[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
This one got less attention but amusing nonetheless... You can worry too much about subtle hardware side channels, in practice they are harder to exploit than in labs, require physical presence, and can often be defeated by incidental noise, or encryption at the layer above. They are the province of geeks at establishments who’ll get your data somehow if they want it. How much of that traffic encrypted over Bluetooth or WiFi concerns data that just came or went over VDSL and traversed the Internet and it’s vagaries?! As we were saying your WiFi router probably has known issues which are a bigger worry. I suspect a bunch of Bluetooth end points gets even less love in the “patch known Bluetooth issues” stakes. Heck my car speaks Bluetooth and has a microphone and doesn’t get updates (unless it is on two year servicing by the dealer, or by malicious actors). Says Simon about to tell his Bluetooth headphone vendor that fetching driver update metadata over http is not cool. For want of an “s” in a URL or two.... since yes their website redirects browsers to https but the updater does not get redirected and doesn’t cache the redirect either (sigh). But that exposes the Windows or Mac device that uses those headsets, and it exposes them remotely across the vagaries of the Internet... |
-- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq