Locking down Apple's new Find my iPhone / iPad

Kudos to Apple for making this service free, it's well worth enabling.
However to make sure you're properly protected there are a few changes
you should make in Settings.

Enable Passcode Lock and, optional but recommended, Auto-Lock.

Next enable restrictions and disable deletion of apps and accounts.
This will prevent thieves from nuking your MobileMe account or your
Find my iPhone / iPad app.

The Gashlycrumb Terrors by Laura Pearlman

Love the winner of this year's Movie Plot Threat Contest, security expert Bruce Schneier's attempt to make us realize that we often overreact to highly unlikely scenarios, taking steps that curtail our own freedoms and don't make us any safer.

In Laura's own words "The challenge in this year’s contest was basically to create a story that would frighten small children into obeying their government without question".

A is for anthrax, deadly and white.
B is for burglars who break in at night.
C is for cars that have minds of their own
    and accelerate suddenly in a school zone.
D is for dynamite lit with a fuse.
E is for everything we have to lose.
F is for foreigners, different and strange.
G is for gangs and the crimes they arrange.
H is for hand lotion, more than three ounces;
    let’s pray some brave agent soon sees it and pounces.
...

Read the rest on Laura's blog.

Well done Laura, hope this does get illustrated!

AUSTIN - A PalmOS Vulnerability Scanner

About three years ago I wrote a vulnerability scanner for the Palm OS named AUSTIN. It was just a fun side project and after presenting it at Defcon 11, I forgot all about it.

But recently a few people started asking me for the code. Turns out that the Defcon 11 site has my slides, the audio of my presentation, and even the video! But no code, even though I gave it to the organizers. [I wish defcon didn't use Real media formats, they're so annoying to convert. To do so, grab the RTSP stream with a downloader like Offline Explorer Pro and use SUPER to convert it (See my post on video conversion).]

So without further ado, for anyone interested, here is the code to AUSTIN - a PalmOS Vulnerability Scanner.

Caveat emptor:

  • It was written to PalmOS 3.5.2 on a Treo 300 (160x160 screen). I don't know how it will fare on OS 5 Palms.
  • It was written with PocketC, I don't know whether the latest version will still run this code.
  • It works but is fairly basic and may even have some bugs (shocking, I know ;-)
  • It's GPL licensed.

If you end up finding it useful, please post a comment below and tell me what you're doing with it...