Tag: patching

The Electronic Frontier Foundation is arguing that voice assistants should be allowed to be jailbroken, permitting security researchers to analyze their workings

EFF Seeks Right to Jailbreak Alexa, Voice Assistants

The Electronic Frontier Foundation (EFF) is asking the Library of Congress to give owners of voice assistant devices like Amazon’s Echo, Google Home and other voice assistants the right to “jailbreak” the devices: freeing them from content control features designed to prevent users from running unauthorized code on those platforms.  Spread the word!20shares1613

The insides of a Revolar device, one of three tested by DUO Security, which found wide discrepancies in the security of the personal safety wearables. (Image courtesy of DUO Security.)

Episode 81: Hacking IoT with Physics, Poor Grades for Safety Wearables and Peak Ransomware

Podcast: Play in new window | Download (Duration: 39:57 — 45.7MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast: researcher Kevin Fu of University of Michigan discusses his work on attacks that use physics to manipulate connected devices. Also: Mark Loveless of DUO discusses his research into how poor implementation of wireless protocols make personal security trackers a privacy risk. And have we seen peak ransomware? Adam Kujawa of the firm Malwarebytes joins us to talk about the findings of that company’s State of Malware Report. 

Intel told customers this week not to install patches it issued for the Meltdown and Spectre vulnerabilities in its processors.

Intel: Don’t Install Faulty Spectre, Meltdown Patches

In-brief: Intel has warned users not to install patches it released for the Spectre and Meltdown vulnerabilities in its processors, asking them to wait until it issues new software, which it’s working on now. Finding out your device has vulnerabilities is bad enough, but finding out the patched issued to fix them are “complete and utter garbage,” according to Linux creator Linus Torvalds, is even worse. This is what faced users of devices with Intel processors on Monday when Intel warned them not to install the patches the company already had released for the Spectre and Meltdown vulnerabilities. In a blog post, Navin Shenoy, Intel’s executive vice president and general manager of the Data Center Group, said the company had identified the root cause of a frequent-reboot problem that was affecting customers who’d installed its patches for these vulnerabilities. In the meantime, don’t install the patches nor tell customers or […]

We talk with PAS Global about a Chatham House report on the hacking risk to nuclear weapons.

Episode 79: Hackable Nukes and Dissecting Naughty Toys

Podcast: Play in new window | Download (Duration: 35:43 — 40.9MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast episode, the UK -based policy think tank Chatham House warned last week that aging nuclear weapons systems in the U.S., the U.K. and other nations are vulnerable to cyber attacks that could be used to start a global conflagration. We talk with Eddie Habbibi of PAS Global about what can be done to secure hackable nukes. Also: with CES raging in Las Vegas last week, we go deep with security researcher Jay Harris on flaws in connected toys being sold to children.