Great hack, if only I had a VCR… just the though of what I could have done like 10 years ago

Josh Davis from Wired Science takes a closer look into the world of high tech crime.  Very fascinating video.

BBtv has a good episode on very simple Iphone Jailbreaking.  Damien Stolarz says “It started out very complicated, but these days uh… if you’ve ever heard of a script kiddie, uh… hacking your iphone has gotten to script kiddie simplicity”

It turns out that with the click of a mouse using an application on a computer you have connected your iphone to you too can unlock your iphone.  The application you’ll need is called iLiberty+

First of all, be clear about what type of hacker your referring to… please!  The general term “hacker” can refer to different groups of computer professionals, and so often it is confused by the “press”  “White Hats” are “good hackers” they try to fight “Black Hats” who are generally criminals… most Linux users are “Hackers” as they are trying to improve the software they use!  So when this ad/article says “Hackers Can Turn Your Computer Into A Bomb” they should more appropriately say “Black Hats Can Turn Your Computer Into A Bomb!”…

Why does the press quickly jump to calling computer criminals general “Hackers”?

BoingBoing TV has an interesting episode about this emerging threat of RFID hacking related to your “smart” credit card. A hacker named Pablos Holman shows how easy it is with relatively cheap equipment. This video caught my attention because I actually do have one of these RFID enabled credit cards, as I’m sure a lot of people do. I have also posted about this in a previously.

In a post yesterday I commented about an article in Information Week, part of my point is that hackers are sophisticated enough to get what they are after.  Motivation is the key, and the graphic below certainly supports this theory:

(click the thumbnail to enlarge)

Two days ago Information Week wrote an article about 3 medical students suggesting that there is a possibility of a pacemaker (with wireless capabilities) being susceptible to hacking. An excerpt from the Information Week article:

“Our investigation shows that an implantable cardioverter defibrillator (1) is potentially susceptible to malicious attacks that violate the privacy of patient information and medical telemetry, and (2) may experience malicious alteration to the integrity of information or state, including patient data and therapy settings for when and how shocks are administered,”

I suspect this will remain just what it is, a proof of concept. What low life would want to target some poor soul with a pacemaker is beyond me. Let’s assume for a moment somebody did attempt to hack one of these pacemakers, they could potentially murder the person they are targeting. I can’t see how the reward is valuable enough to initiate the action.

In the article the medical students claim that it is unlikely that this will happen:

“We believe that the risk to patients is low and that patients should not be alarmed,” the researchers say. “We do not know of a single case where an IMD [implantable medical device] patient has ever been harmed by a malicious security attack. To carry out the attacks we discuss in our paper would require: malicious intent, technical sophistication, and the ability to place electronic equipment close to the patient. Our goal in performing this study is to improve the security, privacy, safety, and effectiveness of future IMDs.”

Curiously though, their reasons above for why the risk is low are completely misguided. First they say someone would need to have malicious intent. Well, correct me if I’m wrong but most hackers do have some form of malicious intent, wouldn’t you say? The medical students continue by saying someone would need “technical sophistication”… this is perhaps one of the most asinine statements I ever read. Unfortunately many of these computer criminals are more sophisticated than these medical students would like us to believe. Many of today’s top information security companies are headed up by a former hacker.

Nevertheless, minus the irrelevant reasons why this wouldn’t happen according to these medical students, I have a theory. Maybe somewhere deep in the mind of the potentially malicious hacker lies some degree of morality, and maybe not!

Let’s hope in this case there is some morality somewhere.