Hi folks!
I do need to be clear about one thing please.
It's my understanding that this will not work on the mpower is
that correct??
Thanks a lot and I do agree this is a HUGE security hole. And
security these days is NOTHING to be lax about especially if you
keep important personal data on your machine.
Best to all
Jack ----- Original Message -----
From: crazy-shawty aka everything you're muther wanted you to be
but you aintquite turned out like me?
<[email protected]
To: Alex Hall <[email protected]
Date sent: Sat, 02 Oct 2010 12:02:58 +0100
Subject: Re: [Braillenote] Warning: BrailleNote ApexOffers
Read/WriteFTPAndTelnet Access To All Comers
I still dont feel it is all that bad. If your files are braile
or ks
type no computer will ever read them.
On 02/10/2010 04:32, Alex Hall wrote:
Unfortunately, this is not limited to xp. The network browser
on the
bn, where you select "network" as your drive, will only work on
xp.
However, this is at a much more basic level, and so it will work
with
any device that supports ftp; a pc running win95 could do it as
well
as win7 or even a mac. It is because here you are looking at
the files
on the bn from another device, whereas with the network drive
option
you are looking at files on another device from the bn.
On 10/1/10, Danielle Montour<[email protected]>
wrote:
That's awful to think about. I wonder how that slipped by HW,
or
maybe they didn't think of it. Well, if this only works on XP
or
earlier as Alex said, then maybe windows had something to do
with
it too.
----- Original Message -----
From: Alex Hall<[email protected]
To: peter greco<[email protected]
Date sent: Fri, 1 Oct 2010 23:03:08 -0400
Subject: Re: [Braillenote] Warning: BrailleNote Apex Offers
Read/WriteFTPAndTelnet Access To All Comers
Precisely the problem. In theory, anyone else could do that
same
thing
on a pc and see flash disk, sd card, and so on. They could then
download all the files they want, or erase them, or anything,
and
you
would never know it is happening. Try opening the flash disk
link; you
will be able to go through all your folders and see all your
files,
and if you can, then anyone who gets your ip address and sees
that
your apex offers ftp/telnet can do that as well. Admitedly
there
is
not a huge chance that this will happen, but it is a huge hole
in
security that someone could find and use.
On 10/1/10, peter greco<[email protected]> wrote:
Hi Alex
I have followed your steps.
Now what?
I can see network, flash disk, s d card and so on.
Apologies if I'm missing something!
Peter
----- Original Message -----
From: Alex Hall<[email protected]
To: Sabahattin
Gucukoglu<[email protected]
Date sent: Fri, 1 Oct 2010 21:03:00 -0400
Subject: Re: [Braillenote] Warning: BrailleNote Apex Offers
Read/Write FTPAndTelnet Access To All Comers
This is crazy!!
1. Connect to a wifi network on an Apex (someone with an
mpower,
please try this as well).
2. Go to options> connectivity> active connection details
and
space
down to the "ip address" item. Note this address.
3. On any computer, including the bn, go to:
fpt://a.b.c.d
where a.b.c.d is the ip you noted earlier.
4. You can see the contents of any drive available on the bn
(though
some drives have an odd timestamp), and download anything you
want.
This means that anyone could do the same and you would never
know
it!!
On the bright side, it does let you save the bn as a folder in
Windows
(on a pc) and manage files on the bn that way, eliminating the
need
for activeSync; just copy a file from your pc and paste it
into
the
virtual folder you set up. Of course, if you are using dhcp,
you
will
have to specify the ip each time the bn re-connects, but it is
quite
convenient. Still, as nice as it is, it is a massive security
risk.
The best way to avoid this is to not use wifi anywhere you do
not
feel
secure, such as at home. This is an impractacle solution,
though. Your
only other hope is to keep everything in .kwb (keyword
braille)
formatted files, since these files are difficult, if not
impossible,
to read without a bn. Thanks to the OP for discovering this;
I
am off
to email hw, and I recommend that anyone else who understands
this
message do the same. Basically, the bn can be remotely
accessed
by
anyone and files moved to or from it, and you will never know.
Again,
you can use this to your advantage to move files to and from
the
bn
and the pc over wifi, which would be a great feature if it
were
made
secure.
On 10/1/10, Sabahattin Gucukoglu<[email protected]
wrote:
On 2 Oct 2010, at 00:12, olivia wrote:
How can you access telnet on the apex? Thanks!
BrailleNote doesn't have a telnet or other remote client (but
it
should).
Unfortunately, the telnet server is running, and listening by
default, so
just connect with any telnet client. (If you do not know how
to
do this,
you probably have no need to. It gives you access to a
command-line
interface (cmd.exe).
Cheers,
Sabahattin
___
Replies to this message will go directly to the sender.
If your reply would be useful to the list, please send a
copy to the list as well.
To leave the BrailleNote list, send a blank message to
[email protected]
To view the list archives or change your preferences, visit
http://list.humanware.com/mailman/listinfo/braillenote
--
Have a great day,
Alex (msg sent from GMail website)
[email protected]; http://www.facebook.com/mehgcap
___
Replies to this message will go directly to the sender.
If your reply would be useful to the list, please send a
copy to the list as well.
To leave the BrailleNote list, send a blank message to
[email protected]
To view the list archives or change your preferences, visit
http://list.humanware.com/mailman/listinfo/braillenote
--
Have a great day,
Alex (msg sent from GMail website)
[email protected]; http://www.facebook.com/mehgcap
___
Replies to this message will go directly to the sender.
If your reply would be useful to the list, please send a
copy to the list as well.
To leave the BrailleNote list, send a blank message to
[email protected]
To view the list archives or change your preferences, visit
http://list.humanware.com/mailman/listinfo/braillenote
___
Replies to this message will go directly to the sender.
If your reply would be useful to the list, please send a
copy to the list as well.
To leave the BrailleNote list, send a blank message to
[email protected]
To view the list archives or change your preferences, visit
http://list.humanware.com/mailman/listinfo/braillenote
___
Replies to this message will go directly to the sender.
If your reply would be useful to the list, please send a
copy to the list as well.
To leave the BrailleNote list, send a blank message to
[email protected]
To view the list archives or change your preferences, visit
http://list.humanware.com/mailman/listinfo/braillenote
