Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] New Examples of Security Failures in Proprietary Software

  • Subject: [News] New Examples of Security Failures in Proprietary Software
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Tue, 12 Feb 2008 05:56:14 +0000
  • Newsgroups: comp.os.linux.advocacy
  • Organization: Netscape / schestowitz.com
  • User-agent: KNode/0.10.4
Teen hacker re-unlocks Apple's iPhone

,----[ Quote ]
| Last year, 17-year-old Geohot was among the first group of hackers to break 
| Apple's iron-fisted grasp on the iPhone, a coup that won him a Nissan 350Z 
| and 3 8GB iPhones. Apple promptly responded by issuing updated firmware that 
| stymied such efforts. Not only did the updates disable modified phones, 
| effectively turning them into $400 bricks, they also prevented unlocking 
| software from working in many cases. The arms race has persisted ever since.      


Adobe Reader Trojan predates mystery update by two weeks

,----[ Quote ]
| That's a moot point in the case of the Reader vulnerability, because black 
| hat hackers were already ahead of the game. Since January 20, banner ads have 
| been actively serving malicious PDF files that exploit the vulnerability to 
| install the Zonebac Trojan, iDefense reports. The Trojan modifies search 
| results and banner ads, presumably in an attempt to rack up illicit affiliate 
| payments.     
| iDefense reckons the Adobe exploiters are from the same group that used a 
| RealPlayer zero-day exploit to install the same Zonebac Trojan. 


They tried to keep it all secret despite known exploits, which is worse.


Why proprietary code is bad for security

,----[ Quote ]
| Tho Skype is using an encrypted protocol, it’s still their own, non-disclosed 
| code and property. So we don’t know what it contains. 
| [...]
| It’s time to stop accepting that we are the bad guys, and to stop consuming 
| things we just don’t understand (and cannot, because they are proprietary,  
| closed-source systems). 
| Say no to companies, or even governments who treat you like this. Start using 
| open sourced products and protocols wherever you can. Even if you could 
| still never understand the code used in these systems, there are still lots 
| of people who can, and who will examine it. The magic word here is “peer 
| review” - your friend or buddy or neighbour may be able to understand all 
| that, and to help. No, not with Skype or Windows or any black box from Cisco.      


RealPlayer named by StopBadware.org

,----[ Quote ]
| RealPlayer 10.5, it claims, "fails to accurately and completely disclose the 
| fact that it installs advertising software on the user's computer." And 
| RealPlayer 11, it claims, "does not disclose the fact that it installs 
| Rhapsody Player Engine software, and fails to remove this software when 
| RealPlayer is uninstalled." Ryan Lukin, PR manager for RealNetworks, disputed 
| some of the claims.     


New "Free the iPhone" campaign pressures FCC over exclusive deals

,----[ Quote ]
| As controversy continues, the iPhone's exclusive carrier deal with AT&T may 
| fuel a revolt against all exclusive cellphone contracts. And joining the 
| fight is a new web site: Free the iPhone.org.  


iPhone Freed From AT&T, Twice

,----[ Quote ]
| The company will be selling licenses to the hack, minimum quantity 500, at a 
| price not yet announced. These hacks are much bigger news for those outside 
| America. Expect to see an industry spring up to meet European (and Asian?) 
| demand for freed iPhones.   


IPhone Contract Is Long and Legally Murky

,----[ Quote ]
| The bad news: The iPhone contract may not be the last word in overly long and 
| complex user agreements. Terms-of-service contracts promise to grow even more 
| dense, legal experts warn, making them even more difficult to understand than 
| they already are.   


iPhone matures the "free your phone" movement

,----[ Quote ]
| This is why FreeTheIPhone.org project is born, but even better, why OpenMoko 
| project exists. While some are trying to free the locked down device, others 
| are creating a free unlocked device from the start, and a whole software 
| framework to go with it.   


OpenMoko Neo1973 - an open source Linux based iPhone killer in the making ?


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index