Category: Technology

iOS 4.3.3 is Out

Those of you with iOS devices should clear out your Internet tubes because you’re going to need them wide open for the next 666.2MB update that Apple has released to fix the recent tracking fiasco.

The only things listed in the changelog that Apple provides are corrections to the location caching functionality in iOS. Personally I’ve found this entire thing overblown simply because of the fact that nobody could demonstrate that the save location information was transmitted anywhere. Unlike TomTom iOS wasn’t sending the location data anywhere, it was only backing it up to whatever computer the device was synced with.

Beyond that the simple fact that cellular phones can track you solely as a side effect of this technology really made the potential threat held by iOS’s location data caching specialized. If the government needed a history of your locations they could get it easily by subpoenaing your phone company. The only real threat held by iOS’s caching was if somebody was able to get physical access to the system you sync your devices with and only so long as you don’t encrypt those backups (iTunes has the ability to encrypt your iOS backups).

Still it’s good to see Apple responded to this pretty quickly and now people can breath a sigh of relief… unless you’re using iOS 4 on an iPhone 3G then you’re just plain old fucked.

My Take on TenFourFox

Not too long ago I mentioned TenFourFox, a port of FireFox 4 to the PowerPC. Last night I actually had time to load and try it out on my old PowerBook G4 and I must say I’m rather impressed.

Understand that the PowerPC G4 processor is pretty damned slow by today’s standard. Playing a Flash video while downloading e-mail generally turns the video into a slide show and makes any interaction with other processes a slow ordeal. Firefox 3 always ran a bit shitty on that system thus I wasn’t impressed. TenFourFox on the other hand ran pretty well for a modern piece of software ported to an ancient system. All my Firefox add-ons (NoScript, Certificate Patrol, LastPass, and Xmarks) work just find in TenFourFox and every webpage I visited appeared to render correctly. The browser’s performance wasn’t noticeably different than Safari’s which was a big plus. Overall I’m very impressed with what the team working on TenFourFox has managed to accomplish.

TomTom Sending Customers’ GPS Data to Police

With the recent fiasco facing iOS and Android devices and their retention of location data it’s nice to know one company out there isn’t leaving speculation to chance but is openly admitting that they provide customer location data to government officials:

Dear TomTom customer,

Customers come first at TomTom.
When you use one of our products we ask for your permission to collect travel time information on
an anonymous basis. The vast majority of you do indeed grant us that permission. When you connect
your TomTom to a computer we aggregate this information and use it for a variety of applications,
most importantly to create high quality traffic information and to route you around traffic jams.

We also make this information available to local governments and authorities. It helps them to
better understand where congestion takes place, where to build new roads and how to make
roads safer.

We are actively promoting the use of this information because we believe we can help make roads
safer and less congested.

We are now aware that the police have used traffic information that you have helped to create to
place speed cameras at dangerous locations where the average speed is higher than the legally
allowed speed limit. We are aware a lot of our customers do not like the idea and we will look at
if we should allow this type of usage.

This is what we really do with the data:

  • We ask for your permission to collect historical data. You can opt in or opt out and can disable the data collection function at any time.
  • If you are using a LIVE device, you receive traffic information in real time and you automatically contribute to generating traffic information.
  • We make all traffic data anonymous. We can never trace it back to you or your device.
  • We turn anonymous data into traffic information to give you the fastest route available and route you through traffic jams in real time.
  • We are working with road authorities around the world to use anonymous traffic information to help make roads flow more efficiently and safer.
  • Our goal is to create a driver community capable of reducing traffic congestion for everyone.

Although they anonymize the data it’s still quite possible to retrieve who location data applies to. For instance you can use records of credit card translations, cell towers the person’s phone was connected to, cameras to find what car was where and when, etc. It would be possible to setup a system to tie this anonymized data to drivers and write them speeding tickets using that system as evidence.

That’s a theoretical problem, a real problem is the fact that the data is being used to setup police revenue sources such as speed cameras. A Dutch firm has openly admitted that they use TomTom customer data to setup speed traps. So this anonymized data is actually being used to cost you money for something that isn’t actually dangerous as currently implemented (in other words speed limits aren’t actually a safety limit but an arbitrarily selected number).

Anonymous collection and transmission of data is a threat with any device capable of determining a location and sending data. Cell phones are the best tracking devices on the planet as a side effect of how they work. But TomTom has openly admitted they send not just location data but data relating to customer travel times which is then given to government entities. This providing of data sets up a mechanism that could allow for government agencies automatically writing tickets or performing other actions that will cost you money. Personally I find that disgusting.

Let this also be a lesson to those who don’t actually read the end user license agreements of the devices and software they use.

FBI To Remove Coreflood From Infected Computers

I’ll be honest and admit I’ve heard little about the botnet being referred to as Coreflood. Apparently it did something nasty enough to gain the attention of the Federal Bureau of Investigations (FBI) though:

Two weeks ago, the DOJ and the FBI obtained an unprecedented temporary restraining order that allowed them to seize five command-and-control (C&C) servers that managed Coreflood. Since then, the U.S. Marshal’s Service has operated substitute C&C servers that have disabled the bot on most infected PCs.

But that’s not the most interesting part of this story. It seems that the FBI have been able to identify the owners of some infected machines and are going to offer to uninstall the botnet software from those owner’s computers:

The FBI has also identified infected computers, and in some cases has linked names to the static IP addresses. Those are the PCs targeted for remote Coreflood eradication.

“While the proposed preliminary injunction is in effect, the Government also expects to uninstall Coreflood from the computers of Identifiable Victims who provide written consent,” said the DOJ in the memo.

I’m not sure how the written consent will be dispatched but I do have some advice if you should receive such a consent form. First of all turn it down, the last people you want in your system is the government. Thor knows that they’ll probably uninstall the botnet software but will also install something that monitors your network activity to “verify property removal.” Yes I’m actually that cynical but I trust nobody inside of my machines be it government officials or just regular people off of the street (although I’m inclined to trust the latter more).

The second thing you should do after burning that consent form is to wipe the machine and reinstall the operating system plus all available updates. Only one means exists to uninstall malicious software and ensure it’s actually gone, wiping the entire computer clean and starting from scratch. Software is incredibly complex and there is no way to know if every backdoor for a piece of malicious software has been removed. Do yourself a favor, if your system has been infected just start over. Anti-malware software can make an attempt to remove malicious software and may or may not be successful but you have no way of knowing.

It Took Them Long Enough

Remember roughly a year ago when Apple announced the iPhone 4 and that it would come in both black and white? Well Apple has finally released the white model. Yeah it took them almost a year to figure out how to take a black phone and turn is white. I guess that old phrase, “Once you go black you never go back.” holds some truth here.

I’m still waiting for people to buy this, Apple to announce the iPhone 42, and then those people who just bought the white iPhone 4 to whine that they got ripped off.

Firefox 4 for PowerPC Macs

Although I have many complaints about Firefox 4 it is still my main browser because I can’t remain sane, online, and not have NoScript. Two weeks ago I tried running Chrome as my main browser again thinking I would give it a fair shake only to rediscover all the full page advertisements, popups, flash advertisements, and other annoying things that I forgot existed thanks to the wonderful little plugin that prevents all but authorized domains from running scripts.

I also have an old PowerBook that I still use once in a while and Firefox 4 doesn’t support it. It’s not the end of the world yet as Firefox 3.x is still being supported on the platform and with security updates but that will end some day. Thankfully somebody has seen my blight and has started a project to bring Firefox 4 to PowerPC Macintosh computers via the TenFourFox project. This is one huge advantage to open source software, when a vendor drops support for a platform others can swoop in and do the support themselves.

The group behind TenFourFox is also claiming that they’re making CPU specific optimizations which is pretty awesome. I’ll have to test this on my old PowerBook G4 and let you know how it runs.

The Market for IPv4

In other not at all shocking news there is a scarcity of IPv4 addresses which has head to the development of a market:

The IPv4 address space resale market is evolving in light of Nortel’s recent sale of 666,624 IPv4 addresses to Microsoft for $7.5 million, or $11.25 per address.

Maybe investing in IPv4 addresses is a good idea at the moment.

HP/Palm WebOS 3.0 Preview Leaks Out

For both of us who are excited about the next version of HP/Palm’s WebOS it appears as though one of the developers who was admitted access to the Early Access Program has decided to grace us all with a video of the goods:

[youtube=http://www.youtube.com/watch?v=jvqzXR0JkuY]

The emulator is still in beta obviously but it’s looking pretty cool if I do say so myself. WebOS 3.0 will debut on HP/Palm’s tablet at some future point. If the actual device holds as well as the emulator preview is letting on HP/Palm’s tablet could actually give some real competition to Apple’s iPad.

Doom Played on E-Ink

Doom is the game that has been ported to everything on the planet and some things not on this planet. Well it seems there was no port of Doom on an E-Ink based device but thankfully that has changed. Yeah it plays kind of crappy but it’s still pretty cool considering how slow of refresh rates most E-Ink displays still have. Here’s a video of the game in action:

[youtube=http://www.youtube.com/watch?v=QOPZrVsCEHg]

iPad Makes a Great Video Player

I’m sure it comes as no surprise that I don’t purchase physical media all that often. Most of the movies I buy are purchased via iTunes. The reason for this is because iTunes has a good selection of movies, I can play movies on any of my computers, and my movies can be loaded onto my iPad and iPhone. If there is a downside it’s the fact that plugging a computer into a friend’s television isn’t always a straight forward way to watch a movie and most movies played via a computer on a CRT television look like shit.

Realizing the iPad is far more portable than a television and that I sometimes like to bring movies to my friends’ houses I decided to purchase a set of Component AV Cables for use with my iPad and iPhone. Last night was the first time I actually used them and I’m happy to report they work great. The test movie was the high definition version of Tron: Legacy which looked absolutely great playing off of my iPad. It also beat the Hell out of trying to hook a laptop up to the television. Being everything has a downside one is apparently made using the iPad, there is no remote control. If you want to pause the move you have to go over to the iPad and tap the pause button on the screen. Not a big deal but it’s honestly the only downside I could find to this setup.

While playing a movie on an external display you can turn the iPad’s screen off and the movie will continue to play. However if you leave the Video app the movie will stop playing which is probably a side effect of allowing other applications to utilize the video-out capabilities of the iPad. I will also note that if you get an e-mail or other message on the iPad while it’s hooked into a television the notification sound plays on the television so it’s a good idea to turn your networking capabilities off while watching a movie if you get as many e-mails as I do.

Needless to say I really like the iPad as a video playing device. There is no real setup required beyond plugging the component cables into the television and pressing play on the iPad.