Results 1 to 2 of 2

Thread: SplashTop Security Hole Still Exists

  1. #1
    Join Date
    Jan 2007
    Posts
    15,438

    Default SplashTop Security Hole Still Exists

    Phoronix: SplashTop Security Hole Still Exists

    Back in August we were the first web-site to share how SplashTop Linux could be hacked and the following month we shared about a SplashTop security problem where the contents of any attached hard drives are exposed freely to the network, if you're not running a hardware firewall. This issue was discovered by Kano, a Phoronix Forums member and the developer behind the Kanotix distribution...

    http://www.phoronix.com/vr.php?view=NjgxMw

  2. #2
    Join Date
    Aug 2007
    Posts
    6,646

    Default

    The security aspect is only one thing. The version from the hp homepage (version 1.0.0.6) is really bad in other ways too. First of all they use ndiswrapper instead of native iwlagn/iwl4965 driver. Then there are basically no standard LAN drivers at all there not even the ones needed for VMs, you have to use WiFi if you want or not (as hack you can replace the kernel.bin by another one, but then the branding is a mix between Asus and HP). Pidgin can not connect to ICQ. When you watch the Voodoo video on the Splashtop website they use Wifi, use Pidgin, but do NOT connect via LAN or try ICQ (just because it is impossible!). To make it harder for newbees to try the system on different PCs the ce_bz file is now missing in newer ExpressGate builds and does not exist in Voodoo IOS, but you can strip the first 1536 bytes from another one you have got already and put that header in front of the cefull file and you can boot it with any standard bootloader (or just reuse another ce_bz). The fully positive review video is a real joke when you have got deeper knowledge about the system.
    Last edited by Kano; 10-26-2008 at 01:22 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •