Solid state of fear: Euro boffins bust open SSD, Bitlocker encryption (it's really, really dumb)

Found on The Register on Monday, 05 November 2018
Browse Technology

Basically, the cryptographic keys used to encrypt and decrypt the data are not derived from the owner's password, meaning, you can seize a drive and, via a debug port, reprogram it to accept any password. At that point, the SSD will use its stored keys to cipher and decipher its contents. Yes, it's that dumb.

Unfortunately, the pair also note that some popular data encryption systems, including the BitLocker tool Microsoft uses in Windows 10, do not use software encryption for SSDs and rely on the drive's vulnerable hardware encryption.

That such an absolutely stupid design that it makes you wonder if it was not planned like that all along, seeing how much the government hates encryption and always calls for backdoors.

Yale users locked out of homes after 'smart' home app crashes

Found on The Inquirer on Sunday, 14 October 2018
Browse Technology

Users of Yale's so-called 'smart' locks were trapped out of their homes for more than 24 hours following after the company's smartphone app went to Borksville.

Yale blamed an "unforeseen issue while carrying out unplanned network maintenance", but claimed to have resolved the problem on Friday morning. However, users still claim that notifications - such as whether an alarm has been armed or disarmed - aren't coming through.

While the app was down, customers complained of being 'stuck' in their homes, while others were forced to wait outside until the problem was fixed.

Oh the sweet irony. Nothing would have happened if clients would have just stuck to something so very old-fashioned like mechanical locks with keys; but no, even unlocking your door has to be "smart". Now imagine someone would find a way to remotely brick all those locks...

Apple Watch’s new auto-911 calls after falls may tumble into legal trouble

Found on Ars Technica on Saturday, 29 September 2018
Browse Technology

If the Apple Watch detects that the wearer is "immobile for about a minute," it begins a 15-second countdown. After that, the Watch will contact emergency services, which often can use mobile phone data to locate the wearer. (Apple says that the feature is automatically enabled for users who have entered their age into their profile and are over 65.)

In other words, if police are alerted by an Apple Watch of a possible injury, they do not need a warrant to enter a home under the "community caretaking" exception to the Fourth Amendment. This is the notion that law enforcement officers can enter a private space if they reasonably believe that someone needs emergency assistance.

Good idea, but a full blown failure. At least they could have made it soo wearers should have to set up who to notify; but as always, Apple thinks it's knows better than you.

Woman says Galaxy Note 9 burst into flames inside her purse

Found on New York Post on Sunday, 16 September 2018
Browse Technology

Samsung’s highly touted and supposedly fireproof Galaxy Note 9 cellphone spontaneously combusted inside a Long Island woman’s purse, she charges in a lawsuit.

She stopped using the phone and put it in her bag. Suddenly, “she heard a whistling and screeching sound, and she noticed thick smoke” pouring from her purse, she alleges.

You could call it tradition by now.

Your new $1,000+ iPhone won’t come with a headphone dongle in the box

Found on Ars Technica on Thursday, 13 September 2018
Browse Technology

Apple is still selling the headphone adapter on its website for its usual $9. The newest iPhones range from $749 outright for the entry-level iPhone XR, which comes with an LCD display and less advanced camera system, to $1,449 outright for an iPhone XS Max with 512GB of built-in storage.

Making the headphone adapter a mandatory purchase for those who still wish to use their traditional headphones will likely push those figures up higher: a recent report from Ceros said that the dongle has been one of the two highest-selling Apple products sold at Best Buy since it became available.

A fool and his money are soon parted. If you have enough money to be wasted on Apple products, enjoy getting ripped off. If you don't and buy them anyway, think again about your ridiculous dedication to brands.

Germany might take diesel VWs off the road if recalls are ignored

Found on CNet News on Saturday, 18 August 2018
Browse Technology

The KBA, Germany's federal motor vehicle authority, said drivers who ignore fixes for over-polluting Volkswagen Group diesel vehicles might have their vehicles removed from the road, Automotive News Europe reports, citing a report from the German publication Automobilwoche.

In 2016, the KBA approved a series of software-related fixes for three different diesel engines, meaning getting the recall done is about as easy as sitting at a dealer for an hour.

Software updates. Could as well call them snakeoil.

A $225 GPS spoofer can send sat-nav-guided vehicles into oncoming traffic

Found on Ars Technica on Wednesday, 18 July 2018
Browse Technology

A new proof-of-concept attack demonstrates how hackers could inconspicuously steer a targeted automobile to the wrong destination or, worse, endanger passengers by sending them down the wrong way of a one-way road.

The most effective is to give civilian GPS signals the same type of encryption military GPS has used for decades. Unfortunately, that would do nothing to protect people using the massive number of GPS devices already in use. Another countermeasure is to develop trusted ground infrastructure to help GPS devices verify their location. This, too, is at best a long-term solution because of the cost and constraints in government policies.

As usual, nobody will care about security as long as it can be avoided. It will take a few dramatic accidents until the pressure is growing big enough.

Retiring worn-out wind turbines could cost billions that nobody has

Found on Energy Central News on Sunday, 15 July 2018
Browse Technology

The life span of a wind turbine, power companies say, is between 20 and 25 years. But in Europe, with a much longer history of wind power generation, the life of a turbine appears to be somewhat less.

In Texas, there are approximately 12,000 turbines operational in the state. Decommissioning these turbines could cost as much as $2.3 billion.

"The blades are composite, those are not recyclable, those can't be sold," Linowes said. "The landfills are going to be filled with blades in a matter of no time."

It's well known that wind turbines are special waste; but it's still called green energy, because the problem only arises in 1-2 decades.

iPhone crashing bug likely caused by code added to appease Chinese gov’t

Found on Ars Technica on Wednesday, 11 July 2018
Browse Technology

Wardle, who is now a macOS and iOS security expert at Digital Security, said he was perplexed when a friend first reported her fully patched, non-jailbroken device crashed every time she typed Taiwan or received a message with a Taiwanese flag.

He eventually found that the crashes were being caused by code that classified messages based on emojis they contained. He also noticed that the error seemed to be triggered when iOS had country codes that included China or language settings including Chinese (his friend’s phone specified the region as the US and the language as English, followed by Chinese.)

Remember, big corporations will happily bend over for a dictatorship as long as they can make money by selling their products there, while their PR divisions try to uphold the fake image of morals and ethics.

Would you pay $700, plus a monthly fee, for a digital license plate?

Found on Ars technica on Monday, 02 July 2018
Browse Technology

At first glance, this electronic device looks exactly like a traditional, stamped metal license plate. The new digital plate has the same scripted CALIFORNIA icon up top and uses the exact same size and font to show the numbers and letters.

The device also contains an RFID and GPS chip that allow me to see where my car is at any given moment, to voluntarily track my trips (think an Uber or Lyft-style ride map), and to even optionally display DMV-approved customized messages in a small font below the plate number itself.

That's one of the most useless and dumbest "inventions" ever made; but some hipsters will sure buy it and then cry out when they find out that they get tracked. Or when someone just bumps into their oh-so-shiney toy.