Archive

Archive for the ‘Security/Exploits’ Category

Passware release Bitlocker/Truecrypt Decryption Tool

April 5, 2010 Leave a comment

Following on from my post “10 Things You Don’t Want To Know About Bitlocker”, “TPM Undressed” and “Firewire Attacks Revisited” it recently came to my attention that Passware, Inc. A feisty California company has released a version of their forensic software which will decrypt Bitlocker and TrueCrypt protected hard disks via the classic Firewire vulnerabilities.

A full write-up can be found on the Passware site, but simply, given a machine that’s running, but has encrypted drives (for example one using Bitlocker in TPM-only mode, or a machine which is suspended, not hibernated). As to how to do it, well they have implemented the exploit in a very neat and usable way:

Read more…

Smart power meters easily hacked…

March 29, 2010 Leave a comment

Recently Jordan Robertson reported that serious flaws had been found in so-called “Smart” power meters which are being rolled out slowly by the utilities companies.

These meters, designed to help individuals and companies more effectively manage their electricity usage were found to have serious security flaws which could allow hackers not only to tamper with your supply, a new twist on the “Denial of Service” attack, but could also be used to fool the utility provider into thinking you’re using more power than you actually are.

TPM “Undressed..”

February 16, 2010 7 comments

Recently it was announced with much fanfare that the now-ubiquitous “TPM” chip found in most modern computers had been hacked. This obviously unnerved a lot of people, especially those hanging the safety of their secrets on free solutions like Microsoft Bitlocker which use the TPM to provide convenience to their users.

The attack, invented about 60 years ago, but elegantly implemented by Christopher Tarnovsky of Flylogic involved attacking the hardware of the chip itself by uncasing it and probing its signal pathways – something that seems difficult until you read their blog and realize they do it every day.

Chris used a combination of off-the-shelf acids and rust-remover solutions to dissolve first the outer casing of the chip, then the wire grid tamper-proofing shields inside.

Once “undressed” he was able to probe and monitor what was going on inside anonymously. Read more…

“Cheap” Secure USB Sticks, you get what you pay for?

January 6, 2010 5 comments

Recently a whole slew of news sites announced a newly discovered vulnerability (care of the German Security firm SySS) on a range of “supposedly” secure consumer USB sticks.

These models from SanDisk, Kingston and Verbatim were apparently easy to defeat and retrieve the data from without knowing the users password or having any prior knowledge or touch on the stick.

The exploit was simple – it seems the software tool shipped with the sticks validates the password, not the stick itself, and the sticks use a fixed authentication key. Yes, ALL sticks use the same auth key. By simply sending this known ack key to the stick, you can unlock it, or any other stick.

Interestingly, some of these insecure devices had been through FIPS 140-2 Level 2 security certification, so should really have been immune to this kind of attack.

Read more…

Identity Theft bad for your health, or even fatal?…

December 14, 2009 Leave a comment

This week, the Central District Court of California saw Pavel Valkovich, a convicted identity theft mastermind, plead guilty to trying to hire a contract killer to ‘off’ one of the witnesses against him. Valkovich, originally found guilty  of trying to transfer $440,000 from a victims bank account (via PayPal fraud) will face a statutory 50 years in the clink – 20 years for the murder-for-hire and 30 years for the fraud?

Shouldn’t those two be the other way around perhaps? Read more…

Categories: Cyber War Tags: ,

Seasonal Security…

December 14, 2009 Leave a comment

In the spirit of the season, the Louisville Better Business Bureau printed 10 great tips about how to keep safe online and “in real life” this season. Though McAfee also regularly publish such information on our consumer sites, it’s interesting to get someone elses opinion on what the prevalent scams going on are.

So, ho-ho-ho and here we go with the information – be Safe online this holiday season!

1. H1N1 Email Virus – Internet scammers are sending fake emails all over the country to steal passwords and install a damaging virus on victims’ computers. The fraudulent email purportedly comes from a “State Vaccination H1N1 Program” and offers an official-looking but bogus link to the Website for the U.S. Centers for Disease Control and Prevention. The message says anyone 18 or older should click on the link to complete a personal profile because every adult “has to have his personal vaccination profile” on the CDC’s Website, whether they intend to be vaccinated or not. Read more…

Evil Maid, another nefarious trojan attack..

November 17, 2009 2 comments

Last month Joanna Rutkowska posted a very interesting article showing a practical “Evil Maid” attack against the open-source TrueCrypt FDE product.  The attack is reasonably simple, subvert the pre-boot authentication engine of the full-disk encryption product in question to add a password-sniffing routine, then wait for the unsuspecting user to authenticate to their machine and then retrieve the credentials at a later stage.

Evil Maid is simply hooking the pre-boot code of TrueCrypt and adding a routine to store the users password. Because the TrueCrypt code is quite simple, it’s a relatively easy thing to do, but the attack is theoretically valid regardless of this fact, just the effort to make the hook code increases with the sophistication of the pre-boot environment. Read more…

“Are Youse guys responsible for bleeding Anti Virus 2010?”

November 16, 2009 Leave a comment

For those who know me, know I am a great lover of Google Voice – if you don’t know the service I advise you check it out, it has amazing features like call announcement and voice mail transcription. I use it to keep the marketeers away.

But tonight, I got a very interesting call from a nice guy called Andy from Queens, NYC, who in a traditional movie star accent which I can’t do justice to asked me “Are youse  guys  responsible for Anti Virus 2010?” Read more…

Mwa Ha Ha! Crack your 10 char password for under $3,000

November 3, 2009 Leave a comment

A recent article from  David Campbell also published on The Register reminded us that there’s a lot of computing power available for rent at the moment. Using a pretty standard brute force password cracker as a benchmark, and Amazon’s EC2 computing platform cost of $.30 per hour, he came up with some surprising, but perhaps unexpectedly low figures for how much money it takes to crack various strength passwords. Read more…

Hacking Exposed – Son of Scoop.pl

October 6, 2009 Leave a comment

After attending this mornings Hacking Exposed session at McAfee Focus 09, I was inspired to recreate Stuart McClure’s “Scoop.pl” script. I don’t have Python or Pearl installed on my machines, but I do have VBScript, and I do have Primalscript, so it seemed a simple thing to create this useful tool which helps you get the lowdown on what sites are present on a given URL. Read more…