Four short links: 8 August 2019

Counterfeit Security, Poses in Art, Content Moderation, and iPhone Remote Attack Surface

By Nat Torkington
August 8, 2019
Four Short Links
  1. From The Depths Of Counterfeit Smartphones — security look at the counterfeit phones. Spoiler: they’re nasty, stay away. Both the Galaxy S10 and iPhone 6 counterfeits we assessed contained malware and rootkits. And that’s the most straightforward nastiness: even if you removed the rootkit they’d still be shocking. In the case of the “iPhone,” further digging revealed that it runs a far older version of Android: Kitkat 4.4.0. Kitkat’s last update came in 2014.
  2. Linking Art through Human Poses — arXiv paper that finds artwork with matching poses using OpenPose. (via MIT TR)
  3. Learn faster. Dig deeper. See farther.

    Join the O'Reilly online learning platform. Get a free trial today and find answers on the fly, or master something new and useful.

    Learn more
  4. A Framework for Content Moderation (Ben Thompson) — pretty good post, tackling why and where the different levels of moderation make sense.
  5. Fully Remote Attack Surface of the iPhone (Google Project Zero) — very interesting read, showing the detail and dead ends of a security tester. The method […] processes incoming MIME messages, and sends them to specific decoders based on the MIME type. Unfortunately, the implementation did this by appending the MIME type string from an incoming message to the string ‘decode’ and calling the resulting method. This meant that an unintended selector could be called, leading to memory corruption.
Post topics: Four Short Links
Post tags: Signals