Schneier on Security: Tagged theft

Entries Tagged "theft"

Page 4 of 21

Ethereum Hacks

The press is reporting a $32M theft of the cryptocurrency Ethereum. Like all such thefts, they’re not a result of a cryptographic failure in the currencies, but instead a software vulnerability in the software surrounding the currency—in this case, digital wallets.

This is the second Ethereum hack this week. The first tricked people in sending their Ethereum to another address.

This is my concern about digital cash. The cryptography can be bulletproof, but the computer security will always be an issue.

Posted on July 20, 2017 at 9:12 AM • View Comments

Now It's Easier than Ever to Steal Someone's Keys

The website key.me will make a duplicate key from a digital photo.

If a friend or coworker leaves their keys unattended for a few seconds, you know what to do.

EDITED TO ADD (7/20): Another article.

Posted on July 6, 2017 at 6:27 AM • View Comments

Hacking a Brazilian Bank

A detailed account.

Posted on April 6, 2017 at 2:16 PM • View Comments

Clever Physical ATM Attack

This is an interesting combination of computer and physical attack:

Researchers from the Russian security firm Kaspersky on Monday detailed a new ATM-emptying attack, one that mixes digital savvy with a very precise form of physical penetration. Kaspersky’s team has even reverse engineered and demonstrated the attack, using only a portable power drill and a $15 homemade gadget that injects malicious commands to trigger the machine’s cash dispenser. And though they won’t name the ATM manufacturer or the banks affected, they warn that thieves have already used the drill attack across Russia and Europe, and that the technique could still leave ATMs around the world vulnerable to having their cash safes disemboweled in a matter of minutes.

“We wanted to know: To what extent can you control the internals of the ATM with one drilled hole and one connected wire? It turns out we can do anything with it,” says Kaspersky researcher Igor Soumenkov, who presented the research at the company’s annual Kaspersky Analyst Summit. “The dispenser will obey and dispense money, and it can all be done with a very simple microcomputer.”

Posted on April 5, 2017 at 6:29 AM • View Comments

Smartphone Spying as Art

A film student put spyware on a smartphone and then allowed it to be stolen. He made a movie of the results.

EDITED TO ADD (12/20): Slashdot thread.

Posted on December 19, 2016 at 2:29 PM • View Comments

Apple Patents Collecting Biometric Information Based on Unauthorized Device Use

Apple applied for a patent earlier this year on collecting biometric information of an unauthorized device user. The obvious application is taking a copy of the fingerprint and photo of someone using a stolen smartphone.

Note that I have no opinion on whether this is a patentable idea or the patent is valid.

EDITED TO ADD (9/13): There is potential prior art in the comments.

Posted on August 29, 2016 at 6:27 AM • View Comments

Hackers Stealing Cars

We’re seeing car thefts in the wild accomplished through hacking:

Houston police have arrested two men for a string of high-tech thefts of trucks and SUVs in the Houston area. The Houston Chronicle reports that Michael Armando Arce and Jesse Irvin Zelaya were charged on August 4th, and are believed to be responsible for more than 100 auto thefts. Police said Arce and Zelaya were shuttling the stolen vehicles across the Mexican border.

[…]

The July video shows the thief connecting a laptop to the Jeep before driving away in it. A Fiat-Chrysler spokesman told ABC News that the thieves used software intended to be used by dealers and locksmiths to reprogram the vehicle’s keyless entry and ignition system.

Posted on August 11, 2016 at 6:32 AM • View Comments

Intellectual Property as National Security

Interesting research: Debora Halbert, “Intellectual property theft and national security: Agendas and assumptions“:

Abstract: About a decade ago, intellectual property started getting systematically treated as a national security threat to the United States. The scope of the threat is broadly conceived to include hacking, trade secret theft, file sharing, and even foreign students enrolling in American universities. In each case, the national security of the United States is claimed to be at risk, not just its economic competitiveness. This article traces the U.S. government’s efforts to establish and articulate intellectual property theft as a national security issue. It traces the discourse on intellectual property as a security threat and its place within the larger security dialogue of cyberwar and cybersecurity. It argues that the focus on the theft of intellectual property as a security issue helps justify enhanced surveillance and control over the Internet and its future development. Such a framing of intellectual property has consequences for how we understand information exchange on the Internet and for the future of U.S. diplomatic relations around the globe.

EDITED TO ADD (7/6): Preliminary version, no paywall.

Posted on July 5, 2016 at 10:54 AM • View Comments