Domain: hert.org
Stories and comments across the archive that link to hert.org.
Stories · 5
-
Eavesdropping On Tinder: Researcher Demonstrates Man-in-the-Middle Attacks (hert.org)
An anonymous Slashdot reader writes: Security expert Anthony Zboralski posted on HERT a social engineering attack for Tinder that lets you perform a man-in-the-middle attack against unsuspecting users. Zboralski says, "Not only we can eavesdrop on the conversation of two strangers, we can also change their reality." The attack can easily be extended to SMS, Whatsapp, iMessage and voice.
"At some point people exchange phone numbers and the Tinder convo stops. That's not a problem..." Zboralski explains, suggesting more ways to continue the man-in-the-middle exploits..
His article drew a response from Tinder, arguing they "employ several manual and automated mechanisms" to deter fake and duplicate profiles. But while they're looking for ways to improve, "ultimately, it is unrealistic for any company to positively validate the real-world identity of millions of users while maintaining the commonly expected level of usability." -
New HITB Videos Featuring Theo and Captain Crunch
acz writes "The Hack In The Box Security Conference 2004 videos (Part 1 and Part 2) have just been released today via bittorrent. HITBSecConf2004 attracted to Kuala Lumpur some of the biggest names in the security community to present their latest research. John T. Draper AKA Captain Crunch was present and Theo de Raadt did a fine speech on Exploit Mitigation techniques. For a live performance, you can catch up some of the speakers and the HITB crew over at BCS2005 in Jakarta on the 23rd-24th of this month. If you're in the Middle East or Europe, there's HITBSecConf2005 - Bahrain taking place 10th-13th April in Bahrain. See you guys there." -
80% of WiFi Networks are still Insecure, Kismet Author Says
acz writes "The brain and guts driving the development of Kismet is Mike Kershaw alias Dragorn, who works during the day on IBM mainframes and hacks code at night. Kismet is simply the best war driving tool out there plus it's free as in GPL and can even run on your linux PDA. In a recent interview posted on HERT today, he says: 'I've become entirely jaded towards security as a whole (or rather, people's complete lack of it) and not much surprises me when it comes to open wireless networks. ... the overall percentage of unencrypted networks is still at about 80%.'" -
80% of WiFi Networks are still Insecure, Kismet Author Says
acz writes "The brain and guts driving the development of Kismet is Mike Kershaw alias Dragorn, who works during the day on IBM mainframes and hacks code at night. Kismet is simply the best war driving tool out there plus it's free as in GPL and can even run on your linux PDA. In a recent interview posted on HERT today, he says: 'I've become entirely jaded towards security as a whole (or rather, people's complete lack of it) and not much surprises me when it comes to open wireless networks. ... the overall percentage of unencrypted networks is still at about 80%.'" -
80% of WiFi Networks are still Insecure, Kismet Author Says
acz writes "The brain and guts driving the development of Kismet is Mike Kershaw alias Dragorn, who works during the day on IBM mainframes and hacks code at night. Kismet is simply the best war driving tool out there plus it's free as in GPL and can even run on your linux PDA. In a recent interview posted on HERT today, he says: 'I've become entirely jaded towards security as a whole (or rather, people's complete lack of it) and not much surprises me when it comes to open wireless networks. ... the overall percentage of unencrypted networks is still at about 80%.'"