In association with heise online

19 October 2012, 17:28

Lost+Found: Tools for key crackers

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Lost+Found logo Too short for news, too good to lose; Lost+Found is a roundup of useful security news. This time: 3D printers can produce handcuff keys, Adobe's Reader secures its sandbox, a program which allegedly discovers the secret keys for embedded devices from network traffic, zero day statistics and why it's good to answer your email in a timely fashion.

  • Forbes reporter Andy Greenberg has accidentally enabled anyone with a 3D printer to produce copies of keys to Bonowi police handcuffs. Using a photo taken by Greenberg using his iPhone and included in an article, resourceful DIYers were able to create a 3D model of the key.

  • LittleBlackBox claims to contain a database of secret SSL and SSH keys for embedded devices. Feed it recordings of network traffic (in the form of pcap files) and LittleBlackBox says it will extract public keys and spit out the corresponding secret key, though this is untested here – can anyone confirm it?

  • According to a studyPDF by Symantec's Leyla Bilge and Tudor Dumitras, zero day exploits are frequently exploited for more than a year prior to disclosure. The study is based on data extracted from sources such as the company's internal Worldwide Intelligence Network Environment with the delightful acronym WINE.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit