the small TIN-FOIL-HAT thread

After enjoying the fruits of your labors, we all need a place to chill. This is that place. Totally senseless irrelevant banter encouraged.
User avatar
deran
Karma Shaman
Karma Shaman
Custom Title: time bandit
Has bestowed Karma : 63 times
Received Karma : 107 times
Posts: 1762
Joined: Sun Jul 19, 2009 1:14 pm

the small TIN-FOIL-HAT thread

Post by deran »

Stories of hacked devices like headphones and pacemakers are unsettling, but the idea of compromised children's toys is extra creepy. Since the dolls use an unprotected wireless Bluetooth connection, anyone in the vicinity could potentially listen in to the conversation. A company could also use the toys to advertise directly to children, or it could sell the information it gathers to police and intelligence agencies.
https://www.engadget.com/2017/02/17/ger ... ayla-doll/" onclick="window.open(this.href);return false;

what a bunch of mofos, theyve crossed a line with this "toy" ... spying on your kids, and anybody who can openly connect to the unencrypted bluetooth/wifi interface ... i was really shocked when i heard about it
awoken the right way

bentech
MPG Ambassador
Karma Hippie
Karma Hippie
Custom Title: eye the witch Melancholy
Location: socal
Has bestowed Karma : 33 times
Received Karma : 28 times
Posts: 17529
Joined: Mon Jun 06, 2011 1:38 pm

the small TIN-FOIL-HAT thread

Post by bentech »

On the fifth birthday of the original Raspberry Pi, the foundation has announced the Raspberry Pi Zero W, a slightly more capable variant of the miniature computer. From a report on BetaNews:
It's essentially a Pi Zero with the addition of the two features many people have been requesting -- wireless LAN and Bluetooth. Priced at $10, the Pi Zero W uses the same Cypress CYW43438 wireless chip as Raspberry Pi 3 Model B to deliver 802.11n wireless LAN and Bluetooth 4.0 connectivity. The full list of features is as follows: 1GHz, single-core CPU, 512MB RAM, mini-HDMI port, micro-USB On-The-Go port, micro-USB power, HAT-compatible 40-pin header, composite video and reset headers, CSI camera connector, 11n wireless LAN, and Bluetooth 4.0.


https://hardware.slashdot.org/story/17/ ... -bluetooth" onclick="window.open(this.href);return false;
"we must strive to become good ancestors" nader
https://www.myplanetganja.com/viewforum.php?f=48
FUCK jimmydorecomedy.com

User avatar
Intrinsic
Advanced Grower
Karma Hippie
Karma Hippie
Has bestowed Karma : 1751 times
Received Karma : 1537 times
Posts: 7656
Joined: Thu May 21, 2009 10:51 am

the small TIN-FOIL-HAT thread

Post by Intrinsic »

Speaking of insidious toys ...

https://www.theregister.co.uk/2017/02/2 ... base_leak/" onclick="window.open(this.href);return false;
Two million voice recordings of kids and their families were exposed online and repeatedly held to ransom – because an IoT stuffed-toy maker used an insecure MongoDB installation.

Essentially, the $40 cuddly CloudPets feature builtin microphones and speakers, and connect to the internet via an iOS or Android app on a nearby smartphone or tablet. Families can use the fake animals to exchange voice messages between their children, friends, and relatives.

For example, a parent away on a work trip can open the CloudPets app on their smartphone, record an audio message, and beam it to their kid's toy via a tablet within Bluetooth range of the gizmo at home; the recording plays when the tyke press a button on the animal's paw.

Similarly, the youngsters can record messages using the stuffed creature, and send the audio over to their mom, dad, grandparent, and so on, via the internet-connected app.


Cute ... How CloudPets passes messages from app to toy

These voice clips, along with records of 820,000 CloudPets.com accounts associated with the each of the toys, have been left wide open on the internet, with no password protection – allowing gigabytes of sensitive material to potentially fall into the hands of criminals. And it's all due to a poorly secured NoSQL database holding 10GB of internal information.

CloudPets' internet-facing MongoDB installation, on port 2701 at 45.79.147.159, required no authentication to access, and was repeatedly extorted by miscreants, evidence shows. The database contains links to .WAV files of voice messages hosted in the Amazon cloud, again accessible with no authentication, potentially allowing the mass slurping of more than two million highly personal conversations between families and their little ones.

It appears crooks found the database, presumably by scanning the public 'net for insecure MongoDB installations, took a copy of all the data, deleted that data on the server, and left a note demanding payment for the safe return of a copy of the database. This happened three times, we're told.

Of course, anyone else wandering by the database could have swiped the records for themselves and kept quiet, so the information potentially could be in the hands of just about any miscreant.

Computer security breach expert Troy Hunt, who maintains the HaveIBeenPwned website, was tipped off about the insecurity of CloudPets, a brand of Spiral Toys, and went public today with details of the cockup.

“This is kids' voices recorded on teddy bears,” Hunt told The Register after spending a week investigating the security blunder. “I can picture my four-year-old girl, sitting in her room – it's hard to picture a more innocent scenario – and all these actors have access to what she says to her teddy bear.”

User avatar
Intrinsic
Advanced Grower
Karma Hippie
Karma Hippie
Has bestowed Karma : 1751 times
Received Karma : 1537 times
Posts: 7656
Joined: Thu May 21, 2009 10:51 am

the small TIN-FOIL-HAT thread

Post by Intrinsic »

Wow, Now the cops now want to collect fingerprints carte blanche on anybody and everybody for Smart Phone access , crime or not.
http://www.theregister.co.uk/2017/02/23 ... are_found/" onclick="window.open(this.href);return false;



"An Illinois judge has rejected a warrant sought by the US government to force everyone in a given location to apply his or her fingerprints to any Apple electronic device investigators happen to find there, a ruling contrary to a similar warrant request granted last year by a judge in California.

Under current law, the government already has the right, given sufficient evidence, to compel a specific individual to unlock an electronic device protected by a fingerprint reader like Apple's Touch ID sensor.

In 2014, a judge on Virginia’s Second Judicial Circuit ruled that a defendant could be forced to provide a fingerprint but not a passcode, the distinction being that a fingerprint is not testimonial whereas a passcode is.

Defendants thus cannot use the Fifth Amendment's protection to refuse to provide a fingerprint on the grounds that the fingerprint itself qualifies as self-incriminating testimony.

But the government's right to compel action diminishes when it lacks sufficient cause to make such demands of people, at least in Illinois.

Essentially, prosecutors want to go into a vaguely described location – perhaps a home or an office – and make every inside, regardless of who they are, provide their fingerprints to unlock their Apple handhelds so investigators can rifle through the devices for evidence. The warrant doesn't say where this raid will take place nor exactly who is targeted.

Butters
some karma
some karma
Custom Title: unofficial curvature
Posts: 62
Joined: Wed May 20, 2009 10:31 pm

the small TIN-FOIL-HAT thread

Post by Butters »

FUCK THE COPS :fubird:
mean people suck :smoke:

bentech
MPG Ambassador
Karma Hippie
Karma Hippie
Custom Title: eye the witch Melancholy
Location: socal
Has bestowed Karma : 33 times
Received Karma : 28 times
Posts: 17529
Joined: Mon Jun 06, 2011 1:38 pm

the small TIN-FOIL-HAT thread

Post by bentech »

the retina scanners will be everywhere before you know it...
"we must strive to become good ancestors" nader
https://www.myplanetganja.com/viewforum.php?f=48
FUCK jimmydorecomedy.com

User avatar
Intrinsic
Advanced Grower
Karma Hippie
Karma Hippie
Has bestowed Karma : 1751 times
Received Karma : 1537 times
Posts: 7656
Joined: Thu May 21, 2009 10:51 am

the small TIN-FOIL-HAT thread

Post by Intrinsic »

Canada's privacy watchdog probes US border phone seizures
Lines being drawn after Trump executive order prompts heavy-handed customs response

16 Mar 2017 at 18:43, Kieren McCarthy

The Canadian privacy commissioner has opened an investigation into the Canadian border police and a recent uptick in phone seizures.

The commissioner has received a number of complaints from Canadian citizens about their phones being taken from them at the US border and wants to know exactly what the border police are doing with those phones.

The investigation follows a request last week by the commissioner to the Canadian government to press the US government to add Canada to a list of countries that are exempted from US president Donald Trump's executive order on "enhancing public safety" – an order that strips privacy rights from all non-US citizens.

It also comes following a slew of recent reports of customs officers in both the United States and Canada taking people's phones and requiring people to unlock them if they wish to cross the border. The phones are then taken away and the owners are not informed why they were singled out or what the customs officers did with their phones.
What are they up to?

The concern is that the border police are using a legal grey area in which they are given extraordinary powers to go beyond what is necessary, such as cloning phones and keeping copies.

Almost nothing is known about what the border police do with private data taken from electronic devices: how much data they take; where they store it; how long they store it; who they share it with; is there anything secretly installed on the phone; and so on.

In theory however, this personal and sensitive information is only supposed to be collected and used for the assessing someone's access to the country and any sharing of data can only happen legally if there is a criminal case, a concern over illegal immigration or national security issues. How the Canada Border Services Agency (CBSA) chooses to define those exceptions is likely to be a key part of the investigation.

A spokeswoman for the privacy commissioner confirmed to the National Post that data retention was likely to play a part.

Currently, we are not aware of a similar investigation being held in the United States despite an alarming number of individuals being held and ordered to hand over and unlock their phones in recent weeks. But it may only be a matter of time, with lawyers currently tied up challenging Trump's travel ban.

User avatar
MadMoonMan
Karma Hippie
Karma Hippie
Custom Title: nOT-a-BoT
Location: A Quantum Universe
Has bestowed Karma : 15 times
Received Karma : 231 times
Posts: 8028
Joined: Sat Aug 29, 2009 3:35 pm

the small TIN-FOIL-HAT thread

Post by MadMoonMan »

You are not able to hide anything. Go off grid. Cash only in Alaskan mountains. I wish I was young enough to do that. :)

Bible says "Make friends with mammon." Which means.

Gird up your loins and live with it. or in modern verbiage.. "Put your big boy pants on."

Realize "the world of greed and evil and power and control and theft and crazy insane people and to no end on individualism."

The number of different people able to occupy this world.. is

finite considering mans current state of ..... A MAD MAN WITH NUCLEAR BOMBS IS TORTURING A POPULACE IN NORTH KOREA.
Just because I can't spell misanthrope doesn't mean I'm completely stupid.

User avatar
MadMoonMan
Karma Hippie
Karma Hippie
Custom Title: nOT-a-BoT
Location: A Quantum Universe
Has bestowed Karma : 15 times
Received Karma : 231 times
Posts: 8028
Joined: Sat Aug 29, 2009 3:35 pm

the small TIN-FOIL-HAT thread

Post by MadMoonMan »

lets just sit around as he gets more and more powerful and accurate weapons.

Old Jewish poverb. A man says he is coming to kill you at dawn. You get up before dawn and you kill him first.
Just because I can't spell misanthrope doesn't mean I'm completely stupid.

User avatar
MadMoonMan
Karma Hippie
Karma Hippie
Custom Title: nOT-a-BoT
Location: A Quantum Universe
Has bestowed Karma : 15 times
Received Karma : 231 times
Posts: 8028
Joined: Sat Aug 29, 2009 3:35 pm

the small TIN-FOIL-HAT thread

Post by MadMoonMan »

Government doesn't care for you

Bring out the chlorine gas

Bulldozers forward!

CITIZENS THIS IS YOUR LAST WARNING

GO TO YOUR ESTABLISHED LOCATIONS.
Just because I can't spell misanthrope doesn't mean I'm completely stupid.

Post Reply