news

A Guide to Internet of Things Standards | Computerworld

From Colin Neagle over at Computerworld: a run-down of emergent IoT standards – a list that has suddenly become rather long. From his article: “The complexity of these standardization efforts has evoked comparisons to the VHS and Betamax competition in the 1980s. Re/Code’s Ina Fried wrote, “there’s no way all of these devices will actually be able to all talk to each other until all this gets settled with either a victory or a truce.” In the meantime, we’re likely to see some debate among the competing factions. “If this works out at all like past format wars, heavyweights will line up behind each different approach and issue lots of announcements about how much momentum theirs are getting,” Fried wrote. “One effort will undoubtedly gain the lead, eventually everyone will coalesce and then, someday down the road, perhaps all these Internet of Things devices will actually be able to talk to […]

Continue Reading

Report: Thieves Can Hack and Disable Your Home Alarm System | WIRED

Wired’s Kim Zetter reports on (independent) reports by two researchers that show how home alarm setups can be hacked remotely, from as far away as 250 yards. The vulnerabilities could allow a malicious actor to suppress alarms or create multiple, false alarms that would render the system unreliable (and really annoying). Zetter profiles the work of Logan Lamb, a security researcher at Oak Hill Ridge National Lab who conducted independent research on  three top brands of home alarm systems made by ADT, Vivint and a third company that asked to remain anonymous. She also cites work by Silvio Cesare, who works for Qualys who studied common home alarm systems sold in Australia, including devices manufactured by Swann, an Australian firm that also sells its systems in the U.S. Both discovered a litany of similar problems, Zetter reports: The systems use radio signals to report when monitored doors and windows are opened, but fail to encrypt or authenticate the signals being […]

Continue Reading

CNN App Leaks Passwords Of Citizen Reporters

As camera-equipped mobile phones have proliferated in recent years, CNN pioneered the crowd sourcing of news with its highly successful and much-imitated iReport program. But aspiring iReporters would do well to hold off submitting their stories using CNN’s mobile application for the iPhone – at least for a few days.   According to a report from the security firm zScaler, the CNN App for iPhone fails a basic security test: failing to encrypt traffic sent to and from the application, including a user’s login and password. The flaw, which was only found in the CNN App for iPhone, could allow an iReporter’s account to be compromised, giving strangers access to any stories they have submitted to the news network. CNN senior director of public relations Matt Dornic acknowledged the flaws and said that CNN has updated the application and will be submitting it to Apple as soon as possible. According to a […]

Continue Reading

EFF wants to make Wi-Fi routers more secure | theguardian.com

Home routers and wi-fi access points are the canaries in the coal mine for security on the Internet of Things. Simply put: they’re ubiquitous, Internet-connected and innocuous. Unlike mobile phones, wi-fi routers aren’t in your pocket – buzzing and ringing and demanding your attention. In fact, it’s safe to be that the vast majority of Internet users are concerned wouldn’t know how to connect- and log in to their router if they had to. But appearances can deceive. Broadband routers are, indeed, mini computers that run a fully featured operating system and are perfectly capable of being attacked, compromised and manipulated. We have already seen examples of modern malware spreading between these devices. In March, the security firm Team Cymru published a report (PDF) describing what it claimed was a compromise of 300,000 small office and home office (SOHO) wireless routers that was linked to cyber criminal campaigns targeting online banking customers. In January, […]

Continue Reading

Chinese Firm Claims To Hack Tesla Model S To Win Security Contest – chicagotribune.com

A mainland China security firm, Qihoo 360 Technology Co., claims it has found a way to hack into systems that control Tesla’s Model S sedan, controlling features like the door locks, car horn and sunroof even while the vehicle was being operated, according to a report by Bloomberg News. The hack was in response to a contest associated with the SysCan security conference in Beijing. As reported by The Security Ledger, that contest offered a $10,000 reward to anyone who could hack the Model S. Bloomberg reporter Ma Jie cited this post on the company’s Sina Weibo account as proof of the compromise. Tranlated (via Google), the post reads: “Our safety performance Tesla recently conducted a series of tests and found that the certificate can be used to unlock the remote control of the vehicle, whistle, flash and so on. And can open the sunroof while driving the vehicle. Tesla owners […]

Continue Reading
1 66 67 68 69 70 76