RoboForm2Go: Your Passwords in Your Pocket

Posted by Sparky Categories: Accessories, USB, PC / Laptop, Software,

With so many web sites, applications, and services out there on the internet requiring passwords, we are required to remember a dizzying array of usernames and passwords to live our digital life. Browsers and email clients usually have features to remember these passwords for us, but that solution falls short if you use multiple computers, or particularly if your primary internet access comes from public web terminals. Luckily, RoboForm2Go has introduced a portable and secure password management solution in the form of a USB key.

The RoboForm2Go software can be bought separately or pre-loaded onto a USB flash drive. The software requires no install, and can work on any Windows computer with a USB port. The RoboForm2Go software automatically stores your usernames, passwords, and other information for you on the USB thumb drive encrypted with AES 128bit encryption to keep your login information safe should you use the drive. The RoboForm2Go software will also automatically generate random passwords for each new website you visit to help increase security, and will remember your credit card information to make shopping online a breeze.

Click to continue reading RoboForm2Go: Your Passwords in Your Pocket

Read More | RoboForm2Go Product Page

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (0)
• Email this story

Xbox 360 Security Hole Revealed, Already Patched

Posted by Christopher Sasaki Categories: Hardware, Mods/Hacks, Xbox 360, Xbox Live, Xbox Live Arcade, Xbox Live Marketplace,

The Bugtraq mailing list recently published the details of an unsigned code execution security hole on the Xbox 360. The timeline of the security hole would seem to make this vulnerability the same one demonstrated at last year’s 23C3 Hacker Congress, as seen in this excerpt:

Timeline:
Oct 31, 2006 - release of 4532 kernel, which is the first version
containing the bug
Nov 16, 2006 - proof of concept completed; unsigned code running in
hypervisor context
Nov 30, 2006 - release of 4548 kernel, bug still not fixed
Dec 15, 2006 - first attempt to contact vendor to report bug
Dec 30, 2006 - public demonstration
Jan 03, 2007 - vendor contact established, full details disclosed
Jan 09, 2007 - vendor releases patch
Feb 28, 2007 - full public release

The public demonstration date is key; that would be the same date of the anonymous Xbox 360 hacker video release. Further, the overview of the vulnerability claims:

We have discovered a vulnerability in the Xbox 360 hypervisor that allows
privilege escalation into hypervisor mode. Together with a method to
inject data into non-privileged memory areas, this vulnerability allows
an attacker with physical access to an Xbox 360 to run arbitrary code
such as alternative operating systems with full privileges and full
hardware access.

According to the release, Microsoft has patched the vulnerability as of January 9th, but then Sony thought they had patched the Grand Theft Auto: Liberty City Stories security hole as well. The existence of such a vulnerability indicates that the security of the Xbox 360 isn’t as bulletproof as Microsoft intended, and it would seem a mere matter of time before another exploitable hole is found to enable homebrew development on the system.

Read More | SecurityFocus via Xbox Scene

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (0)
• Email this story

CES 2007 Video: LaserShield: Home Security for the Every Man

Posted by Andru Edwards Categories: CES, CES 2007, Features, Smart Home, Videocasts, Videos, Wireless / WiFi,

Read More | The Bleeding Edge

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (1)
• Email this story

CES 2007 Video: LaserShield: Security In A Box

Posted by Andru Edwards Categories: Gizmatic, Short Bytes, CES, CES 2007, Features, Household, Videocasts, Wireless / WiFi,

If you live in an apartment or somewhere else where you simply aren’t allowed to install a full home security system, LaserShield is for you. However, if you also don’t want long contracts and have no desire to deal with salesmen, LaserShield will work in just about any sized home. This product is ingenious, and we talk to the man behind it in this episode.

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (0)
• Email this story

Bleeding Edge 074: CES 2007 Video: iControl Networks Home Security Automation

Posted by Andru Edwards Categories: Smartphones, CES, CES 2007, Features, Smart Home, Videocasts, Videos,

Read More | The Bleeding Edge

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (0)
• Email this story

Bleeding Edge 074: CES 2007 Video: iControl Networks Home Automation

Posted by Andru Edwards Categories: Gizmatic, Short Bytes, Cell Phones, CES, CES 2007, Features, Household, Videocasts,

iControl is at CES this year showing off their home security and automation service. iControl’s technology networks various third party home security and automation solutions and provides a hosted gateway to access them over the web or via a cell phone.

The promise of iControl is knowing what’s happening at your house, and being able to control other home automation products. The only downside to this technology is that because its a hosted solution you have to fork over $15 a month for this convenience. It might be worth it depending on your solution, but if you are interested, check out some of the non-hosted solutions offered by Control4 which might be slightly more expensive, but won’t cost you month after month.

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (1)
• Email this story

CES 2007: Eikon USB Fingerprint Reader Wins CES 2007 D & E Award

Posted by Sheila Franklin Categories: Accessories, CES, CES 2007, Misc. Tech, PC / Laptop,

The Eikon USB fingerprint reader (TCRE) has earned itself a Best of Innovations Design and Engineering award at this year’s CES, but parent company Upek will not be attending the festivities. The easy-install reader allows you to log into Windows with one finger swipe, establish a password for storing login information, lock and unlock your system, switch between accounts, and protect your PC’s hard drive files. Built with a sleek design, it even allows OEMs (Original Equipment Manufacturers) to brand the reader personally. Check with Upek for price and availability.

Read More | Upek via CES 2007 Awards

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (0)
• Email this story

Wii Web Browser Susceptible to Opera Vulnerability

Posted by Michael Cardiff Categories: Corporate News, Internet, Mods/Hacks, Wii,

Obviously, Nintendo has been careful to state that the current Wii Web Browser is merely a trial, “beta” version, but this most recent report should make users a little more cautious when taking their Wii online.

The following security report was released by security & vulnerability research lab iDefense and pertains to the version of the Opera web browser currently implemented on the Wii console.

Remote exploitation of a typecasting bug in Opera Software ASA’s Opera Web browser could allow an attacker to execute arbitrary code on the affected host.

A flaw exists within Opera’s Javascript SVG implementation. When processing a createSVGTransformFromMatrix request Opera does not properly validate the type of object passed to the function. Passing an incorrect object to this function can result in it using a pointer that is user controlled when it attempts to make the virtual function call.

The question, of course, is whether it would be worth any hacker’s while to write malicious executable code specifically for the Wii’s proprietary linux-based OS. Of course, given the vitriol with which PS3 and Nintendo fanboys have been attacking eachother recently (note that both Nintendo’s and Sony’s respective Wikipedia entries are locked!), perhaps writing malicious code for opposition consoles could signify the next great front in the console wars.

Read More | iDefense.com

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (0)
• Email this story

Second Life Database Suffers Huge Security Breach

Posted by Michael Cardiff Categories: Adventure, Corporate News, Mods/Hacks, PC, Simulation,

Today Linden Labs notified users that on or about September 6th, a Second Life database server was compromised and that hackers may have gained access to users’ personal information including names, addresses, encrypted passwords and encrypted payment information. While, according to their press release there was no indication that the hackers could compromise users’ online accounts, Linden is forcing all of their users to change their Second Life passwords in response to the breach.

From the release:

“We’re taking a very conservative approach and assuming passwords were compromised and therefore we’re requiring users to change their Second Life passwords immediately,” said Cory Ondrejka, CTO of Linden Lab. “While we realize this is an inconvenience for residents, we believe it’s the safest course of action. We place the highest priority on protecting customer data and will continue to take aggressive measures to protect the privacy and security of the community.”

With more and more online games every year (most of them requiring payment of some type), the issue of data security could quickly become a major focus for game makers. Will we be seeing a Microsoft-circa-2000-esque push toward writing secure game code in the near future? It couldn’t hurt to start soon…

Read More | http://secondlife.com/corporate/bulletin.php

• Tools:
• Permalink
• Share on Twitter
• Share on Facebook
• Comments (0)
• Email this story