The IP Box costs less than £200 and can guess all possible four-digit passwords in 111 hours.
The device bypasses the secure wipe triggered by ten bad guesses by "aggressively cutting the power after each failed PIN attempt, but before the attempt has been synchronized to flash memory."
Further research suggests this could be the issue detailed in CVE-2014-4451 but this has yet to be confirmed. We plan to test the same attack on an 8.2 device and will update with our progress. In the mean time, our advice to all is ensure you have a sufficiently complex password applied to your device rather than a PIN.
Apple iOS Hardware Assisted Screenlock Bruteforce [Mdsec]
Snap a picture of a key and Key Me will turn it into a working metal key: just a reminder that locks probably aren’t as secure you imagine. (via Schneier)
Are you a security researcher planning to present at Black Hat, Defcon, B-Sides or any of this summer’s security events? Are you worried a big corporation or the government might attack you for revealing true facts about the defects in the security systems we entrust with our safety, privacy and health?
In 2012, Google introduced Certificate Transparency, an internet-wide tripwire system designed to catch cryptographic “certificate authorities” who abused their position to produce counterfeit credentials that would allow criminals, governments and police to spy on and tamper with secure internet connections.
The current web development landscape is rife with buzzwords and technology that gets abandoned almost as soon as it’s made. If you’ve never written a line of code before, it can be hard to figure out what’s coming, what’s here to stay, or how to get ahead.This Beginner Web Development Bundle is a great place […]
The Fader Stealth Quadcopter from TRNDlabs packs incredible flight performance into a package small enough to land on your phone screen, and it’s available now in the Boing Boing Store.The Fader’s six-axis gyroscope module gives it perfect balance in the air. This makes the onboard 720p HD camera all the better for shooting amazing flight […]
Although fully autonomous vehicles aren’t yet allowed on public streets, they are poised to dominate the roads in the not-too-distant future. But before that happens, Apple, Google, Uber, and other companies now investing in self-driving tech are going to need talented developers that can account for the dizzying array of factors at play when a […]