It's doesn't need to be easier or better -- it's just another attack surface that CAN be compromised, meaning that there are plenty of FTP servers out there which are misconfigured and can be used to serve malware. Due to the latency logging in and requesting a file via FTP, no webmaster should purposely configure a site to pull a page's resources from an FTP, so it makes sense to cut it off. As for why it's easier or better, a badly configured FTP server is probably more likely to stay that way because the hackers hide the files and are only using disk space and bandwidth. Something like a CMS will tell you "please update me" every time you log in as admin to patch holes. Your FTP isn't going to tell you that you're a shitty admin.
envion is planning to install sea can mining farms at locations like this. If anyone wants to invest, they are having a token sale right now. https://www.envion.org/en/mobi...
They lost their money, not the users. They can pay it back if they want to. People on reddit are mostly wanting nicehash back because their rigs are sitting idle and not earning anything. People that paid for hashing power are probably pissed, but I don't think you'll see too many people crying on reddit about that.
When mining for them, you can let it collect earned BTC payments in a virtual wallet until you 'withdraw' it, paying a fixed transaction fee that is the lowest once you have 0.15 of BTC -- about $2000. Alternatively, you can let them pay a real external wallet directly, but you have to pay extra fees, will be paid less often, and some of the stats on their web page don't work as well. They talk about sending 1000 BTC or so every Friday which is probably to external wallets only. They also accept bitcoin payments to purchase hashing power. Hopefully, they have just lost a wallet for handling some types of transactions and they have a lot more BTC offline somewhere to cover their internal wallets they pretty much force you to use.
It's all saved on your PC/Mac/USB stick unless you purchase a yearly RoboForm everywhere licence and tell it to sync to the cloud. I think that's the only way to use it from a phone as well.
xPrivacy on my phone shows that Swype did something called "requestLocationUpdates" 10 hours ago. Some other GPS related stuff also happened 10 hours ago. "requestLocationUpdates" is like a subscription, so any app on the phone that stays subscribed to that will get updates whenever the phone OS thinks the location has changed. Since we don't know what parameters this was called with, we can't even say if it's going to trigger GPS to switch on. It probably doesn't, based on my excellent battery life.
no, it's just the default firmware. "Only routers running stock firmware are vulnerable. OpenWRT is not vulnerable to this issue." from the comments on https://isc.sans.edu/forums/di...
Actually, as an experienced MeeGo developer, this just makes me sad because they won't sell one to North Americans. Nokia did this to us with the N9 too, but at least they sent me a developer device. These guys still haven't released the official GSM/LTE frequencies it supports for some stupid reason, so I don't even know if I should bother trying to import one.
Eros is not a rubble pile. I hate quoting wikipedia, but "The asteroid 433 Eros, the primary destination of NEAR Shoemaker, was determined to be riven with cracks but otherwise solid. Other asteroids, possibly including Itokawa, have been found to be contact binaries, two major bodies touching, with or without rubble filling the boundary." http://en.wikipedia.org/wiki/Rubble_pile
The Mandiant report was pretty damning. "In over 97% of the 1,905 times Mandiant observed APT1 intruders connecting to their attack infrastructure, APT1 used IP addresses registered in Shanghai and systems set to use the Simplified Chinese language." Oh, sure, it's probably just random hackers that really like that network...
A "Scam"? Seriously? People with 600+ posts on forums don't post lies for fun, and the 2nd guy replying stating that he got the same email pretty much proves he's not the one getting the email.
So quit saying wp7 / wp8 is "broken". Windows 8 is NOT windows PHONE 8. If you write a windows phone app, it can't modify other app's data or storage. If you use tools to upload or download files (like a database) from the device directly, you still can't touch stuff outside of the folder of your app.
It can run android apks and supports qt/qml and html5, so actually will be one of the easiest devices for developers to target. If they get this OS running on devices other than phones, that's a nice bonus for developers too! I'd say it's already a developers dream since that UI demo was shown on an n950, a devkit thousands of developers already have.
Running, like from a users point of view? Why do they care? It's good for developers, though. There's lots of open source software that expects x11, now to port it all you have to do is change the window size and maybe set a few flags to make it fullscreen. Maybe write a double buffer extension using pixmaps because nokia removed the one that is supposed to be in x11. If you're writing a new app, there's lots of other frameworks available on the n9 that wrap all the x11 stuff away so you never see it, so it's really not that painful. The important thing is we have some options, if Nokia didn't basically tell everyone that this phone was discontinued the minute they shipped it, developers would have invested a lot more in the device. Maemo devices are real 'hacker' devices, I don't know why, but we have unofficial apps and clients for all sorts of things that just don't happen on other platforms.
N9 is still my favorite phone to develop for
on
The Story of Nokia MeeGo
·
· Score: 5, Insightful
The phone itself is running x11 which is really great for porting apps to it. You get to use c++ and the great qt framework and extensions for pretty much everything, with the option of doing the UI in QML (a javascript based framework). You get to use deb packaging which you either know already or doesn't hurt to learn. If you use the qt creator sdk it does all the dirty work for you, but you can develop without it and just use the scratchbox environment instead if you prefer. Services run with upstart. The xterminal and related developer tools are already compiled and hosted in nokia's repositories, one click to install everything. The fcam camera api allows raw shooting and manual aperture and focus. Gnome tracker indexes your messages and music. The nolo bootloader can be set up to dual boot to another OS. I look forward to the new Sailfish OS promised by Jolla, I have faith the guys writing it are the ones behind some of the well designed N9 OS, and won't make it any worse. I tried windows phone 7 and you're not even allowed to run background services, let alone run your own code without paying a $99 fee.
That's why they write a worm to look for that JTAG interface, and hope it arrives at the computer they are programming the firmware on the chips from. Or just find or steal a 'deployed device', it's not like drones and missles aren't launched into enemy territory. Apparently this bug/feature is in ALL Microsemi/Actel hardware, so there's plenty of targets.
From the draft paper's conclusion: We investigated the PA3 backdoor problem through Internet searches, software and hardware analysis and found that this particular backdoor is not a result of any mistake or an innocent bug, but is instead a deliberately inserted and well thought-through backdoor that is crafted into, and part of, the PA3 security system. We analysed other Microsemi/Actel products and found they all have the same deliberate backdoor. Those products include, but are not limited to: Igloo, Fusion and Smartfusion. The PA3 is heavily marketed to the military and industry and resides in some very sensitive and critical products. From Google searches alone we have found that the PA3 is used in military products such as weapons, guidance, flight control, networking and communications. In industry it is used in nuclear power plants, power distribution, aerospace, aviation, public transport and automotive products.
Probably you can just use another dns server like opendns or google, and as an added bonus your browsing will be faster too.
google's are easy to remember: 8.8.8.8 and 8.8.4.4
If you have a router just stick it in there once and you're done.
STUPID
NIGER (the country??)
KOTEX
SEX
VAGINA
TONGUE
SUCK
HOSTAGE
UTERUS
SNIPER
SNOT
SIX SIX SIX (yeah cuz someone is gonna spell out numbers?? why not ban 666 then)
SCREW
SHOWTIME
ROBBER
RETARDED
CRAP
CREAMY
DIKE
DEVIL
DRUNK
GAY
HARDER
JOINT
PEE
PERIOD
OUI
NAKED
NIG
OU812
POOP
PREMATURE
PUSSY CAT
REAR END
SLAVE
STROKE
TROJAN
TWO ON ONE
WUUTANG (???)
WHITE TRASH (is this a problem over there??)
Slashdot Mirror
It's doesn't need to be easier or better -- it's just another attack surface that CAN be compromised, meaning that there are plenty of FTP servers out there which are misconfigured and can be used to serve malware. Due to the latency logging in and requesting a file via FTP, no webmaster should purposely configure a site to pull a page's resources from an FTP, so it makes sense to cut it off.
As for why it's easier or better, a badly configured FTP server is probably more likely to stay that way because the hackers hide the files and are only using disk space and bandwidth. Something like a CMS will tell you "please update me" every time you log in as admin to patch holes. Your FTP isn't going to tell you that you're a shitty admin.
envion is planning to install sea can mining farms at locations like this. If anyone wants to invest, they are having a token sale right now.
https://www.envion.org/en/mobi...
They lost their money, not the users. They can pay it back if they want to.
People on reddit are mostly wanting nicehash back because their rigs are sitting idle and not earning anything.
People that paid for hashing power are probably pissed, but I don't think you'll see too many people crying on reddit about that.
When mining for them, you can let it collect earned BTC payments in a virtual wallet until you 'withdraw' it, paying a fixed transaction fee that is the lowest once you have 0.15 of BTC -- about $2000.
Alternatively, you can let them pay a real external wallet directly, but you have to pay extra fees, will be paid less often, and some of the stats on their web page don't work as well. They talk about sending 1000 BTC or so every Friday which is probably to external wallets only.
They also accept bitcoin payments to purchase hashing power. Hopefully, they have just lost a wallet for handling some types of transactions and they have a lot more BTC offline somewhere to cover their internal wallets they pretty much force you to use.
It's called a telesync, or TS
https://en.wikipedia.org/wiki/...
I just checked and there's plenty of TS releases in the last week.
Is not a criminal act
It's all saved on your PC/Mac/USB stick unless you purchase a yearly RoboForm everywhere licence and tell it to sync to the cloud. I think that's the only way to use it from a phone as well.
xPrivacy on my phone shows that Swype did something called "requestLocationUpdates" 10 hours ago. Some other GPS related stuff also happened 10 hours ago.
"requestLocationUpdates" is like a subscription, so any app on the phone that stays subscribed to that will get updates whenever the phone OS thinks the location has changed. Since we don't know what parameters this was called with, we can't even say if it's going to trigger GPS to switch on. It probably doesn't, based on my excellent battery life.
not on their windows phones with locked bootloaders
no, it's just the default firmware.
"Only routers running stock firmware are vulnerable. OpenWRT is not vulnerable to this issue."
from the comments on https://isc.sans.edu/forums/di...
Actually, as an experienced MeeGo developer, this just makes me sad because they won't sell one to North Americans. Nokia did this to us with the N9 too, but at least they sent me a developer device. These guys still haven't released the official GSM/LTE frequencies it supports for some stupid reason, so I don't even know if I should bother trying to import one.
Eros is not a rubble pile. I hate quoting wikipedia, but "The asteroid 433 Eros, the primary destination of NEAR Shoemaker, was determined to be riven with cracks but otherwise solid. Other asteroids, possibly including Itokawa, have been found to be contact binaries, two major bodies touching, with or without rubble filling the boundary."
http://en.wikipedia.org/wiki/Rubble_pile
The Mandiant report was pretty damning.
"In over 97% of the 1,905 times Mandiant observed APT1 intruders connecting to their attack infrastructure, APT1 used IP addresses registered in Shanghai and systems set to use the Simplified Chinese language."
Oh, sure, it's probably just random hackers that really like that network...
Here's an update:
https://www.mandiant.com/blog/apt1-months-significantly-impacted-active-rebuilding/
Actually, Nokia is dropping support for everything: http://talk.maemo.org/showthread.php?t=88222
A "Scam"? Seriously? People with 600+ posts on forums don't post lies for fun, and the 2nd guy replying stating that he got the same email pretty much proves he's not the one getting the email.
So quit saying wp7 / wp8 is "broken". Windows 8 is NOT windows PHONE 8.
If you write a windows phone app, it can't modify other app's data or storage.
If you use tools to upload or download files (like a database) from the device directly, you still can't touch stuff outside of the folder of your app.
It can run android apks and supports qt/qml and html5, so actually will be one of the easiest devices for developers to target. If they get this OS running on devices other than phones, that's a nice bonus for developers too! I'd say it's already a developers dream since that UI demo was shown on an n950, a devkit thousands of developers already have.
Running, like from a users point of view?
Why do they care?
It's good for developers, though. There's lots of open source software that expects x11, now to port it all you have to do is change the window size and maybe set a few flags to make it fullscreen. Maybe write a double buffer extension using pixmaps because nokia removed the one that is supposed to be in x11. If you're writing a new app, there's lots of other frameworks available on the n9 that wrap all the x11 stuff away so you never see it, so it's really not that painful. The important thing is we have some options, if Nokia didn't basically tell everyone that this phone was discontinued the minute they shipped it, developers would have invested a lot more in the device. Maemo devices are real 'hacker' devices, I don't know why, but we have unofficial apps and clients for all sorts of things that just don't happen on other platforms.
The phone itself is running x11 which is really great for porting apps to it. You get to use c++ and the great qt framework and extensions for pretty much everything, with the option of doing the UI in QML (a javascript based framework). You get to use deb packaging which you either know already or doesn't hurt to learn. If you use the qt creator sdk it does all the dirty work for you, but you can develop without it and just use the scratchbox environment instead if you prefer. Services run with upstart. The xterminal and related developer tools are already compiled and hosted in nokia's repositories, one click to install everything. The fcam camera api allows raw shooting and manual aperture and focus. Gnome tracker indexes your messages and music. The nolo bootloader can be set up to dual boot to another OS. I look forward to the new Sailfish OS promised by Jolla, I have faith the guys writing it are the ones behind some of the well designed N9 OS, and won't make it any worse. I tried windows phone 7 and you're not even allowed to run background services, let alone run your own code without paying a $99 fee.
China is just for R HQ is in finland
https://twitter.com/JollaMobile/status/253408126420779008
all their employees are from finland according to linkedin
http://www.linkedin.com/search/fpsearch?companyId=2649185&sortCriteria=R&keepFacets=&facet_CC=2649185
That's why they write a worm to look for that JTAG interface, and hope it arrives at the computer they are programming the firmware on the chips from. Or just find or steal a 'deployed device', it's not like drones and missles aren't launched into enemy territory. Apparently this bug/feature is in ALL Microsemi/Actel hardware, so there's plenty of targets.
From the draft paper's conclusion:
We investigated the PA3 backdoor problem through Internet searches, software and hardware analysis and found that this particular backdoor is not a result of any mistake or an innocent bug, but is instead a deliberately inserted and well thought-through backdoor that is crafted into, and part of, the PA3 security system. We analysed other Microsemi/Actel products and found they all have the same deliberate backdoor. Those products include, but are not limited to: Igloo, Fusion and Smartfusion. The PA3 is heavily marketed to the military and industry and resides in some very sensitive and critical products. From Google searches alone we have found that the PA3 is used in military products such as weapons, guidance, flight control, networking and communications. In industry it is used in nuclear power plants, power distribution, aerospace, aviation, public transport and automotive products.
Probably you can just use another dns server like opendns or google, and as an added bonus your browsing will be faster too. google's are easy to remember: 8.8.8.8 and 8.8.4.4 If you have a router just stick it in there once and you're done.
STUPID
NIGER (the country??)
KOTEX
SEX
VAGINA
TONGUE
SUCK
HOSTAGE
UTERUS
SNIPER
SNOT
SIX SIX SIX (yeah cuz someone is gonna spell out numbers?? why not ban 666 then)
SCREW
SHOWTIME
ROBBER
RETARDED
CRAP
CREAMY
DIKE
DEVIL
DRUNK
GAY
HARDER
JOINT
PEE
PERIOD
OUI
NAKED
NIG
OU812
POOP
PREMATURE
PUSSY CAT
REAR END
SLAVE
STROKE
TROJAN
TWO ON ONE
WUUTANG (???)
WHITE TRASH (is this a problem over there??)