Dutch hacker seeks out jailbroken iPhones for fame and fortune
by Donald Melanson 
posted Nov 3rd 2009 at 8:23PM
[Via TUAW]
hacker posts
[Via TUAW]
Snow Leopard ships with old version of Flash - great for hackers, not so much for the rest of us
by Joseph L. Flatley posted Sep 3rd 2009 at 2:31PM
As we've seen, for many people the migration to Snow Leopard has been eventful (to say the least). Even if you've been spared most of the growing pains, you'll want to make note of this next item: According to the kids at Adobe, the initial release of Mac OS X 10.6 includes an earlier version of Adobe Flash Player (10.0.23.1), necessitating an upgrade to 10.0.32.18 if you want to take advantage of the enhanced security the latter provides. What's more, even if your plug-in was up-to-date, an upgrade to Snow Leopard will downgrade your Flash Player version -- so much for auto-magically downloading the most recent updates when you install the OS, eh? Our feeling is this: if you're including Flash Player in the OS, you'd better update that as well. As Daily Tech points out, Adobe products (especially Flash) are a favorite of hackers and malcontents everywhere, so if you're serious about security you'll want to get your hands on the update ASAP. And as always, the read link is a terrific place to start.
[Via Daily Tech]
[Via Daily Tech]
Console hacker arrested, faces up to ten years in jail
by Joseph L. Flatley posted Aug 4th 2009 at 8:32PM
ATM scam at DEFCON clearly the work of ironic criminals
by Joseph L. Flatley posted Aug 3rd 2009 at 10:43AM
The hooligans in this case have a dry sense of humor or are extremely unlucky: Either way, we can't help but get a chuckle out of the fact that someone placed their smart card skimmin' faux ATM at the Riviera Hotel Casino in Las Vegas -- during DEFCON, the world's largest hacker convention. No one can say exactly how long the kiosk was there -- at least the kids were smart enough to place it right outside the security office, one of the few places in the conference center not under surveillance. It was picking up on this last fact that aroused the suspicion of Brian Markus, CEO of Aries Security. When shining a light through the glass panel that should house a camera, he instead found the PC that was set up to skim people's data. He then notified security, who removed the device and once again made the world safe for hackers and their bank accounts.
In San Francisco, hackers park for free
by Joseph L. Flatley posted Jul 31st 2009 at 9:59AM
In High School civics class we learned that besides voting, feeding the meter is one of the most important things we Americans can do. But just like e-voting, it looks like you can add parking to the list of things that hackers have spoiled for law and order-types everywhere. According to the kids at CNET, a group of nogoodniks were able to decode the smartcards used by Guardian XLE-series meters manufactured by J.J. MacKay Canada -- from which point it was a simple matter of boosting the card's value to $999.99. Its unclear how the city of San Francisco (one of several around the country that have dealt with the company) is going to address the problem, but one possibility is flagging accounts with suspicious activity and reprogramming parking meters to ignore the offending cards. Is nothing sacred, people?
Mysterious cyber-attacker hits at federal websites, crisis averted?
by Laura June posted Jul 8th 2009 at 6:28PM
It looks like a nefarious cyber-attack which affected several federal websites in the United States was a little more far-reaching than initially thought. The attack -- which started on the 4th of July -- targeted websites in both South Korea and the United States, including the Treasury Department, Federal Trade Commission and Secret Service. Various problems were still being reported days later, and while there's no official word on who the attackers were, those "people familiar with the matter" we know and love seem to be pointing their fingers at North Korea. So far as we know, no irreparable damage has been done, but we're not sure anyone would tell us if it had.
Video: 15 year old spends summer hacking iPhones
by Joseph L. Flatley posted Jul 8th 2009 at 12:31PM
When we were fifteen we were too busy smoking Winstons behind the Country Fair on Pennsylvania state route 99 to do anything of real value for society, so perhaps that's why whenever we cover one of these "teenager does good" stories it's with a slight tinge of regret. Ari Weinstein, the precocious spawn of a real-estate developer and a social worker, says he began his career as a "hacker" at the age of 7 when he figured out how to get around AOL's parental controls. Since then its only been onward and upward for the lad, who has since made short work of the iPod mini, the iPod touch (which led to the development of iJailbreak) and, with as a member of the Chronic Dev Team, the iPhone 3GS. Now, according to the Wall Street Journal, "he's going legit, as he spends his summer tooling up a new app." Sure. As we know, once the hacking bug bites, there's no going back to the straight world. That is, until AriX (as he's known on the street) discovers girls. Jailbreaking fans, please enjoy a rather confused (and wildly conflated) video after the break.
Hackers hit LHC computer system, deemed "scary experience"
by Donald Melanson posted Sep 12th 2008 at 4:43PM
Those already fearful of the Large Hadron Collider's potential Earth-ending capabilities may want to turn away for this one, as it looks like the situation has managed to get a bit more perilous, with a team of hackers apparently successful in mounting an attack on a system that is "one step away" from the computer system that controls of one of the LHC's massive detectors. According to The Telegraph newspaper, the group, calling itself the "Greek Security Team," left behind a half a dozen files on the system and damaged one CERN file, in addition to displaying the page above on the cmsmon.cern.ch website, which still remained inaccessible as of Friday. Somewhat disconcertingly, one of the scientists working at CERN simply described the incident as a "scary experience," with a CERN spokesperson further adding that they thought it was just someone "making the point that [the system] was hackable." Um, okaaaay.
[Via CNET News]
[Via CNET News]
Cloaking device could shield pacemakers from malicious signals
by Darren Murph posted Aug 25th 2008 at 8:29AM
On a number of occasions, we've seen reports suggesting that pacemakers could be sent signals which could instruct them to do all sorts of unwanted things, including shut off completely. Thankfully, the University of Washington's Dr. Tamara Denning has heeded the warnings and created a possible solution. The so-called cloaking device would enable pacemakers to "resist any instructions that come from anyone other than the doctor," though it has yet to be put to the test. in the real world Now, making sure your doc has passed a sufficient amount of background checks is another matter entirely.[Via Switched]
[Image courtesy of SMH, thanks A.C.E.R.]
Diebold comes clean, admits that its e-voting machines are faulty
by Darren Murph posted Aug 23rd 2008 at 8:29PM
For years, Diebold has embarrassed itself by claiming that obvious faults were actually not faults at all, and during the past decade or so, it mastered the act of pointing the finger. Now that it has ironically renamed itself Premier Election Solutions, it's finally coming clean. According to spokesman Chris Riggall, a "critical programming error that can cause votes to be dropped while being electronically transferred from memory cards to a central tallying point" has been part of the software for ten years. The flaw is on both optical scan and touchscreen machines, and while Mr. Riggall asserts that the logic error probably didn't ruin any elections (speaking of logic error...), the outfit's president has confessed to being "distressed" about the ordeal. More like "distressed" about the increasingly bleak future of his company.[Via Techdirt]
DARPA aims to create virtual environment for cyberwar simulations
by Darren Murph posted May 9th 2008 at 5:43PM
[Via Information Week, image courtesy of Sandia]
Hackers embed flashing animations on epilepsy support forum
by Darren Murph posted Mar 29th 2008 at 8:50PM
Shortly after hearing a sad tale of a 7-year old cancer patient having his medication and PSP stolen whilst en route to treatment comes yet another story of the world's meanest preying on the innocent. This go 'round, a group of griefers (which appear to be members of Anonymous) managed to invade a support forum established by the nonprofit Epilepsy Foundation and use JavaScript code and messages littered with flashing animations to effectively assault dozens of visitors who suffer from the disorder. The Foundation managed to catch wind of the problem within 12 hours of the attack, and while the boards were closed down temporarily to purge it of offending messages, many readers (such as RyAnne Fultz, pictured) experienced headaches and seizures before rescue arrived. Let's just say we sincerely hope the culprits get what's comin' to 'em.Linux becomes only OS to escape PWN 2 OWN unscathed
by Darren Murph posted Mar 29th 2008 at 2:48PM
[Image courtesy of TippingPoint]
PWN 2 OWN over: MacBook Air gets seized in 2 minutes flat
by Darren Murph posted Mar 27th 2008 at 5:57PM
PWN 2 OWN contest lets hackers choose Vista, OS X or Linux
by Darren Murph posted Mar 27th 2008 at 9:40AM
Last year's PWN 2 OWN contest at the CanSecWest security conference went over way better than expected (read: exploits were glorified), so this year, organizers have spiced things up by letting hackers have their way with three separate machines. The Linux, OS X and Vista-based rigs were all setup as similarly as possible in order to "make sure the attack surface was the same on all of them." For attendees in Vancouver, there sits a $20,000 top prize -- which dwindles with each passing day as restrictions on attacks ease up -- but it can only be acquired if an all new zero-day cyber roundhouse kick is used. Anyone here going to give it a go? You get to keep the freshly victimized laptop too, you know.
