James ThomsonI hope buttons look like buttons again.
Pri Bengani
- 516 Followers
- 519 Following
- 2.1K Posts
Senior Research Fellow, Tow Center @ Columbia University
Periodic reminder to give apps limited access to Photos because, if not, well:
It kind-of sucks that Apple forced the EU’s hand with some of its App Store policies, because there is an alternate universe where the alt stores just don’t exist.
What is with Apple icons lately? First Playground and now Invites. They could’ve at least tried to do balloons instead of the random colourful circles.
(And, no, this isn’t nostalgia for the good ol’ skeuomorphic days.)
BrianKrebsSome fascinating research out on hacking a Subaru via STARLINK connected vehicle service.
"On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK connected vehicle service that gave us unrestricted targeted access to all vehicles and customer accounts in the United States, Canada, and Japan.
Using the access provided by the vulnerability, an attacker who only knew the victim’s last name and ZIP code, email address, phone number, or license plate could have done the following:
Remotely start, stop, lock, unlock, and retrieve the current location of any vehicle.
Retrieve any vehicle’s complete location history from the past year, accurate to within 5 meters and updated each time the engine starts.
Query and retrieve the personally identifiable information (PII) of any customer, including emergency contacts, authorized users, physical address, billing information (e.g., last 4 digits of credit card, excluding full card number), and vehicle PIN.
Access miscellaneous user data including support call history, previous owners, odometer reading, sales history, and more.
After reporting the vulnerability, the affected system was patched within 24 hours and never exploited maliciously."
Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel
On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK admin panel that gave us unrestricted access to all vehicles and customer accounts in the United States, Canada, and Japan.
I know the “open” jokes have been done to death, but…
OpenAI quietly funded independent math benchmark before setting record with o3
OpenAI's involvement in funding FrontierMath, a leading AI math benchmark, only came to light when the company announced its record-breaking performance on the test. Now, the benchmark's developer Epoch AI acknowledges they should have been more transparent about the relationship.
Joseph CoxEvery Saturday we publish The Abstract, a round-up of new science studies and reporting from one of the best science writers in the business, Becky Ferreira. Easily one of the most popular and insightful things on 404 Media. Signup to get every week: https://www.404media.co/the-data-on-civilization-ending-superflares-3/
