Changes

From Security Weekly Wiki
Jump to navigationJump to search
801 bytes added ,  20:53, 7 October 2010
# [http://www.darkreading.com/authentication/security/client/showArticle.jhtml?articleID=227700141&cid=RSSfeed Man in the mobile] - [pauldotcom] - Bleh, too many buzzwords. However, two-factor authentication that send you a TXT message doesn't work so well if an attacker pwns your phone. So, do better.
# [http://arstechnica.com/security/news/2010/08/cars-hacked-through-wireless-tyre-sensors.ars Hacking Tire Pressure Sensors] - [pauldotcom] - ''"The wireless sensors, compulsory in new automobiles in the US since 2008, can be used to track vehicles or feed bad data to the electronic control units (ECU), causing them to malfunction."'' I think hacking cars is neat, but unless there is money to be made, attackers will just yawn. Maybe there will be some pranks, but I don't see this being a huge concern.
#[http://www.boingboing.net/2010/10/04/security-company-ad.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+boingboing%2FiBag+%28Boing+Boing%29 Tricking folks into security services?] - [Larry] - I wonder how something like this would go over in our industry? I have a feeling not very well. Although I think for a parallel, in our industry if we are able to sneak something in like this, we're in, not just with trickery.
#[http://www.engadget.com/2010/10/03/hacker-claims-third-party-iphone-apps-can-transmit-udid-pose-se/ Iphone app data] - [Larry] - Buyer beware I guess? But, how would the average consumer ever know? Phone UDIDs (Unique IDS) can be grabbed by the API, and sent via app with other personal information, although it is "prohibited". Some even in cleartext...
= Other Stories of Interest =
940

edits

Navigation menu