Millions of Samsung Galaxy devices remotely exploitable

in security on (#BW4T)
Hackers can easily break into Samsung Galaxy phones and spy on the entire life of their users. A vulnerability in software on the phones lets hackers look through the phones’ camera, listen to the microphone, read incoming and outgoing texts and install apps, according to researchers. The hack works by exploiting a problem with the Samsung IME keyboard, a re-packaged version of SwiftKey that the company puts in Samsung Galaxy keyboards. That software periodically asks a server whether it needs updating — but hackers can easily get in the way of that request, pretend to be the server, and send malicious code to the phone.

Researchers have confirmed that the exploit works on versions of the Samsung Galaxy S6, the S6 Edge and Galaxy S4 Mini. But it may also be active on other Samsung Galaxy phones, since the keyboard software is installed on more devices. It doesn’t matter if users are using the keyboard or not. Samsung was notified about the vulnerability in December last year. Samsung is reported to have provided a patch to mobile network operators, who must push Android updates out themselves. There is little that owners of the phone can do beyond avoiding insecure WiFi networks. The most worrying part about this is that users can't stop their device from checking for updates. It may be time to grant superuser access to the device owner by default.

SIMS 4 not meeting expectations

in games on (#2S3R)
story imageSIMS 4 has been out long enough for reviewers and gamers to provide feedback on the latest chapter in the mighty SIMS franchise. So far the reviews have not been highly positive.

The game has a number of issues with the most disturbing being deformed babies leading to galleries of deformed SIMS 4 babies. The consensus at this stage is that the game is ok, lacks game mechanics users expect in a SIMS game, has some new quirks, and generally could be a lot better.

EA has apparently not learnt from the last SIMCity debacle with SIMS 4 requiring an Origin account and internet connectivity to register. Players are disappointed. Too bad! Given the resources EA commands and that 5 years have passed since the last SIMS this game could have been awesome.

Accenture wins $102M contract to implement Australian Child Support system in SAP

in code on (#3HF)
Accenture, a firm well known for its spectacular failures has won the AU$102m contract to replace the ageing Child Support system with a SAP system for the Australian Department of Human Services Child Support programme . Accenture will have five years to complete this herculean task. CUBA, the current CSA system for processing child support payments, dispenses $3.2 billion in payments in more than 1 billion transactions annually for 1.2 million children and 1.5 million parents per year.

Is this the deal of a lifetime or an impending disaster? And is SAP the right system to build? What would you use to support a transactional system of this magnitude?

Should companies offering online services be required to maintain them?

in games on (#3F6)
story imageThe latest weekly HumbleBundle is a select of games from PopCap including the popular Bejeweled and Plants vs Zombies games. The caveats at the bottom for Origin, EA's answer to Steam, includes a term stating:
I am wondering at what point this becomes unacceptable? If I have paid for a game which has online "features and services" then shouldn't the company selling this support the online side for as long as possible, or am I just living in a pipe dream?

On a side note, it is a pity that this HumbleBundle doesn't come with the Android version of these games; and that they don't offer a DRM free download of the games.