Security, Privacy and IoT: The Week of February 27th, 2017

Security

If you want a phone that’s less likely to be broken into simply because it does much less, the Nokia 3310 may be for you. No App Store and no wifi reduce its attack surface to whatever vulnerabilities are built into Nokia’s software and its baseband firmware.

https://arstechnica.com/gadgets/2017/02/nokia-3310-hands-on-its-hard-not-to-like-this-modern-take-on-the-feature-phone/

Continue reading

Security, Privacy and IoT: The Week of February 20th

I’m experimenting with compiling a list of interesting articles each week. I’m trying to keep this quick maintain a high signal-to-noise ratio.

Security

This is huge news for the crypto community. Long deprecated, the SHA1 hash function now has a demonstrated hash collision. The collision took 110 GPU years to compute – we don’t yet have a way to produce arbitrary SHA1 hash collisions, and it still may be years until we do.

Continue reading

Security, Privacy and IoT: The Week of February 13th

I’m experimenting with compiling a list of interesting articles each week – I’ll compile a list of articles that caught my eye. I’m trying to keep this quick and maintain a high signal-to-noise ratio.

Security

Adobe Flash Critical Security Update

Adobe has released Flash Player version 24.0.0.221 for Windows, macOS and Linux. It fixes “critical vulnerabilities that could potentially allow an attacker to take control of the affected system”. If you have Flash installed on your computer, update it immediately. Also update Chrome.

Except for the copy of Flash that comes with Chrome, I haven’t had Flash installed on my Mac in years and I don’t miss it at all.

https://helpx.adobe.com/security/products/flash-player/apsb17-04.html

Continue reading

Another Day, Another Massive Password Dump

Password Dumps: How To Protect Yourself

By now you’re probably used to reading about web sites getting broken into, exposing millions of accounts.

The information that crackers get varies… they may get email addresses and encrypted passwords. It may be your IP address, name, plain text password, credit card information, social security number… it all depends on what  the site collects and how they secure it.

This time around Adult Friend Finder was breached, exposing 340 million accounts as well about another 73 million accounts on other sex-related sites.

Continue reading

How to Safely Update Your Apple Devices

The release of iOS 10 didn’t exactly go smoothly.

Many iOS users found their devices bricked – after installing the update they were stuck asking to be connected to iTunes. iTunes would only replace the OS, wiping out all data on the device – and even that wouldn’t succeed.

If you only use an iPhone for phone calls and don’t use a lot of apps or media with it then you can probably skip this and throw caution to the wind. Otherwise it helps to be aware of best update practices and what they can and can’t protect you from.

Continue reading

%d bloggers like this:
var _gaq = _gaq || []; var pluginUrl = '//www.google-analytics.com/plugins/ga/inpage_linkid.js'; _gaq.push(['_require', 'inpage_linkid', pluginUrl]); _gaq.push(['_setAccount', 'UA-239812-12']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://' : 'http://') + 'stats.g.doubleclick.net/dc.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();