Profile

Scrapbook photo 1
Scrapbook photo 2
Scrapbook photo 3
Scrapbook photo 4
Scrapbook photo 5
Scott “marsroverdriver” Maxwell
Works at Google
Attended University of Illinois at Urbana-Champaign
Lives in Pasadena, CA
46,406 followers|3,674,235 views
AboutPostsPhotosVideosReviews

Stream

 
How to Protect Yourself from "Stagefright"

Well, this is just horrifying. The Hangouts app is most vulnerable to this bug; you don't have to do anything but receive an MMS message to be exploited. The Messaging app is almost as bad: you have to view the message, but you'll be exploited even if you don't tap the attachment. Since you must generally view the message to determine whether it has an attachment, that level of resistance has limited value.

Google has already made security patches available to vendors and carriers, but the phone ecosystem being what it is, they won't arrive on your phone for a long time if ever. (I'm not sure why this can't be worked around with an update to the Hangouts and Messaging apps themselves, but I'm sure if it were that easy, they'd have done it already.) Meanwhile, protecting yourself from the bug -- code-named "Stagefright," after the Android library it exploits -- is up to you.

Now, I'm not pretending to be a phone security expert. And I'm not speaking for Google here. (I don't get paid anywhere near enough to do that job, thank you.) But I learned that the app TextSecure isn't vulnerable to this bug: it downloads the attacker's file only if you actually tap the attachment to open it, which is as it should be. As a bonus, you can later set up to exchange cryptographically secure messages with other TextSecure users (and with Signal users on iOS), further thwarting the NSA.

So here's what I believe you can do to avoid this bug. The instructions below might vary somewhat by Android version; they work for my phones, but might need some modification for yours. Updates in the comments would be welcome!

First, install TextSecure. You can get it from the Google Play App Store as usual, or from Google's Play Store Web site, which will let you install it on your phone: https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en

Second, make TextSecure your default SMS/MMS app: Settings -> "More ..." -> Default SMS app. Select TextSecure from the popup list.

You are now done. Phew! But read on for how to get bonus points.

For Bonus Points

Before I switched to TextSecure, I figured it was probably also a good idea to disable auto-download of MMS messages in both Hangouts and Messaging, just in case. (You can also do these steps after you've installed TextSecure as above, if you've already done that.)

In Hangouts: 1. Menu (three horizontal bars at upper left) -> Settings. 2. If Hangouts isn't already your SMS app, you need to tap "SMS disabled" and say "Yes"; otherwise, the menu item should already say "SMS enabled" and you can skip this step. 3. Uncheck "Auto retrieve MMS."

In Messaging: 1. Menu (three dots at bottom right) -> Settings. 2. If Messaging isn't already your SMS app, you need to tap "SMS Disabled" and say "Yes"; otherwise, the menu item should already say "SMS Enabled" and you can skip this step. 3. Uncheck "Auto-retrieve."

Crucially, as the last step, switch back to TextSecure as your default SMS app, as described above.

Boy, does this situation suck. It reminds me of the bad old days of Windows viruses ("don't click on that link you got in email!"). The engineering failure behind it isn't as stupid as those were -- it's a somewhat more sophisticated kind of error -- but the end result for users is basically the same.

Oy vey. :-(
A security gap on the most popular smartphone operating system was discovered by security experts in a lab and is so far not widely exploited. It would let malicious code take over a phone instantly.
8
6
Sven G's profile photoScott Lewis's profile photoJason Northrup's profile photolark wwturtlewwinslow's profile photo
24 comments
 
Who knows +peter sodja what we do know is that it was reported some time ago and first made public now so that the users could become aware of the threat.
Add a comment...
 
Yes, this exactly. Trump is the reductio ad absurdum of current GOP politics, so why wouldn't he be popular?
 
If you put a large, brilliantly white ball in a goose's nest, the mother will ignore the rest of her eggs and brood over the new object -- which looks more like an egg to her than an egg actually does. Male jewel beetles will ignore actual females while attempting to mate with the reflective orange bottoms of beer bottles.

A significant portion of the Republican base supports Trump. 

Over the past twenty-five years, conservative media has taken the position that there are no friends to the left, no enemies to the right.  Right-wing positions that were once permissible have become desirable, and finally mandatory. Immigration needs to be cut down? No, immigration needs to be cut off, to prevent a rapacious horde from swarming over our Southern border! Being rich is ethically okay? No, being rich is ethically mandatory! War should be on the table as an option in foreign policy? No, we should be considering nuclear war against the whole Muslim world! Obama is a bad president? No, he's a Kenyan Muslim atheist usurper, a communist fascist, and a weakling tyrant!

To people who have cultivated a taste for this escalating (and basically emotional) right-wing nonsense, Trump is a superstimulus: on every position the right wing supports or admires -- from xenophobic suspicion to rampant inequality to belligerent saber-rattling -- he's turned the dial to eleven and left it there.

So why should we be surprised that he's doing so well in the polls?
On Sunday evening the business mogul wrote an op-ed for USA Today where he touts his record on veterans issues and claims Arizona Republican Senator John McCain has "made America less safe."
210 comments on original post
13
2
Scott “marsroverdriver” Maxwell's profile photoLucas Appelmann's profile photoLex Cameron's profile photoSven G's profile photo
11 comments
 
+Scott Maxwell I was just about to decipher what it was about. Now you ruined it.
Add a comment...
 
So, finding evidence of a continental crust is cool stuff. But I can't get serious enough about the story to write a post because of this quote: "Gale Crater['s] ... layered mountain ... on Earth would be three miles high ...." But on Mars, it's -- wait, what?
8
1
Scott Carpenter's profile photoMatt McIrvin's profile photoMike Brau's profile photoScott Christopher Cox's profile photo
4 comments
 
Appears to be talking Aeolis_Mons, which is.... 3.5 miles tall.

about https://en.wikipedia.org/wiki/Aeolis_Mons
Add a comment...
 
Pluto as seen by Hubble morphs into Pluto as seen by New Horizons. It's as if humanity just got new glasses.
 
Pluto through the eyes of multiple missions

We all know of the profound beauty that the +Hubble Space Telescope​ brings us of deep space. However, Hubble has been used multiple times to observe planetary bodies within our own solar system, including that of #Pluto to even aid the #NewHorizons team.

Below is a comparison between the highest resolution of Pluto taken by Hubble and that of the amazingly close and hi-res image that New Horizons has taken during its approach!

#Space #Astronomy #PlutoFlyBy #Hubble25 #Hubble 
View original post
15
1
Matt McIrvin's profile photoScott Christopher Cox's profile photo
 
Okay, so Hubble was clearly seeing the "heart".

Some amateurs have already been assembling the recent Pluto images into new global maps. I'd been wanting to get around to comparing those to the old occultation maps from the 1980s/90s Pluto-Charon mutual events, and to the Hubble maps, because it's always been difficult for me to reconcile them with each other. The occultation maps always showed this really pronounced dark equatorial band, and the Hubble maps seemed like they had this more diffuse network of bands and splotches.

Part of what was going on may have been that the surface markings were simply changing, via some process involving the atmosphere. But I think the Hubble maps may have also been more sensitive to fainter brightness variations. What we see is that dark band, but also fainter brightness variations away from it.
Add a comment...
 
So this is unfortunate. Happily, though, it's not fatal. The MER rovers were designed to be able to operate in this non-flash mode (to "degrade gracefully" in the face of hardware failures), so it's far from being end-of-mission, as the article is careful to say.

If I correctly remember the story I was told, the non-flash-mode capability was added to allow rover testing before the flash code was fully developed and debugged, then retained because the designers realized how useful it might prove on the surface. Once again, their foresight is validated!

Still, not being able to rely on flash has some downsides not mentioned in the article: crucially, if anything goes wrong on Opportunity between the last comm pass of the sol and rover shutdown, we'll never know about it because any data products that logged the problem will simply be lost at shutdown. It's a little like always having to shut down your computer without saving the last few changes to your documents.

Even so, Opportunity can continue doing science and returning gorgeous pictures of her present home, Endeavour Crater. And we're all grateful for that.

(Oddly, the article's picture is of course of Curiosity, not Opportunity. "Those Mars rovers all look alike to me"?)
NASA's Mars rover Opportunity has been dealing with a nagging flash memory glitch for more than nine months now. The bad news is that the software engineers have been unable to get a handle on the mem
31
5
Markus “markus64at”'s profile photoAlan Boyle's profile photodon gilchrist's profile photoAnthony Zana's profile photo
7 comments
 
+Miney Y.​ The machine it's self.
Add a comment...
 
On July 8 (tomorrow as I post this, but probably today when you read it), if you're around LA and a fan or potential fan of +Marian Call, and/or you're just plain nerdy, stop by and see me and +Kimberly Lichtenberg and a couple of excellent writers hang out with Marian and talk about space and play songs and stuff. I expect this to be ridiculously fun, and it's cheap (only $12). Join us!
feat. Marian Call Seth Boyer Josh Cagan Nicole Dieker Scott Maxwell & Dr. Kimberly Maxwell Join songwriter and hostess Marian Call for songs, stories, and science with The Duff screenwriter Josh A. Cagan, professional internet writer Nicole Dieker, singer-songwriter Seth Boyer, and speci
8
Add a comment...
In his circles
4,129 people
Have him in circles
46,406 people
Roshini Nambiar's profile photo
Jennifer Cunniff's profile photo
Jeremy Canfield's profile photo
Bob Marcavage's profile photo
Richard Thomas's profile photo
Tara Kim's profile photo
Carissa Svedberg's profile photo
Carolyn Madison (TC)'s profile photo
C Narwhal's profile photo
 
"Technology is magic" is a pretty good approximation, most of the time. I'm sure that's one reason that some folks have such a hard time getting past it, and seeing the implications of the fact that it's actually an engineering discipline with unavoidable tradeoffs: the fact that the approximation works most of the time makes it that much harder to notice when it doesn't.

And those same folks really want us engineers to deliver them their magic fairy dust. Which makes it harder still to see the limits of their approximation; after all, who wants to look directly at the fact that they can't have something they desperately want?

This article's author is, of course, exactly right. There's no such thing as a lock that only the good guys can open, and no amount of wishing will make it otherwise.

I see problems with the following solution to the impasse between technologists and lawmakers/enforcers (and, apparently, editorial boards), but it's at least fun to think about. Consider flipping the script. Stop saying "no," start saying "yes." But, crucially, say "yes" this way:

"You have lots of smart engineers in the NSA, and maybe they're better at inventing cryptographic systems than we are. So you have them invent this thing you want, with the proviso that it must be completely open to inspection by everyone, and if we can't find anything wrong with their system, we'll adopt it."

Then, inventing the magic fairy dust becomes the NSA's problem. Since it can't be done, they won't do it. Problem solved.

Well, it's fun to think about.
19
4
Carlisle Childress's profile photoSven G's profile photoGavin Silaski's profile photoIan Petersen's profile photo
8 comments
 
+Sven G some of the buttons in Cologne turn on a "please wait" sign, possibly to provide for the placebo effect, yes.
Add a comment...
 
Increasingly, cars are Internet-connected -- and the car industry knows little about computer security. Worse, the economic incentives are all for adding features, none for tightening security. Predictable consequences ensue.

At least the vulnerabilities in your desktop computer won't generally kill you. These can.
I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.
17
3
Luis Avila's profile photoAmit Kotwal's profile photoTodd Lundstedt's profile photoPierre Gatineau's profile photo
24 comments
 
Unbelievable!
Add a comment...
 
Even better!

Via +Jeff Dean​.
 
We've come a long way in understanding Pluto since its discovery by American astronomer Clyde Tombaugh in 1930. Today, thanks to our New Horizons spacecraft, the dwarf planet is cleared than ever before. http://go.nasa.gov/1Ht2uwj
87 comments on original post
31
4
Ole-Morten Duesund's profile photoMarsha Brown's profile photoKevin Knights's profile photoCarolina Sormani's profile photo
2 comments
 
ti klass
Add a comment...
 
Pluto is the Google Doodle.
16
1
trench coat's profile photoCarolina Sormani's profile photo
 
This is a great doddle. Caught it earlier.

Over the past few days I saw an image floating around which depicted the circumference of Pluto to be "smaller" or roughly "the same size" as The U.S.. Forgetting that using a Mercator Projection as a reference point seemed silly, it made me curious as to the size comparisons of our moon and Pluto.

Seems like this is a decent point of reference: http://spaceplace.nasa.gov/review/ice-dwarf/all_dwarfs-lrg.png

Kinda surprised me though.

A) I didn't know Pluto was smaller than our moon.

B) I've never heard of Makemake.

#Pluto #NASA
Add a comment...
 
WARNING: You're about to lose your entire life to JPL's really well-done MarsTrek, a "Google Earth for Mars." (Not to be confused, I suppose, with the actual Google Earth for Mars here: http://www.google.com/earth/explore/showcase/mars.html.) I'm glad they waited until after my wedding to release this ....
Mars Trek is a NASA web-based portal for exploration of Mars. This portal showcases data collected by NASA at various landing sites and features an easy-to-use browsing tool that provides layering and viewing of high resolution data.
15
3
Franc Schiphorst's profile photoDoug Peterson (KD0TFP)'s profile photoScott Christopher Cox's profile photoChris Samuel's profile photo
 
Where is the drive curiosity option? 

Probably a premium subscription option ;)
Add a comment...
 
Oh, man, the memories this brings back: 11 years of Opportunity in eight minutes, as seen through her own eyes. This especially affects me since, as a rover driver, the HAZCAMs -- the hazard-avoidance cameras used to take the images in this video -- were often my primary window onto Mars.

I can still quite vividly remember watching the 90-sol versions of this video. Just when we'd completed the three-month nominal mission on Spirit, Justin Maki put together a minute-long video of all of Spirit's HAZCAM images so far, and he shortly afterward did the same for Opportunity.

Now it's 11 years later, and one of those rovers is still going strong. And still reminding us what it's like to almost literally have a window to another world, continually open for anyone on this planet who cares to look through.
33
4
Chad Watson's profile photoDoug Peterson (KD0TFP)'s profile photoGary Gonnella's profile photoMatthew Barnes's profile photo
8 comments
 
+ChrisPye999 There is suggestion that there is something corrosive about the Martian soil. That with the extreme cold and dryness and length of time, I'm not sure "every tire on this planet could do that."
Add a comment...
People
In his circles
4,129 people
Have him in circles
46,406 people
Roshini Nambiar's profile photo
Jennifer Cunniff's profile photo
Jeremy Canfield's profile photo
Bob Marcavage's profile photo
Richard Thomas's profile photo
Tara Kim's profile photo
Carissa Svedberg's profile photo
Carolyn Madison (TC)'s profile photo
C Narwhal's profile photo
Work
Occupation
Site Reliability Engineer
Employment
  • Google
    Site Reliability Engineer, 2013 - present
  • JPL
    Mars Rover Driver Team Lead, 2013
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Pasadena, CA
Previously
Rocky Mount, NC - Seminole, FL - Greenville, NC - Champaign, IL
Story
Tagline
I'm a pretty big wheel down at the cracker factory.
Introduction
On a small red light in the night sky lives four hundred pounds of thinking metal sent from Earth.  Once upon a time, I told that metal what to do.

(Disclaimer: my opinions are mine, not my employer's.  Duh. :-)
Bragging rights
I fought cancer and won. I had a robot on another planet, and I drove it around and made it do stuff. I was a trending topic on Twitter. I wrote a book. I took a privacy case all the way to the Supreme Court. Now I keep Google up and running. But I'm just this guy, you know?
Education
  • University of Illinois at Urbana-Champaign
    Computer Science
Basic Information
Gender
Male
Other names
@marsroverdriver on Twitter
Roberto is one of my favorite artists. We have two of his pieces hanging in our home, soon to be joined by a third (my wedding gift to my new wife!).
Public - 2 weeks ago
reviewed 2 weeks ago
Vroman's is my favorite bookstore of all time. Great selection, friendly and helpful staff, wonderful events, and upstairs is a terrific kids' section, greeting cards, and more. They'll even gift-wrap your purchases for free, which has been handy a number of times!
Public - 2 weeks ago
reviewed 2 weeks ago
Public - 2 weeks ago
reviewed 2 weeks ago
I love this place. The staff makes me feel like part of the family, and in a part of the world crowded with Thai restaurants, Min's stands out among the best.
Public - a year ago
reviewed a year ago
7 reviews
Map
Map
Map
When you want this kind of food, In-N-Out does it better than anyone. And I've never had a single bad experience with an employee.
Public - 2 weeks ago
reviewed 2 weeks ago
Great food; great drinks; terrific wait staff. This is one of my girlfriend's and my favorite places.
Public - a year ago
reviewed a year ago