Monthly Archives: September 2013

The iPhone 5s fingerprint hack – a sense of perspective

So, the Chaos Computer Club (bless ’em) have already come up with a way of hacking the fingerprint sensor on the iPhone 5s. Somehow I knew that, if anyone was going to do it, they would. But does this mean the system is fatally flawed? No. We need a bit of perspective on this, something that isn’t always readily available… Read more »

ContraRisk Security Podcast 0018: The professional approach

» Listen or download now on the podcasts page » The information security business isn’t short on qualifications and certifications, but does it have the right ones? And do organisations who employ infosec specialists even understand them? Ian Glover, president of CREST, the not-for-profit organisation that provides standards and certifications in areas like penetration testing, believes that what the infosec industry needs… Read more »

iPhone 5s fingerprint recognition – sounding the death knell for PINs?

At Tech Crunch Disrupt in San Francisco yesterday, Yahoo’s CEO Marissa Mayer confessed that she doesn’t use a passcode on her smartphone. Not everyone blamed her. Jeremiah Grossman, CTO and co-founder of WhiteHat Security says: “Perhaps she feels the personal slowdown is more costly than it would be if someone stole her phone and got whatever data was on it…. Read more »

Another nail in GSM’s security coffin?

One of the great things about communications hardware is the flexibility of the technology, which means that – as well as being highly flexible – with the right software and firmware code, the hardware’s capability can be significantly stretched. Leading European cellular communications researcher Karsten Nohl has proven this to be the case time and again in recent years by… Read more »

NSA, GCHQ and the erosion of trust

There’s been yet another revelation about Internet spying by US and UK intelligence agencies, thanks to the leaks by Edward Snowden, but this one has much larger implications for the information security community. According to a report published by The Guardian and New York Times newspapers, in conjunction with ProPublica, the NSA has succeeded in cracking the most common encryption… Read more »