androidandme.com |
Following 'false alarm,' BLU smartphones are back on Amazon
androidandme.com BLU responded to the security concerns earlier this week, saying that the data that its phones collect “is standard for OTA functionality and basic informational recording” and that “this is in line with every other smartphone device manufacturer in … |
Everyone knows what to do when life gives you lemons. Well, the same can apply when technology cries wolf at four in the morning, according to a contributor to Reddit’s section devoted to systems administration.
Every morning at just past 4 a.m., I get a text from Solarwinds that makes my phone beep. The alert is that one of our LDAP servers is unresponsive. Then two minutes later I get a text/phone beep that LDAP is back up. Every day.
It’s OK, I need to catch the bus/train just past 5 a.m. anyway, gives me time to get ready / pack my lunch, drink a cup of coffee, etc.
To read this article in full or to leave a comment, please click here
Inquirer |
Canonical sets off alarm after Ubuntu forum data breach
Inquirer LINUX FIRM Canonical has suffered a breach on the Ubuntu forums and is going full burn on the wretched servers. The firm explained in a statement that it noticed suspicious activity before too much damage was done, and immediately began cleaning things … Ubuntu Forums data breach exposes 2 million users Canonical hack exposes private data of 2 million forum members Flaw in vBulletin add-on leads to Ubuntu Forums database breach |
Enlarge (credit: SimpliSafe.com)
A security system used in more than 200,000 homes has an unfixable flaw that allows tech-savvy burglars to disarm the alarm from as far away as a few hundred feet.
The wireless home security system from SimpliSafe is marketed as costing less than competing ones and being easier to install, since it doesn’t use wires for one component to communicate with another. But according to Andrew Zonenberg, a researcher with security firm IOActive, the system’s keypad uses the same personal identification number with no encryption each time it sends a message to the main base station. That opens the system to what’s known as a replay attack, in which an attacker records the authentication code sent by the valid keypad and then recycles it when sending rogue commands transmitted over the same radio frequency.
“Unfortunately, there is no easy workaround for the issue since the keypad happily sends unencrypted PINs out to anyone listening,” Zonenberg wrote in a blog post published Wednesday. “Normally, the vendor would fix the vulnerability in a new firmware version by adding cryptography to the protocol. However, this is not an option for the affected SimpliSafe products because the microcontrollers in currently shipped hardware are one-time programmable. This means that field upgrades of existing systems are not possible; all existing keypads and base stations will need to be replaced.”
