close
    • chevron_right

      Connected cars are a “privacy nightmare,” Mozilla Foundation says

      news.movim.eu / ArsTechnica · Wednesday, 6 September, 2023 - 15:41

    the interior of a car with a lot of networking icons overlayed on the image

    Enlarge / Your car's maker can collect data on you from many different sources. (credit: Getty Images)

    Today, the Mozilla Foundation published its analysis of how well automakers handle the privacy of data collected by their connected cars, and the results will be unlikely to surprise any regular reader of Ars Technica. The researchers were horrified by their findings , stating that "cars are the worst product category we have ever reviewed for privacy."

    Mozilla looked at 25 car brands and found that all of them collected too much personal data, and from multiple sources—monitoring not just which buttons you push or what you do in any of the infotainment system's apps but also data from other sources like satellite radio or third-party maps. Or even when you connect your phone—remember that prompt asking you if you wanted to share all your contacts and notes with your car when you connected it via Bluetooth?

    While some gathered data seems innocuous or even helpful—feedback to improve cabin ergonomics and UIs, for example—some data is decidedly not.

    Read 10 remaining paragraphs | Comments

    • chevron_right

      iPhone Malware that Operates Even When the Phone Is Turned Off

      news.movim.eu / Schneier · Tuesday, 17 May, 2022 - 20:59

    Researchers have demonstrated iPhone malware that works even when the phone is fully shut down.

    t turns out that the iPhone’s Bluetooth chip­ — which is key to making features like Find My work­ — has no mechanism for digitally signing or even encrypting the firmware it runs. Academics at Germany’s Technical University of Darmstadt figured out how to exploit this lack of hardening to run malicious firmware that allows the attacker to track the phone’s location or run new features when the device is turned off.

    […]

    The research is the first — or at least among the first — to study the risk posed by chips running in low-power mode. Not to be confused with iOS’s low-power mode for conserving battery life, the low-power mode (LPM) in this research allows chips responsible for near-field communication, ultra wideband, and Bluetooth to run in a special mode that can remain on for 24 hours after a device is turned off.

    The research is fascinating, but the attack isn’t really feasible. It requires a jailbroken phone, which is hard to pull off in an adversarial setting.

    Slashdot thread .

    • chevron_right

      Comment partager la connexion Internet 4G d’un smartphone

      Julien Lausson · news.movim.eu / Numerama · Saturday, 23 January, 2021 - 07:01

    Wi-Fi smartphone

    Le partage de connexion sur le Samsung Galaxy, l'iPhone ou n'importe quel smartphone est très facile à mettre en place. La manipulation fonctionne sur Android et iOS. Pour connecter un PC à son smartphone, il faut passer par le mode modem et partager la connexion 4G ou 5G pour faire passer les données mobiles en Wi-Fi. [Lire la suite]

    Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//

    L'article Comment partager la connexion Internet 4G d’un smartphone est apparu en premier sur Numerama .

    • chevron_right

      Quels sont les meilleurs casques sans fil à réduction de bruit active à acheter à Noël ?

      Julien Cadot · news.movim.eu / Numerama · Monday, 7 December, 2020 - 16:08

    Vous avez peut-être attendu Noël pour offrir ou vous faire offrir un casque audio de qualité. Aujourd'hui, deux fonctionnalités sont essentielles pour faire le bon choix : le produit doit être sans fil et pourvu de la réduction de bruit active. Pour vous aider à y voir plus clair au sein d'une offre variée, on vous propose une sélection de références testées et approuvées de casques sans fil à réduction de bruit active. [Lire la suite]

    Voitures, vélos, scooters... : la mobilité de demain se lit sur Vroom ! https://www.numerama.com/vroom/vroom//

    L'article Quels sont les meilleurs casques sans fil à réduction de bruit active à acheter à Noël ? est apparu en premier sur Numerama .

    • chevron_right

      Google and Intel warn of high-severity Bluetooth security bug in Linux

      Dan Goodin · news.movim.eu / ArsTechnica · Wednesday, 14 October, 2020 - 21:09

    Stylized image of a floating padlock.

    Enlarge (credit: Getty Images )

    Google and Intel are warning of a high-severity Bluetooth flaw in all but the most recent version of the Linux Kernel. While a Google researcher said the bug allows seamless code execution by attackers within Bluetooth range, Intel is characterizing the flaw as providing an escalation of privileges or the disclosure of information.

    The flaw resides in BlueZ, the software stack that by default implements all Bluetooth core protocols and layers for Linux. Besides Linux laptops, it's used in many consumer or industrial Internet-of-things devices. It works with Linux versions 2.4.6 and later.

    In search of details

    So far, little is known about BleedingTooth, the name given by Google engineer Andy Nguyen, who said that a blog post will be published “soon.” A Twitter thread and a YouTube video provide the most detail and give the impression that the bug provides a reliable way for nearby attackers to execute malicious code of their choice on vulnerable Linux devices that use BlueZ for Bluetooth.

    Read 10 remaining paragraphs | Comments

    index?i=_8Xzce_mh04:iljKt33_5to:V_sGLiPBpWUindex?i=_8Xzce_mh04:iljKt33_5to:F7zBnMyn0Loindex?d=qj6IDK7rITsindex?d=yIl2AUoC8zA
    • chevron_right

      Des chercheurs découvrent une vulnérabilité Bluetooth qui touche des milliards d'appareils

      Julien Cadot · news.movim.eu / Numerama · Wednesday, 16 September, 2020 - 10:47

    Habituellement, les recherches sur le Bluetooth portent sur la phase d'association entre deux appareils. Mais une équipe de Purdue a découvert que ce mode de communication pouvait être attaqué à chaque reconnexion entre deux appareils. De quoi offrir des dizaines d'opportunités d'attaque par jour contre des milliards d'appareils. [Lire la suite]

    Abonnez-vous à notre chaîne YouTube pour ne manquer aucune vidéo !

    L'article Des chercheurs découvrent une vulnérabilité Bluetooth qui touche des milliards d’appareils est apparu en premier sur Numerama .