The production studio behind the movie Hurt Locker, Voltage Pictures, is attempting to go after a record 24,583 illegal BitTorrent users. The studio has already filed lawsuits against 5,000 BitTorrent users who illegally downloaded Hurt Locker and, in an effort to make up losses due to piracy, it’s now going after more with the help of law firm Dunlap, Grubb and Weaver. According to TorrentFreak, the lion’s share of subscribers — provided on a list to the U.S. District Court of Columbia — are Comcast customers (10,532). 5,239 are Verizon subscribers, 2,699 are Charter customers, and 1,750 are Time Warner users. The lawsuits will likely be tried over the next several years, however, as Verizon and Charter only offer up 100 and 150 customer IP-addresses per month. TorrentFreak suggested that Voltage Pictures would prefer to reach cash settlements with customers as opposed to taking each case to court individually. More →
Safari just got served. At this year’s Pwn2Own conference, security firms and enthusiasts are doing their very best to discover and deploy exploits to some of the world’s most popular browsers. Chrome, Firefox, Internet Explorer, and Safari, they’re all on the menu for conference attendees and some have definitely faired better than others. Google issued a challenge, promising $20,000 to any person or team that could crack Chrome on the conferences opening day, but the two teams scheduled to take a swing backed down. Firefox is, for the time being, still standing, and, per usual, Microsoft’s Internet Explorer was taken down without much fuss. But which browser faired the worst? That would be Apple’s Safari. A French security research firm named Vulpen managed to break into Safari running on a MacBook Air in a cool five seconds. The company noted that the Safari update issued by Apple yesterday — version 5.0.4 — fixes some of the vulnerabilities, but not all. The takedown of Safari 5.0.3 used exploits that are still available in the updated code base. Go ahead Apple detractors, have a little fun in the comments section. More →
What’s the one thing that could make losing your iPhone worse? If the person who happens to find your AWOL iPhone knows exactly what they’re doing. In a two-minute video clip published by German engineering firm Fraunhofer, the company demonstrates how an iPhone’s password security can be rendered completely moot. The demonstration takes a locked, unmodified iPhone, running the latest firmware, and, with the help of jailbreaking software, gains access to all stored passwords on the device — Wi-Fi networks, saved website logins… anything stored in your keychain file. The demonstration is meant to illustrate how crucial it is for companies and individuals to not only use a pass codes on mobile devices, but also react quickly — preferably initiating a remote wipe — if the device is lost. The video demonstration is waiting for you after the break. More →
In an effort to thwart unauthorized efforts to unlock or jailbreak devices running Windows Phone 7, Microsoft took a rather unorthodox approach. Rather than sending idle threats or immediately entering into the endless loop of plugging security holes and watching new ones emerge, the company extended an olive branch to the developers behind ChevronWP7. Microsoft’s Brandon Watson reached out to the ChevronWP7 team, which recently released a Windows Phone 7 unlocking tool, and opened a line of discussion about homebrew app development. As a sign of good faith during the conversations, which could ultimately lead to some kind of homebrew support from Microsoft, ChevronWP7 has agreed to pull its unlocker tool. It seems odd that Microsoft would consider helping developers build apps with capabilities not allowed under Microsoft’s developer terms. Then again, the homebrew community will emerge and grow either way. By working with homebrew developers instead of against them, perhaps Microsoft can maintain some level of control. More →
In a move to shed light on the vulnerability of GSM wireless networks, encryption expert Karsten Nohl, with the aid of 24 fellow hackers, was able to compile the multitude of algorithms behind the twenty one year old, 64-bit encryption scheme used to encrypt 80% of the world’s cellular GSM phone calls. The algorithm’s code book, comprising 2TB worth of data, has been published by Nohl and is now available on the Internet through BitTorrent. This is not the first time GSM was “cracked”. In 2003, the method by which GSM’s encryption code could be cracked was uncovered by a team of Israeli researchers and in 2008, David Hulton and Steve Muller presented at Black Hat a technique for the successful interception and decryption of a GSM stream using $1,000 of hardware and a half hour of time. Now in 2009, we have the binary code log that could potentially make GSM decryption faster and easier than ever. Before everybody panics, it is important to point out that the GSM algorithm that was cracked was the older and less secure 64-bit A5/1 algorithm, not the newer 128-bit A5/3 algorithm. Unfortunately, GSM carriers have been slow to adopt this new 128-bit encryption standard but Nohl’s disclosure may be the kick in the butt these lazy carriers need to beef up their security. More →
What would you do if you put in your recovery disk for your Asus laptop and your anti-virus software alarms started going off? You would do what a reader over at PC Pro did. You would do some investigating. He first realized that something was amiss when his anti-virus was kicked off by the presence of a keygen (credited to Freddy Kruger) for WinRar on the recovery disc. Unusual to say the least. A little file searching on the recovery disc pulled up a directory named “crack” which apparently contained serial numbers for other software packages. That is not the worst of it, further searching pulled up another directory that contained confidential Microsoft documents for PC manufacturers and associated keys and program files. Lastly, he located some internal Asus documents that detail “major problems” identified by Asus as well as source code for Asus software. He isn’t alone as other Asus owners report the same keygen and other unusual files on their recovery discs. According to PC Pro, Asus is investigating at a high level and was unable comment on how the files got on the disc. Psst, Asus, you may want to have a little talk with those people compiling the recovery discs for you. Tell them to lay off Pirate Bay and keep the confidential files on the “internal” servers where they belong.
In tears. Was unloading my car, opening the trunk with the Bold in the same hand as the one I was opening the trunk with. Then “BAM.” It fell out of my hand about two feet onto pavement. My life flashed before my eyes. I quickly went to rescue the Bold. This is what the damage was. Heading to CNN.cn to buy new parts. Hate my life. Hate the Bold build materials even more. Word of advice from your friend BGizzle? Buy a condom skin for the Bold. As big and ugly as it makes the device, you’ll appreciate it in the end. Unless you have a stockpile of five Bolds like we do, then you can just pop open a new box and you’re good to go. Hit the gallery if you want to see the beating that the Bold took…