Car information security is a complete wreck -- here's why

Sean Gallagher's long, comprehensive article on the state of automotive infosec is a must-read for people struggling to make sense of the summer's season of showstopper exploits for car automation, culminating in a share-price-shredding 1.4M unit recall from Chrysler, whose cars could be steered and braked by attackers over the Internet. Read the rest

"I hope the Chinese aren't collating the Ashley Madison data with their handy federal list of every American with a security clearance." -Bruce Sterling

-Bruce Sterling Read the rest

Chuck Wendig's Zeroes: a hacker technothriller in the War Games lineage

Chuck Wendig's new technothriller Zeroes is a hacker misfit tale in the lineage of War Games and Sneakers, true to the spirit (and often, the minutae) of security work, and exciting as hell to boot.

America's "worst voting machines" dropped in Virgina (at last)

AVS Winvote machines are so insecure that if they weren't hacked in the last election, "it was only because no one tried." Read the rest

Hilariously terrifying talk about security

In Not Even Close: The State of Computer Security, a talk given at the Norwegian Deveopers' Conference, Microsoft Research's James Mickens gave the most acerbic, funny, terrifying security talk I can remember seeing (and I've seen a lot of 'em!). Read the rest

Insurance monitoring dashboard devices used by Uber let hackers "cut your brakes" over wireless

UCSD computer scientist Stefan Savage and colleagues will present their work at Usenix Security: they were able to disable the brakes on a 2013 Corvette by breaking into a Mobile Devices/Metromile Pulse dongle, used by insurance companies to monitor driving in exchange for discounts on coverage. Read the rest

Come see me at Defcon!

I'm speaking at Defcon this weekend in Las Vegas: my talk, "Fighting Back in the War on General Purpose Computers," is tomorrow (Friday) at 11AM in track 3, followed immediately by a signing at the No Starch Press table in the Champagne Ballroom at the Paris hotel. Read the rest

Going to DEFCON? EFF's got your back

The Electronic Frontier Foundation always has a huge presence at Las Vegas's DEFCON, but this year, we're hosting our first-ever badge-hack contest! Read the rest

Self-aiming sniper rifle can be pwned over the Internet

The $13,000 Trackingpoint sniper rifle is vulnerable to wifi-based attacks that allow your adversary to redirect bullets to new targets of their choosing. Read the rest

Chrysler has to recall its cars due to security vulnerabilities

Chrysler, whose Jeep Cherokees were demonstrated to be vulnerable to Internet-based attacks on their steering and brakes (as well as radios, air conditioning and other systems) has recalled 1.4M cars due to software vulnerabilities. Read the rest

Once again: Crypto backdoors are an insane, dangerous idea

The Washington Post editorial board lost its mind and called on the National Academy of Sciences to examine "the conflict" over whether crypto backdoors can be made safe: the problem is, there's no conflict. Read the rest

Hackers can pwn a Jeep Cherokee from the brakes and steering to the AC and radio

A zero-day exploit for Jeep Cherokees allows hackers to control everything from the engine to the air-conditioning over the Internet, overriding the driver at the dashboard. Read the rest

UK schools' "anti-radicalisation" software lets hackers spy on kids

The spyware that Impero supplies to UK schools -- which searches kids' Internet use for "jihadi" terms -- uses "password" as its default password, and the company has threatened brutal legal reprisals against the researcher who repeatedly demonstrated their total security negligence. Read the rest

What horrible things did we learn about Hacking Team today?

The enormous dump of docs from cyber-arms-dealer Hacking Team continues to yield up details, like the time the company tried to sell spying tools to a death squad. Read the rest

What happened at yesterday's Congressional hearings on banning crypto?

Cryptographers and security experts gathered on the Hill yesterday to tell Congress how stupid it was to ban crypto in order to make it easier to spy on "bad guys." Read the rest

More posts