Synology DSM 5.0-4493 Update 4 Released

Support.

Synology has just released Update 4 for DSM 5. The updates fixes OpenSSL and Kerberos security issues among other things. The last Synology security exploit to hit the news was based on old vulnerabilities. So while it’s a pain you should plan to patch as soon as it’s practical. I updated my DS212J, DS212+ and DS1511+ without a problem. And so far, no new errors have surfaced.

 

Google dominates top 10 apps, says ComScore

Google dominates top 10 apps, says ComScore.

This is another “duh” survey. Android dominates in pure market share for smartphones (over 85%). The real story here is that Facebook is number 1. Maybe not a shocker, but people do have to install it and set it up.

Other non-Google apps are Instagram (owned by Facebook). Apple Maps and Yahoo News. Apple Maps surprised me being tied for #10. With all the bad press and the fact that Apple only has about 22% of the market this was unexpected.

 

This is What’s Wrong With Security Reporting

Yahoo news picked up this story and it trended to the top (many others also carried it with the same sensationalization . While the meat of the story may have some good information (although not new information), the headline and conclusions are meant to draw clicks.

Headline:

Your Gmail App Is Shockingly Easy to Hack

In the first paragraph:

..allows them access to mobile Gmail accounts with a 92 percent success rate.

What’s wrong with this? Well, for one the “hack” requires downloading a malicious app to your Android phone. And that 92% success rate? Only among those that download the malicious app.

Yes, it would be nice if shared memory could not me accessed. But that shared memory access also brings benefits (OK, I assume the benefits part. Don’t ask me to list them).

They didn’t test other mobile OS’s but say the hack should work on them too. I’m no developer but I thought on iOS shared memory wasn’t, well, shared by apps. Which resulted in many of the complaints about apps not working together. I’ve also read comments that apps don’t access shared memory on Windows Phone. So this calls into question that assumption by the researchers.

In any event it works on other mobile OS’s, even for Android the headline should be “Installing malicious app will cause security issue!” But I guess that falls into the non-clickworthy “duh” category.

We’ve Moved In

We’ve moved to a new Web host

The OS Quest is up a running on it’s new host, WordPress.com. If you’re on the site you should see a red “The OS Quest” in the header when your on the site.

If you subscribed via RSS the feed should still work and if you see this post in your RSS reader then it does still work.

Mail subscribers will have been dropped, with my apologies, I could transfer them out of Feedburner since you need to opt-in. You can subscribe by hitting the link over on the right.

Some photos from older posts have broken links. I’m working on fixing these. If you come across any in an article your trying to read let me know and I’ll fix those links asap.

The “featured image” feature of WordPress is used differently in this theme. This causes some ugliness in some posts which I’m also working on cleaning up. Going forward things will be much cleaner.

I know things have been slow the last few months on The OS Quest but I should have more frequent updates in the near future.

Thanks for being an OS Quest Reader.

sign that says keep going don't look back