From The Blog
-
ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
Written by Sean KalinichAlthough the news of the infamous ConnectWise flaw which allowed for the creation of admin accounts is a bit cold, it still is one that…Written on Tuesday, 19 March 2024 12:44 in Security Talk Read 697 times Read more...
-
Social Manipulation as a Service – When the Bots on Twitter get their Check marks
Written by Sean KalinichWhen I started DecryptedTech it was to counter all the crap marketing I saw from component makers. I wanted to prove people with a clean…Written on Monday, 04 March 2024 16:17 in Editorials Read 1575 times Read more...
-
To Release or not to Release a PoC or OST That is the Question
Written by Sean KalinichThere is (and always has been) a debate about the ethics and impact of the release of Proof-of-Concept Exploit for an identified vulnerability and Open-Source…Written on Monday, 26 February 2024 13:05 in Security Talk Read 1109 times Read more...
-
There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
Written by Sean KalinichIn what could be called a fantastic move, global law enforcement agencies attacked and took down LockBit’s infrastructure. The day of the event was filled…Written on Thursday, 22 February 2024 12:20 in Security Talk Read 1080 times Read more...
-
NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing
Written by Sean KalinichBlack Hat 2023 Las Vegas. The term offensive security has always been an interesting one for me. On the surface is brings to mind reaching…Written on Tuesday, 12 September 2023 17:05 in Security Talk Read 2131 times Read more...
-
Black Kite Looks to Offer a Better View of Risk in a Rapidly Changing Threat Landscape
Written by Sean KalinichBlack Hat 2023 – Las Vegas. Risk is an interesting subject and has many different meanings to many different people. For the most part Risk…Written on Tuesday, 12 September 2023 14:56 in Security Talk Read 1851 times Read more...
-
Microsoft Finally Reveals how they Believe a Consumer Signing Key was Stollen
Written by Sean KalinichIn May of 2023 a few sensitive accounts reported to Microsoft that their environments appeared to be compromised. Due to the nature of these accounts,…Written on Thursday, 07 September 2023 14:40 in Security Talk Read 2122 times Read more...
-
Mandiant Releases a Detailed Look at the Campaign Targeting Barracuda Email Security Gateways, I Take a Look at What this all Might Mean
Written by Sean KalinichThe recent attack that leveraged a 0-Day vulnerability to compromise a number of Barracuda Email Security Gateway appliances (physical and virtual, but not cloud) was…Written on Wednesday, 30 August 2023 16:09 in Security Talk Read 2097 times Read more...
-
Threat Groups Return to Targeting Developers in Recent Software Supply Chain Attacks
Written by Sean KalinichThere is a topic of conversation that really needs to be talked about in the open. It is the danger of developer systems (personal and…Written on Wednesday, 30 August 2023 13:29 in Security Talk Read 1890 times Read more...
Recent Comments
- Sean, this is a fantastic review of a beautiful game. I do agree with you… Written by Jacob 2023-05-19 14:17:50 Jedi Survivor – The Quick, Dirty, and Limited Spoilers Review
- Great post. Very interesting read but is the reality we are currently facing. Written by JP 2023-05-03 02:33:53 The Dangers of AI; I Think I Have Seen this Movie Before
- I was wondering if you have tested the microphone audio frequency for the Asus HS-1000W? Written by Maciej 2020-12-18 14:09:33 Asus HS-1000W wireless headset impresses us in the lab
- Thanks for review. I appreciate hearing from a real pro as opposed to the blogger… Written by Keith 2019-06-18 04:22:36 The Red Hydrogen One, Possibly One of the Most “misunderstood” Phones Out
- Have yet to see the real impact but in the consumer segment, ryzen series are… Written by sushant 2018-12-23 10:12:12 AMD’s 11-year journey to relevance gets an epic finish.
Most Read
- Microsoft Fail - Start Button Back in Windows 8.1 But No Start Menu Written on Thursday, 30 May 2013 15:33 in News Be the first to comment! Read 116522 times Read more...
- We take a look at the NETGEAR ProSafe WNDAP360 Dual-Band Wireless Access Point Written on Saturday, 07 April 2012 00:17 in Pro Storage and Networking Be the first to comment! Read 87469 times Read more...
- Synology DS1512+ Five-Bay NAS Performance Review Written on Tuesday, 12 June 2012 20:31 in Pro Storage and Networking Be the first to comment! Read 82026 times Read more...
- Gigabyte G1.Sniper M3 Design And Feature Review Written on Sunday, 19 August 2012 22:35 in Enthusiast Motherboards Be the first to comment! Read 80334 times Read more...
- The Asus P8Z77-M Pro Brings Exceptional Performance and Value to the Lab Written on Monday, 23 April 2012 13:02 in Consumer Motherboards Be the first to comment! Read 70986 times Read more...
Displaying items by tag: Siri
Apple News; Siri Results Altered and Damning Emails Surface in the Price Fixing Issue
Well, well, well; it looks like Apple has been caught altering the data that Siri returns to their users when asked specific questions. Last week it was reported that when users asked Siri “What is the best smartphone” it replied with the answer The Nokia Lumia 900. Now Apple has previously stated that the information from Siri all comes from WolframAlpha “computational knowledge engine” (pronounce that search engine) and they have no power to alter the data that Siri sends.
More "Siri is a Threat" Theories Pop Up...
I love a good conspiracy theory on a Monday morning; they can be entertaining, enlightening and also very funny. The one I am talking about is the miss-quoting of Eric Schmidt during Google’s Anti-Trust senate hearings last week. During this hearing he made the statement “Apple's Siri is a significant development--a voice-activated means of accessing answers through iPhones that demonstrates the innovations in search,” He followed this up with this statement “Google has many strong competitors and we sometimes fail to anticipate the competitive threat posed by new methods of accessing information.”
Now I have not been able to determine what order these things were said or what was said in between these two quotes. However, these two items have been used to bolster the idea that Siri is a “threat” to Google’s search empire. In fact at least one media outlet used that as a direct headline. Now I do think that Google is keeping an eye on Siri as it is now owned wholly by Apple, but I do not think they view it as any type of real “threat”.
The problem comes from that fact (yes it is a fact) that Apple has no search engine framework. Siri takes the voice commands and compares them to internal commands. If it is not something that is part of its internal command structure it then looks it up through Apples authorization servers (which parse Google, Bing, Wolfram Alfa, Yelp etc.) The results that are returned are filtered and controlled by Apple’s servers (just as they are by most other search companies). Now this may sound just like Google or Bing etc., but it is not. The thing is that Apple is using other companies’ search indexing and processing power and then selecting their own results. They also (according to some source) lean heavily toward the Yelp service (for entertainment and restaurants). So while Siri is an interesting tool for Apple (one that they bought from another company) it is not a search engine or search framework. It is nothing more than filtered results from other search engines and services.
The second thing to consider is that this was Eric Schmidt testifying to Congress and trying to show that Google is not in violation of the US Anti-Trust laws. Can you really take these comments as “fact”? At the point you are in front of the Senate Committee you are likely to say anything that will make you look less guilty. His comment also never mentioned Siri as a “threat”. He said, “Apple's Siri is a significant development” which is true and something that no one (other than Andy Rubin at Microsoft) has denied. But Siri is not the only voice command service out there. Just take a quick look through the Android market and you will find quite a few that were in existence before Siri and you will also find that Siri was around as an App long before Apple bought them and then limited the App to just the iPhone 4S through the use of their internal servers.
This one conspiracy theory seems to be a lot more like spin than real fact to me. Siri is an important development, and one that will continue to grow, but there are competitors to Siri already in place and the market is far from Apple controlled. Yes, the search game is changing; but believe me Google, Microsoft, Yahoo and others are perfectly safe from Siri.
Discuss this in our Forum
Siri Co-Founder to Leave Apple
There is a report tonight that Siri’s Co-Founder, Dag Kittlaus is leaving Apple. According to the report he is leaving to spend more time with his family and also to possibly found another company. This sounds like a great idea after all of the hard work he put in at Apple getting Siri ready for the iPhone 4S launch; which is the thing that bothers me. If you built a company (or co-built) a company and then you just walk away from it after a major launch? That really makes no sense. Of course there could have been a clause in his contract after Apple bought Siri for an undisclosed but rumored $121 Million that stated he had to leave after the initial launch, but I really doubt that.
Instead I think there is a little more to this. One thing that stands out is the constant claims from people who originally were involved with Siri that there is almost nothing this API can’t do. It also is not a power crazy API; you do not need a ton of memory or CPU power to run this thing. So here is what we are thinking (and this is only speculation, but it seems to fit some of the facts). We know that Apple bought up Siri and at one point had plans to release this for product other than the iPhone 4S. At some time, during the pre-production phase of the iPhone 4S it was decided that there was not enough to get people to buy the phone. Apple was sure there would be Sprint purchases, but without a major feature there was not much to motivate people to pick up the new iPhone. Someone decided to remove the capability to run Siri on anything other than the iPhone 4S. With that decision and no future plans for Siri until sometime in 2013 Kittlaus decides to leave.
Apple’s culture of xenophobia and control was probably too much for Kittlaus to deal with. However, we are fairly certain that Apple made sure they had a clause that prevents Kittlaus from immediately going back into business. The probability of a non-compete or delay compete clause accounts for the vacation time he plans to take (not to mention he probably does want some time off). We have a feeling we will see Mr Kittlaus in the future, possibly within a year of today with a new company making something that will turn out to be what Siri could have been… maybe this time it will end up with Android or Microsoft.
Source; AllThingsD
Discuss in our Forum
Siri Can Bypass Your Lock Screen
I am sorry Dave; I can’t let you do that… This line from Stanley Kubrick’s 2001 a Space Oddesy is what came to mind when I showed off this interesting little trick to a friend of mine. While playing around with Siri on their new iPhone 4S we discovered that even when the phone is locked you can send email, text play music, call someone, use the camera and more than a few other things making just about all security useless on the new phone. This is not the first time that security holes have been found on one of Apple’s devices (like finding that the encryption key is stored in plain text on the phone), but I do think this one is one of the funniest.
With all the furor and excitement over what is not much more than a speech to text engine that can run queries against predefined commands to find out that those commands appear to be able to bypass the lock security. What’s more is that Apple allows this by default. I would think that this would not be something that you would want open on a phone with a passcode; however Apple seems to think they know what is best for their customers. I will say this, at least you can turn this feature off, I just think it should have been off already…
For those of you out there thinking about corporate data and email, I have a feeling that Microsoft will add a new security feature into their corporate phone requirements making it impossible to have this running with the lock requirements. I wonder what that will look like…
Discuss this in our forum