Controversy Over Violet Blue's Harm Reduction Talk
Weezul writes "The Ada Initiative's Valerie Aurora got Violet Blue's Hackers As A High-Risk Population (29c3 abstract) talk on harm reduction methodology pulled from the Security BSides meeting in San Francisco by claiming it contained rape triggers [ed note: you might not want to visit the main page of the weblog as it contains a few pictures that might be considered NSFW in more conservative places]. It frankly asinine to object to work around hacker ethics as 'off topic' at such broad hacker conference. Is Appelbaum's 29c3 keynote 'off topic' for asking hackers to work for the 'good guys' rather than military, police, their contractors, Facebook, etc.? Yes, obviously harm reduction is a psychological hack that need not involve a computer, but this holds for 'social engineering' as well. It's simply that hacking isn't nearly as specialized or inaccessible as say theoretical physics. Worse, there is no shortage of terrible technology laws like the CFAA, DMCA, etc. that exist partially because ...
ada
appelbaum
aurora
blue
bsides
cfaa
community
conference
dmca
facebook
freedom
information
methodology
nsfw
police
population
reduction
san francisco
security
technology
valerie
violet
weezul
yes
Found more than 1 month ago on channel
Slashdot
Security Loophole In Facebook’s Camera App Allowed Hackers To Hijack Accounts Over WiFi
PSA to all Facebook Camera users on iOS: If you haven’t update you app in the past few days, update it now. The older version of the app, pre-1.1.2 and released before December 21, has a security loophole. When used over WiFi networks, malicious hackers can tap the network and hijack Camera users’ accounts, picking up information like email addresses and passwords in the process. The white-hat hacker who ID’d the problem is Mohamed Ramadan, an Egypt-based security researcher and trainer with Attack-Secure who has also found and reported vulnerabilities for Apple, Google, and Etsy — which apparently also had the same loophole in its iOS app. Ramadan tells us that the issue lied in the Camera app’s Secure Sockets Layer certification, which was too open. As he puts it, “The problem is the app accepts any SSL certification from any source, even evil SSL certifications and this enables any attacker to perform Man in The Middle Attack against anyone uses Facebook Camera App for ...
apple
applications
attack-secure
certification
comments
egypt-based
etsy
facebook
google
information
ios
iphone
middle
mohamed
psa
ramadan
security
ssl
version
vulnerability
wifi