Stoppt die Vorratsdatenspeicherung! Jetzt klicken &handeln! Willst du auch an der Aktion teilnehmen? Hier findest du alle relevanten Infos und Materialien:

Archived entries for

Bluetooth Security Part 2

Auf securityfocus.com ist der zweite der Teil des Bluetooth Security Review erschienen.

Diesmal geht der Author insbesondere auch auch die Gefährdung der Privatsphäre durch Bluetooth (BT) ein.

Die Kombination von eindeutiger Adresse eines jeden Geräts mit aktiviertem BT - zur Identifizierung - mit dem Fakt, dass man sich mit den meisten BT Geräten ohne Authentifizierung verbinden kann, solange man nicht auf besondere Services zugreifen will, macht aus Geräten mit aktivem BT einen billigen und freiwillig getragenen Peilsender.

One could simply build a special device with a short range Bluetooth receiver that performs a scan for discoverable Bluetooth devices every minute, and then reports all discovered devices to the monitoring system. If more then one receiver is installed at various distances, the network of such devices (nodes) could record the device’s position and additionally, the movement of a Bluetooth device — all this without the device owner’s knowledge. The non-discoverable device could be also reported if we know the MAC address and make a request to it every 1 minute and report any response.

Such system could have a number of interesting uses. For instance, if we carry a Bluetooth enabled handset (in discoverable mode) with us while shopping at the local supermarket, the supermarket owner could easily track our movements as we walk through the supermarket, record how long we spend in certain areas, and eventually create a map of our movements within the supermarket. Based on gathered data, it would be possible to analyze our shopping behavior as market research, and as result change positions of certain products or advertisements, or worse, sell the marketing data to research companies. RFID might seem to be more efficient in such a system, however this would require the supermarket to issue RFID tags to their customers, which most people would not accept. By using the Bluetooth technology on the phone they are already carrying, companies can avoid issuing special tracking cards or badged to customers yet still be able to track their movements.

68,000 MasterCard Daten geklaut

The credit-card giant verified that information on at least 68,000 MasterCard accounts was taken from CardSystems’ database by “running a script,” said spokeswoman Jessica Antle. MasterCard declined to release more information on the vulnerabilities for fear it would impact the ongoing investigation, she said.

via securityfocus, cw Notizblog

JS/UIX - Terminal

JS/UIX is an UN*X-like OS for standard web-browsers, written

entirely in JavaScript (no plug-ins used). It comprises a vir-

tual machine, shell, virtual file-system, process-management,

and brings its own terminal with screen- and keyboard-mapping.

See Mirror

Perl Iterators

The purpose of this tutorial is to give a general overview of what iterators are, why they are useful, how to build them, and things to consider to avoid common pitfalls. I intend to give the reader enough information to begin using iterators, though this article assumes some understanding of idiomatic Perl programming.

O’Reilly perl.com

Understanding and Using Iterators

Big Brother is watching!

Gerhard Schwanz beschreibt was Big Brother möglich ist.

Ich möchte an dieser Stelle mal aufzeigen, was nach meinem Kenntnisstand heute machbar ist und ggf. auch gemacht wird. Woran die Experten bei BKA, BND etc. derzeit arbeiten, kann sich jeder mit ein wenig Phantasie selbst ausdenken…

Copyright © 2004–2009. All rights reserved. – Impressum

RSS Feed. This blog is proudly powered by Wordpress and uses Modern Clix, a theme by Rodrigo Galindez.