checkoway

The Equation Group's sourcecode is totally fugly

With the leak of exploits developed by The Equation Group, the long-secret, NSA-adjacent super-elite hacking squad -- published by The Shadow Brokers, who have some extremely heterodox theories about auction design -- it's now possible to audit the source code of some of the NSA's crown-jewel cyberweapons. Read the rest

Juniper's products are still insecure; more evidence that the company was complicit

It's been a month since Juniper admitted that its firewalls had back-doors in them, possibly inserted by (or to aid) US intelligence agencies. In the month since, Juniper has failed to comprehensively seal those doors, and more suspicious information has come to light. Read the rest

Macbook webcams can be remotely activated without any sign

In a paper called iSeeYou: Disabling the MacBook Webcam Indicator LED, security researchers Matthew Brocker and Stephen Checkoway explained a method for remotely operating the Isight webcam in Apple's Macbook laptops. Recent stories indicated that the FBI had this capability, but it's the first indication of how the trick is attained (the researchers reprogrammed the embedded controller in the webcam). They supplied the Washington Post with details and proof-of-concept software. The technique was applied to older model Macbooks, but there's no reason to suspect this wouldn't work against recent machines and machines made by other manufacturers. Read the rest

:)