Archive for the Buyer beware! Category

The politics of the hacker community … or lack thereof

Posted in Buyer beware! on June 23, 2013 by asteriondaedalus

Ah hem plus the Internet of Things (US bodies, going to China to develop technology to take back to US).

Isn’t it funny.

Now this idea of China providing back doors into chips it was producing, as a way of turning off weapons and internet driven things, was always the meat of speculation towards being thought of as “conspiracy theory”.

Now, how things are downplayed often has to do with a lack of evidence of where the “theory” comes from.

The notion of “conspiracy” is likely caused in no small part by what I call “reporting distance”, turning fact into “opinion” by passing on the information over and over again via websites – possibly verbatim, possibly with a “twist”.  Many fail to do things like point to (first hyperlink) the peer reviewed scientific research that shows that a US design secure chip, manufactured in China, has been compromised.

Now I used scribd as my link source also to make the point that the original is at the author’s web site at http://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf so why on earth websites like sribd exist I can’t fathom as people seem to pay for material at a “reporting distance” > 1 when you can get the thing from the author’s site, for free, why on earth do we need to copy junk over and over and over … sort of feeds the notion that things are “conspiracy theory” doesn’t it … and it defeats the point of having an Internet since the whole point of the Internet was to you could to to any computer from another other computer.  Anyway, that is just my side bar rant.

Back to the plot. The second hyperlink above is not an accusation mind you, just an observation.  The observation that DoD can’t get it right defending it’s Defense systems from hacker back doors while ironically 1) bragging in places about doing the same thing to other countries (ref tbd) and 2) going to a lot of trouble to stop US technology getting into the wrong hands (ITAR) and still still farming out technological IP out to China via chip manufacturing arrangements and also flooding the US with Chinese chips via consumer goods etc.

Now, oddly, this is likely to end up with the same the same ring to it as US gun laws as US hacker community will likely argue that they have an inalienable right to Hack blah blah blah ad nauseum.  Although, this is more like giving your enemy a gun rather than you having a gun to defend against your enemy.

That’s not to say that I am not guilty of funding the Chinese war machine myself.  However, I  am banking on them actually just having been around so long that they understand what the US does not seem to, and that is what the Roman’s\Russians didn’t work out but we all know – once you expand your regime past certain geographical/political limits it soon collapses on itself as it runs itself into the ground because you cannot fund it any longer.

Before you respond, at least read this (DoD Cyber Threat).

And again, before you respond go educate yourself on Software Security Assurance (CC) and tell me again why having more or less none of the systems flooding into the Internet of Things having third party certification of Software/Hardware Security Assurance will be a good thing?  It is history repeating itself.  The Internet is already known to be a flawed design when it comes to security.  It was design by a bunch of hippy computer scientists who had naive “trust” in one another.

Even CC is wrong in as far as it is trying to police the flawed design of the Internet (one example of many) – and CC was put in place partly to certify online financial transactions, and if banks can’t get it right then what hope the Internet of Things?

Still, we place Hacking above privacy, national defense yadda et cetera.

So be it!

Won’t solve anything my little own self.

So I am waiting for the Spark Core to come out on the market.

Wretched isn’t it.

disappointing but go figure

Posted in Android, Buyer beware!, Hardware on April 10, 2013 by asteriondaedalus

I bought supposedly IP67 certified phone from DHgate to find it isn’t at all water proof (that’s what the ‘7’ of the IP67 stands for).

In fact, I found that the back panel doesn’t fit all that snuggle AND it has two screws supplied to tack it down BUT one of the screws came without a thread.  I have contacted the vendor and we’ll see whether this gets sorted.

However, for a throw away phone to hack for outside robots it will do until the real waterproof phone boom hits.  I half expected the problem as my search of the web found many Asian manufacturers basically lying about the phone ratings.

I was always going to likely silicon seal the thing anyway – although there is an (expensive) alternative.

Let buyer beware.

Note some vendors bother to warn you the phones are not immersible even though “water immersible” is stamped on the back under the “IP67 Certified” embossing.

I have passed the problem off to Australian Consumer affairs they are likely not to do anything since we aren’t wanting to upset the Chinese apparently.