Mobile devices have without a doubt brought convenience to the masses, but that benefit comes at a high price for journalists, activists, and human rights workers who work in war-torn regions or other high-risk environments. Now, NSA whistleblower Edward Snowden has designed an iPhone accessory that could one day be used to prevent the devices from leaking their whereabouts.
On Saturday evening, during the Eleventh HOPE conference in New York City, three hackers released the final master key used by the Transportation Security Administration (TSA), which opens Safe Skies luggage locks.
The talk was given by DarkSim905, a lock enthusiast who heads the New Jersey chapter of TOOOL (The Open Organization of Lockpickers); Nite 0wl, a member of TOOOL from New York City; and Johnny Xmas, of RedLegg International's TradeCraft Labs.
Disaster stories involving the Internet of Things are all the rage. They feature cars (both driven and driverless), the power grid, dams, and tunnel ventilation systems. A particularly vivid and realistic one, near-future fiction published last month in New York Magazine, described a cyberattack on New York that involved hacking of cars, the water system, hospitals, elevators, and the power grid. In these stories, thousands of people die. Chaos ensues. While some of these scenarios overhype the mass destruction, the individual risks are all real.
It was a legal iTunes purchase that helped the feds nab Artem Vaulin, the alleged proprietor of KickassTorrents (KAT), the world’s biggest purveyor of illegal torrent files. The irony is almost too much to bear pointing out. But according to one lawyer familiar with the ins and outs of copyright infringement, the case could have sweeping repercussions on how torrents are regulated.
In December of 1967 the Silver Bridge collapsed into the Ohio River, killing 46 people. The cause was determined to be a single 2.5 millimeter defect in a single steel bar—some credit the Mothman for the disaster, but to most it was an avoidable engineering failure and a rebuttal to the design philosophy of substituting high-strength non-redundant building materials for lower-strength albeit layered and redundant materials. A partial failure is much better than a complete failure.
The culmination of the world’s first tournament of automated computer security systems is set to take place in Las Vegas, Nevada on August 4. The Cyber Grand Challenge (CGC) will be hosted by DARPA (Defense Advanced Research Projects Agency) in the Paris Hotel, where seven security teams will put their automated systems to the test for a chance to win almost $4 million in prizes.
A team of three researchers went so far as to search and discover a PHP zero-day so they could hack PornHub as part of its official bug bounty program.
The path the three took to hack PornHub is something not usually seen in regular security research. Because PornHub servers were somewhat secure from common attack vectors, the researchers were forced to get creative with their attack routine.
According to noted industry blogger Evan Blass, Apple is planning to announce its next-generation iPhone lineup at a special event scheduled for the week of Sept. 12, in line with its usual fall launch cycle.
Blass, whose sources have in the past provided accurate information on upcoming smartphone releases, posted the rumor to Twitter without attribution late Friday. Apple traditionally announces iPhone releases in September — iPhone 6s debuted last year on Sept. 9 — so the guess is a safe one.
Google today announced that it has open-sourced Omnitone, a piece of software that developers can use to incorporate spatial audio into websites. The software is available now on GitHub under an Apache license.
To give people a sense of what’s possible Google has also posted two videos featuring spatial audio to demonstrate what’s possible with Omnitone.
The US National Institute for Standards and Technology (NIST) has released the latest draft version of the Digital Authentication Guideline that contains language hinting at a future ban of SMS-based Two-Factor Authentication (2FA).
The Digital Authentication Guideline (DAG) is a set of rules used by software makers to build secure services, and by government and private agencies to assess the security of their services and software.
NIST experts are constantly updating the guideline, in an effort to keep pace with the rapid change in the IT sector.