The second operating system hiding in every mobile phone

Posted on by

The insecurity of baseband software is not by error; it’s by design. The standards that govern how these baseband processors and radios work were designed in the ’80s, ending up with a complicated codebase written in the ’90s – complete with a ’90s attitude towards security. For instance, there is barely any exploit mitigation, so exploits are free to run amok. What makes it even worse, is that every baseband processor inherently trusts whatever data it receives from a base station (e.g. in a cell tower). Nothing is checked, everything is automatically trusted. Lastly, the baseband processor is usually the master processor, whereas the application processor (which runs the mobile operating system) is the slave.

via The second operating system hiding in every mobile phone.

From: Baseband Hacking: A New Frontier for Smartphone Break-ins

Previously, mobile hacking attempts have involved the phone’s operating system or other software, but this one focuses on breaking into a phone’s baseband processor, which is the hardware that sends and receives radio signals to cell towers.

Trio of young coders build health-care website in days

Posted on by

“We were surprised to see that it was actually fairly difficult to use HealthCare.gov to find and understand our options,” he told CNN. “Given that the data was publicly available, we thought that it made a lot of sense to take the data that was on there and just make it easy to search through and view available plans.”

The result is a bare-bones site that lets users enter their zip code, plus details about their family and income, to find suggested plans in their area.

via Trio of young coders build health-care website in days – CNN.com.

The site is here at www.thehealthsherpa.com and it seems pretty damn good!

Cisco-threatening open switch coming from Facebook, Intel, and Broadcom

Posted on by

The network project would similarly provide an alternative to vendors like Cisco, Arista Networks, and Dell’s Force 10 division. The Open Compute Project promises a “specification and a reference box for an open, OS-agnostic top-of-rack switch.” Whether that reference box will be based on an amalgam of submitted specifications or just one of them isn’t clear yet, and no release date has been set.

via Cisco-threatening open switch coming from Facebook, Intel, and Broadcom | Ars Technica.

In response to today’s Facebook announcement, Cisco said in a statement to Ars, “It’s important to acknowledge that the largest web-scale companies driving OCP have the skills, resources, and specialized traffic patterns that justify considering this approach carefully. However, most IT departments won’t relish taking on the additional operational cost, skills and expertise that are required to integrate their own technology.

You Are a Rogue Device

Posted on by

The user’s guide for one of Aruba’s recent software products states: “The wireless network has a wealth of information about unassociated and associated devices.” That software includes “a location engine that calculates associated and unassociated device location every 30 seconds by default… The last 1,000 historical locations are stored for each MAC address.”

For now, Seattle’s mesh network is concentrated in the downtown area. But the SPD has indicated in PowerPoint presentations—also acquired by The Stranger—that it hopes to eventually have “citywide deployment” of the system that, again, has potential surveillance capabilities that the SPD declined to answer questions about. That could give a whole new meaning to the phrase “real-time situational awareness.”

via You Are a Rogue Device by Matt Fikse-Verkerk and Brendan Kiley – Seattle Features – The Stranger, Seattle’s Only Newspaper.

This is why you should always have wifi  disabled, in “airplane mode,” turned off when not in use.  Only turn on wifi for your device manually when you need to use a network.  Doing this also extends battery life because running the radio interface uses a lot of juice.  This network they built in Seattle would have great public benefit if it were open for all to use and there’s few engineering reasons why it can’t be.   Since emergencies are rare may as well utilize it and then kick people off indiscriminately when the network truly is needed.  I suspect however it’s not open for use by the rabble.  Another blurb from the article:

It’s reasonable to assume that locally gleaned information will be shared with other organizations, including federal ones. An SPD diagram of the mesh network, for example, shows its information heading to institutions large and small, including the King County Sheriff’s Office, the US Coast Guard, and our local fusion center.

Fusion centers, if you’re unfamiliar with the term, are information-sharing hubs, defined by the Department of Homeland Security as “focal points” for the “receipt, analysis, gathering, and sharing” of surveillance information.

At least if they’re going to spy  provide some value to the spied upon “user.”

Georgia Tech develops inkjet-based circuits at fraction of time and cost

Posted on by

Recent advances in chemically bonding metal particles allowed the researchers to use silver nanoparticle ink to print the circuits and avoid thermal bonding, or sintering, a time-consuming and potentially damaging technique due to the heat. Printing the circuits on resin-coated paper, PET film and glossy photo paper worked best. Researchers also made a list of materials to avoid, such as canvas cloths and magnet sheets.

via Georgia Tech develops inkjet-based circuits at fraction of time and cost.

From: Ink-Jet Printing Custom-Designed Micro Circuits

Initial reports of the technique, which the team demonstrated at a meeting of the Association for Computing Machinery in Zurich Sept. 10, described the result as a “paper computer,” though the best researchers could do was print a WiFi antenna, circuits for an LED and a 3D-printed flashlight. They also produced circuits containing microprocessors and memory-chip connectors that could potentially become components of an actual device, but the printing, ink and materials are still far too basic to allow that, according to Matt Johnson of conductive-ink manufacturer Bare Conductive, who was quoted in a New Scientist story about the demonstration.

Canonical shouldn’t abuse trademark law to silence critics of its privacy decisions

Posted on by

To keep the balance between the integrity of our trademarks and the ability to to use and promote Ubuntu, we’ve tried to define a reasonable Intellectual Property Policy. You can read the full policy at http://www.canonical.com/intellectual-property-policy. As you can see from our policy, to use the Ubuntu trademarks and and Ubuntu word in a domain name would require approval from Canonical.

via Canonical shouldn’t abuse trademark law to silence critics of its privacy decisions | micah.f.lee.

Update:  From Canonical Blog.

In the case of fixubuntu.com, we were concerned that the use of the trademark implied a connection with and endorsement from the Ubuntu project which didn’t exist. The site owner has already agreed to remove the Ubuntu logo and clarified that there is no connection; from our perspective the situation has been resolved, and we have no issue with the site or the criticism it includes.  In fact, far from an trying to silence critics, our trademark policy actually calls out parody and criticism and other uses as being allowed when the marks are used appropriately.  (Please make the parodies funny – we need a good laugh as much as anyone!)

From Mark Shuttleworth:

This was a bit silly on our part, sorry. Our trademark guidelines specifically allow satire and critique (‘sucks sites’) and we should at most have asked him to state that his use of the logo was subject to those guidelines.

See What’s Inside the PlayStation 4 With These Exclusive Photos

Posted on by

What we see is a hardware architecture that’s both simple and powerful. With longtime game designer Mark Cerny leading the way, lending his software-minded expertise to Ootori and the rest of the hardware engineering team, Sony abandoned the overly complex Cell microprocessor that drove the PlayStation 3, building the PS4 around an “x86″ chip similar to the processors that have driven most of our personal computers for the last three decades. The idea was to make it that much easier for developers to build games for the new console, to create the things that will ultimately capture our attention.

via See What’s Inside the PlayStation 4 With These Exclusive Photos | Game|Life | Wired.com.

High-gain patch antennas boost Wi-Fi capacity for Georgia Tech

Posted on by

Patch antennas focus the radio beam within a specific area. (A couple of vendors, Ruckus Wireless and Xirrus, have developed their own built-in “smart” antennas that adjust and focus Wi-Fi signals on clients.) Depending on the beamwidth, the effect can be that of a floodlight or a spotlight, says Jeff Lime, Ventev’s vice president. Ventev’s newest TerraWave High-Density products focus the radio beam within narrower ranges than some competing products, and offer higher gain (in effect putting more oomph into the signal to drive it further), he says.

via High-gain patch antennas boost Wi-Fi capacity for Georgia Tech – Network World.

At Georgia Tech, each antenna focused the Wi-Fi signal from a specific overhead access point to cover a section of seats below it. Fewer users associate with each access point. The result is a kind of virtuous circle. “It gives more capacity per user, so more bandwidth, so a better user experience,” says Lime.