Your Headphones Might Break The Security of Your Computer

Sennheiser has now been pinpointed as have a major security vulnerability in its HeadSetup app. It involves a self-signed TLS signature and which Sennheiser placed in the Trusted Root CA Certificate store (or in the macOS Trust Store). This means that this certificate can be used to validate other certificates, as the private key on the certificate could be easily extracted.

--

--

--

This publication brings together interesting articles related to cyber security.

Recommended from Medium

Tenda Malformed HTTP Request Header Processing Vulnerability

The elegant maths behind the RSA Encryption

Log4j: The Worst Vulnerability In Nearly A Decade?

Synchrony IDO Process on SolRazr

Warding off DDoS Attacks with Anti-DDoS — Part 4: Global DDoS Collaborative Protection and…

Epic Women in Cyber — Neetee Pawa

Garbled Circuits — SFE With Oblivious Transfer

Developments in Australian Privacy Law and Responses to Data Flows

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Prof Bill Buchanan OBE

Prof Bill Buchanan OBE

Professor Cryptography. Serial innovator. Believer in fairness, justice & freedom. EU Citizen in heart. Living by the sea. Old World Breaker. New World Creator.

More from Medium