Crowdfunded Bounty For Hacking iPhone 5S Fingerprint Authentication


There's more than $13,000 pledged for a crowdfunded bounty for bypassing an iPhone 5S's fingerprint reader. The bounty, set up by a security expert and an exploit reseller requires entrants to lift prints 'like from a beer mug.' It has a website — IsTouchIDHackedYet — and payments are pledged by tweets using #IsTouchIDHackedYet. One drawback: the scheme appears to rely on trust that sponsors will actually pay up

slashdot.org

... Link (0 comments) ... Comment



Satire: iPhone 5 NSA


... Link (0 comments) ... Comment



Phonebloks


A phone only lasts a couple of years before it breaks or becomes obsolete. Although its often just one part which killed it, we throw everything away since its almost impossible to repair or upgrade.

Phonebloks is made of detachable bloks. The bloks are connected to the base which locks everything together into a solid phone. If a blok breaks you can easily replace it, if it's getting old just upgrade.

phonebloks.com thunderclap.it

... Link (0 comments) ... Comment



Hackers use Android 'master key' exploit in China


A security firm says it has identified the first known malicious use of Android's "master key" vulnerability.

The bug - which was first publicised earlier this month - allows attackers to install code on to phones running Google's mobile operating system and then take control of them.

Symantec said its researchers had found two apps distributed in China that had been infected using the exploit.

bbc.co.uk

... Link (0 comments) ... Comment



900 Millionen SIM-Karten können geknackt werden


SIM-Karten sind so etwas wie der Tresor unserer Identität. Je mehr Dinge Mobiltelefone können und je verbreiteter sie sind, desto mehr übernehmen sie für uns die Funktion, unser Leben zu bewahren und zu verwalten. Geldbörse, Passwortspeicher, Nahverkehrpass, Zugangsberechtigung – vieles, wofür es bislang einzelne Plastikkarten oder Bargeld brauchte, geht inzwischen mit dem Mobiltelefon.

Dessen Sicherheitszentrale ist die SIM. Denn die kleine Karte sorgt dafür, dass sich der Besitzer des Telefons im Mobilfunknetz identifizieren kann. Sie speichert die Schlüssel, um die Identität zu belegen und um sämtliche Kommunikation zu chiffrieren. Leider ist dieser Tresor häufig nur mit einem ziemlich billigen Schloss verriegelt, sagt Karsten Nohl.

zeit.de

... Link (0 comments) ... Comment



Mobile phone runs on urine power


Scientists working at the Bristol Robotics Laboratory, which is a collaboration between the University of the West of England (UWE Bristol) and the University of Bristol, have developed a novel way of charging mobile phones using urine as the power source to generate electricity, see video.

uwe.ac.uk

... Link (0 comments) ... Comment



Android Master Key Vulnerability Checker Now Live


Last week, Rain Forrest Puppy (aka Jeff Forristal) first disclosed the initial public report about an Android Master Key flaw. Code was released earlier this week for attackers to exploit the flaw — but what about users? Google has claimed that it has patched the issue but how do you know if your phone/carrier is safe? Forristal's company now has an app for that.

slashdot.org

... Link (0 comments) ... Comment



Three-Quarters Of All Smartphones Contain NSA Code In Operating System


Security-Enhanced Android: NSA Edition

Tech giants listed as part of the National Security Agency’s Prism spying program have gone to some lengths to convince the world they aren’t in bed with the U.S. government. Google (GOOG) has filed a request with the U.S. Foreign Intelligence Surveillance Act court asking permission to disclose more information about the government’s data requests. So there’s a certain irony that NSA programmers are now refining code that Google has approved for the company’s mobile operating system, Android. Google spokeswoman Gina Scigliano confirms that the company has already inserted some of the NSA’s programming in Android OS. “All Android code and contributors are publicly available for review at source.android.com,” Scigliano says, declining to comment further.

businessweek.com

... Link (0 comments) ... Comment



Motorola secretly spies on Droid phone users every 9 minutes, collects personal data


You know the NSA is “listening,” nabbing Verizon customers’ cell phone metadata, but did you know that Motorola is listening too? A security engineer with a Motorola Droid X2 smartphone discovered that Motorola is silently slurping up personal info like passwords, GPS data from photos, email addresses, and usernames to name but a few. His phone is checking in with Motorola every nine minutes. Even worse, the data is often sent over an unencrypted HTTP channel. As a Slashdot comment stated, “The NSA would like to thank Motorola for their cooperation.”

computerworld.com

... Link (0 comments) ... Comment



Androids Code-Signatur lässt sich umgehen


Android-Anwendungen sind mit einer Signatur versehen, die die Integrität des APK-Pakets gewährleisten soll. Bei der Installation prüft das Betriebssystem seinen Inhalt anhand der Signatur und warnt, wenn es eine Manipulation feststellt. Das erst Mitte 2012 gegründete US-Unternehmen Bluebox will nun einen Fehler in diesem Verfahren entdeckt haben, der das Einschleusen beliebigen Codes in APK-Dateien ermöglicht, ohne die Signatur zu brechen. Laut Bluebox sind Apps in Googles Android-Shop "Play" von der Sicherheitslücke nicht betroffen.

heise.de

... Link (0 comments) ... Comment



PowerPot Thermoelectric Generator


The minute we saw the PowerPot, we had to put it in our emergency kit. Whether we're losing power because the power company had a derpy day, after a big storm, or because the zombies have finally taken down the grid, it will be oh-so-handy to have a device that can boil our drinking water while charging our most useful electronics.

The PowerPot is a thermoelectric generator, so it converts any heat source directly into power that charges your USB handheld device.

PowerPot Thermoelectric Generator

thinkgeek.com

... Link (0 comments) ... Comment



GPS spoofing countermeasures: Your smartphone already has them


BAE Systems gets to where Google was in 2007-odd

Analysis There's suddenly a lot of panic about GPS satellite navigation spoofing, and BAE Systems among others would like to sell the military some tech to resist it. But in fact, most modern smartphones already have strong countermeasures against this sort of thing.

UK-headquartered but largely US-based BAE's latest grab for government pork is a GPS companion which uses other transmissions, such as TV and cellular sites, to confirm a location fix, just as Google started doing in 2007, and others had been doing well before that.

theregister.co.uk

... Link (0 comments) ... Comment