Collaborate Disseminate
In this piece of research, attackers successfully attack a driverless car system — Renault Captur’s "Level 0" autopilot (Level 0 systems advise human drivers but do not directly operate cars) — by following them with drones that project images of fake road signs in 100ms bursts. The time is too short for human perception, but long enough to fool the… Continue reading Another Attack Against Driverless Cars
If you need to reset the software in your GE smart light bulb — firmware version 2.8 or later — just follow these easy instructions: Start with your bulb off for at least 5 seconds. Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds Turn off for 2 seconds Turn on for 8 seconds… Continue reading Resetting Your GE Smart Light Bulb
Presidential candidate John Delaney has announced a plan to create a Department of Cybersecurity. I have long been in favor of a new federal agency to deal with Internet — and especially Internet of Things — security. The devil is in the details, of course, and it’s really easy to get this wrong. In Click Here to Kill Everybody, I… Continue reading A "Department of Cybersecurity"
This isn’t a security story, but it easily could have been. Last Saturday, Zipcar had a system outage: "an outage experienced by a third party telecommunications vendor disrupted connections between the company’s vehicles and its reservation software." That didn’t just mean people couldn’t get cars they reserved. Sometimes is meant they couldn’t get the cars they were already driving to… Continue reading Zipcar Disruption
This isn’t a security story, but it easily could have been. Last Saturday, Zipcar had a system outage: "an outage experienced by a third party telecommunications vendor disrupted connections between the company’s vehicles and its reservation softwa… Continue reading Zipcar Disruption
Andrew Odlyzko’s new essay is worth reading — "Cybersecurity is not very important": Abstract: There is a rising tide of security breaches. There is an even faster rising tide of hysteria over the ostensible reason for these breaches, namely the deficient state of our information infrastructure. Yet the world is doing remarkably well overall, and has not suffered any of… Continue reading An Argument that Cybersecurity Is Basically Okay
The Nest home alarm system shipped with a secret microphone, which — according to the company — was only an accidental secret: On Tuesday, a Google spokesperson told Business Insider the company had made an "error." "The on-device microph… Continue reading The Latest in Creepy Spyware
The Nest home alarm system shipped with a secret microphone, which — according to the company — was only an accidental secret: On Tuesday, a Google spokesperson told Business Insider the company had made an "error." "The on-device microphone was never intended to be a secret and should have been listed in the tech specs," the spokesperson said. "That was… Continue reading The Latest in Creepy Spyware
Recent articles about IoT vulnerabilities describe hacking of construction cranes, supermarket freezers, and electric scooters…. Continue reading Cataloging IoT Vulnerabilities
A year ago, the Norwegian Consumer Council published an excellent security analysis of children’s GPS-connected smart watches. The security was terrible. Not only could parents track the children, anyone else could also track the children. A recent ana… Continue reading Security Flaws in Children’s Smart Watches