Lugbz-list December 2011

lugbz-list@lists.lugbz.org

20 participants
12 discussions

Questa sera incontro del LUGBZ alla Forst di Lagundo

by Patrick Ohnewein

Vi confermo che questa sera l'incontro di svolgerà alle ore 20 cirsa presso la Forst di Lagundo. Uno dei temi da discutere è OpenData proposto da Roberto Palmarin e Maurizio Napolitano. Ci vediamo sta sera! Patrick

9 years, 11 months

Intervista con Linus Torvalds su "Die Zeit"

by Pasqualino Imbemba

http://www.zeit.de/digital/internet/2011-11/linux-thorvalds-interview/seite… bye ~ pasquale

11 years, 2 months

Your Smartphone -IS- Spying On You!

by Pfeifer, Erwin

I think it's worth readin' this. Erwin Taken from: <http://www.wservernews.com/> http://www.wservernews.com/ Your Smartphone -IS- Spying On You! There is a process installed on most recent smart phones called Carrier IQ. You cannot stop this process. It looks at what is happening on the phone and sends every button you press to the IQ app. From there, the data - including the content of text messages - is sent to Carrier IQ's servers, in secret. I checked it out on my own HTC Android phone from Sprint and sure enough, it's there. It cannot be turned off without rooting the phone and then replacing the whole OS. Moreover, even if you stop paying for service from your carrier and just use Wi-Fi, your phone still reports to Carrier IQ. Dang! Worse, if you use Google search, and type in a search term, this is supposed to be https, so it should be encrypted. However, the Carrier IQ software sends it over Wi-Fi in cleartext: #DOUBLEFAIL. This particular software is installed on hundreds of millions of handsets, including modern BlackBerry and Nokia phones, and early versions of Apple's iOS, but no one knew about it until Android developer Trevor Eckhart analyzed how it works. Carrier IQ's software is even running on every iOS version dating back to iOS 3, well-known iPhone hacker "Chpwn" said in a blog post. (Apple seem to have woken up with iOS5 where you can turn off Diagnostics and Usage in Settings.) Link to Chpwn here: <http://www.wservernews.com/go/1322990280328> http://www.wservernews.com/go/1322990280328 The software secretly logs pretty much anything that happens on a phone, supposedly for the reason that carriers and phone manufacturers 'can do quality control'. Yeah right, maybe so, but Carrier IQ can be served with subpoenas as well, and then all traffic is right there for Big Brother to be perused. Me no like. And think about compliance for a moment! This thing has a bunch of legal and ethical angles that the lawyers are just going to LOVE. I'm pretty sure the first class action lawsuits are being filed are you read this. I would not be surprised if this will go all the way up to the Supreme Court, it is related to the the Fourth Amendment of the U.S. Constitution: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." Wow, what a privacy and security hole, unbelievable. Below is the 17-min video where he clearly shows what is going on. Eckhart calls it a rootkit, but that is a bit much, though it clearly qualifies as a Backdoor Trojan in my book. Probably CIQ started out with the laudable idea to measure carrier and handset performance. But that is where it went off the rails in a hurry. Using code that acts like a backdoor Trojan is totally the wrong way to do that. I wonder if they heard of the Sony rootkit debacle of 2005? The carriers (and Carrier IQ) have access to Android source code, and apparently they do what they want with it, without Google being able to object. Apple seems to have taken action, caused by user backlash. Google, I suggest you have a look into this... remember 'do no evil'? Ben Scott remarked: "A while ago some people said, "Glad I'm on Verizon!". Then the apparent Verizon reporting was discovered. Other people were saying, "Glad I don't use Android!". Then Symbian and RIM reporting was discovered. Other people said, "Hah hah! Apple would *never* let this happen!" Then the iOS reporting was discovered. There appears to be a trend here." I wonder if the Carriers are in bed with the Feds,and that Law Enforcement is using this. Talk about privacy violations. You can see the video where Eckhart demos what happens on Android. Not that I have anything to hide, but I'm going to root my phone now, or look for some app that rips out CIQ. Video on WIRED: <http://www.wservernews.com/go/1322990470171> http://www.wservernews.com/go/1322990470171 Update: Looks like Eckhart -has- some code that checks for CIQ and disables it. Less time than rooting a phone. Start here: <http://www.wservernews.com/go/1322990482187> http://www.wservernews.com/go/1322990482187

11 years, 4 months

Buone feste

by Scandellari Francesca (A)

Car* tutt*, Vi auguro buone feste e un meraviglioso 2012 che, come tutti sapete, sara' l'ultimo, quindi godetevelo! ;-) Francesca

11 years, 5 months

SFScon

by Tobias Bernard

Hallo Mein Name ist Tobias Bernard, ich wohne in Meran und besuche dort die GOB Fachrichtung Elektronik. Im November war ich mit 2 Mitschülern auf der SFScon und nach der Veranstaltung sprachen wir mit Patrick Ohnewein über eine mögliche Zusammenarbeit bei Projekten im Bereich freie Software, eventuell auch an unserer Schule. Am selben Tag schrieb ich, wie besprochen, eine kurze Email an die Adresse auf seiner Visitenkarte. Da ich bisher keine Antwort darauf erhalten habe und wusste, dass Patrick hier aktiv ist, hielt ich die Mailing List für den besten Ort, um nachzufragen, was daraus geworden ist. Und da eventuelle Projekte sowieso irgendwie mit LUGBZ zu tun hätten, war es auch ein Grund mehr, die Mailing List zu abonnieren :D Tobias Bernard

11 years, 5 months

Linux auf MacBook Pro (7, 1) mit nVidia MCP89 SATA Controller

by Peter Hopfgartner

Hallo Liste, ich versuche gerade das obige Notebook ( http://www.heise.de/mac-and-i/produkte/macbook-13-2-4-ghz-mitte-2010-86/#pr…) als Dual Boot Maschine einzurichten. Allerdings haben sowohl CentOS/Scientific Linux, als auch Ubuntu keine Unterstützung für den nVidai-Chipsatz und daher weder weder CD-Laufwerk noch Festplatten. Hat jemand auf dieser Maschine erfolgreich Linux installiert? Peter

11 years, 5 months

Stasera!

by Daniele Gobbetti

Ciao lista, Purtroppo questa sera non ci sarò, e so per certo che anche Patrick non potrà esserci. Spero che sarà una bella serata per tutti in ogni caso! Ciao, Daniele -- Inviato con un client di posta free ed open source

11 years, 5 months

EU-Kommission setzt auf Open Data...

by Bruno Cadonna

Hallo Liste, Wieder ein Artikel ueber Open Data in der oeffentlichen Verwaltung auf heise http://heise.de/-1393908 Bruno

11 years, 5 months

opengovplatform/opengovplatform - GitHub

by Patrick Ohnewein

Secondo voi puo essere una base interessante anche per stati o citta' Europee? https://github.com/opengovplatform/opengovplatform Patrick

11 years, 5 months

Will your computer's "Secure Boot" turn out to be "Restricted Boot"?

by Davide

http://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/ -- _| _. o _| _ (_| (_| \/ | (_| (/_

11 years, 6 months

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

Lugbz-list December 2011