美國的電信商提供 API,讓第三方透過 IP 就可以知道你的真實身份

前陣子的報料,美國的電信商提供 API 給第三方,讓第三方可以用 IP address 查出你的真實身份:「Want to see something crazy? Open this link on your phone with WiFi turned off.」,像是這樣:

These services are using your mobile phone’s IP address to look up your phone number, your billing information and possibly your phone’s current location as provided by cell phone towers (no GPS or phone location services required).

目前所有的網站都已經被下架了,但可以從當時的截圖看到有多少資訊。AT&T 的新聞稿在「AT&T Helps Businesses Improve Mobile Transaction Security with New Mobile Identity API Toolkit」,新聞稿沒被下掉我猜可能是因為上市公司受法令限制的關係?

這其實是一個警示,說明了美國的電信商開始把大家一直認為極為隱私的資料賣給第三方:

But what these services show us is even more alarming: US telcos appear to be selling direct, non-anonymized, real-time access to consumer telephone data to third party services — not just federal law enforcement officials — who are then selling access to that data.

而且作者在 GitHub 上看到有程式碼針對韓國電信商提供的 API 呼叫,所以韓國也有類似服務:

I found what looks like a third-party API implementation for a Korean Danal API on GitHub. The author wrote the code for South Korean telcos, so there may be differences with US carriers. The query parameters in the HTTP requests are similar to what I remember seeing in the Danal demo. It’s unclear from my reading of the code whether or not this API requires operation inside of e.g. a Danal Inc. hosted-iframe for identity confirmation. The diagram on page 4 of this documentation describing the Korean “Danal Pay” service appears to show the client interacting with the customer’s servers only.

台灣呢,嘿嘿...

Amazon Device Farm 支援讓使用者直接連上去 debug 了...

Amazon Device Farm 推出這樣的功能又朝著設備租賃服務更進一步了:「Amazon Device Farm Launches Direct Device Access for Private Devices」。

Now, with direct device access, mobile applications developers can use individual devices in their private test set as if they were directly connected to their local machine via USB. Developers can now test against a wide array of devices just like they would as if the devices were sitting on their desk.

這樣就可以使用更底層的東西了...

b-mobile 的おかわり的速度

tl;dr:真的很慢 +_+

b-mobile おかわり 是先前因為 eplus 需要手機簡訊認證而辦的日本門號,想說剛好進日本也可以拿來用...

可以參考「Re: [問題] 日本旅遊有低門檻手機認證的方式嗎」與「b-mobile おかわりSIMの速度実測・レビュー・評価まとめ【9月】」。

實際跑了 n 次測速,除了深夜與清晨的速度比較快以外,其他時間下載大多都在 1.x Mbps 左右,拿來跑 Line (包括 Line 語音) 還可以,刷有圖片的服務就頗慢了... (像是 Twitter 或是 Facebook),如果是影音服務的話就很慘了 XDDD

是剛好可以拿來練習 Git 離線作業啦 XDDD 但之後如果要來玩的話,應該還是會辦張吃到飽不限速的 SIM 卡吧...

手機上用 FPGA 的想法...

在「Apps with hardware: enabling run-time architectural customization in smart phones」這邊看到去年就有論文在討論在手機上使用 FPGA 的想法...

的確現在 FPGA 的價錢其實是蠻平價的了... 除了透過 GPU 加速外,FPGA 聽起來也是個不錯的方向 @_@

最直接的例子就是 AES 運算來看,可以看到比現在最快的實做快了半個數量級,大約三倍?(跟支援硬體加速的 OpenSSL 比,看格子大約是半格,也就是 100.5,約 3.16 倍)。

而如果是純軟體的應用,有些會差到四個數量級... (萬?)

利用手機的 sensor 取得 PIN 碼

把 side-channel information 配合上統計方法就可以達到 74% 的正確率:「Phone Hack Uses Sensors To Steal PINs」。

透過 browser 的 javascript 就可以拉出這些資料,然後利用這些資料去猜你的手機 PIN 碼:

Researchers from U.K.-based Newcastle University created a JavaScript app called PINlogger.js that has the ability to access data generated by the phone’s sensors, including GPS, camera, microphone, accelerometer, magnetometer, proximity, gyroscope, pedometer and NFC protocols.

而且當可以多抓到更多資訊時 (像是第二次輸入) 準確度就更高了:

Using a sample set of 50 PINs, researchers found that their script was able to correctly guess a user’s PIN 74 percent of the time on the first try, which increases to 86 and 94 percent success rates on the second and third attempts.

有些瀏覽器有做一些修正,讓 side-channel information 變少,於是難度變高:

As for Firefox, starting from version 46 (released in April 2016), the browser restricts JavaScript access to motion and orientation sensors. Apple’s Security Updates for iOS 9.3 (released in March 2016), suspended the availability of motion and orientation data when the web view is hidden, according to researchers.

Google 則是沒修:

As for Google, it’s unclear what measures have been taken. “Our concern is confirmed by members in the Google Chromium team, who also believe that the issue remains unresolved,” the report stated. Google did not reply to a request to comment for this report.

這攻擊方式頗不賴... @_@

透過手機螢幕上的餘熱猜測 PIN 碼

利用手機螢幕上的餘熱分析可能的 PIN 碼:「Heat traces left by fingers can reveal your smartphone PIN」,在輸入完 PIN 碼的 30 秒內的準確度都還是很高 (80%):

The report further revealed that if the thermal image is collected within 15 seconds of a PIN being entered, the technique is accurate almost 90% of the time. At 30 seconds, this accuracy decreased slightly to 80%. At 45 seconds or more, the accuracy dropped to 35% and below.

Nokia 3310 的復出...

這消息傳遍了整個科技界:「HMD Global will launch the Nokia 3, 5, and 6 at MWC, plus a 3310 homage」,不過一個最大的問題是只支援 2.5G:(出自「Nokia 3310 (2017)」)

The phone only runs on 2.5G at the time of launch, which has subjected the phone to criticism, and means that it will not initially be released in many countries, including Australia, which is switching its 2G mobile network off.

這種賣感情的東西,連任天堂都知道復刻時要加上 HDMI 了 (參考 NES Classic Edition),Nokia 你在想什麼...


出自「iPhone 7 Nokia 3310 Hammer Test! Will it Survive?

在手機裡面放木馬後故意讓手機被偷走的紀錄片...

在手機裡面裝木馬後故意讓別人偷走,然後觀察小偷的行為並且拍成紀錄片:「Student Lets Thief Steal His Phone, Spies On Him For Weeks To Make This Documentary」。

影片已經有人翻譯完,有中文字幕可以開起來看:

裡面用的木馬 (防盜軟體) 是 Cerberus

Google 對國際電話號碼格式常見誤解的說明

Google 對於國際電話號碼格式常見誤解的說明:「Falsehoods Programmers Believe About Phone Numbers」。

先看最後一個:

15. Phone numbers are always written in ASCII
In Egypt, it is common for phone numbers to be written in native digits.

電話號碼不是 ASCII 可以搞定的喔!!!然後你就可以理解沒什麼是不可能的 XDDD

這個系統是靠各種 backward compatible workaround 堆出來的,你覺得的假設通通會被推範 XDDD