Voting Machine Manual Instructed Election Officials to Use Weak Passwords

A vendor manual for voting machines used in about ten states shows the vendor instructed customers to use trivial, easy to crack passwords and to re-use the passwords when changing log-in credentials.

https://motherboard.vice.com/en_us/article/kzvejx/voting-machine-manual-instructed-election-officials-to-use-weak-passwords?utm_source=reddit.com

Defendant Ordered to Decrypt Laptop May Have Forgotten Password

wired.com: Defendant Ordered to Decrypt Laptop May Have Forgotten Password

Via: slashdot.org: Defendant Ordered To Decrypt Laptop Claims She Had Forgotten Password

If she does not decrypt the drive by month’s end, as ordered, she could be held in contempt and jailed until she complies. If the case gets to that point, Judge Blackburn would have to make a judgement call and determine whether the woman had forgotten the code or was refusing to comply.

Major Security Flaws Discovered In Internet HDTVs

C’est evidemment juste pour rire un peu que j’ecris a ce sujet. Qui, avec des connaissances minimales et du gros bon sens, pourrait bien s’imaginer que ces produits sont securises correctement 😉 C’est quand meme interessant de penser que la facon d’entrer chez-vous pour hacker le reseau sera la TV ou le lecteur Blu-Ray. La seule facon de se proteger serait-elle d’avoir un firewall/router interne dedie aux cochonneries electroniques comme les TV/Blu-Ray? Remarquez que le probleme existait deja avec les consoles de jeu qui utilisent encore WEP!

“Security researchers have discovered several security flaws in one of the best-selling brands of Internet-connected HDTVs, and believe it’s likely that similar security flaws exist in other Internet TVs. The security researchers were able to demonstrate how an attacker could intercept transmissions from the television to the network using common ‘rogue DNS,’ ‘rogue DHCP server,’ or TCP session hijacking techniques. Mocana was able to demonstrate that JavaScript could then be injected into the normal datastream, allowing attackers to obtain total control over the device’s Internet functionality.”

Un commentaire sur slashdot pointait sur xkcd.com:

Hehe.