Information Security

Say GDP-Aaargh, streamers: Max Schrems is coming for you, Netflix and Amazon

The Register - 26 min 4 sec ago
Apple and others also in firing line as complaints filed

Streaming services aren't complying with EU data protection law - namely the General Data Protection Regulation's right of access - according to a fresh suite of complaints aimed at the likes of Netflix, Amazon and Spotify.…

Is listening for Intents batteryfriendly?

Hey i wondered if i set up a profile which listens for broadcast intents has a big impact on battery life. For example i want to monitor if my Wifi connection changes.

I could do that with a timed profile:

trigger task which checks %WIFII every 10 min or so.

Or:

wait for intent android.net.wifi.STATE_CHANGE and then trigger a task wich checks %WIFII.

I would guess the intent way is better, because with the first method running a task every 10 min does WAKE the device if im right and for the second, the Intents are send by the system anyway, so why dont catch them...???

Or does the benefit go away because tasker has to monitor the broadcast intents?

submitted by /u/bastiman1
[link] [comments]

Microsoft partner portal 'exposes 'every' support request filed worldwide' today

The Register - 1 hour 9 min ago
No customer data visible but hell's bells, Redmond, what have you borked now?

Exclusive Alarmed Microsoft support partners can currently view support tickets submitted from all over the world, in what appears to be a very wide-ranging blunder by the Redmond-based biz.…

Vodafone signs $550m deal with IBM to offload cloud biz

The Register - 1 hour 41 min ago
Up to 750 staff transferring to Big Blue. Good luck people... you might need it

Vodafone is offloading its cloud and hosting unit to IBM in a $550m eight-year outsourcing deal that will include up to 750 staff packing their bags as they're sent off to new employer Big Blue, sources say.…

Black Horse slowed down: Lloyds Banking Group confirms problem with 'Faster' payments

The Register - 2 hours 14 min ago
Friday morning is an ideal time for transfers to have a glitch, agree customers

Lloyds and Halifax bank customers have been warned not to make repeat transactions as the group grapples with a technical glitch with Faster Payments.…

Enpass password manager update costs users their data, ignored in their forums

Android - 2 hours 15 min ago

This post is intended as a PSA to anyone who is currently an Enpass user or looking for a password manager (which I still think you should use, despite the problems that I've had with this application and it's team, password managers are clearly the best way to secure your data). I used to champion this application because it is a secure, local solution to storing passwords on your devices that doesn't hook into a remote database so that it can't be compromised in a data breach for example.

However, recently they pushed version 6 to the Play Store and automatic updates have cost me and several other users all of our passwords and data. To explain, for a couple of years there have been two ways to authenticate with this application: your master password and your fingerprint. I, and several other users have used our fingerprints for so long that we have forgotten our master passwords. When Enpass updated their application they removed the ability to unlock the application with one's fingerprint and thereby locked a number of their users out of their data with no workaround. Basically, one day fingerprints are a login option, the next day they aren't. No warning preceded this update (no banner released in the application informing users of the upcoming release and the changes that it would bring, for instance, or contact email).

Several users have contacted them in their forums and after blaming their users for forgetting their passwords and taking no ownership of the fact that they removed an authentication option from their users phones they have turned to completely ignoring their posts. A user should only use an application of this nature with complete trust in the development team behind it. Unfortunately, despite being entirely within the development team's capabilities to release another update restoring fingerprint access to their users data they have chosen to ignore the problem and hope it goes away. I'm hoping that even though it is very unlikely I will ever get my data back that at least I can help spread the word about this company to prevent others from making the same mistake and trusting them with their data.

submitted by /u/mw9676
[link] [comments]

Lords of the DNS remind admins about Flag Day, Juniper likes Watson and more

The Register - 2 hours 52 min ago
PING, PING, PING … it's your networking roundup for the week

Roundup To cure some persistent security, implementation, and performance problems in the Domain Name System, the lords of the DNS have proclaimed older implementations as end of life.…

Ben Heck Can Program The Smallest Microcontroller

Hack a Day - 2 hours 56 min ago

Microcontrollers are small, no one is arguing that. On a silicon wafer the size of a grain of rice, you can connect a GPS tracker to the Internet. Put that in a package, and you can put the Internet of Things into something the size of a postage stamp. There’s one microcontroller that’s smaller than all the others. It’s the ATtiny10, and its brethren the ATtiny4, 5, and 9. It comes in an SOT-23-6 package, a size that’s more often seen in packages for single transistors. It’s not very capable, but it is very small. It’s also very weird, with a programming scheme that’s not found in other chips from the Atmel/Microchip motherbrain. Now, finally, we have a great tutorial on using the ATtiny10, and it comes from none other than [Ben Heck].

The key difference between the ATtiny10 and other AVRs is that the tiny10 doesn’t use the standard AVR ISP protocol for programming. Instead of six pins for power, ground, MISO, MOSI, SCK, and RST, this is a high-voltage programming scheme that needs 12 Volts. The normal AVR programmer can do it, but you need to build an adapter. That’s exactly what [Ben] did, using a single-sided perf board, a lot of solder, and some headers. It looks like a lot, but there’s really not much to this programmer board. There’s a transistor and an optocoupler. The only thing that could make this programmer better is an SOT-23 ZIF socket. This would allow bare tiny10s to be programmed without first soldering them to a breakout board, but ZIF sockets are expensive to begin with, and the prices on SOT-23 sockets are absurd.

Programming the device was a matter of loading Atmel Studio and going through the usual AVR rigamarole, but Ben was eventually able to connect a light sensor to the tiny10 and have it output a value over serial. This was all done on a device with only 32 Bytes of RAM. That’s impressive, and one of the cool things about the smallest microcontroller you can buy.

Lawyers' secure email network goes down, firm says it'll take two weeks to restore

The Register - 3 hours 32 min ago
And could wipe users' inboxes during that fortnight of faffery

Barristers and court prosecutors have been left scratching their heads this morning after Egress Technologies' CJSM email system went down – with the firm saying it could take up to a fortnight to fully restore it.…

How to hack LUKS-encrypted device

Your hacking tutorial - 3 hours 43 min ago

Hi!

I've forgotten my password. Or not entirely actually, I think I remember it but it doesn't work so I don't remember it correctly.

Now I'm trying to bruteforce the device. I'm sure my password is mostly correct. How can I use my mostly correct password to help with the bruteforcing? Brutefoce-luks doesn't seem to be able to do that.

submitted by /u/love_is_not
[link] [comments]
Categories: Information Security

Help

Cryptography - 3 hours 58 min ago

How should i get into cryptography

submitted by /u/LtErikson
[link] [comments]
Categories: Information Security

I used to be a dull John Doe. Thanks to Huawei, I'm now James Bond!

The Register - 4 hours 31 min ago
We'll know for sure when Huawei reveals a shoe-shaped smartphone

Something for the Weekend, Sir? The name's McLeod. Alessandro McLeod. I am a spy for the secret services.…

At 900k lines of code, ONOS is getting heavy. Can it go on a diet?

The Register - 5 hours 4 min ago
'Net greybeard Douglas Comer talks SDN with El Reg

Interview Software Defined Networking (SDN) has changed the landscape of networking, but along the way it has created its own problems. Doug Comer of Purdue University thinks disaggregating SDN controllers like the Open Source Network Operating System (ONOS) could be a way forward.…

Pages