#qi-hardware IRC log for Tuesday, 2015-01-13

DocScrutinizer05https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150113-0_snom_IP_phones_Multiple_critical_vulnerabilities_v10_wo_poc.txt15:24
whitequarkDocScrutinizer05: and?15:53
whitequarkthose are a dime a dozen15:53
whitequarkheck, I'd be more interested to see an IP appliance that can *not* be easily comproised15:54
DocScrutinizer05sure16:00
DocScrutinizer05not saying it's particularly exciting16:00
DocScrutinizer05just, as you say, those are a dime a dozen, and thus found everywhere, particularly in companies16:01
DocScrutinizer05and using them for jump hosts is a very NSA-friendly exploit16:02
DocScrutinizer05sure a competent network manager will build up at least an own VPN or actually a separate network (wires) for SIP, in your company16:03
DocScrutinizer05but that costs *lots* of money, and thus prolly >90% of companies are widely open as soon as they plug in a SNOM phone to their network16:04
DocScrutinizer05http://www.ardmediathek.de/tv/Reportage-Dokumentation/Die-Story-im-Ersten-Schlachtfeld-Intern/Das-Erste/Video?documentId=25812360&bcastId=79928016:05
DocScrutinizer05sorry they put some geo-blocker on it16:06
DocScrutinizer05no news in it really - just NSA doing cyber warfare since years, and hacking and implementing backdoors to every system they can find. "Maybe one day they might need it"16:07
whitequarkwell, that's really NSA's job16:08
whitequarknot to mention that with this kind of doors wide open, any skiddie can do the same. I see no issue here except companies being shit at infosec16:08
DocScrutinizer05sure16:09
DocScrutinizer05anyway more entertaining news than e.g. a new vaporware chip announcement16:09
whitequarkchip?16:10
whitequarkoh hah16:15
whitequarkDocScrutinizer05: http://hackaday.com/2015/01/13/cheap-diy-microscope-sees-individual-atoms/16:15
DocScrutinizer05AWESOME16:30
wpwrak(stm) neat :) guess bunnie will soon have to accompany his reverse engineering pictures with this sort of scans ;-)18:42
wpwrakthis is of course also a nice sentence on its own: "Gwyddion is a free, open source SPM data analysis program."18:46
wpwrakwe've come a long way :)18:46
wpwraksigh. and then you see this: http://store.hackaday.com/collections/products-toys-kits/products/blink1?utm_source=hackaday-sidebar&utm_medium=blink19:15
wpwrakof course, another avr ...19:16
nicksydneywpwrak: very cool  http://downloads.qi-hardware.com/people/werner/anelok/tmp/slide-2015.mpeg21:43
nicksydneystill remembered the discussion we had between the wheeley and touch slider last year :)21:43
DocScrutinizer05lol, you also checked that unbearable blink nonsense :-D21:50
nicksydneynow that's awesome http://blog.atmel.com/2015/01/13/a-10-usb-charger-can-record-your-keystrokes-wirelessly/23:56
--- Wed Jan 14 201500:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!