Skip to Content

Technology

Uncovering Android Master Key That Makes 99% of Devices Vulnerable

Got Android?  Hope this gets addressed quickly.  Seen at :

The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user. The implications are huge! This vulnerability, around at least since the release of Android 1.6 (codename: “Donut” ), could affect any Android phone released in the last 4 years1 – or nearly 900 million devices2– and depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet.

While the risk to the individual and the enterprise is great (a malicious app can access individual data, or gain entry into an enterprise), this risk is compounded when you consider applications developed by the device manufacturers (e.g. HTC, Samsung, Motorola, LG) or third-parties that work in cooperation with the device manufacturer (e.g. Cisco with AnyConnect VPN) – that are granted special elevated privileges within Android – specifically System UID access.

AK-47 firing under water vs. out of water

Slo-mo driving a nail with a .22 tracer round

U.S. Spy Agencies Tap Directly Into Google, Facebook, Yahoo, YouTube, Apple, Skype, AOL?

Seen at :

The National Security Agency, the spy agency which does electronic surveillance for the U.S. government, has been directly tapping into the systems of Google, Facebook, AOL, Yahoo, YouTube, Skype and other Internet organizations, according to a report today in The Guardian, a British newspaper.

The Guardian's report was based on a classified Powerpoint presentation on the program--called PRISM--through which the U.S. government has been covertly collecting information via massive surveillance of the Internet.

"The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation--classified as top secret with no distribution to foreign allies--which was apparently used to train intelligence operatives on the capabilities of the program," the paper said. "The document claims 'collection directly from the servers' of major US service providers."

Internet companies contacted by the Guardian denied any knowledge of the secret program.

Google provided a statement to the newspaper that said: "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a back door for the government to access private user data."

Barrett M107 off hand (standing up) hitting a target 1000 yards away on the first shot

US government claims 100% ownership over all your DNA and reproductive rights

Found at :

Microstamping now mandatory for any new firearms in California?

As of 5/17/2013, looks like California is officially requiring microstamping on all new semi-auto firearms.  No stamp, not legal in Cali.  Read the memo at :

In 2007, Assembly Bill 1471 was passed and signed into law, requiring all semiautomatic pistols 

to be equipped with microstamping technology—“a microscopic array of characters that identify 

the make, model, and serial number of the pistol, etched or otherwise imprinted in two or more 

places on the interior surface or internal working parts of the pistol, and that are transferred by 

imprinting on each cartridge case when the firearm is fired.” (Pen. Code, § 31910, subd. 

(b)(7)(A).) The legislation further provided that this requirement becomes effective when the 

Department of Justice “certifies that the technology used to create the [microstamp] imprint is 

available to more than one manufacturer unencumbered by any patent restrictions.” (Ibid.) 

Certification of the Microstamping Technology 

On May 17, 2013, the Department of Justice issued a certification that the microstamping 

technology is available to more than one manufacturer unencumbered by any patent restrictions. 

A copy of the certification is attached to this bulletin. 

Syndicate content


deliciousness
by Dr. Radut