2019-09-25 @ 08:06: RGB Fusion Bugs | Security | WTF

I got frustrated at Gigabyte’s RGB control stuff (I just REALLY want to turn my GPU LEDs off!) so I caved in and started reverse engineering RGB Fusion and OH GOD WHY DID I DO THAT IT IS SO HORRIBLY CURSED

Source: Graham Sutherland [Polynomial^DSS]‏

So, basically, the RGB Fusion software flashes a new firmware when you set a new LED pattern. What an unbelievable mess! What do these software developers do for their living? Ah, yes, the develop software. I see.

Why has the user land software have to take care of this? Instead the firmware should just receive a call from the software and do the necessary steps. No need to flash a firmware for that if you do it correctly.

Still, reading this causes physical pain.

The U.S. government concluded within the last two years that Israel was most likely behind the placement of cell-phone surveillance devices that were found near the White House and other sensitive locations around Washington, D.C., according to three former senior U.S. officials with knowledge of the matter.

But unlike most other occasions when flagrant incidents of foreign spying have been discovered on American soil, the Trump administration did not rebuke the Israeli government, and there were no consequences for Israel’s behavior, one of the former officials said.

The miniature surveillance devices, colloquially known as “StingRays,” mimic regular cell towers to fool cell phones into giving them their locations and identity information. Formally called international mobile subscriber identity-catchers or IMSI-catchers, they also can capture the contents of calls and data use.

The devices were likely intended to spy on President Donald Trump, one of the former officials said, as well as his top aides and closest associates — though it’s not clear whether the Israeli efforts were successful.

Source: Politico

We worry about face recognition just as we worried about databases – we worry what happens if they contain bad data and we worry what bad people might do with them.

It’s easy to point at China, but there are large grey areas where we don’t yet have a clear consensus of what ‘bad’ would actually mean, and how far we worry because this is different rather than just because it’s just new and unfamiliar.

Like much of machine learning, face recognition is quickly becoming a commodity tech that many people can and will use to build all sorts of things. ‘AI Ethics’ boards can go a certain way but can’t be a complete solution, and regulation (which will take many forms) will go further. But Chinese companies have their own ethics boards and are already exporting their products.

Source: Ben Evans

For years, an enduring mystery has surrounded the Stuxnet virus attack that targeted Iran’s nuclear program: How did the U.S. and Israel get their malware onto computer systems at the highly secured uranium-enrichment plant?

The first-of-its-kind virus, designed to sabotage Iran’s nuclear program, effectively launched the era of digital warfare and was unleashed some time in 2007, after Iran began installing its first batch of centrifuges at a controversial enrichment plant near the village of Natanz.

The courier behind that intrusion, whose existence and role has not been previously reported, was an inside mole recruited by Dutch intelligence agents at the behest of the CIA and the Israeli intelligence agency, the Mossad, according to sources who spoke with Yahoo News.

An Iranian engineer recruited by the Dutch intelligence agency AIVD provided critical data that helped the U.S. developers target their code to the systems at Natanz, according to four intelligence sources. That mole then provided much-needed inside access when it came time to slip Stuxnet onto those systems using a USB flash drive.

Source: Yahoo News

Hundreds of millions of phone numbers linked to Facebook  accounts have been found online. The exposed server contained more than 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K., and another with more than 50 million records on users in Vietnam. But because the server wasn’t protected with a password, anyone could find and access the database. Each record contained a user’s unique Facebook ID and the phone number listed on the account. A user’s Facebook ID is typically a long, unique and public number associated with their account, which can be easily used to discern an account’s username.

But phone numbers have not been public in more than a year since Facebook restricted access to users’ phone numbers. TechCrunch verified a number of records in the database by matching a known Facebook user’s phone number against their listed Facebook ID. We also checked other records by matching phone numbers against Facebook’s own password reset feature, which can be used to partially reveal a user’s phone number linked to their account.
Some of the records also had the user’s name, gender and location by country.

Source: TechCrunch

Hackers at the Central Intelligence Agency, with the help of colleagues from the British spy agency MI5, developed malware to secretly spy on targets through their Samsung Smart TVs, according to new documents published by WikiLeaks.
On Tuesday, WikiLeaks dumped a large cache of documents allegedly coming from the CIA’s hacking unit. Julian Assange’s organization dubbed the release, which it says it’s the first in a series, as “Vault 7,” and billed it as the largest-ever of confidential CIA intelligence documents.

Source: VICE

I said it once and I say it again: Using smart-home technology maybe convenient, but it’s not smart.

Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed “SACK Panic,” allows a remotely-triggered kernel panic on recent Linux kernels. There are patches that address most of these vulnerabilities. If patches can not be applied, certain mitigations will be effective. We recommend that affected parties enact one of those described below, based on their environment.

Source: https://www.openwall.com/lists/oss-security/2019/06/17/5

Scanning your computer for malware viruses is important to keep it running smoothly. This also is true for your QLED TV if it’s connected to Wi-Fi! Prevent malicious software attacks on your TV by scanning for viruses on your TV every few weeks.

Source: Samsung

Why does the TV need Internet access anyway? No Samsung devices for me then. Never ever.

About two years ago Theresa May said:

[..] that last night’s London terror attacks mean that the Internet cannot be allowed to provide a “safe space” for terrorists and therefore working cryptography must be banned in the UK.

Source: https://boingboing.net/2017/06/04/theresa-may-king-canute.html

The German interior ministry said today:

Das Bundesinnenministerium ist dem Vorwurf entgegengetreten, es wolle Anbieter von Messenger-Diensten wie WhatsApp zur Entschlüsselung der Kommunikation ihrer Nutzer zwingen. Die Bundesregierung halte an dem Prinzip “Sicherheit durch Verschlüsselung und Sicherheit trotz Verschlüsselung” fest, sagte ein Sprecher der dpa. Er betonte: “Wir wollen weiterhin keine Hintertüren oder Verschlüsselungsverbote.”
Damit Terroristen und Bandenmitglieder ihre Kommunikation nicht durch die Nutzung verschlüsselter Messenger-Dienste komplett abschotten könnten, müssten die Provider aber einen “staatlichen Zugriff als gesetzlich geregelte Ausnahme” ermöglichen. Einen Gesetzentwurf hierzu gebe es jedoch noch nicht, sagte der Sprecher. “Wir stehen hier noch am Anfang einer Lösungsfindung.”

Source: https://www.heise.de/-4447537

To my mind it seems like most of the politicians do not realize that cryptography has something to do with mathematics, rather than with sets of rules like who’s (dis)allowed to do what.

2019-06-12 @ 07:59: RAMBleed Bugs | Security

RAMBleed is a side-channel attack that enables an attacker to read out physical memory belonging to other processes. The implications of violating arbitrary privilege boundaries are numerous, and vary in severity based on the other software running on the target machine. As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. However, RAMBleed can be used for reading other data as well.
RAMBleed is based on a previous side channel called Rowhammer, which enables an attacker to flip bits in the memory space of other processes. We show in our paper that an attacker, by observing Rowhammer-induced bit flips in her own memory, can deduce the values in nearby DRAM rows. Thus, RAMBleed shifts Rowhammer from being a threat not only to integrity, but confidentiality as well. Furthermore, unlike Rowhammer, RAMBleed does not require persistent bit flips, and is thus effective against ECC memory commonly used by server computers.

RAMBleed

Now imagine you put your stuff into the cloud ….


  • About

    We never asked for this.