Posts by Jamie Jones 4302 publicly visible posts • joined 14 Jun 2007
Unfortunately yes. Fuck Huawei for their attempt at "if it looks like an iPhone, quacks like an iPhone, then it must be an iPhone" with the plebs.
Thanks for the reply. That's actually good news, for 2 reasons:
1) I'm not imagining things in some sort of anti-apple psychosis.
2) I should be able to put stock android on there.
Cheers!
the ad companies have been taking the piss - in order to be able to extract more money from you, they gather all sort of shit."The ad companies do not extract more money from you, at least not directly.
Yeah, it was just a bad use of words. I meant as in extract as much value from you to be able to sell on - not extracting money from you.
@TheVogon - apps can be installed from outside the playstore anyway - nothing to do with rooting. It's a weird concept, I know, but you are actually allowed to install the software you choose on the device you paid for!
@Charles9 - 'rooting' doesn't mean allowing any old thing to grab root access. I have "root" on my devices at a unix level. No apps can access that, just like no users can access root on every other unix system out there with "root ability" (i.e. all of them)
Even the most "consumer" rooting software won't allow an app to access root unless it's specifically granted.... (Yeah, yeah, I know some people click "yes" to everything without reading, but they are the sort of people who'd give their pin over the phone when "their bank" called them.)
I assume you're either trolling, or very stupid - either of which means a detailed reply would be wasted on you.
However, one thing which you may agree with is that it's been known that "tracking" has taken place for years, and people have largely accepted it, for the purpose of targetted ads etc.
What people are now waking up to is that the ad companies have been taking the piss - in order to be able to extract more money from you, they gather all sort of shit.
I've proof that at least some, if not many, will:
1) Grab your unique id, and location, even if you've disabled it (your mac can ne used as a unique id, and your wireless routers mac can be used to locate you, and these can be retrieved on android without any special privileges [up to 5.0 at least] ... despite what google says)
2) Your real name, date of birth [ so much for anonymous! ]
3) A list of all your installed apps. (Do you really want everyone to know you use Grindr, if you are in the closet?)
4) It goes without saying: device model, android version, linux kernel version, patch level, patch date, build date. (why does an ad company need to know when your kernel was patched?)
.. and generally, just about anything and EVERYTHING they can. Just look at their websites - to compete with each other, they openly brag about all the data they retrieve from you.
Finally, even if you don't mind *anyone* knowing who you are, where you live, and the fact you play candy crush, buy online from womens clothes stores, and read "The Sun", most peoples response would be "why the fuck is it any of their business?" - hence the reaction you see now. They brought it on themselves.
Given how the banks and other financial institutions have caught on
I wouldn't use the phrase "caught on". Whilst I appreciate some people will root their phone because any old app tells them to, and are clueless (On one rooting program, some "security focused individual" *cough* commented that the program must be dodgy because "why the hell would it require camera access to run"? Obviously totally oblivious to what "rooting" means [and presumably the exploit was in the camera related code]), my devices are more secure because I root them, and besides, it's my bloody property... Sod off!
It pisses me off because they make no such demands on the Microsoft shite that's still floating around.. "Using XP? No problem sir!"
Any service that tries to restrict my access to my own device gets dumped (netflix so far). End of.
Having lived and worked in countries where you have to have an ID card or carry your passport all the time I have never understood what all the fuss was about
I often go out without my wallet, phone, even keys at times. As I'm not up to criminal activities, I'm not going to carry around some bloody id card.
Sure, get one for use at the bank etc. if need be, but compulsory? I can't understand how anyone could be OK with that - or why you think people like me only think this way because of some past Government propaganda.
My current flat was built to sound studio soundproofing standards, and it's a godsend... especially compared to some places I've lived.
It really changes the quality of life. The only thing I hear is the traffic if the windows are open. It's also nice to be able to put the washing machine or loud music on at 5.00am if necessary, without worrying about disturbing anyone.
I understand building regulations for sound-proofing in new builds is much stricter now.. It should be like it is here - people would be far happier!
From the ICANN page linked to in the article:
if EPAG's actions stand, those with legitimate purposes, including security-related purposes, law enforcement, intellectual property rights holders, and other legitimate users of that information may no longer be able to access full WHOIS records.
Yes they can. Through the courts. With a warrant. Usual stuff.
Besides, if this was truely their worry, they should be pleased - a non-public database is far more likely to be accurate than a public one. This is about money. Nothing else.
- too many people are having to pay most of their wages into renting property when the bricks and motor actually costs are very affordable
Yes!
We also need to reverse the mindset that increasing house prices is a good thing! If you own a house, it means nothing, because if you decide to move, your new house will be expensive too.
House price rises only benefit those with more than one property. They penalise those stuggling to get on the housing ladder.
How is that anything but a lose-lose?
Ah yes. Ayn Rand. The bullshit maker and welfare state hater that received public social security and medicare in her later life.
Libertarian with a typical Liberterian/Republican attitude - it's only wrong when the "other people" do it.
ah, RobertLongshaft... let's just hope you or your family members never get ill, or have an accident.... or do you think the feckers should just lose their house and go bankrupt like those lovely republican americans do?
I know it's childish, and against El Reg rules to post personal insults, but sorry. You, sir, are a top class tosser.
Bob, you really need to deal with your paranoia when it comes to anything that's against a republican policy.
You aren't stupid, but I believe you believe the crap you just posted because of your warped republican paranoia obsession.
SOCIALISM - Being "social" is not a bad word to rest-of-world-outside-US-Republicans, by the way, so stop using it as such - it makes you look stupid.
As I said, you're not stupid, so take some deep breaths and think: This is not about forcing everyone to have the same connection/speed - people can go with dsl/cable/fibre or even bloody dialup if they want - they can also choose capped packages or unlimited. No problem there... Capitalism at its finest!
Now, at the other end, the providers have peering/transit deals that may or may not involve charging, but it's all agreed on by the companies involved.. Again, pure capitalism!
What is NOT ON, is for cable companies to then apply extra tariffs / fines / constraints on particular services, just because they don't like them. That's not capitalism, it's protectionism.
Now, of course, in a proper free market, you could argue that if an ISP does this, customers will move to another ISP. Of course, in America, that is rarely possible due to the anti-capitalist monopolic practices, and shady deals that have kept the big 3 (?) in control. It's a cartel, not a capitalist free-market.
Tell me Bob, how would you feel if the owner of your phone company had an argument with your doctor, so decided to bar phone calls to him? Or -- shock-horror -- the owner is a democrat, and come the local elections, decides to add noise, and random drop-outs to all the republican representatives, and PR groups?
Cabel and telcos see their cartel power dropping with net neutrality - they want it to go away so that they make it less worthwhile for you to get netflix, and therefore stick with their mediocre package.... And why would you use anything other than their sports channel, when all your internet choices are made to drop-out and continuously rebuffer?
The cable companies aren't capitalists, dear boy. If they were government, they'd be described as communist.
Not every government decision is bad, you know. No companies are looking out for you.
Government has control on food standards, pollution, medicine etc.. because if they didn't, you can bet that these glorious industries would sell you all sorts of dodgy crap.
As a final aside, people here have been calling you a dick.
This is because you switch off all critical thinking when it comes to politics, and think republican==good - democrat==bad.
Republicans AND democrats exploit this tribal "team-worship" ideoligy, because it means people end up fighting amongst themselves rather than fighting against the politicians.
It also means both sides can pass whatever the hell they like, because their fans will always cheer them on regardless.
Until you realise the 'enemy' is the politicians from both sides, and not the voter from the other side, you'll never get your democracy back.... And people will keep calling you a dick.
FINALLY, before you downvote me, please realise I'm currently compiling a bug fix I'm working on against some FreeBSD base code! You're welcome :-)
If you make a post with invalid HTML, it gives a warning message alerting you to the fact, with the opportunity to re-edit.
If you are editting a post that has already been accepted, and introduce a HTML error, you get no warning - you are still thrown back to the re-edit page, but without the big warning message, it's easy to miss.
My router is 10.0.0.1 Main PC 10.0.0.2 [ ... ] I'll never remember: My router is 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Apples and oranges.
The ip6 you give is a globally routable address.
There's nothing stopping you validly configuring your private lans as
fd00::10.0.0.1
fd00::10.0.0.2 etc.
(Yes, you can represent octets as dot-seperated decimals if you want) or if you prefer to go all BCD, you could use:
fd00::10:0:0:1
fd00::10:0:0:2
etc.
There is nothing magically different about the IP4/IP6 addresses - each one is just a number - one happens to be 32 bits wide, the other 128.
The point is the vulnerability shouldn't have been there in the first place.I respectfully disagree with you here. I cannot think of a single IT outfit that hasn't screwed things up royally at some point.
I agree with Chronos (the original poster). Sure, everyone screws up, but that's not the same thing as intentionally having an open port. It's not just a mistake in forgetting to close it, it should never exist - someone could exploit it any time it's open, and it also implies no encryption on the connection.
If they need some access, it should always be encrypted and password/key protected.. There should never be a case of a vulnerability just because they forgot to close it.
No, it means that an email sent from person A to person B, BCC to person C and person D will appear:
Person B:
From: A
To: B
_____
Person C:
From: A
To: B
Bcc: C
_____
Person D:
From: A
To: B
Bcc: D
_____
I.e. as a bcc recipient, the bcc line will only show you - no-one else, presumably so people can get a warm fuzzy feeling that they were specifically bcc'd and didn't receive it as a raw forward, or by accident.
(When there are multiple recipient addresses in the "Bcc:" field, some implementations actually send a separate copy of the message to each recipient with a "Bcc:" containing only the address of that particular recipient.)"
..... i.e. most simply won't bother sending a Bcc line, but some will actually make one, containing that particular recipient only
Don't understand the correction of the previous post.Everyone (even a retail broadband user) is "stuck behind a NAT". And most retail broadband users are at home with other people on the same LAN, i.e. with "quite a few other home users".
Well, I'm not. And in fact, most residential customers are behind a NAT by choice - they aren't 'stuck' in that they can remove the NAT and have a NATless single IP4 address.
However, I think the confusion comes in in the reading of the following sentence:
You're stuck behind a NAT along with quite a few other home users.
He meant "you and a few other home users are stuck behind [the same] [CG-]NAT" not "you are stuck behind a NAT and other home users are also stuck behind their own NAT"
Add to that, I'm a grumpy old git...
SLAAC will never exist on anything I control if I have any say in the matterThen you're not using any Android devices, which still doesn't support DHCP6
I use IP6 on all my android devices, but then i statically configure the IP from start-up scripts (by the way, has anyone had issues with android 5+ routing ip6 tcp off lan? udp6 seems to work, i can't get tcp6 to work on the newer boxes I run)
But yeah, if android over ip6 has to be supported now, and it doesn't support dhcp6 then i guess you're right.. Up to now, though, all androids I've seen have been IP4 only from the 'consumer' side of things.
I agree that SLAAC sucks, but there is one valid use case: on home networks with dynamic addressing. If the line drops and reconnects, you need to renumber your devices very quickly, which would mean extremely short lease times if using DHCP6.
Now you say, surely IPv6 has enough address space to give everyone a static allocation? It certainly does, but dynamic addressing is not due to shortage of address space: it's due to route aggregation.
I realise many ISPs will still give out dynamic Ip6 prefixes when they start doing ip6... But you make a good point regarding the renumbering... I hadn't thought of that.... A "cost" of not using NAT! You could always use NAT6 <gets coat> :-)
How would slaac help though? Surely in either situation a machine needs to repoll for its new IP, or have it pushed.. It surely would be the same for a dhcp'd or slacc'ed host to realise its ip was no longer valid, and need to be updates?
Interesting idea, though location data can be transfered in 4 bytes.. It would be pretty easy to hide that somewhere, without uploading an image... Uploading an image would set my alarm bells off immediately! Have they got control of my camera?!
Ok, I found this. I wrote a script that deletes all the spying data files, but this is obviously one I missed:
44 -rw-rw---- 1 u0_a194 u0_a194 43043 Aug 27 2016 /data/data/air.SpaceZombies2/shared_prefs/Appodeal.xml
Look for "Appodeal.xml" in the shared_prefs folder of any app (you'll need to be root though)
This is a 43K file, starting off like:
<?xml version='1.0' encoding='utf-8' standalone='yes' ?>
<map>
ap>
<string name="banner">{"status":"ok","ads":[{"status":"mopub","id":"YktV,,, etc.
decoding it gives a json file, uploading variables such as:
gender:
alcohol:
smoking: (how the f??? does it know that?)
Interestingly, it's also hacked other apps and uploaded their unique ids that were given to me, including: "admob, applovin, chartboost, inmobi, mopub, smaato"
The worst is this URL listed:
"url":"http://soma.smaato.net/oapi/reqAd.jsp?adspace=130015622
\u0026apiver=415
\u0026bundle=air.SpaceZombies2
\u0026device=Dalvik%2F2.1.0+%28Linux%3B+U%3B+Android+5.1.1%3B+R68G+Build%2FLMY48G%29
\u0026devicemodel=rockchip+R68G
\u0026devip=88.109.36.106
\u0026dimension=full_320x480
\u0026dimensionstrict=true
\u0026format=all
\u0026formatstrict=true
\u0026gender=m
\u0026googleadid=6d7d7151-9edf-4085-aa19-67726fd7dd1c
\u0026googlednt=false
\u0026gps=51.65765765765766%2C-4.0371868876609485
\u0026iabcategory=IAB95
\u0026kws=puzzle%2Ctools%2Cadventure
\u0026mraidver=2
\u0026pub=1001000335
\u0026response=html"
All those details were accurate at the time - as I said, I don;t even have gps on here, but if you look at the "gps" field, if you threw a hand-grnade at those coordinates, you'd blow up my sofa! (OK, slight exageration, but it's the coordinates of the playing field opposite!)
You take one story (which is dubious anyway - no DRM is secure if you are handed the keys to decode the content) and use it to compare the guardian to the mail?
There are many wishy-washy "right-on" guardian articles that you could have used to better promote your agenda, but either way, the guardian is nothing like that manipulative jingoistic bigotted and hypocritical rag.
Yep, and obviously not a "critical part of the infrastructure"
Of course, originally when only companies and organisations had domain names, it was useful.
My guess is that when it started to get personal, any discussions on making in private were met with "charitable donations".
Either that, or they realised they could make money selling it off directly ("We aren't doing anything wrong, it's all public information")
It was never a technical or legal use, and they were right arseholes to ever try to spin it that way.
I just notice my name and address has gone off my domains whois entries for .com, and the address for the .orgs now just say "South Wales'.
These results are replicated on domains that were registered with a different company.
Same effect on US owned domains, and with me calling from a US based address.
I hope y'all sold your stock in "domain privacy" companies!
WTF ? Is this what GDPR is supposed to do ? Thought it would protect us, instead its started to nag, accept or else !
Um no. It's not GDPR doing that.
"That damn law making it a crime to rob... I thought it would protect us, instead it's making people use guns"
(OK, crap analogy, but it's only just gone 7.00am!)
The business problem here is companies will pay extra to micro-target ads to, say, male 28-35 year olds with college degrees who make between $80,000 and $120,000/year and own a dog. They believe, often without evidence, that this will result in more effective ads than just scattershot context advertising.
From: https://gdpr-info.eu/recitals/no-26/:
Recital 26 Not applicable to anonymous data*1The principles of data protection should apply to any information concerning an identified or identifiable natural person. 2Personal data which have undergone pseudonymisation, which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person. 3To determine whether a natural person is identifiable, account should be taken of all the means reasonably likely to be used, such as singling out, either by the controller or by another person to identify the natural person directly or indirectly.......
.......6This Regulation does not therefore concern the processing of such anonymous information, including for statistical or research purposes.
* This title is an unofficial description.
(More...)
But anyway, even if this wasn't the case, I'd say TOUGH!.
I'm sure the TV advertisers would like more information on their audience.. It doesn't mean if it was practical to do so, they could send people to spy through our curtains.
I think it's childish and petty of them.
They could have removed tracked ads, tracking cookies, and left the rest as it is.
This way they are saying "look at the crap site your evil EU has forced us to give you."
Why don't they throttle the bandwidth too whilst they're at it?
@LDS: Spot on.
I also think that many Americans are so used to government making laws for corporations that they automatically assume all other places in the world are the same.
There's a knee-jerk reaction I'm seeing: facist EU removing our freedoms.. stupid bureaucracy, government control etc.
They seem to think suddenly we are restricted in what *we* want to do with our personal information, whilst in reality, the only "freedoms" being removed are the freedoms of the corporations to expoit our data without permission.
It's also saddenning to see that so many seem to think it's no big deal. It's no wonder the culture of facebook, google, and android ad-brokers flurish in such conditions.
Oh but no! In reality, we are just jealous of American companies, and want to destroy them *rollseyes*
Some Americans deserve the corporate-overlords they get... I feel sympathy for the rest of them (and we'l be heading that way too once UK.GOV gets us out of the EU)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
