|
| |
| [ Also see: Bluejacking
Wireless
Security WLAN
Security Java
Security Cathal's
Corner ]
|
|
|
Network World SP 800-53 is essential for security in federal government IT systems
SP 800-53 (Appendix H) provides two-way mappings between security controls defined in SP 800-53 and security controls defined in international security standard ISO/IEC 27001, Information Security Management Systems
Network World 10 really cool university networking labs
10 really cool university networking labs featuring advances in wireless, cloud computing, security and more.
Network World Two start-ups, Egress and SafeMashups, make debut today
Two start-ups, Egress Software Technologies and SafeMashups, each make their debut today with security products that have a crypto-tech edge to make data flowing across the Internet safer.
Network World A Guide to Windows 7 Security
Until now, Windows Vista was the most secure version of the Windows operating system. Windows 7 picks up where Vista left off, and improves on that foundation to provide an even more secure computing experience. Microsoft also incorporated user feedback about Vista to enrich the user experience and to ensure that the security features are intuitive and user-friendly. Here's a look at some of the more significant security enhancements in Windows 7.
Network World The Art of Creating Strong Passwords
While security has never been more important than it is today, the fastest way for an IT professional to become the most despised person in the company is to start enforcing a strong password policy. A policy perceived as overbearing may cause people to write down their passwords on a sticky-note near their computers, circumventing its very purpose. Your policy will be ineffective if your users don't know how to create strong passwords that are easy to remember.
Network World Facebook, Twitter Provide Sensitive Info for Criminals
Social networking services like Facebook and Twitter foster a false sense of security and lead users to share information which can be used by cybercriminals and social engineers. The very concept of social networking is based on connecting and sharing, but with who?
Network World Verizon Business to Offer Risk-Based Security Service
Verizon Business announced on Wednesday a new risk-based suite of security tools that include cloud-and-premises-based services. Verizon's Next Generation Managed Security Services Platform is designed to compete with similar offerings from ArcSight and RSA.
Network World Protect Your PCs from Windows 7's Zero-Day Exploit
It was a notable accomplishment when Windows 7 was not impacted in any way by the vulnerabilities addressed in the six Security Bulletins released by Microsoft for the November Patch Tuesday. It would be even more impressive if Windows 7 proved invulnerable to the zero-day exploit that hit the next day.
Network World MS Provides Guidance on Windows 7 Zero-Day Vulnerability
Microsoft has acknowledged the Windows 7 zero-day vulnerability reported last week with a Security Advisory. The advisory from Microsoft provides some additional details about the scope and nature of the threat, as well as some steps you can take immediately to protect vulnerable systems.
ZDNet iTunes update fixes security flaw
A flaw in the music software could allow a hacker to take over Windows and Mac machines remotely
About our headline feed
|
|
Welcome to our summary of Bluetooth security information, tips,
encryption, techniques, news and tools.
|
|
Mobile Content and Services (7th edition) Mobile Content and Services (7th edition) answers key questions, illuminating case studies from around the globe and future roadmaps for players across the value chain - backed by detailed forecasts to 2013. The report provides you with critical information on which to base your strategy.
Key Coverage
The major industry analysis covered within the Mobile Content and Services report includes:
- Mobile enterprise analysis: evaluation of the mobile applications and solutions employed in these sectors.
- Business models: Coverage of key areas, including mobile messaging, music, games, Mobile TV and video, mobile web browsing and search, location based services, mobile advertising and social networking, and m-commerce and mobile financial services.
- Strategic issues: analyses the impact of the evolving content value chain on all industry players. Evaluates high level business and marketing issues, and the critical considerations for addressing the mobile content and services market. Looks at the impact of disruptive technologies such as VoIP. Assesses the impact of the growth of the handset market including smartphones and the impact of devices like the iPhone on the industry.
Key Issues Addressed
The report details
Global industry forecasts
Value chain and competitive analysis
New services available
Revenue and business models
Pricing strategies
Technology launches
Major players’ strategies
Future roadmap scenarios
Please Note: Informa requires that clients sign a confidentiality agreement prior to fulfillment of PDF email delivery for all PDF orders. Fulfillment may take 2-3 days after receipt of form.Published By: Informa Media and Telecom
Date Published: Jan 2009 * * * * * * RFID for Airports and Airlines 2008-2018 RFID is an extremely powerful enabling technology in airports and aircraft, serving to improve security against criminal attack, safety against general hazards, efficiency, error prevention and data capture and to remove tedious tasks. It can even create new earning streams where it makes tolling feasible without causing congestion and where new airport "touch and go" cards offer new paid services without delays.
Please note, the PDF Email From Publisher version of this report allows five users. Published By: IDTechEx Ltd
Date Published: Jan 2008 * * * * * *
Software Tools
| n.runs |
BTCrack a
Bluetooth PIN Recovery tool. Thierry
Zoller, a security consultant, developed BTCrack, an
implementation of a flaw disclosed in 2005 by Israeli security
researchers. The tool takes advantage of weak PINs in Bluetooth
devices, allowing an attacker to listen in on a pairing session and
gain access to both paired devices. |
| WM-soft |
The
Real Bluejack is software for smartphones and Pocket PCs, that
use Bluetooth. It extends your device’s Bluetooth functions. This
program can: send Bluetooth messages, browse target-device’s
filesystem via OBEX protocol, send AT commands, get phonebook, send
SMS via target-phone, send files up to 2x faster then file managers,
receive files directly into the Storage Card and other features.
"THE REAL BLUEJACK" IS NOT INTENDED FOR GETTING
UNAUTHORIZED ACCESS TO PERSONAL DATA! Authentication is required!
(But after you can do everything that you want) |
Useful Resources:
-
Bluetooth SIG
-
Bluetooth SIG Response to Recent Analysis of Pairing and
Security (6/05) New Scientist reported a new security threat
to Bluetooth technology in June 2005 (New
hack cracks 'secure' Bluetooth devices) from two Israeli
researchers who suggested a way to subvert one of the built-in
Bluetooth security mechanisms. Bluetooth devices generate a secure
connection by means of the initial pairing process. During this
process one or both devices need a PIN code to be entered, which
is used by internal algorithms to generate a secure key which is
then used to authenticate the devices whenever they connect in the
future. The new academic paper puts forward a theoretical process
that could potentially “guess” the security settings on a pair
of Bluetooth devices. To do this the attacking device would need
to listen in to the initial one-time pairing process. From this
point it can use an algorithm to guess the security key and
masquerade as the other Bluetooth device. What is new in this
paper is an approach that forces a new pairing sequence to be
conducted between the two devices and an improved method of
performing the guessing process, which brings the time down
significantly from previous attacks.
-
Java Security Our new listing on
Java-related security.
-
WAP Security Our listings of WAP
security news, tips, tools and techniques.
-
The Bunker Serious
flaws in bluetooth security lead to disclosure of personal data In
November 2003, Adam Laurie of A.L. Digital Ltd. discovered that there
are serious flaws in the authentication and/or data transfer
mechanisms on some Bluetooth enabled devices. Specifically, three
vulnerabilities have been found: Firstly, confidential data can be
obtained, anonymously, and without the owner's knowledge or consent,
from some Bluetooth enabled mobile phones. Secondly, it has been found
that the complete memory contents of some mobile phones can be
accessed by a previously trusted ("paired") device that has
since been removed from the trusted list. Thirdly, access can be
gained to the AT command set of the device, giving full access to the
higher level commands and channels, such as data, voice and messaging.
|
|
|
|
