Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective

Looking at both UFED and Physical Analyzer, though, we were surprised to find that very little care seems to have been given to Cellebrite’s own software security. Industry-standard exploit mitigation defenses are missing, and many opportunities for exploitation are present. And For example, by including a specially formatted but otherwise innocuous file in an app on a device that is then scanned by Cellebrite, it’s possible to execute code that modifies not just the Cellebrite report being created in that scan, but also all previous and future generated Cellebrite reports from all previously scanned devices and all future scanned devices in any arbitrary way (inserting or removing text, email, photos, contacts, files, or any other data), with no detectable timestamp changes or checksum failures.

Verizon, AT&T, and T-Mobile kill their cross-carrier RCS messaging plans — Ars Technica

The Rich Communication Services (RCS) rollout continues to be a hopeless disaster. A year and a half ago, the cellular carriers created the “Cross-Carrier Messaging Initiative (CCMI),” a joint venture between AT&T, Sprint, T-Mobile, and Verizon that would roll out enhanced messaging to the masses in 2020. Now, Light Reading is reporting that initiative is dead, meaning that the carriers have accomplished basically nothing on the RCS front in the past 18 months.

Why Google caved to Australia, and Facebook didn’t

With its moves today, Google has now invited every other country to pursue a similar protection racket. Parliament members in Canada and the European Union have already endorsed measures similar to Australia’s. And a basic tenet of the open web — that hyperlinks can be freely displayed on any website — just took a body blow source

Pebble founder reveals universal chat app for Android, with iMessage support

“Beeper has two ways of enabling Android, Windows and Linux users to use iMessage: we send each user a jailbroken iPhone with the Beeper app installed which bridges to iMessage, or if they have a Mac that is always connected to the internet, they can install the Beeper Mac app which acts as a bridge,” The lengths people will go to in order to use iMessage. source

2021 MacBook Pro will ditch the Touch Bar and bring back MagSafe, say reports

Perhaps most notably, Kuo believes the new Pro laptops will backtrack on some of the controversial changes Apple made with the current generation. The OLED Touch Bar, for example, is said to have been replaced altogether by physical function keys. Kuo also says that there’ll be a wider range of ports reducing the need for dongles, though he doesn’t get specific. And a MagSafe magnetic charging connector is also set to return.

Pluralistic: 05 Dec 2020 – Pluralistic: Daily links from Cory Doctorow

Here’s what Thompson did: he hid a program in his compiler that would check to see whether you were compiling an operating system or a compiler. If you were compiling an OS, it hid a secret login for him inside of it. If you were compiling a compiler, it hid the program that looked for compilers or operating systems inside of it. Think about what this means: every OS you compiled had an intentional security defect that the OS itself couldn’t detect.

Withknown to Hugo

So I’m considering switching my blog from withknown to hugo. There’s a couple of reasons for this. Known is good, but fairly complicated. I like all the indieweb stuff, but it all still seems very early, alpha stage stuff. I find it hard to keep up. I run Known on a VPS, and the latest version will require me to upgrade PHP, which in turn will require me to upgrade the VPS OS.

Destiny 2s Next Gen Update Available On December 8th Faster

. Destiny 2’s Next Gen Update available on December 8th! ❄️ Faster load times ❄️ 4K Resolution ❄️ 60 FPS & 120 FPS in Crucible ❄️ Same console family cross play! (PS4 - PS5 , Xbox One - Xbox Series X|S) ❄️ FOV Slider AND MORE! pic.twitter.com/F97DvaTd2u — DestinyTracker (@destinytrack) November 24, 2020