The bigger question is - what's a good bug detector nowadays! The sub-$100 are worthless, and the over $1k models - who can really tell what's good and what's not?
They argued against it in the beginning. I remember reading about those idiots, and even now, there are people who'd use those arguments. They need to be loudly and derisively laughed at.
Just like how banking laws would make bankers less cautious, causing the 2007 financial disaster. We should make banking safer by removing all banking laws...
Oh wait. NO! You are a FUCKING IDIOT if you claim helmets make bikers less cautious. Just like those idiots who claim seat belts causes more deaths.
You have never heard of newegg or amazon? I just did a quick search on newegg and found 802.11ac cards as low as $40 Not MIMO, but I'm sure you can find something for a bit more.
I never said cheapest. If you are interested in setting up a home network, securely. For less than $200, you can have a soekris box (http://soekris.com/products/net4501-1.html) and you're good to go. If you need extra ports, you can always get a switch.
Also, there is a cost to learning, and that is time and effort. If you are not willing to take the time and spend the effort to do things securely and you come to slashdot bitching about it, perhaps you do deserve to get pwned.
You understand that most of the botnets out there are the result of someone clicking on a link and visiting a site that had malicious code embedded in it (ActiveX/JavaScript)?
While JavaScript might not natively be able to send a hand crafted magic packet, it can *take over your system* - which then allows it to download and install rootkits and other stuff - one of which can doing the magic packet tickling.
You said:
Yes, this stuff should be better protected, but it's not necessarily a vulnerability.
*AND YOU ARE VERY VERY WRONG* I want to say this in the nicest way I can - if you are propagating wrong information, you should be stopped. If you think you are correct, you need to be corrected. If you think this is being a dick, I apologize, but you are still wrong, and you are still spreading bad information. Learn and improve your knowledge. Think things through.
Think about it - the programmers who should know better thought the same as you. And as a result, now millions of routers are vulnerable, and open to being exploited. Every week, we see tons of news about basic infrastructure being insecure. Because no one said "that's a fucking stupid idea, don't do it" because saying that means they're being a dick.
Oh wow. Your inside network doesn't touch the outside network? You don't visit websites? You do not run javascript on your browsers? You personally scan each piece of javascript to make sure it cannot get your IP address (yes it can), your gateway (yes it can) and send packets to your gateway (yes it can)?
Seriously, if you don't know what you're talking about, lurk and learn.
And default username/passwords means that malicious javascript can be very very simple indeed.
Your kind of thinking is why we have so much insecurity on the Internet. Please update and upgrade your skills.
You mean like how any web page with javascript? It's not that difficult to get $ethX and get the gateway, which will probably be the router. Ooops, it's now fully available to the attacker on the outside world.
You are missing the original point aren't you? This isn't about forcing the password out of you. This is about the NSA installing backdoors in your phone without your knowledge.
I pointed out one way this is prevented in iOS from iPhone 3GS onwards, by default, and is not enabled by default in Android - in fact, most Android users don't even know it is available.
You went off on an entirely different tangent. Nice straw man.
Removing malware is a good thing. Removing things you disagree with, previously bought, is not a good thing.
The OP's Asian Boobs falls into the second category. It appears that Apple does not remove it from your account/device if it falls into the second category.
You are embarrassed to post under your real name aren't you, posting a bunch of strawmens and then shooting them down. I like all your ifs and buts and thens.
And redirecting attention away from a vulnerability that is current *OPEN* on a default Android, away from a supposed vulnerability in iOS.
As I had to point out to other people. This was from 2008. The original iPhone, and maybe the iPhone 3G. Do you know what that means? Those did not come with encryption. iPhone 3GS and onwards had encryption. I forgot if the hardware encryption was built in to the 3GS or started with the 4, but it's there.
Do you know what that means? The original iPhone could be mounted as a disk, and everyone knows what happens when you have physical access to a system, and it doesn't have full disk encryption - you get to screw with the file system, and install shit.
What happens on the iPhones with encryption (that is always enabled if you have a passcode - actually it is always enabled, but if you don't have a passcode, it just passes it through)? Even if you have hardware access, you do not have the ability to drop files and screw with it.
The bigger question Android users should ask themselves - why do Androids not come with full device encryption enabled by default? Why are Androids, by default, still vulnerable to the kind of attack that Apple fixed in 2009?
And please don't tell me Android v4 have full device encryption. That's a joke. It takes 45 minutes to enable encryption on my Nexus 4. You have to login twice after a reboot to use your phone. And the encryption is already broken - just ask Cellebrite - they proudly tell you they can do forensics on encrypted Android image.
My phone is higher res, and I can still see the pixels.
Time to visit a doctor to get on medication to stop these hallucinations!
And please don't give me the bullshit about needing high end GPUs to run 1600x1280 - 15 years ago, my Matrox Millenium was already driving my 1600x1280 CRT.
Slashdot Mirror
And the hundreds of millions of iOS users don't see that as a problem, and neither do Nexus and some of the Android users.
What was your point again?
The bigger question is - what's a good bug detector nowadays! The sub-$100 are worthless, and the over $1k models - who can really tell what's good and what's not?
Your mistake is in using common sense to respond to AC.
Remember, common sense is not that common...
They argued against it in the beginning. I remember reading about those idiots, and even now, there are people who'd use those arguments. They need to be loudly and derisively laughed at.
Just like how banking laws would make bankers less cautious, causing the 2007 financial disaster. We should make banking safer by removing all banking laws...
Oh wait. NO! You are a FUCKING IDIOT if you claim helmets make bikers less cautious. Just like those idiots who claim seat belts causes more deaths.
You have never heard of newegg or amazon? I just did a quick search on newegg and found 802.11ac cards as low as $40 Not MIMO, but I'm sure you can find something for a bit more.
Shit. I could buy an Apple AirPort Time Capsule with 2TB storage for $299. It also comes with 802.11ac
Are you really that stupid?
Seeing that it actually drives it at the higher resolution, and seeing that I have used one at higher resolution, you're full of shit.
But we already established that earlier.
Sure. Why not.
I never said cheapest. If you are interested in setting up a home network, securely. For less than $200, you can have a soekris box (http://soekris.com/products/net4501-1.html) and you're good to go. If you need extra ports, you can always get a switch.
Also, there is a cost to learning, and that is time and effort. If you are not willing to take the time and spend the effort to do things securely and you come to slashdot bitching about it, perhaps you do deserve to get pwned.
You understand that most of the botnets out there are the result of someone clicking on a link and visiting a site that had malicious code embedded in it (ActiveX/JavaScript)?
While JavaScript might not natively be able to send a hand crafted magic packet, it can *take over your system* - which then allows it to download and install rootkits and other stuff - one of which can doing the magic packet tickling.
You said:
Yes, this stuff should be better protected, but it's not necessarily a vulnerability.
*AND YOU ARE VERY VERY WRONG* I want to say this in the nicest way I can - if you are propagating wrong information, you should be stopped. If you think you are correct, you need to be corrected. If you think this is being a dick, I apologize, but you are still wrong, and you are still spreading bad information. Learn and improve your knowledge. Think things through.
Think about it - the programmers who should know better thought the same as you. And as a result, now millions of routers are vulnerable, and open to being exploited. Every week, we see tons of news about basic infrastructure being insecure. Because no one said "that's a fucking stupid idea, don't do it" because saying that means they're being a dick.
Oh wow. Your inside network doesn't touch the outside network? You don't visit websites? You do not run javascript on your browsers? You personally scan each piece of javascript to make sure it cannot get your IP address (yes it can), your gateway (yes it can) and send packets to your gateway (yes it can)?
Seriously, if you don't know what you're talking about, lurk and learn.
And default username/passwords means that malicious javascript can be very very simple indeed.
Your kind of thinking is why we have so much insecurity on the Internet. Please update and upgrade your skills.
You mean like how any web page with javascript? It's not that difficult to get $ethX and get the gateway, which will probably be the router. Ooops, it's now fully available to the attacker on the outside world.
so? buy your own small box and install openbsd. any x-86/alpha/sparc will do. People still run it on pentium-2 class machines or smaller.
Basically the cheapest you can find is good enough, for home use as a router/firewall/etc.
Like others, the only box between my fios connection and my network is my openbsd box. If you don't know how, well, time to learn, little grasshopper.
I could have sworn a number of hacks against contactless credit cards have been demonstrated?
How does it protect against inadvertent charges or someone copying data off the cards in my wallet by waving a reader near my wallet?
If I misread you, apologies. And yes, they all suck in different ways.
I was just pointing out that this particular suckitude doesn't exist any more on iOS, and still exists on default Androids-fresh-from-factory.
So? Apple's 13" MacBook Pro Retina does not have a discrete GPU and only uses the Intel integrated GPU and seems to work pretty well.
You are missing the original point aren't you? This isn't about forcing the password out of you. This is about the NSA installing backdoors in your phone without your knowledge.
I pointed out one way this is prevented in iOS from iPhone 3GS onwards, by default, and is not enabled by default in Android - in fact, most Android users don't even know it is available.
You went off on an entirely different tangent. Nice straw man.
Removing malware is a good thing. Removing things you disagree with, previously bought, is not a good thing.
The OP's Asian Boobs falls into the second category. It appears that Apple does not remove it from your account/device if it falls into the second category.
Is that a good thing, or a bad thing?
You are embarrassed to post under your real name aren't you, posting a bunch of strawmens and then shooting them down. I like all your ifs and buts and thens.
And redirecting attention away from a vulnerability that is current *OPEN* on a default Android, away from a supposed vulnerability in iOS.
Champion debating skills here I see.
As I had to point out to other people. This was from 2008. The original iPhone, and maybe the iPhone 3G. Do you know what that means? Those did not come with encryption. iPhone 3GS and onwards had encryption. I forgot if the hardware encryption was built in to the 3GS or started with the 4, but it's there.
Do you know what that means? The original iPhone could be mounted as a disk, and everyone knows what happens when you have physical access to a system, and it doesn't have full disk encryption - you get to screw with the file system, and install shit.
What happens on the iPhones with encryption (that is always enabled if you have a passcode - actually it is always enabled, but if you don't have a passcode, it just passes it through)? Even if you have hardware access, you do not have the ability to drop files and screw with it.
The bigger question Android users should ask themselves - why do Androids not come with full device encryption enabled by default? Why are Androids, by default, still vulnerable to the kind of attack that Apple fixed in 2009?
And please don't tell me Android v4 have full device encryption. That's a joke. It takes 45 minutes to enable encryption on my Nexus 4. You have to login twice after a reboot to use your phone. And the encryption is already broken - just ask Cellebrite - they proudly tell you they can do forensics on encrypted Android image.
So - Android users - why do you settle for less?
And changing the argument?! You originally said:
My phone is higher res, and I can still see the pixels.
Time to visit a doctor to get on medication to stop these hallucinations!
And please don't give me the bullshit about needing high end GPUs to run 1600x1280 - 15 years ago, my Matrox Millenium was already driving my 1600x1280 CRT.
*shrug* There were a large number of complaints on slashdot itself. I know Dell and Lenovo did not offer them at one point because I went looking.
I guess a whole bunch of slashdotters and even Linus Torvalds must have lived in a remote country with very bad access to laptops.