The iPhone

The iphone has prompted our nefarious tech team to turn their evil gaze up one the device. With the inability to easily remove the battery and the ease and the fact that they can be hacked, this is definitely something that should be left out of the activist tool box. Additionally at meetings it should be announced that the iphone is not welcome

Steve Jobs Confirms iPhone Has a Kill Switch

Jennifer LeClaire, newsfactor.comMon Aug 11, 3:50 PM ET

Apple CEO Steve Jobs has confirmed that the iPhone 3G has a kill switch that can remotely remove software from the devices.

Jobs told The Wall Street Journal that Apple needs the capability in case it inadvertently allows a malicious program -- such as an application that steals user's personal data -- to be distributed to iPhones through its App Store.

"Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull," Jobs said.

Switch Not Used

Jobs' statement reveals Apple hasn't used the kill switch yet, but the company did remove an application from the App Store last week.

Apple removed the $999 "I Am Rich" application, which had the sole purpose of showing people the owner has money. The program creates a red icon that sits on the iPhone deck with a the words "I Am Rich" underneath. After the user activates the application, it glows on the handset like a ruby.

Apple initially approved the application, which bumps up against the pricing limit for applications sold on its App Store. The company was not immediately available for comment on why it decided to pull the plug.

Disappearing Acts

But the real controversy started when Jonathan Zdziarski, author of the books iPhone Open Application Development and iPhone Forensics Manual, discovered a URL buried in Apple's firmware. That URL links to a file dubbed "unauthorizedApps" where malicious or simply bad apps might go once they disappear from the App Store.

According to Zdziarski, I Am Rich isn't the only app to disappear. BoxOffice (renamed to Now Playing) and NullRiver's NetShare were also removed. But removing the applications from the App Store and removing them from a consumer's iPhone are two different issues.

"The kill switch is a very controlling gesture. I am not sure why Apple didn't disclose it up front as simply a security measure," said Avi Greengart, an analyst at Current Analysis. "Consumers will accept an awful lot if you let them know what they are accepting."

What Else is Apple Hiding?

In the past, Jobs has said he wants to be careful not to allow applications to bring down the network. Greengart doesn't see that as a major threat, especially since Apple is approving the applications.

However, Greengart said he's less concerned with the "heavy-handed and Big Brotherish" kill switch than the fact that Apple didn't disclose it in the first place. As far as he knows, no other mobile phone has a kill-switch capability.

"To my way of thinking, the issue is that you don't really know what your phone might be doing or not be doing," Greengart said. "I am not 100 percent sure what the capability is or is not. That is the problem. What is the capability? When might they use it? When wouldn't they use it? Is there anything else Apple is not disclosing?"

Wireless Awareness: Don't Be A Sheep

LAS VEGAS, NEV. -- iPhones and other mobile devices with wireless access were among the top contributors to this year's "Wall of Sheep," a public shaming exercise debuting at the Black Hat security conference in Las Vegas this week that aims to educate people about the dangers of sending e-mail and other online communications over open wireless networks.

Conference organizers issued a clear warning to attendees: If you check your e-mail or communicate using the ubiquitous conference wireless network, be sure to do so over an encrypted connection (https:// versus http://). Otherwise, your credentials will be projected onto a wall where everyone will ridicule your seeming inability to grasp a fundamental tenet of online security.

Apparently, a fair number of the most well-trained security professionals ignored this advice. The team responsible for monitoring the Black Hat wireless network posted more than 30 sets of credentials, many from individuals who had more security industry certifications to their name than would fit on a standard business card.

Curators of the project are still combing through the hundreds of gigabytes of data sent through the unsecured Black Hat wireless network.

"We've had some heavily credentialed people with every certificate you can imagine go up on the wall," said Brian Markus, president of Aries Security, the company that sponsors the Wall of Sheep. "The best of the best are at this conference, so if they're getting hit, what's happening to the average users?"

Aries pulled six sets of credentials off of the wall at the request of the hapless sheep. Amazingly, a few of those embarrassed by seeing their passwords up on the Wall actually went ahead and changed them in-the-clear, causing their new credentials to be posted for all to see, Markus said.

Aires Director Joseph Mlodzianowski said that many of the victims appeared to have sent their passwords using mobile devices like iPhones, which in many cases are configured to hop onto open wireless networks whenever they're available. Mlodzianowski said he suspects a number of the sheep probably thought they were accessing their e-mail via the iPhone's data network, when instead their phone was transmitting the information over the hostile Black Hat wireless network.

In a bit of drama that erupted yesterday, several reporters were ejected from Black Hat they poisoned the wired network in the press room, and proceeded to offer the stolen credentials to the Wall of Sheep operators. The interloping reporters allegedly swiped passwords belonging to journalists at CNET and eWeek.

"That's just ridiculous, and it's not what we're all about," Markus said. "Those were active attacks, and what we're doing is passive. We're simply watching the traffic that is going out on this network, kind of like turning a knob on a radio and listening to different stations."

Hackers mull physical attacks on a networked world

By JORDAN ROBERTSON, AP Technology WriterFri Aug 8, 4:57 PM ET

Want to break into the computer network in an ultra-secure building? Ship a hacked iPhone there to a nonexistent employee and hope the device sits in the mailroom, scanning for nearby wireless connections.

How about stealing someone's computer passwords? Forget trying to fool the person into downloading a malicious program that logs keystrokes. A tiny microphone hidden near the keyboard could do the same thing, since each keystroke emits slightly different sounds that can be used to reconstruct the words the target is typing.

Hackers at the DefCon conference here were demonstrating these and other novel techniques for infiltrating facilities Friday.

Their talks served as a reminder of the danger of physical attacks as a way to breach hard-to-crack computer networks. It's an area once defined by Dumpster diving and crude social-engineering ruses, like phony phone calls, that are probably easier to detect or avoid.

As technology gets cheaper and more powerful, from cell phones that act as personal computers to minuscule digital bugging devices, it's enabling a new wave of clever attacks that, if pulled off properly, can be as effective and less risky for thieves than traditional computer-intrusion tactics.

Consider Apple Inc.'s iPhone, a gadget whose processing horsepower and cellular and wireless Internet connections make it an ideal double agent.

Robert Graham and David Maynor, co-founders of Atlanta-based Errata Security, showed off an experiment in which they modified an iPhone and sent it to a client company that wanted to test the security of its internal wireless network.

Graham and Maynor programmed the phone to check in with their computers over the cellular network. Once inside the target company and connected, a program they had written scanned the wireless network for security holes.

They didn't find any, but the exercise demonstrated an inexpensive way to perform penetration testing and the danger of unexpected devices being used in attacks. If they had found an unsecured router in their canvassing, they likely would have been able to waltz inside the corporate network to steal data.

To keep the phone running, the researchers latched on an extended-life battery that lasts days on end. But they only really need a few minutes inside a building to test the network's security.

"It's like saying, once you get into Willy Wonka's Chocolate Factory, and you're in the garden where everything's edible, you have it all," Graham said in an interview.

The attack won't work, of course, if a company's wireless network is properly secured. In that case, Graham and Maynor said there's likely no big loss: the package that had been sitting in the mailroom would probably be mailed back to them so they could try it again elsewhere.

Another talk focused on new twists to Cold War-era espionage tactics that could allow criminals to sidestep the locks on computer networks.

Eric Schmiedl, a lock-picking expert and undergraduate at the Massachusetts Institute of Technology, outlined several surveillance methods long used by government intelligence agents that have become more accessible to garden-variety criminals because of the falling price of the technologies.

For example, Schmiedl said even low-budget criminals now have a way to eavesdrop on conversations through a window. It involves bouncing a beam from a laser pointer off the glass and through a light sensor and audio amplifier.

If the people inside the room are close enough to the window, their conversation creates vibrations that the equipment can translate into a crude reconstruction of the conversation, Schmiedl said.

"We're burning the candle at both ends," he said. "The technology is becoming easier and cheaper and anybody can do it. And at the same time there's more incentive now to do it. These are two trains on a collision course. The question is when they're going to collide."