Three dumb questions, possibly:
I've never had a smart phone, and probably need to get one soon. For
the time being, I'd rather use it just as a GPS... and as an Android
learning tool, when near our home wifi. (Moving up to a voice/data plan
some months from now.)
1) Could I run it as a GPS to help me navigate on the road, even though
it would not have a SIM card in it? (i.e. Load some detailed Melbourne
roadmap and a GPS application into it at home via the wifi, and then
rely solely on the GPS to help me navigate from spot to spot as I do my
part-time casual driving job.)
2) Do (m)any Android smartphones have removable and readily
available/affordable after-market batteries? (I tend to hang on to
things for a long time, and it's always the batteries that die [over
time] on such devices for me. Manufacturer's replacement batteries tend
to cost as much as an entire device.)
3) Can one reasonably connect a REAL keyboard to a smartphone? (I hate
the absurd tiny touch-keyboards on small devices, and the quasi-Morse
Code of using a phone number pad.)
Thanks a lot.
p.s. Anyone living/working east of the CBD got a second-hand Android
smart-phone with GPS to sell? Contact me directly, off list. Ta.
SSIT Australia Chair Adj Prof Philip Hall will talk on; *Water Quality
Management: The Case for Real Time Monitoring &Reporting.*
The talk will occur on Thursday the 1st of August 2013 from 6.30 to
7.30pm at the University of Melbourne, Parkville Campus, Alan Gilbert
Lecture Theatre 103. /Further details on speaker and abstract below./
*Location:* University of Melbourne, Parkville Campus, Alan Gilbert
Lecture Theatre 103, Corner Grattan & Barry Streets
*Organised by:* IEEE SSIT Chapter (and as part of preparation for an
Oceanic Engineering Society chapter)
Despite significant advances in sensor and communication technologies,
water quality monitoring (WQM) is still primarily undertaken through
small-scale and single-application sampling and testing that is limited
by the available techniques and only provides selective data for
decision support tools. The effects of diffuse pollutants and their
distribution within water bodies and transboundary river systems are,
therefore, difficult to capture, as is determining the exact point and
timing of their release into a defined "water system". Improved data
capture and timely analysis, enabled by innovative sensor technologies
and communication networks, is an important aspect of compliance
monitoring. This is particularly important for international and
trans-border agreements where changes in water distribution, quality,
and availability associated with regional climate variability are
already creating challenges for future water, energy and food security.
Therefore, by removing the long lead times between when the sample was
taken to completion of sample testing and data analysis, it is not only
possible to develop and implement an effective WQM network and
management framework that provides for real time data capture and
analysis, but one that also provides for flexible policy settings, an
early warning and situation management capability, and opportunities for
greater compliance in water resource management.
I found this bit about hazards uniquely faced by internation travelers
Q: Do you think organizations are understanding and taking the threat
among these new mobile attack vectors seriously yet? Are security
managers really getting it? Why or why not?
A: The most-security-aware organizations are taking these threats very
seriously. They're destroying phones after taking them to hostile areas
with known malicious carriers, they're limiting what information gets
copied to the default inbox/contact list on devices, they're limiting
what applications can be installed on devices which have access to
Q: In your presentation, you specifically referred to some of the threats
mobile users are facing now while traveling internationally. What are
A: There are two major threat categories when it comes to international
travel, the malicious foreign carrier and the enterprising private
mobile attacker. These threats result from the fact that citizens of a
foreign country generally have no rights to privacy and no official
recourse if their information gets stolen while they are in the foreign
country. I already spoke about how foreign carriers have total control
over devices which are associated with their networks. Probably the most
alarming thing we've seen happen in our tests is how foreign carriers
can steal the cryptographic seed values from soft-tokens installed on
smartphones. One take-away I'd love to get across to all of your readers
is to never let soft-tokens become a solution to be relied on for
organizations which have a large number of international travelers.
I'm wary of distortions, outright bullshit, and vague handwaving by
security industry guys. As usual, interviewee Aaron Turner (of
IntegriCell, formerly Idaho National Laboratory, formerly Microsoft
security division) is vague about how code gets executed to do
Smartphone 'soft-tokens' means virtual dongles used for (supposed)
two-factor authentication such as Symantec VIP or SecurEnvoy
SecurAccess. Pity Turner doesn't say _how_ iOS, Android, and
BlackberryOS yield 'total control over devices' to local carriers.
Turner goes on, in the bit about international travelers, to talk about
a cruise ship passenger who uses a cafe's WiFi in port, and 'the coffee
shop owner has realized he can make more money selling your address book
to spearfishers than he ever can make selling you even his
most-expensive latte'. I'm intrigued, Mr. Turner. How does connecting
a smartphone to a WAP give the WAP owner automatic access to the
smartphone's address book?
I'm used to assuming that networks are dangerous and untrustworthy and
layering things trustworthy over them. Why is that approach not
feasible with a smartphone -- or is Turner just another guy selling
unnecessary gear to the rubes?
Begin forwarded message:
Folks, something a little off topic.
At 3:02:01 on the 5th of August this year it will be a very special
date. The date will form the Fibonacci sequence, where each term is the
sum of the two before it. In this case, it will be the 1st second of
the 2nd minute of the 3rd hour of the 5th day of the 8th month of the
13th year of the 21st century. Such a sequence will not occur again,
and needs to be celebrated properly.
OK, its not Linux, but I thought it worth sharing.
Related to this: I am thinking of replacing an aging Nokia "dumbphone"
with another one but have problems to figure out which one can be used
as a WiFi hotspot.
Do you know one?
I am not reading/browsing on a phone but prefer to have a tablet
connected when needed.
Well, security-wise it separates network carrier and phone
functionality from the "browsing/email computer" although it isn't my
I don't have the habit of being online 24hrs, and find phone screens
to small to be enjoyable (or too big to carry in my pocket) I like the
idea of two screens folded but these devices don't seem to be very
popular. They usually disappear from the market before I get around to
think of them more seriously.
Strongly concur with recent comments, here, that the embedded market
tends to be a completely different mentality, where the notion of anyone
being selective about what one is willing to run is simply an alien
Back when I was working at Cadence Design Systems (a big EDA-industry
company), I found myself being told by my new boss that he would like me
to install various bits of proprietary software on my home laptop for
company purposes. I very politely informed him that (1) my laptop ran
Debian and not MS-Windows or Mac OS X, but also (2) for reasons of local
privacy and security policy, only software I had approved and selected
would be installed and run there. However, I said, if he wanted to
issue me a company machine to run company-specified software, that would
perhaps work. And I remember the look of intense surprise.
The 'I installed [foo] because a Web site told me I needed to'
population is, actually, almost everyone except us freaks. It's well to
remember that, because it's easy to forget.
Date: Thu, 25 Jul 2013 13:12:24 -0700
From: Rick Moen <rick(a)linuxmafia.com>
Subject: Re: nukemap
Quoting Leonard R. Cleavelin (leonard(a)cleavelin.net):
> Quoting Lawrence Crowell (goldenfieldquaternions(a)gmail.com):
> > This little morbid program http://188.8.131.52/nukemap3d/ is interesting.
> > You can enter in any city in the world set the yield of a nuclear bomb and
> > let 'er rip. You need Google Earth 3-D to run this.
> I used it to "nuke" the FedEx Forum in Memphis with a "Davy Crockett"
> (smallest nuke the US forces have ever fielded; IIRC it has a 20
> ton--not mega-, not kilo-, not even hecto, just ton--yield). It felt
> good. ;-)
I'm delighted that people enjoy cool Internet-enabled applications like
this, and under no circumstances would tell a devotee he/she shouldn't
run them. At the same time, I keep being bemused by the security and
privacy implications of such things -- by which I don't mean the little
morbid program so much as I do the Google Earth engine needed to run it.
Google Earth in either its browser plugin or standalone form isn't just
a proprietary opaque (by which I mean unauditable by anyone outside
Google, Inc.) binary program but also such an offering _specifically_
from one of the most prying, nosy, large Internet corporations on Earth,
a corporation whose entire business model is based on data-mining
computer users to glean data valuable to them and to their customers.
The Google Earth program must be installed with root (for Unixes) or
administrator (for Windows) privilege, hence will have total access to
everything on your machine, and hooks directly into the video software
layers (for 3D imaging) and sends real-time data (into which you have
no visibility) from your computer back to Google.
And you're being told you can do this as a non-customer of Google:
Google's _actual_ customers (the people who pay them money for services)
are entitled by law to an implied warranty of good faith and fair
dealing. Users who elect to download their 'free' proprietary programs
or use their 'free' Web services have no such entitlment, and are (as
the saying goes) not customers but rather product.
tl;dr: Google Earth is a huge 'trust me' from the most prominent
data-mining enterprise in existence, one that for quite a few years has
made quite clear that it will intrude on user privacy whenever and
wherever it wants.
And _that_, Ben Avery, is one of the things one avoids by sticking to
open source offerings from trustworthy (and cross-checked) sources, even
if you don't get to see dancing hamsters, animated birthday cards, and
nuclear explosions requiring one to download and run an 'app' from
nowhere-in-particular (or worse, from someone you know whom you have
_no_ reason to trust).
_Or_ one can just not bother being careful, and good luck with that.
 Not because you shouldn't, but just because I don't want to waste
time arguing with people who enjoy the benefits of being careless about
software and are effectively treating Internet and software security as
Someone Else's Problem.
 The standalone version, at least. The browser plugin version can
presumably be installed with only user-level authorisation -- which is
quite bad enough.
I was planning to buy one of these devices:
but discovered that (1) they are available in the U.S. only, and (2) not
surprisingly, they are designed for North American frequencies, i.e., 1700 MHz
rather than the 1800 MHz bands used in Australia by the major carriers.
The advantage, of course, is that the Google devices have unlocked boot
loaders so you can replace the firmware yourself, if needed - and I might need
it, for various reasons.
So if one is looking for an LTE-capable phone with an unlocked boot loader
that supports Australian frequency bands, am I right that there are no options
on the market at the moment? I can afford to wait a little longer - the
equivalent of the above device with the right frequencies supported would be
ideal of course.
So, your smartphone/tablet will have a list of all the WLAns you
connected to. Stored unencrypted. And sends it to Google (according to
heise.de this is the Default on all the Android systems they tested it).
Well - means, Google has a very very large database of WLAN passwords.
Not using it yourself is just half of the solution. There is a friend
coming with his Android, "Can I use your WLAN?" - and Google knows
your WLAN password.
Google will know your company's WLAN passwords too.