Lost+Found: iCloud cracking, BKA trojan infections
Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been on The H's radar this week. Today: McAfee analyses the recent Adobe Reader exploit, hackers wanting to emigrate to China, the future of password policies, ElcomSoft thinks it can get access to iCloud and the arrest of the alleged developer of the BKA trojan hardly seems to have made a dent.
- McAfee has posted a nice analysis of how the PDF exploit for the 0-day hole in Reader escaped from the program's sandbox.
- Following the report on Chinese hackers who work on behalf of their government, several prominent hackers have contemplated emigration.
- In view of the proliferation of account hacking problems, Google, Facebook and Twitter are apparently considering to implement a new password policy to make life difficult for crackers (note the date).
- In a blog post entitled Advanced Password Cracking – Insight, the uber-crackers from ElcomSoft say that they have found a gaping hope in the iCloud. Apparently, whoever knows an ID and the associated password can access the data – who could have guessed?
"ElcomSoft researchers discovered that information stored in the iCloud can be retrieved by anyone [...] provided that the original Apple ID and password are known."
- It seems that our scepticism concerning the general rejoicing at the arrest of the alleged developer of the BKA trojan was well-founded. For example, Panda has observed a significant rise in "police virus" infections.