Profile

Cover photo
Rodney Fletcher
Lives in Perth
120 followers|453,701 views
AboutPostsPhotosVideosReviews

Stream

Rodney Fletcher

Shared publicly  - 
 
Ever wonder what Star Wars characters were thinking?
1
Add a comment...

Rodney Fletcher

Shared publicly  - 
 
It might be a little late - but hoverboards have arrived!
Toyota's luxury brand Lexus said Wednesday it has created a hoverboard. Yes, a hoverboard -- as in something that looks like a skateboard without wheels that can hover above the ground like the character Marty
6
Rodney Fletcher's profile photo
Add a comment...

Rodney Fletcher

Infosec\Cybersecurity  - 
 
So here's a reason to never buy a Samsung laptop.
Windows updates are simultaneously very boring and incredibly important: they have a habit of shutting down your computer at the wrong moment, but also patch critical security flaws with alarming regularity. So if a manufacturer decided to disable Windows Update to favor its own crappy bloatware, that would be incredibly fucked. Oh hey there, Samsung!
22
3
Noah Chelliah's profile photoAlessio Mangoni's profile photoHank Houser's profile photoAdam Humpherys's profile photo
23 comments
 
^^ That was my thought too...go ahead samsung bundle all you want, Windows will never be booted
Add a comment...

Rodney Fletcher

Shared publicly  - 
 
And yet they do nothing about the inability of Australian's to get access to media or get it for a fair price...
1
Add a comment...
 
This isn't good.

In short:
Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, are pre-installed with a version of Swiftkey keyboard that is signed by Samsung to operate with system privileges. By design, Swiftkey periodically checks for language pack updates over HTTP. By intercepting such requests and modifying the necessary fields, an attacker can write arbitrary data to vulnerable devices.

So in effect, if you're on the same wifi network as someone with many  Samsung Phones, you can spoof the address it checks via HTTP for an update, which it just blindly installs, with system level privileges. 

That is just lazy and stupid. It's typical of a hardware vendor who still doesn't understand software or security.
Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, fail to properly validate Swiftkey language pack updates.
2
1
Vladimir Jirasek's profile photoAlex Koller's profile photo
 
And even when Samsung now works on a fix, the truth is that may never reach majority of users. Such is dark side of android ecosystem where the mobile operators hold the final vote if a patch is actually used. 
Add a comment...
57
3
Eddy S's profile photoAndrew Iturbe's profile photoOmega EDI's profile photoKelvin Godfrey 's profile photo
26 comments
Eddy S
 
That's fine, but rather than leaving it on a note that makes me look like the bad guy, how about we leave it neutral and truthful, you both wanted to eliminate sexism, I was trying to point out that this wasn't sexism and claiming it was makes a joke of the cause, you didn't agree and pointed out that any sexism intentional or otherwise needs to be spoken against.

Is that fair? Seems a bit more mature than trying to act the mediator asking us to drop it, just after getting in a back handed comment and calling me a misguided fool doesn't it? after all, I'm against sexism, just trying to get across a struggle that many anti sexism groups have.
Add a comment...
Have him in circles
120 people
Wayne Shaw's profile photo
Landa Nano's profile photo
Andi Firma's profile photo
Ste Martin's profile photo
fai kur's profile photo
Dorris Padilla's profile photo
Allen Robertson's profile photo
Jake Farr-Wharton's profile photo
John Aspray's profile photo

Communities

12 communities

Rodney Fletcher

Mass Effect: Andromeda  - 
 
This is pretty cool. Mass Effect Andromeda could include weather effects, to mix up game-play. 
Mass Effect: Andromeda could be including weather effects judging from recent comments from one of the developers. Mass Effect: Andromeda's Senior Developm
36
3
Carsten Müller's profile photoRobert Falzone's profile photoAmbrož Jakub's profile photoAbdElRahman Yousry's profile photo
8 comments
 
...well they did have that intermittent toxic rain on one of the maps in the ME3 multiplayer which changed things up nicely.
Add a comment...

Rodney Fletcher

O/S Related  - 
 
Samsung: making hacking easier.
Windows updates are simultaneously very boring and incredibly important: they have a habit of shutting down your computer at the wrong moment, but also patch critical security flaws with alarming regularity. So if a manufacturer decided to disable Windows Update to favor its own crappy bloatware, that would be incredibly fucked. Oh hey there, Samsung!
8
2
Bhanu teja reddy's profile photoJason Landstrom's profile photoChase “SYANiDE” Hatch's profile photoBrian Gibbs's profile photo
5 comments
 
Every Linux and Mac user in my company has a copy of Windows running as a virtual system in order run a bunch of tools or apps. This includes myself.
Add a comment...

Rodney Fletcher

Shared publicly  - 
 
 
FFS Samsung! You're now officially on my 'never buy a laptop from you ever' list, along with Lenovo (for the superfish debacle).

http://gizmodo.com/samsung-disables-windows-updates-to-favor-its-own-crapp-1713558005
Windows updates are simultaneously very boring and incredibly important: they have a habit of shutting down your computer at the wrong moment, but also patch critical security flaws with alarming regularity. So if a manufacturer decided to disable Windows Update to favor its own crappy bloatware, that would be incredibly fucked. Oh hey there, Samsung!
3 comments on original post
1
Add a comment...

Rodney Fletcher

Shared publicly  - 
2
Add a comment...

Rodney Fletcher

Infosec\Cybersecurity  - 
 
This isn't good.

In short:
Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, are pre-installed with a version of Swiftkey keyboard that is signed by Samsung to operate with system privileges. By design, Swiftkey periodically checks for language pack updates over HTTP. By intercepting such requests and modifying the necessary fields, an attacker can write arbitrary data to vulnerable devices.

So in effect, if you're on the same wifi network as someone with many  Samsung Phones, you can spoof the address it checks via HTTP for an update, which it just blindly installs, with system level privileges. 

That is just lazy and stupid. It's typical of a hardware vendor who still doesn't understand software or security.
Samsung Galaxy S phones, including the S4 Mini, S4, S5, and S6, fail to properly validate Swiftkey language pack updates.
7
1
Rodney Fletcher's profile photoTaylor Bertie (NightKhaos)'s profile photoJosh Millikan's profile photoTravis Hershberger's profile photo
21 comments
 
yes yes there is always going to be stupid users/devs. most developers don't get thought security during college and they have to learn it from auditors or on the fly.

though a company that is fairly large like swiftkey should know the basics.

and even big companies use self signed certs... :'( which just make it even worse because users are taught to ignore the warnings and continue which defeats the whole purpose of a https. might as well have it as http at that point.
Add a comment...
People
Have him in circles
120 people
Wayne Shaw's profile photo
Landa Nano's profile photo
Andi Firma's profile photo
Ste Martin's profile photo
fai kur's profile photo
Dorris Padilla's profile photo
Allen Robertson's profile photo
Jake Farr-Wharton's profile photo
John Aspray's profile photo
Communities
12 communities
Basic Information
Gender
Male
Story
Tagline
Lover of IT and anything Internet.
Bragging rights
Two beautiful little girls and a job I don't hate. :-)
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Perth
Previously
Perth - Perth
Links
Contributor to
The kids had a great time.
Public - a year ago
reviewed a year ago
1 review
Map
Map
Map