Posted on 06/17/2015 9:32:15 PM PDT by Swordmaker
With all the apps connecting in the background and no way to stop them...hard to tell who’s who.
If you want on or off the Mac Ping List, Freepmail me.
Oh well. . .
At least we can tell the users of Samsung phones on our respective platforms to watch out. . .
Shame the Samsung S5 has this vulnerability -
Sure have loved the pics it takes, expandable memory, replaceable / spare battery, super long battery life, waterproof, strong glass, and so much more.
Just when I thought I shoulda bought an Apple iproduct, was shocked to learn of this chink in its armor -
http://www.businessinsider.com/apple-ios-and-os-x-security-flaw-could-let-hackers-steal-passwords-and-app-data-2015-6...
;n)
Wireless Keyboard, mouse, router, smartphone, dumb phone , XBOX , telephone.
They have an app for that.
“If your rocking a Samsung smartphone”
If “you’re” not going to use proper English, I’m not going to read “your” article.
I have them printed out on paper under my blotter and have deleted same. Yes, I know, nothing is ever entirely deleted, but hackers can't get there unless direct access to your hard or flash drive. I've used Kaspersky for years and never gotten viruses, malware, trojans, or identity theft problems. If you have a strong firewall, you should be good.
That is currently just a vulnerability. . . and that vulnerability is not on iOS. The serious one is the keychain hack but it requires the hacker to FIRST get a malicious app onto the Mac, not an easy thing to do. The researchers were able to poison their own OS X Keychain App because they had control of the computer, but to get control of someone else's computer and poison THEIR keychain app is an entirely different question. It also requires that they be able to sneak a malicious app onto Apple's curated OS X Mac App store.
". . . steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote." Your linked Business insider article.
The other big thing they thought they were demonstrating is also not so dire. . . the ability once they have a poisoned Keychain is stealing the iCloud token. . . not, as the article claimed "the iCloud passwords." However, that token is only used to guarantee secure connection between the iCloud's connection for that particular computer and the OS X Mac App store for downloading apps and updates. It could possibly allow a hacker to set up a man-in-the-middle-attack between the Apple server and the user and therefore possibly allow downloading more malicious software, but with a malicious malware already installed on the Mac, that is unnecessary, as the hacker presumably already has control of the Mac and going through such an exercise is moot.
The articles reporting this imply the token could allow a hacker to gain access to a user's iCloud data, but that is patently false. Even access to the Apple Keychain will not get a user's iCloud password because the password and user account for that are NOT STORED in the keychain. The iCloud token has nothing to do with user data.
In iOS, the vulnerability involves an App downloaded from the App store supposedly masquerading as an App that is authorized to inter-connect with another App to share data by using an Apple URL that is linked for that purpose. . . as if Apple would authorize such an App to be on the Apple iOS App store or remain there after such a malicious activity as stealing data from other Apps was discovered. Such Apps have been attempted to be uploaded and such attempts get their developers a lifetime ban from ever doing development for or with Apple. It's simply NOT going to happen. What they are talking about is taking advantage of Apple's inter-App ability to hand-off data. . . and saying a malicious App could be made to steal the data, if some very unlikely events happened. The researchers claim this is a violation of Apple's own sandboxing. . . yet that is how cooperation between Apps is supposed to work.
Preventing malicious Apps is why Apple's App Stores are curated.
Not with an Apple device, they are not.
Take that up with Digital Trends and their editors. I'm not going to spend my time editing a professional online magazine's content for grammar to pull your cookies out of the fire if you happen to own one of the vulnerable Samsung phones. Get infected for all I care. You'll have brought it on yourself by terminal Grammar snobbery!
Kaspersky just announced early this week that THEY got hacked and someone stole their user database and their backdoor keys! LOL!
This vulnerability on Android is in the OS and downloads automatically because of built-in update routines in the SWIPE keyboard which apparently is routinely checking for new keyboard designs. . . which allows someone to piggyback malware on the download. A firewall won't prevent this. The blessing here is the initial infection has to occur locally from some hacker sharing a WIFI connection spoofing a server.
PS: those irk me too.
Thanks to Swordmaker for the ping!
From TFA:
> ...preinstalled Swift keyboard...
From your comment:
> ...have a SWIPE keyboard...
Are they the same? Not having a Samsung/Android myself...
That’s one of the reasons that the first thing I do with a new phone is root it and remove the bloatware.
those irk me too.If youre not going to use proper English, Im not going to read your article.
My mother was a teacher, her father and sister were teachers, my father was, initially at least, a teacher - and his father, mother, and sister were teachers. So if anyone could be expected to have grammar Nazi tendencies, you would expect it of me. But, two things:BTW, there is a very interesting book on the subject of English spelling,
- I used to be irked when commentators, particularly sports announcers, would say, He did that good. Good is an adjective, not an adverb; only He did that well is correct.
And then one day I heard Dad use good as an adverb. And I thought, If he doesnt retain the distinction, what chance is there that the rest of American culture will retain it??? And I just believe that the answer is, None.
- What with iPhones, etc., spell check is going to corrupt our spelling, especially of homophones such as your and "youre. I think we are just going to suck it up and deal with it.
Spell It Out: The Curious, Enthralling, and Extraordinary Story of English Spelling Dec 2, 2014which discusses the constraints within which the medieval scribes sought to make English spelling logical.Interesting to learn that the Roman alphabet had 24 letters, and that the double U and the j were added in English; the j actually started life as a version of i and somehow turned into a consonant.
Off topic: I just read How the Irish Saved Civilization by Thomas Cahill. It discusses the transition from the Roman Empire to the Medieval order. Heres some of the timeline:
409 - Roman garrison abandons Britain
410 - Goths sack Rome
430 - Death of Augustine (and the fall of his city, which he didnt live to see)
432 - Bishop Patrick arrives in IrelandPatrick is amazingly successful at evangelizing. His acolytes form monasteries, copy books, and seed other monasteries. They then seed monasteries in Northern England, and ultimately France and Italy.461 - Death of Patrick
476 - Rein of the last Roman Emperor ends
At this point not only is the Empire kaput, Christianity in Europe is pretty much the same. The heathens are in charge everywhere, basically. But as a backwater to a backwater (england), Ireland is untouched by the transformation.500 - Brigid founds monastery with a wing for monks and a wing for nuns. Scandalous to Romans.
557 Columcille leaves Ireland, founds monastery on Iona, near Scotland.
590 - Columbanus leaves for Gaul.
782 - Alcuin takes over direction of Charlemagnes Palatine School.At Charlemagnes court an Irishman wrote a compilation of ancient knowledge De mensura Orbis terrae which documents that the flat earth theory was not actually current in Medieval times. (The reason Columbus had a hard time getting his expedition funded was not that people thought that the radius of curvature of the earth was infinite, but that the smart money was on the distance to Asia being pretty much what it actually is. Columbus men were pretty desperate to find land by the time they actually did; imagine the prospect of sailing the whole Pacific without resupply!!)793 - First Viking attack on Irish monastery.Things go downhill for Ireland from then on; the Vikings gradually evicerate Ireland, and centuries later the English pretty much finish the job. But without the Irish influence, Europe would not have been Christian when Islam arrived at the gates - and would have been easy pickings for jihad.
Brain fart on my part. . . LOL! Thanks for catching that. Getting older is the pits. . . and I had another birthday last Saturday. Those damn things just keep coming every year like clockwork, adding more and more brain farts with each one!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.