Skip navigation
Help

Hacking

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

schwit1 writes "Stomping on the brakes of a 3,500-pound Ford Escape that refuses to stop–or even slow down–produces a unique feeling of anxiety. In this case it also produces a deep groaning sound, like an angry water buffalo bellowing somewhere under the SUV's chassis. The more I pound the pedal, the louder the groan gets–along with the delighted cackling of the two hackers sitting behind me in the backseat. Luckily, all of this is happening at less than 5mph. So the Escape merely plows into a stand of 6-foot-high weeds growing in the abandoned parking lot of a South Bend, Ind. strip mall that Charlie Miller and Chris Valasek have chosen as the testing grounds for the day's experiments, a few of which are shown in the video below. (When Miller discovered the brake-disabling trick, he wasn't so lucky: The soccer-mom mobile barreled through his garage, crushing his lawn mower and inflicting $150 worth of damage to the rear wall.) The duo plans to release their findings and the attack software they developed at the hacker conference Defcon in Las Vegas next month–the better, they say, to help other researchers find and fix the auto industry's security problems before malicious hackers get under the hoods of unsuspecting drivers."

0
Your rating: None

Jason Scott, the well-known digital archivist with archive.org who has previously produced a documentary on bulletin board systems, has turned his attention to Def Con — the Vegas convention that now attracts thousands of hackers (and would-be hackers) each year. Def Con: The Documentary sits down with a number of individuals who've been involved with the event from the start, including "The Dark Tangent" himself, Def Con founder Jeff Moss.

Def Con is familiar territory for Scott, who is a longtime attendee and frequent speaker at the conference — and naturally, assembling the narrative of how the world's largest hacker convention got its start fits in well with his day job of preserving internet history.

0
Your rating: None

An anonymous reader writes "There is a growing interest in who tracks us, and many folks are restricting the use of web cookies and Flash to cut down how advertisers (and others) can track them. Those things are fine as far as they go, but some sites are using the ETag header as an identifier: Attentive readers might have noticed already how you can use this to track people: the browser sends the information back to the server that it previously received (the ETag). That sounds an awful lot like cookies, doesn't it? The server can simply give each browser an unique ETag, and when they connect again it can look it up in its database. Neither JavaScript, nor any other plugin, has to be enabled for this to work either, and changing your IP is useless as well. The only usable workaround seems to be clearing one's cache, or using private browsing with HTTPS on sites where you don't want to be tracked. The Firefox add-on SecretAgent also does ETag overwriting."

0
Your rating: None
Original author: 
Joshua Kopstein

Dsc_3747_large

The US government is waging electronic warfare on a vast scale — so large that it's causing a seismic shift in the unregulated grey markets where hackers and criminals buy and sell security exploits, Reuters reports.

Former White House cybersecurity advisors Howard Schmidt and Richard Clarke say this move to "offensive" cybersecurity has left US companies and average citizens vulnerable, because it relies on the government collecting and exploiting critical vulnerabilities that have not been revealed to software vendors or the public.

"If the US government knows of a vulnerability that can be exploited, under normal circumstances, its first obligation is to tell US users," Clarke told Reuters. "There is supposed to be some mechanism...

Continue reading…

0
Your rating: None
Original author: 
Aaron Souppouris

Padlocks-555_large

There's a huge industry out there that no one really talks about: the market for your security. As The Economist reports, exploits for Internet Explorer, Chrome, iOS, Windows 8, and other software are discovered either by hackers or security firms, and sold to the highest bidder. A single Internet Explorer exploit can sell for as much as $500,000, as security researchers that would once detail software vulnerabilities for kudos have realized they were treating "diamonds like pebbles." It's mostly been governments buying exploits, but in recent years, agencies have realized they're funding a black market for extremely dangerous R&D, and are beginning to move their search for security flaws in-house.

Continue reading…

0
Your rating: None

Claudio-guarnieri_large

Above: Claudio Guarnieri of IT security firm Rapid7

Italy's Hacking Team is like most any software company: worried about market demand, creating desirable features, and not being too buggy. But their product, called "DaVinci," is something no one ever wants to find on their computer.

"They sell software that helps people break into people's computers and spy on them," explains Morgan Marquis-Boire, a researcher with University of Toronto's Citizen Lab.

Hacking Team develops targeted malware for use by nation-states.

Continue reading…

0
Your rating: None