Security Flaw Allows Full Access To Locked IPhones

[greenmymac] on the MacRumors forums recently exposed a security flaw that allows anyone full access to a locked iPhone running firmware version 2.0.2. The flaw works by entering the emergency call menu of a locked iPhone, and double tapping the home button. This opens the iPhone’s Favorites menu, allowing anyone in your Favorites to be called. From here, an attacker has access to your SMS messages and potentially your email or Safari browser. While we are sure that Apple has a patch for this flaw on the way in the next firmware update, there is a temporary way to secure your locked iPhone. Simply enter the Settings menu on your iPhone and enter General > Home Button and select “Home” or “iPod”. Now when you double tap your home button, it will navigate to either your home screen or the iPod screen. While this fix might be annoying for some, as of right now it seems like the only way to secure your locked iPhone.

[photo: Refracted Moments™]

[via Gizmodo]

Testing IR Camera Blocking

[youtube=http://www.youtube.com/watch?v=0u5hAfnq2-4&hl=en&fs=1&rel=0][randy] from F.A.T. tested the theory that infrared LEDs can actually hide you from the prying eyes of surveillance cameras. We’ve previously covered camouflage, IR, and other suggestions for eluding the cameras, but haven’t taken to sewing stuff onto our clothes yet. [randy] lined his hoodie with high-intensity infrared LEDs, hoping to create a halo effect that would hide his head, and tested his results. Unfortunately, his efforts were unsuccessful. He tested many many different combinations and we’re confident in his conclusion that it would be very hard to make this work.

IBM Sees Influx In Zero-day Exploits


IBM’s X-Force security team has released a mid-year report(PDF) stating that the number of zero-day exploits is growing at an alarming rate. For those of you unfamiliar with the term, a zero-day exploit is a program that is created and implemented within 24 hours of the disclosure of a security flaw. These exploits usually affect users before they even know the vulnerability exists and long before a patch is made available. The researchers also found that many of these exploits were targeted at browser plug-ins, which most users utilize on a daily basis.

[Kris Lamb], X-Force operations manager, is blaming the problem on a lack of a unified process for disclosing vulnerabilities. He also claims that the long-held practice of publishing example code of vulnerabilities should be frowned upon.

[via Liquidmatrix]

Ruckingenur II: Reverse Engineering Video Game


[Zach Barth] has released Ruckingenur II, the game of reverse engineering. The latest in his Games for Engineers series, it is a full game with multiple levels and live action cut scenes. Set with a military theme, the goal is to reverse engineer enemy items. Pictured above is a lock to a weapons cache.

The pixelized style is consistent throughout. Even the cut scenes have the effect. The reverse engineering is fun enough to keep you interested while you learn. There is an in game help system that keeps you on track as well. Our only suggestion is that he get some better costumes next time!

Subway Hacker Speaks


Popular Mechanics has an interview with [Zach Anderson], one of the MIT hackers that was temporarily gagged by the MBTA. The interview is essentially a timeline of the events that led up to the Defcon talk cancellation. [Zach] pointed out a great article by The Tech that covers the vulnerabilities. The mag stripe cards can be easily cloned. The students we’re also able to increase the value of the card by brute forcing the checksum. There are only 64 possible checksum values, so they made a card for each one. It’s not graceful, but it works. The card values aren’t encrypted and there isn’t an auditing system to check what values should be on the card either. The RFID cards use Mifare classic, which we know is broken. It was NXP, Mifare’s manufacturer, that tipped off the MBTA on the actual presentation.

Red Hat Confirms Security Breach


After a week of wondering, Red Hat has confirmed that someone broke in and compromised their security. Although It doesn’t appear the attacker was able to retrieve the passphrase used to sign Fedora packages, the team is switching to new keys. In a separate intrusion the attacker tampered with and signed OpenSSH packages for RHEL. While it’s good to get the full story, no one is happy how long it took Red Hat to release these details.

[via Zero Day]

[photo: afsilva]