Tuesday, September 16, 2014

Kindle security flaw can be exploited by the hidden codes in e-books – Engadget

Next time you come across a Kindle e-book link somewhere other than Amazon itself, you want to make a small sure it’s not some dubious website before you hit the download or “Send to Kindle.” A security researcher by the name of Benjamin Daniel Musser has discovered That the “Manage Your Kindle” page contains a security hole – The One That hackers can take advantage of with the help of e-books hiding malicious lines of code. Once you load the Kindle Library with a corrupted e-book (Typically with a subject That includes & lt; script src = “https://www.example.org/script.js” & gt; & lt; / script & gt;), a hacker gets access to your cookies, and, hence, your Amazon account credentials.

Based on the updates Musser wrote at the bottom of the report’s web page, he first discovered the flaw in October last year. Amazon patched it up shortly after he reported it, but it made its way back after a “Manage Your Kindle” overhaul. Still, he believes’s the issue should be easy to avoid, so long as you do not download e-books (pirated or otherwise) from websites you do not know. Aside from Kindle, another Amazon-owned service was also thrust into the spotlight Earlier for exhibiting a security flaw. Audible, the company’s audiobooks service, apparently allowed users to use fake emails and credit card numbers in order to download as many files as they want. An Audible spokesperson stressed, however, that transactions made using fake credit cards were “closed quickly” and That the service takes credit card fraud seriously.

LikeTweet

No comments:

Post a Comment