Episode: 3723
Title: HPR3723: HPR News
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3723/hpr3723.mp3
Transcribed: 2025-10-25 04:39:32

---

This is Hacker Public Radio Episode 3,723 for Wednesday 9 November 2022.
Today's show is entitled HPR News.
It is hosted by some guy on the internet and is about 12 minutes long.
It carries a clean flag.
The summary is news for the community by the community.
Hello and welcome to another episode of Hacker Public Radio News.
I'm your host, some guy on the internet.
For today's show, we're going to be covering Threat Analysis, a new segment called User
Space, and a second new segment called Toys for Tax.
First up, Threat Analysis, Your Tax Surface.
Wireless key fobs compromised in European nations.
On October 10, 2022, European authorities arrested 31 suspects across three nations.
The suspects are believed to be related to a cybercrime ring that allegedly advertised
an automotive diagnostic solution online and sent out fraudulent packages to their victims.
The fraudulent packages contained malware and once installed onto the victim's vehicle,
the attackers were able to unlock the vehicle, start the ignition, and then steal the vehicle
without the physical key fob.
European authorities confiscated over 1 million euros in criminal assets which include
but not limited to malicious software, tools, and an online domain.
The article also pointed out that they seem to be targeting two major French manufacturers.
They didn't give any details as to what the device looked like or how it interacted
with the vehicle like OBD2 or anything like that, but I imagine it probably used OBD2.
For the second article under Threat Analysis, Microsoft Office 365 has a broken encryption
algorithm.
Microsoft Office 365 uses an encryption algorithm called Office 365 Message Encryption
to send and receive encrypted email messages.
Before we continue with the story, I just want to say they're trying to read these names
with these numbers and it kind of sucks.
The messages are encrypted in an electronic code book also called ECB.
The United States National Institute of Standards and Technology, NIST, reported,
Microsoft's ECB mode encrypts plain text blocks independently without randomization.
Therefore, the inspection of any two cipher text blocks reveals rather than not the corresponding
text blocks are equal.
Also basically Microsoft forgot to randomize in their algorithm and it created one big
old whoopsie daisy.
They also pointed out that hackers are using this hack now decipher later technique.
So be careful using Microsoft Office 365 email encryption.
They even point out that there's another encryption method that they recommend that you use instead
of their ECB.
So be careful.
Next up, user space, Netflix cracks down on free loaders, Netflix is testing in Argentina,
the Dominican Republic, El Salvador, Guatemala, Honduras, and Chile, Costa Rica, and Peru,
different efforts to crack down on free loaders.
The term free loaders covers the multiple users sharing a single Netflix account from different
locations.
This plans to charge an additional three to four dollars per sub account.
So I can imagine a situation where you and a roommate decide to get a Netflix account
and you share it within different areas of the room, you know, the place where you live
and then eventually one of you moves out and you keep sharing the account.
Well, Netflix is basically going to say you have to pay for your own account and how
we'll manage that is by, you know, tacking on extra money to the main account.
I imagine the next Flix customers aren't happy about this.
Next story, Samsung implements product blockchain to link user devices while claiming the private
blockchain has nothing to do with crypto mining.
The Knox matrix security system links all your devices together in a private blockchain
instead of using server-based group verification systems.
The system, known as Knox matrix, is supposed to allow devices to manage themselves by
auto updating, caching updates for other devices than distributing the updates to the other
devices on the private blockchain.
It sounds to me like Samsung is trying to win the award for the largest foot gun ever
invented.
Now let's talk about toys for techs.
First tour we're going to bring up is something called the Juno Tablet.
I hadn't seen this device before, but it looks really, really cool.
It's a Linux tablet.
Before we continue, let me just put this up front.
Juno tablet is a beta product.
Overall it works fine with a few bugs.
It is a non-refundable product.
You will only get store credit if you choose to try and refund this.
Now the price for this product, the base price is $429 USD.
I thought I'd scare you away immediately before you can try to get this thing right
go ahead and get that price right out front.
That way you don't even have to ask, just walk out now.
Let's go ahead and get into some of the specs for it shall we?
For those of you who haven't made it out of the door yet, the screen size is 10.1 inches.
Now for the screen type, it's a full HD IPS screen at 1920x1200.
And because it's a tablet, well, it's touchscreen as well.
They report on the website that the touchscreen does work.
Refresh rates for a screen is 60Hz.
Now for CPU, get this.
We're not talking ARM or any of the other architectures out there.
We're talking X86 with an Intel Jasper Lake Celeron N5100.
That's right, ladies and gentlemen, X86, which means most of the Linux
and BSD packages you already run on your laptop or whatever should just run naturally here.
The key word there is going to be should because with the operating systems, yeah, we'll
get to that a little bit later.
Now for graphics, we're going with the Intel UHD graphics, which is, you know, it's like
that CPU, GPU thing, what they call them APUs or whatever.
Get the base clock at 350MHz with a max of 800MHz.
I saw a little something about 4K on their website, but I would not even imagine trying
to use 4K on something like this.
You're better off sticking with 1080p, but I mean, it may be possible to use 4K.
For RAM, we're looking at eight gigabytes of 2133MHz LPDDR4 storage.
We're going to start off with a 256GB SSD.
You can also upgrade that to a 512GB or a 1TB SSD.
Now I believe RAM and storage are soldered in because tablet.
The RAM specifically says soldered for eight gigabytes.
That Intel Jasper Lake sell around N5100.
However, it can take up to 16GB, but I guess this is the first, you know, round sort of
just starting off with eight plus it's a tablet.
They don't know who the market is yet.
I'm guessing maybe not that many people want one.
The chassis is going to be plastic.
And for the wireless card, we got the Intel Wireless AC 9460 or the 9560.
So all this sounds like it works, you know, right out of the box in Linux.
It's all Intel.
Now I'm pretty sure you guys don't care about ports, right?
Who here on hacker public radio cares about ports?
We're just going to go.
What?
What was that?
You said you want to hear about the ports.
Do you?
Okay.
If that's what you want to hear.
Yay.
We're talking 1 USB 3.0, 1 USB Type-C 3.1, which supports charging and video out.
You got one mini HDMI, a micro SD card, and oh my goodness, the famous three and a half
millimeter headphone jack.
It also has a built-in microphone.
Now, if you're going to be running this thing, you need to have Linux kernel 518 and above.
I guess that's where all the drivers are built in for this.
And as we mentioned, with the operating systems earlier, looks like they've tested a lot
with Manjaro.
So you got Manjaro Posh, Manjaro Plasma Mobile, and then there's a Moby and Posh.
They also said that Windows 11 will work, but they do not provide.
It doesn't come pre-installed.
They can provide now.
So...
I did.
Now, when I first saw this thing, I fell in love with it immediately.
But then I had to, I had to, you know, gain composure, because you can't forget about
the Jingpad A1.
Remember that?
It's the world's first consumer-level ARM-based Linux tablet.
Yeah.
And then all of a sudden, they just disappeared.
I think they went out of business, stopped updating it.
I think the site shut down, or either they just didn't do anything else with the site.
And it's just up in the air now.
So a bunch of people bought it into that, and they're just left holding a device that's
no longer supported.
But it looks nice, though.
Yeah.
Well, with the Jingpad, it was ARM.
So with this, this is X86.
So even if these guys were to be like, ah, we're no longer want to be bothered with it.
I mean, everything's right there in kernel anyways, right?
You don't have to worry about, you know, or at least, I hope you don't have to worry
about using some boutique distro or anything.
You should be able to just launch, you know, vanilla arch, Jingtoo, Ubuntu, whatever you
like on this thing, BSD, you know, whatever you can get your hands on.
And our last toys for text item today would be the Pine64's Ox64.
Now, I don't know a lot about risk-five.
But this is a, it reminds me of the Raspberry Pi Pico Inform Factor.
It's, this is a risk-five single-board computer in the same form factor as that Pico has embedded
64 megabytes of PS RAM.
The specs are not what you want to be looking at here.
I have them listed below.
But from what I can tell, what you're able to read there, they want this to be for development.
If you wanted to develop anything using risk-five, they provided a very cheap entry device
for people who want to test their skills in a risk-five platform.
Yeah.
Because when I look at the specs down there, I mean, they look kind of, they're pretty
short.
So I can tell this isn't something you're going to be running services on right out
the gate.
I think they even tell you about that.
Some of the Linux distrils they are testing are still like, awful right now, trying
to get all that stuff supported.
But yeah, if you want to play around, test your skills, writing, I guess, kernel drivers
or something like that, go right ahead.
This thing, I believe, is eight bucks.
I got a link down below to the Pi 64 OX 64 Wiki.
This concludes our episode of HPR News with some guy on the internet.
Please leave me a comment.
Let me know how you like the show.
I'm going to be adding in different things as time goes by.
One of the things I wanted to point out as well is there's a ton of ransomware stories
out there.
And I didn't want this show to become all about ransomware.
So that's why I added the toys for text and the user, user mode.
Let me know what you think.
Goodbye.
You have been listening to Hacker Public Radio.
Hacker Public Radio does work.
Today's show was contributed by a HPR listener like yourself.
If you ever thought of recording podcasts, you can click on our contribute link to find
out how easy it leads.
Hosting for HPR has been kindly provided by an onsthost.com, the internet archive and
our sings.net.
On the Sadois status, today's show is released under Creative Commons, Attribution, 4.0
International License.