Intel’s Remote AMT Privilege Escalation

If anybody asks why backdoors are a bad idea, mention Intel’s AMT. Well-intentioned, but as with all such systems, eventually succumbs to being hijacked for nefarious purposes. AMT is incredibly powerful, offering much more control over the target machine, not requiring any software, rootkits, authentication nor even an IP address. Being that AMT is implemented at a BIOS level, and the vast majority of motherboard … Continue reading Intel’s Remote AMT Privilege Escalation

Android apps, IMEIs and privacy

The unique phone ID (IMEI), and less importantly, Android ID and carrier information can be obtained by apps without any permission requests. Like internet access, it’s provided by default. As the article mentions, some of it can be mitigated in 6.0+, but ideally, you should be spoofing your IDs using XPrivacy or similar. “The downside of using a device-level ID is, well, whoever has that … Continue reading Android apps, IMEIs and privacy

How connected car tech is eroding personal privacy

Two things come to mind: Firstly, people who run full Facebook or Google services on their phones, which collect far more information and in more detail, even outside the car. Secondly, hang onto your ‘dumb’ car for as long as possible. “Beyond the actuators, there’s data collection going on in the OnStar and Car-Net-like systems as well. These devices have microphones and video cameras. The … Continue reading How connected car tech is eroding personal privacy

Explained: Android Nougat File-Based Encryption

The difference between full-device encryption (Marshmallow and prior) and file-based encryption (Nougat and above). It addresses many of the shortcomings of FDE, allowing for far more convenient decryption. “When you power on an FBE-configured device, it starts up in a secured Direct Boot mode with access to only the DE storage (the utility closet). Direct Boot allows many of Android’s core processes to start up, … Continue reading Explained: Android Nougat File-Based Encryption

Overview of the VP9 video codec

VP9 isn’t as widespread as H.264, but it performs equally well, even better in some circumstances. Most media players are incorporating H.265 (HEVC) hardware decode already, though. “That new television that you’ve been dreaming of buying – with that fancy marketing term, UHD (ultra high-definition). In numbers, this is 3840×2160 pixels at 60 fps. Let’s assume it’s HDR, so 10 bits/component, at YUV-4:2:0 chroma subsampling. … Continue reading Overview of the VP9 video codec

Admiral to price car insurance based on Facebook posts

If only there was some huge database filled with every detail of a person’s life, their constant locations, selfies, contact lists, history of behaviour, audio recordings, purchase history, secrets and all that. Then if only that company was willing to sell their users out en masse for cents on the dollar. “The scheme is based around algorithms that have been developed by Admiral. The technology … Continue reading Admiral to price car insurance based on Facebook posts