We're often told that having a kill switch in our mobile devices —
mostly our smartphones — is a good thing.
At a basic level, that's hard
to disagree with. If every mobile device had a built-in kill switch,
theft would go down — who would waste their time over a device that
probably won't work for very long?
Here's where the problem lays: It's
law enforcement that's pushing so hard for these kill switches.
We first
learned about this last summer, and this past May, California passed a
law that requires smartphone vendors to implement the feature.
In
practice, if a smartphone has been stolen, or has been somehow
compromised, its user or manufacturer would be able to remotely kill off
its usability, something that would be reversed once the phone gets
back into its rightful owner's hands.
However, such functionality should be limited to the device's owner, and no one else.
If the owner can disable a phone with nothing but access to a computer
or another mobile device, so can Google, Samsung, Microsoft, Nokia or
Apple. If the designers of a phone's operating system can brick a phone,
guess who else can do the same?
Everybody from the NSA to your friendly
neighborhood police force, that's who. At most, all they'll need is a
convincing argument that they're acting in the interest of "public
safety."
And we all know how that will play out...
***
The keepers of Tor commissioned a study testing the defenses and viability of their Firefox-based browser as a privacy tool.
The results
(PDF) were a bit eye-opening since the report's recommendations don't
favor Firefox as a baseline for Tor, rather Google Chrome.
But Tor's
handlers concede that budget constraints and Chrome's limitations on
proxy support make a switch or a fork impossible.
Oh well...
***
Researchers from UC San Diego, University of Michigan, and Johns
Hopkins say they've found security vulnerabilities in full-body
backscatter X-ray machines deployed to U.S. airports between 2009 and
2013.
In lab tests, the researchers were able to conceal firearms and plastic explosive simulants from the Rapiscan Secure 1000 scanner,
plus modify the scanner software so it presents an "all-clear" image to
the operator even when contraband was detected.
"Frankly, we were
shocked by what we found," said lead researcher J. Alex Halderman. "A
clever attacker can smuggle contraband past the machines using surprisingly low-tech techniques."
***
Researchers will demonstrate the process used to spy on smartphones using gyroscopes
at Usenix Security event on August 22, 2014.
Researchers from Stanford
and a defense research group at Rafael will demonstrate a way to spy on
smartphones using gyroscopes at Usenix Security event on August 22, 2014.
According to the "Gyrophone: Recognizing Speech From Gyroscope Signals"
study, the gyroscopes integrated into smartphones were sensitive enough
to enable some sound waves to be picked up, transforming them into
crude microphones.
***
China's Ministry of Agriculture has decided not to renew biosafety certificates
that allowed research groups to grow genetically modified (GM) rice and
corn.
The permits, to grow two varieties of GM rice and one transgenic
corn strain, expired on 17 August.
The reasoning behind the move is not
clear, and it has raised questions about the future of related research
in China.
***
No comments:
Post a Comment