An Ars story from earlier this month reported that iPhones expose the unique identifiers of recently accessed wireless routers, which generated no shortage of reader outrage. What possible justification does Apple have for building this leakage capability into its entire line of wireless products when smartphones, laptops, and tablets from competitors don't? And how is it that Google, Wigle.net, and others get away with publishing the MAC addresses of millions of wireless access devices and their precise geographic location?

Some readers wanted more technical detail about the exposure, which applies to three access points the devices have most recently connected to. Some went as far as to challenge the validity of security researcher Mark Wuergler's findings. "Until I see the code running or at least a youtube I don't believe this guy has the goods," one Ars commenter wrote.

According to penetration tester Robert Graham, the findings are legit.

The random-number generator uses digital circuits to stump the smartest hackers

For several years, you could find an online source of random numbers, called Lavarand. It got its numbers from the pictures a computer took of the waxy blobs churning away inside lava lamps. More sophisticated hardware-based systems use quantum-mechanical phenomena, such as photons striking a half-silvered mirror, as a basis for generating random numbers. You can even get an ordinary unassisted computer to produce random numbers based on erratic events taking place within its own mundane hardware—the precise timing of keystrokes, for example. But to get many of these numbers, you'd need to hammer away at a lot of keys.

We and our colleagues at Intel think this should be easier. That's why for more than a decade now, many of our company's chip sets have included an analog, hardware-based random-number generator. The problem is that its analog circuitry squanders power. Also, it's hard to keep that analog circuitry working properly as we improve our fabrication processes. That's why we have now developed a new and entirely digital system that allows a microprocessor to produce a copious stream of random values without those difficulties. Soon it will be coming to a processor near you...

Logging in from a Smyrna, Georgia, McDonald's restaurant, a former employee of a U.S. pharmaceutical company was able to wipe out most of the company's computer infrastructure earlier this year.

Jason Cornish, 37, formerly an IT staffer at the U.S. subsidiary of Japanese drug-maker Shionogi, pleaded guilty Tuesday to computer intrusion charges in connection with the attack on Feb. 3, 2011. He wiped out 15 VMware host systems that were running e-mail, order tracking, financial and other services for the Florham Park, New Jersey, company.

Better Master Passwords: The geek edition

The strength of a password creation system is not how many letters, digits, and symbols you end up with, but how many ways you could get a different result using the same system.

This embodies two things that we need to take into account when looking at the strength of some components of security. Kerchoff’s Principle, and entropy.



A potentially dangerous security hole in Apple’s range of MacBook battery micro-controllers’ firmware could be exploited to destroy the batteries inside the notebooks, according to security researcher Charlie Miller. When looking into batteries in MacBooks, MacBook Pros and MacBook Airs, Miller found that through using passwords hidden in a 2009 software update designed to fix MacBook batteries, a hijacker could take control of the battery micro-controllers and cause all sorts of havoc.

Miller himself managed to kill seven MacBook batteries through exploiting this security hole, but goes further to explain what someone might be able to do. He claims that you could alter the heat readout chip and cause the battery to explode or catch fire, but didn’t test it himself because “I wasn’t super inclined to cause an explosion [in my house].” He also suggests that you could load malicious software into the battery controller that is deployed when a computer is started, re-infecting the system countless times.

Your company's data is only as secure as the weakest security of the most fly-by-night website to which anyone in your organization has ever given their password.

Think about that for a moment: One of your summer interns used the same password on your company intranet as they use on the hacked-together open source message board on which they swap stories with their friends about how awesome it was to do whippets around the campfire at last year's Bonnaroo.

I have had this article planned since the end of 2009 and have had it as a skeleton since then. I wanted to point out the many problems with OS X security and debunk the baseless myth that OS X is somehow more secure. Despite 18 months passing by before I managed to finish it, not much seems to have changed. I think I am publishing at an interesting time however just as malware for OS X is increasing and Apple are starting to put effort into securing OS X with the soon to be released Lion. There is no FUD in this article, just an analysis of the available evidence and some speculation. My motivation to write this article was the hordes of OS X users who are either blind or have been mislead by false advertising into believing OS X is somehow immune to malware and attacks.

The hardest part of talking about computer security is getting everyone to agree on the nature of the problem. It’s especially frustrating when you’re trying to weigh the pros and cons of different strategies with someone whose view of the PC security landscape is outdated and inaccurate.

Case in point: What’s the best way to deal with malicious software on PCs and Macs?

You can’t answer that question—you can’t even start talking about it—until you know how malware gets installed in the first place. And there’s where the disconnect begins.

A security researcher has discovered a means of hijacking sensitive information from cookies in Internet Explorer. The 'cookiejacking' technique could expose credentials from Facebook, Twitter, Gmail, or other online services, but Microsoft doesn't consider it a serious threat. So, is the sky falling, is the security researcher crying wolf, or is the real risk somewhere in between?

This article describes what it is like to have your domain hijacked and how difficult it is to get it back again. It also exposes the huge hole in security with using email providers like Hotmail and Gmail, the authors’ Gmail account was compromised and that is how they got GoDaddy to transfer the domain registration to Russia, plus they had to change all of their passwords for financial institutions.  I have had friends that have had their Gmail and Hotmail account hijacked so this is a common occurrence, change your passwords often and follow some of the advice given in the comments section of the article.

The vast majority of devices running Google's Android operating system are vulnerable to attacks that allow adversaries to steal the digital credentials used to access calendars, contacts, and other sensitive data stored on the search giant's servers, university researchers have warned.

With more than 99 percent of carriers offering their users Android versions with known security weaknesses, the report demonstrates how little success Google has had in getting its partners to upgrade to the latest versions. Many Verizon Wireless customers, for instance, remain stuck with Android 2.2.2, despite containing vulnerabilities that have been known about for months.

A European researcher has created a rootkit that can evade detection in Windows 7 and Windows Server 2008 machines and reset user passwords.

Intrusion detection is a complex business. Whether you deploy an intrusion detection system (IDS), or you collect and analyze the computer and device logs on your network, identifying malicious traffic in a sea of legitimate activity can be both difficult and time consuming.

A honeypot makes identifying malicious traffic dead simple. That's because any traffic to a honeypot, after some initial quick tuning to rule out false positives, is suspicious. A honeypot is a fake computer asset that exists only to alert its owner if it is touched. Nobody should be touching it or attempting to log on. Because all activity is illegitimate, no analysis is needed to tell good traffic from bad. The only question is, how dangerous is the intruder?