Mar 31

PS3 firmware 3.21 is out: say goodbye to ‘install other OS’

Posted in: firmware, hack, Hacks, Linux, playstation, playstation 3, Playstation3, ps3, security, sony, Today's Chili

Just a tad ahead of schedules — perhaps as a macabre assurance this isn’t some April 1st joke — firmware 3.21 for the PS3 is now being seeded to anyone who tries to log onto the PlayStation Network. As far as we can tell, all the update seems to do is remove the “install other OS” option and kill access to anyone who does have another platform dual-booted. Just a friendly reminder, if you fall into that category, be sure to either backup your partition or wait for Geohot to find a workaround.

[Thanks to everyone who sent this in]

PS3 firmware 3.21 is out: say goodbye to ‘install other OS’ originally appeared on Engadget on Wed, 31 Mar 2010 23:48:00 EST. Please see our terms for use of feeds.

Permalink   |   | Email this | Comments

No Comments
Mar 30

Windows 7 is safer when the admin isn’t around

Posted in: Hacks, Microsoft, operating system, OperatingSystem, os, OsX, research, security, Software, stats, Today's Chili, Windows, windows 7, Windows7

Not that we necessarily needed a report to tell us this, but the fewer privileges you afford yourself as a Windows user, the more secure your operating system becomes. Such is the conclusion of a new report from BeyondTrust, a company that — surprise, surprise — sells software for “privileged access management.” The only way we use Windows 7 is as admins and we’ve never had a moment’s bother, but some of you like stats, and others among you might be involved in business, which tends to make people a little more antsy about these things. So for your collective sake, let there be pie charts! The report looks into vulnerabilities disclosed by Microsoft during 2009 and concludes that all 55 reported Microsoft Office issues and 94 percent of the 33 listed for IE could be prevented by simply running a standard user account. Or using better software, presumably. Hit the PDF source for more info — go on, it’s not like you have anything better to do while waiting for the Large Hadron Collider to go boom.

Windows 7 is safer when the admin isn’t around originally appeared on Engadget on Tue, 30 Mar 2010 06:44:00 EST. Please see our terms for use of feeds.

Permalink CNET  |  sourceBeyondTrust (PDF)  | Email this | Comments

No Comments | Tags:
Mar 29

Symantec names Shaoxing, China as world’s malware capital

Posted in: hacking, security, Today's Chili
It’s not the sort of title any city’s looking for, but Symantec has now given Shaoxing, China the dubious honor of being the world’s malware capital, saying that it accounts for more targeted attacks than any other city. In fact, the company found that while close to 30 percent of all malicious attacks came from China (making it the number one country), 21.3 percent came just from Shaoxing. It was followed by Taipei at 16.5 percent, and London at 14.8 percent. Following China in the country rankings is Romania with 21.1 percent of attempted attacks (most of those are said to be commercial fraud), and the United States at 13.8 percent. That’s actually just part of a larger report by Symantec’s MessageLabs division, which details everything from the most common types of email attachments (.XLS and .DOC are neck and neck for the lead) to the percentage of emails that contain a virus of phishing attack (one in 358.3 and one in 513.7, respectively). Dive into the PDF linked below for the complete details.

Symantec names Shaoxing, China as world’s malware capital originally appeared on Engadget on Mon, 29 Mar 2010 06:41:00 EST. Please see our terms for use of feeds.

Permalink Times Online  |  sourceSymantec MessageLabs (PDF), Press Release  | Email this | Comments

No Comments | Tags:
Mar 28

Victorinox Secure Pro USB drive is ‘un-hackable,’ can file your nails

Posted in: flash drive, FlashDrive, security, Today's Chili, usb drive, UsbDrive
This isn’t the first USB drive / Swiss army knife we’ve seen from Victorinox, but the company’s new Secure Pro drive is the first that is supposedly “un-hackable.” To put that claim to the test, Victorinox actually offered a £100,000 prize to a team of “professional hackers” if they could crack the drive during the company’s launch event — they were unable to do so. That un-hackableness apparently comes primarily from the drive’s combination of AES256 technology and fingerprint security, which is paired with (get this) a self-destruct mechanism that irrevocably burns the CPU and memory chip if there’s any attempt to force the drive open. All that and a pair of scissors — how can you go wrong? No word on a release over here just yet, but the drive is now available in the UK in capacities from 8GB to 32GB for between £50 and £180 (or about $75 to $270).

[Thanks, Nikolas R]

Victorinox Secure Pro USB drive is ‘un-hackable,’ can file your nails originally appeared on Engadget on Sun, 28 Mar 2010 03:07:00 EST. Please see our terms for use of feeds.

Permalink   |  sourceRealwire  | Email this | Comments

No Comments
Mar 25

iPhone SMS database hacked in 20 seconds, news at 11

Posted in: Apple, hack, hacking, iPhone, Mac, security, Today's Chili

It’s a story tailor-made for the fear-mongering subset of news media. This week, a pair of gentlemen lured an unsuspecting virgin iPhone to a malicious website and — with no other input from the user — stole the phone’s entire database of sent, received and even deleted text messages in under 20 seconds, boasting that they could easily lift personal contacts, emails and your naughty, naughty photos as well. Thankfully for us level-headed souls, those gentlemen were Vincenzo Iozzo and Ralf-Philipp Weinmann, security researchers performing for the 2010 Pwn2Own hacking contest, and their $15,000 first prize ensures that the winning formula will go to Apple (and only Apple) for further study. Last year, smartphones emerged from Pwn2Own unscathed even as their desktop counterparts took a beating, but this makes the third year in a row that Safari’s gotten its host machines pwned. That said, there’s no need for fear — just a healthy reminder that the Apple logo doesn’t give you free license to click links in those oh-so-tempting “beta-test the new iPad!” emails.

iPhone SMS database hacked in 20 seconds, news at 11 originally appeared on Engadget on Thu, 25 Mar 2010 02:36:00 EST. Please see our terms for use of feeds.

Permalink TUAW  |  sourceZDNet  | Email this | Comments

No Comments | Tags:
Mar 19

Charlie Miller to reveal 20 zero day security holes in Mac OS X

Posted in: Apple, hack, Mac, operating system, OperatingSystem, os x, OsX, security, Software, Today's Chili

Say, Charles — it’s been awhile! But we’re pleased as punch to see that you’re back to your old ways, poking around within OS X’s mainframe just looking for ways to remotely control the system, snag credit card data and download a few interoffice love letters that are carefully stashed 15 folders down within ‘Documents.’ The famed Apple security expert is planning yet another slam on OS X at CanSecWest, where he’ll reveal no fewer than 20 zero day security holes within OS X. According to Miller, “OS X has a large attack surface consisting of open source components, closed source third-party components and closed source Apple components; bugs in any of these types of components can lead to remote compromise.” He also goes on to reemphasize something he’s been screaming for years: “Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town.” In other words, Apple users are “safer” (due to the lack of work that goes into hacking them), “but less secure.” So, is this a weird way of applying for a security job in Cupertino, or what?

Charlie Miller to reveal 20 zero day security holes in Mac OS X originally appeared on Engadget on Fri, 19 Mar 2010 09:29:00 EST. Please see our terms for use of feeds.

Permalink Inquirer  |  sourceH-Online  | Email this | Comments

No Comments | Tags:
Mar 18

Texas Car Salesman Disables 100+ Cars, Gets Arrested

Posted in: gps, security, Today's Chili

Tow_Truck_Wikimedia.jpg

Police in Austin, Texas have arrested 20-year-old Omar Ramos-Lopez on the belief he remotely disabled over 100 vehicles sold through his former car dealership, according to Tom’s Guide.
Texas Auto Center apparently uses a Web-based vehicle immobilization system to remind customers late on their car payments that they’re delinquent. The dealership installs a small black box under the dashboard that communicates with a central Web site, the report said.
Ramos-Lopez is believed to have broken into the system via another employee’s account and disabled over 100 cars after being laid off. He also set many of the cars to honk their horns repeatedly. Many owners became stranded, or woken up late at night by the car horn and being forced to disconnect the battery.
Police tracked Ramos-Lopez to his home via his AT&T internet service IP address, according to the report. And here we thought car dealers were a shady bunch to begin with. (Image credit: Wikimedia Commons)
No Comments | Tags: ,
Mar 18

Disgruntled auto salesman bricks cars with remote kill-switch

Posted in: car, hack, hacking, Hacks, privacy, security, Today's Chili

Over the years, a number of optional technologies have allowed new auto buyers to remotely disable and / or recover their vehicles after purchase, but these devices aren’t always optional, and it might not even be the buyer who activates them. According to Threat Level, a man has been charged in Austin, Texas for allegedly hacking into the computer of his employer, Texas Auto Center, and activating WebTeck remote horn triggers and kill devices installed in over 100 cars owned by the company’s customers — all from the comfort of home. After Texas Auto Center reset the offending software’s passwords and figured out what’s what, the Austin High Tech Crime Unit quickly traced access back to one Omar Ramos-Lopez and made an arrest — but for many, the damage (in terms of missed work, school and tow-truck calls) had already been done. Care to form an opinion? Read more about the crime, and WebTeck, at our source links.

Disgruntled auto salesman bricks cars with remote kill-switch originally appeared on Engadget on Thu, 18 Mar 2010 06:15:00 EST. Please see our terms for use of feeds.

Permalink   |  sourceThreat Level, Pay Technologies  | Email this | Comments

No Comments | Tags: ,
Mar 17

Check that Netbook Quickly with Mobile Edge

Posted in: netbook, security, Today's Chili

MobileEdge.jpgNetbook owners, now you too can get through the airport security line a little faster. Mobile Edge has just expanded its line of ScanFast checkpoint-friendly bags with new models just for netbooks. If you want something with more padding than just a sleeve, check them out. The line include a briefcase, messenger bag, and backpack.

Designed just for wee little netbooks, each bag has an adjustable computer protection compartment that will accommodate 8.9- or 11.6-inch networks with a power supply, or a 13.3-inch notebook. Each model lists for $49.99. Mobile Edge says a more feminine briefcase just for the ladies will be released this summer.

No Comments | Tags:
Mar 12

Cloak Bag: Shoot With the Camera Still Inside

Posted in: security, Today's Chili

cloak-bag

The Cloak Bag is a camera bag that lets you take pictures whilst your camera is still inside. It also doesn’t look anything like a normal camera bag, making it doubly secure if you’re a vulnerable traveler on vacation.

cloak-bag-1Like all the best niche products, the shoot-through bag was born of specific need. After two near misses in Buenos Aires, co-inventor Robert Merrill was afraid to take his DSLR out for fear of theft, so when he got back to Florida, he went to work. The Cloak Bag is designed to keep the camera protected and out of site, yet you can quickly flip it open and shoot with the camera still inside. A strap replaces your actual camera strap, and then the case itself hooks onto it with Velcro and a screw in the tripod-mount. The bottom of the bag zips open and folds inside when you want to shoot. In this mode, it looks like any other shoulder bag.

To shoot, you flip open the top (held in place with magnets) and your fingers slot inside through a gap to reach the dials and shutter release. If you need to zoom of focus manually, there is another zipper to gain access to the lens from the side.

Even if not fearing pickpockets and scam-artists, I like that you can have the camera ready to go but still protected from bumps (just don’t forget the front is open and put the camera down on wet ground). And at $50, it’s not much more than other day bags. The Cloak Bag is for DSLRs-only, and will fit cameras as big as Canon’s 5D MkII and Nikon’s D700 – in short, anything smaller than a bulky pro camera.

Cloak Bag [Cloak Bags via Photography Bay]

See Also:


No Comments | Tags: