Category: Computing

Exploit of DRAM vulnerability leads to attack vector on disk encryption

Post author By Matt Wharton
Post date February 24, 2008

Ed Felten and his colleagues have released an amazing research result which leads to an attack on hard disk encryption systems such as TrueCrypt, BitLocker and FileVault. Through the process of rapidly reducing the temperature of the memory chips in a computer they can extract the data contained within which would include the encryption key neccessary to decrypt the computer’s hard drive. [via]

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials.

This is a very interesting piece of research but I don’t believe that it actually yields a practicable attack on hard disk encryption as long as the user maintains control of their computer in the thirty seconds or less following shutdown.

Just make sure that you don’t leave your laptop laying around whilst in sleep mode or locked by a screensaver password, but a user with enough security sense to have hard disk encryption on there computer is unlikely to do that anyway.

Declan McCullagh gives his analysis of the research in this article Disk encryption may not be secure enough, new research finds.

Tags computer security, cryptography

Computing

Vulnerability in Google’s handling of SSL and session IDs

Post author By Matt Wharton
Post date February 5, 2008

Wired’s Threat Level blog covers the vulnerability in Google’s handling of SSL and session IDs.

One of the big stories at DefCon last year was a security researcher’s demonstration of wirelessly sniffing users’ session cookies while they accessed their e-mail accounts or conducted e-commerce transactions via wireless networks. The attack allowed a hacker access to the victim’s Gmail or Hotmail account without needing to decipher the user’s password.

Now the security researcher who presented that info has found that even using SSL HTTPS to access your Gmail account — which was touted at the time as a surefire way to protect Gmail users against such an attack — is vulnerable to this hack.

Additional coverage at The Register.

Tags computer security, cryptography, Google

Computing

Pension details of M&S staff left on stolen laptop

Post author By Matt Wharton
Post date February 1, 2008

BBC News: M&S staff details left on laptop

Marks and Spencer has been found in breach of data protection rules after the theft of a laptop containing the personal details of 26,000 employees.

The Information Commissioner’s Office (ICO) said the data on the laptop, which was stolen from the home of an M&S contractor, was unencrypted.

The ICO has ordered M&S to make sure all laptop hard drives are fully encrypted by April 2008.

Tags computer security, cryptography

Computing

Skype and the Bavarian trojan in the middle

Post author By Matt Wharton
Post date January 27, 2008

Wikileaks has published a couple of leaked documents that detail how the Bavarian police, Ministry of Justice and the Prosecution office tried to arrange the purchase of malware to aid in the interception of encrypted data submitted via SSL or Skype via the internet.

If the intention was to intercept all Skype traffic in Bavaria or perhaps further afield then this could be a serious breach of civil liberties but I suspect it is merely the Bavarian authorities looking for an equivalent to a court-approved phone tap now that criminals have presumably adopted Skype or other voice over IP type technologies.

I don’t think the trojan horse approach is very practicable though as it either requires the targets to unwittingly install it or for the police to secretly gain physical access to their target’s computers in order to install the software themselves.

Tags computer security, totalitarianism

Computing

Power grids hacked over the internet by extortionists says CIA

Post author By Matt Wharton
Post date January 21, 2008

Robert McMillan writes that CIA Says Hackers Have Cut Power Grid

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. Central Intelligence Agency analyst said this week.

Speaking at a conference of security professionals on Wednesday, CIA analyst Tom Donahue disclosed the recently declassified attacks while offering few specifics on what actually went wrong.

Criminals have launched online attacks that disrupted power equipment in several regions outside of the U.S., he said, without identifying the countries affected. The goal of the attacks was extortion, he said.

This doesn’t surprise me but it does perplex me that companies create systems whereby major power grid equipment can be accessed via the internet.

By making anything accessible over the internet you have created a vulnerability because no matter the security systems put in place there is now a chance that criminals will be able to gain access. Even if the technology securing access is perfect (and it is almost impossible to verify whether it is totally secure as new bugs come to light all the time) then there is the avenue of social engineering where a person with access privileges is compromised by the criminals and gives out the required information to access the system.

Tags computer security

Computing

Dutch RFID transit pass cracked and cloned

Post author By Matt Wharton
Post date January 16, 2008

Roel Verdult, an MSc. student from the Raboud University of Nijmegen, used an RFID tag emulator to perform a successful practical relay attack on the single-use OV Chipkaart (the Dutch RFID public transportation card), that uses MIFARE Ultralights. [via]

His report is titled Proof of concept, cloning the OV-Chip card (pdf link)

Tags computer security

Computing Security

Cyber thieves target social sites

Post author By Matt Wharton
Post date January 3, 2008

The BBC reports that social sites such as Myspace and Facebook are prime targets of cyber thieves.

The quasi-intimate nature of the sites makes people share information readily leaving them open to all kinds of other attacks, warn security firms.

Detailed information gathered via the sites will also help tune spam runs or make phishing e-mail more convincing.

It is not just the information that people make public that they wouldn’t ordinarily tell a stranger but that add-ons to these social sites may inadvertently create vulnerabilities whereby criminals can compromise a users computer and install trojans or keylogging software to steal bank details.

Tags computer security, identity theft, security

Computing Security

Entire Child Benefit database lost.

Post author By Matt Wharton
Post date November 20, 2007

The loss of two CDs containing the personal details of all families in the UK with a child under 16 inspires me with confidence of the Government’s ability to ensure the security of the data to be held in the National Identity Register.

Tags computer security, security

Computing

Public Wi-Fi Cookie Exploit

Post author By Matt Wharton
Post date August 3, 2007

Robert Graham of Errata Security has demonstrated at the Black Hat hacker conference in Las Vegas an exploit that allows attackers to login to users accounts without a password on webmail and social networking sites by stealing cookies.

Attackers would be able to real and post messages posing as the genuine user of the account, they would not however be able to make any major changes to any accounts they had hijacked as sites require users to enter a password for such activities.

Tags computer security

Computing Security

Potty about Harry’s leakage on bittorrent

Post author By Matt Wharton
Post date July 19, 2007

Bruce Schneier reports that the New Harry Potter Book Leaked on BitTorrent and that he’s been fielding press calls all day about it.

It’s online: digital photographs of every page are available on BitTorrent.

I’ve been fielding press calls on this, mostly from reporters asking me what the publisher could have done differently. Honestly, I don’t think it was possible to keep the book under wraps. There are millions of copies of the book headed to all four corners of the globe. There are simply too many people who must be trusted in order for the security to hold. And all it takes is one untrustworthy person — one truck driver, one bookstore owner, one warehouse worker — to leak the book.

But conversely, I don’t think the publishers should care. Anyone fan-crazed enough to read digital photographs of the pages a few days before the real copy comes out is also someone who is going to buy a real copy. And anyone who will read the digital photographs instead of the real book would have borrowed a copy from a friend. My guess is that the publishers will lose zero sales, and that the pre-release will simply increase the press frenzy.

I’m kind of amazed the book hadn’t leaked sooner.

And, of course, it is inevitable that we’ll get ASCII copies of the book post-publication, for all of you who want to read it on your PDA.

Harry Potter Fans Transcribe Book from Photos

Scholastic Loses It Over Harry Potter/BitTorent Story

The Harry Potter leaker left the EXIF data still in the jpgs they created.

Tags books, computer security, movies, security

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this: