Hardware

Report: Thieves Can Hack and Disable Your Home Alarm System | WIRED

Wired’s Kim Zetter reports on (independent) reports by two researchers that show how home alarm setups can be hacked remotely, from as far away as 250 yards. The vulnerabilities could allow a malicious actor to suppress alarms or create multiple, false alarms that would render the system unreliable (and really annoying). Zetter profiles the work of Logan Lamb, a security researcher at Oak Hill Ridge National Lab who conducted independent research on  three top brands of home alarm systems made by ADT, Vivint and a third company that asked to remain anonymous. She also cites work by Silvio Cesare, who works for Qualys who studied common home alarm systems sold in Australia, including devices manufactured by Swann, an Australian firm that also sells its systems in the U.S. Both discovered a litany of similar problems, Zetter reports: The systems use radio signals to report when monitored doors and windows are opened, but fail to encrypt or authenticate the signals being […]

Continue Reading

EFF wants to make Wi-Fi routers more secure | theguardian.com

Home routers and wi-fi access points are the canaries in the coal mine for security on the Internet of Things. Simply put: they’re ubiquitous, Internet-connected and innocuous. Unlike mobile phones, wi-fi routers aren’t in your pocket – buzzing and ringing and demanding your attention. In fact, it’s safe to be that the vast majority of Internet users are concerned wouldn’t know how to connect- and log in to their router if they had to. But appearances can deceive. Broadband routers are, indeed, mini computers that run a fully featured operating system and are perfectly capable of being attacked, compromised and manipulated. We have already seen examples of modern malware spreading between these devices. In March, the security firm Team Cymru published a report (PDF) describing what it claimed was a compromise of 300,000 small office and home office (SOHO) wireless routers that was linked to cyber criminal campaigns targeting online banking customers. In January, […]

Continue Reading

Chinese Firm Claims To Hack Tesla Model S To Win Security Contest – chicagotribune.com

A mainland China security firm, Qihoo 360 Technology Co., claims it has found a way to hack into systems that control Tesla’s Model S sedan, controlling features like the door locks, car horn and sunroof even while the vehicle was being operated, according to a report by Bloomberg News. The hack was in response to a contest associated with the SysCan security conference in Beijing. As reported by The Security Ledger, that contest offered a $10,000 reward to anyone who could hack the Model S. Bloomberg reporter Ma Jie cited this post on the company’s Sina Weibo account as proof of the compromise. Tranlated (via Google), the post reads: “Our safety performance Tesla recently conducted a series of tests and found that the certificate can be used to unlock the remote control of the vehicle, whistle, flash and so on. And can open the sunroof while driving the vehicle. Tesla owners […]

Continue Reading

Is It Time For Customs To Inspect Software? | Veracode Blog

If you want to import beef, eggs or chicken into the U.S., you need to get your cargo past inspectors from the U.S. Department of Agriculture. Not so hardware and software imported into the U.S. and sold to domestic corporations. But a spate of stories about products shipping with malicious software raises the question: is it time for random audits to expose compromised supply chains? Concerns about ‘certified, pre-pwned’ hardware and software are nothing new. In fact, they’ve permeated the board rooms of technology and defense firms, as well as the halls of power in Washington, D.C. for years. The U.S. Congress conducted a high profile investigation of Chinese networking equipment maker ZTE in 2012 with the sole purpose of exploring links between the company and The People’s Liberation Army, and (unfounded) allegations that products sold by the companies were pre-loaded with spyware. Of course, now we know that such […]

Continue Reading

Apple And IBM: The Corporatization of Consumerization

Apple Computer has built up a brand so strong that it borders on being a cult. That is why it is jarring to realize that, at the end of the day, Steve Jobs’ baby is just another company that needs to make its numbers each quarter and keep Wall Street happy. The company’s announcement of an exclusive partnership with  IBM is just that: a reminder that Apple’s core business is business, and that the company has been sorely underperforming in a key market: the enterprise. Whatever its faults, IBM is flush with the very things that Apple lacks: the brand, technology, expertise and reach that puts enterprise technology buyers at ease. As we reported, IBM will offer mobile device management, security, data analytics and cross-platform integrations for Apple’s iPad and iPhone that leverage IBM’s cloud services. There will be IBM-managed offerings around mobile device activation, supply and management tailored to businesses. But the partnership is something more- […]

Continue Reading
1 67 68 69 70 71 100