So, Apple and Google each buy one, test it for a month, then patch all the bugs, right?
but that would be illegal under the DMCA
âAdditionally, blah blah blah blahâ
But can it make a decent bowl of Matzo Ball Soup?
a) It wouldnât have to be. they could just observe what it does.
b) Filing a DMCA suit over a machine that automates violating the CFAA against the manufacturers of the machines it pwns would take some chutzpah.
This is a war. Time to dig the trenches. We didnât start it, it was forced upon us.
What about a multipronged approach? Passive, like honeypot apps on the phones (or even honeypot hardware that poses like a phone with vulnerabilities but logs all traffic, and is used in a suspicious way that attracts attention of the adversary)? Active, like counterattacks of both physical and cyber nature on whoever is likely to possess the technology in order to retrieve it (and its secrets) - remember the COINTELPRO? Legal, like filling FOIA and then divining answers from whatever we get back? Other?
The targets are big and few. Image of a deer being eaten alive by ants comes to mindâŚ
Also, it may not be just wifi. There are vulnerabilities a-plenty in the baseband processor code. The code is closed-source, carefully guarded (we need those multiscale visualisation rapid reverse-engineering tools and we need them yesterday!), and usually poorly if ever audited. The processor in many phones shares address space with the main processor - so instant pwnage possible (see the iPhone unlocks that use this).
Taking up the martial theme, are there howtos online for new recruits with templates for choosing, unlocking and rooting a phone with a different OS?
Because I think the general computing era unix/gnulinux skill sets are tougher for new people to learn on our new smart phone appliance overlords.
Also STEM friends, thereâs a social, Homebrew Computer Club vibe that needs to be recovered.
People sometimes want to be the genius mavericky IPO guy who no one really understood. Thatâs a way of interacting that is destructive to learning and groups.
Thatâs why you better start with a scrap computer or a raspberry pi. A phone is oneâs production device, and better have something more screwup-friendly for first-time fooling around, where the worst thing to happen is a need to reimage the microSD card.
âŚand if you have nonzero people skills, a good thing to do is to adopt one or few apprentices, teach them what you had to go through, and if possible be taught by a mentor who adopted you between his apprentices. Wouldnât work for everybody but when it works it is great.
Also good advice. I think itâs a professional culture issue for STEM though ⌠esp. coders and engineers. The Homebrew Computer types of relationships arenât reproducing â just the proprietary types.
Itâs the people-skills thing. If they were better in those, they would have less chance ending up as engineers.
May get a bit better over time with the recent hackerspace/makerspace boom.
Already got quite better with the internet (and Usenet before) and the forums.
Not ideal, but what is. Ideal is the worst enemy of done.
Bullshit. Unless theyâre buying up unpatched exploits, and even then, they would have to keep doing that for it to keep working.
I havenât read up much since the initial announcement and there seem to be few solid details, so take this as pure speculation: the fact this is wifi-only implies this doesnât require any zero day exploits, itâs applying standard wifi attacks at scale.
Most wifi-enabled devices are set to connect to known networks. Most people have, at some point, connected their device to an unsecured hotspot. By either broadcasting a bunch of very common SSIDs or responding to every incoming request with âsure, that network is meâ you could get a majority of devices to connect.
After that point the options are a bit more varied. Given their claims thereâs a good chance they got dodgy certs for popular services from a certificate authority, which would be immediately revoked if discovered. Other than that theyâre likely using MITM: maybe degrading the security for connections when they can, maybe impersonating entire services, and maybe just packet sniffing and picking out what they can. Theyâd be able to get a surprising amount from what devices voluntarily broadcast on public networks.
Bottom line, this probably isnât new. But taking an existing attack and giving it a user-friendly interface and industrial scale can be just as scary.
Unless theyâve figured out some way to generate 2FA keys, my email and Dropbox passwords arenât going to do them much good.
Instead, theyâve openly marketed these [alleged] bugs to law enforcement firms
It is almost as if crooks are easier to scam than honest people.
This topic was automatically closed after 5 days. New replies are no longer allowed.
