Posts by steeple 10 publicly visible posts • joined 6 Jun 2013
Interesting tests, Ben. My immediate response was that the Barclay's app gets a bonus star for not working at all... no? I realise this makes it harder to test the other controls but I would never usually trust an app on a rooted device as I would assume sandbox/walled garden integrity is compromised anyway.
I think you're being a little unfair. Where does he say a "positive" part?
Regardless, he is just recognising a fact of modern life: in our current reality phones are now pretty firmly baked in as part of our security perimeter. SMS confirmation, mobile banking access, digital wallets, password reset, account recovery, etc.
Yep, they're right in there.
Seems to be spot on to me!
Sorry Trevor, it's not "flawed" as much as lacking in some functionality. A car built before ABS did not have flawed brakes. The patch for this is called the Secure Enclave, by the way. Being a hardware fix, however, it is difficult to roll it out over the internet...
Also, "hiding behind a technicality of the law" is what keeps many innocent people out of prison.Holding the technicalities of the law in contempt is simply silly.
Lee
Overall, I agree with you. However, I am uncertain about the emphasis in: "Heartbleed etc. is an information disclosure attack. It doesn't crash your servers." For me, information disclosure is probably the biggest risk I have.
Naive question: does this vulnerability only allow the attacker to crash servers? Or does it enable elevated privileges or other compromises to the target?
Rgds
This. I think there might be an amendment needed to your economic model, Chris. I don not believe the assumption that data demand is largely independent of the price of storage is as robust as you make out. If we instead assume that demand is a function of the price of storage then we can also see how the demand curve meets the supply curve somewhere around a very low (if not zero) cost.
As a consumer, I choose to limit myself to using only free cloud storage - 5, 15, 25GB, whatever. I do not plan on ever paying for storage (hostage to fortune alert).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
