http://www.pcworld.com/article/249134/sub_zero_weather_can_your_smartphone_stand_the_cold_.html
Came across this interesting article, while doing some research, my gf is planning on biking to work all winter, ordering studded tires for her Bike this week, and she was wondering about taking her work laptop back and forth that way when it is really cold.
Told her condensation would probably be biggest problem most days she felt like biking in the winter vs taking car.
Seems like that is probably the case, as long as you let device warm to room temperature before using.
I know I have used Feature Phones (aka Dumb Phones) in the past when it was very cold, approaching -40 Fahrenheit/Celsius (-40 is same in either system).
The phone was in my coat or pants pocket, always worked when I needed it to, but I was in and out of the car, so not sure how cold the phone really got then.
Was delivering News Papers on weekend one Fall/Winter, mainly rural and one small town, also burned out tranny in my car with that job busting snowdrifts over the hood of my car!
Wednesday, December 5, 2012
Security & Hacking: Roger Williams' Shorthand from 1600's Cracked
http://www.salon.com/2012/11/30/code_used_by_ri_founding_father_is_finally_cracked/
Roger Williams is a very interesting person from United States history, http://en.wikipedia.org/wiki/Roger_Williams_%28theologian%29, very important in the establishment of Rhode Island (RI), and also the principle of Separation of Church and State.
As an Anthropologist & Historian, definitely adding him to my list of historic people to study, he actually studied Native American languages & culture, and didn't approve of the ways they were treated.
The cracking of his personal Shorthand is an interesting story, if your not familiar with Shorthand see http://en.wikipedia.org/wiki/Shorthand.
Shorthand was used way back in the day, as a way for a skilled person to record spoken words in real time (or near real time).
Then it would normally be converted into standard text by scribes, or after Typewriter was invented, typed up.
Generally copies would be made as well, either by scribes or typewriters, of conventional text/language, not the Shorthand version.
Learning Shorthand is something that has been on my to do list for a long time, even in modern world, I find writing to be better for some tasks.
For one, with Rite In The Rain Spiral Notebook
, and a Pencil or Space Pen
you can easily take notes outside in the rain, or in Shower/Hot Tub for that matter.
Also Shorthand has applications for Low Tech communication methods like Carrier Pigeons, low or even so called "Obsolete" tech can be very useful at times.
Low and/or Obsolete tech often doesn't require power, so can provide limited communications after Natural Disaster or other large disruption to Power Grid and Internet.
Also not vulnerable to same types of intercepts, so if used for regular or frequent communication, requires an attacker to invest in broader amount of attack capability and tools.
Perhaps Peregrine Falcon's to take down the Carrier Pigeons?
Roger Williams is a very interesting person from United States history, http://en.wikipedia.org/wiki/Roger_Williams_%28theologian%29, very important in the establishment of Rhode Island (RI), and also the principle of Separation of Church and State.
As an Anthropologist & Historian, definitely adding him to my list of historic people to study, he actually studied Native American languages & culture, and didn't approve of the ways they were treated.
The cracking of his personal Shorthand is an interesting story, if your not familiar with Shorthand see http://en.wikipedia.org/wiki/Shorthand.
Shorthand was used way back in the day, as a way for a skilled person to record spoken words in real time (or near real time).
Then it would normally be converted into standard text by scribes, or after Typewriter was invented, typed up.
Generally copies would be made as well, either by scribes or typewriters, of conventional text/language, not the Shorthand version.
Learning Shorthand is something that has been on my to do list for a long time, even in modern world, I find writing to be better for some tasks.
For one, with Rite In The Rain Spiral Notebook
, and a Pencil or Space Pen
you can easily take notes outside in the rain, or in Shower/Hot Tub for that matter.
Also Shorthand has applications for Low Tech communication methods like Carrier Pigeons, low or even so called "Obsolete" tech can be very useful at times.
Low and/or Obsolete tech often doesn't require power, so can provide limited communications after Natural Disaster or other large disruption to Power Grid and Internet.
Also not vulnerable to same types of intercepts, so if used for regular or frequent communication, requires an attacker to invest in broader amount of attack capability and tools.
Perhaps Peregrine Falcon's to take down the Carrier Pigeons?
Tuesday, December 4, 2012
Security & Hacking: "SMS Vulnerability in Twitter, Facebook and Venmo"
http://titanous.com/posts/twitter-facebook-venmo-sms-spoofing
Jonathan Rudenberg found SMS Texting vulnerabilities in Twitter, Facebook, and Venmo, he notified all of them of their respective problems.
Unfortunately Twitter has yet to patch this vulnerabilty, though Facebook and Venmo have reportedly dealt with it.
I suggest you make sure you have Twitter Text messaging turned off, should be under settings, then Mobile.
Jonathan Rudenberg found SMS Texting vulnerabilities in Twitter, Facebook, and Venmo, he notified all of them of their respective problems.
Unfortunately Twitter has yet to patch this vulnerabilty, though Facebook and Venmo have reportedly dealt with it.
I suggest you make sure you have Twitter Text messaging turned off, should be under settings, then Mobile.
Security & Hacking: USB Stick Pen Tool that emulates Keyboard
http://www.pcpro.co.uk/blogs/2012/12/04/the-usb-stick-that-turns-into-a-keyboard/
I find this hardware very interesting, I wonder if they got the idea from Yubikey?
http://www.yubico.com/faq/why-does-the-yubikey-act-as-a-keyboard/
Not mentioned in the PC Pro article, but rather in the Yubikey link, it mentions that even USB ports that are shut down to USB flashdrives will run Yubikey, since it looks like a Keyboard to the computer.
I suspect this USB stick hack would work in the same situations, were USB ports are locked down to USB flashdrives, the computer would see a keyboard.
So the hack would still work.
Giving you remote access.
Think Social Engineering attacks, or working as part of cleaning crew, would allow easy placement of device like this.
Speaking of Cleaning Crew or Custodians, how many companies care enough about security to pay good wages to keep good, vetted, in house custodians vs using a contractor?
Or even if they use in house custodians, still tends to be a low pay, low status job, with a lot of turnover, and generally low standards for hire.
I find this hardware very interesting, I wonder if they got the idea from Yubikey?
http://www.yubico.com/faq/why-does-the-yubikey-act-as-a-keyboard/
Not mentioned in the PC Pro article, but rather in the Yubikey link, it mentions that even USB ports that are shut down to USB flashdrives will run Yubikey, since it looks like a Keyboard to the computer.
I suspect this USB stick hack would work in the same situations, were USB ports are locked down to USB flashdrives, the computer would see a keyboard.
So the hack would still work.
Giving you remote access.
Think Social Engineering attacks, or working as part of cleaning crew, would allow easy placement of device like this.
Speaking of Cleaning Crew or Custodians, how many companies care enough about security to pay good wages to keep good, vetted, in house custodians vs using a contractor?
Or even if they use in house custodians, still tends to be a low pay, low status job, with a lot of turnover, and generally low standards for hire.
Security & Hacking: OWASP "Open Web Security Project"
https://www.owasp.org/index.php/Main_Page
If your not already familiar with this resource, and you work in Security and/or Pen Testing, you will want to become familiar with OWASP.
Consider the following, just to start, from https://www.owasp.org/index.php/Category:Principle:
If your not already familiar with this resource, and you work in Security and/or Pen Testing, you will want to become familiar with OWASP.
Consider the following, just to start, from https://www.owasp.org/index.php/Category:Principle:
Some proven application security principles
- Apply defense in depth (complete mediation)
- Use a positive security model (fail-safe defaults, minimize attack surface)
- Fail securely
- Run with least privilege
- Avoid security by obscurity (open design)
- Keep security simple (verifiable, economy of mechanism)
- Detect intrusions (compromise recording)
- Don’t trust infrastructure
- Don’t trust services
- Establish secure defaults (psychological acceptability)
Monday, December 3, 2012
Security & Hacking: "Tumblr worm hitting websites, posting identical message from GNAA"
http://nakedsecurity.sophos.com/2012/12/03/tumblr-worm/
see also http://nakedsecurity.sophos.com/2012/12/03/how-tumblr-worm-worked/
From the second link:
"It appears that the worm took advantage of Tumblr's reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages."
see also http://nakedsecurity.sophos.com/2012/12/03/how-tumblr-worm-worked/
From the second link:
"It appears that the worm took advantage of Tumblr's reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages."
Saturday, December 1, 2012
Subscribe to:
Posts (Atom)