Internet - Page 37 of 69

Online mass surveillance between Switzerland and abroad put to the test

The digital society association, which campaigns for civil rights and consumer protection in Switzerland, has achieved a stage victory in front of the Swiss Federal Supreme Court together with private complainants. The court overturned a previous judgment by the Federal Administrative Court. The judgment concerned the so-called radio and cable reconnaissance, with which the Federal Intelligence Service (NDB), in cooperation primarily with the Armed Forces Center for Electronic Operations (ZEO), monitors the telecommunications connections that lead from Switzerland to other countries. E-mail traffic and internet communication between Switzerland and other countries are then searched using keywords and IP addresses.

Monitoring of all people in Switzerland However, since a large part of the online communication of the Swiss population is routed via servers and networks abroad, ultimately all people are in residing in Switzerland and moving online affected by the surveillance measures.

Against this “cause-free and suspect-independent mass surveillance”, according to the digital society, the same began to take action on the grounds that the radio and cable intelligence was violating the fundamental rights enshrined in the Federal Constitution (BV) and in the European Convention on Human Rights (ECHR). First, the complainants 2017 turned to the intelligence service itself and essentially demanded that the measures be discontinued. The FIS rejected the demands and stated that no fundamental rights guaranteed by the constitution and the ECHR would be violated. The FIS implemented the Intelligence Service Act, which the parliament passed and the voters accepted in a referendum.

The digital society and the complainants – among them Journalists and the Swiss lawyer Edward Snowdens then lodged a complaint with the Swiss Federal Administrative Court (BVGer), which, however, denied them the right to complain in June 2019. The reason given by the BVGer was, among other things, that the right to information under data protection law gives the possibility of complaining about the violation of fundamental rights by the secret service. A “lawful surveillance” could be enforced in court.

No possibility of complaint against surveillance itself The association contradicted this representation and argued that monitored persons could not have a right to information about a secret surveillance: “A – limited – right to information exists only for data that is subsequently stored in a secret service information system. Such storage by the secret service only takes place after the scanned data streams led to a hit and such a hit was assigned to a person “. That overturned the judgment of the Federal Administrative Court and referred the matter back to the court. “This will have to examine materially whether the radio and cable reconnaissance violates fundamental rights of the complainant according to the BV and ECHR and, if so, what legal consequences are to be attached to it”, the Federal Court announced. In addition to the legal basis, “any internal guidelines and instructions, the effective enforcement practice of the authorities as well as the actual control practice of the supervisory authorities must be taken into account” by the BVGer result from Article 13 ECHR, so the Federal Court. As a result, an alleged victim of a violation of the Convention is entitled to lodge an effective complaint with a national authority. In its case law, the European Court of Human Rights (ECHR) has emphasized the central importance of domestic legal protection when reviewing secret mass surveillance systems, writes the Federal Supreme Court in its press release. With this, the Federal Supreme Court admits that the Swiss radio and cable reconnaissance could involve mass surveillance. Such an overall system must at least be able to be examined by an independent authority before those affected can lodge a complaint with the ECHR.

OnePlus 9 5G prototype just sold for $3,000 on eBay

Leaks and prototype units are just a part of the smartphone “game” nowadays, but this is not your usual story. If you haven’t been keeping up with the news – the OnePlus 9, 9 Pro and possibly a OnePlus 9E/9 Lite are one the way and likely expected to arrive in mid-March – a bit earlier than usual. There has been no shortage of leaks on the trio, including detailed renders. One source, however, want above and beyond and actually posted high-res, close-up shots of a prototype unit, complete with hardware details and software screenshots. Now, the exact same unit has been spotted on eBay and is officially sold for the whopping sum of $3,000.

OnePlus 9 5G prototype

How do we know it’s the same unit? Well, the product photos in the eBay listing feature the same distinctive carpet-like surface as a background and otherwise match-up with the earlier leak. Plus, the description of the now finished auction states that:

The leaked images on all internet sites are similar to this because I took the pictures and leaked this to all of them when I purchased it.

Interestingly-enough, it goes on to also explain that:

This is a prototype model with a beta oxygen os Android 11. I cannot guarantee a software update for this phone. This phone has a permanent set of numbers and letters displayed at the bottom that cannot be removed as of now. This is the phone only, no charger or anything else included in this sale … I will be doing a tech review of the phone before shipping and cannot guarantee it will be shipped at a specific time due to the holidays and the review. Once the review is done I will immediately ship the phone and send the link to the review when completed. Again I do not know when I will do the review at this time but it will be done in the next 2 weeks.

This is the really odd part here, since the seller/leaker is definitely aware that he/she has a prototype unit. Hence the lack of update and support guarantees. Apparently, however, they were not quite aware what that “permanent set of numbers and letters displayed at the bottom” was there for. In case you are wondering, it is there to identify prototype units and trace them to the source to prevent exactly these kinds of situations.

Some manufacturers use software-based identifiers like this, while others rely on more-permanent hardware markings, like dots, dashes and other patterns on the frame of the device. The original leaked photos of the phone had the identifier string blurred, but the eBay listing initially featured a photo with the ID fully-visible. Likely an oversight that was eventually corrected, but not quick enough for the internet to not remember it forever.

OnePlus 9 5G prototype

That being said, we are interested to see whether the seller/leaker will still go through with the review in the next two weeks, as promised. We’ll be keeping an eye out for that extra bit of potential weirdness to add to the story.

OnePlus 9 5G prototype

As for a quick leak recap of what to expect from the OnePlus 9 5G – it willfeature a 6.55-inch flat HDR display of 120Hz refresh rate and FullHD+ resolution. The Snapdragon 888 chipset will be paired with 8GB of RAM and 128GB of non-expandable storage, while the back will have 48MP main and 16MP ultrawide cameras.

Inside will be a 4,500 mAh battery charging at 65W, while on the outside we’ll see a metal frame.

Source 1 | Source 2 | Via

rC3: Mastodon, Matrix & Co. – Building blocks and hurdles for decentralized online systems

Internet users spend a lot of time in the central silos of Google, Amazon, Facebook, Apple and Microsoft. The US giants benefit from network effects that are driving more and more users to the platforms. A wide range of technical initiatives have set themselves the goal of combating the resulting monopoly structures in online services and building decentralized alternatives. Even proponents of such projects admit that most of them are still emulating the central figures: they have to catch up or develop their own killer apps.

Far from a breakthrough Web hacker Will Scott gave an overview of the current state of affairs at the remote Chaos Communication Congress (rC3). According to him, 2020 have both federated communication networks like the messenger service Matrix and decentralized platforms like the social network Secure Scuttlebutt (SBB) , the InterPlanetary File System (IFPS) and – in a broader sense – cryptocurrencies have become more widespread. But most of them are still far from a breakthrough and are confronted with many big questions about growth options.

BitTorrent is one of the experts in censorship-resistant web Applications with three to four million users a day to one of the largest decentralized entities. The peer-to-peer network (P2P) offers around 2.5 million active torrents. In order to keep an eye on these and to download them in a resource-saving manner, there are around 400 special open tracker applications. There are distributed hash tables (DHT) with over four million torrents for searching.

Good year for Twitter alternatives (Image: rC3 media.ccc.de, CC BY 4.0)

Mastodon also had a “good year” according to Scott. The Twitter alternative now contributes around three million active users and about 5000 busy servers to the social media world “Fediverse”. 70. 000 Members regularly post content themselves, the rest is limited to reading along. The number of Matrix users was said to have risen to 2.5 million at the same time, which the server on 2500. The significant increase is due, among other things, to the fact that the Bundeswehr and parts of the German education system had decided to switch to the open communication protocol. In addition, Matrix is also subsidized by the government in France.

IPFS, which works similarly to BitTorrent, has exceeded two million users, of whom 20 Percent operated their own desktop nodes, said the computer scientist happily. It includes a total of 5000 guaranteed DHT nodes and around eight million daily CIDs (Content Identifiers) for recognizing content. Planetary.social has also expanded a special SBB protocol to the mobile Internet. The self-hosted, mesh-networked social media system SBB itself comes to around 10. Members, several hundred of whom posted content and pushed the underlying P2P protocol .

Bitcoin has around one million active accounts and 11 . “Full Nodes”, which generated new blocks for the production of the digital coins, performed Scott. There is a big gap between users and servers here. This is due to the fact that a complete node alone requires around 70 gigabytes for the blockchain. Basically, the scientist also counted about six million SMTP and good 500. 000 WordPress server and 20 Millions of Jitsi users to the decentralized network.

Problems of growth While some of the offers still require a critical mass of users, the more successful of them are already suffering from growing pains. The goal of federated network services was to externalize and better balance the heterogeneity of resources between clients and servers, explained Scott. Some of the connected instances have more storage space and are more available. How much all members benefit from it depends heavily on the heuristics used and the algorithms created with them.

The different models

(Image: rC3 media.ccc.de, CC BY 4.0)

In mesh networks, messages and content often spread like rumors, which required additional synchronization efforts, clarified the hacker. Often there is no catchy concept for the structure of the network, so that its properties are also difficult to implement. DHT, on the other hand, grow massively quickly with the number of users who bring data and resources with them, so they scale poorly and, in abstract form, can be compared with a central database. The achievability of the goal of getting content as close as possible to the location of one’s own computer again depends on the quality of the algorithms.

According to Scott, broken nodes also lead to crashes and delays. There must therefore be incentives not to do anything “bad” in the network. However, this approach also leads to more centralization, since individual units that acted in an exemplary manner received more power. If you wanted to identify individual users, this could be done via an external authority. However, this raises data protection problems. Even now, metadata such as IP addresses are not protected by some decentralized service providers. Advanced encryption and at least pseudonymization solutions are required here.

Decentralization against the power of the great The researcher identified bandwidth as a further problem, especially for P2P networks: uploads are still designed for only half the capacity of downloads on most Internet connections. The latency between neighboring nodes is comparatively low, but connections between end users are usually not well developed. For Scott there is still no doubt: “We need decentralization, otherwise the power of the big ones will increase.”

(mho)

rC3: Massive vulnerabilities in apps from mobile network providers

Florian Schweitzer presented his personal collection of vulnerabilities in the area of Cross Site Request Forgery (CSRF) in web applications of Austrian mobile phone providers at the remote Chaos Communication Congress (rC3). The hackers described the security gaps, also known as “session riding” or “sea surf”, and the attacks based on them as “particularly dramatic” because they were “very easy to exploit”.

Simple attack, difficult to detect Unlike attacks on the Signaling System 7 (SS7) used in 3G, there are no CSRF Access to a gateway and no know-how about network operation required, the hacker explained. Sea surfing attacks could start with a “boring, annoying newsletter”. A click on an allegedly redeeming “Unsubscribe” link contained therein is often sufficient for an intruder to set up a call diversion for a target person. This also enables the passwords of e-mail accounts with providers such as Google, Yahoo or Microsoft that are linked to the phone number to be reset and the accounts to be adopted.

When unsubscribing from a newsletter, only a website appears on the user’s screen, after which one has successfully unsubscribed, Schweitzer explained the procedure. If you then try to log into your e-mail inbox, you are locked out. Anyone who then connects to the called up link can possibly see a form with two invisible fields in the source code of the page that pops up.

One of them is directed to the site of the mobile phone provider, where a new telephone number is automatically entered and the call diversion is set in the background, the activist reported. An invisible iframe is loaded and automatically sent when the link is opened. Google and other e-mail providers also persuade users to supposedly store a mobile phone number to protect their account in order to prevent forgetting a password. Such an account can also be reset.

No new problem According to Schweitzer, CSRF in itself is nothing new and has already been described as a “confused deputy” problem in the 1980 er. In principle, one program with fewer privileges will get a second with more rights to do something. The authentication can also be done with IP addresses. The attacker sends a link and thus induces the user to visit a compromised page. This sends a get request and receives the payload back in the form of a form. This is sent to another site where the target person is already authenticated. The server then believes that the victim has sent the command or the request and is taking the desired action.

In demos, the security expert demonstrated how relevant loopholes at Austrian providers can be exploited. Ventocom, a provider that enables third parties to operate their own mobile phone brand, has proven to be vulnerable. Rapid Mobile, a Linz cable operator and Aldi-Süd subsidiary Hofer Telekom (HoT) make use of this offer. The latter alone has issued over a million SIM cards in Austria and around a hundred thousand in Slovenia.

The customer login to hot.at is password-free using a PuK code, which can be sent by e-mail can leave. All kinds of changes can be made in the internal area, including the customer password. For this you have to enter the old one. If you enter a new e-mail address or set up call diversion, this is not necessary. The attacker can use a fake newsletter with the problematic link to enter an electronic mailbox controlled by him and receive an access link there.

Improved protection in Chrome Schweitzer also showed the next steps with call diversion, changing the password on Google over the phone and taking over a Gmail account. For hot.at, there is already a valid session cookie in the target person’s browser that opens access to the customer account. The post request running in the background via an iframe works with Safari, Firefox, Samsung Internet, Opera and Internet Explorer, where even phone calls can then be completely recorded. Chrome have introduced stricter rules for cookies in Mitte 2019 with the “SameSite attribute” and thus significantly improved protection against CSRF.

With the provider “Drei” the hacker came across a comparable vulnerability, which affected 3.9 million accounts in Austria. Anyone who accesses the Internet via the provider’s cellular network is immediately identified by their number and can always log into their account automatically. This leaves the choice between a valid session cookie and the default activated auto-login for the further procedure. A permanent account takeover and eavesdropping are not possible here, however, since logging in only works with a current click due to an implemented function against “clickjacking”.

Even with the A1 subsidiary Yesss, which operates as a Schweitzer found such gaps to act as a service provider for ten virtual mobile phone providers, such as the newspapers Kurier and Krone, as well as an energy supplier. This affected over 5.4 million customers. Since he – in contrast to the other providers – has found a contact person for IT security here, the weaknesses have since been remedied after a hint from him. An attacker was even able to set a customer password for an entire number porting and, for example, read SMS and reset Twitter accounts. The web app from T-Mobile Austria (Magenta) was “safe”.

Dozens of million devices in Europe are vulnerable Schweitzer estimates that a total of 40 percent of Austrian citizens were (were) affected by the gaps. Across Europe there are likely to be tens of millions, as things look hardly any better there. Vulnerable endpoints could be identified in a short amount of time. Actually, it is forbidden in the EU to offer such attack surfaces in important infrastructures. Apparently the sanctions are too low and nobody is checking whether security standards are being met. A heise online reader recently noticed a vulnerability on the Vodafone Germany website that allowed a similar attack via “Reflected Cross-Site-Scripting”.

The expert recommends developers to use anti-CSRF To implement tokens, to set a strict “SameSite” rule and to require a password for important changes to account data. The “same-origin policy” of browsers does not offer any remedy. Users should not use their phone number to restore accounts, as mobile operators are “the weakest link in the security chain.” You should not log into important accounts with the standard browser, deactivate auto-logins and actively log out.

(mho)

The best smartphone camera of 2020 – Six high-end devices compared

Tweakers uses cookies Tweakers is part of DPG Media. Our sites and apps use cookies, JavaScript and similar technology, among other things, to provide you with an optimal user experience. It also allows us to record and analyze the behavior of visitors and add this information to visitor profiles.

Cookies can be used to show advertisements on Tweakers and to recommend articles that match your interests. Third parties can also track your internet behavior, as is the case with embedded videos from YouTube.

Cookies can also be used to display relevant advertisements on third party sites. More information about this can be found at tweakers.net/cookies.

To view pages on Tweakers, you must accept the cookies by clicking on ‘Yes, I accept cookies’.

Click here to login.

Vodafone activates the LTE-M network for IoT devices

Vodafone has expanded its network to include the LTE-M standard. The technology for the Internet of Things is now available on more than 18 percent of the area of Germany, the telecommunications company announced on Tuesday. “LTE-M is the next component in our network so that people, machines and sensors can communicate with each other at any place and at any time,” said Chief Technology Officer Gerhard Mack.

From Narrowband IoT to 5G In the Vodafone network, LTE-M represents one of four Building blocks. Machines and sensors should use it to communicate with people, for example in industry. Factory workers, for example, could control production machines with voice instructions, advertises Vodafone. However, private customers should also be able to use LTE-M, for example with fitness trackers, smart watches and smart home devices. Fitness trackers could, for example, automatically send an emergency call in the event of a fall.

In addition to LTE-M, Vodafone also offers the Narrowband IoT machine network, which is intended to ensure communication from machine to machine or from sensor to sensor. Smartphones and other mobile devices communicate via the better-known networks, LTE and 5G.

Similar to Narrowband IoT, LTE-M transmits on the low 800 – Megahertz frequencies with a long range. Underground garages, cellars or industrial halls should also be covered. Unlike Narrowband IoT, LTE-M does not rely on a fixed location, but uses the so-called handover. If the IoT object moves, the data is transferred from cell phone station to cell phone station. This means that the network is also suitable, for example, for tracking sensors on parcels, explains Vodafone.

LTE-M lines up as one of four modules with different specifications and transmission rates into the Vodafone network.

(Image: Vodafone)

Limited Bandwidth The maximum bandwidth of LTE-M is two MBit per second, which according to Vodafone is usually sufficient for data transfer from sensors. For applications with large amounts of data such as augmented reality, however, 5G should be used, with bandwidths of up to one GBit per second.

According to the company, technicians have more than to expand at Vodafone. . 000 Cellular stations modernized. Business customers can now use the network throughout Germany. Deutsche Telekom has already put its LTE-M network into operation in the middle 2020. (akr)

Zoom in 2020 – Roller coaster ride, but without culture change

Cookies can also be used to display relevant advertisements on third party sites. More information about this can be found at tweakers.net/cookies.

To view pages on Tweakers, you must accept the cookies by clicking on ‘Yes, I accept cookies’.

Click here to login.

rC3: Stress test leads to many iPhone crashes

Communication chips that Apple uses in iPhones only withstand endurance tests to a limited extent. This was demonstrated by Jiska Classen from the research group for mobile radio security at the TU Darmstadt at the remote Chaos Communication Congress (rC3). Again and again you could see on their recordings how the devices “said goodbye” in an uncontrollable state – sometimes with unusual sound effects. They lost their “orientation” and some had to be reset to their original state.

Classen used the fuzzing method for her experiments. In this case, large amounts of random data are continuously sent to the system to be tested via one or more input interfaces in order to automatically check its robustness. The scientist focused on the baseband chip, which is responsible for network functions such as telephony, SMS transmission and internet access. By smuggling in manipulated data packets, according to their thesis, security gaps in the higher-level, actually shielded iOS operating system could then possibly be exploited in order to execute their own commands.

New approaches for mobile radio research This strategy is already very interesting from the perspective of reverse engineering, i.e. the replication of critical proprietary functions, stated Classen. In the resulting profiles you can see a lot of messages for baseband management. With iPhones, on which usage restrictions have been removed by jailbreak, you can smuggle in data packets and change the behavior of the modem without any problems. This paves the way for new approaches in mobile communications research.

Specifically, the expert initially felt the chips and devices via Wireless Protocol Fuzzing on the tooth, so subjected the protocol implementations for wireless communication to a stress test. To do this, she sent images to the image parser responsible for processing to see what was being executed and how. She combined the relevant files into a corpus and supplemented this with standard-compliant JPEGs and artificially generated images. So she could see which files caused a crash and what exactly was the cause.

Ddd-di-di-dd-di-d-di-d -di-d-dimm! Classen also succeeded in replacing bits and bytes with his own data and smuggling them in during ongoing calls or incoming short messages. After observing the effects that the manipulated data induced, she was able to refine the method and send large amounts of short messages to the baseband chip. The iPhone then received so many text messages in a short time that it no longer had time to play the typical dimming tone for each one. Instead, only an unspecific “Ddd-di-di-dd-di-d-di-d-di-d-dimm” could be heard.

Classen was also able to force calls to hotlines to be dropped, whereby the tested iPhone repeated the last syllables of an announcement in a staccato manner. In another case, the user should re-enter his PIN; at other times, the test device constantly reported a busy line by mistake. In another demo, an SMS could no longer be deleted, so a reset was necessary. According to the researcher, the process can still be expanded, as many functions could not be carried out even with a good starting body.

Frankenstein module for Bluetooth Classen also showed in her lecture which fuzzers she used and how she adapted and combined these tools for the iPhone chips with her own code. So far, the research group has mainly examined Bluetooth chips. Team colleague Jan Ruge built a module called “Frankenstein” to emulate the Bluetooth firmware at the same speed as with conventional hardware and thus to be able to carry out realistic tests for complete protocol stacks.

As The scientist named ToothPicker, Frida as well as DTrace and American Fuzzy Lop (AFL) as other helpful tools. In some cases, she let this fuzzer run for several weeks and thus repeatedly generated crashes, for example on the iPhone models 7 and 8, and discovered weak points. Some problems would also have extended to the macOS desktop and laptop operating system. One hurdle was that the channels were closed after receiving some invalid packets when establishing a wireless connection. This behavior could be turned off with Frida.

Undocumented remote interface With the Analyzes revealed Classen differences between iPhone 8 models for the US and Europe. While the USA variant contains a Qualcomm chip with the documented MSM interface (QMI), the European variant contains an Intel chip with a previously largely unknown interface called Apple Remote Invocation (ARI). Data packets sent over the air could in principle control these two interfaces, even if an intermediate layer was built in. The two different libraries could be fuzzed with Frida. In some cases, the CommCenter was taken out of service, calls were lost and Internet connections had to be re-established. Sometimes the virtual communication center continued to run and also processed packets with incorrect values.

During the tests, Classen made an iPhone 8 almost unusable. The start-up procedure only ran until pongoOS before the actual boot process of the iOS. Normal starting was only possible after a few hours. The Intel variant noted log files totaling 500 megabytes, so that the internal memory quickly filled up. Then the deletion of photos no longer worked and SSH logins failed.

In general, fuzzing would “confuse iPhones very much”, explained the researcher. They requested reactivation, lost their location function and displayed flash messages highlighted in gray. There is still a lot of leeway for hackers to try out. But it is better not to use your private smartphone for this. Classen sent crash reports and information about possible security holes to Apple. The group has identified the major weaknesses with the iOS updates 14. 2 and 14. 3 closed.

(dz)

The next manufacturer is trying to make faceplates for the Playstation 5

Not every player likes the design of Sony’s new Playstation 5. Many fans on the internet repeatedly express the desire to have the option of replacing the white side panels with other color variants. Plain black seems to be particularly popular. Sony does not officially offer any alternative panels for replacement at the moment, and there is no information to suggest that this will change in the near future. Fortunately, however, there are third-party providers who have recognized the need and want to open up the niche in the market.

In the past an attempt to sell alternative side panels was stopped by Sony. At that time the company asserted that the name “Platestation” was chosen too similar to its own products. It remained unclear whether Sony was only interested in the name or whether the Japanese group wanted to prevent the sale of alternative panel designs in general.

Independent of Sony’s Another third-party provider has announced intentions to sell custom side panels for the Playstation 5 in the future. The company with the name Dbrand would like to start mass production at the end of this year, a market launch is to follow 2021. The first model presented comes in matt black, further colors and alternative designs are to follow. The company stated: “ The skills that we have honed over the past few years in the development of the Grip Case have put our company in a unique position To produce faceplates in OEM quality: those with all the presentation, the attention to detail and the unnecessarily complex packaging that you expect from Dbrand “.

At the same time, the possibility of pre-ordering is excluded, so the product should only be sold as soon as the side parts are actually in stock and ready for dispatch. You don’t want to sell an unfinished product, says Dbrand. Interestingly, the company explicitly mentions CD Project Red as an example of a rash, with the well-known consequences. Interested players can also register for a mailing list via the official website, which will notify them as soon as a launch date is announced.

GSM mobile communications: Switzerland is switching off

2021 Switzerland is switching off: At the beginning of January, the semi-state mobile network operator Swisscom will start switching off its GSM network. Private competition is also pulling along. The second generation of mobile communications, the “Global System for Mobile Communications”, is being phased out slowly for some and faster for others. While that takes another two years at Sunrise, Salt is almost through.

30 Years “Natel” The first digital cellular network had its global start 1991 with the activation in Finland, in Germany GSM has been in operation since 1992 and since March 1st 1993 Switzerland has also been there. Like the analog previous generation, which was mostly built into vehicles, it was called “Natel” by the Swiss – from “National Car Telephony Network”. The name has become commonplace in Switzerland instead of “mobile phone” for end devices and is still used by quite a few Swiss people today.

Now 2G is to give its more powerful successors space and the frequencies used for the expansion of the new generation of mobile communications Make 4G and 5G free. In Switzerland hardly anyone uses GSM any more. According to the regulatory authority, the Federal Communications Commission (ComCom), the share of 2G in total mobile communications is now less than 1 percent.

The data transmission rates possible with GSM are for today Needs too few too, the bandwidth is just enough for short e-mails. The further developments GPRS (General Packet Radio Service) and EDGE (Enhanced Data Rates for Global Evolution) enabled higher bandwidths on the GSM standard and are unofficially 2.5G (up to 54 kbit / s) or 2. 75 G (220 kbit / s), but were only an intermediate step to UMTS.

Industry leader Swisscom wants to be GSM A company spokeswoman explains that the network will gradually be shut down within a few weeks from January 4th 2021. The aim is to ensure that all customers can be accompanied with questions. Swisscom would inform customers directly of their shutdown date. Important to know, also for German roaming customers: Depending on the device, it could happen that the device still shows 2G network reception, but logging into the network is no longer possible.

Sunrise continues to broadcast Sunrise continues to broadcast via 2G / GSM – until at least the end 2022, a spokesman confirmed to heise online. Background: Sunrise still has permanently assigned frequencies for GSM in the 900 MHz band. In the future, Sunrise plans to dynamically assign frequencies in the MHz band for 2G, whenever a pure GSM device is actually in requests a connection from a radio cell, explains the company.

At the third Swiss mobile network operator Salt Mobile, the “progressive 2G shutdown” began a few years ago, said a spokeswoman. In the meantime, almost 90 percent of the 2G coverage at Salt is deactivated. “Salt also keeps its 2G antennas active in areas where no other technology is available to ensure mobile coverage,” the spokeswoman emphasizes. However, LTE and UMTS are particularly important for ensuring optimal cellular coverage Here, too, investments will be made accordingly.

3G mobile communications (UMTS, HSPA) are again ringing the death knell in neighboring Germany, and Deutsche Telekom, Vodafone and Telefónica-O2 are already preparing for an end of 3G, which will most likely be the case with all three network operators in the course of the coming year. However, none of the network operators in Switzerland is thinking of shutting down the third generation of mobile communications in the medium term. Swisscom will be 3G at least until the end of , Sunrise also has no plans to switch it off and Salt Mobile is even investing in 3G.

Internet of Things Played a role According to the disconnection for cellular modems, the Internet of Things (IoT) and M2M communication (machine-to-machine). If UMTS is switched off in Germany, such devices could still be operated with 2G for the time being. On the other hand, those who already operate modems and routers with 3G in Switzerland usually have an automatic fallback option to 2G. If the worst comes to the worst, it might not be possible very soon.

Swisscom and Salt customers who still use 2G for M2M communication will have to reposition themselves anyway. This can be the transmission of measured values or consumption data, applications of remote monitoring, remote control and remote maintenance or the exchange of information between systems and end devices with a central control center. A wide variety of applications in energy and building technology such as heating controls, lift emergency calls or alarm systems can therefore be affected by the Swiss 2G shutdown.

While Switzerland could temporarily upgrade to 3G for this, we recommend this Swisscom only to a limited extent. Instead, the network operator advises to consult with the suppliers of the systems and to choose a suitable solution for individual needs. Swisscom considers a change to LTE or an IoT protocol such as LTE-M or Narrow-Band-IoT to be more sensible than an intermediate step via 3G, the spokeswoman emphasized. LoRaWAN is also supported by Swisscom. With Sunrise, however, this is not the case, technologies in other “non-licensed frequency bands such as Sigfox or Zigbee are not supported”, the company explained on request

(vbr)

Instagram addiction visible in the brain scan

For a long time there was a consensus among psychologists and psychiatrists to only speak of addictions in connection with substances such as alcohol or other drugs. The first official exception was made by US psychiatrists when they 2013 described “gambling disorder” in their diagnostic manual. This was justified by the fact that gambling in those affected activates the reward system in the brain similar to an externally administered substance in drug addicts.

2019 the World Health Organization (WHO) included computer game addiction (“gaming disorder”) in its diagnostic manual. The tenth edition of the ICD (International Classification of Diseases) with the new disorder is supposed to decrease 2022 in the member states. Critical voices describe this step as hasty.

Now a team around the radiologist Nisha Syed has published Nasser of the Putra University in Serdang, Malaysia, indications of an Instagram addiction. The doctors used an MRI scanner to examine brain activation of students with problematic Instagram behavior. For the study, around 15 young adults provided information about their online behavior and answered twelve questions such as “How often does it happen to you that you stay on Instagram longer than you want? ”The students weighted their respective assessment from 1 to 5. Anyone who scored more than half of the achievable points was considered at risk.

Magnetic resonance imaging revealed differences in the brain activity of intensive Instagram users compared to occasional users, especially conspicuous in the left and right precuneus (red), a region of the parietal lobe in the cerebrum.

(Image: Putra University Serdang)

Nasser’s team chose using the questionnaire 15 People with problematic Instagram usage behavior and 15 control persons. It showed these participants typical Instagram pictures in the brain scanner. At the push of a button, the test subjects could like or click on a picture. The researchers observed a relatively strong activation of the reward system as well as a deactivation of the control network in the brain of Instagram users with addictive behavior, especially in the case of negative images. These showed people in risky situations, such as taking a selfie at a dangerous height, on train tracks or while chatting while driving. Activation differences in the left precuneus, a region of the parietal lobe in the cerebrum, allowed the recognition of Instagram addiction in the brain, according to the researchers.

According to the self-reports of the participants, there were clear differences between the two groups: the “Instagram addicts” use their smartphones an average of 7.5 hours a day, 2.5 of them for photo and video services. The control group lasted 3.5 hours Smartphone usage and up to one hour of Instagram per day significantly less.

Addiction and cause Critics of such diagnoses as computer game, internet or now even Instagram addiction point out that people with social or psychological problems use different strategies to suppress negative feelings such as boredom, fear or sadness. By treating the evasive behavior, the doctor could overlook the actual cause of the problem – the group with the problematic behavior en actually stated significantly higher values for anxiety, depression and stress in the new study. It remains unclear whether these are the consequences of their online behavior or, conversely, its cause.

The study by the Malaysian researchers should not only be viewed with caution for this reason. Your sample was very small and not representative. The differences in brain activation between the groups were also small. To explain the alleged appeal of the negative images, it does not fit that these were liked less often than neutral photos Have new diagnoses justified. The research team is now investigating brain activation in Facebook users.

c’t 1 / 2021 This article comes from c’t 1 / 2021. We advise you on the selection and setup of network storage for the home and test suitable NAS empty enclosures. In another focus, we shed light on the security of health insurance apps and card terminals and show how you can analyze Android apps for e-health yourself. Also explosive: A server error enabled hosters to steal their identity and Schufa wants to screen private accounts. We have tested keyboards for frequent writers, telephone systems for the home office and much more. c’t 1 / 2021 is now available in the Heise shop and at the well-stocked magazine kiosk.

(agr)

The smartphones of 2020 and 2021 – Many incremental updates

Cookies can be used to display advertisements on Tweakers and to recommend articles that match your interests. Third parties can also track your internet behavior, as is the case with embedded videos from YouTube.

Cookies can also be used to display relevant advertisements on third party sites. More information about this can be found at tweakers.net/cookies.

To view pages on Tweakers, you must accept the cookies by clicking on ‘Yes, I accept cookies’.

Click here to login.

In 2023, you won’t be able to fly most drones in the US without broadcasting your location

If you intend to fly a drone in the US, you’re going to want to pay attention: the Federal Aviation Administration (FAA) just issued the single biggest set of changes to US drone law since the agency first took an interest in the technology. With the proper license, you’ll soon be able to fly at night and over people. But the biggest change is this: in 2023, it may be illegal for you to fly some drones at all unless you retrofit them with their own broadcasting equipment.

In 2022, the US government will require every new mass-produced drone weighing over 0.55 pounds (0.25kg) to broadcast your location — and I do mean your location, not just the location of your drone. You’ll also be broadcasting an identification number that law enforcement can cross-reference with your registration number, as well as your drone’s speed and altitude.

It’s all part of a new “Remote ID” standard designed to give the FAA and law enforcement a handle on what’s actually flying around in the skies, and it makes sense we might want something like that, considering the current system only requires you to slap a sticker on your drone that nobody’s going to be able to see while it’s flying through the air. This way, law enforcement can theoretically figure out who’s flying any given drone dangerously and shut them down.

But the Remote ID rule doesn’t just apply to brand-new drones: in 2023; it’ll be illegal to fly your existing drones without that same broadcast. There’s no grandfathering clause for older drones, no exemption for home-built racing drones, and it doesn’t matter whether you’re flying it for fun or even just flying it indoors. You’ll either need to retrofit it with a new broadcast module or only fly it in a specially designated drone flying zone called an “FAA-Recognized Identification Area,” according to the new rules. No such areas yet exist — the FAA will be accepting applications for the new zones in 2022.

It’s also noteworthy the FAA isn’t saying precisely how or how far these drones need to broadcast their identity, largely leaving it up to manufacturers to figure out the best way to do so over the next 18-20 months, which is when new drones sold in the US will have to comply. “At this time, no means of compliance have been FAA-approved,” writes a spokesperson.

For a DJI-style drone that already packs plenty of technology and already connects to your smartphone, it might theoretically be as easy as sending an additional signal every so often, but it depends on what the FAA decides to approve in the end. DJI declined to comment for this story, which makes me wonder if there’s some wrinkle I’m missing.

It is worth noting that while DJI railed against the FAA’s original proposal that might have required every drone to broadcast their Remote ID over the internet, the final rules explicitly don’t require an internet connection, and suggest that manufacturers might simply use short-range Bluetooth or Wi-Fi.

Here’s self-flying drone maker Skydio’s statement: “We are reviewing the FAA’s new rule on remote identification, which comes into effect in roughly 30 months. There is no immediate impact on Skydio customers. We are working closely with the FAA and taking steps to ensure that our current and future products will be in compliance with the new framework.”

If it does prove difficult to add these broadcasts. or if people become worried about revealing their location, it could change the way drones are made and sold. Companies like DJI already try to keep some drones under the 0.55-pound weight limit so buyers don’t have to legally register them with the FAA. Now, more drones are likely to follow suit, and manufacturers of cheaper flying toys might think twice about crossing that weight limit as well. Even racing drones designed to shed as much weight as possible may now need to factor a possible Remote ID transmitter into their build.

And just because you’ve got a Remote ID transmitter doesn’t mean you can take an eye off your drone, by the way. The Visual Line of Sight rule still applies. “Persons operating a drone with a remote ID broadcast module must be able to see their drone at all times during flight,” writes an FAA spokesperson, who also confirmed to The Verge that there’s no exemption for home-built drones. “[FAA-Recognized Identification Areas] are the only locations unmanned aircraft (drones and radio-controlled model airplanes) may operate without broadcasting remote ID message elements without other authorization from the FAA,” they wrote.

If you’re a professional, licensed drone operator, there is some very intriguing and long-awaited news today alongside the Remote ID rule, though: the FAA has decided to finally allow you to fly drones over people, at night, and in some cases even over moving vehicles without applying for a special exemption.

Flying at night requires additional training and anti-collision lights “that can be seen for 3 statute miles and have a flash rate sufficient to avoid a collision.” Flying over people depends on how dangerous your drone is in terms of weight and sharp propeller blades. There are four categories of drone:

Category 1 eligible small unmanned aircraft must weigh less than 0.55, including everything on board or otherwise attached, and contain no exposed rotating parts that would lacerate human skin. No FAA-accepted Means of Compliance (MOC) or Declaration of Compliance (DOC) required.

Category 2 eligible small unmanned aircraft must not cause injury to a human being that is equivalent to or greater than the severity of injury caused by a transfer of 11 foot-pounds of kinetic energy upon impact from a rigid object, does not contain any exposed rotating parts that could lacerate human skin upon impact with a human being, and does not contain any safety defects. Requires FAA-accepted means of compliance and FAA-accepted declaration of compliance.

Category 3 eligible small unmanned aircraft must not cause injury to a human being that is equivalent to or greater than the severity of injury caused by a transfer of 25 foot-pounds of kinetic energy upon impact from a rigid object, does not contain any exposed rotating parts that could lacerate human skin upon impact with a human being, and does not contain any safety defects. Requires FAA-accepted means of compliance and FAA-accepted declaration of compliance.

Category 4 eligible small unmanned aircraft must have an airworthiness certificate issued under Part 21 of FAA regulations. Must be operated in accordance with the operating limitations specified in the approved Flight Manual or as otherwise specified by the Administrator. The operating limitations must not prohibit operations over human beings. Must have maintenance, preventive maintenance, alterations, or inspections performed in accordance with specific requirements in the final rule.

You can’t fly a small Category 1 or Category 2 drone over people unless it’s got a Remote ID transmitter, while Category 3 can’t be flown over “open-air assemblies of human beings,” only private areas where people are either under covered structures or have been warned that a drone will be flying over. Regardless, you’ll need a Part 107 permit to fly at night or over people at all, which means taking a test and getting licensed. These specific rules should go into effect in about two months.

Here’s the FAA’s executive summary (PDF) on flying over people, and the full text of the Remote ID rule (PDF) so you can read for yourself. The FAA has addressed loads of public comments and suggestions in there, so it’s worth a read if you’re wondering why they chose to go this way.

Analysts: Tesla has to wrap up warm in front of the Apple Car

When Apple finally hits the market with its own electric car, it will primarily affect Tesla. This is the opinion of analysts at the Morgan Stanley banking house, who published a current study on the subject at the festival. According to this, the electric car maker under the leadership of Elon Musk has to fear far less of traditional vehicle manufacturers such as VW or Toyota than of the iPhone manufacturer.

Apple has “central ingredients” It has the “central ingredients” that are critical to To be successful in the automotive industry in the future: access to capital (Apple is the most valuable publicly traded company in the USA), the ability to attract and retain top talent, hardware design skills (from the human-machine interface to the battery) and a “rich ecosystem, to take advantage of recurring revenues through subscriptions and services “. According to Morgan Stanley, the revenues that can be achieved with “Internet of Cars” services could “exceed the entire auto business”. Musk wanted to talk to Tim Cook Recently there were rumors that Apple will enter the vehicle business for the foreseeable future. The “Project Titan”, “Apple Car” or “iCar” is according to the news agency Reuters supposedly ready for delivery from 2024. After the announcement, the Tesla share initially fell. Elon Musk let himself be carried away shortly afterwards to divulge the information that he had even approached Apple during the “darkest days of Model 3” to negotiate a sale. Allegedly Apple boss Tim Cook refused.

Apple expert waves it away It is unclear whether it actually stays with the timeline 2024. The well-known Apple observer Ming-Chi Kuo from the money house TF International Securities from Taiwan said on Sunday that the development plan for the Apple Car is “still unclear” and if development starts (or has started) this year, it will be before 2025 to 2027 nothing. In fact, Apple has been working on the project for many years. However, according to Kuo, “don’t be surprised if the launch schedule is postponed to 2028 or later”. Until then, Tesla could still sell numerous cars. (bsc)

rC3: Cory Doctorow warns of “digital equivalents of the atomic bomb”

Science fiction author Cory Doctorow called for stricter antitrust regulations, especially for interoperable online services, at the remote Chaos Communication Congress (rC3) on Sunday in order to maintain competition in the digital age. With the five greats of US surveillance capitalism – Google, Amazon, Facebook, Apple and Microsoft (GAFAM) – “the worst nightmares” of the early advocates of civil rights on the Internet have come true. Political and legal countermeasures are therefore overdue.

Potential for a Big Brother dystopia As a “blind spot” in the eye of early “cyber-optimists” like Grateful Dead songwriter and activist John Perry Barlow, who 1990 in In a famous statement that rejected the governability of the Internet by state actors, Doctorow identified the dark potential of new technologies for building a Big Brother dystopia. They did not realize that the use of digital products such as Microsoft Windows and Office as well as social media would be massively increased by network effects and thus tend to monopoly structures.

In fact, the regulatory environment in the 1990 and the Internet looked like an “almost perfect market” after the break-up of AT & T’s monopoly in the telecommunications market and the US government’s antitrust proceedings against Microsoft, admitted the US comrade – Electronic Frontier Foundation (EFF) civil rights organization. The cyberuphorics had therefore thought that everyone could now reach a global audience with their products and services from their garage via a cheap network. But this was “naive”.

Monopoly position of large corporations has become routine At the same time, the antitrust law had been put into trouble by the influential US lawyer Robert Bork, who had already acted criminally as the chief lawyer of President Richard Nixon, Doctorow explained. This has made the theory acceptable internationally that monopolies are not bad in themselves. It only becomes dangerous if they raise prices and harm consumers. This view prevailed in Europe during the Reagan era.

A real abuse of power can hardly be proven for today’s monopolists like the GAFAM-League despite their “predatory behavior” and is already routine the Canadian complained. They are likely to buy up competitors with impunity and expand their markets horizontally and vertically. Google, for example, has only built one and a half innovative and successful products of its own: the search engine and the Hotmail clone Gmail. Android, technology for online ad networks (AdTech) and YouTube are all just bought in.

“Garage myth” of the digital companies is no longer applicable The state is even cementing the dominant position of digital corporations, Doctorow referred to the excesses of the system for “intellectual property”. Thanks to “author monopolies” such as software patents, copyright, general terms and conditions, potentially new copyright claims on interfaces (APIs) and the legal protection of technology for digital rights control management (DRM), companies could use upload filters, for example, to hinder competition and put their customers in distress bring. Governments help them to enforce their intellectual property rights and, for example, confiscate imitations at the borders.

The “garage myth” is thus finally invalid, said the civil rights activist. Start-up founders would have to fight against monopolies with enormous growth rates today and would no longer be able to easily access venture capital in the area of the “kill zone of the big five”. Meanwhile, employees of tech companies only dreamed of the free massage on Wednesdays or a good pension plan.

Competition further undermined For Doctorow, it is therefore the highest level not only to sharpen competition law again, but also to “rediscover the liberating power of technology”. After an initial test of a nuclear weapon he helped develop as part of the Manhattan Project, Robert Oppenheimer at least tried to “put the spirit back in the bottle” and put down his tools. Today’s technology developers should therefore also abandon building “digital equivalents of the atomic bomb” and rely on interoperable open services.

“We are at a crucial crossroads,” warned the network activist. Programmers shouldn’t make Orwell look like optimists. With the Internet of Things, not only would electronic eyes be created everywhere, some of which users could research without blinking and report them to the authorities. Every networked device is also shielded with many intellectual property rights, so that it can hardly be used for other purposes. In this way, competition will be further undermined. Monopolies could destroy lives, however, because many people need drugs, vaccines or glasses and fly by airplanes.

(tiw)