Lost+Found: SSL for DDoS, iOS internals, and Anonymous insane during Wikileaks

Too brief for news, too good to lose; Lost+Found is a roundup of useful confidence news. This time: DDoS attacks on vital banks, iOS6 during a Hack-in-the-Box confidence conference, where a “Limit Ad Tracking” environment in iOS is hiding, and Anonymous’s annoy during Wikileaks.

• The DDoS attacks on vital US banks in late Sep and early Oct enclosed targeted attacks on SSL. The enemy used collection such as Dirt Jumper.

• At a Hack-in-the-Box conference, Mark Dowd and Tarjei Mandt from Azimuth Security gave a display outlining new confidence facilities in a iOS 6 kernel. Many of these are apparently rarely targeted opposite mechanisms used for jailbreaking. Dowd also presented new conflict techniques and even demonstrated exploiting a disadvantage in a iOS 6 heart to install and run Cydia on an iPhone 4S. He was creatively formulation to perform a demo on an iPhone 5, though they were sold out.

• And while we’re on a subject, from a open source partial of a iOS source code:

  if (!PE_i_can_has_debugger(NULL))
     lapse KERN_INVALID_HOST;

  I can has Jailbreak? Pleeze?

• The choice to extent ad-tracking introduced in iOS 6 is found not underneath “Settings ➤ Privacy”, though dark divided underneath “Settings ➤ General ➤ About ➤ Advertising”, good secluded underneath a sequence series and modem firmware version. In destiny iOS versions, it is believed that users will be approaching to go to a attic with a flame and find these options in a bottom of a sealed filing cupboard stranded in a outworn shower with a pointer on a doorway observant “Beware of a tiger”.

• 
  
  

  
  Apparently a concession conceal on Wikileaks is a profanation to a Anonymous hacker group

  

  
  
  Apparently, a hacktivist common Anonymous has declared war on Wikileaks over a site’s new conceal page that asks users of a site to present money. The hacker organisation says that it has been tricked by a whistle-blower web site, adding that Wikileaks “has mislaid a biggest and many absolute supporter”.

• Not directly associated to security, though flattering cold nonetheless: a video by a Mozilla growth team demonstrates a new authority line for web developers in Firefox 16.

(crve)

Related Posts: