Gizmodo: flaw

iPhone Copy/Paste Service Pastebud Delivers Copied Text to Random Strangers

Dan Nosowitz — Sat, 13 Dec 2008 14:45:00 EST

Pastebud, the service that lets you copy and paste text from email and Safari, has been sending the copied emails (including personal information) out to anybody but the original user.

We were excited about Pastebud, but reports are showing that the full text of the copied emails, which are sent to an online clipboard, are being sent out to the wrong users. Harry McCracken at Technologizer noticed that he was receiving totally unknown emails from Pastebud, and many had names and other personal information. Further, none of the text he was hoping to copy came back to him, which means some stranger almost certainly had access to his emails.

Jed Schmidt, the creator of Pastebud, figured out the problem pretty quickly: the directions weren't clear enough, so users had been sending their text to be copied to the wrong email address, leading to a sort of communal pool of emails that got sent out randomly. It should be fixed now, but it's just one more lesson to read the warning carefully: Pastebud is not the tool to use if you've got top-secret blueprints or a mistress holed up in an apartment somewhere. [Technologizer]

T-Mobile G1 Security Flaw Found, But It's All Under Control, People

Dan Nosowitz — Sat, 25 Oct 2008 18:00:00 EDT

A group of security researchers, including former NSA computer security expert Charles A. Miller, has discovered a security flaw in the G1's web browser. The flaw could allow a hacker to trick a G1 user into visiting a malicious website that could install some nasty bugs on the smartphone (or com). Google was made aware earlier this week, and is working to release a patch to fix the flaw, but Android's architecture inherently limits such a flaw's potential damage.

The flaw affects only the G1's browser, and the "sandbox" nature of Android limits the potential damage to only that one program. Interestingly, Miller is just now releasing the (admittedly limited) information to the press, stating that he feels smartphone users are not adequately aware of how risk-prone their devices can be. Google is a bit annoyed at Miller's forthrightness, implying that "they believed that Mr. Miller had violated an unwritten code between companies and researchers that is intended to give companies time to fix problems before they are publicized."

Google, T-Mobile, and HTC are all working together to fix the flaw, but Google is emphasizing that the overall security of the phone is just fine, and a patch will be released as soon as possible. [New York Times]

Overheat Risk Makes Sony Recall Vaio TZ Laptops

Kit Eaton — Thu, 04 Sep 2008 05:08:43 EDT

Sony's issuing a recall for Vaio TZ laptops sold between May 2007 and July 2008: apparently there's a risk of overheating leading to "abnormal heat deformation of the enclosure"—which sounds like a lot more than the usual knee-burn heat of a laptop. It's not due to the battery, mind you, rather it seems like a manufacturing flaw related to the power connector and LCD frame. The news relates so far to just Japanese machines, with Sony offering free inspection and repair, but keep your eyes peeled for news of the problem in other countries. [PCWatch]

Apple Acknowledges Huge iPhone Security Flaw, Calls It "Minor," Announces Fix

Jesus Diaz — Thu, 28 Aug 2008 17:55:00 EDT

Apple has acknowledged the huge iPhone security flaw we tested and reported on two days ago, promising an update for September that will fix the hole that can expose all your private emails, text messages and contacts. But instead of calling a spade a spade and acting as soon as possible, they have decided to minimize the problem:

The minor iPhone security issue, which surfaced this week, is fixed in a software update which will be released in September.

That jewel comes from an Apple spokeswoman, deciding to ignore what ourselves, Wired or the San Francisco Chronicle have classified as a massive security problem. Ms. PR rep: could you please send us your me.com and apple.com passwords so we can demonstrate how easily accessing your mail by clicking a button is not, and will never be, a "minor security issue"?

In the meantime, she points out to the user-driven fix, as if that would help the millions who have iPhones and don't read Gizmodo, Wired, SFC, Reuters, or any of the outlets around the web that echoed the news. Not good enough, I'm afraid. [Reuters]

Sidekick Slide Design Flaw Causes Resets?

Jason Chen — Mon, 12 Nov 2007 15:45:09 EST

Boy Genius reports that Sidekick Slide users are getting sudden restarts after sliding the screen up and down a few times. The cause? Apparently a build flaw that has too big of a gap between the contacts for the battery and the connector on the phone. Telstra, an Australian company, seems to be having similar problems on their version of the Motorola device called the Hiptop Slide. A temporary solution is to shove a piece of paper—maybe a business card—between the wall and the battery. This happening to any of you? [Boy Genius]

Seagate 2.5-inch Hard Drive Flaw Affecting MacBooks?

Jason Chen — Mon, 29 Oct 2007 16:40:00 EDT

Retrodata, a data-recovery company, has just issued a warning for Apple MacBook owners with Seagate hard drives that were manufactured in China and have a firmware version of 7.01. Apparently these have a fatal flow that cause their read/write heads to fail mechanically, scratching up the hard drive surface as pictured and making data unrecoverable (even by professionals such as themselves). If you've got a MacBook, you should check to see if your internal drive is a Seagate and back up your data accordingly. There's no official word yet from Apple on whether or not this actually a problem, but better safe than crying over lost nudie photos. [Retrodata - Thanks Eric!]