Your Wifi Stack is under attack! But dont worry, Apple’s got the patch & we’ve got the story. Then the latest ATM hacking tips that will only cost you $15 & Dan does a deep dive into Let’s Encrypt!
Plus it’s your feedback, a huge roundup & so much more!
iOS 10.3.1 update prevents: attacker within range may be able to execute arbitrary code on the Wi-Fi chip
NOT SO LONG ago, enterprising thieves who wanted to steal the entire contents of an ATM had to blow it up. Today, a more discreet sort of cash-machine burglar can walk away with an ATM’s stash and leave behind only a tell-tale three-inch hole in its front panel.
The dispenser will obey and dispense money, and it can all be done with a very simple microcomputer.
They found that the machine’s only encryption was a weak XOR cipher they were able to easily break, and that there was no real authentication between the machine’s modules
In practical terms, that means any part of the ATM could essentially send commands to any other part, allowing an attacker to spoof commands to the dispenser, giving them the appearance of coming from the ATM’s own trusted computer.
Dan mentioned these URLs during the podcast: