FAA (pdf link): A Boeing Model 787 airplane that has been powered continuously for 248 days can lose all AC electrical power due to the generator control units (GCUs) simultaneously going into failsafe mode. This condition is caused by a software counter internal to the GCUs that will overflow after 248 days of continuous power. We are issuing this airworthiness directive to prevent loss of all AC electrical power, which could result in loss of control of the airplane. Guardian article: "In the latest of a long line of problems plaguing Boeing’s 787 Dreamliner, which saw the company’s fleet grounded over battery issues and concerns raised over possible hacking vulnerabilities, the new software bug was found in plane’s generator-control units." [more inside]
Wikileaks may have been the big news, but there were numerous other data breaches in 2010. [more inside]
Theo de Raadt: I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, in particular the IPSEC stack. [more inside]
The driver software for the Energizer DUO USB battery charger contains a back door. It permits a remote user full access to your Windows system. [more inside]
You can get at the Oxford English Dictionary for free. Yay. Unfortunately you have to use this backdoor thing. Don't tell anyone.
Antivirus Firms Say They Won't Create FBI Loophole. A free knuckle sandwich to the first person to say, "looks like magic lantern has been extinguised!"
Robots.cnn.com is a mirror of CNN, without the ads. (It looks like they use it for web crawlers.) This reminds me of channel.nytimes.com, the backdoor for the New York Times that allows you to skip registration for almost every story. Anyone know of any other major media backdoors?
More news on the IIS exploit After acknowledging the problem last week, Micro$oft is now saying that the backdoor in IIS... is a flaw. M$ Technet seems to have a fix for this problem, delete the offending file! So, if systems are your bag, my advice is to start researching security if you are running M$ internet server products (SQL 7, Exchange, IIS, Index Server, etc.).