Martin Holst Swende maintains a free/open tool for testing software that uses the (notoriously flawed) Iclass Software, which is used by Inside Secure for its RFID-based access systems.
Now, Inside has sent Swende a legal threat, asserting that it holds a patent on the (again, flawed) Iclass algorithms, and that by implementing them in a test suite (and embarrassing Inside), he has violated the patent. They want him to erase the evidence of their incompetence.
In the world of “internet security”, where the sky is falling every other month, there is hardly much controversy any longer about full-disclosure email lists, exploitation frameworks and reverse engineering. Nowadays vendors, institutes and organizations offers bug bounties and competitions, and there is a high level of transparency regarding flaws and fixes, using a common rating system for vulnerabilities.
In “internet security”, all parties know that systems suffer from vulnerabilities, and if vendors are being forthcoming about vulnerabilities, users can take necessary steps to protect themselves from unnecessary risks. Controversy nowadays is generated by the sale of 0-days to private (and government) actors, since users are left as sitting ducks to those with enough money and resources.
In “internet security”, a vendor is given credit not for providing fail-safe invulnerable systems, but for responsible, accurate and timely security patches and advisories.
By contrast, the “physical security” scene appears about a decade behind, and I don’t believe this to benefit neither the customers, nor, in the long run, the vendors themselves.
Legal woes [Martin Holst Swende]
A new report from the US Copyright Office on Section 1201 of the Digital Millennium Copyright Act — a controversial law that bans breaking DRM, even for legitimate purposes — calls for sweeping, welcome changes to the DMCA.
Did you buy a useless $400 “smart” juicer and now feel the need to accessorize it with more extrusions from the Internet of Shit timeline? Then The Leaf from Teaforia is just the thing: it’s a tea-maker that uses DRM-locked tea-pods to brew tea in your kitchen so you don’t have to endure the hassle […]
Last October, the Dr Seuss estate used legal threats to halt a wildly successful crowdfunded Seuss/Star Trek mashup called “Oh, The Places You’ll Boldly Go,” whose contributors included comics legend Ty Templeton and Tribbles creator David Gerrold.
Although flagship smartphones are unlikely to adopt heavy-duty outer casing anytime soon, you can always prepare your device for the outdoors with a beefy case and and an external battery like this Nomad Tile Trackable PowerPack, available in the Boing Boing Store for $119.95.The Nomad Tile can fully recharge an iPhone 7 over three times […]
Even though credit cards now feature an EMV chip for securing transactions, they still have to include the magnetic strip for compatibility with older point of sale systems. Because of this, there’s no way for the chip’s new security capabilities to protect against card skimmers in the wild.How do you protect yourself from legacy-technology-induced fraud? […]
As the old saying goes, “You should sit in meditation for 30 minutes every day. Unless you are too busy, in which case you should meditate for an hour.” Since most of us have an endless list of things to do and people to see, carving out quiet time can feel impossible, especially when most […]