On Chit Chat #533, Bart did a deep dive into how the Domain Name System works and in that session, he suggested a hybrid approach where your mobile devices had the improved DNS along with your home router.
It turns out it’s not possible to set system-wide DNS settings on iOS or Android. This means that the Hybrid Approach we described of setting a third-party DNS on your home router and then also hard-coding it on your mobile devices remains the best advice, but it’s not possible to do on iOS or Android devices. Annoyingly, that means there is no good solution to protect these devices 🙁. Thanks very much to Allister Jenks for drawing our attention to this in our Google Plus Community.
Followup 1 — Meltdown/Spectre
Followup 2 — The Cambridge Analytica/Facebook Kerfuffle
Continue reading “Security Bits – Even More Cambridge Analytica/Facebook, WebAuthn”
One of our goals in Home Automation has been to buy HomeKit-compatible devices whenever possible for security reasons. I’ve even created an elaborate network setup to isolate non-HomeKit (and Windows) devices from the rest of my gear.
Last year we bought the first HomeKit-compatible webcam, the Omna 180 Cam HD from D-Link. At $150 it wasn’t cheap but buying from a reputable company like D-Link who clearly have been in the business of network gear for ages gave us peace of mind.
The camera hasn’t been a huge success for us for a few reasons. The video isn’t as sharp as we’d expected. It was supposed to be 1080p but it’s pretty fuzzy. It doesn’t store information anywhere but on its own SD card, which might be a plus for some people but for us it limits the usefulness. It gets pretty hot which concerns us, and it is simply offline sometimes and we have to unplug it and plug it in to get it running again.
Continue reading “D-Link’s Attention to the KRACK Vulnerability Gives Me Pause”
Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits
A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail.
What the hackers really found was that it’s bloody difficult to trick FaceID — it takes a lot of time and effort, and even after you put all that investment in, your spoof only works in very carefully controlled circumstances.
Continue reading “Security Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips”