Neurosecurity: security and privacy for neural devices. "An increasing number of neural implantable devices will become available in the near future due to advances in neural engineering. This discipline holds the potential to improve many patients' lives dramatically by offering improved—and in some cases entirely new—forms of rehabilitation for conditions ranging from missing limbs to degenerative cognitive diseases. The use of standard engineering practices, medical trials, and neuroethical evaluations during the design process can create systems that are safe and that follow ethical guidelines; unfortunately, none of these disciplines currently ensure that neural devices are robust against adversarial entities trying to exploit these devices to alter, block, or eavesdrop on neural signals. The authors define 'neurosecurity'—a version of computer science security principles and methods applied to neural engineering—and discuss why neurosecurity should be a critical consideration in the design of future neural devices." [Via Mind Hacks]
posted by homunculus on Jul 8, 2009 - 22 comments

You are Medeco, one of the world's premier lock companies. And you think your super-secure locks are tight. Until, that is, some upstart troublemaker comes along, reverse engineers them and shows the world (via Wired magazine--with video, natch) showing just how (supposedly) insecure they are. Then this same troublemaker releases a book giving all your secrets away. [more inside]
posted by ostranenie on May 28, 2009 - 75 comments

This is an ironic tale of the consequences of inept application of cryptographic tools. Or is it? Dan Egerstad, a Swedish hacker, gained access to hundreds of computer network accounts around the world, belonging to various embassies, corporations and other organizations. How did he do it? Very easily: by sniffing exit traffic on his Tor nodes. [more inside]
posted by Anything on Dec 4, 2007 - 27 comments

How secure is your password? If you're like some people, it's probably not secure enough. When did you last change yours?
posted by chuckdarwin on Jun 13, 2007 - 66 comments

Klaatu barada...Jikto? First there was Nikto. Then along came Wikto. Last Saturday at Shmoocon Billy Hoffman introduced the world to Jitko, a client-side vulnerability scanner that exploits your browser & turns your PC into a platform for finding holes in computers across the Internet (or behind your firewall). Reactions were mixed. Does Jikto go too far?
posted by scalefree on Mar 28, 2007 - 11 comments

"To tell the truth ... I'm sorta surprised they haven't caught me yet," The Washington Post ran an interesting interview with a botmaster, a young man who made serveral thousands of dollars a month installing XXX spyware on machines that he controlled. He installed the software on the machines of people he did not know by hacking into them remotely. The lenghty article included a partial photo of the botmaster along with vauge descriptions of the small midwestern town where the man lives, and was published with the understanding that the man's identity would be kept secret. Someone should have told that to the person that manages photos at the Washington Post. An estute reader over at Slashdot was able to locate some extra information stored in the picture's metadata including the photographer and the location the picture was taken, Roland, Oklahoma, a town of less than 3000 people. Whoops.
posted by daHIFI on Feb 21, 2006 - 56 comments

"Hacker" discovers backdoor to Harvard Business School admissions decisions.
Harvard rejects all applicants who used the "hack."
posted by trharlan on Mar 8, 2005 - 68 comments

GMail not-so-safe Mail. So apparentley GMail has a major exploit that's been discovered by an Israeli hacker. "Using a hex-encoded XSS link, the victim's cookie file can be stolen by a hacker, who can later use it to identify himself to Gmail as the original owner of an email account, regardless of whether or not the password is subsequently changed." And so the fun with GMail begins..
posted by mrplab on Oct 29, 2004 - 9 comments

Know what time it is, Kidz? It's U.S. Department of Justice Time!

On today's show, we'll learn why Hacking is REAL BAD, and give you a chance to find out if you are a good cybercitizen. Next, we'll meet Axel, the talking drug dog, and his friends the Bomb Dog Bunch! Then, we'll check in on the ATF, for some cool science fair ideas.

And finally, just for you kids with crooks or international terrorists for parents, here's a nifty PDF coloring book (Native American version also available).
posted by eatitlive on Feb 25, 2003 - 11 comments

This is some scary stuff. Life in prison for malicious hacking? We can't keep rapists and murderers away from society for very long but now hackers & crackers could be jailed for life? And on top of that the FBI can monitor internet packets without a warrant? If you enjoy your freedom from gov't surveillance, it looks like it's time to start using PGP.
posted by mathowie on Jul 16, 2002 - 21 comments

Competition to "reverse engineer" mystery program.
Another cool thingy from the HoneyNet Project; they're inviting people to convert a binary file into its original source. So, who's participating?
posted by arnab on May 3, 2002 - 2 comments

Hackers target Cell Phones With the connectivity of cell phones to the internet, hackers have begun to target cell phones, programming prank calls, placing calls to wherever and erasing the software in the phone.
posted by Lanternjmk on Mar 11, 2002 - 7 comments

Hackers: Computer Outlaws A TLC show(that I'm 3/4 through) that seems to actually use reliable sources to discuss not just cracker behavior, but also the creative side of hackers, pointing out the developments attributed to some hackers. Now Markoff and Mitnick. Not a bad little show....
posted by dglynn on Jan 9, 2002 - 7 comments

Microsoft's newest version of Windows.... billed as the most secure ever, contains several serious flaws that allow hackers to steal or destroy a victim's data files across the Internet or implant rogue computer software. The company released a free fix Thursday.

A Microsoft official acknowledged that the risk to consumers was unprecedented because the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet.
posted by bkdelong on Dec 20, 2001 - 60 comments

Silicon Valley backs Senate bill that would allow companies to report computer network attacks to the government without having to worry about the public finding out. The reasoning: it would encourage more companies to report the problems and help the government track down the culprits. A similar bill is in the House.
posted by thescoop on Sep 25, 2001 - 3 comments

You too can be a felon! Last year, the SDMI Foundation made a public challenge to see if anyone could crack 6 proposed protection mechanisms for digitally-encoded music. All six turned out to be feeble and all six fell. Since then, the SDMI Foundation has been relying on lawyers to cover up for the incompetence of their engineers. They're trying to suppress this article, so everyone reading this has a duty to make and store a copy of it. (Everyone should also own at least one copy of DeCSS. I have the 442-character C version printed on the back of my personal card.)
posted by Steven Den Beste on Apr 21, 2001 - 15 comments

Vulnerabiity in OpenPGP You don't even need to crack the key, just get hold of it, modify a few bytes, and presto, sign away from other persona. The issue here is signing, not encrypting. The implications are evident when you think of internet voting, tax filing, etc., but it is still a victory for open cryptography, where peer review can find serious flaws.
posted by pecus on Mar 22, 2001 - 2 comments

One million credit card numbers stolen! News at 11! The FBI has gone public with a rather dry account of a huge organized attack on ecommerce sites, exploiting security flaws in NT which Microsoft fixed and offered patches for nearly two years ago.
posted by Steven Den Beste on Mar 9, 2001 - 5 comments

The SDMI Hack challenge seems to have gone down in flames. And apparently it wasn't even very difficult to break into it. This article goes into it in some detail. [more]
posted by Steven Den Beste on Oct 17, 2000 - 5 comments

They bagged the kid who was responsible for all those Denial-of-Service attacks a couple of months ago. He's Canadian.

Here's an interesting legal question: could the US extradite him? The crimes were committed in the US, but he was in Canada at the time he did it, since he worked through the Internet. Whose laws apply?

(By the way, I've seen no indication that the US is considering extradition; I was just curious whether they could extradite him.)
posted by Steven Den Beste on Apr 19, 2000 - 18 comments

The Discovery Channel has a pretty good "Hackers Hall of Fame" but of course they get hacking/phreaking/cracking all munged up. There's a brief bio and short synopsis of activities for each person.
posted by mathowie on Feb 12, 2000 - 0 comments

Last night Kevin Mitnick was on 60 minutes (the gist of the interview is quoted here), and I have to say he came off as an utterly harmless geek. He was an information junkie that enjoyed the challenge of cracking firewalls. He never profited from his activities and the affected companies made up their monetary losses. It's a shame he was forced to waste away in prison instead of offer his security expertise to the affected companies.
posted by mathowie on Jan 24, 2000 - 1 comment