View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Data
August 4, 2009

Black Hat hackers spotlight serious security glitches

Cloud passwords, web site security and smartphones easily compromised by hacks

By CBR Staff Writer

Concerns over cloud security could well be justified after researchers at the Black Hat data security briefings in Las Vegas showed they could unpick with relative ease the password reset systems used on Amazon’s EC2 and Microsoft’s Online Office services.

‘Password resetting and other security mechanisms in the cloud are always going to be a weak link’ said one industry insider, Andy Cordial, managing director at Origin Storage.

‘Secure cloud computing will definitely be the norm for most users in about 10 years time. Until then, encrypted local storage will meet user needs,’ he said.

Researchers have also cautioned industry about its reliance on Secure Socket Layer (SSL) certificates that are used to guarantee privacy on many commercial and e-commerce web sites. 

Seemingly with some tweaks made to the URL, a hacker might be able to trick a browser into thinking that an unprotected site is secure and redirect the traffic to a bogus site to siphon off any personal information entered.

Reports filed by Associated Press said that experts maintain the Firefox browser is not susceptible to the problem, and that Microsoft is looking into the problem.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Meanwhile the Internet infrastructure services provider VeriSign Inc, which has issued more than 4 million SSL certificates since becoming a Certificate Authority in 1995, reckons its certificates are not vulnerable.

The security of the Apple iPhone also came under scrutiny of hackers at the event. After the ease with which iPhone passwords and encryption can be bypassed by hackers was revelaled in CBR reports last week, hackers went on to highlight another major glitch.

They showed how the iPhone’s software can be used to send attacks via SMS text messages.

Hackers pointed out a memory corruption bug that could be exploited by someone wanting to hijack the smartphone.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.