Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices by Jonathan Zdziarski

Slides from the talk Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS by Jonathan Zdziarski at the 2014 Hope X conference in New York. 
 

Tags: 

FBI Weighs Looser Pot Rules for New Hires - Funny

From todays WSJ - quote from FBI Director James Comey
 
Congress has authorized the FBI to add 2,000 personnel to its rolls this year, and many of those new recruits will be assigned to tackle cybercrimes, a growing priority for the agency. That is a problem, said Mr. Comey, as a lot of the nation's top computer programmers and hacking gurus are also fond of marijuana.
 
"I have to hire a great work force to compete with those cybercriminals, and some of those kids want to smoke weed on the way to the interview," Mr. Comey said. He added that the agency was now "grappling" with how to amend its marijuana policies.  Full Article
 

Tags: 

FCC's New Rules Could Threaten Net Neutrality

Expect Delays Sign Photo

Federal Communications Commission Chairman Tom Wheeler is circulating a proposal for new FCC rules on the issue of network neutrality, the idea that Internet service providers (ISPs) should treat all data that travels over their networks equally. Unfortunately, early reports suggest those rules may do more harm than good.  READ MORE

Tags: 

Why You Shouldn't Put Your Money Where Your Mouth Is

 

By ROBERT LEE HOTZ
Wall Street Journal
April 18, 2014

Talk about dirty money: Scientists are discovering a surprising number of microbes living on cash.
 
In the first comprehensive study of the DNA on dollar bills, researchers at New York University's Dirty Money Project found that currency is a medium of exchange for hundreds of different kinds of bacteria as bank notes pass from hand to hand.
 
By analyzing genetic material on $1 bills, the NYU researchers identified 3,000 types of bacteria in all—many times more than in previous studies that examined samples under a microscope. Even so, they could identify only about 20% of the non-human DNA they found because so many microorganisms haven't yet been cataloged in genetic data banks.   READ MORE at WSJ
 

Tags: 

Proposal to Prevent Grid Attack Lacks Power, Critics Say

April 17, 2014

A year after gunfire knocked out a substation that funnels power to Silicon Valley, the U.S. government has promised to make power companies amp up protection of equipment vital to the electric grid.  Read full article at the WSJ

See original post

Tags: 

The Heartbleed Bug - What to Do Now

Websites that exchange sensitive information with users have, for many years now, secured the connection between a users browser and the web site by encrypting the information.  The system is called SSL for Secure Sockets Layer and TLS for Transport Layer Security and up until the begriming of 2012 the software that implemented these techniques, OpenSSL protected the information as it flowed over the  Internet by making it unreadable to anyone other than the intended recipient.  A programming mistake (A missing bounds check)  introduced into the software introduced a flaw in  a function of the TLS protocol called heartbeat.  

 

That flaw allowed a non-standard heartbeat command to return 64 KB or about 32 pages of text of unencrypted data.  In effect, the programming error allowed an attacker to access the very information that SSL/TLS was intended to protect.    Named for the heartbeat function that allows the data to be viewed by attackers, the bug has become known as Heartbleed.

Tags: 

Pages

Subscribe to Daniel Fishman RSS