Comments on: Security Review: Apple’s Time Capsule http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/ Fri, 16 May 2008 17:02:12 +0000 http://wordpress.org/?v=2.5.1 By: Alvin http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-5300 Alvin Fri, 25 Apr 2008 17:58:47 +0000 http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-5300 I think this is the wireless hard drive and it already has in the market. But I would not trust this Cutter, because leaked information can do very expensive. I think that this novelty is too unreliable and doomed to failure. I think this is the wireless hard drive and it already has in the market. But I would not trust this Cutter, because leaked information can do very expensive. I think that this novelty is too unreliable and doomed to failure.

]]> By: E Gilbert http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-4472 E Gilbert Wed, 26 Mar 2008 00:01:42 +0000 http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-4472 If someone wants to sabotage the utility of Time Capsule, they can just steal the drive. There are counter-measures to this threat, of course, but the threat must be recognized and the counter-measures actually must be taken by each user. Most situations have some physical security, but some situations will be opportunities and it doesn't take a lot of skill to carry out the denial. If someone wants to sabotage the utility of Time Capsule, they can just steal the drive. There are counter-measures to this threat, of course, but the threat must be recognized and the counter-measures actually must be taken by each user. Most situations have some physical security, but some situations will be opportunities and it doesn’t take a lot of skill to carry out the denial.

]]> By: Soo-Shin http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-4243 Soo-Shin Thu, 20 Mar 2008 20:52:55 +0000 http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-4243 Another risk of snapshot technology such as time capsule is that files are never removed. Once a file has been created and archived, it exists on time capsule regardless of whether it was later changed or deleted. Another risk of snapshot technology such as time capsule is that files are never removed. Once a file has been created and archived, it exists on time capsule regardless of whether it was later changed or deleted.

]]> By: cbhacking http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-76 cbhacking Tue, 22 Jan 2008 10:03:22 +0000 http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-76 After the insane security vulnerabilities of the iPhone (Jailbreak, etc.), I wouldn't make any assumptions of Apple's security based on track record. A reminder for anybody who didn't read one of the earlier posts in the class: MAC address filtering is COMPLETELY insecure. It's probably more of an inconvenience for the average legit users (who are unlikely to be very computer-literate) than for an attacker (who probably snoops MAC addresses and spoofs his/her own so often he/she probably has a script set up to do it - honestly, it's a single CLI instruction on Linux to change your MAC address, and on Windows it's a registry key that is harder to find but still dead easy to change). After the insane security vulnerabilities of the iPhone (Jailbreak, etc.), I wouldn’t make any assumptions of Apple’s security based on track record.

A reminder for anybody who didn’t read one of the earlier posts in the class: MAC address filtering is COMPLETELY insecure. It’s probably more of an inconvenience for the average legit users (who are unlikely to be very computer-literate) than for an attacker (who probably snoops MAC addresses and spoofs his/her own so often he/she probably has a script set up to do it - honestly, it’s a single CLI instruction on Linux to change your MAC address, and on Windows it’s a registry key that is harder to find but still dead easy to change).

]]> By: Fabian http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-38 Fabian Sat, 19 Jan 2008 05:54:14 +0000 http://cubist.cs.washington.edu/Security/2008/01/18/security-review-apples-time-capsule/#comment-38 Apple's Time Capsule looks very similar to wireless hard drive that has been available in the market. Based on Apple's good track record in their product quality, we can probably be given assurance that Apple had though this through and will ensure the device security. However, we also need to be skeptical and should know more how put the security in place, because it is our data that will be at risk in the end. Apple’s Time Capsule looks very similar to wireless hard drive that has been available in the market. Based on Apple’s good track record in their product quality, we can probably be given assurance that Apple had though this through and will ensure the device security. However, we also need to be skeptical and should know more how put the security in place, because it is our data that will be at risk in the end.

]]>