In the video at the end you can see it’s the former. They’re drawing a digital representation of the commands the emulator is sending to the “sewing machine”.
Jetson is such a confusing product and it's difficult to tell exactly what they're supporting. Looking at the image download page it seems to be only Orin and newer?
Sounds like you should have actually watched the “long ass video”.
It allows the pairing key to be exfiltrated from the compromised device and an external, attacker controlled device to perform any function the original device could. This includes retrieving the paired devices phone number, answering phone calls, and receiving the audio. They live demo hijacking a whatsapp account using this.
Neat. It appears my headphones have to be in pairing mode. Which is a very short window, at which point the attacker can impersonate your device. this allows him to answer phone calls for you or make phone calls, but you would notice right away. It’s not like cloning the audio and eves dropping. so yeah it’s a nothing burger.
Some devices are/were only vulnerable during the initial pairing but a key point from this talk was that most of these devices were vulnerable during normal use.
The RACE protocol could be accessed even if the device isn’t in pairing mode. Then once you have a target device’s key you can carry out the attack at anytime, when they’d be unlikely to notice.
If you have the target device key, you can impersonate the device later. But how do you get the device key in the real world? I would need to be in pairing mode for you to get it. Even if you did get it, then you can answer my calls if you are next to me, which in the real world is certainly noticeable.
> I would need to be in pairing mode for you to get it.
No, that doesn't seem to be the case.
> then you can answer my calls if you are next to me, which in the real world is certainly noticeable.
You may not notice if the call was answered automatically and you didn't have your device on you, and the call could be forwarded with acceptable latency so the speech wouldn't be in earshot. Or these days you could use an AI to generate voice and it would sound realistic.
Just because something isn't likely to affect ordinary citizens doesn't mean it isn't possible.
Yeah, the passkey provider management is absolutely horrendous and is the biggest blocker to passkey adoption in my eyes. I have 3 different sources (iCloud keychain, Yubikey, and Enpass) and in the best case it's some extra clicks like you mention, in the worst case it just simply won't let me select the correct provider.
I've resigned to registering a passkey into all of my providers and just letting the most platform native option win for now.
I've really disliked Reddit's auto-translation. I'm bilingual (English & Japanese) and when I search for things only to get an auto-translated reddit thread it really is bizarre. The references, flow of the conversation, etc. are all just off and it feels weird.
Bilingual English and Spanish here and I absolutely hate this.
I can read both just fine. Platforms defaulting to always showing one or things like youtube auto-translating titles all to English or all to Spanish is frustrating because I always have to do the math in my head as to "Why does this thing I'm reading sound weird as hell" and realize its because it was lost in translation.
Hell, I watch creators/consume content where the creator or writer themself speaks/writes interchangeably in both languages often within the same sentence because Spanglish is very common, and that just destroys most of these automated generators brains.
Use `https://google .com/search?q=-tl%20%s` as your search engine in the browser. Adding "-tl" to search terms remove most translated results from Google Search results. For now anyways.
I really hate it too especially when I want to search something specifically within the French context and I end up getting pages translated from Englsh to French and waste my time on irrelevant content.
I've been studying Japanese for 15+ years and have really come to loathe machine translations from English. While generally the meaning gets across, they're very unnatural and often use words in contexts that sound weird or are just flat out wrong.
