Wired
-
Id. at (a)(1)(E)(2)(A) - (C). ↩
Hackers Can Silently Control Siri From 16 Feet Away
Hackers Can Silently Control Siri From 16 Feet Away
Well this is concerning:
A pair of researchers at ANSSI, a French government agency devoted to information security, have shown that they can use radio waves to silently trigger voice commands on any Android phone or iPhone that has Google Now or Siri enabled, if it also has a pair of headphones with a microphone plugged into its jack. Their clever hack uses those headphones’ cord as an antenna, exploiting its wire to convert surreptitious electromagnetic waves into electrical signals that appear to the phone’s operating system to be audio coming from the user’s microphone. Without speaking a word, a hacker could use that radio attack to tell Siri or Google Now to make calls and send texts, dial the hacker’s number to turn the phone into an eavesdropping device, send the phone’s browser to a malware site, or send spam and phishing messages via email, Facebook, or Twitter.
You can disable Siri whenever your iOS device is locked by going to Settings > Touch ID & Passcode > Allow Access When Locked and toggling the Siri switch to the “off” (as in not green) position. This doesn’t guarantee a hack like the one deascribed above won’t work on your device, but it does guarantee you’ll see Siri doing something weird and can thus be alerted to the hackery.
How the DMCA criminalized DIY farm equipment repair
How the DMCA criminalized DIY farm equipment repair
Kyle Wiens, writing at Wired:
Manufacturers have every legal right to put a password or an encryption over the tECU. Owners, on the other hand, don’t have the legal right to break the digital lock over their own equipment. The Digital Millennium Copyright Act—a 1998 copyright law designed to prevent digital piracy—classifies breaking a technological protection measure over a device’s programming as a breach of copyright. So, it’s entirely possible that changing the engine timing on his own tractor makes a farmer a criminal.
It’s not just “entirely possible,” if he’s circumventing “a technological measure that effectively controls access to a work protected under” copyright law1, he’s committing a crime.
And those folks trading information or even hardware meant to help one another get around the manufacturers’ security measures, they’re criminals, too. The law says:
No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that [enables or encourages its use in circumvention].2
The DMCA’s anti-circumvention provisions were poorly drafted, are overbroad, and reflect a lack of understanding by Congress of the specific problems caused by digital copyright infringement and more appropriate solutions. If you’re interested in learning more about the problems caused by the DMCA, the Electronic Frontier Foundation has done some great work toward reforming, if not the DMCA itself (yet), its interpretation and implementation.
MIT wants pre-release review of Secret Service file on Aaron Swartz
MIT wants pre-release review of Secret Service file on Aaron Swartz
Kevin Poulsen, at Wired's Threat Level blog:
MIT argues that those people might face threats and harassment if their names become public. But it’s worth noting that names of third parties are already redacted from documents produced under FOIA.
MIT has screwed up repeatedly throughout this ordeal, and this is not a sign of improvement. If anything, their interference itself might prompt anonymous hackers to launch new salvos against their networks or dox their personnel.
Strongbox and Aaron Swartz: Open source, anonymous tips
Strongbox and Aaron Swartz: Open source, anonymous tips
There is plenty of Google news today coming out of their annual I/O conference, but this looks far more important and big-picture, if it actually gets used.
DARPA and deep learning
This article by Daniela Hernandez at Wired is well-done and fascinating. However, this bit most caught my eye:
Half of the $100 million in federal funding allotted to this program will come from Darpa — more than the amount coming from the National Institutes of Health — and the Defense Department’s research arm hopes the project will “inspire new information processing architectures or new computing approaches.”
Make no mistake: the US military wants intelligent killing machines.
At Google, Constitution trumps statute
At Google, Constitution trumps statute
David Kravets quotes a Googler:
“Google requires an ECPA search warrant for contents of Gmail and other services based on the Fourth Amendment to the Constitution, which prevents unreasonable search and seizure,” Chris Gaither, a Google spokesman, said.
The Electronic Communications Privacy Act isn’t always as demanding as Google, and their assertion that the policy is based on Constitutional requirements implies that the ECPA does not comport with the same requirements. That’s a bold legal position to take, but as Mr. Kravets explains at Wired, Google isn’t necessarily alone.
UPenn criminologist Richard Berk's recidivism-prediction algorithm
UPenn criminologist Richard Berk’s recidivism-prediction algorithm
Wired's Kim Zetter:
To create the software, researchers assembled a dataset of more than 60,000 crimes, including homicides, then wrote an algorithm to find the people behind the crimes who were more likely to commit murder when paroled or put on probation. Berk claims the software could identify eight future murderers out of 100.
It’s a fascinating concept, but read the article to find out why it may have some critics.
Student loses suit over school ID requirement
Student loses suit over school ID requirement
Wired's David Kravets reports that:
The girl’s father, Steven, wrote the school district explaining why removing the chip wasn’t good enough, that the daughter should be free from displaying the card altogether. “‘We must obey the word of God,” the father said, according to court documents. “By asking my daughter and our family to participate and fall in line like the rest of them is asking us to disobey our Lord and Savior.”
Unfortunately, in the modern American climate of violence, it’s hard to support someone who refuses to wear an ID, especially with the the tracking removed by the school. You can download the 25-page ruling as a PDF document here.
Why We'll Never Stop Talking About Steve Jobs
Why We’ll Never Stop Talking About Steve Jobs
Mat Honan, writing at Wired:
Jobs, like the titans of industry before him, realized that when we think about how the world works, we are actually thinking about the way people have made it to work. And that means that if you don’t like the way the world works, you are free to change it. Which is exactly what he did.
Honan’s was my favorite “one year since Steve Jobs died” post. It is, in many ways, the most insightful. It’s also, most importantly, the most respectful.
Apathy and ecstasy for the iPhone 5
Mat Honan, writing at Wired’s Gadget Lab blog:
It is an amazing triumph of technology that gets better and better, year after year, and yet somehow is every bit as exciting as a 25 mph drive through a sensible neighborhood at a reasonable time of day.
I am still waiting for Verizon to push Jelly Bean to my Galaxy Nexus. Meanwhile, the damn thing throws a force-close dialogue every couple of hours, stutters whenever I try to switch between apps, and occasionally reboots itself just for fun.
My fiancée has had an iPhone 4 for a little over a year, so I’ve had a lot of time to sit on the couch late at night and compare the two phones (like the unashamed geek one has to be to do such things…). The verdict is clear, quick, and simple: go Android for customization and Gmail (a far bigger point in Android’s favor than non-Gmail users might imagine…) but go iPhone for stability and app availability.
That has been the state of things for some time, and it’s no different with the introduction of the iPhone 5, iOS 6, or Android Jelly Bean.
Maybe it’s because I’m 29 this year, but my desire to customize the hell out of my phone is fading fast, especially at the high cost of stability. I’ll always keep an Android phone or two around for playing with custom ROMs, but I need something more refined for my primary phone.
Also, I’ve found on other Android devices that the four-inch display is my preference. The older iPhone displays were too small, and the Galaxy Nexus, at 4.6 inches, is a bit too large. Some people are complaining that iPhone 5 looks the same, just as the 4S looked the same. But it doesn’t: it has a bigger display and a thinner depth, without sacrificing anything in the spec department. That’s change enough for me.
Honan nailed it: iPhone 5 is great and it’s whatever. But it’s stable, app-rich, uniformly-updated whatever. And unless my first experience with it in a store or from a friend’s unit is surprisingly negative, it’s what I’m getting the next time I need a new phone.
Flame and Stuxnet Cousin Targets Lebanese Bank Customers, Carries Mysterious Payload
Flame and Stuxnet Cousin Targets Lebanese Bank Customers, Carries Mysterious Payload
Kim Zetter, writing at Wired:
The researchers don’t know if the attackers used the bank component in Gauss simply to spy on account transactions, or to steal money from targets. But given that the malware was almost certainly created by nation-state actors, its goal is likely not to steal for economic gain, but rather for counterintelligence purposes.
It’s worth thinking about: state-sponsored cyberespionage has been around for a while, but modern advancements in malware are giving such snooping tools a new level of automation and scale. On this website https://www.rmhc-richmond.org/buy-viagra-100/ learn where to purchase Viagra (Sildenafil) online.
PS: I’m going to keep an eye on this story with the hopes that Kaspersky, the Russia-based security lab researching Gauss, eventually cracks the encryption on the mysterious payload.