The iPhone looks cool, but if you're a serious business user, there are other, less expensive cell phones that provide better functionality. And even if you're not a business user, unless you have plenty of money lying around and absolutely must have the latest neat gadget as soon as it comes out, I'd recommend waiting for version 2 of the iPhone, which, we hope, will cost less and fix at least a few of these issues.

You can open up any USB device and turn it into your own device. Apply sensors to it's inputs and use them as continous controllers. USB-devices such as gamecontrollers and joysticks connected to the computer are working with 0-5 V. A gamecontroller such as the wireless Thrustmaster Firestorm is working with 3 V (sensor-input 2.5V). You can hook up any sensor to the game controller that is working with 2.5 V.

An Act to amend the law relating to computer offences, and for other purposes.

Client authentication is a common requirement for modern Web sites as more and more personalized and access-controlled services move online. Unfortunately, many sites use authentication schemes that are extremely weak and vulnerable to attack. These problems are most often due to careless use of authenticators stored on the client. We observed this in an informal survey of authentication mechanisms used by various popular Web sites. Of the twenty-seven sites we investigated, we weakened the client authentication of two systems, gained unauthorized access on eight, and extracted the secret key used to mint authenticators from one.

Physical security — controlling personnel access to facilities — is critical to achieving data center availability goals. As new technologies such as biometric identification and remote management of security data become more widely available, traditional card-and-guard security is being supplanted by security systems that can provide positive identification and tracking of human activity in and around the data center. Before investing in equipment, IT managers must carefully evaluate their specific security needs and determine the most appropriate and cost-effective security measures for their facility. This paper presents an overview of the principles of personnel identification and describes the basic elements and procedures used in security systems.

This paper summarises our opinions and findings after several years of studying biometric authentication systems and their security. Our research on security and reliability issues related to biometric authentication started in 1999 at Ubilab, the Zurich research lab of bank UBS, and has been continuing at the Masaryk University Brno since mid-2000. This paper summarises our personal views and opinions on pros and cons of biometric authentication in computer systems and networks.

This article describes three powerful general-purpose families of exploits for buffer overruns: arc injection, pointer subterfuge, and heap smashing. These new techniques go beyond the traditional "stack smashing" attack and invalidate traditional assumptions about buffer overruns. Security vulnerabilities related to buffer overruns account for the largest share of CERT advisories, as well as high-profile worms—from the original Internet Worm in 1987 through Blaster’s appearance in 2003. When malicious crackers discover a vulnerability, they devise exploits that take advantage of the vulnerability to attack a system.

This report describes the details of two new proof-of-concept Bluetooth security analysis tools and two new attacks against Bluetooth security. On-Line PIN Cracking script is a security analysis tool for on-line Bluetooth device PIN cracking. Brute-Force BD ADDR Scanning script is a security analysis tool for brute-force discovery of the addresses of Bluetooth devices that want to be private. Scripts of both our security analysis tools exist and can be demonstrated to Bluetooth device manufacturers or press if required, but they will not be released in any public domain because due to their e±ciency they can be very dangerous. Our new attacks, BTKeylogging and BTVoiceBugging, extend On-Line PIN Cracking attack.

A virus is a computer program that executes when an infected program is executed. Therefore only executable files can be infected. On MS-DOS systems, these files usually have the extensions .EXE, .COM, .BAT or .SYS. Another class of files called overlay files can also be infected. These files often have the extension .OVL, although other extensions such as .OV1 are sometimes used. By definition, a virus infects other programs with copies of itself. It has the ability to clone itself, so that it can multiply, constantly seeking new host environments. The most harmless viruses do only that, simply replicating and spreading to new systems. Or the virus program may damage other programs and/or alter data, perhaps selfdestructing when done. The only evidence viruses like this leave is the destruction they have inflicted on the infected system. This makes it very difficult to develop defenses against the virus.

WIDZ version 1 is a proof of concept - It is not up to the standards of (and was never intended to be) great software packages like Snort etc that you might find on FreshMeat and sourceforge. Even given this, the code was very late – as its development has been bogged down by a series of trials some technical, some managerial – For this I apologise but its understandably hard to make time for “home time” development projects when the department that it took you ten years to build up has become a pawn in your boss’ power games (well boo hoo, pull yourself together man) None-the-less WIDZ had some very fresh ideas when it was conceived. We started by intentorising the network – then we studied our own wireless pentests and forensic reviews to establish what is attacked, and how.