by Mike Masnick
Wed, Feb 8th 2012 10:57am
by Mike Masnick
Tue, Jan 3rd 2012 3:33am
from the hackers-find-a-way dept
He cited the proposed Stop Online Piracy Act (Sopa) in the United States as an example of the kind of threat facing online freedom. If passed, the act would allow for some sites to be blocked on copyright grounds.They're obviously a long way from this, but the ability of amateurs to build and launch their own satellites into space has been growing and that's only going to accelerate. On top of that, with efforts like SOPA and other censorship efforts around the globe, it's giving more urgency to folks who believe in freedom of speech and civil liberties to figure out ways to decentralize and move away from systems that can be controlled by governments.
We've noted in the past couple of years that a few big events have started to call attention to the parts of the network that are centarlized and vulnerable to censorship -- and that's resulted in numerous efforts to decentralize those elements and make them censorship-proof. These projects won't all work (and some will certainly fail miserably), but as more and more people realize that these censor-proof systems are needed, it means that they will get created.
by Mike Masnick
Mon, Oct 10th 2011 4:13pm
Hackers Claim That German Officials Have A Backdoor Trojan For Spying On Skype... Which Is A Huge Security Risk
from the breaking-the-internet dept
They got the program after a lawyer whose client was under investigation gave the CCC his client's hard drive, where the group found the code. As frequently happens with these kinds of things, the CCC found that the trojan actually introduces myriad security problems as well:
The analysis concludes, that the trojan's developers never even tried to put in technical safeguards to make sure the malware can exclusively be used for wiretapping internet telephony, as set forth by the constitution court. On the contrary, the design included functionality to clandestinely add more components over the network right from the start, making it a bridge-head to further infiltrate the computer.Even without the fact that more capabilities can be added, the existing software is pretty powerful. It apparently can remotely control the computers that it's on, take screenshots of what's happening on the computer, including emails and personal messages. And yet, time and time again law enforcement asks us to "trust" them when they want the power to secretly install this kind of crap on people's computers?
"This refutes the claim that an effective separation of just wiretapping internet telephony and a full-blown trojan is possible in practice – or even desired," commented a CCC speaker. "Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully. In this case functions clearly intended for breaking the law were implemented in this malware: they were meant for uploading and executing arbitrary code on the targeted system."
The government malware can, unchecked by a judge, load extensions by remote control, to use the trojan for other functions, including but not limited to eavesdropping. This complete control over the infected PC – owing to the poor craftsmanship that went into this trojan – is open not just to the agency that put it there, but to everyone. It could even be used to upload falsified "evidence" against the PC's owner, or to delete files, which puts the whole rationale for this method of investigation into question.
The analysis also revealed serious security holes that the trojan is tearing into infected systems. The screenshots and audio files it sends out are encrypted in an incompetent way, the commands from the control software to the trojan are even completely unencrypted. Neither the commands to the trojan nor its replies are authenticated or have their integrity protected. Not only can unauthorized third parties assume control of the infected system, but even attackers of mediocre skill level can connect to the authorities, claim to be a specific instance of the trojan, and upload fake data. It is even conceivable that the law enforcement agencies's IT infrastructure could be attacked through this channel. The CCC has not yet performed a penetration test on the server side of the trojan infrastructure.
"We were surprised and shocked by the lack of even elementary security in the code. Any attacker could assume control of a computer infiltrated by the German law enforcement authorities", commented a speaker of the CCC. "The security level this trojan leaves the infected systems in is comparable to it setting all passwords to '1234'".
by Mike Masnick
Tue, Aug 30th 2011 2:08pm
from the diginot dept
So how was this done? The folks at F-Secure have found some evidence suggesting the company was hacked by Iranian hackers (probably working for the government). But what's really scary, is that the evidence F-Secure found suggests that DigiNotar was hacked at least two years ago. F-Secure also takes issue with DigiNotar's explanation concerning how this one fraudulent Google certificate got out:
While Diginotar revoked the other rogue certificates, they missed the one issued to Google. Didn't Diginotar think it's a tad weird that Google would suddenly renew their SSL certificate, and decide to do it with a mid-sized Dutch CA, of all places? And when Diginotar was auditing their systems after the breach, how on earth did they miss the Iranian defacement discussed above?Realistically, this raises a much larger issue about our reliance on these Certificate Authorities, and what happens when their security is weak, as appears to be the case with DigiNotar. As the EFF notes, it's time to move beyond this method of security:
As the problems with the certificate authority system become clear, lots of people are working on ways to detect and mitigate these attacks. Chrome's pinning feature is available not only to Google web sites but to any webmaster; if you run an HTTPS site, you can contact the Chrome developers and get your site's keys hard-coded. Other browser vendors may implement a similar feature soon. The same result could also be achieved by giving web sites themselves a way to tell browsers what certificates to anticipate—and efforts to do this are now underway, building on top of DNSSEC or HSTS. Then browsers could simply not believe conflicting information, or at least provide a meaningful way to report it or warn the user about the situation.Of course, there will be no DNSSEC if PROTECT IP passes... Another reason to worry about that law, as it closes off one path to protect against these kinds of attacks.
by Tim Cushing
Tue, May 24th 2011 2:22pm
from the nerd-rage-perk-activated dept
"Texas Instruments has struck back against Nspire gamers and hackers with even stronger anti-downgrade protection in OS 3.0.2, after the TI calculator hacking community broke the anti-downgrade protection found in OS 2.1 last summer and the new one in OS 3.0.1 a month ago. In addition to that, in OS 3.0.1 the hacker community found Lua programming support and created games and software using it. Immediately, TI retaliated by adding an encryption check to make sure those third-party generated programs won't run on OS 3.0.2."
So then, business as usual for TI, who a couple of years back sent out DMCA takedown notices in an effort to remove posted code that allowed their scientific calculators to run custom software. Having learned nothing from that situation (other than perhaps "misguided might makes 'right'"), TI has decided to bypass the broken DMCA process (well, "broken" as in anybody can use it for just about anything, not that it doesn't work) and just go ahead and brick the modified calculators.
Not only have they learned nothing from their own experience, but they've completely missed any sort of cautionary notes from the epic saga of "Sony vs. The h4x0rz," in which a console manufacturer unwisely removed functionality that users paid for with a fatuous "update," only to find themselves staring down the barrel of an enterprising jailbreaker. And then there was that whole thing about their network being taken down (still ongoing).
I'm sure TI will be fine, though. After all, it has no online community to protect, having shooed most of them away two years ago. And the Sony story isn't over yet, so there's always a chance that forcing limitations on your die-hard supporters will result in more sales.
by Mike Masnick
Fri, Feb 25th 2011 9:23am
from the learn-to-let-go dept
- Sony DMCA delayed disclosure of Sony BMG rootkit vulnerability
- Sony threatens Aibo hobbyists for creating software that enables Sony’s Aibo robot dog to dance
- Sony sues Connectix and Bleem to block software that allows gamers to play their PlayStation games on PCs
- Sony attacks PlayStation “Mod Chips” and enforces a system of “region coding”
- Sony sued Gamemasters, distributor of the Game Enhancer peripheral device, which allowed owners of a U.S. PlayStation console to play games purchased in Japan and other countries
- Sony removes OtherOS option, removes Linux support
- Sony is suing makers, hackers, and tinkers for jailbreaking of the PS3 to play homebrew games
by Mike Masnick
Tue, Dec 16th 2008 2:40am
from the blame-the-actual-logging-companies dept
by Mike Masnick
Mon, Nov 5th 2007 7:01am
from the seems-a-bit-extreme dept
by Timothy Lee
Tue, Sep 25th 2007 1:24pm
from the be-careful-with-that dept
But even if Apple is within their legal rights, releasing a firmware update that they know will break some phones is a terrible business strategy. It's never a good idea to anger your customers, and it certainly wouldn't be difficult for Apple to add a function to the firmware updater that checks the phone for unlocking software and warns the customer if a potential problem is detected. Users might still be annoyed at being unable to get the latest firmware, but that's better than silently turning their phone into a paperweight. More generally, Apple shouldn't underestimate the value of the unlockers to the iPhone product ecosystem. Those sorts of tech-savvy early adopters are the most likely to develop new and innovative uses for the product, thereby increasing its value for all customers. For example, podcasting has surely made the iPod more valuable; it was invented by tech hobbyists and only later integrated by Apple into iTunes. And if Apple plays hardball with phone-unlockers, that's not likely to enhance their bottom line. More likely, they'll most likely just persuade people who like tinkering with their gadgets to buy their next cell phone from another company.
by Mike Masnick
Wed, Sep 12th 2007 6:39pm
from the which-is-a-bigger-worry? dept