Category Archives: Internet of Things

More IoT insecurity: This Blu-ray disc pwns PCs and DVD players

For more than a decade, malicious hackers have used booby-trapped USB sticks to infect would-be victims, in rare cases to spread virulent, self-replicating malware on air-gapped computers inside a uranium enrichment plant. Now, a security researcher says he has found a way to build malicious Blu-ray discs that could do much the same thing—without any outward signs that an attack was underway.

Stephen Tomkinson, a security consultant at NCC Group, said he has devised a proof-of-concept exploit that allows a Blu-ray disc to compromise both a PC running Microsoft Windows and most standalone Blu-ray players. He spoke about the exploit on Friday at the Securi-Tay conference at the Abertay University in Dundee, Scotland, during a keynote titled “Abusing Blu-ray players.”

“By combining different vulnerabilities in Blu-ray players, we have built a single disc which will detect the type of player it’s being played on and launch a platform-specific executable from the disc before continuing on to play the disc’s video to avoid raising suspicion,” Tomkinson wrote in an accompanying blog post. “These executables could be used by an attacker to provide a tunnel into the target network or to exfiltrate sensitive files, for example.”

Read 4 remaining paragraphs | Comments

Obama Will Likely Enact Panel’s Advice on Blunting Cyber Risks

Russian Site Lists Breached Webcams

Data privacy watchdogs are warning the public about a Russian website that provides links to breached webcams, baby monitors and CCTV feeds.

Google’s Project Loon Woos Telecom Giants

Some telecom analysts view Project Loon, Google’s effort to beam Internet signals from high-altitude balloons, as a threat to incumbent carriers. But Google wants to partner rather than compete, and some large wireless players have stepped forward.

Is Your Car Spying on You?

Is the connected car a threat to data privacy?

Bits Blog: Microsoft Band Is a Welcome Surprise in the Wearable Market

The company’s new wearable device may be the most flexible of its kind on the market right now.

Beyond Gaming, the VR Boom is Everywhere—from Classrooms to Therapy Couches

Aurich Lawson / Thinkstock

Welcome to Ars UNITE, our week-long virtual conference on the ways that innovation brings unusual pairings together. Today, a look at how virtual reality excitement is happening beyond the world of gaming. Join us this afternoon for a live discussion on the topic with article author Kyle Orland and his expert guests; your comments and questions are welcome.

When Oculus almost single-handedly revived the idea of virtual reality from its ‘90s vaporware grave, it chose the 2012 Electronic Entertainment Expo as the place to unveil the first public prototype of the Rift headset. The choice of a gaming convention isn’t that surprising, as the game industry has been the quickest and most eager to jump on potential applications for VR. Gaming has already demanded the majority of the attention and investments in the second VR boom that Oculus has unleashed.

But just as the Rift itself is the result of what Oculus calls a “peace dividend from the smartphone wars,” other fields are benefiting from virtual reality’s gaming-driven growth. Creators all over the world are looking beyond entertainment to adapting head-mounted displays for everything from psychotherapy, special-needs education, and space exploration to virtual luxury car test drives, virtual travel, and even VR movies. The well-worn idea of “gaming on the holodeck” may be driving much of the interest in virtual reality, but the technology’s non-gaming applications could be just as exciting in the long term.

Read 42 remaining paragraphs | Comments

MIIS CySec

Cyber Security Initiative at MIIS, a Graduate School of Middlebury College