Simple worm RickRolls jailbroken iPhones
I knew it had to be just a matter of time before someone took advantage all of the jailbroken iPhones and created another malicious tool to pwn them.  This time the attacker has been RickRolling iPhone users, changing the background on the phones to a picture of Rick Astley.  The worm is fairly simple and uses the default password set up on the SSH daemon when you jailbreak your iPhone, so if you’ve taken the 5 minutes required to change the password, you’re perfectly safe from the effects of the worm.  Of course, it’s written by someone in Australia going by the name of &#

Ethics of spilled COFEE
Last year Microsoft released a tool called COFEE (Computer Online Forensic Evidence Extractor) to law enforcement agencies around the nation and around the world a couple of years ago.  While COFEE is a professional tool, it’s meant for the average police officer who may not have a lot of experience with computers; you just plug a USB key with COFEE installed and if autorun is enabled on the computer, it will run a series of diagnostics, writes a report and generally gives a

How to change the SSH passsword on your iPhone
I mentioned a couple of days ago that once you jailbreak your iPhone, you’ve bypassed many of the security protections Apple put in place.  One of the biggest concerns once you do this is the SSH service running on the iPhone, since it’s relatively easy to find the default password for the phone (it’s ‘alpine’).  My solution is to use SBSettings and simply turn off SSH on the iPhone all together.  But if you have reason to leave SSH running, you need to at least change the password, especially if you’re going to any security conventions or will be trav

How to change the SSP passsword on your iPhone
I mentioned a couple of days ago that once you jailbreak your iPhone, you’ve bypassed many of the security protections Apple put in place.  One of the biggest concerns once you do this is the SSH service running on the iPhone, since it’s relatively easy to find the default password for the phone (it’s ‘alpine’).  My solution is to use SBSettings and simply turn off SSH on the iPhone all together.  But if you have reason to leave SSH running, you need to at least change the password, especially if you’re going to any security conventions or will be trav

Good luck, Alan
Nine years at one company is almost longer than my entire career in information security.  But that’s how long Alan Shimel was at StillSecure.  Was being the operative word, since Alan has announced that he’s left the company and will be moving on to something new.  He’s not exactly sure what that is yet, but I’m sure Alan will be a valuable resource where ever he ends up.  He’s taking some time off to collect his thoughts and spend time with family, both of which are things I definitely consider time well spent. Thanks the Alan and