HTC Android handsets spew private data to ANY app
http://www.theregister.co.uk/2011/10/03/htc_android_security/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: looking for an embedded linux hw.
btw, I found open-rd.org. as far as i see it is a sheeva-plug, and there are both software, hardware schematics etc... i think the seeva-plug derivatives (e.g seagate dockstar) are a subset of that design I saw websites with instructions on how to add anothe GBE or how to add an SD to the Dockstar, taking open-rd.org's schematics ... should be nice of any sheevaplug hacker. erez. On Thu, Sep 15, 2011 at 1:37 PM, Erez D erez0...@gmail.com wrote: Hello We need to design a system, which communicates data at rates of around 30Mbs via ethernet. We are designing the hardware from scratch. I Thought of assembling a board with a processor (which will run linux) and a small fpga. However, I do not want to invent the wheel. don't want to port linux to a new system. don't want to create my own reference design. So i am looking for a reference design for the hardware. and an open source project which will supply the linux system and toolchain. Anybody knows of such a project which both has a hardware reference and toolchain ? Thanks, erez, ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: HTC Android handsets spew private data to ANY app
2011/10/4 sara fink sara.f...@gmail.com: http://www.theregister.co.uk/2011/10/03/htc_android_security/ Hold your breath: http://www.theregister.co.uk/2011/10/04/htc_security_fix/ ;-) -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: looking for an embedded linux hw.
On 09/15/2011 02:37 PM, Erez D wrote: Hello We need to design a system, which communicates data at rates of around 30Mbs via ethernet. We are designing the hardware from scratch. I Thought of assembling a board with a processor (which will run linux) and a small fpga. However, I do not want to invent the wheel. don't want to port linux to a new system. don't want to create my own reference design. So i am looking for a reference design for the hardware. and an open source project which will supply the linux system and toolchain. Anybody knows of such a project which both has a hardware reference and toolchain ? Freescale's iMX53 have a quickstart board sold for about $200 ($150 if you want it without the LCD). It has fully open source Linux, and the schematics are available for download from the FreeScale site (including the source files, in a format whose name I forget). Full toolchain and BSP are available, though, of course, if you replace components, you will need to change the kernel's init code accordingly. This is the bane of all ARM architectures, however, and nothing specific to the iMX brand. It is considerably more powerful than the Sheeva plug, assuming that's of interest to you. Shachar Thanks, erez, ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: HTC Android handsets spew private data to ANY app
Nice. But see this comment: the question is not how long for a fix (although tht's important), it's... #http://forums.theregister.co.uk/post/1190903 Why -and when - did HTC decide to log user activity? Surely that's a breach of privacy? On the other hand, if this is a package that provides user feedback, with the users express permission, why was it unsecured? and 2nd in the original post, htc didn't respond until it was made public. Points to consider. On Tue, Oct 4, 2011 at 5:04 PM, Oleg Goldshmidt p...@goldshmidt.org wrote: 2011/10/4 sara fink sara.f...@gmail.com: http://www.theregister.co.uk/2011/10/03/htc_android_security/ Hold your breath: http://www.theregister.co.uk/2011/10/04/htc_security_fix/ ;-) -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[OT] Re: HTC Android handsets spew private data to ANY app
NB: marked [OT] in subject, I believe in conformance with an earlier discussion on Android topics on Linux-IL (that I am too lazy to dig up a link to in the archives). On Tue, Oct 4, 2011 at 6:29 PM, sara fink sara.f...@gmail.com wrote: Why -and when - did HTC decide to log user activity? Surely that's a breach of privacy? Not in itself. It's logged locally, on your device And it is not particularly unusual. The problem is that the context is different from what we (Linux users) are used to. Any system records user activity. UNIX/Linux has logs, last(1), shell history, process audit, etc., etc. Your browser has a history. One can go on and on. We all hope that a random user level application does not collect information from those logs and send it to the internet. In some cases it is forbidden by security measures (e.g., /var/log/messages cannot be read by applications without privileges). In some cases, the only recourse is audit (by whatever means necessary) or trust. Assume you install a binary application written by John Q. Malicious (or Skype/Microsoft, just to stir things up a bit :) - as a regular user. And you run it as you. Nothing (nothing a casual user is capable of, that is) will prevent this application from reading your shell command history, browser cookies and history, your ~/.ssh/id_rsa, etc. All of those are readable by you, and by running the application you gave it your credentials. If it sends packets to the internet without you noticing it, it's your problem. if your computer is employer-provided and you are clueless then you installing random software on it is the sysadmin's headache. The problem with smartphones that some sensitive information is available to regular users. When you install Android applications, you are supposed to check what facilities it can access. E.g., a reminder application has a reasonable need to access your contacts (you want to look up a contact when making a reminder to call him) and phone state (don't interrupt phone calls, light up the display if it is dark, etc.). It probably does not need to access internet. Did it ask at installation time? Did you say yes? Have you checked that it doesn't, in fact, access the internet and send all your contacts to telemarketing providers or to Hezballah? If this is a package that provides location information to something like Waze needs to access the network and your location info. If you install and enable it it is assumed you understand the risks. The problem with (some) HTCs was that it opened the logs to everyone regardless of permissions (if I understood correctly). A related problem is that so many apps are ad-funded (which is not common on Linux) and thus request internet access - to get the ads - that they wouldn't need otherwise. And people used to installing stuff by clicking next repeatedly don't stop and think. Oh, and something named androidvncserver.apk and installed by default by HTC does look scary... -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
New (First!) smart phone (OT_
As per Subject, this is my first smart phone, and I am engaged in trying to discover if I myself as smart as it is; the outlook is bleak. More than it should be because the documentation seems to be written for a reader who already knows the score and needs only a bit of memory nudging to recall the drill. As OT as this is, I hope I can ask here for answers to a few questions. The instrument is HTC Aria. The two questions that are bugging me at the moment are: 1) The on-screen keyboard for writing messages defeats me, because the keys are absurdly narrow, certainly more so than my fingers, and there is absolutely no chance that I would ever be able to peck out even a short coherent message with them. This suggests that there must be a way to type with a stylus, rather then directly with fingers. I have tried to use objects made of various materials, but so far nothing works. How do people type on these things? 2) I succeeded in telphoning to a friend this evening, to his land-line phone. For a while, the sound I got was quite good and distinct, but after a bit, it began to fade in and out, so that cconversation became intermittent and impossible. There is a cell-phone tower less than a kilometer away from my home. Is this the level of service that I have to look forward too? The fading suggests that the communication may be affected by passing vehiles; is this possiblle over such a short distance? -- Stan Goodman Qiryat Tiv'on Israel ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: New (First!) smart phone (OT_
Welcome to the world of the cellular. First - there are various keyboards available for the device. Their key size might differ, layout might differ, and ease of use, for you in person, would differ as well. About stylus - you will need a device designed for capacitive screen. Although I am not familiar with your device in particular, most devices today are capacitive, meaning they react to the human electrical charge, our something like that. You can purchase such a device for very cheap at deal extreme, or for very expensive in Israel. Service quality differ depending on many factors. Usually, passing cars are not part of them. It could be that your friend's land line phone was a wireless one, and it's all his fault. Could be that you are in the area of overlapping cellular antennas, and your call switched between cells. Try to wait before judging the system just a little while. Most people do not feel that land lines are superior compared to cellular communication. This could be because, from the perspective of the caller - it is not. Good luck and enjoy your new device. Ez On Oct 4, 2011 11:28 PM, Stan Goodman stan.good...@hashkedim.com wrote: As per Subject, this is my first smart phone, and I am engaged in trying to discover if I myself as smart as it is; the outlook is bleak. More than it should be because the documentation seems to be written for a reader who already knows the score and needs only a bit of memory nudging to recall the drill. As OT as this is, I hope I can ask here for answers to a few questions. The instrument is HTC Aria. The two questions that are bugging me at the moment are: 1) The on-screen keyboard for writing messages defeats me, because the keys are absurdly narrow, certainly more so than my fingers, and there is absolutely no chance that I would ever be able to peck out even a short coherent message with them. This suggests that there must be a way to type with a stylus, rather then directly with fingers. I have tried to use objects made of various materials, but so far nothing works. How do people type on these things? 2) I succeeded in telphoning to a friend this evening, to his land-line phone. For a while, the sound I got was quite good and distinct, but after a bit, it began to fade in and out, so that cconversation became intermittent and impossible. There is a cell-phone tower less than a kilometer away from my home. Is this the level of service that I have to look forward too? The fading suggests that the communication may be affected by passing vehiles; is this possiblle over such a short distance? -- Stan Goodman Qiryat Tiv'on Israel ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: New (First!) smart phone (OT_
The keyboard tried to guess what key you intended to press to compensate for the small keys. Once you learn how to aim it gets more tolerable. In most screens you can rotate the device to type in landscape mode which gives you a bigger keyboard. There is also a spell checker that tries to auto-correct spelling mistakes to compensate as well, it can cause some embarrassing results though, so be careful. http://damnyouautocorrect.com/ As for fade out, can't be cars AFAIK. Either you moved around and a wall blocked the reception, or you friend used a wireless phone and moved around and a wall did the same for him, or he just got too far from the cradle. Alternately, if he is using an IP based service (012), it could be network problems, or if he is on hot, I used to have that every winter. On 05-Oct-11 1:09, Etzion Bar-Noy wrote: Welcome to the world of the cellular. First - there are various keyboards available for the device. Their key size might differ, layout might differ, and ease of use, for you in person, would differ as well. About stylus - you will need a device designed for capacitive screen. Although I am not familiar with your device in particular, most devices today are capacitive, meaning they react to the human electrical charge, our something like that. You can purchase such a device for very cheap at deal extreme, or for very expensive in Israel. Service quality differ depending on many factors. Usually, passing cars are not part of them. It could be that your friend's land line phone was a wireless one, and it's all his "fault". Could be that you are in the area of overlapping cellular antennas, and your call switched between cells. Try to wait before judging the system just a little while. Most people do not feel that land lines are superior compared to cellular communication. This could be because, from the perspective of the caller - it is not. Good luck and enjoy your new device. Ez On Oct 4, 2011 11:28 PM, "Stan Goodman" stan.good...@hashkedim.com wrote: As per Subject, this is my first smart phone, and I am engaged in trying to discover if I myself as smart as it is; the outlook is bleak. More than it should be because the documentation seems to be written for a reader who already knows the score and needs only a bit of memory nudging to recall the drill. As OT as this is, I hope I can ask here for answers to a few questions. The instrument is HTC Aria. The two questions that are bugging me at the moment are: 1) The on-screen keyboard for writing messages defeats me, because the "keys" are absurdly narrow, certainly more so than my fingers, and there is absolutely no chance that I would ever be able to peck out even a short coherent message with them. This suggests that there must be a way to type with a stylus, rather then directly with fingers. I have tried to use objects made of various materials, but so far nothing works. How do people type on these things? 2) I succeeded in telphoning to a friend this evening, to his land-line phone. For a while, the sound I got was quite good and distinct, but after a bit, it began to fade in and out, so that cconversation became intermittent and impossible. There is a cell-phone tower less than a kilometer away from my home. Is this the level of service that I have to look forward too? The fading suggests that the communication may be affected by passing vehiles; is this possiblle over such a short distance? -- Stan Goodman Qiryat Tiv'on Israel ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il