PINDROP BLOG

Category: Device Security

January 21, 2016
California Bill Seeks Phone Crypto Backdoor
A week after a New York legislator introduced a bill that would require smartphone vendors to be able to decrypt users’ phones on demand from law enforcement, a California bill with the same intent has been introduced in that state’s assembly. On Wednesday, California Assemblyman Jim Cooper submitted a bill that has remarkably similar language…
Read More →
January 19, 2016
UK Government Voice Encryption Standard Built for Key Escrow, Surveillance
The U.K. government’s standard for encrypted voice communications, which already is in use in intelligence and other sectors and could be mandated for use in critical infrastructure applications, is set up to enable easy key escrow, according to new research. The standard is known as Secure Chorus, which implements an encryption protocol called MIKEY-SAKKE. The protocol was…
Read More →
January 13, 2016
Bankosy Android Trojan Defeats Voice 2FA
Bad guys are always looking for ways to up their game and find ways around the defenses that security companies and users put in their way. To wit, an Android banking Trojan called Bankosy that has added a new capability that allows attackers to bypass voice-based two-factor authentication. The malware has been around for a…
Read More →
January 13, 2016
New York Wants to Force Vendors to Decrypt Users’ Phones
A bill that is making its way through the New York state assembly would require that smartphone manufacturers build mechanisms into the devices that would allow the companies to decrypt or unlock them on demand from law enforcement. The New York bill is the latest entry in a long-running debate between privacy advocates and security experts on one…
Read More →
January 8, 2016
When Smart Devices Do Dumb Things
Smart devices are great. Until they’re not. Like when your smart TV is infected with DNS hijacking malware and refuses to do what it’s actually supposed to do, which is to let you watch TV. That’s the situation that a Reddit user found on his sister’s smart TV recently, reporting that after hitting a specific domain…
Read More →
January 7, 2016
On the Wire Podcast: Paul Roberts
Dennis Fisher talks with journalist Paul Roberts (@paulfroberts) of the Security Ledger about the state of security in the Internet of Things. The discussion touches on the way vendors are responding to security researchers who report bugs in their products, whether regulation is needed, emerging IoT protocols, and how the IoT security landscape mirrors the Internet…
Read More →
January 6, 2016
New WiFi HaLow Protocol Could Bring Old Security Issues
Perhaps because smart lightbulbs that refuse firmware updates and refrigerators with blue screens of death aren’t enough fun on their own, a new WiFi protocol designed specifically for IoT devices and appliances is on the horizon, bringing with it all of the potential security challenges you’ve come to know and love in WiFi classic. The new…
Read More →