Posted 09/02/08 at 03:45:22 PM by Pulkit Chandna

Two researchers, Alex Pilosov and Anton Kapela, have concocted a technique to exploit the Border Gateway Protocol (BGP) – internet’s core routing protocol. They demonstrated their technique at the DefCon hacker conference in Las Vegas. The threat emanates from the innate credulity of the routing protocol: the BGP apparently is designed to trust all nodes and can be exploited to redirect insane volumes of internet traffic to malevolent networks.

It can be used for spying at a truly unprecedented scale. No, we are not talking about stalking someone on Facebook but nation-state espionage. Millions of users can be exposed within moments of such an attack. A few solutions have already been propounded, but ISPs seem to be watching quietly from the sidelines.

Read More

Comments 

4

TAGS 

Software, Security, Internet, defcon, hackers, threat, Attack, BGP, routing protocol, risk

Posted 09/01/08 at 12:23:24 PM by Paul Lilly

The past few months we've watched SSDs gain momentum and attract the focus of both manufacturers and consumers. From larger capacities to faster performance, traditional hard drives suddenly find themselves on the verge of obsolesence. Or do they?

One of the biggest concerns surrounding SSDs continues to be long-term reliability, but there might even be a bigger stumbling block. Because many SSDs use industry-standard NAND flash chips designed for handheld gadgets, physical security becomes a potential issue. Jim Handy, director of semiconductor research and consulting firm Objective Analysis, points out there's nothing to prevent a hacker from unsoldering NAND chips from an SSD and extracting the data using a flash chip programmer. "There's really nothing sophisticated about this process," Handy said.

But that's not the only method. A hacker could use an ultraviolet laser to wipe out lock bits (encryption locks) from fuses on chip that secure SSDs. The data can then be read without any special software.

Is Jim Handy right to be concerned? Hit the jump to post your thoughts.

Read More

Comments 

10

TAGS 

Security, consumer electronics, ssd, solid state drive, build a pc

Posted 08/27/08 at 10:43:55 AM by Paul Lilly

Some Linux users are getting a feel for what it's like to be one of the Windows faithful, as the open source community looks to be under siege. The U.S. Computer Emergency Readiness Team (CERT) has issued a warning for "active attacks" against Linux-based infrastructures using compromised SSH keys.

Specifics remain scarce, but the attacks appear to use stolen SSH keys to gain access to a system, after which time the attacker uses local kernel exploits to gain root access and install a rootkit called phalanx2.

"Phalanx2 appears to be a derivative of an older rootkit named "phalanx". Phalanx2 and the support scripts within the rootkit, are configured to systematically steal SSH keys from the compromised system. These SSH keys are sent to the attackers, who then use them to try to compromise other sites and other systems of interest at the attacked site."

The US-CERT has outlined ways Linux users can reduce the risk of attack, as well as what steps should be taken if a compromise is already confirmed.

Read More

Comments 

2

TAGS 

operating system, Software, Security, linux, OS

Posted 08/25/08 at 11:11:45 AM by Paul Lilly

With the exception of a Celine Dion concert, nothing sucks more than having your laptop stolen. Not only is there the physical cost of the notebook to consider, but there goes all your saved and private data into the hands of a crook. To help deal with this type of harrowing situation, LoJack offers a service for laptops that, once installed, will track your notebook anytime it's able to detect an internet connection. Even better, the software comes pre-installed in most BIOSes, so once activated, it will still be able to dial home even if the hard drive is reformatted or swapped out altogether.

That's well and fine, but according to a team of computer scientists at the University of Washington, your privacy could still be at risk by relying on a third party to handle your security. To alleviate this concern, the team has come up with an open-source alternative called Adeona, named after the Roman goddess of safe returns. With Adeona, the developers say users can install the software themselves without the help of a corporate intermediary. The service is said to work much like LoJack does (minus the BIOS integration), except that it's up to the user to track their stolen notebook. And best of all, it's free.

Which would you prefer - taking security into your hands, or ponying up a fee for professional assistance? Sound off below.

Read More

Comments 

3

TAGS 

Security, mobile, notebook, laptop, open-source, adeona

Posted 08/12/08 at 10:17:16 PM by Mark Edward Soper

It's a super-sized Patch Tuesday this month, and here's what to expect Windows Update to be sending you in the next day or so (if not already). Follow the links if you prefer to install the updates immediately.

Critical updates include:

• A fix for a remote code execution vulnerability in Windows Image Color Management affects users running Windows XP, Windows Server 2003, and Windows 2000 SP4 (Windows Vista users can breathe easy on this one).
• A fix for a sextet of vulnerabilities in Internet Explorer 5.01, 6, and 7 affects users of Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003, Windows Vista, and Windows Server 2008.
• A fix for a remote code execution vulnerability in the ActiveX control for Microsoft Access's snapshot viewer affects Office 2000 SP3, Office XP SP3, and Office 2003 SP2 and SP3 (Office 2007 users, you ducked this one).
• A fix for a quartet of privately reported vulnerabilities in Microsoft Excel. Versions from Office 2000 SP3 all the way through Office 2007 as well as viewers, Share Point Server, and compatibility packs are affected.
• A fix for a trio of privately reported remote code execution vulnerabilities in PowerPoint and PowerPoint Viewer affects PowerPoint XP, PowerPoint 2003, PowerPoint 2007, PowerPoint Viewer 2007, as well as Microsoft Office 2004 and 2008 for MacOS.
• A fix for five privately reported major vulnerabilities in handling image files in some versions of Office affects Office 2000, Office XP, Office 2003 SP2, Project 2002 SP1, MS Office Converter Pack, and MS Works 8.

Read More

Comments 

0

TAGS 

windows, microsoft, operating system, Security, windows xp, Windows Vista, Excel, Word, Windows 2000, Internet Explorer, Patch Tuesday, IE, Windows Server 2008, Project, Windows Server 2003

Posted 08/11/08 at 07:59:58 PM by Mark Edward Soper

As we told you last week, Microsoft rolled out two new security programs, Microsoft Active Protections Program and Microsoft Exploitability Index, during the Black Hat USA 2008 Conference. Unfortunately for Microsoft, the same conference saw a presentation by security experts Mark Dowd and Alexander Sotirov that renders these and other protections for Windows Vista, including its much-touted Address Space Layout Randomization (ASLR) and Data Execution Protection (DEP) features, effectively null and void.

Dowd and Sotirov's presentation, How To Impress Girls With Browser Memory Protection Bypasses, made their point by beginning their presentation with a live exploit against IE7 on Windows Vista. And, as the photo at the top of this article suggests (from page 40 of the presentation), it does seem to impress the girls!

How did they do it? The full presentation (available here in PDF format) is quite technical, but here's the short version. according to SC Magazine:

In explaining the problem, the researchers said that most memory protection mechanisms are based on two things: detecting corruption and stopping common exploit patterns, and attempts to reinforce these are integral to Vista. But in many cases, some of the built-in protection mechanisms in Vista are not enabled by default for compatibility reasons.

“At the desktop level, compromises had to be made because of compatibility issues. Exploiters have a lot more control over browsers,” Sotirov said.

And in many cases, third-party applications are not compiled to use the Vista memory protections. For example, Java and Flash are not compiled using the critical protection called ASLR.

What can be done? My take: Microsoft needs to rethink the balance of compatibility versus protection, do a better job of informing users of what's protected and what's not, and get third-party application vendors to take advantage of the protection features in Vista. What about ordinary users like us? Watch out for compromised legitimate websites, and, as always, as our own Will Smith says, think before you click.

What's your take on Vista and other browser security issues? See us after the jump for your chance to sound off.
 

Read More

Comments 

1

TAGS 

vista, microsoft, Security, Windows Vista, exploit, IE7, Operating Systems, Black Hat 2008, DEP, ASLR

Posted 08/11/08 at 04:17:58 PM by Paul Lilly

Power users know how critical it is to change their passwords often and to avoid using easily guessed characters. Creating a login for your bank account based on your first born's birth date is a good way to share your financial information with anyone who cares to look, and the best passwords are the ones that contain a random mixture of letters and numbers. But is it enough?

An article in the New York Times points out that all password-based log-ons are susceptible to being compromised in any number of ways, and they're right. We're constantly warning users against falling for phishing schemes, and new forms of malware have become so adept at sneaking past common security fronts that a host of vendors have begun looking at new ways of dealing with the latest threats (see Internet Security 2.0 in Maximum PC's February 2008 issue, or download the PDF).

Hit the jump to see why security experts are now saying we should abandon passwords altogether.

Read More

Comments 

2

TAGS 

windows, Software, Security, Password

Posted 08/08/08 at 01:58:58 PM by Paul Lilly

Gamers have enough trouble trying to come up with a game plan to beat pesky end bosses and single-handedly defeat armies of mutant soldiers. Saving often gives gamers an endless advantage and cheat codes can help in a pinch, but neither of these tactics will do any good against an increasing amount of real-life threats the online gaming scene.

More than just an annoyance, time spend in virtual worlds like Second Life can translate into real currency and it's attracted the attention of organized criminal gangs. According to security software vendor ESET (best known for its NOD32 Antivirus products), "high volumes of malware intended to steal passwords for online gaming and virtual worlds" have been detected since 2007, resulting in a "dramatic upsurge."

The alarming news comes courtesy of ESET's mid-yearly Global Threat Report, which focuses on broad trends in malware over the past six months. In addition to an upsurge in attacks against gamers, ESET notes that malicious software that tries to use the Windows Autorun facility to self-install from removable media continues to flourish.

On the opposite end of the spectrum, the company reports email bound malware is in "dramatic decline," at least when it comes to dirty attachments. Malicious URLs passed through email messages have taken the place of attachments.

Further reading to keep yourself (and your virtual self) protected:

• Heal and Inoculate Your PC
• Internet Security 2.0
• Blizzard Offers Additional Layer of Security with Authenticator Dongle
• Reducing Thumbdrives' Security Risk

Read More

Comments 

0

TAGS 

games, gaming, windows, Software, Security, spyware, virus, malware, second life, threat, Videogames, eset