Angelesen #62

Rushing this one out somehow – A few links assorted. Makes me think if WhatsApp should be abandoned completely even though it is still a very strong ecosystem. But the need of trying to convince people to move to another messenger is just another pain in the behind.

Apollo 11 vs USB-C Chargers (forrestheller.com)

The most powerful CPU in the table is from the Anker PowerPort Atom PD 2 (CYPD4225). Compared with the Apollo 11 Guidance Computer it runs at ~48 times the clock speed with 1.8x the program space

Interesting what we got in terms of computing power in the small USB-C Powerbricks these days.

Boeing 737 Max: New Software Problem Discovered on Grounded Plane (bloomberg.com)

Boeing Co. has discovered a new software problem on the grounded 737 Max, but the company said the flaw won’t set back the goal of returning the plane to service in mid-2020.

It’s still a software project innit?

Wacom drawing tablets track the name of every application that you open (robertheaton.com)

What requires more explanation is why Wacom think it’s acceptable to record every time I open a new application, including the time, a string that presumably uniquely identifies me, and the application’s name.

What the actual…

Critical Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access (perimeterx.com)

Whatsapp I: …

🎥 “Wir müssen reden!”: Was die Influencer JANAklar und Lisa Sophie ins Burnout getrieben hat (youtube.com)

Interessante Doku über das Youtuber/Influencer leben.

🎥 Wikkelhouse: pick your modular segments & click them together (youtube.com)

Lovely module-based building. The Channel of Kirsten Dirksen has a ton of videos with very interesting buildings and living concepts.

Microsoft Teams has been down this morning (techcrunch.com)

We’ve determined that an authentication certificate has expired causing, users to have issues using the service. We’re developing a fix to apply a new certificate to the service which will remediate impact. Further updates can be found under TM202916 in the admin center.

We’re all cooking with water it seems

TeamViewer – WhyNotSecurity (whynotsecurity.com)

TL;DR: TeamViewer stored user passwords encrypted with AES-128-CBC with they key of 0602000000a400005253413100040000 and iv of 0100010067244F436E6762F25EA8D704 in the Windows registry. If the password is reused anywhere, privilege escalation is possible. If you do not have RDP rights to machine but TeamViewer is installed, you can use TeamViewer to remote in. TeamViewer also lets you copy data or schedule tasks to run through their Service, which runs as NT AUTHORITY\SYSTEM, so a low privilege user can immediately go to SYSTEM with a .bat file. This was assigned CVE-2019-18988.

Yay!

99 second hand smartphones are transported in a handcart to generate virtual traffic jam (simonweckert.com)

" 99 second hand smartphones are transported in a handcart to generate virtual traffic jam in Google Maps.Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route to avoid being stuck in traffic. " #googlemapshacks

Everyone knows it by know and if not, now you know!

Why Using WhatsApp Is Dangerous (telegra.ph)

Last week it became clear that this backdoor had been exploited to extract private communications and photos of Jeff Bezos – the richest person on the planet – who unfortunately relied on WhatsApp [3]. Since the attack seemed to originate from a foreign government, it is likely that countless other business and government leaders have been targeted [4].

Whatsapp II – The most complete Article so far with tons of additional sources

Cost of a 51% Attack for Different Cryptocurrencies (crypto51.app)

This is a collection of coins and the theoretical cost of a 51% attack on each network.

51% Attacks are getting cheap!

Technical Report of the Bezos Phone Hack (schneier.com)

"The amount of data being transmitted out of Bezos’ phone changed dramatically after receiving the WhatsApp video file and never returned to baseline. Following execution of the encrypted downloader sent from MBS’ account, egress on the device immediately jumped by approximately 29,000 percent," it notes. "Forensic artifacts show that in the six (6) months prior to receiving the WhatsApp video, Bezos’ phone had an average of 430KB of egress per day, fairly typical of an iPhone. Within hours of the WhatsApp video, egress jumped to 126MB. The phone maintained an unusually high average of 101MB of egress data per day for months thereafter, including many massive and highly atypical spikes of egress data."

Whatsapp III: Interesting things about the Whatsapp Hack based on the egress data

Historisches Urteil: 6-0 für die Klimajugend gegen die CS (nzz.ch)

Das Urteil kann an die nächste Instanz weitergezogen werden. Doch es ist schon jetzt historisch: Zum ersten Mal seit dem Aufkommen der Klimabewegung gibt ein Schweizer Gericht Aktivisten recht. Angesichts der Dringlichkeit der Situation wird ziviler Ungehorsam ausdrücklich nicht mehr als unzulässiges Mittel erachtet, um auf die Klimakrise aufmerksam zu machen. Die Anwälte übertreiben deshalb wohl nicht, wenn sie sagen, dass das Urteil Signalwirkung haben dürfte und der Tag «in die Geschichtsbücher der Schweizer Rechtsprechung» eingehen wird.

So. much. win!

One reply on “Angelesen #62”

Comments are closed.