The Weekly Tech News
| Hi all. Sorry for the short one this week folks, there just wasn't enough stuff to fill the usual 10 slots but I hope you like the choices this week  As usual, you can find last week's news here. |
1. New DNS Trojan Taints Entire LAN from Single Box
http://www.theregister.co.uk/2009/03/16/dns_hijacking_trojan/
http://arstechnica.com/security/news/2009/03/new-version-of-dns-server-trojan-flushm-spotted-in-the-pipe.ars
Not entirely new per-se, but certainly improved. A recently discovered variant of Trojan.Flush.M is running amok, poisoning the DNS of machines connected over LAN via establishment of a rogue DNS server.
http://arstechnica.com/security/news/2009/03/new-version-of-dns-server-trojan-flushm-spotted-in-the-pipe.ars
Not entirely new per-se, but certainly improved. A recently discovered variant of Trojan.Flush.M is running amok, poisoning the DNS of machines connected over LAN via establishment of a rogue DNS server.
Quote
Internet security experts are warning of a new rash of malware attacks that can hijack the security settings of a wide variety of devices on a local area network, even when they are hardened or don't run on Windows operating systems.
Once activated, the trojan sets up a rogue DHCP, or dynamic host configuration protocol, server on the host machine. From there, other devices using the same LAN are tricked into using a malicious domain name system server, instead of the one set up by the network administrator. The rogue DNS server sends the devices to fraudulent websites that in many cases can be hard to identify as impostors.
Once activated, the trojan sets up a rogue DHCP, or dynamic host configuration protocol, server on the host machine. From there, other devices using the same LAN are tricked into using a malicious domain name system server, instead of the one set up by the network administrator. The rogue DNS server sends the devices to fraudulent websites that in many cases can be hard to identify as impostors.
2. Air France Trials Biometric Boarding Cards
http://www.theregister.co.uk/2009/03/19/france_fingerprint_cards/
Airline Air France is trialling a new boarding pass system that uses RFID coupled with fingerprint ID to permit automated boarding of aircraft.
Airline Air France is trialling a new boarding pass system that uses RFID coupled with fingerprint ID to permit automated boarding of aircraft.
Quote
Air France has started trialling RFID-equipped smartcards which store passenger fingerprints to allow automated boarding.
The card contains an encrypted version of forefinger and thumb prints. It can be used at a dedicated gate, which checks the card, compares it to the passenger's finger or thumb print and, assuming the dabs match, opens the gate.
The card contains an encrypted version of forefinger and thumb prints. It can be used at a dedicated gate, which checks the card, compares it to the passenger's finger or thumb print and, assuming the dabs match, opens the gate.
3. Intel CPU-level Exploit Could Be Tempest in a Teapot
http://arstechnica.com/security/news/2009/03/storm-over-intel-cpu-security-could-be-tempest-in-a-teapot.ars
http://www.theregister.co.uk/2009/03/19/intel_chip_vuln/
http://www.internetnews.com/hardware/article.php/3811311/Researchers+Warn+on+Security+Flaw+in+x86+Chips.htm
A flaw in Intel's recent CPU designs could allow code to be executed with System Management Mode privileges, which would make it practically undetectable by any current form of antivirus scanning.
http://www.theregister.co.uk/2009/03/19/intel_chip_vuln/
http://www.internetnews.com/hardware/article.php/3811311/Researchers+Warn+on+Security+Flaw+in+x86+Chips.htm
A flaw in Intel's recent CPU designs could allow code to be executed with System Management Mode privileges, which would make it practically undetectable by any current form of antivirus scanning.
Quote
Johanna Rutkowska of Invisible Things Lab has been making headlines ever since she announced her development of a seemingly undetectable rootkit she dubbed "Blue Pill." While that project is now defunct, Rutkowska has continued her research into hardware virtualization technology. Her more recent efforts have focused on Intel platforms and the company's Trusted Execution Technology; Intel released a BIOS update to fix several security vulnerabilities Invisible Things Lab discovered back in August of 2008. On Thursday, March 19, Rutkowska and fellow team member Rafal Wojtczuk released details of yet another Intel-focused exploit—is the CPU manufacturer's security sandbox not up to snuff?
Before we discuss the flaw in particular, let's take a quick moment and review the ring security model. The term "ring" refers to protective rings that encircle the OS kernel. Ring 3 (defined as "Applications" in the diagram below) is where users and programs should spend the vast majority of their time. Applications should never need access to Ring 0 or kernel mode, as it amounts to writing the application a literal carte blanche to modify, change, or delete anything it wants. One of the features Intel's Vanderpool (VT) technology offers is the ability to virtualize an OS starting from what we might call "Ring -1." An OS launched from Ring -1 can therefore run its own Ring 0 operations and is more effectively sandboxed from the host operating system.
Before we discuss the flaw in particular, let's take a quick moment and review the ring security model. The term "ring" refers to protective rings that encircle the OS kernel. Ring 3 (defined as "Applications" in the diagram below) is where users and programs should spend the vast majority of their time. Applications should never need access to Ring 0 or kernel mode, as it amounts to writing the application a literal carte blanche to modify, change, or delete anything it wants. One of the features Intel's Vanderpool (VT) technology offers is the ability to virtualize an OS starting from what we might call "Ring -1." An OS launched from Ring -1 can therefore run its own Ring 0 operations and is more effectively sandboxed from the host operating system.
4. EFF Shines Sunlight On Docs It Has "pried" from the Feds
http://arstechnica.com/tech-policy/news/2009/03/its-sunshine-week-a-nonpartisan.ars
The Electronic Frontier Foundation has scanned and made available online all documents it has retried through FOI requests from the government as a part of Sunshine Week 2009, a call for greater government transparency.
The Electronic Frontier Foundation has scanned and made available online all documents it has retried through FOI requests from the government as a part of Sunshine Week 2009, a call for greater government transparency.
Quote
It's Sunshine Week, a nonpartisan celebration of (and request for) government transparency. Most of transparency concerns aren't technical in nature—open meetings and open records law are two of the biggies—but the Electronic Frontier Foundation's contribution to Sunshine Week looks to be a boon to tech journalists and advocacy groups.
The EFF has put its entire archive of government documents online. These have been "pried loose from secretive government agencies" through Freedom of Information Act requests and lawsuits over the years, but EFF has scanned and indexed all of them, then created a custom search engine to make browsing or digging much easier.
The EFF has put its entire archive of government documents online. These have been "pried loose from secretive government agencies" through Freedom of Information Act requests and lawsuits over the years, but EFF has scanned and indexed all of them, then created a custom search engine to make browsing or digging much easier.
5. First Rule of Internet Censorship: Hide the Block List
http://arstechnica.com/tech-policy/news/2009/03/first-rule-of-internet-censorship-hide-the-block-list.ars
Discussion started by Ehtyar: http://www.donationcoder.com/forum/index.php?topic=17511.0
A list of soon-to-be-blocked websites for Australian Internet users has been leaked to the public by an insider from the Australian Communications and Media Authority.
Discussion started by Ehtyar: http://www.donationcoder.com/forum/index.php?topic=17511.0
A list of soon-to-be-blocked websites for Australian Internet users has been leaked to the public by an insider from the Australian Communications and Media Authority.
Quote
Australia's telecom regulator, the Australian Communications and Media Authority (ACMA), has the authority to blacklist Internet sites, authority used almost exclusively to address childhood sex pictures (children's rights groups don't like the "child porn" label, which suggests a degree of agency that children involved in the practice don't have). But it also came to light recently that ACMA is willing to blacklist pages that simply list the censored websites, even though they contain no offensive images.
The Sydney Morning Herald noted today that ACMA's blacklist even includes certain Wikileaks pages, including a list of Denmark's censored websites (3,863 blocked). The page is apparently included on the theory that a massive list of sites with "lolita" and "youngyoung" in the their domain names is basically an invitation to Australians who might not otherwise know where to go to get an underage fix.
The Sydney Morning Herald noted today that ACMA's blacklist even includes certain Wikileaks pages, including a list of Denmark's censored websites (3,863 blocked). The page is apparently included on the theory that a massive list of sites with "lolita" and "youngyoung" in the their domain names is basically an invitation to Australians who might not otherwise know where to go to get an underage fix.
6. Browsers Bashed First in Hacking Contest
http://www.securityfocus.com/news/11549
Most of the major browsers were first to fall in the Pwn2Own hacking contest, with Google Chrome the last man standing after the first day of hacking.
Most of the major browsers were first to fall in the Pwn2Own hacking contest, with Google Chrome the last man standing after the first day of hacking.
Quote
Miller — a principal analyst at Independent Security Evaluators — found two flaws in Apple's Safari Web browser more than a year ago and prepped the easier-to-exploit issue for last year's competition, he said. Following an announcement that this year's contest would focus on browsers as well as mobile devices, Miller more fully researched the leftover security flaw and found that it remained exploitable.
"I found this bug ... last year, but like all good researchers, I sat on the issue," he said after being declared the first winner.
Following Miller's reprise, a computer-science student from Oldenburg University in Germany captured a pint-sized Sony Vaio computer and his own $5,000 by exploiting a previously unreported vulnerability in Internet Explorer 8. The student, who would only give his first name "Nils," declined requests for an interview until he also had a chance to attack the other browsers as well.
"I found this bug ... last year, but like all good researchers, I sat on the issue," he said after being declared the first winner.
Following Miller's reprise, a computer-science student from Oldenburg University in Germany captured a pint-sized Sony Vaio computer and his own $5,000 by exploiting a previously unreported vulnerability in Internet Explorer 8. The student, who would only give his first name "Nils," declined requests for an interview until he also had a chance to attack the other browsers as well.
7. What IBM Might Gain by Buying Sun Microsystems (Thanks 40hz)
http://arstechnica.com/business/news/2009/03/report-ibm-eyes-sun.ars
http://www.linuxinsider.com/story/Sun-IBM-Deal-Just-Doesnt-Add-Up-66534.html
It appears Sun Microsystems has been looking to sell up with their books in poor shape, and IBM has apparently taken an interest. Hopefully 40hz will weigh in with his opinion, as he has an interesting opinion on the subject.
http://www.linuxinsider.com/story/Sun-IBM-Deal-Just-Doesnt-Add-Up-66534.html
It appears Sun Microsystems has been looking to sell up with their books in poor shape, and IBM has apparently taken an interest. Hopefully 40hz will weigh in with his opinion, as he has an interesting opinion on the subject.
Quote
A report in today's Wall Street Journal claims that Sun's execs have been shopping the company around recently and that IBM is an interested party. The report indicates that if the talks between the two companies go well, a deal could be announced fairly soon. The number allegedly being floated by IBM is $10 to $11 per share for Sun, which would put the total size of the deal at $8 billion.
Assuming that IBM is actually interested in buying Sun, the obvious question is "why?" There is a ton of overlap between the two companies' product lines, so it's hard to see a lot of complementarity there. In fact, such a deal would seem overwhelmingly to be about one thing for IBM: shrinking the competition. Suns execs would pocket fat bonuses, and the former Silicon Valley high-flyer would be chopped up and absorbed into the belly of the Big Blue beast. Parts of Sun's business with no volume and hence no real future in the present market (things like the SPARC processor family) would be end-of-lifed, while some software assets and other IP could be picked up and used by IBM.
Assuming that IBM is actually interested in buying Sun, the obvious question is "why?" There is a ton of overlap between the two companies' product lines, so it's hard to see a lot of complementarity there. In fact, such a deal would seem overwhelmingly to be about one thing for IBM: shrinking the competition. Suns execs would pocket fat bonuses, and the former Silicon Valley high-flyer would be chopped up and absorbed into the belly of the Big Blue beast. Parts of Sun's business with no volume and hence no real future in the present market (things like the SPARC processor family) would be end-of-lifed, while some software assets and other IP could be picked up and used by IBM.
8. Boffins Sniff Keystrokes With Lasers, Oscilloscopes
http://www.theregister.co.uk/2009/03/19/keyboard_sniffing_demo/
Security researchers continue to develop less obtrusive methods of keylogging. One method uses a laser microphone, the other reads electrical pattern changes effected by keystrokes.
Security researchers continue to develop less obtrusive methods of keylogging. One method uses a laser microphone, the other reads electrical pattern changes effected by keystrokes.
Quote
CanSecWest Researchers have devised two novel ways to eavesdrop on people as they enter passwords, emails, and other sensitive information into computers, even when they're not connected to the internet or other networks.
Exploiting vibrational patterns and electromagnetic pulses that emanate with every character entered, the Italian researchers are able to remotely sniff keystrokes from significant distances. The techniques use inexpensive equipment and can be hard for targets to detect, making them ideal for snooping on unsuspecting people in the office or building next door.
Exploiting vibrational patterns and electromagnetic pulses that emanate with every character entered, the Italian researchers are able to remotely sniff keystrokes from significant distances. The techniques use inexpensive equipment and can be hard for targets to detect, making them ideal for snooping on unsuspecting people in the office or building next door.
Ehtyar.
Logged
- carpe noctem
