sqlite – Jupiter Broadcasting

NOT SO LONG ago, enterprising thieves who wanted to steal the entire contents of an ATM had to blow it up. Today, a more discreet sort of cash-machine burglar can walk away with an ATM’s stash and leave behind only a tell-tale three-inch hole in its front panel.
The dispenser will obey and dispense money, and it can all be done with a very simple microcomputer.
They found that the machine’s only encryption was a weak XOR cipher they were able to easily break, and that there was no real authentication between the machine’s modules
In practical terms, that means any part of the ATM could essentially send commands to any other part, allowing an attacker to spoof commands to the dispenser, giving them the appearance of coming from the ATM’s own trusted computer.

Feedback

Round Up:

Dan mentioned these URLs during the podcast:

Adding a 10Gb NIC to an r610

The post Wifi Stack Overfloweth | TechSNAP 313 first appeared on Jupiter Broadcasting.

Doxing Developers | CR 121

chris — Mon, 29 Sep 2014 14:25:49 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Google is requiring developers to submit their physical address, and the Apple community has outed the manager behind the botched iOS 8.0.1 update. Are we seeing a dangerous threat or just a frantic response?

Plus some great questions, when to lawyer up & much more!

Thanks to:

Direct Download:

MP3 Audio | OGG Audio | Video | Torrent | YouTube

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Feedback / Follow Up:

Dev Hoopla:

Person responsible for iOS 8.0.1 debacle also linked to iOS 6 Maps

A quality assurance manager responsible for this week’s botched iOS 8.0.1 release was also in charge of QA for iOS 6 Maps, sources tell Bloomberg. The man is identified as Josh Williams, who is said to have been removed from the Maps team after the app gave people bad directions and/or mislabeled important scenery. He has however been with Apple since 2000, and has been handling quality issues for iOS since the early days of the iPhone.

It’s reported that Williams has a team of over 100 people around the world, and that the company relies more on human discovery of bugs than automated testing. Partly because of these factors, it’s indicated that no single person can be held responsible for major software trouble. The company in fact has a committee called the Bug Review Board overseen by Kim Vorrath, VP of product management for iOS and OS X. She in turn reports to Craig Federighi, the senior VP for software engineering. To help with testing, the company relies heavily on feedback from third-party developers.

It’s at BRB meetings that Vorrath, Williams, and other people determine which bugs need to be solved immediately and which can be dealt with later. Bugs are labeled P1, P2, or P3; P1 can halt production of a device, while P2 or P3 items can be rolled into development of later updates even before the initial firmware is out.

The post Doxing Developers | CR 121 first appeared on Jupiter Broadcasting.

sqlite – Jupiter Broadcasting

Interactive Investigations | Coder Radio 373

Show Notes: coder.show/373

SQLite with Richard Hipp | Ask Noah Show 96

Show Notes: podcast.asknoahshow.com/96

Business Backup Tips | Ask Noah Show 91

Show Notes: podcast.asknoahshow.com/91

Wifi Stack Overfloweth | TechSNAP 313

RSS Feeds:

Become a supporter on Patreon:

Show Notes:

iOS 10.3.1 update prevents: attacker within range may be able to execute arbitrary code on the Wi-Fi chip

Hackers Are Emptying ATMs With a Single Drilled Hole and $15 Worth of Gear

Let’s Encrypt

Feedback

Round Up:

Doxing Developers | CR 121

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Feedback / Follow Up:

Dev Hoopla:

Person responsible for iOS 8.0.1 debacle also linked to iOS 6 Maps