DailyDirt: No More Secrets…
from the urls-we-dig-up dept
The past year has been pretty rough for security — with Heartbleed, Superfish, remotely hacked cars and all sorts of personal information getting into the wrong hands. Encryption and security are quickly becoming mainstream topics, as it’s harder and harder to keep your head in the sand about technology risks. However, perfect security doesn’t really exist, but I’m sure we’ll have some folks demanding it soon.
- It turns out that Apple firmware isn’t immune from worm malware (known as Thunderstrike 2), delivered via Thunderbolt peripherals. PCs have been vulnerable to this kind of attack, but some PC makers have taken steps to address it. Apple has a fix, but Apple isn’t special when it comes to security. [url]
- Has an Israeli security startup called Morphisec created a version of Windows without zero-day exploits? Probably not, but it has likely put a giant bull’s eye on its software… whenever it launches. [url]
- Apple keeps patching security flaws in its iPhones, but evidence of attacks are being discovered in the wild. If you get a prompt to download an app outside the App Store, don’t do it. [url]
- Android devices have been vulnerable to an attack called Stagefright, but Google is trying to release a fix. The challenge is getting the update to nearly a billion devices — with manufacturers and carriers cooperation. [url]
After you’ve finished checking out those links, take a look at our Daily Deals for cool gadgets and other awesome stuff.
Filed Under: cybersecurity, hacks, heartbleed, malware, security, stagefright, superfish, thunderstrike 2, worm, zero day
Companies: apple, google, lenovo, morphisec
Comments on “DailyDirt: No More Secrets…”
I’d make a smug comment about how us Linux users never have this problem, but we’re actually in danger of getting popular enough to be worth targeting now. How long do you think it’ll be before we hear about SteamOS malware?
Re: SteamOS malware
SteamOS only installs applications from the Steam store. The browser is Webkit based IIRC (same as Chrome) so I doubt that will have many security holes. If any come out, they will quickly be patched. Hopefully this means us Linux users won’t get any more malware because of SteamOS :D.
Re: Re:
http://swiftonsecurity.tumblr.com/post/98675308034/a-story-about-jessica
Save your smug comments, because they don’t help Jessica at all. If all of the Jessicas in the world were on some variety of Linux, all of the same problems would still exist.
According to Google
If you set your MMS handler so that it doesn’t automatically download pictures (and then only download pictures from trusted senders) that should keep you relatively safe from Stagefright.
Re: According to Google
AT&T just pushed the OTA update to my phone yesterday.
Apple isn't special when it comes to security.
Apple is special but only insofar as it has lower market penetration (in the pc space) and hence presents a less appealing target to malware writers.
If you set your MMS handler so that it doesn’t automatically download pictures (and then only download pictures from trusted senders) that should keep you relatively safe from Stagefright.
First thing I do with every new device I buy along with disabling the bloatware I don’t use. I figure my phone and tablet are safe from being targeted through Google Hangouts.
I can see it now
NSA wins its battle against encryption and the fall out is that a terrorist organization hacks all reachable cars that can be exploited on the same day. Causing a worse attack than 911