Hasta La Gadget!

Chloe O’Brian
couldn’t hack into this drive&#8212
not to save the world.

—Tony Hoffman

For the full-length, free-verse ABS-Secure Encrypted Backup Solution (160GB)
review check out PCMag.com.

Software vulnerabilities are no stranger to modern, highly-connected smartphones and feature phones alike, and fortunately, the big guys have been pretty good about staying on the ball and patching the serious stuff in a reasonable amount of time. The latest problem discovered in the Android browser’s multimedia subsystem really sucks, though — it’s so bad, some security dudes are advising customers to “avoid” using the it altogether until it gets fixed — and the most frustrating part about it is that it actually is fixed in the Android code trunk, it’s just that no one’s bothered to roll out an update to G1 users yet. In the meantime, the dude who discovered the problem is advising users to only visit trusted sites and avoid WiFi, so yeah, just don’t browse or anything, okay?

[Via ReadWriteWeb]

Filed under: Cellphones, Handhelds

Security experts hating on Android browser until patch is released originally appeared on Engadget on Thu, 12 Feb 2009 15:44:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments

Fingerprint and vein scanners in computers are widespread enough that they no longer have to carry an "as seen on Minority Report or Total Recall" tag.

Now Sony has announced it has developed a compact, finger vein authentication technology that it says will be available in laptops and mobile phones later this year.

The authentication technology, puzzlingly named ‘mofiria,’ is expected to have higher accuracy compared to other personal identification techniques, says Sony.

Passwords have been passé for awhile as PC makers have added biometric authentication technologies such as fingerprint scans and palm authentication to PC systems. Sony’s rival Hitachi has had its finger vein authentication products available since last year, while Fujitsu offers a palm scan technology for both computers and general building access systems. That said, most users are probably still entering passwords to unlock their computers, even if biometric scanners are available on their machines. Why? It’s not clear, though it might be that existing technologies are too unreliable, not well-understood by the average user, or perhaps simply too creepy.

The ‘mofiria’ tech from Sony offers quick response and high accuracy and comes in a
compact size for mounting on mobile devices, says the company. It uses a CMOS sensor that diagonally captures
scattered light inside the finger veins making a plane layout
possible. This allows for a small and flexible design to be integrated into mobile devices.

"The vein pattern is extracted from the captured finger vein image  and
data from the pattern is compressed into the size of one-tenth to store
in memory," said Sony in a statement.

Sony claims false rejection rate for the technology is less than 0.1 percent and
processing time for identification takes only about 0.015 seconds using a
personal computer CPU and about 0.25 seconds using a mobile phone
CPU.

Security researcher Chris Paget has brought Cory Doctorow’s latest novel to life.

In the book Little Brother, kids use cheap RFID readers to clone San Francisco’s Fastrak cards and then rewrite the details to other users’ cards to cause mayhem and bring down the DHS. In reality, these cards contain RFID (Radio Frequency Identification) chips which can be read from a distance. The purpose is to let drivers cruise through toll-booths without stopping – payment is automatic – but you can be sure that there are plenty of other scanners dotted around the city, tracking your progress as you drive.

Paget wasn’t trying to bring down the government. He was simply making a point. Armed with a homebrew RFID reader kit (cost of parts: $250), he drove downtown and in 20 minutes had grabbed the details of two RFID passports. No Fastrak cards yet, but that doesn’t mean you shouldn’t be wrapping them in tinfoil (we’re actually serious). Paget’s aim is to have these chips removed from personal IDs as, aside from being insecure they are "unsuitable for tagging people". We agree.

Passport RFIDs cloned wholesale by $250 eBay auction spree [The Register]

Little Brother [Craphound]

See Also:

• Mobile RFID Reader Brings Big Brother To Your Pocket
• New York Offers Drivers License with RFID Tag
• Access Denied: RFID Cat-Flap Scans Kitties

We’ve seen quite a few hardware-encrypted disks hit the scene lately, but to be honest, we’ve always thought they were a risky investment, since all the systems were proprietary — we wouldn’t want to store our encryption-worthy data on a disk that can’t be read at all in a few years, after all. That’s happily about to change, though — the Trusted Computing Group has just announced that virtually every drive maker has agreed on a set of 128-bit encryption standards covering SSDs and HDDs. That’s Fujitsu, Hitachi, Seagate, Samsung, Toshiba, Western Digital, IBM, Wave Systems, LSI, and ULink Technology, if you’re keeping score at home (and we know you are). Ideally this means that we’ll see easy cheap disk encryption filter onto mainstream consumer storage, which would basically invalidate all those “I’m stealing this hard drive out of your laptop and using it to log into your Facebook account” crimes of passion we know the kids are into these days. Best part? Fujitsu, Seagate and Hitachi are all already shipping drives that support the TCG standards.

[Via Digg]

Filed under: Storage

Major storage vendors agree to disk encryption standards originally appeared on Engadget on Thu, 29 Jan 2009 07:49:00 EST. Please see our terms for use of feeds.

Read | Permalink | Email this | Comments