Payroll System!
-
extra random patterns on the phone after unlocking it.
gives you the extra benefit of starting up random apps and rearranging your home screen every time
-
This is not settled law. Cops are doing it because modern-day cops assume they can do whatever they want. Courts are beginning to say "wait a minute."
For phones, this is very settled law:
http://www.nytimes.com/2014/06/26/us/supreme-court-cellphones-search-privacy.html?_r=0
The decision:
-
No need to stand on principal over something so small.
I don't think it's a principle. I think the veterans here are used to management who expect to call you up at 3am and get a coherent answer, rather than "Server down? Pick him up and tip him, he'll be fine." I made that quote up. Not the point.
While I've never experienced management quite that bad, I've come across the all-and-any-hours "I'm working so you should be" type, and they're dangerous.
Fortunately, that was not the situation in this case, and I don't really need it. I was just looking for something to do on the train. I'm glad to be informed that my mini freak-out was unjustified.
-
Unless that passcode is used to encrypt the contents of the phone I don't see how that's possible.
Only a password can be used for encrypting the device.
All the other options for unlocking the screen (swipe, face, face+voice, pattern, PIN on mine) mean you can't use (whole device) encryption.
Yes - they basically use the screen unlock password for the LUKS encryption password - no password, no LUKS.
-
Fortunately, AFAICT my Lenovo work laptop doesn't have this.
I can find nothing in my Acer laptops' BIOS settings to suggest that this thing exists either. Even so, a completely clean Windows installation gets C:\Windows\SysWOW64\rpcnetp.exe created on startup, then C:\Windows\SysWOW64\rpcnet.exe shortly after logon, pretty rapidly followed by the background POST hammering.
Here's the startup script fragment I use to kick it in the head, for those similarly afflicted:
for %%p in (System32 SysWOW64) do ( if exist "%windir%\%%p" for %%n in (identprv rpcnet rpcnetp wceprv) do ( for %%x in (dll exe) do ( copy /b /y nul "%windir%\%%p\%%n.%%x" attrib +r "%windir%\%%p\%%n.%%x" ) ) )
-
I can find nothing in my Acer laptops' BIOS settings to suggest that this thing exists either.
I didn't look at the BIOS settings, but unless those processes hide themselves from TaskManager, none of them are running as either services or normal processes. Therefore, my conclusion is that either it's not installed, or our IT's default configuration disables it.
-
Ok, so now it is settled law. That decision's fairly recent, right?
-
That decision's fairly recent, right?
Yes. This year. CBA to go follow the link again, but June, I think.
-
Yes. This year. CBA to go follow the link again, but June, I think.
Right--so only a few months, and before that, it was perfectly OK for them to riffle through your contacts, your SMS, your email, any and all documents including pictures.
And what did they do with that? Oh, just occasionally set up fake Facebook accounts, including risque pictures of you, in an attempt to sting drug dealers, thus obviously potentially putting you at risk of revenge.
-
unless those processes hide themselves from TaskManager
They don't exactly hide, but they're usually fairly unobtrusive.
The initial download agent, rpcnetp.exe, does show up in Task Manager as a 32-bit process though you have to click Show From All Users to see it because it runs as System. But this only ever happens before it's had a chance to download rpcnet.exe, which gets installed as an automatic-start service with name rpcnet and description Remote Procedure Call (RPC) Net, generally during the first few logon sessions after the BIOS initially installs rpcnetp.exe.
Once installed, the rpcnet service spends most of its time stopped unless you're behind an authenticating proxy which it will hammer mindlessly, refusing to take 407 for an answer.
Quickest way to check whether you have this thing is to look in System32 (or SysWOW64 on 64-bit) for two <20K unsigned files named rpcnetp.exe and rpcnetp.dll; the dll is a copy of the exe, and will have a timestamp one minute newer. Once rpcnetp.exe has successfully phoned home, you might also have agremove.exe, identprv.dll, rpcnet.exe, rpcnet.dll and/or wceprv.dll all signed by Absolute Software Corp. or Absolute Software Corporation.
If you rename or delete any of these files, they will rise again all zombie-like on next boot or a few logons later. But if you replace them with zero-length read-only versions instead, they won't.
-
If you rename or delete any of these files, they will rise again all zombie-like on next boot or a few logons later. But if you replace them with zero-length read-only versions instead, they won't.
Converting them to be directories might also work, particularly as the steps to remove them are slightly different and hardly anyone remembers to make their code that robust. A lot of people are confused as hell when you create a directory with an extension, but a
filedirectory name is a directory name…
-
Converting them to be directories might also work, particularly as the steps to remove them are slightly different and hardly anyone remembers to make their code that robust. A lot of people are confused as hell when you create a directory with an extension, but a file directory name is a directory name…
Well, POSIX specifies
unlink()
to returnEPERM
if you try to unlink a directory, and the WindowsDeleteFile()
call does the same thing withERROR_ACCESS_DENIED
, so handling this case correctly is harder than it looks. ;)
-
What's the problem? Just run
system("rm -rf /path/name/here");
-
Converting them to be directories might also work
Nice thought, and an idea I will keep in mind in case I ever find myself needing to nobble something with enough intellectual wattage not to crumble instantly in the face of the monumental task of overwriting a file marked read-only.
I also read elsewhere that this particular POS won't even recognize that a Windows partition exists in the first place if the disk is GPT partitioned, so that's what I'll be doing with images I build from now on.
-
rm is on windows?
-
rmdir /s is near enough.
-
that's something that always confused me. why is it
rm
and
rmdir
on *nix
and
delete
and
rmdir
on windows?
and while i'm at it whats up with
ls
vsdir
?some hysterical reason we assume?
-
-
Cygwin has
rm -rf
-
OpSysISTENCY!
-
but Cygwin is a complete POSIX environment. rm is required!
-
-
I'd like to
cls
orclear
this conversation.
-
but Cygwin is a complete POSIX environment. rm is required!
Yes. We wants it, we needs it. Must have the precious.
-
which one?!
-
cygwin isn't enough for me. that's why i run a VM on my dev desktop.
-
why is it
rm
and
rmdir
on *nix
and
delete
and
rmdir
on windows?
and while i'm at it whats up with ls vs dir?
Windows inherited its original CLI from MS-DOS, which started out as a drop-in replacement for CP/M-86, which was descended from CP/M, the dominant OS at the time on Intel 8080 and compatible processors. CP/M was in turn influenced by DEC OS/8, which had COPY, REN, DEL, LIST, TYPE and DIR.
The CP/M floppy disk format had only a single central non-removable directory. When MS-DOS finally got a hierarchical file system added on (in DOS 2.0 if I recall correctly) its command interpreter got extended with CD and RMDIR and MKDIR commands lifted from Unix. There was no need to lift ls because DIR already existed.
The DOS filesystem calls also got extended to handle pathnames with components delimited using Unix-style slashes. However, because the command line interpreter was already heavily committed to OS/8-style use of the / character to introduce command switches, filesystem calls also allowed \ as an alternative pathname component delimiter.
For a while there you could set SWITCHAR to something other than /, which would let you use the One True Slash as revealed unto dmr to delimit pathname components in your command.com scripts, but almost nobody did. Pack of fucking nekulturny heretics.
-
Have a pendantry flag (and a like).
-
weeeeeee. knowledge!
-
-
Wii would like to play.
-
I deliberately make extra random patterns on the phone after unlocking it.
Using the touch screen normally will also accomplish this.
-
Using the touch screen normally will also accomplish this.
True, but what if a cop grabbed you right after you unlocked it and all you had time to do was hit the power button to re-sleep it, like might plausibly happen only in a cop movie?
-
Nice thought, and an idea I will keep in mind in case I ever find myself needing to nobble something with enough intellectual wattage not to crumble instantly in the face of the monumental task of overwriting a file marked read-only.
It also defeats anything that blindly overwrites while running with full administrative privileges; the OS won't let you overwrite directories that way, and that restriction is enforced at a deeper level than the security checks. Which stops all sorts of nasty stuff dead in its tracks…
-
Windows also won't let you (regardless of privilege) delete a filesystem object whose read-only attribute is set without unsetting it first, as far as I know; so that works against blind overwrites too.
Of course, given that the overwrites that need preventing in this instance are happening in a chunk of BIOS code rather than in Windows proper, all OS-behaviour-based bets are probably off; the first method that works is as good as any other.
-
Then he has 30 minutes until he has to swipe again (depending on your authentication settings)?
My settings are for a long time. My wife's is set to require the code every time.
I never leave the house, so I don't really worry about the cop case.
If they come to my place then I'm sure my computers will reveal more than my mobile.