backdoor
Latest
White House group considered four ways to unlock encrypted info
A group of law enforcement officials, intelligence agents and diplomats conjured up ways to access encrypted data over the summer, according to The Washington Post. The publication got its hands on a draft paper that details four techniques to bypass encryption that tech companies could use under court order. Among the four, the most alarming one is perhaps the proposal that suggests the use of software upgrades to introduce spyware into the target's device, because that sounds like it could be easily abused. Another idea is to add physical keys to phones that law enforcement can use to unlock them. The group also listed splitting encryption keys that can only be combined with the court's permission and having companies back up data to an unsecured location for access by authorities as other possible approaches.
Former US national security officials back end-to-end encryption
Three former US national security officials have given their support to end-to-end encryption and criticised claims that the government should have backdoor access or "duplicate" decryption keys. Mike McConnell, a former director of the National Security Agency and director of national intelligence, Michael Chertoff, a former homeland security secretary, and William Lynn, a former deputy defense secretary voiced their approval in the Washington Post. The trio argue that requiring companies to produce duplicate keys would only increase the risk of cyberattack. In short, the location or holder of the duplicate keys would simply create another potential point of vulnerability and attract hackers.
FBI director says he's 'not a maniac' about backdoor cellphone access
FBI director James Comey is making a final push for backdoor cellphone access for law enforcement ahead of key Senate committee meetings. In national security site Lawfare, he first admitted that "universal strong (cellphone) encryption will protect all of us -- our innovation, our private thoughts, and so many other things of value -- from thieves all kind." However, he quickly added that "there are many costs to this," citing terrorist organizations like ISIS. He said that the group recruits members "through mobile messaging apps that are end-to-end encrypted... (and) may not be intercepted, despite judicial orders under the Fourth Amendment."
Tim Cook says privacy is a fundamental, moral right
It should surprise no one that, while being honored as a champion of privacy, Tim Cook threw shade at Google for its attitude toward its customer data. As TechCrunch reports, Apple's CEO was speaking at a Washington-based civil liberties non profit and said that his company believed that people had a "fundamental right to privacy." He went on to say that "the American people demand it, the constitution demands it and morality demands it." It's a song that the executive has played several times before, expressing distaste for companies who seek to monetize a user in ways other than to sell them expensive gadgets.
Apple and Google push Obama to prevent encryption backdoors
Apple, Google and other major tech companies have urged President Obama not to give the FBI backdoor access to smartphone data, according to the Washington Post. The publication obtained a letter signed by no less than 140 major tech players, security specialists and privacy groups stating that "strong encryption is the cornerstone of the modern information economy's security." All of the players feel that it's impossible to build a backdoor for governments in email, cellphone encryption and other communications without creating vulnerabilities that can be exploited by hackers or hostile nations. Obama previously said that while he's in favor of stronger encryption, "the only concern is our law enforcement is expected to stop every (terrorist) plot."
NSA thinks it can keep spying without compromising your security
American police and spies love the idea of back door access to encrypted data that lets them snoop on suspicious types, but many will tell you that they're wildly optimistic. Even if you don't mind the implication that the government has a right to spy on anyone, this could easily introduce a flaw that any attacker can use. National Security Agency chief Michael Rogers thinks there's a happy medium, however. At a recent speech, he called for a "front door" encryption key that would provide access, but would be broken into pieces that prevents any one agency or person from getting in. This theoretically prevents thieves (and less than scrupulous authorities) from grabbing your data, but still lets officials look around when they have permission.
Apple's fixed a serious OS X security flaw, but only for Yosemite users
There are times in life when you wonder what it is that you've done to deserve such neglect from those you hold dear. It's a feeling that plenty of Mac users will be experiencing today as Apple has announced that it found a serious security flaw in OS X, but will only fix it for users of the latest version. If you aren't running Yosemite, which was updated yesterday with the relevant patch, then you'd better get it, and quick.
Obama wants China to stop copying the NSA's surveillance plans
President Obama has criticized a Chinese plan to force US tech companies to install backdoors into their products for sale in the country. Without stopping for a moment to consider the phrase about glass houses and stones, he told Reuters that China would have to change its stance if it wanted to do business with the US.
New bill aims to curb US government backdoor spying
While the FBI thinks that all communication tools in the US should have backdoors for law enforcement, a new Senate bill has proposed the exact opposite. The Secure Data Act, introduced by Senator Ron Wyden, would prohibit the government from forcing companies like Google and Apple to grant access to encrypted data. A different bill to curb the NSA and other agencies (the USA Freedom Act) was denuded by the House of Representatives, while a recent vote allowed the Feds to carry on with massive surveillance. However, the Secure Data Act would specifically bar US agencies from forcing private companies to "design or alter their commercial information technology products for the purpose of facilitating government surveillance."
Sophisticated malware has been spying on computers since 2008 (updated)
Highly sophisticated malware isn't limited to relatively high-profile sabotage code like Stuxnet -- sometimes, it's designed to fly well under the radar. Symantec has discovered Regin, a very complex trojan that has been spying on everyone from governments to individuals since at least 2008. The malware is highly modular, letting its users customize their attacks depending on whether they need to remote control a system, get screenshots or watch network traffic. More importantly, it's uncannily good at covering its tracks. Regin is encrypted in multiple stages, making it hard to know what's happening unless you capture every stage; it even has tools to fight forensics, and it can use alternative encryption in a pinch. Researchers at Symantec suspect that the trojan is a government-created surveillance tool, since it likely took "months, if not years" to create.
Apple details legitimate uses of backdoor services in iOS
After denying the accusation that it deliberately included backdoor services in iOS for potential data collection by third-parties, Apple has followed up this denial with a new support document that details several backdoor services and their legitimate uses. The services described by Apple include: com.apple.mobile.pcapd: pcapd supports diagnostic packet capture from an iOS device to a trusted computer. This is useful for troubleshooting and diagnosing issues with apps on the device as well as enterprise VPN connections. You can find more information at developer.apple.com/library/ios/qa/qa1176. com.apple.mobile.file_relay: file_relay supports limited copying of diagnostic data from a device. This service is separate from user-generated backups, does not have access to all data on the device, and respects iOS Data Protection. Apple engineering uses filerelay on internal devices to qualify customer configurations. AppleCare, with user consent, can also use this tool to gather relevant diagnostic data from users' devices. com.apple.mobile.house_arrest: house_arrest is used by iTunes to transfer documents to and from an iOS device for apps that support this functionality. This is also used by Xcode to assist in the transfer of test data to a device while an app is in development. Details on several iOS backdoor services originally were published by Jonathan Zdziarski as part of a presentation during the Hackers On Planet Earth (HOPE/X) conference. You can view all of Zdziarski's presentation slides here: (PDF) [Image from EFF Photos]
Spying malware leaves countries' energy grids open to attack
Cyberwarfare campaigns against Western energy grids aren't just the stuff of action movies these days -- they're very, very real. Symantec has discovered a likely state-sponsored hacking group, nicknamed Dragonfly, that has been using phishing sites and trojans to compromise energy suppliers in the US and several other countries. Unlike targeted, destruction-focused malware like Stuxnet, this appears to be a broader spying effort bent on collecting information about national infrastructure. However, it still creates a back door that leaves companies vulnerable to full-fledged attacks if they don't spot the intrusions; it wouldn't take much to create real problems.
House passes amendment to cut NSA's 'backdoor search' funding
Following a push from several Representatives, the House has pushed through an amendment -- tagged on to the Fiscal Year 2015 Department of Defense Appropriations Act (H.R. 4870) -- to stop at least some of the surveillance programs at the National Security Agency. Mark Rumold, a lawyer for the Electronic Frontier Foundation, said "the House of Representatives took an important first step in reining in the NSA." On Monday, Representative Justin Amash said the bill was a chance to stop the security agency's "unconstitutional spying on Americans." The backdoor searches that the amendment would stop includes emails, browsing and chat history, which can currently be parsed and searched without a warrant. The amendment would curb this in two ways: it would cut off funding for the search of government databases for information on US citizens while also prohibiting both the NSA and CIA from requiring "backdoors" in online services and products. It's not a done deal just yet: now that it's passed the House, it needs to go through the Senate before it can become a reality.
Apple claims it 'has never worked with the NSA' to create backdoors in any of its products
While it may feel we're more at the stage where we're counting the parts of our digital lives that the NSA can't access, the revelation yesterday that the agency had relatively deep access to iPhones was still a shock to many. Apple included, it seems, prompting it to issue a statement to AllThingsD denying any involvement in the NSA's program, explaining it has never worked or cooperated with the NSA to create a backdoor on any of its products -- though it does comply with official requests. The same statement goes on to claim that it will work to close any vulnerabilities in its software, no matter who it might be that is exploiting them. Apple is far from the first large tech company to have its products and services targeted by the NSA, and we suspect it's only a matter of time before even more come to light. You can read the complete statement past the break.
Your Mac's connection to Harry Potter
The next time you wish to hack into a Mac, it may help to grab your wand and book of spells. At the NoSuchCon security conference this week, security architect Alex Ionescu presented a talk where he revealed that special undocumented code on a Mac's SMC (system management controller) can be invoked by entering a secret spell used in J.K. Rowling's Harry Potter series. That spell is "SpecialisRevelio," the words used by a wizard to "reveal charms and hexes that have been cast onto a target" or "reveal the ingredients of a potion." In an Ars Technica post about the secret spell, blogger Dan Goodin notes, "While most details are far too technical for this article, the gist of the research is that the SMC is a chip that very few people can read, but just about anyone with rudimentary technical skills can 'flash' update." One of the possible attacks that Ionescu pointed out is infecting the SMC with code to pull out the FileVault key used to encrypt a Mac drive, although to implement this, an attacker would have to know details of the Mac like the model, year and screen size in advance. Much more likely attacks provided by the spell backdoor include marking targets. The SMC could be programmed to emit audible or visual alerts through the fans or LED displays, which could point out a specific Mac to an attacker. A Mac could even be programmed to turn off at a certain time and refuse to boot again. There's good news in all of this scary talk: to reflash the firmware an attacker has to have physical access to the Mac. Ionescu also reported that many of the SMC security holes were plugged in OS X Mountain Lion. A full copy of the presentation can be downloaded here (PDF file).
Samsung printer hack could let the wrong ones in (updated)
Typically, when we think of hacks, our minds conjure images of compromised security systems, personal computers or server farms, but printers? According to Neil Smith, a researcher from the US Computer Emergency Readiness Team, unauthorized access to those devices could be a very real threat -- if you happen to own a Samsung model. Discovered and submitted to the agency this past Monday, the exploit unearthed by Smith takes advantage of an "SNMP backdoor" : an internet protocol that allows for remote network administrative control without authentication. The vulnerability -- which would give hackers access to data sent to the printer, as well as control over it (think: ceaseless printing!) -- affects most units released before November of this year. For its part, Samsung's promised a patch will be forthcoming. But, in the meantime, if you want to avoid exposing any personal data or the possibility of a seemingly possessed printer, it's best you steer clear of rogue WiFi connections. Update: CNET has published a statement from Samsung outlining the update schedule for affected printers. Firmware that fixes the issue will be available for all "current" models by November 30th, and for "all other models" by the end of the year. The company also recommends disabling SNMPv1.2 or switching to SNMPv3 mode until the updates are released.
Ubisoft UPlay may accidentally contain web plugin exploit, Ezio would not approve (update: fixed)
If you've played Assassin's Creed 2 (or other Ubisoft games), you may have installed more stealthy infiltration than you bargained for. Some snooping by Tavis Ormandy around Ubisoft's UPlay looks to have have discovered that the service's browser plugin, meant to launch locally-stored games from the web, doesn't have a filter for what websites can use it -- in other words, it may well be open season for any maliciously-coded page that wants direct access to the computer. Closing the purported, accidental backdoor exploit is thankfully as easy as disabling the plugin, but it could be another knock against the internet integration from a company that doesn't have a great reputation for online security with its copy protection system. We've reached out to Ubisoft to confirm the flaw and learn what the solution may be, if it's needed. For now, we'd definitely turn that plugin off and continue the adventures of Ezio Auditore da Firenze through a desktop shortcut instead. Update: That was fast. As caught by Geek.com, the 2.0.4 update to UPlay limits the plugin to opening UPlay itself. Unless a would-be hacker can find a way to compromise the system just before you launch into Rayman Origins, it should be safe to play.
Trojan targets Mac-using activists in China
There's a new backdoor trojan exploit out there for Mac users that appears to originate in China, specifically targeted at political activists in the Uighur movement against that country. The trojan appears in email inboxes as a picture attachment which, when opened, secretly installs information gathering and remote control tools, characteristic of advanced persistent threat (or APT malware). Security experts say that the trojan was almost certainly created in China, and when you combine that fact with connections to certain required servers in that country (as well as an observation that some of the debug code in the attack is in English), it seems likely that this is a coordinated attack against this activist movement. With Mac use on the rise in the East, including high profile political activists, Macs are facing a growing malware threat in that region. There are already a few varieties of this attack in the wild, but hopefully fixes for the exploit will be available soon.
Flame malware extinguishes itself, Microsoft protects against future burns
The folks behind that nasty Flame trojan that burned its way through the Middle East aren't the kind to brag -- the malware's manufacturers apparently started dousing their own fire last week. According to Symantec reports, several compromised machines retrieved a file named browse32.ocx from Flame controlled servers, which promptly removed all traces of the malware from the infected systems. Although the attackers seem spooked, Microsoft isn't taking any chances, and has issued a fix to its Windows Server Update Services to block future attacks. The update hopes to protect networked machines from a similar attack by requiring HTTPS inspection servers to funnel Windows update traffic through an exception rule, bypassing its inspection. The attackers? "They're trying to cover their tracks in any way they can," Victor Thakur, principal security response manager at Symantec told the LA Times, "They know they're being watched." Check out the source link below for the Symantec's run down of the trojan's retreat.
Google starts warning affected users about state-sponsored cyber attacks
The fallout from malware like Stuxnet and Flame might soon be rearing its head at a Google Plus page or Gmail inbox near you. A post on its online security blog states that Google will now issue warnings in the form of a strip placed just below the upper menu bar to users being targeted by suspected state-sponsored cyber attacks. Google stressed that such warnings don't mean that its systems have been compromised but it does make it highly likely that the recipient may be the target of state-sponsored phishing or malware. How exactly does Google know this to be the case? The company declined to offer specifics, only saying that data from victim reports and its own analysis strongly point toward the involvement of states or state-sponsored groups. Google also didn't mention how often it sees such malicious activity, though coverage of Stuxnet and Flame certainly has put a spotlight on cyber warfare involving nations. In the meantime, feel free to hit the source link below for Google's tips on how to secure your account.
