Not wrong, but the issue is complex. Drones are very obviously one of the bullets in any upcoming conflict. It’s not really about spying and phoning home, it’s that it would be insane to try to tell China “hey, don’t invade other countries mkay?” And then say “oh also we need ammo to stop you but we don’t have the ability to make brass cases or gunpowder anymore, can you send us some”.

Now, while we “can”, to some extent, manufacture components and complete systems, the thing about a war is that it’s basically a wizard duel but with money hoses. You can’t win if the Chinese are producing slaughter bots for $500 ea and the US equivalent is $100,000 (literally). Congress is praying that this will light a fire under US and more friendly foreign manufacturing supply chains to invest more because they might have a chance of breaking into a lucrative market. That said, it probably just paves the way for a two tiered market where China makes their slaughter bots for $500 and the US makes them for $50,000 but all the civil use cases get caught in the cross fire for the short to mid term…so everyone still loses, just harder.

Its like we’ve adopted the economic policies we forced on third world nations, and found ourselves with a third world economy

Foucault’s boomerang at work, just like US counter insurgency tactics now being employed by US police.

I’m adjacent to the industry. This is dumb but I understand the reasoning. We’re getting left behind in the electronics world. Nobody is creating hardware startups because every few months there’s a viral blog post with a “hardware is hard” title on HN and none of the VC assholes want to fund anything but web based surveillance capitalism ad tech because it’s a surefire way to make money. Even if you do get funded and you’re US based you’re absolutely doing all your manufacturing in China if you’re remotely consumer facing (b2big-b has different rules). That means Chinese companies get all the benefits of all the labor from your highly trained engineers when they get the design files. If you try to build anything at volume in the US you have strikingly few options for boards and parts. Everything is whole number multiples of fucking PCBway and half the time it’s lower quality unless you’re paying aero-defense prices which is the only business anyone wants.

Literally all of the alternatives are open and much more capable for it. You can go buy a pixhawk and basically any frame and have something much more powerful for much less money, you just have to be willing to bolt two or three parts together.

Fuck HDMI. The committee makes doing custom hardware near impossible unless you’re a mega corp

https://github.com/nivekuil/rip This is what you’re looking for

The lower layers all already at least moderately well encrypted, what they’re doing here is trying to pull the unencrypted device ID necessary to establish a connection. It’s not really what you’re sending (though traffic frequency analysis may be included) and more about just figuring out where a particular phone is so they can physically track the user.

I look forward to running their shit in an Android emulator that feeds it bullshit until my rates go down

I got screeched at for covering up a super bright blinking light on a red eye. Their FAs are next level stupid.

I’d argue the year of the Linux desktop passed years ago and now it’s just a saturation game. Most serious SW development is now on Linux laptops/desktops, Android owns the mobile space and versions are starting to make huge inroads in the laptop space. You can buy gaming systems running it trivially now.

Conversely, casual users of windows are dying off, fewer non technical people are using desktops for anything at all. Only institutional users are buying Windows keys and they’re some of the easiest to get on Linux because of the cost savings, particularly if you run Linux server infrastructure, a fight we already won over a decade ago.

Making ai more efficient will just mean more ai

AGPL just in case they try to put your brain waves into the cloud

I hate that it needs to be said but love that they said it so plainly

Yeah, I’d agree with that.

The point I was making was for people who thought this was cellphone cameras and that it would somehow work even if the camera wasn’t actively running.

As far as war driving with an sdr you’d probably occasionally find something interesting, but the vast majority would be cameras just pointed back out at the street. I think you’d mostly see stuff where if you wanted to spy it would make more sense to hide your own camera because it’s already public.

All that said, I would lose my shit if Hollywood did something believable for once and used this for a heist movie.

$250 per camera that you have to be within meters of best case. That doesn’t include the packaging cost to make this look innocuous so probably significantly more money if you wanted this to be stealthy and reliable. Add in the money for the distribution and “installation” of such devices.

This doesn’t scale at all.

It’s just a tempest attack. Firmware won’t fix anything but the attack is an extremely expensive nation state level operation that doesn’t scale.

I work on this stuff, short answer, no, it’s not possible. This is just yet another overly complicated tempest attack. Especially with phones the camera link is so short it’s just not radiating enough. They claim 30cm so you basically need the receiver in the same backpack as the phones. As phones get higher resolution and faster cameras this will become even less of an issue. Also, most importantly the camera has to be powered and running for this to work so just don’t take pictures of classified stuff while carrying around a weirdly warm battery bank an unusually attractive eastern European girl gave you as an engagement gift and you’re good.

The actual target here is some sort of The Thing https://en.m.wikipedia.org/wiki/The_Thing_(listening_device) style attack where someone with a huge budget can get a wildly expensive device really close to a system through a significant human intelligence effort.

The line of reasoning is valid though. These satellites will have some ability to track and intercept low power intentional emissions like WiFi and cellular packets. While these are encrypted there are still things you can do with the metadata.

Why the popularity in Yemen? Weird laws or something?

Yeah the security angle gets parroted a lot, I’d call it more of a bad practice thing than a “omg you’ll definitely get haxxord”.

Otoh USB C as a spec is sort of necessarily a nightmare. It’s not hard to end up with shitty devices that’ll gleefully provide 20V when the system expects 5V and even if it’s just USB A, it’s not that hard to end up with 120/240v going straight into your phone.

At least with devices you own and control you know if they’re melting things and haven’t spent their lives being kicked/spilled on/cleaned with corrosive solvents or just generally old as hell and unmaintained.

Personally I bring my own because it’s faster and more reliable, and I have trust issues.

Just my opinion but I don’t really like the common belief of separating nation and non nation state actors. We’re getting to the point where nation states are making up a large portion of the really damaging attacks, and it’s frequently ones own government or a government they’re in conflict with which means there are very kinetic consequences for failure even if you’re a nobody. It’s not just someone stealing some money anymore.