Monthly Archives: March 2009
Current Event: iTunes Gift Voucher Hacked?
Many online news agencies are reporting that a Chinese group of hackers have broken Apple’s iTunes Gift Voucher code generator. The original story seems to come from Outdustry, a Chinese music industry website, and tells of $200 gift certificates being … Continue reading
Security Review: Apartment Complex Rent Drop-boxes
Most people renting an apartment use a common drop-box to pay the rent. Most often this is located in an easily accessible common are like the mailboxes or near the manager’s office. The setup to be discussed here is a … Continue reading
Security Review: Google Voice
Apologies for reviewing the same technology. The other Google Voice review just appeared for me, which was after I wrote my own. I did check prior to starting this review, and it wasn’t up then. Summary: ComputerWorld had an article … Continue reading
Security Review: My Apartment
The apartment complex I live in is comprised of a garage and multiple residential floors. The access points into the building are through the elevator, garage, and a street access door. All three use RFID keycards to restrict the access … Continue reading
Researchers develop security flaw scanner for use during Development
http://www.sciencedaily.com/releases/2009/02/090224133010.htm Summary Researchers have proposed and started testing a new system for helping to identify potential bugs and security flaws during the development cycle of software development. It works to help the development team identify and prioritize potential targets and … Continue reading
Security Review: Technology’s vulnerability to sniffing keystrokes from electromagnetic emissions.
This vulnerability is one of the most profound in computing. Every computer has a connection from the keyboard to the CPU, and when signals are sent this connection acts as an antenna, transmitting a characteristic wave for each keystroke. Each … Continue reading
Current Event: ITunes vulnerability leak user credentials
The recently released ITunes 8.1 closed two major security gaps from the previous version. According to Apple, until the latest release, maliciously crafted podcasts could cause ITunes to ask user for credentials but send the username and password to a … Continue reading
Security Review: Final Examinations
Final exams are just around the corner (or in some cases may already have been taken if they’re in-class ones)! I figured I’d write a security review about the system of final exams. Assets and Goals: Pre-knowledge of questions After … Continue reading
Security Review: UW Parking Enforcement
The parking at the University of Washington has always been a deadly game of cat and mouse between driver and parking enforcement. There are limited parking resources on campus, and parking enforcement wants to make sure that they are maximizing … Continue reading
Current Event: Kremlin loyalist admits to launching DDoS attack on Estonia
According to an article from Rueters (http://www.reuters.com/article/technologyNews/idUSTRE52B4D820090313?pageNumber=1&virtualBrandChannel=0), Konstantin Goloskokov, a member of a Russian youth movement recently claimed responsibility to organizing a group of fellow supporters and executing a Distributed Denial of Service (DDoS) attack on Estonian internet sites, causing … Continue reading