Hasta La Gadget!

Remember Firesheep? Well, the cookie snatching Firefox extension now has a more portable cousin called FaceNiff. This Android app listens in on WiFi networks (even ones encrypted with WEP, WPA, or WPA2) and lets you hop on to the accounts of anyone sharing the wireless connection with you. Right now it works with Facebook, Twitter, YouTube, and Nasza-Klasa (a Polish Facebook clone), but developer Bartosz Ponurkiewicz promises more are coming. You’ll need to be rooted to run FaceNiff — luckily, we had such a device laying around and gave the tap-to-hack app a try. Within 30 seconds it identified the Facebook account we had open on our laptop and had us posting updates from the phone. At least with Firesheep you had to sit down and open up a laptop, now you can hijack Twitter profiles as you stroll by Starbucks and it’ll just look like you’re sending a text message (but you wouldn’t do that… would you?). One more image and a video are after the break.

Continue reading FaceNiff makes Facebook hacking a portable, one-tap affair (video)

FaceNiff makes Facebook hacking a portable, one-tap affair (video) originally appeared on Engadget on Thu, 02 Jun 2011 02:28:00 EDT. Please see our terms for use of feeds.

Permalink   |  FaceNiff  | Email this | Comments

What’s better than a seasoned crime fighter? How about a seasoned crime fighter packing a 300,000-volt punch? A new prototype stun-glove is poised to make such Robocop-inspired dreams a reality, integrating a non-lethal taser, LED flashlight, and laser guided video camera into a fetching piece of futuristic armor. Activated by pulling out a grenade-like pin and palming an embedded finger pad, the Armstar BodyGuard 9XI-HD01 sparks a loud and visible arc of electricity between its wrist-mounted taser spikes, a sight that inventor David Brown hopes will encourage would-be crooks to surrender. The gauntlet’s hard plastic shell is even roomy enough to add GPS equipment, biometrics, chemical sensors, or other embedded additions, as needed. The first batch of pre-production superhero gloves will hit the streets of LA later this year for testing and evaluation. Need more? Check out the via to see Kevin Costner (what field of dreams did he walk out of?) take the edge off this shocker in a surprisingly dull video.

BodyGuard stun-glove leaps out of comic books, into the arms of LA Sheriff’s Department originally appeared on Engadget on Wed, 01 Jun 2011 10:01:00 EDT. Please see our terms for use of feeds.

Permalink Popular Science  |  Armstar, PDF  | Email this | Comments

Preconceptions aside, Apple products do occasionally spread viruses, and not just the biological kind, which is why Cupertino saw fit to equip Mac OS X 10.6 Snow Leopard with a quarantine function to safely set malware aside. This week, however, Apple’s kicking those digital white blood cells into high gear, updating that quarantine list daily with a new background process. The company’s primarily got its crosshairs on the recent MacDefender scare, of course, but on the off-chance malware starts coming out of the woodwork, it sounds like you won’t have to wait for a formal security update to be forewarned of the dangers. If privacy’s your primary concern, however, you can also opt-out — take a gander at our source links to see how it’s done.

[Thanks, Jake]

Apple cracks down on MacDefender, prevents malware downloads with daily quarantine list originally appeared on Engadget on Wed, 01 Jun 2011 08:22:00 EDT. Please see our terms for use of feeds.

Permalink   |  Apple (1), (2)  | Email this | Comments

Well, the Pentagon is finally fed up with hackers picking on its buddies and foreign intelligence taking shots at its computer systems, and has decided that such cyber attacks can constitute an act of war. Of course, the powers that be won’t be bombing you for simply sending them some spyware, but attempts to sabotage US infrastructure (power grids, public transit, and the like) may be met with heavy artillery. It’s unclear how our government will identify the origin of an attack or decide when it’s serious enough to start shooting, but Uncle Sam is looking to its allies to help create a consensus answer for those questions. The retaliatory revelation is a part of the Pentagon’s new cyber strategy that’ll be made public in June — so saboteurs beware, your next internet incursion might get you an ICBM in your backyard.

Pentagon says cyber attacks are acts of war: send us a worm, get a missile in return? originally appeared on Engadget on Tue, 31 May 2011 14:43:00 EDT. Please see our terms for use of feeds.

Permalink   |  Wall Street Journal  | Email this | Comments

The Skype forums are a hive of panic and abuzz with accusations that either the company is bundling crapware with its VoIP app or has a serious security problem. Users are reporting that a strange, new, and difficult to uninstall program is finding its way on to their PCs called EasyBits GO. EasyBits is the company that has powered Skype’s games channel since 2006, but at least until now its wares have not been standalone software. One moderator has declared EasyBits Go is not part of Skype and suggested customers immediately run a malware scan, but mods are volunteers and not official representatives of the company, so we’re taking it with a grain of salt. Another (later) post from a forum admin simply states that Skype is looking into the issue and will release an official statement, though we have no idea when that might actually happen and we’re awaiting reply to our own request for comment.

It appears that a rep from EasyBits Media has taken to the forums to quell some of the outrage, but to no avail. Posts from the team are painfully vague, saying that it was part of an update to the gaming platform and apologizing for the misunderstanding, before linking directly to an .exe that it claims will remove the offending software. To say that forum users are wary of the executable would be an understatement (most responses have involved torrents of profanity). Reports are that the suspicious app is installing itself without any approval from users, but we can’t confirm this since any attempts to install in our lab of doom resulted only in errors while downloading. For now, we’ll just have to wait for word from Skype, and the company better move quick — the pain of the recent outage is still fresh in many customers’ minds.

Update: Skype has officially confirmed that EasyBits GO was erroneously added to its installer, and says that the buggy update has been disabled for now. Strangely, the official blog suggests that disabling the software is a temporary measure, and that it might reappear soon, as Skype will “work with them to correct the problems and user experience” that led to user qualms.

[Thanks to everyone who sent this in]

Skype taken to task by angry users over claimed crapware payload (update: disabled for now) originally appeared on Engadget on Sun, 29 May 2011 19:37:00 EDT. Please see our terms for use of feeds.

Permalink   |  Skype Forums (1), (2), Avast Forums, Skype  | Email this | Comments