Error 53: Apple remotely bricks phones to punish customers for getting independent repairs

7719907858_b2d469ba10_b

Iphone 6s that have been repaired by independent service centers are bricking themselves, seemingly permanently, with a cryptic message about "Error 53." Read the rest

Watch: how to make security tools for normal humans

Users_Are_People_Too

Another amazing Shmoocon talk is "Users Are People Too: How to Make Your Tools Not Suck for Humans," presented by two key people from Simply Secure, a nonprofit devoted to improving security tool usability (I am a volunteer advisor to Simply Secure). Read the rest

How to prepare to join the Internet of the dead

Online_No_One_Knows_Youre_Dead

In January 2015, security researcher and beloved, prolific geek Michael "Hackerjoe" Hamelin died in a head-on collision that also hospitalized his widow, Beth Hamelin. Read the rest

Videos of this year's Shmoocon talks, starting with Gershenfeld's talk on nonbinary computing

Keynote_Address

Shmoocon is a security conference that ranks with other top-tier events like Defcon, CCC, HOPE, Black Hat, etc: this year's talks are all on the Internet Archive for streaming or download. Read the rest

Vice now has a Securedrop for anonymous whistleblower docs

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x949

Securedrop is a robust, secure, anonymous system for whistleblowers to convey documents to news organizations, created by Aaron Swartz and taken up by the Freedom of the Press Foundation after his death. Read the rest

FBI's war on encryption is unnecessary because the Internet of Things will spy on us just fine

Reuters

The war on encryption waged by the F.B.I. and other intelligence agencies is unnecessary, because the data trails we voluntarily leak allow “Internet of Things” devices and social media networks to track us in ways the government can access.

That's the short version of what's in “Don’t Panic: Making Progress on the ‘Going Dark’ Debate,” a study published today by the Berkman Center for Internet and Society at Harvard.

Read the rest

Hackers release data from Fraternal Order of Police, largest U.S. police union

Fraternal Order of Police president says the union had called in security contractors to investigate, and the hack was traced to an IP address in the UK. Photo: Reuters

Sensitive electronic files from America’s biggest police union were posted online this week after a hacker breached the Fraternal Order of Police website. The ill-gotten dump includes officers' names and addresses, message board posts bashing Barack Obama, and details of eyebrow-raising contracts made between the union and city authorities.

Read the rest

Head of NSA's hacker squad explains how to armor networks against the likes of him

Rob-Joyce-NSA-TAO-582x435

Rob Joyce runs the NSA's Tailored Access Operations group, the spies who figure out how to hack systems, publishing a spook's version of the Skymall catalog, filled with software and hardware that other spies can order for use. Read the rest

Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts

5159177886_1276e96f54_b
Nitesh Dhanjani's 2015 O'Reilly book Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts is a very practical existence-proof of the inadequacy and urgency of Internet of Things security.

Health insurer loses 1m customers' health records

madmag

Despite the fact that it "takes the privacy and security of our members' information seriously," the health insurance company Centene can't find six unencrypted hard drives with 950,000 customers' private health data, addresses, dates of birth and social security data. Read the rest

Howto social-engineer someone's address and other sensitive info from Amazon

phone-call-plausible-fan-theory-ferris-bueller-was-all-in-cameron-s-head-jpeg-139386

Eric Springer is a former Amazon engineer and a heavy AWS user. He's posted a long, terrifying explanation of how identity thieves have been able to repeatedly extract his personal info from Amazon's customer service reps by following a simple script. Read the rest

A search-engine for insecure cameras, from baby-monitors to grow-ops

IoTSearchEngineShodanLaunchesNewWebcamImageFeed-1-640x361

Hackers have been compromising wireless baby-monitors since 2013, but the more popular they've become, the more vulnerable they've become, and the attacks just keep getting more terrible. Read the rest

Just look at this password-dispensing banana

animation

Just look at it. Read the rest

2015's worst password was 123456

shutterstock_58757608

SplashData's report on the most commonly-used passwords finds a number of traditional disastrously bad choices performing well: "123456" comes out on top, followed by "password".

Other popular choices this year were sports, like "football" and "baseball." And "starwars," a newcomer to the list, ranked as the 25th most popular breached password, probably thanks to excitement over the release of the newest movie in the franchise.

Passwords are the banes of our increasingly online lives: Nearly everything we sign up for needs a password, and creating a secure one can be a pain. Even when we come up with a good one, we always need more because reusing passwords can leave us exposed if a service we use gets breached.

Read the rest

Griefer hacks baby monitor, terrifies toddler with spooky voices

bf2a8163e6514603292138dfb61512d9

Remember how, back in September 2015, researchers revealed that virtually every "smart" baby-monitor they tested was riddled with security vulnerabilities that let strangers seize control over it, spying on you and your family? Read the rest

Clapper hacked: US Intelligence director’s personal e-mail and phone breached

1452619591884590

The same entity that claims to be behind a recent hack of CIA Director John Brennan's personal email now claims to be behind a breach of the accounts of Director of National Intelligence James Clapper. The Office of the Director of National Intelligence confirmed to Motherboard that Clapper had been targeted, and that the case has been forwarded to law enforcement.

Read the rest

Apple CEO Tim Cook demands Obama White House formally defend Americans' right to strong encryption

Tim Cook. Reuters, 2015

Jenna McLaughlin at The Intercept writes that Apple CEO Tim Cook “lashed out at the high-level delegation of Obama administration officials who came calling on tech leaders in San Jose last week.” 

Read the rest

More posts