Engadget - Comments for Hackers crash e-passport readers -- stage set for exploits

Engadget - Comments for Hackers crash e-passport readers -- stage set for exploits http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/ Engadget Comments for Hackers crash e-passport readers -- stage set for exploits http://www.engadget.com/media/feedlogo.gif Engadget http://www.engadget.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 5:24AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 5:50AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 5:32AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 5:50AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 6:27AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/
http://video.google.com/videoplay?docid=7866929448192753501

]]>Aug 1st 2007 12:03PM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/
**raises hand with every other Engadget reader**]]>Aug 1st 2007 9:12AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 10:26AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/
...the Hammer picture?]]>Aug 1st 2007 1:47PM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 2:33PM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 3:22PM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/
a.k.a. an on/off button.]]>Aug 1st 2007 3:27PM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 3:28PM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 1st 2007 5:23PM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/Aug 3rd 2007 11:33AM<![CDATA[Comments on Hackers crash e-passport readers -- stage set for exploits]]>http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/http://www.engadget.com/2007/08/01/hackers-crash-e-passport-readers-ready-to-develop-exploits/
The trick is to make sure all drivers and applications verify the jpeg before expanding it. The jpeg image is embedded as a file inside the smart card called DG2. Alterations of the DG2 can be verified through software signitures and hash values.

Even with the above not employed, data execution protection has been around since Windows XP SP2. By default all memory allocated by applications will have non execute restrictions placed on it from a software and hardware level. Applications wishing to allocate executable memory must explicitly do this. Application memory space and the heap are separate and protected.

I believe part of what Grunwald says is true, the rest a good show and makes for good stories to print. A little more investigative journalism would go a long way here.]]>Aug 13th 2007 4:33PM