wifi

No Image

First time in history: 1.4 mil vehicles recalled due to security issues (hacking)

Fiat Chrysler will recall 1.4 million vehicles in the United States to install software to prevent hackers from gaining remote control of the engine, steering and other systems in what federal officials said was the first such action of its kind. The announcement on Friday by FCA US LLC, formerly Chrysler Group LLC, was made days after reports that cybersecurity researchers used a wireless connection to turn off a Jeep Cherokee’s engine as it drove, increasing concerns about the safety of Internet-enabled vehicles. This is happening when you want to hit a milestone instead of doing the things right from the beginning. The costs of the recall must be very high, but they deserve it. Let this be a lesson for all those who release software just to meet targets instead of meeting customers expectations.   Read here more details: Explanation from the researchers: Jeep Hacker: ‘We wanted to show it was possible’ Reports: After Jeep Hack, Chrysler Recalls 1.4M Vehicles for Bug Fix Fiat Chrysler to recall 1.4 million vehicles over hacking Fiat Chrysler recalls 1.4 million cars after Jeep hack Once your car’s connected to the Internet, who guards your privacy?


No Image

Security checklist for “Back to school”

The summer closes to end soon and we know that the next thing to happen is: children go back to school. Parents are always concerned (for good reasons) for what and how their children will do, and since a couple of years they have other concerns. Their children have smartphones, multiple online identities – parents are worrying about the security of these physical and digital assets. Thinking of this, I created this checklist which parents and children (and not only) can easily go through and  easily improve their security. Mobile devices –          Password/PIN protect your laptop, smartphone, tablet For laptops, use a good strong password. Learn here how to make one. For smartphones and tablets, even if it is recommended to enter a password as well, sometimes is not very easy to enter a complex password. This is why you should enter a PIN. Don’t even think of 1234 or such. Think of a number that makes sense for you so that you can remember it. Please don’t write it on the back of the device. –          Encrypt your device Most devices support encrypting the internal and external storage either natively or with an external app. Doing so has the…


No Image

Change default passwords from your Internet enabled devices

Useless to write again about changing default passwords? Think again… I just bought two brand-new TP-Link WiFi Range Extenders, models WA860RE and WA854RE. Latest version, latest firmware. Both come with default username and password: admin. It is written on their back… Once you login, you will go through as wizard which configures the device. But, it doesn’t prompt you to change that password! When you go to System tools -> Passwords, you are prompted to change the user name and password. But, you must choose a good password, because TP-Link clearly requires: The new user name and password must not exceed 14 characters in length and must not include any spaces.     Well, that’s how TP-Link thinks that a password, or better, a passphrase should be. For ideas and tips how to change one visit Improve Your Security and download the free eBook.   What is the correct approach for TP-Link? They must make it easier for the user and as soon as the device is started for the first time, the wizard must prompt you to change the password. It makes absolutely no sense to prompt for a user name. You can have a default one (e.g.: admin) and keep…


No Image

Security through obscurity: Smart Light bulb Exposes Wi-Fi Password

A team of British security consultants (Context) hacked their way into a private Wi-Fi network — using Lifx bulbs as the backdoor. In a typical Lifx setup, one bulb will automatically serve as the “master,” communicating directly with your smartphone and then relaying all info to other “slave” bulbs. Context’s team was able to hack their way in by posing as a new slave bulb and tricking the master bulb into sending them Wi-Fi credentials — the last thing you want a hacker to get their hands on. On top of that, nothing that Context did raised any red flags within the Lifx network, or on the Lifx app. There wasn’t even a notification that a new bulb was asking to join the network. Even more alarming was the fact that the decryption protocol Lifx bulbs were using to decode these credentials was a global one. If a hacker were to get their hands on it, they’d essentially have a skeleton key capable of letting them into any network that uses Lifx bulbs.  The credentials are passed from one networked bulb to another over a mesh network powered by 6LoWPAN , a wireless specification built on top of the IEEE 802.15.4 standard . While the…


%d bloggers like this: