlimited graph api access as part of your job, like, anything you want at all
|
|
#
?
Mar 22, 2019 02:06
|
|
|
Sniep posted:how senior do you have to be at facebook to just get unlimited graph api access as part of your job, like, anything you want at all about 18 months ago they were basically giving that to anyone who had an app, i'm sure cambridge analytica isn't the only company that's done close to mirror facebook's database
|
|
#
?
Mar 22, 2019 02:56
|
|
|
|
| # ? May 20, 2024 10:36 |
|
|
xpost from cpam cyberpunk dystopia thread
|
|
#
?
Mar 22, 2019 03:11
|
|