Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
IOS

Submission + - Apple to attend Black Hat Security Conference for the first time (networkworld.com)

An anonymous reader writes: For the first time, Apple will officially be in attendance at the annual Black Hat security conference which is scheduled to run through Thursday of this week. This is a notable development for two reasons. First, Apple has never formally attended the conference. Two, many of the more prominent stories to emerge out of previous Black Hat events have centered on Apple security.

Representing Apple at the conference will be Apple platform security manager Dallas De Atley who is scheduled to deliver a speech on Thursday about the security technologies in iOS. Some have speculated that Apple's decision to attend the conference is rooted in their desire to make further inroads in the enterprise market while others believe it's a sign that Apple recognizes the growing importance of having a more open relationship with the hacker community at large.

Your Rights Online

Submission + - UK Judge "waters down" copyright claim letters to ISP customers (bbc.co.uk)

leptechie writes: A UK judge has decided adult-film production company Golden Eye can pursue illegal downloaders through UK ISP O2, but only after a watered-down version of their original complaint was approved by a judge, and includes references both to the rights of the accused and how to get help in their defence, including a starting point for building one:
'The final letter, a copy of which has been obtained by the BBC, reads: "In the event that you were not responsible for the infringing acts outlined above, for example, another member of your household was the user of the computer, you should make full disclosure to us of the other parties at your residence using your internet connection."'

Security

Submission + - Hacker Exposes Security Vulnerabilities In 4 Million Hotel Keycard Locks (forbes.com)

Sparrowvsrevolution writes: At the Black Hat security conference Tuesday, a Mozilla software developer and 24-year old security researcher named Cody Brocious plans to present a pair of vulnerabilities he’s discovered in hotel room locks from the manufacturer Onity, whose devices are installed on the doors of between four and five million hotel rooms around the world according to the company’s figures. Using an Arduino gadget Brocious built for less than $50, he can insert a plug into that DC port and sometimes, albeit unreliably, open the lock in a matter of seconds.

Brocious found that he can read the raw memory of the lock, including its cryptographic keys, by spoofing the portable programming device used to set master keys around a facility. Though the trick doesn't work in every case and still requires some tweaking, Brocious demonstrated it on at least one hotel room for a reporter, opening its door without a key.

Brocious's hacker ethics may come under some scrutiny: He didn't tell Onity about the vulnerability before publicizing it, and also sold the information for $20,000 to a law enforcement training firm.

Android

Submission + - Scan Android for Unpatched Vulnerabilities (net-security.org)

An anonymous reader writes: X-Ray scans your Android device to determine whether there are vulnerabilities that remain unpatched by your carrier. The X-Ray app presents you with a list of vulnerabilities that it is able to identify and allows you to check for the presence of each vulnerability on your device. X-Ray has detailed knowledge about a class of vulnerabilities known as “privilege escalation” vulnerabilities. Such vulnerabilities can be exploited by a malicious application to gain root privileges on a device and perform actions that would normally be restricted by the Android operating system.

Slashdot Top Deals

"I say we take off; nuke the site from orbit. It's the only way to be sure." - Corporal Hicks, in "Aliens"

Working...