Archive for Security

Many Android Phones Vulnerable to Attacks Over Malicious Wi-Fi Networks

The vulnerability resides in a widely used Wi-Fi chipset manufactured by Broadcom and used in both iOS and Android devices. Apple patched the vulnerability with Monday’s release of iOS 10.3.1. “An attacker within range may be able to execute arbitrary code on the Wi-Fi chip,” Apple’s accompanying advisory warned. In a highly detailed blog post published Tuesday, the Google Project Zero researcher who discovered the flaw said it allowed the execution of malicious code on a fully updated 6P “by Wi-Fi proximity alone, requiring no user interaction.”

Google is in the process of releasing an update in its April security bulletin. The fix is available only to a select number of device models, and even then it can take two weeks or more to be available as an over-the-air update to those who are eligible. Company representatives didn’t respond to an e-mail seeking comment for this post.

The proof-of-concept exploit developed by Project Zero researcher Gal Beniamini uses Wi-Fi frames that contain irregular values. The values, in turn, cause the firmware running on Broadcom’s wireless system-on-chip to overflow its stack. By using the frames to target timers responsible for carrying out regularly occurring events such as performing scans for adjacent networks, Beniamini managed to overwrite specific regions of device memory with arbitrary shellcode. Beniamini’s code does nothing more than write a benign value to a specific memory address. Attackers could obviously exploit the same series of flaws to surreptitiously execute malicious code on vulnerable devices within range of a rogue access point.

Source: Many Android Phones Vulnerable to Attacks Over Malicious Wi-Fi Networks – Schneier on Security

Password Rules Are Bullshit

If we don’t solve the password problem for users in my lifetime I am gonna haunt you from beyond the grave as a ghost

Source: Password Rules Are Bullshit

911 Exploit Could Have Caused Grave Problems Across the US

Apple promises to fix a 911 exploit soon. Back in October, an iOS exploit caused thousands of iPhones to dial 911 without user input. The situation got so bad that some U.S. call centers almost went offline. These are the findings of a four-month government investigation, according to The Wall Street Journal.

Source: 911 Exploit Could Have Caused Grave Problems Across the US

What do Uber, Volkswagen and Zenefits have in common? They all used hidden code to break the law.

Coding is a superpower. With it, you can bend reality to your will. You can make the world a better place. Or you can destroy it.

You may be able to fool the regulators, the police, the judges. You may be able to fool the general public. And you may be able to go on doing this indefinitely without being caught.

But that doesn’t make it right.

Developers have great power. And they must use this power responsibly.

If you’re a developer, or working toward becoming one, I strongly recommend you read Bill Sourour’s article “The code I’m still ashamed of.”

And if someone asks you to build something that is clearly illegal?—?or downright evil?—?go to the press. The developers in all three of these cases could have done this and saved the world a lot of heart ache.


TeamSIK – Password-Manager Apps

Applications vendors advertise their password manager applications as “bank-level” or “military-grade” secure. However, can users be sure that their secrets are actually stored securely? Despite the vendors’ claims, is it nevertheless possible to obtain access to the stored credentials?

In order to answer these questions, we performed a security analysis on the most popular Android password manager applications from the Google Play Store based on download count. The overall results were extremely worrying and revealed that password manager applications, despite their claims, do not provide enough protection mechanisms for the stored passwords and credentials. Instead, they abuse the users` confidence and expose them to high risks.

Source: TeamSIK – Password-Manager Apps

A privacy-focused browser developer just bought Ghostery

Cliqz, the German developer of the privacy-focused browser of the same name, has acquired the tracker-blocking browser extension Ghostery and its development team from its creator, Evidon.

Partly owned by Mozilla, Cliqz will combine Ghostery’s technology with similar functions in its browser, but plans to continue development of the extension for other browsers too, it said Wednesday.

The sale will resolve an apparent conflict of interest for Evidon, which on the one hand provided the Ghostery extension to enhance privacy, and on the other sold aggregate information to businesses regarding which trackers users blocked. It will still obtain that aggregate information from Cliqz, but one step removed.

Source: A privacy-focused browser developer just bought Ghostery | Macworld

iCloud was quietly storing years of cleared browsing histories

This morning, a Russian forensics firm named Elcomsoft announced a way to extract years’ worth of web browsing records from Apple’s iCloud storage system, a method first reported by Forbes. Those records included site names, URLs, and when a given site was visited. Cleared browsing records are also visible in the records, although they are marked as “deleted” in the table. Mobile browsing records are also visible, although the sites themselves appear to be hashed in the most recent versions of iOS.

Source: iCloud was quietly storing years of cleared browsing histories – The Verge

12 Remote Code Execution flaws patched in Flash!

The Flash Player update fixes 13 vulnerabilities, 12 that can lead to remote code execution and one that allows attackers to bypass a security restriction and disclose information. Adobe is not aware of any exploit for these flaws existing in the wild.

seriously… retire it, block it, get rid of it

Source: Adobe Security Bulletin

Go to The Glass Room. If Black Mirror Had a Showroom, This Would Be It

I want to see The Glass Room everywhere there is an Apple Store. When you sign up for the latest social app, you should have to walk through The Glass Room. Going to SXSW should come with a ticket to a Glass Room exhibit. And anyone founding or working for a tech company should have to prove they’ve gone through this space and understood its meaning.

Source: Go to The Glass Room. If Black Mirror Had a Showroom, This Would Be It

These wireless earbuds transform the sounds around you and preview a future of in-ear computers

The Here One are headphones, but Kraft doesn’t like to call them that. He doesn’t even think Doppler Labs will be in hardware for the long run. Instead, like Bragi, he considers the Here One an in-ear computer — or “hearable” — and a platform for developers to build on. He wouldn’t say which developers the company has lined up already, but did say it’ll announce initial partners soon.

In non-salesman speak, he’s banking on hearables blowing up where smartwatches have fizzled, and trying to set Doppler Labs up as a leader in the Next Big Market after (or really, alongside) smartphones.

The Here One can talk to Siri or Google Assistant, make calls, and work with a few unspecified apps. The idea is to build those apps out, and make it so the computer in your ear can displace the computer in your pocket in more and more ways. (And if you pair it with an augmented reality headset, that might provide the visual aspect headphones inherently lack.)