TechEye |  |
- Router makers hide backdoor
- Twitter lets Turks censor it
- Intel loses more fans
- Germans counterattack on US cloud claims
- Top IT security threats in 2013 counted
| Posted: 22 Apr 2014 04:54 AM PDT Router makers including Netgear, Cisco and Diamond have decided that rather than fixing a backdoor to their products it is better that they just plant a tree over the entrance and hope no one sees it. Over Christmas Eloi Vanderbecken of Synacktiv Digital Security discovered a backdoor in 24 models of wireless DSL routers. The problem was patched, but now Vanderbecken has found that the patch doesn't actually get rid of the backdoor—it just conceals it. He told Ars Technica that the fix suggests that the backdoor, which is part of the firmware for wireless DSL routers based on technology from the Taiwanese manufacturer Sercomm, was intentional. The backdoor exists in other systems based on the same Sercomm modem, including home routers from Netgear, Cisco and Diamond. Vanderbecken said that the "fixed" code concealed the same communications port he had originally found (port 32764) until a remote user sent a specially crafted network packet that reactivates the backdoor interface. He said that the knock packet was the same used by "an old Sercomm update tool. The packet's payload, in the version of the backdoor discovered by Vanderbecken in the firmware posted by Netgear, is an MD5 hash of the router's model number (DGN1000). His theory is that the nature of the change which uses the same code as was used in the old firmware to provide administrative access over the concealed port, suggests that the backdoor is an intentional feature of the firmware and not just a mistake made in coding. Vanderbecken said that the hack would need to be sent from within the local wireless LAN, or from the Internet service provider's equipment. They could be sent out from an ISP as a broadcast, essentially re-opening the backdoor on any customer's router that had been patched. Once the backdoor is switched back on, it listens for TCP/IP traffic just as the original firmware did, giving "root shell" access—allowing anyone to send commands to the router, including getting a "dump" of its entire configuration. |
| Posted: 22 Apr 2014 02:44 AM PDT It looks like Twitter has given up trying to fight the Turkish government and will ban citizens from talking about government corruption. In the run up to the elections, the Turkish government did its best to stop its citizens from using Twitter to discuss a government corruption scandal. This ended up with Twitter being switched off in Turkey. Unfortunately for Free Speech, the government won the election which followed the scandal, which means that Turks expect their politicians to steal their money and don't care. This means that the government can safely tell Twitter that if it wants to continue to make money in the nation which bought the world carpets, smoking hookahs and Turkish delight, it is going to have to toe the line. The government has been working directly with Twitter to resolve "the issue" of inconvenient tweets. According to the Turkish press, the Turks are likely able to ban or filter certain tweets from ever appearing via a filtering system that seeks out 'malicious content'. This would lead to the banning of certain Turkish phrases on Twitter and the death of at least two accounts that have been disseminating anti-government materials. For the Turkish Government suppressing Tweets rather than trying to block Twitter is a much better way of keeping its citizens passive. The Turks have managed to avoid social media being a tool to overthrow an increasingly autocratic government by being, er more autocratic. What is a little more alarming though is that Twitter is helping a government that seeks to silence its people. The social notworking tool was instrumental in removing governments in Egypt and Tunisia but now it seems those days are gone. |
| Posted: 22 Apr 2014 02:43 AM PDT Chipmaker turned fashion bag designer, Intel has announced that its fanless NUC DE3815TYKHE kit will begin shipping on April 28. The company press release calls it a "pint-sized powerhouse" which makes us thirsty just thinking about it. The kit has a single-core Atom E3815 processor clocked at 1.46 GHz. The device apparently targets value-conscious businesses and organisations which do not need to get things done in a hurry. The kit supports Linux and Windows Embedded operating systems, and is designed as the essential building block to power the thin-client market. "A fanless kit with flash storage built in, and USB3 and audio headset support, this Intel NUC fits right at home in schools, call centres, and other locations with a large installed base of VGA monitors." The NUC kit includes a DDR3L SO-DIMM single-channel slot for up to 8 GB of memory, 4 GB of internal storage, and support for a 2.5-inch HDD or SSD up to 9.5 mm thickness. There is also Intel HD Graphics, an embedded DisplayPort (1.3), one VGA port, and an HDMI 1.4a port. For networking, there's an Ethernet port, and a half-length PCIe mini-card slot and wireless antennas pre-installed. The kit also provides three internal USB 2.0 ports, two USB 2.0 ports on the back and one USB 3.0 port on the front. The only hardware customers have to add to this kit is the RAM and a hard drive or SSD. No mention of price. |
| Germans counterattack on US cloud claims Posted: 22 Apr 2014 02:42 AM PDT The US's campaign to put the frighteners on European politicians by telling them it is against trade agreements is straightforward lying, the Germans say. After the US was revealed to be spying on everything Europeans do, the EU decided it would be better to insist that all cloud data stays within the Old Country. This meant that US companies would have to build local server farms and make sure that data did not leak across the Atlantic. Clearly that did not sit well with the US IT companies who find it too expensive to set up clouds in the EU. They had been leaning on their paid for Washington sock puppets, er lobbying their local congressmen, to do something about it, Last week the Office of the United States Trade Representative wrote a report saying that recent proposals from countries within the European Union to create a Europe-only electronic network - dubbed a "Schengen cloud" by advocates- or to create national-only electronic networks could potentially lead to "effective exclusion or discrimination against Foreign Service suppliers that are directly offering network services, or dependent on them." This amounts to a shot over the bows for the EU that if it does not toe the US line it could face complaints against it in the iTC and possibly trade embargos from the US. This has not gone down well with European politicians, particularly in Germany, whose Deutsche Telekom was singled out for criticism. After all it is one thing to spy on people, but the rules are that if you are caught doing it, you have to back off. The US on the other hand is threatening that if the EU does not submit to its spying it will suffer from a trade war. Bavaria's Minister for Europe, Beate Merk, said while visiting the US that in her talks with the USTR, he had made it clear that our discussions of a "Schengen cloud" had no protectionist background, but is born out of need because of the lost confidence arising from the NSA scandal. Merk said that the EU had a duty to ensure that the data of people in the EU is safe from unrestrained access by third parties. Since the US was not offering any more data protection and data security, the EU is obliged "to propose one's own ideas," she added. Merk pointed out that the EU cloud proposals were being made by commercial providers, not put in place through legislation. This means that it is impossible to say that it is "protectionism." Die Welt quoted a German member of the European Parliament as saying that the criticism of the US Trade Representative was bizarre. "It seems they've noticed that people have finally had enough and that spying on data will no longer be tolerated." The effect of USTR's threats will probably mean that the "Schengen cloud" has become an obstacle for the planned [TAFTA/TTIP] free trade agreement. The agreement has a few problems already. For a start, the US is insisting that its genetically modified food, hormone beef and cheese, be allowed to poison Europeans, which the EU is not prepared to agree on either. |
| Top IT security threats in 2013 counted Posted: 22 Apr 2014 02:40 AM PDT Verizon's latest annual report on data breach investigations shows that Web application attacks, cyber-espionage and point-of-sale intrusions were among the top IT security threats in 2013. The financial Industry is the worst leaker of data with 465 breaches. However, the UK public sector suffered 175 such incidents, retail had 148 and accommodation dealt with 137 breaches. The number of breaches attributed to cyber-espionage has been on the rise over the past few years and of course the biggest offender would be the US government. Hacking, malware and social engineering remained the top threats associated with data breach incidents. The use of stolen credentials, which Verizon classifies as hacking, was the leading threat action in 2013 and contributed to 422 breaches. It was followed by malware-based data exfiltration, phishing, the use of RAM scrapers and use of backdoors. All up, the report covers 1,367 confirmed data breaches, and 63,437 security incidents that put the integrity, confidentiality or availability of information assets at risk. Organizations have slightly improved the speed at which they are able to detect breaches, but attackers are getting faster at compromising their targets. Paul Pratley, an investigations manager with the RISK Team at Verizon said that attackers look for vulnerable victims on the Internet and deploy automated attacks. Often it will take seconds to minutes before a network is compromised, but it can take weeks to months or even a year to discover the hack, he said. Data breaches discovered by organisations themselves outnumbered those discovered by external fraud detection systems for the first time. The government is not only creating problems, it has been useful at actually discovering hacks which are not created by the NSA. The report said that coppers and other third-party organizations like computer security incident response teams (CSIRTs) were playing an increasingly important role in discovering breaches and notifying victims. Web application attacks were the leading cause of security incidents with confirmed data disclosure last year — 35 percent of breaches — and were primarily driven by either ideological or financial motives. Breaches that result from Web application attacks are usually discovered by external parties, the report data shows. In the case of financially motivated Web application breaches it's usually the customers who notice the problem first; only 9 percent of victim organisations discovered such incidents internally. |
| You are subscribed to email updates from TechEye - Latest technology headlines To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.