Our Boing Boing partner Cory Doctorow—activist and author of Chokepoint Capitalism, Attack Surface, and, of course, Little Brother, among other books—is interviewed in The New Yorker! The freewheeling and informative conversation with Christopher Byrd spans the "mediocre monopolists" of Big Tech, the salience of cyberpunk, the danger of pseudonymity, and his experience of Fingerspitzengefühl for computers. — Read the rest
Thangrycat is a newly disclosed vulnerability in Cisco routers that allows attackers to subvert the router's trusted computing module, which allows malicious software to run undetectably and makes it virtually impossible to eliminate malware once it has been installed.
A team led by Ang Cui (previously) — the guy who showed how he could take over your LAN by sending a print-job to your printer — have presented research at Defcon, showing that malware on your computer can poison your monitor's firmware, creating nearly undetectable malware implants that can trick users by displaying fake information, and spy on the information being sent to the screen.
Andrew Tierney had a close look at Heatmiser's popular wifi-enabled thermostat and found it to be riddled with security vulnerabilities.
A mediagenic press-release from Proofpoint, a security firm, announced that its researchers had discovered a 100,000-device-strong botnet made up of hacked "Internet of Things" appliances, such as refrigerators. The story's very interesting, but also wildly implausible as Ars Technica's Dan Goodin explains. — Read the rest
A Symantec researcher has discovered a worm that runs on embedded Linux systems, like those found in set-top boxes and routers. It's common for owners of these devices to forget about them, letting them run in the background for so long as they don't misbehave — and as a result, they are often out of date. — Read the rest
Here's a video of Ang Cui and Michael Costello's Hacking Cisco Phones talk at the 29th Chaos Communications Congress in Berlin.
One of the most mind-blowing presentations at this year's Chaos Communications Congress (28C3) was Ang Cui's Print Me If You Dare, in which he explained how he reverse-engineered the firmware-update process for HPs hundreds of millions of printers. Cui discovered that he could load arbitrary software into any printer by embedding it in a malicious document or by connecting to the printer online. — Read the rest