Online accounts creation safety

A few things to keep in mind for mandatory online accounts:

– never create an account if not required in the first place, avoid "surveys" and member cards as much as possible
– use temporary email addresses redirection if it's a one time thing, like from
– if you have a VPN, enable it before the creation to avoid being geo-localized (you may choose an IP from the same country however)
– unless absolutely required like for shipping address, enter the least information possible.
– unless required to be valid like for warranty or shipping, never hesitate to enter fake name, fake address, fake age, fake everything. Against Terms Of Services? Don't care.
– if you have the ability to pay things with an unique and temporary credit-card, do that.

During your lifetime, you will have no control over the personal information you gave away on yourself.
Hopefully you'll live a fruitful and long life.
Who knows how many websites and services owning data on you will be breached during this lifetime.
That's why the only defense is least info & random fake info.

The VTech breach explained by +Troy Hunt​​​​​​​​​​​ is an excellent example of why you may apply similar rules to yourself (whatever works), your family and teach them as well to your kids since their whole life will be online.

This one is particularly bad because the unique identifier in this very verbose database allows to contact individually every kid on their capable connected toy, by sending messages, pictures.
VTech didn't inform anyone yet. Yes: That bad.

#supercurioBlog #security

Troy Hunt: When children are breached – inside the massive VTech hack

Source post on Google+

First consumer grade 360° video camera

+Tony Northrup​​​​​​ demonstrates the Ricoh Theta S in this insightful review.
Everyone will find his own usage of course but that's the first video I see from it showing so well how to use this little tool with examples for commercial purposes, family memories or even plain vlogging.

If you find the picture quality sufficient, go ahead!
Otherwise it might be wise to wait for a future product that will record at higher resolution, with sharper lenses, with a little better color profiling.

360° video will get substantially better with 4K overall, including recording on such device: as you can observe, due to the dual circular projection, what is recorded lacks details:
– once transformed geometrically into a 360 video
– once again projected into planar or VR view.

Even with 1080p delivery, higher resolution recording will help.
I don't know about you but I'll certainly get one at some point ☺

#supercurioBlog #VR #video #review

Source post on Google+

Vulnerable self-signed root certificates: how many out here?

Since Dell computers shipped with a vulnerable root certificate containing the private key which can be extracted, it is not impossible that other manufacturers do so as well.

And like me, you maybe wonder if it's the case for smartphones too.
Adding this to my TODO list 😊: is there a CTS test for that, do apps exist already to verify all certificates installed on your phone.

#supercurioBlog #security

Dell apologizes for HTTPS certificate fiasco, provides removal tool | Ars Technica
Meanwhile, credential that posed man-in-the-middle threat found on SCADA system.

Source post on Google+

LG partially explains why it canceled the LG Watch Urbane 2nd Edition

"During aggressive testing over thousands of hours under severe conditions, it was revealed that this component failed to meet LG’s quality standards and could potentially impact our image quality over the life of the device."

Since the watch doesn't have a camera, the only "imaging" component is it's display: a 480×480 P-OLED round panel.
The first generation of the Watch Urbane was already prone to display defects appearing with aging. On the second gen, the higher density might make this occur more often.
It could also be adverse effects of rapid burn-in.
Those who received the few first units now know where to look – sort of.

#supercurioBlog #display #OLED

LG says component affecting image quality behind smartwatch recall
A faulty component in LG’s Watch Urbane 2nd Edition, which had the potential to affect image quality, was behind the smartwatch’s removal from sale

Source post on Google+

Feature complete Android Malware

This article is an excellent description of "Banker", an Android app designed to use very straightforward and efficient ways to steal all sort of credentials.

It also explains why Google protected several features behind additional permissions in Marshmallow:

– Draw over other apps:
A malware overlays anything it wants on screen, including with a transparent window, invisible but intercepting any touch event: which can let a malware guess everything you touch and type.
Now needs to be activated from the Apps "Configure Apps" settings.

– Apps with usage access:
A malware runs a background service to monitor which application activity is shown in front to the user like every second, and launches an activity or starts an overlay emulating legitimate credential / banking / credit card information request dialog.
Now needs to be activated from the Security settings.

Discussion on Hacker News:

#supercurioBlog #security

Android malware drops Banker from PNG file
Nowadays is malware trying to hide wherever it is possible to get under the radar of anti-virus companies. Lately I found Trojan dropper carrying malicious payload, encoded by base64, embedded inside an image file. It’s nothi…

Source post on Google+

DRAM errors misconceptions

Same address failures trump isolated errors.
And it's a good news, since it allows to blacklist a few error-prone cells to improve RAM reliability much more easily than by swapping the entire hardware components.

However since mobile devices do not use ECC memory, memory errors, leading to crash or corruption stay undetected and non fixable.

Discussion on Hacker News:


DRAM’s Damning Defects—and How They Cripple Computers
An investigation into dynamic random-access memory chip failure reveals surprising hardware vulnerabilities

Source post on Google+

New self-hosted Git repository service

+Sourcegraph​ looks like an excellent alternative to +GitHub​​​​​, that you can install on your own server.

I particularly like the IDE-like features making exploring the code so much easier.

It's source code released under "fair source license" is an original approach as well.
It is not exactly "open source" but "hackable source" instead, still much better than the commonplace proprietary.

Discussion on Hacker News:

#supercurioBlog #development at b1af2ab4761618930f6f7e44eb775e08fac3f38e – sourcegraph – Sourcegraph
Sourcegraph: the intelligent, hackable code host for teams. Sourcegraph is a self-hosted Git repository service with Code Intelligence. It runs on your own server or cloud and installs in 5 minutes. Sourcegraph gives your team the power to build better software by offering: …

Source post on Google+

Phones are running old Linux kernels

The Linux kernel evolves constantly and +Linus Torvalds​ is the person who makes the new versions by deciding which new code makes it or not.
The current Linux stable release is Linux 4.3, from November 1st 2015.
Linux 4.4 is in development of course, this is an constant process.

Android phones and other embedded devices are usually not running the latest and greatest however.
Take for example Android device:
Which kernel is yours running?

Linux 3.0: 21 July 2011
Linux 3.4: 20 May 2012
Linux 3.10: 30 June 2013

Right here I have Nexus phones and tablets running all of these.
– Nexus S doesn't receive any update anymore since Android 4.1.2: Linux 3.0
– Nexus 5 and Nexus 7 2013, each running latest Marshmallow: Linux 3.4
– Nexus 9, latest Marshmallow: Linux 3.10

Even the newest one is 2.5 years old: how comes?
The article and its comments develop on that.

Discussion on Hacker News:

#supercurioBlog #Linux

Running a mainline kernel on a cellphone []
One of the biggest freedoms associated with free software is the ability to replace a program with an updated or modified version. Even so, of the many millions of people using Linux-powered phones, few are able to run a mainline kernel on those phones, even if they have the technical skills to …

Source post on Google+

At least one reason for the Galaxy View

This article on +Engadget​​ received quite a few comments and some of them are very useful to complete the opinion shared by the reviewer.

I particularly like this one, from Agrajaga

Ah, the continued confusion of people with a lack of perspective — in this case older eyes. For me, this is perfect. I already own the older 12.1" Note Pro and it's "too small". This is much more fun to have around for my uses (games and shows while in bed and on the road).

It's common that when you're young or middle age and have good enough vision, you can't imagine the difficulty to read and interact with most technologies for those who do not.
And maybe the Galaxy View is a simple and efficient response for that.

10" tablet? nope. 12" tablet? still too small.
18.4" tablet? Yeah I can see again! And I use a tablet like everyone else!

I remember when my beloved grandpa had his eyes slowly failing on him after 90 years old. As a writer and avid reader it made him sad to let go of another of his favorite activities.
Fortunately he could find as replacement great radio shows giving a voice to the philosophers, scientists and minds he liked to get inspiration from (on France Inter and France Culture for those from here)

Because his mind always stayed as sharp as ever and as he lived up to 95 years old he never lost his curiosity or desire to learn.

Nowadays a lot of content is available online only, and it's a trend that'll only continue.

Who knows, it might be the same when I'll get old. If I was today I would be happy to get a stupidly large tablet to read blogs, Hacker News, watch YouTube, interact with people on social media, write some stuff and be able to use touch apps almost like anyone else on a portable device.

Not such a bad solution for accessibility, this Galaxy View!


I just don’t understand why Samsung’s Galaxy View exists
Even after two weeks, finding a good use case for Samsung’s giant Galaxy View was difficult.

Source post on Google+

Google Fit: fixed

In a new update today, Google fixed the missing actions in the previous one I mentioned 2 days ago.

It appears they simply forgot the FAB (Floating Action Button).

Now this is more usable, with the ability to enter an activity or your weight 😊

#supercurioBlog #fitness


In Album 19/11/2015

Source post on Google+