You can install ransomware on a Samsung Galaxy by sending it an SMS

Back in 1994-2004, I worked at the wireless phone company that eventually became AT&T wireless. I was an expert at the WAP protocols, and was often called in whenever any model cell phone was having trouble with our phone network, to figure out who was to blame (and it was nearly always a bug in the phones software, they just required proof).

Who could have known, back in 1999 when we released the first version of WAP, that an old WAP issue would re-appear in 2017? As soon as cellular networks were fast enough, we abandoned the WAP walled gardens, and used regular browsers and mobile websites. I seriously haven’t heard anyone refer to WAP since I left in 2004.

You can install ransomware on a Samsung Galaxy by sending it an SMS

Source: You can install ransomware on a Samsung Galaxy by sending it an SMS

Peanut is kind of a bully!

Yesterday, I witnessed Peanut chase Squeak around and out of the room. Peanut was definitely the aggressor.

Then, today, all three boys are sleeping on the bed together in the spare bedroom. Not touching, but pretty close together. Who knows what Squeak says to the other boys. Maybe he’s sarcastic.

Jinx appears to be aware that he is the heaviest cat in the house, and has been confronting Squeak, and forcing him into rough play.

Source: Jinx is kind of a bully! – Whistl

Criminal Justice Resources: The Top 50 Strangest Laws

I hadn’t noticed, but yeah.

Laws are designed to keep people safe and ensure that order is maintained in a society. There are federal laws, which apply to the entire United States, and there are also state by state laws, which only apply to the residents of that particular state, or to visitors of the state. Some state laws, however, …

Source: Criminal Justice Resources: The Top 50 Strangest Laws

In Response to Guardian’s Irresponsible Reporting on WhatsApp: A Plea for Responsible and Contextualized Reporting on User Security | technosociology

I’ll bet The Guardian regrets using the term “backdoor” now. What a difference it would have been if they had simply called it a “weakness” instead. They did find a weakness I am concerned about.

The key change notification feature default of off is a reasonable default considering the anticipated understanding of security that the majority of people using this app. It’s not hard to enable it, and I recommend everyone do that, and question any unexplained key changes.

The completely separate issue regarding how the whatsapp app automatic re-encodes and retransmits any not-yet-confirmed messages when one endpoint starts using a new key. This is not good. In other words, it’s possible for other people to intercept a tiny fragment of your conversation. This is true even if you have key change alerts on, it only alerts you AFTER resending that last message or two.

Privacy requires a level of trust in the technology, but it’s not magic. I think the key change alert feature ought to be expanded to mean more, that it won’t TOLERATE a key change without you knowing about it. Make it a big popup alert, not a tiny highlighted inline message that could be too easily misunderstood or ignored.

Source: In Response to Guardian’s Irresponsible Reporting on WhatsApp: A Plea for Responsible and Contextualized Reporting on User Security | technosociology