Bose 販賣用戶隱私被告

Unroll 在旁邊燒的時候 (參考 Uber 戰火蔓延到 Unroll),Bose 也不甘寂寞決定跟上科技業的潮流:「Bose headphones spy on listeners: lawsuit」。

Bose 直接將他們 app 收集到的資訊拿出來賣:

Bose Corp spies on its wireless headphone customers by using an app that tracks the music, podcasts and other audio they listen to, and violates their privacy rights by selling the information without permission, a lawsuit charged.

這次打算控告的產品包括這些 (這邊提到的 Zak 是原告):

Zak is seeking millions of dollars of damages for buyers of headphones and speakers, including QuietComfort 35, QuietControl 30, SoundLink Around-Ear Wireless Headphones II, SoundLink Color II, SoundSport Wireless and SoundSport Pulse Wireless.

編號可以記一下,之後可以拿來追蹤:

The case is Zak v Bose Corp, U.S. District Court, Northern District of Illinois, No. 17-02928.

在手機裡面放木馬後故意讓手機被偷走的紀錄片...

在手機裡面裝木馬後故意讓別人偷走,然後觀察小偷的行為並且拍成紀錄片:「Student Lets Thief Steal His Phone, Spies On Him For Weeks To Make This Documentary」。

影片已經有人翻譯完,有中文字幕可以開起來看:

裡面用的木馬 (防盜軟體) 是 Cerberus

在瀏覽器上面用 JavaScript 進行 Side-channel attack

用 JavaScript 就可以攻擊 L3 cache,進而取得資料:「JavaScript CPU cache snooper tells crooks EVERYTHING you do online」。

論文出自「The Spy in the Sandbox – Practical Cache Attacks in Javascript」(PDF) 這篇。

不需要任何外掛或 exploit,就純粹是利用 cache 反應時間的 side-channel attack。另外由於 AMD 的 cache 架構不同,這次的攻擊實作僅對 Intel 有效:

The Intel cache micro-architecture isinclusive– all elements in the L1 cache must also exist in the L2 and L3 caches. Conversely, if a memory element is evicted fromthe L3 cache, it is also immediately evicted from the L2 and L1 cache. It should be noted that the AMD cachemicro-architecture is exclusive, and thus the attacks described in this report are not immediately applicable tothat platform.

這次的攻擊方法真變態...