Earlier this year, the New York Times ran a story claiming that almost every law enforcement agency in America was able to break into your phone.
A new report from Matthew Green, teacher of cryptography at Johns Hopkins, and his students, Max Zinkus, and Tushar Jois details what they?ve found. ?Authorities don?t need to break encryption in most cases, because modern phone encryption sort of sucks.?
(more…)Google has a history of partnering with companies and then swallowing them whole. Google has a strong partnership with ADT home security to install Google Assistant and Nest products.
(more…)A few days ago, I wrote about password managers and why they’re a good idea. You also need to use 2-factor authentication. 2-factor authentication (2FA) and passwords are both ways of trying to solve the problem of identifying yourself to a Web site or app. 2-factor says, “I am who I say I am, because of something I know (the password) and something I have (a second device the service knows.)
(more…)Welcome to the Gate smart lock – a front door smart lock that incorporates a traditional keyed deadbolt, multiple access keypad, person identification camera, and two-way audio system all in one. I’ve had this installed on my house for about 2 weeks now, and it’s been an interesting intro to smart home locks.
(more…)That’s right, friends – you no longer need to attack the darkness with magic missile (bonus internet points for you if you got the reference, friend). While Eufy is no stranger to camera systems, or embedding cameras in other products (like a doorbell or floodlight), they’ve got a new release coming up that looks pretty amazing for starting out monitoring your house from scratch – enter, the eufyCam 2.
(more…)Let?s keep the home security (and self-monitored) theme going, again with our friends from Eufy. Say you?ve already got a video doorbell installed, and now you?re interested to keep an eye on what?s going on out behind your house, or over by the garage. That?s where security lights come in handy, particularly those with motion detectors. But what if you could also wrap a camera in there as well? That?s precisely what the Eufy Smart Floodlight offers.
(more…)Here’s a little story, all about how, counter-intel and bad password management turned Twitter upside down. This time, the story features Colleen Rooney and Rebekah Vardy, wives of two footballers in the UK. What would normally be a celeb fight is now a good object lesson in counter-intel and password management. Here’s how:
(more…)While the camera’s from Nest and Ring are definitely the known names out there (and, well, Ring has some problems), they’re not the only ones out there. In fact, Arlo lays claim to the most popular wireless camera brand out there, and they announced earlier today their newest, the Arlo Pro 3.
(more…)Security researcher Brian Krebs has uncovered a new tool that will keep you safer at the gas station. Skimmers are devices that hackers hide on or inside gas pumps. These devices steal your credit card number and PIN are are often hidden under faceplates and inside card slots.
The tool is basically a Bluetooth sniffer that hunts for transmitters inside gas pumps. If it senses a Bluetooth device then the gas station managers can tear down the pump to find out what’s going on.
According to the study, some 44 volunteers? ? mostly law enforcement officials and state employees ? were equipped with Bluetana over a year-long experiment to test the effectiveness of the scanning app. From the post:
The researchers said their volunteers collected Bluetooth scans at 1,185 gas stations across six states, and that Bluetana detected a total of 64 skimmers across four of those states. All of the skimmers were later collected by law enforcement, including two that were reportedly missed in manual safety inspections of the pumps six months earlier.
Skimmers are big business.
?Based on the prior figures,?we estimate the range of per-day revenue from a skimmer is $4,253?(25 cards per day, cashout of $362 per card, and 47% cashout success rate), and our high end estimate is $63,638 (100 cards per day per day, $1,354 cashout per card, and cashout success rate of 47%),? said the creators of the software.
Ransomware is usually associated with PCs run in the bowels of some antiquated IT department. Now, however, researchers have figured out how to move the stuff onto your DSLR – with catastrophic results.
The ransomware essentially infects a high end camera and then encrypts all of the photographs on the card. Check Point has create a proof-of-concept that lets hackers connect to a camera via Wi-Fi and inject the code, essentially shutting down the camera until a ransom is paid. They write:
Our research shows how an attacker in close proximity (WiFi), or an attacker who already hijacked our PC (USB), can also propagate to and infect our beloved cameras with malware. Imagine how would you respond if attackers inject ransomware into both your computer?and?the camera, causing them to hold all of your pictures hostage unless you pay ransom.
The researchers used an open source OS for the Canon EOS 80D, by probing it for exploits, were able to upload the ransomware and activate it. Once a malicious payload is uploaded wirelessly the camera will load it automatically and go into lockdown. “There is a PTP command for remote firmware update, which requires zero user interaction,” wrote the researchers. “This means that even if all of the implementation vulnerabilities are patched, an attacker can still infect the camera using a malicious firmware update file.”
The result? Your camera is toast unless you pay up.
Luckily this is just a proof-of-concept and the attack isn’t in the wild yet. That said, keep your camera close by when you’re in sketchy areas. You never know when a hacker might strike.
