Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Hardware Hacking

Submission + - Flash an iPhone too many times and make an iBrick (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "After the various success that users have had with unlocking their iPhones and using them across the globe, early reports are suggesting that there might be a hard limit to how many times the iPhone can be unlocked, essentially making it an iBrick.

With the developers/hackers keeping a close eye on things in the hackint0sh forums, it seems that a patch will be made available in the next day or so to overcome this stumbling block for end users."
Space

Submission + - French Threat to ID Secret US Satellites (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "Space.com has reported that the French have identified numerous objects in orbit that do not appear in the ephemeris data reported by the US Space Surveillance Network. Since the US has claimed that if it doesn't appear in the ephemeris data, then it doesn't exist, and the French claim that at least some of the objects have solar arrays, it seems that the French have found secret US satellites.

While the French don't plan to release the information publicly, they are planning to use it as leverage to get the US to suppress reporting of sensitive French satellites in their published ephemeris.

The Graves surveillance radar (the French system) and a comparable German system may form the basis of a pan-European Space Surveillance network — another system that the Europeans don't want to rely on the US for."
Security

Submission + - Hacked Bank of India Site Labelled Trustworthy (beskerming.com) 1

Submitted by
SkiifGeek
SkiifGeek writes: "When the team at Sunbelt Software picked up on a sneaky hack present on the Bank of India website, it became a unique opportunity to see how the various anti-phishing and website trust verification tools were handling a legitimate site that had been attacked.

Unfortunately, the results showed that not one of the sites or tools identified that the Bank of India website was compromised and serving malware to all visitors. This isn't the first time that trust verification sites have had trouble identifying web content, with noted web application researcher RSnake recently taking umbrage at the classification that SiteAdvisor applies to his site."
Security

Submission + - Broken Trust Brokers and the Bank of India Hack (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "Via the blog at Sunbelt Software comes news of a serious hack of the Bank of India website, where the homepage was turned into a malware-installfest (more than 20 individual malware specimens, according to Sunbelt) as the result of a hidden iframe that loads immediately after the body tag.

While it isn't the first time that a major site has been attacked in such a manner, the fact that it is still live after all this time, and the major online Trust Brokers have not picked up on the hack is a damning example of the fatal weaknesses that these initiatives are almost all burdened with."
Windows

Submission + - Windows Vista SP 1 Slips to 2008 (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "Microsoft have now announced that Windows Vista Service Pack 1 is expected to be released in Quarter 1 of 2008, instead of late 2007 as had previously been suggested.

For people who can't wait for an indeterminate date in Q1 2008, there are other options available to see what is likely to be available in SP 1."
Security

Submission + - German Government Hacked by Chinese (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "The Times is just one of many news sources reporting on a series of network penetrations affecting the German Government that were first detected in May this year. Believed to have originated from China, this means that Germany joins the UK and the US as having publicly acknowledged that government / military networks have been successfully attacked by Chinese hackers.

Setting these breaches apart, though, is an apparent willingness of the German government to confront China over the incident.

Publicly reporting the network breach two weeks after restrictive computer security laws came into effect could be seen by some as ironic."
Privacy

Submission + - Bugging Catches up to SIP Phones (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "After news at the end of last year that mobile phones could be remotely eavesdropped, and there being a long history of remote eavesdropping possible on normal telephones, it was only a matter of time until VoIP devices were found to have the same capability (whether intentional or not).

In the last week there have been several exploit code releases and it seems that some vendors who chose to write their own SIP networking stacks are at risk of their devices being easily eavesdropped on."
Privacy

Submission + - Some VoIP Handsets Vulnerable to Remote Eavesdrop (beskerming.com) 1

Submitted by
SkiifGeek
SkiifGeek writes: "After news at the end of last year that mobile phones could be remotely eavesdropped, and there being a long history of remote eavesdropping possible on normal telephones, it was only a matter of time until VoIP devices were found to have the same capability (whether intentional or not).

In the last week there have been several exploit code releases and it seems that some vendors who chose to write their own SIP networking stacks are at risk of their devices being easily eavesdropped on. Now anybody can pretend to be a spy or their favourite TLA / LEO, right from the comfort of their computer chair.

These capabilities might be related to legislation such as CALEA, but it is more likely that it is a case of errors in development leading to this unexpected behaviour."
Security

Submission + - Listening to SIP Devices Still on the Hook (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "Though not as risky as writing your own TCP/IP networking stack, it appears that some vendors who chose to write their own SIP networking stacks are at risk of their devices being easily eavesdropped on. Newly released information, complete with sample exploit code, points to at least one vendor where this is the case — where it is possible to activate a SIP handset even when it is on the hook.

Now anybody can pretend to be a spy or their favourite TLA / LEO, right from the comfort of their computer chair (repercussion for illegal activity will be different for you, though)."
Security

Submission + - Strict German Computer Crime Law Now in Effect (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "With little fanfare, section 202c of the German computer crime laws came into effect over the weekend. Worryingly for Security professionals, the laws make the mere possession of (creates, obtains or provides access to, sells, yields, distributes or otherwise allows access to) many useful tools illegal. A similar law was proposed for the UK, however it was modified prior to passing through parliament due to the outcry from the industry.

Phenoelit, KisMAC, the CCC, and the Month of PHP Bugs are just some of the relatively high profile projects and groups to have already taken measures to remove or modify content under this law."
Space

Submission + - Spirit Outlasts Viking 2 Lander

Submitted by
ScottMaxwell
ScottMaxwell writes: "Spirit, the Mars rover designed for a 90-day mission, has now outlasted the Viking 2 lander. Viking 2 survived until its 1281st sol (Martian day); Spirit is now on sol 1282 and counting. Assuming both rovers continue to weather the ongoing dust storms, Spirit's sister, Opportunity, will reach the same age in a few weeks. They aren't breathing down the neck of the all-time record just yet, though — the Viking 1 lander lasted 2245 sols on the surface of Mars; Spirit and Opportunity won't break that record for another 2.7 Earth years."
Security

Submission + - German InfoSec Industry in the Mist (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "The German law that makes it illegal to create, own, distribute, or use 'hacking tools' has now come into effect. Groups such as Phenoelit have stopped all German-based activity, while the CCC has taken a more humorous approach to the problem. Recent activity has seen the sample exploit code that accompanied the Month of PHP Bugs taken offline.

Although the law has yet to be used in a real case, it seems that a number of concerned groups are not taking the risk, and the German Information Security industry faces an uncertain future."
Security

Submission + - $162 Million to Stop Aussies Looking at Porn (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "Considered part of the campaigning for this year's Federal election in Australia, the Australian Prime Minister, John Howard, announced a $162 million USD plan to protect Australian Internet users against various Internet nasties, including porn, during a web video address to a number of Australian churches. The address was also joined by the leader of the Opposition, which suggests that the proposed plan will be left in place if they succeed in taking power later this year.

With plans to provide free internet filtering software for families, more funds for online predator detection, opportunities to lean on ISPs to stop allowing access to objectionable content, and a working group to work out ways around the privacy protection enjoyed by predators (but apparently not by the people they are supposed to protect), it is likely to become a $162 million dollar black hole, for a number of reasons."

Slashdot Top Deals

With your bare hands?!?

Close