Her advocates claim Linux is more secure than Windows and as proof they
offer
the list of viruses that target Windows.  The rebuttal is typically that
Window is an attractive target for virus writers due to its ubiquity.  The
Linux advocate's reply is that, Linux's architecture makes it impossible to
hack.  I think we've all seen this exchange.  Whether Linux is immune from
hacking is an open question.  What if Linux were ubiquitous?  Would hackers
try to break in?  Could hackers succeed?  The answer to these questions is
yes.

Motorola has embraced Linux as the OS to run on its line of cell phones
(http://news.com.com/2100-1001-984424.html).  The following link includes
over a dozen cell phone offering, including the Razr, which feature Linux:
http://www.linuxdevices.com/news/NS4504156025.html.   Motorola is a leading
cell phone company.  Motorola's market share has reached the critical mass
required to make the devices attractive to the l33t haxtorz.

Cell phones are venerable to a security threat called 'The Roving Bug'.  The
bug allows people to listen in on you conversations even when the cell phone
is off.  People can remotely turn on your cell phone, listen in on your
conversations, upload and download data, and take photos without you knowing
it.  The only way to secure your cell phone and your privacy is to remove
the
battery.

Here's what one site has to say:

<quote>
Nextel and Samsung handsets and the Motorola Razr are especially vulnerable
to software downloads that activate their microphones, said James Atkinson,
a
counter-surveillance consultant who has worked closely with government
agencies. "They can be remotely accessed and made to transmit room audio all
the time," he said. "You can do that without having physical access to the
phone."

Because modern handsets are miniature computers, downloaded software could
modify the usual interface that always displays when a call is in progress.
The spyware could then place a call to the FBI and activate the microphone--
all without the owner knowing it happened
</quote> http://hootsbuddy.blogspot.com/2006/12/fbis-roving-bug.html

The article says, ". the Motorola Razr [running Linux] are especially
venerable ."

It turns out that Linux's security model is porous as a sieve.  Devices
running Linux are being hacked and taken over by remote hackers.  The
security hole persists even when the device is turned off.  But is it some
secret 'back door' that only the government knows how to access?  Nope, the
world knows how to by pass and exploit Linux's so-called security.  Here's a
horror story describing the hell created because of Linux's weak security:
http://www.thenewstribune.com/news/crime/story/91460.html.

I am sure so will say, "B-b-b-but Windows blah, blah, blah." to which I
reply, "Irrelevant!"

This issue is about a bug in Linux.  This is about a known bug in Linux
that's been hanging around for months.  It is a bug a known bug in Linux
that's been hanging around for months that has not been fixed.  This is
about
a security hole in Linux.  Windows is not the issue here.  This is a Linux
problem and not a Windows problem.

"Cassandra" <Cassandra@comcast.net> wrote in message
news:bJCdnZBigMvgjRnbnZ2dnUVZ_veinZ2d@comcast.com...
: Her advocates claim Linux is more secure than Windows and as proof they
: offer
: the list of viruses that target Windows.  The rebuttal is typically that
: Window is an attractive target for virus writers due to its ubiquity.  The
: Linux advocate's reply is that, Linux's architecture makes it impossible
to
: hack.  I think we've all seen this exchange.  Whether Linux is immune from
: hacking is an open question.  What if Linux were ubiquitous?  Would
hackers
: try to break in?  Could hackers succeed?  The answer to these questions is
: yes.
:
: Motorola has embraced Linux as the OS to run on its line of cell phones
: (http://news.com.com/2100-1001-984424.html).  The following link includes
: over a dozen cell phone offering, including the Razr, which feature Linux:
: http://www.linuxdevices.com/news/NS4504156025.html.   Motorola is a
leading
: cell phone company.  Motorola's market share has reached the critical mass
: required to make the devices attractive to the l33t haxtorz.
:
: Cell phones are venerable to a security threat called 'The Roving Bug'.
The
: bug allows people to listen in on you conversations even when the cell
phone
: is off.  People can remotely turn on your cell phone, listen in on your
: conversations, upload and download data, and take photos without you
knowing
: it.  The only way to secure your cell phone and your privacy is to remove
: the
: battery.
:
: Here's what one site has to say:
:
: <quote>
: Nextel and Samsung handsets and the Motorola Razr are especially
vulnerable
: to software downloads that activate their microphones, said James
Atkinson,
: a
: counter-surveillance consultant who has worked closely with government
: agencies. "They can be remotely accessed and made to transmit room audio
all
: the time," he said. "You can do that without having physical access to the
: phone."
:
: Because modern handsets are miniature computers, downloaded software could
: modify the usual interface that always displays when a call is in
progress.
: The spyware could then place a call to the FBI and activate the
microphone--
: all without the owner knowing it happened
: </quote> http://hootsbuddy.blogspot.com/2006/12/fbis-roving-bug.html
:
: The article says, ". the Motorola Razr [running Linux] are especially
: venerable ."
:
: It turns out that Linux's security model is porous as a sieve.  Devices
: running Linux are being hacked and taken over by remote hackers.  The
: security hole persists even when the device is turned off.  But is it some
: secret 'back door' that only the government knows how to access?  Nope,
the
: world knows how to by pass and exploit Linux's so-called security.  Here's
a
: horror story describing the hell created because of Linux's weak security:
: http://www.thenewstribune.com/news/crime/story/91460.html.
:
: I am sure so will say, "B-b-b-but Windows blah, blah, blah." to which I
: reply, "Irrelevant!"
:
: This issue is about a bug in Linux.  This is about a known bug in Linux
: that's been hanging around for months.  It is a bug a known bug in Linux
: that's been hanging around for months that has not been fixed.  This is
: about
: a security hole in Linux.  Windows is not the issue here.  This is a Linux
: problem and not a Windows problem.

One thing I've learned after 20 years in the computer industry is that a
system's biggest security risk is complacency.  Security isn't binary as
some Linux Loonies proclaim.  Security is uniary and it is set to 'off'.  If
you're the type who prefers a mathematic theory to support a concept then I
direct you to G�del's Incompleteness Theory.  G�del theory is based on the
fact that all systems are inherently finite and therefore have external
forces acting upon them.  The external forces, being outside the system, can
act in ways not predicted by the system.  The system is vulnerable to forces
the system was not designed to handle.  Security is a system and its role is
to defend against external forces.  The system of security will always have
vulnerabilities since a finite system can not predict and account for an
infinite number of external forces.

Linux should be able to defend against security threats pretty well.  You
need two tools to accommodate the inherent incompleteness of security
systems: vigilance and flexibility.  Vigilance is used to identity
vulnerabilities early in its life-cycle and flexibility is used to defend
against it.

Linux's source code is open so the code is open to the scrutiny of millions
of eyes.  Vigilance against security threats are not dependant on any one
person or group.  There are millions of people watching out for security
holes in Linux.  In theory at least, the Linux community is vigilant against
security threats.

Linux covers the requirement of flexibility very well too.  Linux's code is
available to all to modify, compile and use.  Anyone can fix vulnerability
once it is identified.  There are probably 10's of thousands of people with
the knowledge, skill set and resources to fix security holes in Linux.
There is an added incentive to fixing security bugs in Linux.  The Open
Source Community has a Cult of Personality* culture.  The person who fixes
and implements major fixes to Linux would receive Rock Star status in the
Linux world.  Someone who fixes a security hole the size of the 'Roving Bug'
might even get to sign (and touch) the boobies of all the girls who frequent
C.O.L.A.  He may even get to have sex with a real girl if his mom would let
her into the basement.  There are some huge incentives in the open source
community to fix security vulnerabilities like the Roving Bug.

Linux community contains enough 'eyes' to call it a vigilant environment.
Linux provides enough information and resources to call it a flexible
environment.  Vigilance and flexibility are required for a secure
environment and Linux has both these.  The Roving Bug persists in Linux.

On November 27, 2006 the U.S. District Court described the 'Roving Bug'
(http://www.politechbot.com/docs/fbi.ardito.roving.bug.opinion.120106.txt).
Information on the 'Roving Bug' has been available to the public for about
six months.  The Open Source Community has known about Linux's security
weakness for months.  Hundreds of new and updated Linux distributions have
been announced on Linux's Distribution Watch since the 'Roving Bug' became
public.  If the Open Source Community had the time and resources to create
hundreds of new distributions then the community had to time to fix the
Roving Bug.  The bug persists and the Government is still exploiting a hole
in Linux to spy on innocent people.  It is clear the Open Source Community
is not as responsive to bug fixes as the Linux Advocates claim.

To summarize the points:
    Cell phones are vulnerable to hackers via the 'Roving Bug'.
    Hackers include the government but also juvenile "l33t haxor" brats.
    The cell phones that are vulnerable include the Razr which runs Linux.
    Linux has a huge security vulnerability.
    The open source community has known about the vulnerability.
    The open source community has done nothing to fix the vulnerability.
    Linux's security vulnerabilities persist.

The above is a list of documented facts.  The facts illustrate a weakness in
Linux.  No one will come forward and point me to a link where a fix to the
Roving Bug is available for download.  Like Cassandra, I'll be ridiculed for
publicizing the truth about weaknesses in Linux and the Open Source
Development Model.  The response will consist of name calling and unfounded
accusations.  I'll be accused of being on Microsoft's payroll, my choice of
News Reader will come into question and I'll be called a nym-shifting racist
homophobe yet no one will address the issue; no one will fix Linux.  The
security hole will continue and hackers will continue to exploit Linux
unbeknownst to the users.

The security holes in Linux will persist and Linux Loonies will pat
themselves on the back for 10 new Linux distributions and Roy S. will spam
C.O.L.A with 100 new posts announcing the new, redundant Linux distributions
and Mark Kent will laude his OCD as a benefit to the Linux cause.  The
community focuses on destroying Microsoft and deludes themselves into
thinking GPL 3 will do it.  I expect ridicule from the Linux Advocates for
sharing my wisdom.  The ridicule only affirms the accuracy of my statements.

Shakespeare observed in King Lear, "Wisdom and goodness to the vile seem
vile: Filths savor but themselves" (Act IV, Scene II).  Such is the sad
state of the Linux community.



* The three data points used to support the 'Cult of Personality culture'
observation would include Linus, Stallman and Larry Wall.

Cassandra wrote:

> 
> This issue is about a bug in Linux.  This is about a known bug in Linux
> that's been hanging around for months.  It is a bug a known bug in Linux
> that's been hanging around for months that has not been fixed.  This is
> about a security hole in Linux.  Windows is not the issue here.  This is a Linux
> problem and not a Windows problem.
> 
> 

Huh?

It seems to be more a bug in the cell-phone protocol/hardware. Or 
possibly a hardware mod to the cell phones.  I can well imagine the cell 
phone companies would have a way to update the firmware in your phone 
remotely.

Nothing to say that it's due to linux being on the phone.

The only reason it's not *also* a windows problem is that windows can't 
possibly run on a cellphone....

As to the "horror story" - why don't they get a prepaid phone?  Or do 
away with cell phones altogether?  Or stuff the damn things into a sock 
while they're not using them?  Christ, people used to live their whole 
lives without cell phones.

Nedd Ludd wrote:

> 
> To summarize the points:
> a)    Cell phones are vulnerable to hackers via the 'Roving Bug'.
>     Hackers include the government but also juvenile "l33t haxor" brats.
> b)    The cell phones that are vulnerable include the Razr which runs Linux.
> c)    Linux has a huge security vulnerability.
>     The open source community has known about the vulnerability.
>     The open source community has done nothing to fix the vulnerability.
>     Linux's security vulnerabilities persist.
> 
> The above is a list of documented facts.  The facts illustrate a weakness in
> Linux.  No one will come forward and point me to a link where a fix to the
> Roving Bug is available for download.

Please demonstrate.

If we take your points a) and b), I could just as easily say,

The cell phones that are vulnerable include those that come in blue.
Therefore all blue phones (and only blue phones) are vulnerable.
Furthermore, it is the fault of the blue color that they are vulnerable.

So far, I have not seen anything that would indicate that this is a 
*linux* issue.  It is, AFAICT, a cell phone issue.

The ability to remotely turn on the mike must be in the hardware; I know 
of no such ability within the linux kernel.

Presumably, once the phone is off, the linux kernel is not running; yet 
according to the reports, the phone can still transmit conversations.

How is this then a linux issue?  Is the linux kernel imbued with some 
ghost geekiness that allows it to run even if shut off?  <eerie music 
playing>  Or perhaps is there some Uber-kernel that persists beyond all 
attempts to power it off, sucking the energy from the ether?

"CptDondo" <yan@NsOeSiPnAeMr.com> wrote in message
news:13885j98uu1do0b@corp.supernews.com...
: Cassandra wrote:
:
: >
: > This issue is about a bug in Linux.  This is about a known bug in Linux
: > that's been hanging around for months.  It is a bug a known bug in Linux
: > that's been hanging around for months that has not been fixed.  This is
: > about a security hole in Linux.  Windows is not the issue here.  This is
a Linux
: > problem and not a Windows problem.
: >
: >
:
: Huh?
:
: It seems to be more a bug in the cell-phone protocol/hardware. Or
: possibly a hardware mod to the cell phones.  I can well imagine the cell
: phone companies would have a way to update the firmware in your phone
: remotely.
:
: Nothing to say that it's due to linux being on the phone.

The features of the phone such are the way the firmware is updated are
executed by Linux.
The vulnerability on these phones is a result of Linux.
The Roving Bug is a huge security hole in these phones.
Its presents and exploitation is facilitated by Linux.

Nedd Ludd wrote:
>
> The features of the phone such are the way the firmware is updated are
> executed by Linux.

Please document this.  Non-linux phones cannot be updated?

> The vulnerability on these phones is a result of Linux.

Please document this.  Non-linux-based phones don't have this vulnerability?

> The Roving Bug is a huge security hole in these phones.

Yes.

> Its presents and exploitation is facilitated by Linux.

Please document this.  Non-linux phones don't have this vulnerability?

On Thu, 28 Jun 2007 16:10:00 -0400, Nedd Ludd wrote:

> "Cassandra" <Cassandra@comcast.net> wrote in message
> news:bJCdnZBigMvgjRnbnZ2dnUVZ_veinZ2d@comcast.com...
> : Her advocates claim Linux is more secure than Windows and as proof they
> : offer
> : the list of viruses that target Windows.  The rebuttal is typically that
> : Window is an attractive target for virus writers due to its ubiquity.  The
> : Linux advocate's reply is that, Linux's architecture makes it impossible
> to
> : hack.  I think we've all seen this exchange.  Whether Linux is immune from
> : hacking is an open question.  What if Linux were ubiquitous?  Would
> hackers
> : try to break in?  Could hackers succeed?  The answer to these questions is
> : yes.
> :
> : Motorola has embraced Linux as the OS to run on its line of cell phones
> : (http://news.com.com/2100-1001-984424.html).  The following link includes
> : over a dozen cell phone offering, including the Razr, which feature Linux:
> : http://www.linuxdevices.com/news/NS4504156025.html.   Motorola is a
> leading
> : cell phone company.  Motorola's market share has reached the critical mass
> : required to make the devices attractive to the l33t haxtorz.
> :
> : Cell phones are venerable to a security threat called 'The Roving Bug'.
> The
> : bug allows people to listen in on you conversations even when the cell
> phone
> : is off.  People can remotely turn on your cell phone, listen in on your
> : conversations, upload and download data, and take photos without you
> knowing
> : it.  The only way to secure your cell phone and your privacy is to remove
> : the
> : battery.
> :
> : Here's what one site has to say:
> :
> : <quote>
> : Nextel and Samsung handsets and the Motorola Razr are especially
> vulnerable
> : to software downloads that activate their microphones, said James
> Atkinson,
> : a
> : counter-surveillance consultant who has worked closely with government
> : agencies. "They can be remotely accessed and made to transmit room audio
> all
> : the time," he said. "You can do that without having physical access to the
> : phone."
> :
> : Because modern handsets are miniature computers, downloaded software could
> : modify the usual interface that always displays when a call is in
> progress.
> : The spyware could then place a call to the FBI and activate the
> microphone--
> : all without the owner knowing it happened
> : </quote> http://hootsbuddy.blogspot.com/2006/12/fbis-roving-bug.html
> :
> : The article says, ". the Motorola Razr [running Linux] are especially
> : venerable ."
> :
> : It turns out that Linux's security model is porous as a sieve.  Devices
> : running Linux are being hacked and taken over by remote hackers.  The
> : security hole persists even when the device is turned off.  But is it some
> : secret 'back door' that only the government knows how to access?  Nope,
> the
> : world knows how to by pass and exploit Linux's so-called security.  Here's
> a
> : horror story describing the hell created because of Linux's weak security:
> : http://www.thenewstribune.com/news/crime/story/91460.html.
> :
> : I am sure so will say, "B-b-b-but Windows blah, blah, blah." to which I
> : reply, "Irrelevant!"
> :
> : This issue is about a bug in Linux.  This is about a known bug in Linux
> : that's been hanging around for months.  It is a bug a known bug in Linux
> : that's been hanging around for months that has not been fixed.  This is
> : about
> : a security hole in Linux.  Windows is not the issue here.  This is a Linux
> : problem and not a Windows problem.
> 
> One thing I've learned after 20 years in the computer industry is that a
> system's biggest security risk is complacency.  Security isn't binary as
> some Linux Loonies proclaim.  Security is uniary and it is set to 'off'.  If
> you're the type who prefers a mathematic theory to support a concept then I
> direct you to Gödel's Incompleteness Theory.  Gödel theory is based on the
> fact that all systems are inherently finite and therefore have external
> forces acting upon them.  The external forces, being outside the system, can
> act in ways not predicted by the system.  The system is vulnerable to forces
> the system was not designed to handle.  Security is a system and its role is
> to defend against external forces.  The system of security will always have
> vulnerabilities since a finite system can not predict and account for an
> infinite number of external forces.

The incompleteness theorm has nothing to do with finiteness at all. It
merely says that there are statements which are not mathematcially
provable to be either true or false - i.e. mathematical theory is
'incomplete'.

> 
> Linux should be able to defend against security threats pretty well.  You
> need two tools to accommodate the inherent incompleteness of security
> systems: vigilance and flexibility.  Vigilance is used to identity
> vulnerabilities early in its life-cycle and flexibility is used to defend
> against it.
> 
> Linux's source code is open so the code is open to the scrutiny of millions
> of eyes.  Vigilance against security threats are not dependant on any one
> person or group.  There are millions of people watching out for security
> holes in Linux.  In theory at least, the Linux community is vigilant against
> security threats.
> 
> Linux covers the requirement of flexibility very well too.  Linux's code is
> available to all to modify, compile and use.  Anyone can fix vulnerability
> once it is identified.  There are probably 10's of thousands of people with
> the knowledge, skill set and resources to fix security holes in Linux.
> There is an added incentive to fixing security bugs in Linux.  The Open
> Source Community has a Cult of Personality* culture.  The person who fixes
> and implements major fixes to Linux would receive Rock Star status in the
> Linux world.  Someone who fixes a security hole the size of the 'Roving Bug'
> might even get to sign (and touch) the boobies of all the girls who frequent
> C.O.L.A.  He may even get to have sex with a real girl if his mom would let
> her into the basement.  There are some huge incentives in the open source
> community to fix security vulnerabilities like the Roving Bug.
> 
> Linux community contains enough 'eyes' to call it a vigilant environment.
> Linux provides enough information and resources to call it a flexible
> environment.  Vigilance and flexibility are required for a secure
> environment and Linux has both these.  The Roving Bug persists in Linux.
> 
> On November 27, 2006 the U.S. District Court described the 'Roving Bug'
> (http://www.politechbot.com/docs/fbi.ardito.roving.bug.opinion.120106.txt).
> Information on the 'Roving Bug' has been available to the public for about
> six months.  The Open Source Community has known about Linux's security
> weakness for months.  Hundreds of new and updated Linux distributions have
> been announced on Linux's Distribution Watch since the 'Roving Bug' became
> public.  If the Open Source Community had the time and resources to create
> hundreds of new distributions then the community had to time to fix the
> Roving Bug.  The bug persists and the Government is still exploiting a hole
> in Linux to spy on innocent people.  It is clear the Open Source Community
> is not as responsive to bug fixes as the Linux Advocates claim.
> 
> To summarize the points:
>     Cell phones are vulnerable to hackers via the 'Roving Bug'.
>     Hackers include the government but also juvenile "l33t haxor" brats.
>     The cell phones that are vulnerable include the Razr which runs Linux.
>     Linux has a huge security vulnerability.
>     The open source community has known about the vulnerability.
>     The open source community has done nothing to fix the vulnerability.
>     Linux's security vulnerabilities persist.
> 
> The above is a list of documented facts.  The facts illustrate a weakness in
> Linux.  No one will come forward and point me to a link where a fix to the
> Roving Bug is available for download.  Like Cassandra, I'll be ridiculed for
> publicizing the truth about weaknesses in Linux and the Open Source
> Development Model.  The response will consist of name calling and unfounded
> accusations.  I'll be accused of being on Microsoft's payroll, my choice of
> News Reader will come into question and I'll be called a nym-shifting racist
> homophobe yet no one will address the issue; no one will fix Linux.  The
> security hole will continue and hackers will continue to exploit Linux
> unbeknownst to the users.
> 
> The security holes in Linux will persist and Linux Loonies will pat
> themselves on the back for 10 new Linux distributions and Roy S. will spam
> C.O.L.A with 100 new posts announcing the new, redundant Linux distributions
> and Mark Kent will laude his OCD as a benefit to the Linux cause.  The
> community focuses on destroying Microsoft and deludes themselves into
> thinking GPL 3 will do it.  I expect ridicule from the Linux Advocates for
> sharing my wisdom.  The ridicule only affirms the accuracy of my statements.
> 
> Shakespeare observed in King Lear, "Wisdom and goodness to the vile seem
> vile: Filths savor but themselves" (Act IV, Scene II).  Such is the sad
> state of the Linux community.
> 
> 
> 
> * The three data points used to support the 'Cult of Personality culture'
> observation would include Linus, Stallman and Larry Wall.

The fact remains that I have been running three or more computers on a
home network accessible to the internet via a broadbanc connection for
over five years - online 24/7/365 - and have NEVER seen a malware
infestation. Do I care why?

Cassandra wrote:

>Her 

Stupid fscking cross-posting troll.

*plonk*

Oldtech wrote:
> CptDondo wrote:
>> Nedd Ludd wrote:
>>> The features of the phone such are the way the firmware is updated are
>>> executed by Linux.
>> Please document this.  Non-linux phones cannot be updated?
>>
>>> The vulnerability on these phones is a result of Linux.
>> Please document this.  Non-linux-based phones don't have this
>> vulnerability?
>>
>>> The Roving Bug is a huge security hole in these phones.
>> Yes.
>>
>>> Its presents and exploitation is facilitated by Linux.
>> Please document this.  Non-linux phones don't have this vulnerability?
> Me thinks the lady doth protest too much, CptDondo.
> 
> It sounds like the Microsoft patent hype.  Lots of claims, but, no
> specifics are offered that we can verify.
> 
> I am willing to bet my favorite ham in Mohamed's frig. that this is a
> plant by felon Microsoft trolls.

Oh no doubt.  It's just a slow day at work and the A/C doesn't work...

CptDondo wrote:
> Nedd Ludd wrote:
>>
>> The features of the phone such are the way the firmware is updated are
>> executed by Linux.
> 
> Please document this.  Non-linux phones cannot be updated?
> 
>> The vulnerability on these phones is a result of Linux.
> 
> Please document this.  Non-linux-based phones don't have this
> vulnerability?
> 
>> The Roving Bug is a huge security hole in these phones.
> 
> Yes.
> 
>> Its presents and exploitation is facilitated by Linux.
> 
> Please document this.  Non-linux phones don't have this vulnerability?
Me thinks the lady doth protest too much, CptDondo.

It sounds like the Microsoft patent hype.  Lots of claims, but, no
specifics are offered that we can verify.

I am willing to bet my favorite ham in Mohamed's frig. that this is a
plant by felon Microsoft trolls.

"CptDondo" <yan@NsOeSiPnAeMr.com> wrote in message 
news:13885j98uu1do0b@corp.supernews.com...
> Cassandra wrote:
>
>>
>> This issue is about a bug in Linux.  This is about a known bug in Linux
>> that's been hanging around for months.  It is a bug a known bug in Linux
>> that's been hanging around for months that has not been fixed.  This is
>> about a security hole in Linux.  Windows is not the issue here.  This is 
>> a Linux
>> problem and not a Windows problem.
>>
>>
>
> Huh?

Duh. Read it again Einstein.

> It seems to be more a bug in the cell-phone protocol/hardware. Or possibly 
> a hardware mod to the cell phones.  I can well imagine the cell phone 
> companies would have a way to update the firmware in your phone remotely.
>
> Nothing to say that it's due to linux being on the phone.

Then read it again.


> The only reason it's not *also* a windows problem is that windows can't 
> possibly run on a cellphone....

http://www.windowsfordevices.com/articles/AT2468909181.html

Do you have any other clueless comments you'd like to make Cpt Dungo?


> As to the "horror story" - why don't they get a prepaid phone?
Because prepaid phones suck.

> Or do  away with cell phones altogether?
Sure. And let's do away with electricity too.


> Or stuff the damn things into a sock while they're not using them? 
> Christ, people used to live their whole lives without cell phones.
And people used to live their whole lives without air travel or cars. So 
let's all go back to riding donkeys and living in caves.





-- 
Posted via a free Usenet account from http://www.teranews.com

On Jun 28, 3:43 pm, "Cassandra" <Cassan...@comcast.net> wrote:
>
> This issue is about a bug in Linux.  This is about a known bug in Linux
> that's been hanging around for months.  It is a bug a known bug in Linux
> that's been hanging around for months that has not been fixed.  This is
> about
> a security hole in Linux.  Windows is not the issue here.  This is a Linux
> problem and not a Windows problem.

In typical troll fanshion, you miss the reality that non-Linux phones
are also affected by this bug. It is an issue with the closed nature
of the phone software add-ons, not with Linux. Indeed, the bug is
prevaltent across many phone OS's, and seems to be a result of greedy
corporate assholes requiring the ability to track, monitor, and
control what they sell to their customers. In a way, this is exactly
the kind of thing you expect from DRM and similar scheme, where the
backdoors deliberately introduced by the seller becomes a huge
security hole that gets exploited.

This is really not surprising, and the Washington wiretap scandal
revealed that many of the cell carriers were not only turning over
more info than required by law, but often even more info than the
government was actually asking for.

If the phone software were completely open sourced, this would not be
a problem. However, as far as I know, not a single phone manufacurer
has released the source code for their phone software into the OSS
world.

In short, this has little or nothing to do with Linux, and everything
to do with closed source software and proprietary bullshit.

If you would have done a bit of research first, you could have kept
your mouth shut instead of yelling out to the world how much of a fool
you are.

Dean G.

On Jun 28, 5:05 pm, "Nedd Ludd" <NeddL...@comcast.net> wrote:
> "CptDondo" <y...@NsOeSiPnAeMr.com> wrote in message
>
> news:13885j98uu1do0b@corp.supernews.com...: Cassandra wrote:
>
> :
> : >
> : > This issue is about a bug in Linux.  This is about a known bug in Linux
> : > that's been hanging around for months.  It is a bug a known bug in Linux
> : > that's been hanging around for months that has not been fixed.  This is
> : > about a security hole in Linux.  Windows is not the issue here.  This is
> a Linux
> : > problem and not a Windows problem.
> : >
> : >
> :
> : Huh?
> :
> : It seems to be more a bug in the cell-phone protocol/hardware. Or
> : possibly a hardware mod to the cell phones.  I can well imagine the cell
> : phone companies would have a way to update the firmware in your phone
> : remotely.
> :
> : Nothing to say that it's due to linux being on the phone.
>
> The features of the phone such are the way the firmware is updated are
> executed by Linux.

Not at all.

> The vulnerability on these phones is a result of Linux.

No, the vulnerability is the result of the phone manufacurers using
known bad security practices. The updates are done automatically with
root level access. This is similar to how Windows Update works when
set to automatic, but not how Linux normally works. With Linux, the
root user would have to log on to do this, and by default, remote root
access is disabled.

Sorry, Charlie, you are not only wrong, but it is obvious you don't
really have a clue what you are pontificating so loudly about.

Dean G.

On Jun 28, 4:10 pm, "Nedd Ludd" <NeddL...@comcast.net> wrote:

To summarize faulty logic:
    Cell phones are vulnerable to hackers via the 'Roving Bug'.

This is true. Many phones suffer this problem, regardless of the OS
they use

    Hackers include the government but also juvenile "l33t haxor"
brats.

Irrlelevant, but true.

    The cell phones that are vulnerable include the Razr which runs
Linux.

True, but only half the truth. Many phones, including non-Linux phones
suffer from the same problem.

    Linux has a huge security vulnerability.

You have completely failed to demonstrate such a claim. You offer no
evidence, make no attempt to actually identify the cause, nor do you
even consider the possibility that it is a hardware issue.

    The open source community has known about the vulnerability.

There is no evidence that it is an open source issue. Indeed, since
this affects non-Linux phones, it is more likely that it is not an OSS
issue.

    The open source community has done nothing to fix the
vulnerability.

The OSS community has nothing to fix. There is a problem with the
phones, and the manufacturers should address this issue. If they need
help, they can release their source code under and OSS license and the
OSS community would be glad to help. Until such a time, it is a closed
source problem, and the blame properly rests on the people who chose
to keep this a secret instead of being open about it.

    Linux's security vulnerabilities persist.

Actually, there are likely still a few, but less and less all the
time. Unfortunately for loud mouthed fools, the roaming bug is not one
of them.

Also, in the spirit of charity, I offer my assitance to the phone
companies at reasonable market rates. If they need help administering
their Linux set ups, I would be delighted to help. My first piece of
advice is free : Remote root access is disabled by default for a very
good reason.

Dean G.

On Jun 28, 5:27 pm, ray <r...@zianet.com> wrote:

> The incompleteness theorm has nothing to do with finiteness at all. It
> merely says that there are statements which are not mathematcially
> provable to be either true or false - i.e. mathematical theory is
> 'incomplete'.

Close, but it says just a bit more. It says this is true for all
formal systems, not just mathematics.

>
> The fact remains that I have been running three or more computers on a
> home network accessible to the internet via a broadbanc connection for
> over five years - online 24/7/365 - and have NEVER seen a malware
> infestation. Do I care why?

Most people who have zombieware do not know it. There are several
million Windows boxes that have been so compromised, and most of these
users would undoubtedly rid themselves of the problem if they only
knew about it.

Indeed, in the spirit of Godel, logic,  and mathematics, let's not
fool ourselves : You cannot prove you do NOT have a malware issue.

Dean G.

"Dean G." wrote:
> 
.... snip ...
> 
> Most people who have zombieware do not know it. There are several
> million Windows boxes that have been so compromised, and most of
> these users would undoubtedly rid themselves of the problem if
> they only knew about it.

They usually know about it.  They don't know how to eliminate
and/or avoid it in the first place.

-- 
 <http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt>
 <http://www.securityfocus.com/columnists/423>
 <http://www.aaxnet.com/editor/edit043.html>
                        cbfalconer at maineline dot net



-- 
Posted via a free Usenet account from http://www.teranews.com

CptDondo wrote:
> 
.... snip ...
> 
> As to the "horror story" - why don't they get a prepaid phone?  Or
> do away with cell phones altogether?  Or stuff the damn things into
> a sock while they're not using them?  Christ, people used to live
> their whole lives without cell phones.

The ideal solution. :-)  Also, much cheaper.

-- 
 <http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt>
 <http://www.securityfocus.com/columnists/423>
 <http://www.aaxnet.com/editor/edit043.html>
                        cbfalconer at maineline dot net


-- 
Posted via a free Usenet account from http://www.teranews.com

CptDondo wrote:

> Oh no doubt.  It's just a slow day at work and the A/C doesn't work...

Windows-based controller?

-- 

David L. Johnson

Arguing with an engineer is like mud wrestling with a pig...
You soon find out the pig likes it!

In article <bJCdnZBigMvgjRnbnZ2dnUVZ_veinZ2d@comcast.com>, Cassandra wrote:
> Linux advocate's reply is that, Linux's architecture makes it impossible to
> hack.

Dead on arrival in the first paragraph. Nobody who actually knows anything
about operating system architecture and/or security would make such a claim.

The threats against Linux tend to be of a different nature than those
against Windows. The latter tend to be aimed at end users due to Windows'
architecture which requires most users to work full-time in an administrative
account to make use of their systems. This combined with the active
scripting that Microsoft is so fond of embedding in all types of content
makes Windows a virus writer's dream environment in terms of attacking
through end users. (Remember the first major wave of PC-based viruses?
It was when Microsoft introduced the "auto-execute macro" in Word documents,
initially with no way to disable them. This turned ordinary documents
into potential vectors for infections.)

In contrast, the threats against Linux (and other Unix-based systems)
tend to be based on attacking public services. As you may recall, the
first Internet worm in 1988 virtually shut down the entire Net by taking
advantage of a bug in the finger daemon in Berkeley-derived variants of
Unix. Unix-based utilities such as sendmail, bind, and others have a long
history of security flaws.  Anyone with any sense will tell you that if
you hook up an old, unmaintained Linux system running public services to
the Internet it will likely be hacked and rooted in short order. On the
other hand, Windows-style attacks on end users are much less fruitful
due to user accounts with limited privileges and a lower incidence of
script-triggered automation features in end-user applications.

-- 
  Roger Blake
  (Subtract 10s for email.)

"Cassandra" <Cassandra@comcast.net> wrote in
news:bJCdnZBigMvgjRnbnZ2dnUVZ_veinZ2d@comcast.com: 

> Her advocates claim Linux is more secure than Windows and as proof
> they offer
> the list of viruses that target Windows. 

And the lack of viruses that target Linux.

> The rebuttal is typically that
> Window is an attractive target for virus writers due to its ubiquity.

Its ubiquity and its lack of security.  It's the low hanging fruit of
the software world. 

> The
> Linux advocate's reply is that, Linux's architecture makes it
> impossible to hack.

No they don't.  they say it is more difficult for a virus to prosper on
a linux system.  

Linux can be hacked, indeed Linux has been hacked, though the damage
that a hacker can do is limited in Linux compared to Windows. 

>  I think we've all seen this exchange.

I've certainly seen Trolls like you talk about this fictitious exchange,
does that count? 

Snip the rest of the trolling attempt.

CBFalconer wrote:

>"Dean G." wrote:
>> 
>... snip ...
>> 
>> Most people who have zombieware do not know it. There are several
>> million Windows boxes that have been so compromised, and most of
>> these users would undoubtedly rid themselves of the problem if
>> they only knew about it.
>
>They usually know about it.  

Not in my experience.  Not until things get REALLY bad.

>They don't know how to eliminate

That's for sure.  Virus scanners?  Worthless!

>and/or avoid it in the first place.

Blame M$ for encouraging (indeed, almost requiring) users to run as
admin.

In article <13885j98uu1do0b@corp.supernews.com>,
 CptDondo <yan@NsOeSiPnAeMr.com> wrote:

> It seems to be more a bug in the cell-phone protocol/hardware. Or 
> possibly a hardware mod to the cell phones.  I can well imagine the cell 
> phone companies would have a way to update the firmware in your phone 
> remotely.

Actually, it seems to be none of the above.  It's more likely to be 
total BS.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&t
axonomyName=mobile_and_wireless&articleId=9025893

In comp.os.linux.advocacy, CptDondo
<yan@NsOeSiPnAeMr.com>
 wrote
on Thu, 28 Jun 2007 13:37:47 -0700
<13887544la6c37f@corp.supernews.com>:
> Nedd Ludd wrote:
>
>> 
>> To summarize the points:
>> a)    Cell phones are vulnerable to hackers via the 'Roving Bug'.
>>     Hackers include the government but also juvenile "l33t haxor" brats.
>> b)    The cell phones that are vulnerable include the Razr which runs Linux.
>> c)    Linux has a huge security vulnerability.
>>     The open source community has known about the vulnerability.
>>     The open source community has done nothing to fix the vulnerability.
>>     Linux's security vulnerabilities persist.
>> 
>> The above is a list of documented facts.  The facts illustrate a weakness in
>> Linux.  No one will come forward and point me to a link where a fix to the
>> Roving Bug is available for download.
>
> Please demonstrate.
>
> If we take your points a) and b), I could just as easily say,
>
> The cell phones that are vulnerable include those that come in blue.
> Therefore all blue phones (and only blue phones) are vulnerable.
> Furthermore, it is the fault of the blue color that they are vulnerable.
>
> So far, I have not seen anything that would indicate that this is a 
> *linux* issue.  It is, AFAICT, a cell phone issue.
>
> The ability to remotely turn on the mike must be in the hardware; I know 
> of no such ability within the linux kernel.
>
> Presumably, once the phone is off, the linux kernel is not running; yet 
> according to the reports, the phone can still transmit conversations.

That is an interesting but probably false assumption,
though I'll admit to some curiosity on the details.
Presumably, there are three modes:

[1] The thing is really off, as in
    removal-of-the-battery-pack off.  Some might also
    have a power switch that cannot be remotely actuated.
    Windows, Linux, Symbian, HURD -- it doesn't matter;
    only one's finger (or brushing against something)
    can flip that switch.

[2] The thing is in a mode where it takes a minimum of
    power, listening to its antenna at most, waiting
    for a call.  IINM, this is "standby" mode, and is
    characterized by low power consumption.  This is the
    mode which is allegedly hackable, according to the OP.
    Whether it's actually possible may depend on the phone.

[3] The thing is on and the mike and speaker are active,
    either for an actual phone call or for video.

Which mode is everyone's cell phone in?  Most likely, [2].
This is not off, just on standby.

This problem is not limited to phones, of course, though
laptops and other such units have different dynamics.

And of course it is not a weakness in Linux per se, but
in the entire system.  At most, there might be a weakness
in Linux for allowing a transition from [2] to [3] without
proper user authorization -- and that's assuming Linux
gets involved at that level, as presumably it will punt
to a module that is part of Linux to do the actual gruntwork.

>
> How is this then a linux issue?  Is the linux kernel imbued with some 
> ghost geekiness that allows it to run even if shut off?  <eerie music 
> playing>  Or perhaps is there some Uber-kernel that persists beyond all 
> attempts to power it off, sucking the energy from the ether?

IBM z-systems do have such an "uberkernel" -- z-OS -- but are far
larger than one's normal portable device. :-)

-- 
#191, ewill3@earthlink.net
Is it cheaper to learn Linux, or to hire someone
to fix your Windows problems?

-- 
Posted via a free Usenet account from http://www.teranews.com

The Man wrote:

> 
>> The only reason it's not *also* a windows problem is that windows can't 
>> possibly run on a cellphone....
> 
> http://www.windowsfordevices.com/articles/AT2468909181.html
> 
> Do you have any other clueless comments you'd like to make Cpt Dungo?

Those are "smartphones" and PDA.  Not what I call a cellphone.  My 
linux-based Motorola is about 3.5 x 1.75", way smaller and lighter than 
the PDAs listed in that article.

>> As to the "horror story" - why don't they get a prepaid phone?
> Because prepaid phones suck.
> 
>> Or do  away with cell phones altogether?
> Sure. And let's do away with electricity too.

I have 5 stray cats that like to roll around on a particular doormat on 
my deck.  It's really aggavating, as they fight over it, and leave 
catshit and cathair all over the place.

I could call the paper and police and whatever, and whine about the 
horrible state of stray cats.

Or I could just fold the doormat over so the cats can't get to the 
scratchy part.

Hmmm... You decide.

And, BTW, I've met Einstein's daugher and secretary several times.  And 
sat in his chair.  (And probably peed in the same urinal....)  So 
calling me "Einstein" is pretty neat.

--Yan

The Ghost In The Machine wrote:
> In comp.os.linux.advocacy, CptDondo
> <yan@NsOeSiPnAeMr.com>
>>
>> Presumably, once the phone is off, the linux kernel is not running; yet 
>> according to the reports, the phone can still transmit conversations.
> 
> That is an interesting but probably false assumption,
> though I'll admit to some curiosity on the details.
> Presumably, there are three modes:
> 
> [1] The thing is really off, as in
>     removal-of-the-battery-pack off.  Some might also
>     have a power switch that cannot be remotely actuated.
>     Windows, Linux, Symbian, HURD -- it doesn't matter;
>     only one's finger (or brushing against something)
>     can flip that switch.
> 
> [2] The thing is in a mode where it takes a minimum of
>     power, listening to its antenna at most, waiting
>     for a call.  IINM, this is "standby" mode, and is
>     characterized by low power consumption.  This is the
>     mode which is allegedly hackable, according to the OP.
>     Whether it's actually possible may depend on the phone.
> 
> [3] The thing is on and the mike and speaker are active,
>     either for an actual phone call or for video.
> 
> Which mode is everyone's cell phone in?  Most likely, [2].
> This is not off, just on standby.
> 

I am somewhat curious about this as well.  All the phones I've seen, 
when "off" - i.e. power button pushed - are pretty much doorstops.  When 
you push the power button, they go through a boot process - display a 
logo, show some graphics, play a cheesy sound - so I would assume the 
kernel is booting.

I can't see how a phone in the off state can transmit anything unless 
specially modified.

In standby, there is a way for the phone to wake up - incoming calls, 
flip it open, etc.  Presumably in this state the phone can be updated 
remotely.

I actually turn mine off quite a bit; whenever I don't want to be 
disturbed.  Heck, I leave it at home when I go on vacation.

I still stand by my original statement - if the phone bothers you, get 
rid of it.  It's really simple.  Use a landline.

On Jun 28, 3:43 pm, "Cassandra" <Cassan...@comcast.net> wrote:
> Her advocates claim Linux is more secure than Windows and as proof they
> offer
> the list of viruses that target Windows.  The rebuttal is typically that
> Window is an attractive target for virus writers due to its ubiquity.  The
> Linux advocate's reply is that, Linux's architecture makes it impossible to
> hack.  I think we've all seen this exchange.  Whether Linux is immune from
> hacking is an open question.  What if Linux were ubiquitous?  Would hackers
> try to break in?  Could hackers succeed?  The answer to these questions is
> yes.
>
> Motorola has embraced Linux as the OS to run on its line of cell phones
> (http://news.com.com/2100-1001-984424.html).  The following link includes
> over a dozen cell phone offering, including the Razr, which feature Linux:http://www.linuxdevices.com/news/NS4504156025.html.   Motorola is a leading
> cell phone company.  Motorola's market share has reached the critical mass
> required to make the devices attractive to the l33t haxtorz.
>
> Cell phones are venerable to a security threat called 'The Roving Bug'.  The
> bug allows people to listen in on you conversations even when the cell phone
> is off.  People can remotely turn on your cell phone, listen in on your
> conversations, upload and download data, and take photos without you knowing
> it.  The only way to secure your cell phone and your privacy is to remove
> the
> battery.
>
> Here's what one site has to say:
>
> <quote>
> Nextel and Samsung handsets and the Motorola Razr are especially vulnerable
> to software downloads that activate their microphones, said James Atkinson,
> a
> counter-surveillance consultant who has worked closely with government
> agencies. "They can be remotely accessed and made to transmit room audio all
> the time," he said. "You can do that without having physical access to the
> phone."
>
> Because modern handsets are miniature computers, downloaded software could
> modify the usual interface that always displays when a call is in progress.
> The spyware could then place a call to the FBI and activate the microphone--
> all without the owner knowing it happened
> </quote>http://hootsbuddy.blogspot.com/2006/12/fbis-roving-bug.html
>
> The article says, ". the Motorola Razr [running Linux] are especially
> venerable ."
>
> It turns out that Linux's security model is porous as a sieve.  Devices
> running Linux are being hacked and taken over by remote hackers.  The
> security hole persists even when the device is turned off.  But is it some
> secret 'back door' that only the government knows how to access?  Nope, the
> world knows how to by pass and exploit Linux's so-called security.  Here's a
> horror story describing the hell created because of Linux's weak security:http://www.thenewstribune.com/news/crime/story/91460.html.
>
> I am sure so will say, "B-b-b-but Windows blah, blah, blah." to which I
> reply, "Irrelevant!"
>
> This issue is about a bug in Linux.  This is about a known bug in Linux
> that's been hanging around for months.  It is a bug a known bug in Linux
> that's been hanging around for months that has not been fixed.  This is
> about
> a security hole in Linux.  Windows is not the issue here.  This is a Linux
> problem and not a Windows problem.

This post is weird, because it has more to do with how the phone was
designed and how they made their linux flavor work, than an actual
problem with linux.  Not only that, since the phone os is closed
source, it's their responsibility to fix the bug anyway, and the OSS
community doesn't have anything to do with it.  I'm going to go ahead
and make a generalized statement about telco -- they way over-
complicate things so they can charge outrageous prices for their
support.  This is nothing more than a phone company doing the same as
phone companies have always done.

Really this is a linux advocacy forum and you bringing an argument in
here about an embedded os on a propietary system doesn't really fight
linux or support it, stick to the cellular forums

 tblanchard001@gmail.com wrote:

> On Jun 28, 3:43 pm, "Cassandra" <Cassan...@comcast.net> wrote:
>> Her advocates claim Linux is more secure than Windows and as proof they
>> offer
>> the list of viruses that target Windows.  The rebuttal is typically that
>> Window is an attractive target for virus writers due to its ubiquity. 
>> The Linux advocate's reply is that, Linux's architecture makes it
>> impossible to
>> hack.  I think we've all seen this exchange.  Whether Linux is immune
>> from
>> hacking is an open question.  What if Linux were ubiquitous?  Would
>> hackers
>> try to break in?  Could hackers succeed?  The answer to these questions
>> is yes.
>>
>> Motorola has embraced Linux as the OS to run on its line of cell phones
>> (http://news.com.com/2100-1001-984424.html).  The following link includes
>> over a dozen cell phone offering, including the Razr, which feature
>> Linux:http://www.linuxdevices.com/news/NS4504156025.html.   Motorola is a
>> leading
>> cell phone company.  Motorola's market share has reached the critical
>> mass required to make the devices attractive to the l33t haxtorz.
>>
>> Cell phones are venerable to a security threat called 'The Roving Bug'. 
>> The bug allows people to listen in on you conversations even when the
>> cell phone
>> is off.  People can remotely turn on your cell phone, listen in on your
>> conversations, upload and download data, and take photos without you
>> knowing
>> it.  The only way to secure your cell phone and your privacy is to remove
>> the
>> battery.
>>
>> Here's what one site has to say:
>>
>> <quote>
>> Nextel and Samsung handsets and the Motorola Razr are especially
>> vulnerable to software downloads that activate their microphones, said
>> James Atkinson, a
>> counter-surveillance consultant who has worked closely with government
>> agencies. "They can be remotely accessed and made to transmit room audio
>> all the time," he said. "You can do that without having physical access
>> to the phone."
>>
>> Because modern handsets are miniature computers, downloaded software
>> could modify the usual interface that always displays when a call is in
>> progress. The spyware could then place a call to the FBI and activate the
>> microphone-- all without the owner knowing it happened
>> </quote>http://hootsbuddy.blogspot.com/2006/12/fbis-roving-bug.html
>>
>> The article says, ". the Motorola Razr [running Linux] are especially
>> venerable ."
>>
>> It turns out that Linux's security model is porous as a sieve.  Devices
>> running Linux are being hacked and taken over by remote hackers.  The
>> security hole persists even when the device is turned off.  But is it
>> some
>> secret 'back door' that only the government knows how to access?  Nope,
>> the
>> world knows how to by pass and exploit Linux's so-called security. 
>> Here's a horror story describing the hell created because of Linux's weak
>> security:http://www.thenewstribune.com/news/crime/story/91460.html.
>>
>> I am sure so will say, "B-b-b-but Windows blah, blah, blah." to which I
>> reply, "Irrelevant!"
>>
>> This issue is about a bug in Linux.  This is about a known bug in Linux
>> that's been hanging around for months.  It is a bug a known bug in Linux
>> that's been hanging around for months that has not been fixed.  This is
>> about
>> a security hole in Linux.  Windows is not the issue here.  This is a
>> Linux problem and not a Windows problem.
> 
> This post is weird, because it has more to do with how the phone was
> designed and how they made their linux flavor work, than an actual
> problem with linux.  Not only that, since the phone os is closed
> source, it's their responsibility to fix the bug anyway, and the OSS
> community doesn't have anything to do with it.  I'm going to go ahead
> and make a generalized statement about telco -- they way over-
> complicate things so they can charge outrageous prices for their
> support.  This is nothing more than a phone company doing the same as
> phone companies have always done.
> 
> Really this is a linux advocacy forum and you bringing an argument in
> here about an embedded os on a propietary system doesn't really fight
> linux or support it, stick to the cellular forums

It probably developed that way.  It started off as the relative merits of
Linux vs Windows.  Then it became "This is a Linux issue, therefore it is a
matter for the Linux community," which is false.  It overlooked the point
that Linux is not the same thing as Open Source - the two simply go hand in
hand, most of the time.  At least it remained technical.  Many threads go
off at a tangent - usually humorously.

Actually, I am becoming the Roving Blog - more interested in garrulous
blogging than in contributing usefully.  Wish never to grow old.

Doug.
-- 
I am a part of all that I have met.
   - Lord Tennyson, "Ulysses."

Doug Laidlaw wrote:
> tblanchard001@gmail.com wrote:
> 
.... snip ...
>
>> Really this is a linux advocacy forum and you bringing an argument
>> in here about an embedded os on a propietary system doesn't really
>> fight linux or support it, stick to the cellular forums
> 
> It probably developed that way.  It started off as the relative
> merits of Linux vs Windows.  Then it became "This is a Linux issue,
> therefore it is a matter for the Linux community," which is false. 
> It overlooked the point that Linux is not the same thing as Open
> Source - the two simply go hand in hand, most of the time.  At
> least it remained technical.  Many threads go off at a tangent -
> usually humorously.

Was it necessary to quote 100 odd lines of nonsense for this?

-- 
 <http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt>
 <http://www.securityfocus.com/columnists/423>
 <http://www.aaxnet.com/editor/edit043.html>
                        cbfalconer at maineline dot net



-- 
Posted via a free Usenet account from http://www.teranews.com

On 2007-06-29, CptDondo <yan@NsOeSiPnAeMr.com> wrote:
> I am somewhat curious about this as well.  All the phones I've
> seen, when "off" - i.e. power button pushed - are pretty much
> doorstops.  When you push the power button, they go through a
> boot process - display a logo, show some graphics, play a
> cheesy sound - so I would assume the kernel is booting.
>
> I can't see how a phone in the off state can transmit anything
> unless specially modified.

That's actually the point of roving bug mode.  Once this mode is
activated, a "turned off" phone is no longer, strictly speaking,
off.  The screen is off and the thing won't accept calls to the
owner, but despite all appearances it's secretly doing the
network operator's bidding.

On the other hand, I don't know what the precise mechanism for
enabling roving bug mode is -- does the phone check in with the
network as it shuts down as to whether it's supposed to stay
awake?  Does a turned-off cell phone actually periodically power
up to check the network for roving bug status?  It's an
interesting technical question, even if it does give me the
heebie jeebies...

-- 
Mark Shroyer
http://markshroyer.com/

On Jul 1, 2:44 am, Mark Shroyer <usenet-m...@markshroyer.com> wrote:
> On 2007-06-29, CptDondo <y...@NsOeSiPnAeMr.com> wrote:
>
> > I am somewhat curious about this as well.  All the phones I've
> > seen, when "off" - i.e. power button pushed - are pretty much
> > doorstops.  When you push the power button, they go through a
> > boot process - display a logo, show some graphics, play a
> > cheesy sound - so I would assume the kernel is booting.
>
> > I can't see how a phone in the off state can transmit anything
> > unless specially modified.
>
> That's actually the point of roving bug mode.  Once this mode is
> activated, a "turned off" phone is no longer, strictly speaking,
> off.  The screen is off and the thing won't accept calls to the
> owner, but despite all appearances it's secretly doing the
> network operator's bidding.
>
> On the other hand, I don't know what the precise mechanism for
> enabling roving bug mode is -- does the phone check in with the
> network as it shuts down as to whether it's supposed to stay
> awake?  Does a turned-off cell phone actually periodically power
> up to check the network for roving bug status?  It's an
> interesting technical question, even if it does give me the
> heebie jeebies...
>
> --
> Mark Shroyerhttp://markshroyer.com/

This post is just getting weirder and stranger as it has nothing to do
with linux and more with the cell manufacturer,  I mean really you
could install winshaft or LINUX on these things and still the cell
manufacturers would still have crap that would make them "boot on
wake" from lan.  I mean comeon what's this really have to do with an
OS; some jerk started this post as an attack to linux, which it can't
be ever, because cell companies (like all telecom) keep to themselves
their "secrets" which really means "we made up our own terms for this
telecom system" and refuse to standardize so they can charge $150.00/
hr to do work that someone with a "telecom company name" dictionary
could do. really companies in the telecom business and windows should
take their propietary carp and shove it because I understand the need
to make money, but really you're just being ridicoulous at this point
and I'm going to do everything in my power to be able to make OSS a
standard so that I can write my own patches if I have to.  Let it be
known that I truly hate magwa shaft, telecom and all propietary
crapware simply because now they're just abusing me.

CptDondo wrote:

> The Ghost In The Machine wrote:
> 
> I am somewhat curious about this as well.  All the phones I've seen,
> when "off" - i.e. power button pushed - are pretty much doorstops.  When
> you push the power button, they go through a boot process - display a
> logo, show some graphics, play a cheesy sound - so I would assume the
> kernel is booting.

On most designs, the power button is a software thing. What you see
is a simulation of 'OFF' - display and radio get shut down, the processor
goes on a slow clock and the power consumption drops low enough to
not matter any more.

Some simple phones go through a "boot process" when switched on, but
most modern ones actually just come out of what you would call hibernation
for a laptop.

Some phones take minutes to boot when they start from scratch.

> 
> I can't see how a phone in the off state can transmit anything unless
> specially modified.

It normally doesn't. But the software in the phone is exchangeable and
on many phones this can be done remotely over the network. Law enforcement
can and will do this.

There is no hardware feature which could stop the software to fire up
the radio and transmit a conversation while you think the phone is off. 

> 
> In standby, there is a way for the phone to wake up - incoming calls,
> flip it open, etc.  Presumably in this state the phone can be updated
> remotely.

Again, this is behavior entirely defined by software. There is a
good chance that a software update can only happen when in standby,
but after that, all bets are off.

The only sure-fire way to switch the phone off is to pull the battery.
It takes energy to transmit and apart from the battery, a phone can
not store any significant amount of energy.

BTW, the 'bug' in "roving bug" is not a bug in a software sense. It's
a surveillance bug, which may or may not be implemented by hacking or
otherwise modifying a phone.

Kind regards,

Iwo

In article <r6mfl4-jgm.ln1@sirius.tg00suus7038.net>,
The Ghost In The Machine  <ewill@sirius.tg00suus7038.net> wrote:

>[1] The thing is really off, as in
>    removal-of-the-battery-pack off.  Some might also
>    have a power switch that cannot be remotely actuated.
>    Windows, Linux, Symbian, HURD -- it doesn't matter;
>    only one's finger (or brushing against something)
>    can flip that switch.

Is there another battery inside that isn't removable?

--
http://www.spinics.net/lists/