breach
Latest
T-Mobile thinks data leak "not enough to cause harm" to customers
After news broke of a possible breach into T-Mobile's systems over the weekend, subscribers were understandably concerned over claims that personal information (among other things) may have been pilfered by the offenders who later offered the data for sale to the carrier's competitors. An investigation has been launched, and so far, it sounds like T-Mobile is admitting some data was taken -- but that it wasn't enough to be of any concern to its customers. Work is ongoing to determine exactly what the hackers got their hands on and how, but it's a promising sign that subscribers don't need to step up fraud monitoring on their accounts. The full statement is below:"To reaffirm, the protection of our customers' information and the security of our systems is paramount at T-Mobile. Regarding the recent claim on a Web site, we've identified the document from which information was copied, and believe possession of this alone is not enough to cause harm to our customers. We continue to investigate the matter, and have taken additional precautionary measures to further ensure our customers' information and our systems are protected. At this moment, we are unable to disclose additional information in order to protect the integrity of the investigation, but customers can be assured if there is any evidence that customer information has been compromised, we would inform those affected as quickly as possible."
Voom HD claims over $1 billion in damages from DISH Network drop
If you had a sneaking suspicion that somewhat just wasn't right when all 15 of the VOOM HD networks suddenly vanished from DISH Network's lineup, um, you were right. Apparently EchoStar (now DISH Network) and VOOM Networks had inked a 15-year deal in 2005 that would give the latter "a license fee of $3.25 a month per HD subscriber receiving VOOM." Now, VOOM has "filed an amended complaint against EchoStar, claiming it will suffer more than $1 billion in damages." More specifically, it notes that "EchoStar had no right to terminate the affiliation agreement on the basis of a trumped-up and pretextual claim of breach simply because it no longer liked the deal it struck." As expected, EchoStar is remaining mum on the subject, but its ex-partner is seeking "substantial damages in an amount to be determined at trial." This one could get real ugly, and fast.
Apple issues fix for recently discovered QuickTime flaw
Just over a week after a dubious duo found a way to commandeer a Mac thanks to an elusive flaw in QuickTime (of all things), Apple's security police have purportedly fixed the flaw and issued an update. Apparently, the hole could be "exploited through a rigged website and let an attacker control computers running both Mac OS X and Windows," and the firm elaborated by stating that a "maliciously crafted Java applet could lead to arbitrary code execution" if users didn't apply the patch. The newest version of QuickTime now sits at 7.1.6, and reportedly "repairs the problem by performing additional checking," and interestingly enough, Apple seemingly tipped its hat to Dino Dai Zovi and the TippingPoint Zero Day Initiative for reporting the issue. So make sure you fire up that Software Update today if you haven't already -- a presumably small bundle of downloadable joy should be waiting.
Infamous MacBook WiFi hack demonstrated, dubious code to go public
This on-again / off-again storyline surrounding the infamous MacBook WiFi hack has us all in a bit of a whirlwind, but it looks like the responsible party is finally coming clean. David Maynor, who is now the CTO at Errata Security, broke the silence regarding the questionable WiFi vulnerability that he claimed existed in Apple's MacBook by actually demonstrating his findings in front of the crowds at the Black Hat DC event. The meddlesome duo elicited all sorts of backlash from Apple after the story surfaced, and a showing at the ToorCon hacker convention in San Diego was actually axed after Cupertino threatened to sue Maynor's now-former employer, SecureWorks. Yesterday, however, Maynor streamed rogue code from a Toshiba laptop while his MacBook (running OS X 10.4.6) scanned for wireless networks; sure enough, the laptop crashed, and he insinuated that the code could actually be used to do far worse things, such as control functions of the computer -- but interestingly enough, it wasn't noted whether the MacBook's WiFi adapter was Apple's own or of the third-party variety. The angst still felt by Maynor primarily stems from Apple's outright denial of his claims, only to provide an elusive patch that fixed the issue in OS X 10.4.8, essentially making its operating system more secure without giving David his due credit. Mr. Maynor also said that he would no longer attempt to work with Apple and wouldn't report any further findings to them, and while most Macs have certainly done their duty and upgraded to the latest version of OS X, users can reportedly expect a public release of the rogue code to hit the web soon.
Judge favors Nano-Proprietary in Canon licensing quandary
We all had high hopes that SED TVs wouldn't become another case of "what could have been," but unfortunately for everyone, things aren't looking too bright right about now. Last we heard, Canon was reportedly all set to buy out Toshiba's display stake, theoretically squashing Nano-Proprietary's claim that licensing agreements would be breached if Tosh remained in the mix, but it seems that things just can't be so easy. A federal judge has now ruled that Canon "violated its agreement with Texas-based Nano-Proprietary by forming a joint television venture with Toshiba," and while "damages still need to be determined," it's fairly clear who will come out the victor in this scenario. Still, this just appears to be yet another snag in the development of new nanotube sets, and while we should all just be used to it by now, that glimmer of hope that Canon and Nano-Proprietary "could now develop a new licensing agreement" is still (currently) alive.
iPod deemed a "criminal tool" in high school security breach
It was essentially inevitible that Nintendo's Wiimote was destined to become a weapon of mass destruction, and while we've seen folks jailed and even killed over an iPod, even we're a bit hesitant to call the blunt object a "criminal tool." Still, that's precisely what a former Clay High School junior was purportedly using when he "hacked into school personnel and student files" and transferred sensitive information to his dubious Pod. After threatening to "open up a credit card in someone's name and ruin their credit," school officials began to investigate the situation, and were quite relieved when they discovered the breach before any of the data was used with ill intentions. Currently, no court date has been set for the youngster's criminal case, but considering all the grief being endured in order to keep those files from leaving school grounds, one just has to wonder what secrets could possibly be held in those potentially steamy "personnel files."[Thanks, Ray]
