Month: June 2015

Categories
programming security

Cracking JXcore… Again | markhaase.com

JXcore butchered. Twice. Ouch.

Besides being quite easy to reverse engineer, the central flaw here is that they still don’t obfuscate your source code! It’s sitting there in its original form, ready for easy extraction by anybody that you distribute your application to. I mentioned obfuscation in my previous article on JXcore and I’ll repeat that assertion here: obfuscation is the only reasonable protection to defend high level source code from reverse engineering. Nothing can prevent reverse engineering, but good obfuscation can raise the cost substantially.

Source: Cracking JXcore… Again | markhaase.com

Categories
security

Debugging and reverse engineering: Samsung deliberately disabling Windows Update

Ok this is not as bad as Superfish, but it’s bad enough. Samsung is disabling Windows Update so that it doesn’t have to deal with driver update issues.

When you enable Windows updates, it will install the Default Drivers for all the hardware no laptop which may or may not work. For example if there is USB 3.0 on laptop, the ports may not work with the installation of updates. So to prevent this, SW Update tool will prevent the Windows updates.

via Debugging and reverse engineering: Samsung deliberately disabling Windows Update.

Categories
privacy security

“EPIC” fail—how OPM hackers tapped the mother lode of espionage data | Ars Technica

The leakage of OPM data has been well-reported but this article provides more details about how it happened. In the worse case, “personal details from nearly everyone who works for the government in some capacity may now be in the hands of a foreign government”.

“EPIC” fail—how OPM hackers tapped the mother lode of espionage data | Ars Technica.

Categories
security

Apple CORED: Boffins reveal password-killer 0-days for iOS and OS X • The Register

iOS and OS X attacks are likely to get more frequent as the platform becomes a valuable attack target, just like Windows in the past.

via Apple CORED: Boffins reveal password-killer 0-days for iOS and OS X • The Register.