CovOps
Location : Ether-Sphere Job/hobbies : Irrationality Exterminator Humor : Über Serious
| Subject: What's Scarier: Apple, Google, Microsoft or God? Thu Aug 05, 2010 5:43 am | |
| iPhone gets pwned, Google tells hackers where you live, Microsoft sells us out, and fireballs rain down from heaven. Paranoid yet?
Ok, pop quiz time. Which of the following things upsets you more?
a. A new jailbreak app could give an attacker total control over your iPhone
b. A new hacking tool exploits Google location data to pinpoint exactly where you live
c. The fact Microsoft sold out IE8 users' privacy for a biscuit and a cup of lukewarm Gatorade
d. A ball of superheated plasma yakked up by the sun is going to hit the earth tonight like a ton of 400-million-degree bricks
Why not e, all of the above?
It's a paranoid's paradise here today at TY4NS, where privacy, security, and Biblical threats are coming fast and furious. Let's take them one by one, shall we?
Apple: Got an iPhone? Launch Safari and visit Jailbreakme.com, then move the slider to the right; congratulations, your phone is now jailbroken.
This allows you to do an end run around Apple's restrictive app store policies. It also lets malicious nogoodniks do an end run around the iPhone and Safari's security restrictions. Even better, it works on the iPod Touch, iPad, and any other Apple device running the iOS 4.0.1 or later.
On Twitter, Apple security researcher Charlie Miller (aka Zero Day Charlie), calls the jailbreakme.com exploit "very beautiful work. Scary how it totally defeats Apple's security." Nice.
At present, there are no known threats that exploit these techniques, which allow an outside attacker to get root access to the device (ie, complete pwnership). By the time I'm finished writing this blog post, there may well be.
Google: According to a report by the BBC, hacker Samy Kamkar has come up with a way to fool routers into coughing up the physical location of people who visit a specially crafted Web site. The exploit simply matches the router's unique MAC address with information gleaned from the Google Street View location database. He can get within 10 yards of your location.
The BBC quotes F-Secure's Mikko Hypponen, who says:
"The thought that someone, somewhere on the net can find where you are is pretty creepy... Scenarios where an attack like this would be used would be stalking or targeted attacks against an individual."
I told you Google's insatiable appetite for geolocation data was a problem -- and why keeping your location private is important. But did anyone listen? Noooo.
Microsoft: The Wall Street Journal reports that back in 2008 Microsoft had a fierce internal debate over whether to make Internet Explorer 8 more private by making it harder for advertisers to track where IE8 users go on the Web. Well, we now know who won that debate. Per the Journal's Nick Wingfield:
"In the end, the product planners lost a key part of the debate. The winners: executives who argued that giving automatic privacy to consumers would make it tougher for Microsoft to profit from selling online ads. Microsoft built its browser so that users must deliberately turn on privacy settings every time they start up the software."
Yet another reason to dump IE, if you haven't already. (And if you haven't already, why the heck not?)
God: If you've been watching the news, you probably know we're about to get a solar tongue licking this evening of major proportions, resulting in "a spectacular sky show of rippling auroras," according to National Geographic.
The prognosis for survival tonight is good. But this is probably only the first salvo. We're nearing the peak of both an 11 year and a 110 year solar cycle. When is the peak? Why 2012, the year the Mayans said the proverbial dung was going to hit the Biblical blades. (Paging John Cusak to a white courtesy telephone.)
Apple, Google, and Microsoft all give us lots to be worried about, but my money's still on the Big Guy. He's still got more pull than any of them.
http://www.pcworld.com/article/202588/whats_scarier_apple_google_microsoft_or_god.html?tk=hp_new |
|