Tune In: 

Back on air soon!

Our live radio broadcasts are currently on hiatus while we work on improvements to Sanitarium.FM's core services. For further information, visit our Discord.

HomeNewsSchedule Make a RequestListener ChartsIndie Bands ▼Indie GamesJobs ▼ContestsForumDiscord
Join us on MinecraftAdvertise with usPrint StoreUser Control PanelPrivate Messages
 Your Sanitarium.FM Account 


 Upcoming shows 
Today
  • 9pm - Auto DJ

Tomorrow
  • 12am - Auto DJ
  • 3am - Auto DJ
  • 6am - Auto DJ
  • 9am - Auto DJ



 Support The Sanitarium.FM! 

Become a Patron!
Or donate to us via PayPal:




streamfinder streaming radio list



Sanitarium.FM. You don't have to be mad to work here but it... wait a sec YES... YES YOU DO!
Sanitarium.FM Site Search:  
Or click here to search the Forum.
 Lenovo Grilled By Security Researchers over poor ShareIT Security 
Lenovo Grilled By Security Researchers over poor ShareIT Security

Computer users often make very basic mistakes that make more sensible people wonder just what they were thinking. Case in point: passwords. Splashdata recently published its fifth annual list of the most commonly-used passwords by computer users in North America and Western Europe; and many people will be hitting their heads against their desks when they learn that obvious choices like "password" and "12345678" still top the list.

 

While you can expect individuals to make basic mistakes like these, you would assume actual computer manufacturers would be smarter. But if the latest headlines are to be believed, it seems Lenovo's software developers could do with reading this list themselves. As revealed in an advisory posted by Core Security, Lenovo's ShareIT file-sharing software – built in to their computers – has a very serious password-related flaw.

 

How bad? The Wi-Fi Network created and used for transferring files between Windows computers "securely" uses a very predictable password: 12345678. Even worse, this password is "hardcoded" into the software, making it impossible for users to change it to something much more secure. The problem is even worse for Android users, where the ShareIT app has no password at all, leaving the network entirely open for anyone within radio range to connect to.

 

The implications for the security of transferred files is serious. Merely using a web browser to connect to a ShareIT network can reveal all the files currently stored on the platform by the affected user. While the files cannot be downloaded this way, the researchers also discovered that the files are transferred insecurely, without any kind of encryption, meaning the simple use of a traffic sniffer once connected could allow anyone to obtain a copy of any transferred file.

 

Luckily, the flaws may not exist much longer. Lenovo claim that since being made aware of the issues in October last year, the company has worked to bring the software up to snuff. Those running ShareIT on Windows or Android are now advised to download the latest version of the software from the ShareIT website, which was released this week and claims to resolve all the issues found by the Core Security researchers. Given that this is not the first time Lenovo have been found to engage in shady security practices, however, it may be time to think twice about that ThinkPad.

 

This article originally appeared on Technically Motivated


 January 27th, 2016 by CrimsonShade
This entry was posted on Wednesday, January 27th, 2016 at 17:47 and is filed under General, Technology. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

 Comments 

There are no comments yet for this post.


 Leave A Reply 

You must be logged in to post a comment.