Boing Boing 

Brute-force iPhone password guesser can bypass Apple's 10-guess lockout

The IP Box costs less than £200 and can guess all possible four-digit passwords in 111 hours.

Read the rest

An Internet of Things that do what they're told


California's phone bricking bill seems to have reduced thefts in the short run, but at the cost of giving dirty cops and wily criminals the power to wipe-and-brick your phone at will.

Read the rest

Apple won't let EFF release a DRM-free app


EFF has released its mobile app to help people join in important, timely struggles, but you can't get it for your Iphone or Ipad, because Apple insists that EFF use DRM, and this is contrary to everything it stands for.

Read the rest

Bridging gongkai and free/open source


Bunnie Huang and his team have set out to fully reverse-engineer and document a cheap Chinese Mediatek MT6260. mobile-phone board -- licensed in the complex, informal regime of "gongkai," through which lots of theoretically confidential information is published, but some critical pieces are withheld.

Read the rest

Beautiful Japanese Firefox OS phone in a transparent case

Al sends us the Fx0, a "beautiful mid-range phone running Firefox OS announced in Japan today by KDDI, one of Japan's largest mobile phone companies."

Read the rest

Blackphone announces privacy-oriented app store


Blackphone, the Swiss-based, secure hardware/OS mobile phone from PGP inventor Phil Zimmerman has announced that it will provide a store with privacy-oriented apps that are sandboxed to minimize data-misuse.

Read the rest

Turn a balloon into a phone case in seconds

Woosung An demonstrates an excellent technique for adding a layer of rubber protection to your phone in seconds, by deflating a balloon around it.

Read the rest

NSA leak reveal plans to subvert mobile network security around the world


The NSA's AURORAGOLD program -- revealed in newly released Snowden docs -- used plundered internal emails to compromise nearly every mobile carrier in the world, and show that the agency had planned to introduce vulnerabilities into future improvements into mobile security.

Read the rest

Crowdfunding Jolla, a GNU/Linux-powered high-spec tablet

It runs an OS called Sailfish that can use Android apps as well its own native apps, and was created by a team with a bunch of senior Nokia refugees on it.

Read the rest

Whatsapp integrates Moxie Marlinspike's Textsecure end-to-end crypto


It's the largest-ever deployment of end-to-end crypto, and assuming they didn't add any back-doors or make critical errors, this means that hundreds of millions of users can now communicate without being spied upon by governments, crooks, cops, spies or voyeurs.

Read the rest

Back to the Future Delorean dashboard phone-case


The Back to the Future Delorean dashboard phone-case ($16.26) fits most recent smartphones, and the image is transferred using 3D vacuum printing to produce a wraparound effect. (via Geeky Merch)

CHP officer who stole and shared nude photos of traffic-stop victim claims "it's a game"

Officer Sean Harrington of Martinez California Highway Patrol says that when he stole nude photos from the cell phone of a woman he'd traffic-stopped and then shared them with other CHP officers, that he was just playing "a game" that is widespead in the force.

Read the rest

Wouldn't it be great if a billboard could actually read your mind?

Said no one, ever. Except, apparently not: the "data scientists" of Posterscope are excited that EE -- a joint venture of T-Mobile and Orange -- will spy on all their users' mobile data to "give profound insights...that were never possible before"

Read the rest

Darkmatter: a secure Paranoid Android version that hides from attackers

Stock Android phones with the Darkmatter OS use encrypted storage, OS-level app controls, and secure messaging by default, but if the phone thinks it's under attack, it dismounts all the encrypted stuff and reboots as a stock Android phone with no obvious hints that its owner has anything hidden on it.

Read the rest

Kids who sext more likely to be comfortable with their sexuality


In Longitudinal Association Between Teen Sexting and Sexual Behavior [PDF] (Pediatrics, Temple & Choi), a 6-year study of 1,000 diverse American teens finds that sexting is common, not correlated with future risky behaviors, and correlated with overall comfort with sexuality.

Read the rest

$35 Firefox OS smartphone - back to the drawing board


Ron Amadeo's review of the much-heralded Cloud FX phone, a $35 smartphone for the "rest of the world," paints a gloomy picture of a poorly thought through first outing.

Read the rest

Mobile malware infections race through Hong Kong's Umbrella Revolution


The protesters are dependent on mobile apps to coordinate their huge, seemingly unstoppable uprising, and someone -- maybe the Politburo, maybe a contractor -- has released virulent Ios and Android malware into their cohort, and the pathogens are blazing through their electronic ecosystem.

Read the rest

CEO of stalkerware company arrested

Hammad Akbar, a Pakistani national and CEO of Invocode, marketers of Stealthgenie, was arrested in LA on Saturday and charged with a variety of offenses related to making, marketing and selling "interception devices."

Read the rest

Kickstarting a prismatic, hat-brim mounted heads-up display for your phone


The Hattrickwear is an improbable ball-cap designed to mount your phone horizontally along your eyeline with a mirror and prism that keeps your screen in your field of vision all the time.

Read the rest

Localizing an operating system for a language with no high-tech vocabulary

When Senegalese Mozillan Ibrahima Sarr translated Firefox OS into Fulah, he had to coin an entire technological vocabulary, so "crash" became "hookii" (a cow falling over but not dying).

Read the rest

How your smartphone betrays you all day long


Ton Siedsma, a lawyer for the Dutch civil liberties group Bits of Freedom, volunteered to have a week's worth of his phone's metadata collected and analyzed by researchers from Ghent University and by Mike Moolenaar.

Read the rest

Fake, phone-attacking cell-towers are all across America


The towers attack the baseband radio in your phone and use it to hack the OS; they're only visible if you're using one of the customized, paranoid-Android, post-Snowden secure phones, and they're all around US military bases.

Read the rest

When law-enforcement depends on cyber-insecurity, we're all at risk


It's not enough to pass rules limiting use of "stingray" mobile-phone surveillance devices by civilians: for so long as cops depend on these devices, the vulnerabilities they exploit will not be fixed, leaving us all at risk.

Read the rest

USB Condom: charge your devices without allowing sneaky data-transfers


Those public USB charging points are tempting, but could be used to propagate all kind of grotesque malware (imagine what happens when your phone's camera, mic, storage, keyboard and GPS start leaking your data to voyeurs and identity thieves) -- sure, you can always buy a charge-only cable, but these crowdfunded adapters turn any cable into a power-only source.

Read the rest

EFF guide to cell phone use for US protesters

It's a timely update to their 2011 edition, incorporating new Supreme Court precedents that give additional protection to protesters who face arrest while video-recording or otherwise documenting protests -- required reading in a world of #Ferguson.

Read the rest

Back doors in Apple's mobile platform for law enforcement, bosses, spies (possibly)

Jonathan Zdziarski's HOPE X talk, Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices, suggests that hundreds of millions of Iphone and Ipad devices ship from Apple with intentional back-doors that can be exploited by law enforcement, identity thieves, spies, and employers.

Read the rest

FTC sues Amazon over in-game purchases by children

A

Online retailer Amazon is accused of hooking millions of dollars from underage users making unauthorized in-app purchases. The Federal Trade Commission filed a lawsuit Thursday charging that the company willingly allowed kids to set up purchases without the consent of their parents.

Though most were for smaller ammounts, some of the charges ranged as high as $99, and typically were for game weapons, clothes and other virtual bullshit installed on its Kindle Fire gadget.

"Amazon’s in-app system allowed children to incur unlimited charges on their parents’ accounts without permission," FTC Chairwoman Edith Ramirez wrote in a press release issued by the comission. "Even Amazon's own employees recognized the serious problem its process created. We are seeking refunds for affected parents and a court order to ensure that Amazon gets parents' consent for in-app purchases."

Amazon's in-app purchase system, established in 2011 to help the firm catch up with competitors Apple and Google, was relatively rudimentary and lacked locks or passwords to prevent unuathorized users racking up huge bills. Within a month, internal emails show that Amazon was aware of "problems" that were "clearly causing problems for a large percentage of our customers," according to the FTC's lawsuit.

Amazon only added passwords months later, and did not apply them to purchases of less than $20 for a year. Even then, according to the suit, Amazon did not disclose that doing so once would enable further purchases for more than an hour.

The FTC settled a similar lawsuit with Apple earlier this year, when the company agreed to institute stricter policies and paid $32.5m in restitution. Amazon, informed of the pending lawsuit, said that it had no plans to change its system as Apple had, and would fight the action.

"We have continuously improved our experience since launch, but even at launch, when customers told us their kids had made purchases they didn't want we refunded those purchases," Amazon's associate general counsel wrote in a response to the commission.

Part of the FTC's suit, however, alleges that the refund process itself is intentionally obscure and "rife with deterrents including statements that consumers cannot, in fact, get a refund for in-app charges."

Games aimed at youngsters are at the heart of the controversy, as they are typically free to download and play, only to bombard the user with enticements to pay for the virtual bullshit. The enticements are often clevery designed to "blur the lines between what costs virtual currency and what costs real money," writes the FTC, using visually similar icons and other psychological manipulations to generate unfair and unexpected charges.

Earlier this week, UK regulators ordered Electronic Arts to stop marketing its sleazy mobile game Dungeon Keeper as free-to-play after gamers complained that it was effectively unplayable without in-game paid upgrades.

UK cinemas ban Google Glass from screenings


UK cinema exhibitors -- which already makes a practice of recklessly confiscating mobile phones full of sensitive, unprotected data during preview screenings -- have announced that it will not allow Google Glass wearers into cinemas, lest they commit an act of piracy (Glass has a 45 minute battery life when in recording mode).

Read the rest

Blackphone: a privacy-conscious phone that actually works


The Blackphone is a secure mobile phone whose operating system is based on Android, designed to minimize the amount of data you leak as you move through the world through a combination of encryption and systems design that takes your privacy as its first priority.

Read the rest

Publishers offer free/discounted ebooks of the print books you own with Bitlit


Bitlit works with publishers to get you free or discounted access to digital copies of books you own in print: you use the free app (Android/Ios) to take a picture of the book's copyright page with your name printed in ink, and the publisher unlocks a free or discounted ebook version. None of the Big Five publishers participate as yet, but indies like O'Reilly, Berrett-Koehler, Red Wheel Weiser, Other Press, Greystone, Coach House, Triumph, Angry Robot, Chicago Review, Dundurn, and PM Press (publishers of my book The Great Big Beautiful Tomorrow) are all in.

(Image: Bookshelf, David Orban, CC-BY)