florian-rabe
commented
7 years ago Bored teenager accesses masses of unsecured printers remotely:
Closed florian-rabe closed 7 years ago
florian-rabe
commented
7 years ago Bored teenager accesses masses of unsecured printers remotely:
florian-rabe
commented
7 years ago Smart TVs track our viewing behavior:
http://www.theverge.com/2017/2/7/14527360/vizio-smart-tv-tracking-settlement-disable-settings
florian-rabe
commented
7 years ago Smart cars do not allow users to manage access properly:
http://money.cnn.com/2017/02/17/technology/used-car-hack-safety-location/
florian-rabe
commented
7 years ago First SHA-1 collision found:
https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
This is particularly interesting for the course. Anybody interested in doing a seminar-style report on how they did it? It would have to be presented in the lecture when we do SHA-x (around April). 5% bonus credit provided you actually do a good job.
florian-rabe
commented
7 years ago Here's one that fits very well with one of next week's topics - parsing a formal system.
https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
Scroll down to where they quote their buggy source code and judge what they did wrong.
Another link by Aulon: https://www.wired.com/2017/02/crazy-cloudflare-bug-jeopardized-millions-sites/
florian-rabe
commented
7 years ago And another one: Yesterday the Academy Awards presenters for best movie were given the wrong envelope. The mistake was only corrected when the non-winners were in the middle of their acceptance speeches.
That was not a computer failure. But it was a failure of a system consisting of rules and procedures. So we can think of it as a failure at the level of the algorithm design.
What went wrong?
florian-rabe
commented
7 years ago This happened in October, but I only found out about it now: a simple web page makes certain iOS apps automatically call phone numbers:
https://www.mulliner.org/blog/blosxom.cgi/security/ios_webview_auto_dialer.html
In this case a teenager will be prosecuted because he made the iphones call 911, which amounts to a denial of service attack.
Arguably, Apple and the app developers are to blame instead or as well: Automatic phone calls are a great of how all software components should be designed with minimal access rights.
florian-rabe
commented
7 years ago Apparently, the CIA has its own anti-privacy program:
https://wikileaks.org/ciav7p1/
It's not so different from what other secret services are doing. But that it's possible at all is an embarrassment for Google (for Android), Apple (for iOS), etc.
In particular, it should be impossible to remotely turn on the microphone or camera. That should not even be a pure software issue - at the very least the hardware should make sure that some not-software-controllable LED is automatically on when camera or microphone are active.
florian-rabe
commented
7 years ago This is extremely bad design: private customer data available online without any encryption or protection.
The fault seems to be bad design.
They also seem to use a lot unsecured (http) pages inside their seemingly-secured (https) site, thus partially undoing the benefit of https.
florian-rabe
commented
7 years ago The US is moving towards ridiculously loose privacy rules for internet service providers:
Even if the browsing data is sold anonymously and users only visit https sites, it will be straightforward to deanonymize most of it.
florian-rabe
commented
7 years ago An interesting legal question about the security of computer systems: The US is trying to prosecute a programmer for malicious use of his software by others.
http://www.thedailybeast.com/articles/2017/03/31/fbi-arrests-hacker-who-hacked-no-one.html
florian-rabe
commented
7 years ago A current study about how pairs of apps allow by-passing (the already laughably weak) permission system of Android:
http://people.cs.vt.edu/danfeng/papers/AsiaCCS-17-Yao.pdf
Giving a talk on this paper (including some background on the Android permissions model) is another source for bonus credit.
florian-rabe
commented
7 years ago Microsoft's response to the ShadowBrokers leak of Windows exploits used by the NSA. https://blogs.technet.microsoft.com/msrc/2017/04/14/protecting-customers-and-evaluating-risk/
All vulnerabilities were already fixed. Interestingly, half of them were fixed only one month ago.
So it's plausible that these were reported to Microsoft by someone involved in the release, e.g., the hacker group or the NSA. (Microsoft gives credit to whoever found and reported the vulnerability, but it's also possible to remain anonymous.)
Update (May 13): One month later there are still millions of unpatched computers directly connected to the internet. This has now enabled one of the biggest attacks ever including ransomware attacks of Deutsche Bahn and British hospitals. Microsoft has now released an emergency patch for outdated operating systems like XP that are vulnerable and still widely used.
aulon
commented
7 years ago Defcon talk "No Tech Hacking"
Exposing the easy side of social engineering
florian-rabe
commented
7 years ago Fitting to our discussion about minimizing the exposure of your systems:
florian-rabe
commented
7 years ago And this vulnerability describes the interesting dual effect of anti-virus software: it's good to scan for viruses, but any vulnerability in the scanner is especially bad.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0290
florian-rabe
commented
7 years ago All voice assistants are trivial to hijack:
I'm going to use this issue to post interesting current practical examples that I come across.
Feel free to post yourself if you find something.