Credit: Gizmodo

The internet was a-buzz this weekend after Gizmodo got its hands on what seems to be a genuine prototype fourth generation (4G) iPhone. The device was "left in a bar in Redwood City" and acquired by the gadget site for $5,000.

Apple was able to wipe the phone remotely before anyone could test it out, but the site's editors quickly disassembled it to discover its new hardware components. Their efforts suggest that the 4G iPhone will have several long-asked-for new features.

• Longer battery life: Many of the components inside the phone had been miniaturized to make room for a battery that's about 16% bigger than the current one.
• A better screen: The screen on the new device is about the same size as the current one (or a little smaller), but it has twice the resolution--960x640 pixels.
• A micro-sim: Like the iPad, the next iPhone will use a smaller type of mobile phone chip called a MicroSIM. The new format has more on-chip storage, requires less physical space and will also make it difficult to run an iPhone on a non-approved network.
• A second camera: Presumably this will be for making mobile video calls via iChat. This makes sense since there are also numerous references to iChat in the latest iPhone OS code.
• A better first camera, and a flash: A common complaint about the iPhone's camera is the quality of the photographs it takes in low light. A new and improved camera and a flash will address this.

Getting hold of the device is remarkable given Apple's paranoid attitude towards secrecy. Steve Jobs has reportedly even called to ask for it back.

Christopher Tarnovsky, who operates the California-based consulting firm Flylogic Engineering, must strike dread into the heart of anyone working on secure computer chips.

At the Black Hat DC, a computer-security conference in Washington, DC, Tarnovsky gave an impressive demonstration of how even the most secure system will fall under a sustained, determined attack.

Tarnovsky says that he spends almost every waking moment hacking chips. He even owns a focused ion beam work station--a secret weapon for chip hackers. Such a machine costs a quarter of a million dollars, used.

The target in Tarnovsky's demonstration was the family of chips used for trusted platform computing, and for controlling access to the Xbox 360, GSM SIM cards, and satellite television transmissions. After six months of intense work, Tarnovsky says he developed a technique that allows him to break one of these chips in a matter of hours.

That's not to say that the chip's security is poor. Tarnovsky speaks of its design with great respect. When he describes what he had to do to get into it, it's easy to see why: the device is loaded with encryption, dummy data, light sensors that destroy the chip if they detect a signal, and a complex coating of mesh that will also kill the chip if it's mishandled.

"It's a really nice design," Tarnovsky says, "but it's not as secure as they claim it is." This turns out to be the message he wants to get across. Since this chip is rated with extremely high security, Tarnovsky has identified improvements that he believes should be made to protect it further.

However, he acknowledges that few people have the skill and equipment needed to break the chip. In this case, announcing that he's broken the device won't mean a flood of copycat hackers. Instead, it just shows that nothing is invulnerable.

Money from the United States' stimulus package is flowing into the energy industry, in part to improve the infrastructure for delivering electricity by adding "smart meters" to homes. But security researchers say the dollars are flowing too fast, without enough attention to security.

Mike Davis, a senior security consultant at the Seattle-based security research company IOActive, tested several varieties of the new meters and presented some of his findings yesterday at Black Hat, a computer-security conference in Las Vegas.

Davis explains that smart meters contain a radio chip and mesh networking software that enable them to automatically report customers' energy use, automatically update the software running the devices, and have remote controls that allow a utility to shut off a customers' electricity over the network. Previously, meters have been able to report energy use wirelessly, but it required using a short-range signal that could be picked up from a utility company vehicle as it drove by. The new meters are more automated, and could operate with less human intervention, Davis says.

With the influx of stimulus dollars, Davis says, a lot of companies have huge lists of features they want to add to the meters. There is also a high level of competition between manufacturers so products are being rushed to market, he says.

Of particular concern to Davis are commands that allow remote control over consumers' meters. Though individuals have long tried to hack into their meters to save themselves a few dollars, the results of remote control could have a broader effect. "This generation of smart meters is probably not mature enough to handle the remote disconnect feature," he says.

Though Davis is not at liberty to disclose what brands of meters he tested, he says that, for one brand, he was able to design a worm that he could install in one meter and propagate through the network. In simulations, Davis calculated that, in a region where 100 percent of homes have a smart meter installed, the worm could infect some 15,000 meters in the span of 24 hours. Once the worm spreads, an attacker could use it to give commands to the infected meters such as to shut down.

Davis says all the meters he has tested have security flaws that need further examination before the devices are widely deployed. "Cleaning up from a compromise is going to be expensive and slow," he says, and it's better to fix as much as possible before that happens.

Davis is not the only one investigating the security of smart meters. Security researcher Travis Goodspeed also presented at Black Hat his attacks on some of the chips that typically go into smart meters (Goodspeed specializes in chips that use the Zigbee protocol, a communications protocol that's typically used for the low-power digital radios found in smart meters). Goodspeed believes that the chips need more work. "The Zigbee chips presently available are not secure against a local attack," Goodspeed says, meaning that, if an attacker can get access to a device, he believes the attacker can compromise it.

Davis believes better security is possible on the devices. For example, he suggested that the meters themselves could be programmed to detect and report anomalies in the network. In his talk, Davis said, "Customers need to pressure their utilities to make conservative choices when it comes to the security of their meters."