This post is presented because of the many of us who connect our smartPhones/smartTablets to our PUP PCs, thanks in part to the services PUP has advanced for our benefit over the past couple of years.
This report has just been released. It cautions users with smartPhones/smartTablets. The reports targets Android and specifically Chrome, but, stepping back, I am sure all of us can see that it is NOT limited to just that. If invades into your smartDevice by some human action unaware of its consequences. The screens to cause an inadvertent action can be confused by the options that are given to the users. This is exactly the same mechanism used when an errant email in clicked, inadvertently, by the user. Or any malware pops, we've all seen, over our years of use.
The title of the article misguides, as this is much more universal than the limited browser they target.
The report seemingly smacks right at the kind of things that central governments "can-do" or do with their private citizenry. And leads right into this NEXT report. I find this report interesting as Snowden has already shared that they are already doing this.
Surveillance and over-the-top use is the era we are now aware of. And, there is a growing public perception that if you are hiding yourself from your government, you MUST be involved in criminal activity.
Shocking, IMHO, that large swatches of public are buying in to governmental surveillance.
Eyes open, but ...
Important: Using your smartPhone on your PUP network
-
LazY Puppy
- Posts: 1934
- Joined: Fri 21 Nov 2014, 18:14
- Location: Germany
It's the same old game - just with a new set of words:And, there is a growing public perception that if you are hiding yourself from your government, you MUST be involved in criminal activity.
- you don't drink beer? Ahh, Ok: you must be a drug abuser.
- you don't drive a car? Ahh, Ok: you must be a militant bicycle rider.
- you don't have a smart phone? Ahh, Ok: you must be old fashioned.
- you accept Copyrights? Ahh, Ok: you must be a copyright Nazi.
- you don't have a Girlfriend for years? Ahh, Ok: you must be homosexual.
etc.pp. etc.pp. etc.pp.
RSH
"you only wanted to work your Puppies in German", "you are a separatist in that you want Germany to secede from Europe" (musher0) :lol:
No, but I gave my old drum kit away for free to a music store collecting instruments for refugees! :wink:
"you only wanted to work your Puppies in German", "you are a separatist in that you want Germany to secede from Europe" (musher0) :lol:
No, but I gave my old drum kit away for free to a music store collecting instruments for refugees! :wink:
-
perdido
- Posts: 1528
- Joined: Mon 09 Dec 2013, 16:29
- Location: ¿Altair IV , Just north of Eeyore Junction.?
snippett from 1st article link in OP.
Device would have to be rooted to gain admin privledges, no? Seems to me the article may be partly fact and partly fiction though I agree it is wise not to install software willy-nilly.
The second article linked purports there are still legal hurdles preventing data hacking by FBI/USA/NSA/CIA, when in fact there are none as the law does not apply to three letter agencies. USA govt. is a criminal enterprise that fits perfectly the description of "racketeering".
Both articles approaches and warnings are similar. We are all seemingly just one click away from being compromised by the pot or the black kettle, that is if we have not already been. Do any of us know for certain we are not already compromised? Even the FBI director has a piece of tape over his laptop camera lens.
.
Code: Select all
Users who download the fake Android application package - titled "Update_chrome.apk" - are prompted to allow the malware to gain administrative access to their phone and in doing so, unwittingly infect their device. The second article linked purports there are still legal hurdles preventing data hacking by FBI/USA/NSA/CIA, when in fact there are none as the law does not apply to three letter agencies. USA govt. is a criminal enterprise that fits perfectly the description of "racketeering".
Both articles approaches and warnings are similar. We are all seemingly just one click away from being compromised by the pot or the black kettle, that is if we have not already been. Do any of us know for certain we are not already compromised? Even the FBI director has a piece of tape over his laptop camera lens.
.
I don't know... does Lookout count?
We've bought... oh, six Android devices (one tablet, the rest phones) in the last five years, more or less, and all of them had Lookout preinstalled.
Lookout Security & Antivirus - Android Apps on Google Play
We've bought... oh, six Android devices (one tablet, the rest phones) in the last five years, more or less, and all of them had Lookout preinstalled.
Lookout Security & Antivirus - Android Apps on Google Play
[ Puppy 4.3.1 JP, Frugal install ] * [ XenialPup 7.5, Frugal install ] * [XenialPup 64 7.5, Frugal install] * [ 4GB RAM | 512MB swap ]
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011).
-
Belham
uncomfortable questions
Anyone remember when last year (or maybe it was the winter before that) when some were claiming "anti-virus" is dead? The companies behind anti-virus responded in an uproar but also the people saying anti-virus was "dead" seemed to be talking hypotheticals, which seemed to give substance to the anti-virus companies arguments..
What's interesting to me nowadays are two things that this uproar highlighted in today's online world:
First, there is some speculation (that is only backed by geography as a variable, which to me is a crappy indicator but they still....) since that most of the world's top anti-virus are E. European, former Soviet bloc and Russia itself nowadays, are they legit? There seems to be a level of trust-issue there, and it is arguable whether it is warranted or not. The reason some claim it is arguably warranted is because of this: the number of attack vectors on worldwide system networks, whether servers, routers, phones, pcs, tablets, etc (and routers are the big, dark hole---witness the recent $81 million stolen stolen from the formerly assumed impenetrable SWIFT worldwide banking system,and done with the U.S. Federal Reserve's complicity no less) ) have found that these attack vectors to be originated, for the most part, from those three precise areas: E. European, former Soviet bloc and Russia. The question boils down to this: is it possible (that crap again of "hypotheticals") that these anti-virus firms both prey and feed, in other words, do they release these nasty attack vectors into the wild, watch them propogate, then come swooping weeks later claiming that they the cure? It is an incredible business model, one that fits today's online environment to a T. It's a question everyone is uncomfortable asking but which, unfortunately, is being looked at more and more today.
The second issue/question (closely related to above) is most exemplified by this Puppy forum itself (and the explosion of various Linux OSes over the past decade, many developed and manned solely one or two people): if you use a puppy OS and/or Linux OS, how much are you willing to trust the developers of these OS systems with your life's details? For example, how many of you set up & use your fav Puppy yet blindly, without a 2nd thought, do sensitive email, online transactions, banking, insurance setup/paying, health setup/paying, etc, etc? Or are you one of those who, as a normal precaution, performs extensive (over days if not a week or two) packet-sniffing to see what that puppy and/or Linux OS system is sending out when you surf, do email, bank or whatever? I've got a feeling that most here don't do anything other than trust on faith that the Puppy and/or Linux OS is fully legit. There are those who will say it doesn't matter, that if the puppy and/or Linux OS develper(s) are talented, which is not too hard to imagine, an in-depth testing of it (like outgoing packet-sniffing setup and testing) can be defeated and worked around. I.E.: an infection in a puppy/linux OS system can stay dormant for a long long time where the packet-sniffing would see nothing when the test is run. But is that even the correct question? It would seem the question many of us Puppy/Linux OS users have to ask ourselves is do we take it on faith and trust everything we download & use? This question is no different than what gcmartin is bringing up in the articles in his post. It is the same point, click and use mentality. An OS is no different than an infection, because an OS can be one big infection/snooping/keylogging entity itself, and most users would never know it until it was too late.
Anyhow, concerning security, whether it is a phone, tablet, pc, etc, what occurs and what doesn't, there are just so many issues on so many levels that it almost seems overwhelming & pointless to talk about them. Imho, if there is going to be any real online Internet "security" in the sense we want to define it by, I don't think there will be any until a new Internet, the Internet 2 everyone talks about, is developed. An internet that is not based and designed on how this Internet (that we all use today) is currently designed (with security, i.e. encryption, as an after-thought).
Sorry if I rambled here, I just find all this interesting, but yet, exasperatingly frustrating. Given how the Internet is designed today, and our own tendencies to do possibly stupid things (like using Puppies, haha, that to be honest most of us have no real clue about if the full Puppy OS itself is not in itself compromising our online "security") that I think "security" can only be discussed in terms of degrees and never, ever with any certainty, And even those "degrees" are discussed in terms of vagueness that make us all uncomfortable. Yet we rumble on using our Puppies and/or our Linux OS systems, and maybe even run back & forth with an Microsoft/Apple?Google OS, telling ourselves "WE ARE SECURE, WE ARE, I MEAN, HOW CAN IT NOT BE SO, WE USE OUR FORTRESS PUPPIES---they are secure, right? Right?? RIGHT????
What's interesting to me nowadays are two things that this uproar highlighted in today's online world:
First, there is some speculation (that is only backed by geography as a variable, which to me is a crappy indicator but they still....) since that most of the world's top anti-virus are E. European, former Soviet bloc and Russia itself nowadays, are they legit? There seems to be a level of trust-issue there, and it is arguable whether it is warranted or not. The reason some claim it is arguably warranted is because of this: the number of attack vectors on worldwide system networks, whether servers, routers, phones, pcs, tablets, etc (and routers are the big, dark hole---witness the recent $81 million stolen stolen from the formerly assumed impenetrable SWIFT worldwide banking system,and done with the U.S. Federal Reserve's complicity no less) ) have found that these attack vectors to be originated, for the most part, from those three precise areas: E. European, former Soviet bloc and Russia. The question boils down to this: is it possible (that crap again of "hypotheticals") that these anti-virus firms both prey and feed, in other words, do they release these nasty attack vectors into the wild, watch them propogate, then come swooping weeks later claiming that they the cure? It is an incredible business model, one that fits today's online environment to a T. It's a question everyone is uncomfortable asking but which, unfortunately, is being looked at more and more today.
The second issue/question (closely related to above) is most exemplified by this Puppy forum itself (and the explosion of various Linux OSes over the past decade, many developed and manned solely one or two people): if you use a puppy OS and/or Linux OS, how much are you willing to trust the developers of these OS systems with your life's details? For example, how many of you set up & use your fav Puppy yet blindly, without a 2nd thought, do sensitive email, online transactions, banking, insurance setup/paying, health setup/paying, etc, etc? Or are you one of those who, as a normal precaution, performs extensive (over days if not a week or two) packet-sniffing to see what that puppy and/or Linux OS system is sending out when you surf, do email, bank or whatever? I've got a feeling that most here don't do anything other than trust on faith that the Puppy and/or Linux OS is fully legit. There are those who will say it doesn't matter, that if the puppy and/or Linux OS develper(s) are talented, which is not too hard to imagine, an in-depth testing of it (like outgoing packet-sniffing setup and testing) can be defeated and worked around. I.E.: an infection in a puppy/linux OS system can stay dormant for a long long time where the packet-sniffing would see nothing when the test is run. But is that even the correct question? It would seem the question many of us Puppy/Linux OS users have to ask ourselves is do we take it on faith and trust everything we download & use? This question is no different than what gcmartin is bringing up in the articles in his post. It is the same point, click and use mentality. An OS is no different than an infection, because an OS can be one big infection/snooping/keylogging entity itself, and most users would never know it until it was too late.
Anyhow, concerning security, whether it is a phone, tablet, pc, etc, what occurs and what doesn't, there are just so many issues on so many levels that it almost seems overwhelming & pointless to talk about them. Imho, if there is going to be any real online Internet "security" in the sense we want to define it by, I don't think there will be any until a new Internet, the Internet 2 everyone talks about, is developed. An internet that is not based and designed on how this Internet (that we all use today) is currently designed (with security, i.e. encryption, as an after-thought).
Sorry if I rambled here, I just find all this interesting, but yet, exasperatingly frustrating. Given how the Internet is designed today, and our own tendencies to do possibly stupid things (like using Puppies, haha, that to be honest most of us have no real clue about if the full Puppy OS itself is not in itself compromising our online "security") that I think "security" can only be discussed in terms of degrees and never, ever with any certainty, And even those "degrees" are discussed in terms of vagueness that make us all uncomfortable. Yet we rumble on using our Puppies and/or our Linux OS systems, and maybe even run back & forth with an Microsoft/Apple?Google OS, telling ourselves "WE ARE SECURE, WE ARE, I MEAN, HOW CAN IT NOT BE SO, WE USE OUR FORTRESS PUPPIES---they are secure, right? Right?? RIGHT????
Devil's Advocate:
You trust all the time.
Banks with your money
Police
Other drivers
Pedestrians
Every aspect of life involves some form of trust.
Now if you are sensible you are continually assessing the amount of risk compared with the effort to reduce it and coming to a balance that is acceptable to YOU.
With bought security products, you are assuming that if they didn't reduce the risk sufficiently, then people wouldn't buy them.
That is why it is always difficult to introduce a new security product to the market - unless you are a trusted security product supplier.
I would never buy or use a "new" product anyway in a live environment.
Beta testing is not a live environment since - if you have any sense, you do it in parallel with a safe product.
You trust all the time.
Banks with your money
Police
Other drivers
Pedestrians
Every aspect of life involves some form of trust.
Now if you are sensible you are continually assessing the amount of risk compared with the effort to reduce it and coming to a balance that is acceptable to YOU.
With bought security products, you are assuming that if they didn't reduce the risk sufficiently, then people wouldn't buy them.
That is why it is always difficult to introduce a new security product to the market - unless you are a trusted security product supplier.
I would never buy or use a "new" product anyway in a live environment.
Beta testing is not a live environment since - if you have any sense, you do it in parallel with a safe product.
"Just think of it as leaving early to avoid the rush" - T Pratchett