Recent Comments

Or, to save the USD 30, just re-purpose a little of the tinfoil from your hat...

Guys, you can solve the problem with a keyless entry fob faraday cage from Fob Guard. It's small, light, durable, and fits in your jeans. It's made in the USA, from materials all developed and sourced in the USA. Sorry to be a bit spammy here but I hope that this is exactly what some pipedot members will find useful to protect themselves from this kind of hacking. Cheers!

Agreed. Not interested in owning anything from that company (OS, system, or games), and they've done bad things themselves, but I'd have to say they are in the right with this move. If you agree to test with the understanding that you can't reveal secrets, then leak, you screwed up. There are consequences, and in this case your system and accounts are hosed.

Additionally, Microsoft has taken matters in to its own hands, removing access to their consoles entirely. Microsoft permanently disabled their Xbox LIVE accounts (as well as other suspected accounts present on their Xbox One kits) and temporarily blocked all of their Xbox One privileges - meaning that for a period of time which Microsoft decides on depending on the severity of the offense, their Xbox One is entirely unusable.

If this was a retail unit then it is an overreach. But if "kit" refers to a dev/debug kit, then I can see how an NDA violation would get their access cut.

150 Million is enough to catch any businesses attention, 150 Billion can't be covered without destroying any business I know of, including big oil and Apple.

The goal - they're going to have to justify a lack of 150 Million in value to their stock holders.Start threatening Sprint with having to explain their spastic coverage and Verizon with their data-caps that keep subscribers away in the package and everything should be good.

if you want a punishment to have a lasting effect, you have to actually charge people with a crime. start putting executives in jail and you might see companies stop trying to pull this crap. short of that, the fine has to be crushing. seriously, $150M is written off as a cost of business expense. hit them with a $150B fine and you will get real change.

Yeah, I doubt its that easy. RF is fun and easy to manipulate like this. Its pringle cans all over again.

I actually discussed this last January with a dealer. He thought I was nuts. I insisted on a real key. No auto unlock by proximity feature.

What a waste

I moved telco a few years back for mobile phone only. New telco was all good and there were no issues. Old telco kept sending bills. A year after disconnecting I gathered up notes from several phone calls and emails pointing out that the account had been *disconnected*, typed up a letter threatening legal action for wasting my time with a cease and desist demand for them to stop billing me for mobile charges on a closed account. It worked. Eventually. I have no idea what was wrong with their system other than it was capable of adding charges to a closed account.

The repeater might also have a more sensitive antennae to listen for the signal emanating from the key fob in your house. It may even involve a directional antennae for even more distance but the thief has to point in the general direction where he thinks the key fob is.

If you build a wifi cantennae you don't need one on both ends... one will do. So standing close to the car and aiming a cantennae or yagi around is all it would take.

I don't assume. I ask. I would like to know more about the specifics... but not in the article. Yes, I can believe that the added functionality sends with the same power than all the other signals. In hindsight this is stupid, but as it is said: Hindsight is 20:20. At least it should be easy to fix... just limit the damn key to 30cm, too.

Btw... one of the reasons why I always refused security related projects. :-D

There's an assumption here that the key fob only has a range of 30cm - are we sure that's the case? I don't have one of these specific systems, but I do have a remote fob for my car and it's good for tens of meters (I've not tried to establish the max range), which is mostly intended for stuff like turning on the AC to start to cool a hot car. Perhaps the system works by having the same type of fob with the added functionality of a receiver - when it receives the weak signal from the car, perhaps it just sends the regular high powered "open door" signal in response. You might still need a high powered receiver to pick up and boost the fob signal if it's far away, but it does resolve the 30cm:30cm problem.

Didn't you read my post? Apparently not. I have no problems with the device being bidirectional. But a repeater cannot repeat what it cannot receive. The thieve stands with the amplifier by the car. The cars sends its request. According to the article this signal it is so weak that it can only be received by the key when the key is in 30cm distance. The amplifier boosts this signal so it can be received by the key in 100m distance. Fine. The key might happily answer.... 100m away. But what good is this, when the key signal is also so weak that it can only be received in 30cm distance?If the key signal is too weak to reach the amplifier, it cannot be amplified. Bidirectional or not. Is this so hard to understand?

If the key has a reach of 30cm and the car has a reach of 30 cm... where do you place the amplifier that it can amplify both signals? Either the answer signal from the key is by far stronger than that of the car. Why? Or the amplifier is much more sensitive and can receive the car and/or key signal over a much larger distance than the key can, but this is info missing in the article.

The device is bidirectional. It catches the reponse from the key then passes it to the car. Think wireless repeater.

The key responds to the amplified "Key where are you?" signal with its usual "Itsa me, the key!" signal, et voila, the car is unlocked.

Yes, of course... But the car has the megaphone, not the key. The key might answer "Itsa me, the key!", but why can it be heard of such a distance?

The idea that the key is constantly generating a signal is a little difficult to believe - receiving signals is cheap, battery-wise, but sending would surely wear that sucker out in a year or less. More likely it only 'wakes' when it detects a ping from the car that passes whatever authentication it has built in, probably with some form of RFID passive receiver. Thus the car is doing the generating, and the thieves have access to the car because it's parked on the street or in a driveway.

The scenario goes something like this. The thief pulls up to the sidewalk in getaway car and hits the button. The amplifier amplifies the signal the car is constantly sending to the key. The key responds to the amplified "Key where are you?" signal with its usual "Itsa me, the key!" signal, et voila, the car is unlocked.

Surely it wouldn't be that easy, but the evidence seems to suggest it is. There seems to be no validation beyond sign and countersign. Maybe they'll patch that up by adding more tests to the car's routine, but the key is probably always going to be a dumb device (unless they make it a smartphone app) due to battery life.

Sure, the amplifiers are bi-directional, but even such amplifiers have limits. If the normals distance is 30cm, you go within the 30cm range of the car and maybe amplify it to 100m. No problem. This I understood. But an amplifier can only boost what is receives. How far are key/car usually apart. when the car is parked and the owner at home? 20m? 40m? You say there is no way to limit a radio signal to a specific range. Of course not. But when the strength of the key signal is too weak to be detected by the amplifier in 1m distance, it effectively is limited. So, why is the signal strength of the key so strong, that the amplifier can receive and amplify its answer over such a large distance?

No doubt the signal boosters/amplifiers in question are bi-directional.

There is no way for a radio signal to be limited to any specific range. The typical working distance is based on the common antenna configuration(s). Using a highly directional (high gain) antenna, you can reach a signal from many times further away than it was ever designed for. For example, how many people are stealing distant neighbor's WiFi, thanks to a Pringles cantenna, or similar?

Ok, the car sends constantly some kind of 'hello' signal. Usually it has a reach of 30cm. Fine. The amplifier increases signal tremendously... understood. But now the key has to 'answer'. And its signal is not amplifies. So how far away its signal can be detected by the car? And where is the problem to limit this reach to perhaps 1m? Then the thieves you need two amplifier... And a way to get close to the key without the owner noticing it.

Anyone else wondering if scientists look to video games for inspiration for new technology?

Great tool for emergency responders.

Any bets if SWAT teams already have these, to see where people are inside buildings?

I look forward to the day where every emergency response department has several of these. If they had had more than a couple, how many more lives could have been saved?

I stand corrected :)

It probably depends of your country. Where I live, 2nd class is plenty of comfort for me; except in one case: the plane-on-rails, aka TGV, whose nickname is accurate in that its 2nd class really lacks space, as in planes. Well, to be honest, not as much as in planes, but it is the only category of trains for which I consider looking for 1st class tickets (the price difference between classes is generally much smaller than in planes).

But for planes, yes, please just sedate me. Nevertheless, if I have friends who might enjoy the body cavity search, as far as I am concerned, I would rather avoid it.

So long as there are humans our good and bad nature will follow. Perhaps on a new planet we have a chance to be part of one global state instead of multiple states.

That said, there will still be groups and subcultures out to dominate others. Perhaps the question would better be: How do we form a society where we can all live together in peace?

I'd say the same thing about traveling by passenger train, instead of flying.

The trouble with flying business or first class is that you can never forget it. Coach class sucks.

If I could be tranquilized, for free, for the entire flight, I might fly more often. The movies, snacks, etc. are just a distraction from how horrible being stuffed like sardines into a flying can for several hours really is.

I've flown first class once, and it was brilliant. If I were rich, I'd take that route every time. Until then, sign me up for the tranquilizers.

we're getting to the point where cargo of any sort, not just dangerous cargo, is going to simply have to go on a dedicated flight rather than on a flight with passengers. And for that matter, we're not far away from the point where you are going to go the airport, have a full body cavity search, step into a hospital gown, and be tranquilized into a light stupor before the plane takes off. Only way to thwart those terrorists, and as a happy side effect, nearly-comotose people don't need to watch movies, make filthy messes of the bathroom, or demand snacks and drinks. Win-win!

14.1 shipped with 4.10.5, but Slackware-current has 4.14.3. It seems AlienBob is packaging KDE5, but is not pushing it to -current yet.

As a side note, Slackware was one of the first to get a Trinity Desktop package, but it seems no one has been packaging the newer releases.

I run Slackware 14.0 (the one before the latest) and it provides KDE4, not KDE3. In my experience Slackware doesn't generally prefer older software. In fact, it's usually very up to date.

Just thought about the fact that Slackware uses older/stable software. KDE 3.x definitely did not use systemd. Forgive me :

Hasn't KDE already been sucked in requiring systemd dependency?

Thank you!

Got it. Here's a quote from about halfway down this interview: http://www.linuxquestions.org/questions/interviews-28/interview-with-patrick-volkerding-of-slackware-949029/

LQ) Right now, there are a number of potentially intrusive technical changes coming to some of the major distributions. How do you feel some of these will impact Linux in general and Slackware specifically? Are there any you would considering merging into Slackware? (55020 & tuxrules)

volkerdi) Yeah, I see a few things coming down the line that may cause a shakeup to our usual way of doing things, and could force Slackware to become, well, perhaps less UNIX-like. I guess the two big ones that are on the horizon are Wayland and systemd. Whether we end up using them or not remains to be seen. It's quite possible that we won't end up having a choice in the matter depending on how development that's out of our hands goes. It's hard to say whether moving to these technologies would be a good thing for Slackware overall. Concerning systemd, I do like the idea of a faster boot time (obviously), but I also like controlling the startup of the system with shell scripts that are readable, and I'm guessing that's what most Slackware users prefer too. I don't spend all day rebooting my machine, and having looked at systemd config files it seems to me a very foreign way of controlling a system to me, and attempting to control services, sockets, devices, mounts, etc., all within one daemon flies in the face of the UNIX concept of doing one thing and doing it well. To the typical end user, if this results in a faster boot then mission accomplished. With udev being phased out in favor of systemd performing those tasks we'll have to make the decision at some point between whether we want to try to maintain udev ourselves, have systemd replace just udev's functions, or if we want the whole kit and caboodle. Wayland, by comparison, seems fairly innocuous, assuming that they'll be able to implement network transparency either directly or through some kind of add-on compatibility layer. Again, another thing that most desktop users don't have a lot of use for but many users can't do without. I like X11, and would probably stick with it if moving to Wayland meant losing that feature, even if Wayland's rendering method carried with it some benefits like reduced rendering artifacts or increased video performance. I guess we'll just have to see what the overall benefit is when it's far enough along to make such comparisons.

I can't find anything exact, but these seem to be useful:
http://www.linuxquestions.org/questions/slackware-14/the-mass-exodus-if-slackware-uses-systemd-4175523380/
http://www.linuxuser.co.uk/features/systemd-for-better-or-worse

Slackware, through Pat, has stated that they will hold out until it is no longer feasible

Do you have a link for this?

I did that with the very cheap combination (and bike) locks myself, but it didn't work with master locks... The later would lock the dial and not allow turning it while there was any pressure on the latch/shackle. I guess they've changed that design in the decade since I last bought one.

Not to say that they're very good... The latch (was?) only spring-loaded, so that they could be closed without putting in the combination, which means either shims or one good swing with a hammer and the shackle would dutifully pop-free. That experience is why I NEVER consider ever using combination locks; I can carry a key around just fine, thanks.

As long as they keep it simple, Slackware is remarkably easy to modify and customize. ConnochaetOS appears to be using the FreeSlack listing to blacklist the non-Free software that ships in Slackware. I have not tried it out yet and so I do not know if there are any other changes at this point, but FreeSlack was straightforward to setup. This should be maintainable by just a few people.

The maintainer did state on their forum that the primary reason for resuming is because of systemd frustration. Slackware, through Pat, has stated that they will hold out until it is no longer feasible; probably until KDE adds it as a dependency.

As for pronunciation, how's your Greek?

You can get your fix if you check out the distro's web page, which states Technically ConnochaetOS follows the KISS principle (which means no systemd, for example). It is build on top of the GNU/linux distributions Slackware and Salix OS.

I'm curious, but leery. Slackware takes some learning, and this appears to be a one-person distro, which is hard to pull off effectively. I'm willing to give it a try though - I agree we need a replacement for init, but definitely am adverse to systemd (and the team pushing it).

So, how the hell do you pronounce this moustachioed distribution?

My guess, based on vague memories of looking inside new and old Master locks (old from ~40 years ago, like you) is that it's even easier now--due to cost reductions. For example, what used to be machined from a block of steel, is now made from stamped out plates that are stacked up.

When the user can feel the innards working, the user can figure out where to stop dialing. I didn't realise there was a specific procedure, but when I was a kid I'd snag "lost combination" locks from the trash and work it out by feel. Mind you this was 40 years ago. Apparently combination locks haven't changed much.

....not a single mention of systemd. ;-)

They are both tainted at this point.

So I confess to being a naive user of Master Lock combo locks at the gym for years now without knowing how weak their protection actually is. I would like to know what a slightly more challenging alternative would be for a replacement? I've seen the recommendation for an American 1105? Any others?

This explains a lot with my experiences with Enlightenment. Every year or so I install it and use it as my day-to-day DE until some minor annoyance sends me back to Fluxbox or something new to try. Never use the bleeding edge/development version though, nor do I follow it so I was confused by the sudden pace of release numbers.

Bodhi was a nice distro last time I tried it, but hopefully Moksha will be separate enough that others will package it up like the nice SlackE17 I currently use.

Really, similar methods have been around for years. This is just the streamlined web 2.0 version. Just don't be the easiest or best looking target in the locker room and you'll be fine.

So, this seems like the end of cheap gym locker locks.
Maybe it makes more sense to have one or two secure zipper pockets built into workout clothes and keep valuables on your person? They could be sport specific...padded/reinforced phone pockets in different places so they don't get smashed, etc.

LOVE the name "hyperkitty." It works on so many levels. I look forward to reading hyperkitty archives using "mutt." Just because life is awesome.