Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Wi-Fi Router Attack Only Requires a Single PIN Guess

Soulskill posted 2 days ago | from the one-two-three-four dept.

Wireless Networking 81

An anonymous reader writes: New research shows that wireless routers are still quite vulnerable to attack if they don't use a good implementation of Wi-Fi Protected Setup. Bad implementations do a poor job of randomizing the key used to authenticate hardware PINs. Because of this, the new attack only requires a single guess at the hardware PIN to collect data necessary to break it. After a few hours to process the data, an attacker can access the router's WPS functionality. Two major router manufacturers are affected: Broadcom, and a manufacturer to be named once they get around to fixing it. "Because many router manufacturers use the reference software implementation as the basis for their customized router software, the problems affected the final products, Bongard said. Broadcom's reference implementation had poor randomization, while the second vendor used a special seed, or nonce, of zero, essentially eliminating any randomness."

Ask Slashdot: Best Phone Apps?

Soulskill posted 2 days ago | from the there's-an-app-for-picking-apps-that-pick-apps dept.

Cellphones 159

An anonymous reader writes: The phone app ecosystem has matured nicely over the past several years. There are apps for just about everything I need to do on my phone. But I've noticed that once an app fills a particular need, I don't tend to look for newer or potentially better apps that would replace it. In a lot of areas, I'm two or three years out of date — maybe there's something better, maybe not. Since few people relish the thought of installing, testing, and uninstalling literally hundreds of apps, I thought I'd put the question to the Slashdot community: what interesting, useful new(ish) apps are you aware of? This can be anything from incredibly slick, well-designed single purpose apps to powerful multi-function apps to entertainment-oriented apps.

Judge Lucy Koh Rejects Apple's Quest For Anti-Samsung Injunction

timothy posted 3 days ago | from the sound-reasoning dept.

Cellphones 30

The Associated Press, in a story carried by The Financial Express, reports that Federal Judge Lucy Koh has has rejected Apple's attempt to block the sale of several older Samsung smartphones that copied features in the iPhone. Wednesday's rebuff comes nearly four months after a jury awarded Apple Inc. $119 million in damages for Samsung's infringements on technology used in the trend-setting iPhone. The amount was well below the $2.2 billion in damages that Apple had been seeking in the latest round of legal wrangling between the world's two leading smartphone makers since the tussle began four years ago. The Register also carries the story, and notes Perhaps because the ongoing battle was turning the two companies into law firms rather than tech titans, the two agreed to abandon all patent lawsuits outside the USA earlier this month. However, Apple still wanted the infringing features extirpated from American stores, and was seeking to have phones nobody bought banned as ammo for future battles.

$33 Firefox Phone Launched In India

samzenpus posted 4 days ago | from the cheaper-by-the-dozen dept.

Mozilla 83

davidshenba writes Intex and Mozilla have launched Cloud FX, a smartphone powered by Mozilla's Firefox OS. The phone has a 1 GHz processor, 2 Megapixel camera, dual SIM, 3.5 inch capacitive touchscreen. Though the phone has limited features, initial reviews say that the build quality is good for the price range. With a price tag of $33 (2000 INR), and local languages support the new Firefox phone is hitting the Indian market of nearly 1 billion mobile users.

California Passes Law Mandating Smartphone Kill Switch

timothy posted about a week ago | from the we-control-the-vertical dept.

Cellphones 233

alphadogg (971356) writes "Smartphones sold in California will soon be required to have a kill switch that lets users remotely lock them and wipe them of data in the event they are lost or stolen. The demand is the result of a new law, put into effect on Monday, that applies to phones manufactured after July 1, 2015, and sold in the state. While its legal reach does not extend beyond the state's borders, the inefficiency of producing phones solely for California means the kill switch is expected to be adopted by phone makers on handsets sold across the U.S. and around the world."

Google Announces a New Processor For Project Ara

timothy posted about two weeks ago | from the starting-from-not-quite-scratch dept.

Cellphones 36

rtoz writes Google has just announced a new processor for Project Ara. The mobile Rockchip SoC will function as an applications processor, without requiring a bridge chip. A prototype of the phone with the Rockchip CPU, will be available early next year. Via Google+ post, Project Ara team Head Paul Eremenko says "We view this Rockchip processor as a trailblazer for our vision of a modular architecture where the processor is a node on a network with a single, universal interface -- free from also serving as the network hub for all of the mobile device's peripherals." (Project Ara is Google's effort to create an extensible, modular cellphone; last month we mentioned a custom version of Linux being developed for the project, too.)

Smartphone Kill Switch, Consumer Boon Or Way For Government To Brick Your Phone?

samzenpus posted about two weeks ago | from the best-of-both-worlds dept.

Government 299

MojoKid writes We're often told that having a kill switch in our mobile devices — mostly our smartphones — is a good thing. At a basic level, that's hard to disagree with. If every mobile device had a built-in kill switch, theft would go down — who would waste their time over a device that probably won't work for very long? Here's where the problem lays: It's law enforcement that's pushing so hard for these kill switches. We first learned about this last summer, and this past May, California passed a law that requires smartphone vendors to implement the feature. In practice, if a smartphone has been stolen, or has been somehow compromised, its user or manufacturer would be able to remotely kill off its usability, something that would be reversed once the phone gets back into its rightful owner's hands. However, such functionality should be limited to the device's owner, and no one else. If the owner can disable a phone with nothing but access to a computer or another mobile device, so can Google, Samsung, Microsoft, Nokia or Apple. If the designers of a phone's operating system can brick a phone, guess who else can do the same? Everybody from the NSA to your friendly neighborhood police force, that's who. At most, all they'll need is a convincing argument that they're acting in the interest of "public safety."

Your Phone Can Be Snooped On Using Its Gyroscope

Unknown Lamer posted about two weeks ago | from the phone-can-be-snooped-on-by-everything dept.

Cellphones 96

stephendavion (2872091) writes Researchers will demonstrate the process used to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. Researchers from Stanford and a defense research group at Rafael will demonstrate a way to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. According to the "Gyrophone: Recognizing Speech From Gyroscope Signals" study, the gyroscopes integrated into smartphones were sensitive enough to enable some sound waves to be picked up, transforming them into crude microphones.

New HP Laptop Would Mean Windows at Chromebook Prices

timothy posted about two weeks ago | from the is-that-a-bargain? dept.

Chrome 215

New submitter nrjperera (2669521) submits news of a new laptop from HP that's in Chromebook (or, a few years ago, "netbook") territory, price-wise, but loaded with Windows 8.1 instead. Microsoft has teamed up with HP to make an affordable Windows laptop to beat Google Chromebooks at their own game. German website Mobile Geeks have found some leaked information about this upcoming HP laptop dubbed Stream 14, including its specifications. According to the leaked data sheet the HP Stream 14 laptop will share similar specs to HP's cheap Chromebook. It will be shipped with an AMD A4 Micro processor, 2GB of RAM, 32GB of flash storage and a display with 1,366 x 768 screen resolution. Microsoft will likely offer 100GB of OneDrive cloud storage with the device to balance the limited storage option.

Xiaomi's Next OS Looks Strikingly Similar To iOS

samzenpus posted about two weeks ago | from the imitation-is-the-sincerest-form-of-flattery dept.

IOS 181

stephendavion writes Looks like Chinese device maker, Xiaomi, is taking its "Apple of the East" tag too literally. First, their CEO brazenly copies Steve Jobs' signature look, sitting cross-legged on the floor. And now, Xiaomi's latest version of Android shamelessly rips off iOS 7. MIUI 6, which is Xiaomi's upcoming edition of Android for its latest phones and tablets, looks almost exactly like Apple's operating system for iPhones, iPads and the iPod Touch. It features the same bright color palette and a flat design. Heck, it even does away with Google's "app drawer" and puts all apps on your home screen. It's like the CEO handed iPhones to the design team and barked: "Here, copy this!"

EFF's Cell Phone Guide For US Protesters

Soulskill posted about two weeks ago | from the do-not-use-your-cell-phone-as-a-projectile-weapon dept.

Electronic Frontier Foundation 82

An anonymous reader writes: The Electronic Frontier Foundation has updated its guide for protecting yourself and your cell phone at a protest. In addition to being extremely powerful tools (real-time communication to many watchers via social media, and video recording functionality), cell phones can also give authorities a lot of information about you if they confiscate it. The EFF is trying to encourage cell phone use and prepare people to use them. (The guide is based on U.S. laws, but much of the advice makes sense for other places as well.) Here are a few small snippets: "Start using encrypted communications channels. Text messages, as a rule, can be read and stored by your phone company or by surveillance equipment in the area. ... If the police ask to see your phone, tell them you do not consent to the search of your device. Again, since the Supreme Court's decision in Riley, there is little question that officers need a warrant to access the contents of your phone incident to arrest, though they may be able to seize the phone and get a warrant later. ... If your phone or electronic device was seized, and is not promptly returned when you are released, you can file a motion with the court to have your property returned."

The Biggest iPhone Security Risk Could Be Connecting One To a Computer

timothy posted about three weeks ago | from the seems-an-obvious-hole dept.

IOS 72

angry tapir (1463043) writes Apple has done well to insulate its iOS mobile operating system from many security issues, but a forthcoming demonstration shows it's far from perfect. Next Wednesday at the Usenix Security Symposium in San Diego, researchers with the Georgia Institute of Technology will show how iOS's Achilles' heel is exposed when devices are connected over USB to a computer or have Wi-Fi synching enabled. The beauty of their attack is that it doesn't rely on iOS software vulnerabilities, the customary way that hackers commandeer computers. It simply takes advantage of design issues in iOS, working around Apple's layered protections to accomplish a sinister goal.

Ryan Lackey, Marc Rogers Reveal Inexpensive Tor Router Project At Def Con

timothy posted about three weeks ago | from the widespread-and-easy-are-tightly-linked dept.

Communications 38

An anonymous reader writes Ryan Lackey of CloudFlare and Marc Rogers of Lookout revealed a new OPSEC device at Def Con called PORTAL (Personal Onion Router to Assure Liberty). It "provides always-on Tor routing, as well as 'pluggable' transport for Tor that can hide the service's traffic signature from some deep packet inspection systems." In essence, PORTAL is a travel router that the user simply plugs into their existing device for more than basic Tor protection (counterpoint to PogoPlug Safeplug and Onion Pi). On the down side, you have to download PORTAL from Github and flash it "onto a TP-Link compatible packet router." The guys behind the device acknowledge that not many people may want to (or even know how to) do that, so they're asking everyone to standby because a solution is pending. The project's GitHub page has a README file that lists compatible models, with some caveats: "It is highly recommended to use a modified router. The modified MR11U and WR703N provide a better experience than the stock routers due to the additional RAM. The severe space constraints of the stock router make them very challenging to work with. Due to the lack of usable space, it is necessary to use an external disk to store the Tor packages. The stock router has only a single USB port, and the best option is to use a microSD in a 3G modem." (Note: Lackey is no stranger to helping people secure internet privacy.)

T-Mobile To Throttle Customers Who Use Unlimited LTE Data For Torrents/P2P

Soulskill posted about three weeks ago | from the who-torrents-over-mobile-anyway dept.

Networking 147

New submitter User0x45 writes: Here's a nicely transparent announcement: "T-mobile has identified customers who are heavy data users and are engaged in peer-to-peer file sharing, and tethering outside of T-Mobile’s Terms and Conditions (T&C). This results in a negative data network experience for T-Mobile customers. Beginning August 17, T-Mobile will begin to address customers who are conducting activities outside of T-Mobile’s T&Cs." Obviously, it's not a good announcement for people with unlimited plans, but at least it's clear. T-mobile also pulled the backwards anti-net neutrality thing by happily announcing 'Free Streaming' from select music providers... which is, in effect, making non-select usage fee-based.

Samsung Announces Galaxy Alpha Featuring Metal Frame and Rounded Corners

Unknown Lamer posted about three weeks ago | from the strange-sense-of-deja-vu dept.

Cellphones 220

mrspoonsi (2955715) writes with word that Samsung is hopping on the metal case and rounded corners design bandwagon. From the article: Samsung says a metal frame and curved corners give the Galaxy Alpha a "sophisticated" look. The South Korean company describes the Galaxy Alpha as representing a "new design approach". The firm has previously been criticised for the plastic feel of its handsets at a time when other firms have opted to use materials marketed as having a "premium" feel. Samsung Electronics saw a 20% year-on-year drop in its last quarter's profit. The phone features 2G of RAM, a 4.7" AMOLED display, and either an 8-core Exynos 5 or 4-core Snapdragon 801.

Reversible Type-C USB Connector Ready For Production

Soulskill posted about three weeks ago | from the it's-never-the-facing-the-right-way-on-the-first-try dept.

Cellphones 191

orasio writes: One of the most frustrating first-world problems ever (trying to connect an upside-down Micro-USB connector) could disappear soon. The Type-C connector for USB has been declared ready for production by the USB Promoter Group (PDF). "With the Type-C spec finalized, it now comes down to the USB-IF to actually implement the sockets, plugs, cables, adapters, and devices. The problem is that there are billions of existing USB devices and cables that will need adapters and new cables to work with new Type-C devices. It’s a lot like when Apple released the Lightning connector, but on an even grander scale. Further exacerbating the issue is the fact that China, the EU, and the GSMA have all agreed that new mobile devices use Micro-USB for charging — though it might be as simple as including a Micro-USB-to-Type-C adapter with every new smartphone."

China Smartphone Maker Xiaomi Apologizes For Unauthorized Data Access

samzenpus posted about three weeks ago | from the our-bad dept.

Cellphones 64

SpzToid writes Following up an earlier story here on Slashdot, now Xiaomi has apologized for collecting private data from its customers. From the article: "Xiaomi Inc said it had upgraded its operating system to ensure users knew it was collecting data from their address books after a report by a computer security firm said the Chinese budget smartphone maker was taking personal data without permission. The privately held company said it had fixed a loophole in its cloud messaging system that had triggered the unauthorized data transfer and that the operating system upgrade had been rolled out on Sunday. The issue was highlighted last week in a blog post by security firm F-Secure Oyg. In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online."

Connected Collar Lets Your Cat Do the War-Driving

timothy posted about three weeks ago | from the wifi-password-|"pl[\'as[cnp dept.

Security 110

MojoKid (1002251) writes "Security researcher Gene Bransfield, with the help of his wife's grandmother's cat, decided to see how many neighborhood WiFi access points he could map and potentially compromise. With a collar loaded with a Spark chip, a Wi-Fi module, a GPS module, and a battery, Coco the cat helped Gene identify Wi-Fi networks around the neighborhood and then reported back. The goal here is obvious: Discover all of the unsecured, or at least poorly-secured, wireless access points around the neighborhood. During his journey, Coco identified dozens of Wi-Fi networks, with four of them using easily-broken WEP security, and another four that had no security at all. Gene has dubbed his collar the "WarKitteh", and it cost him less than $100 to make. He admits that such a collar isn't a security threat, but more of a goofy hack. Of course, it could be used for shadier purposes." (Here's Wired's article on the connected cat-collar.)

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>