Rubber fingertips to use with fingerprint-based authentication systems

988561_2_062416-IdentityPad-Passcode_standard

Mian Wei, a Chinese student at the Rhode Island School of Design, has created an experimental series of fake fingertips with randomly generated fingerprints that work with Apple and Android fingerprint authentication schemes, as well as many others. Read the rest

Student journalists: 5 days left to win a badge to NYC's Hackers on Planet Earth!

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1096-1

If you're a student journalist and want to attend HOPE XI, the Eleventh Hackers on Planet Earth conference (July 22-24, NYC) you can win free admission (and an interview with me!) by submitting an article about any of the topics come up at HOPE conferences! Get writing! Read the rest

How to protect the future web from its founders' own frailty

OrfnjkI
Earlier this month, I gave the afternoon keynote at the Internet Archive's Decentralized Web Summit, and my talk was about how the people who founded the web with the idea of having an open, decentralized system ended up building a system that is increasingly monopolized by a few companies -- and how we can prevent the same things from happening next time.

Google's version of the W3C's video DRM has been cracked

animation

Since 2013, the World Wide Web Consortium (W3C) has been working with the major browser companies, Netflix, the MPAA, and a few other stakeholders to standardize "Encrypted Media Extensions" (EME), which attempts to control web users' behavior by adding code to browsers that refuses to obey user instructions where they conflict with the instructions sent by video services. Read the rest

How it feels to be under DDoS attack

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1094

At this week's O'Reilly Velocity conference in Santa Clara, Artur Bergman, founder and CTO, told the story of how he got involved in starting a denial-of-service-resistant CDN -- a personal story about helping his old company cope with a titanic DDoS attack that brought it and its upstream provider to their knees. Read the rest

Misconfigured database exposes sensitive data for 154 million US voters

ElectoralCollege2012.svg.png

A new US voter database leak has exposed the addresses, estimated income, ethnicity, phone numbers, political affiliation, and voting history of 154 million Americans.

Read the rest

1 in 5 snoop on a phone belonging to a friend or loved one

hqdefault

In Snooping on Mobile Phones: Prevalence and Trends, a paper presented at SOUPS 16, computer scientists from UBC and the University of Lisbon show that a rigorous survey reveals that up to one in five people have snooped on a loved one or friend by accessing their phone. Read the rest

Don't let the government hack your computer. Tell Congress to stop changes to #Rule41.

Screen Shot 2016-06-21 at 4.48.28 PM
“The U.S. government wants to use an obscure procedure—amending a federal rule known as Rule 41— to radically expand their authority to hack,” the EFF says. “The changes to Rule 41 would make it easier for them to break into our computers, take data, and engage in remote surveillance.

Read the rest

One million machines, including routers, used to attack banks

ZyXEL_Prestige_600_series_20070304

Akamai's Ryan Barnett reports on two attacks against the service's financial customers last year: attackers used nearly 1m compromised systems to attempt to log in to users' accounts using logins and passwords from earlier breaches. Read the rest

W3C DRM working group chairman vetoes work on protecting security researchers and competition

drm-og-1

For a year or so, I've been working with the EFF to get the World Wide Web Consortium to take steps to protect security researchers and new market-entrants who run up against the DRM standard they're incorporating into HTML5, the next version of the key web standard. Read the rest

Who really hacked the DNC?

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1117

Earlier this week Crowdstrike, a security company hired by the Democratic National Committee, announced that the party's servers had been deeply penetrated by hackers working for the Russian government, who had made off with many sensitive files, including the DNC's Trump oppo research spreadsheet. Read the rest

Security economics: black market price of hacked servers drops to $6

5900608214_8c609f61e7_b (1)

A new Kaspersky report analyzes an online hacker marketplace called xDedic, where access to 70,000 hacked servers -- multiplayer game servers, billing servers, cellular/ISP servers, dating servers, betting servers, government and university servers -- in 173 countries can be bought for $6 and up. Read the rest

The forgotten blockbuster locksport competitions of the mid-Victorian era

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1104

Today, organizations like The Open Organisation of Lockpickers Worldwide support locksport with tools, educational materials, training and organized events, but in the Victorian era, locksmiths competed at expositions to show off their talents and show off the weaknesses of their competitors' wares. Read the rest

Intel x86s hide another CPU that can take over your machine (you can't audit it)

PIC12C508-HD
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.

Scanners let Oklahoma cops seize funds from prepaid debit cards without criminal charges

Department of Homeland Security image for ERAD

The Oklahoma Department of Public Safety has purchased several 'Electronic Recovery and Access to Data' devices to install in police cruisers for seizing funds from prepaid debit cards during roadside arrests.

Read the rest

"State of Surveillance" with Ed Snowden: Watch full episode of VICE on HBO free online

Edward Snowden shows VICE founder Shane Smith how to make a smartphone go black. Jake Burghart for VICE on HBO.

VICE on HBO's "State of Surveillance" with Edward Snowden is now available to stream for free on vicenews.com.

The episode is hosted by VICE founder Shane Smith and features an in-depth interview with Snowden.

Read the rest

Hacker puppets explain why malware and popups are still a thing online

animation

Gus the hacker puppeteer (previously) writes, "Most of us have a relative whose computer or phone is still a snake's nest of pop-ups and malware. The 'YOUR COMPUTER HAS A VIRUS, CLICK TO SCAN' attack is still a thing, 2016 though it may be. And there are enough people asking 'why do ads pop up (on my iPhone, computer, etc)' for that question to register on Google search autocomplete." Read the rest

More posts