You are currently browsing the category archive for the 'Security' category.
A presentation and paper on Reverse engineering JTAG at the 26th Chaos Communication Congress is now available to download here:
http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/3670.en.html
Other Hacking and reverse engineering papers and talks from the conference can be found here:
http://events.ccc.de/congress/2009/Fahrplan/index.en.html
The hacking track is here:
http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/index.en.html
Hackers claim to have stolen all T-Mobile US’s corporate data, customer accounts and network infrastructure. More information from the Register can be found below:
Here is an article about the security of the newly released iPhone 3.0 software for both iPhone 3G and iPhone 3G S:
http://www.net-security.org/secworld.php?id=7647
The research team, which included Edith Cowan University of Australia and BT, revealed some early results yesterday in news reports by the BBC and British television affiliates.
To read more about the research go here:
http://news.bbc.co.uk/2/hi/uk_news/wales/8036324.stm
and here:
http://www.darkreading.com/security/storage/showArticle.jhtml?articleID=217400054&cid=nl_DR_DAILY_H
The video talks about a couple of people who’s lives are ruled by harrasing calls and threats. They claim that their phones are tapped with special software.
Rick Mislan talks about the software and how easy it is to be placed on mobile phones.
Software such as:
- http://www.mobile-spy.com/
- http://www.world-tracker.com/
- http://www.flexispy.com/
- http://www.e-stealth.com/
- http://www.fonefunshop.co.uk/spyphone/
- http://www.thespyphone.com/allinone.html
Link to Video on YouTube:
http://www.youtube.com/watch?v=uCyKcoDaofg
It looks and functions like a Blackberry 8830 but it sure is NOT a regular Blackberry. It is locked down by NSA. I am not really sure if it is a good idea at all. NSA is installing the SecurVoice software on it for both voice and messaging as one of the ways to secure the phone. I am sure that there is a whole infrastructure that is required to run his handset services. Even considering all that, I Still believe that a mobile-phone-carrying president opens so many doors for hackers.
Can NSA and Obama get away with using a (persumably) secure mobile phone service and handset? That is the question of the day!
Read more here:
http://blog.wired.com/gadgets/2009/04/obama-to-get-ba.html
It might not be because they are secure, but simply because the ROI is just a mere phone handset! Add to that the device, OS, and carrier variations.
Read more here:
http://mobile.slashdot.org/article.pl?sid=09/03/25/1238246&from=rss
and here:
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=Mobile+and+Wireless&articleId=9130346&taxonomyId=15&pageNumber=1
Chris Ogle (29) from Whangerei, New Zealand has stumbled across the sensitive military details of U.S. military personnel after purchasing a secondhand MP3 player in Oklahoma, USA. He discovered around 60 sensitive military files dating from 2005 on the used music player. The files were clearly marked as ’secret’ and contained the phone numbers of numerous soldiers serving in Afghanistan and Iraq.
For more on the story visit:
I don’t know if this is true or not yet but here it goes! There seems to be a vulnerability that affects Nokia Series 60 phones, including N95 and N73 handsets that blocks all SMS and MMS from reaching the phone, hense the name “Curse of Silence”. attacker in this case sends a specially designed SMS message to the target phone. What’s worrying is that the recipient will receive no indication that they got the message.
The only way to get the target phone to recieve messages again is to factory reset it. Even after the factory recet, the phone still remains vulnerable to future silent curses. The attack will only work on phones running version 2.6, 2.8, 3.0 or 3.1 of Symbian S60.
Cellphone Gun:
Pen Gun:
In an article in The Register, Google defends limiting accress to Non-Marketplace applications to the following:
At this point, we think it is too dangerous to give a third party application blanket access to install applications without the user being involved. That may change in the future, but for now that is the way it is.
Read more about it in the article.
Ideally the emergency dial screen should allow ONLY EMERGENCY NUMBERS to be dialed out on a passcode locked phone. The iPhone however allows for ANY NUMBER to be dialed when it is passcode locked! This bug is not new, it was present in iPhone 2.0.2 as well!
Here is a video demonstrating the issue:
I discovered this bug in 2.0.2 just a couple of days before 2.1 came out. So, it was too late for me to give a heads up to Apple. So, I waited for 2.1 to come along to see if it was fixed. I did that today and found out that it wasn’t fixed.
This of course could be an Auatralia-only issue or even an Optus-only issue. Nevertheless it is a security issue with the iPhone and should be addressed.
UPDATE 18 Sep 08:
There is some debate on whether it is a bug or feature! Look at the following link for some more information on the issue:
http://www.macrumors.com/iphone/2008/09/17/iphone-2-1-emergency-call-anyone-bug-or-feature/
–
About the author:
Marwan Al-Zarouni CISSP is currently pursuing a Doctor of Information Technology award at Edith Cowan University. He is a member of the Security Research Centre at Edith Cowan University in Perth, Western Australia.
In a previous post http://www.mysecured.com/?p=202 I showed that your data is not wiped when you do a normal restore. So in this post I will show you some of the ways you can wipe your phone with some degree of certainty that the information on it is wiped.
If you want to wipe your iPhone before you sell it on eBay or give it back to Apple because the touch screen stopped working all of a sudden! Then here are the different ways you can wipe it:
- Jonathan Zdziarski’s method:
http://www.zdziarski.com/papers/wipe.html
It involves jailbreaking and command line access. It is best suited for people with jailbroken iPhones and are really paranoid and control freaks!
- Rich Mogull’s (securosis.com) method:
http://securosis.com/2008/05/20/formatting-an-iphone-to-wipe-data/Which is an easy to do 2 restores and 3 overwrites of the iPhone device’s user data area. Look at this video from CNET on youtube:
- BigBoss Wipe App Method:
http://sleepers.net/news/?p=174
This needs the iPhone to be jailbroken as well. It does a zero out wipe on the device, so it will require a restore afterwards.
The basic idea of all of the methods is to overwrite the data in the user area. Be it by overwriting it with music as in Mogull’s method or by using a wipe tool as with BigBoss or by overwriting it with zeros as in Jonathan’s method. I prefer the latter two methods as overwriting with music might leave some of the data intact (call me paranoid!). But on the other hand it could be the only option for people who do not want to jailbreak their iPhone or do not have the technical expertise to do so.
UPDATE (28 August 2008):
iPhone software 2.0 and above comes with an erase all feature that was not available in previous versions of the iPhone and therefore this feature can be used to completely wipe the iPhone. This can be done on the iPhone itself without needing to connect it to iTunes.
So, on the iPhone tap Settings -> General -> Reset and then select the “Erase All Content and Settings” option from the buttons shown. Users must note that under the 1.x iPhone software, invoking this setting erased the iPhone’s obvious data, but not did NOT PERFORM A ‘bit-by-bit’ WIPE. Under the 2.0 software however, you get a much more thorough wipe (bit-by-bit). which can take an hour or two to complete depending on the storage size of the iPhone being wiped.
According to Jonathan Zdziarski:
A detective from the Oregon State Police notified me this afternoon that an out-of-the-box refurbished iPhone he purchased contained recoverable personal data including email, personal photos, and even financial information which he was able to recover using my forensic toolkit.
So, if you have to return your iPhone to an Apple or AT&T store and they offer to replace it with a new one, make sure that you wipe your data properly first. A proper bit level wipe is needed here and NOT a system restore!
This is a stand-alone hard disk wiper! No computer needed. Wiebetech’s pocket-sized eRazer erases at a rate of 35MB/s, effectively wiping a 250GB hard drive in under two hours. The eRazer meets the DoD erasing standerds and sells in two versions one for $99 and the Pro which supports SATA and Multi-pass sells for $150… Cheap!
For dates, times and availability information on the workshops in UAE and Qatar visit link below:
http://www.oissg.org/certification-training-new-/index.php
http://www.oissg.org/certification-training-new-/index.php
Download the official brochure for the Dubai workshops here:
These certification workshops fund the Open Information Systems Security Group (OISSG) research and development of the ISSAF.
You can also download ISSAF for free! (9.59MB, 1264 pages)
The following new features are available for all enterprise and individual customers:
- Performance on flash drives is improved.
- MojoPac can be used on a host with limited mode login with MojoPac Usher (Beta) installed on the host.
- MojoPac can be installed to a directory on the host computer.
- For our Enterprise customers, MojoPac 1.8 has many enhanced management, provisioning and deployment capabilities.
- Active Directory authentication is now available.
- Image creation and deployment have been made easier.
- New configuration options are available to enforce data protection and security policies.
- MojoPac can perform a security check on host computers. Â
If you are an IT administrator, please contact sales-at-ringcube dot com for updated documentation and management tools.
If you have automatic updates enabled, your MojoPac will update in the next few days.
If you are not using MojoPac, please download it. MojoPac Freedom is *free* for non-commercial personal use.
For more information and to download Mojopac, please visit them at:
It is like a SecureID token but for your Mobile Phone. It is based on Java and provides 1024bit RSA encryption and GrIDsure’s ID technology. Want to learn more, then head to:
http://www.itsecurityportal.com/itsecurity_news.asp?articleid=260033
I have to admit, I thought this is like CommonWealth Bank’s NetCode SMS but it is clearly nothing like it. For more information on that go to:
Do you live in the United Arab Emirates? Are you a hacker? Then this site is made for you! Get the latest hacking news, exploits, links, pod casts and more through this easy to use website.
Feel like you want to contribute to the site? Then drop us a line at: (hackers) at {marwan} dot [com].
Â
Download and read it! It is not small though about 8-10MB. News, articles, intreviews, book releases, software walk-throughs, and more.
Here are the details on How to do it (according to the hacker)Â :
1. Get the required hardware and softwares: (these are the ones I have used): An Infinity USB unlimited SIM reader/writer, a silvercard, SIM-EMU 6.01, and WoronScan 1.09
2. Get the IMSI, Ki of your carrier using WoronScan (I will call them IMSI-b, Ki-b)
3. Use SIM-EMU and create 2 files (1 Flash and 1 EEPROM) using the ICCID of the AT&T sim (ICCID-a), IMSI-b and Ki-b
4. Then use these 2 files to create a sim using the infinity usb unlimited reader/writer
5. Put this sim into a normal unlocked phone and make some calls/receive calls/data services
6. Then use SIM-EMU to change the IMSI of the original Flash file to IMSI of AT&T sim (IMSI-a)
7. Again write the silvercard with the new flash and eeprom files
8. Put this sim into the iphone
9. Activate using the Cingular method as descirbe in Hacktheiphone.com
This is not a true unlock. It is a hack that enables you to make calls with the iphone but does not enable you to recieve calls or use Telstra’s network to browse the Internet. At least not yet 
Links:
http://www.smh.com.au/news/phones–pdas/iphone-hacked-for-australia/2007/07/30/1185647803146.html
I know many people will look at this and go “We’ve seen this before…Â Cellular phone spying is not new” but I have to say that the technology is now more readily available than before. To understand what I am talking about, please read the following from zone labs:
- http://blog.zonelabs.com/blog/2007/04/they_can_hear_y.html
- http://blog.zonelabs.com/blog/2007/03/warning_this_ce_1.html
Also, visit this site:
Beware of cellphones left in your office, on your table at a coffee shop and in meetings. The FBI has been doing cell phone spying apparently:
http://www.youtube.com/watch?v=O61YfvPZGJs
Matt’s Blog is not frequently updated but his site crypto.com is an excelent resource for all kinds of information. Make sure you check it out.
Need we say more? My only comment is that I have seen many ATMs with telephone cables in plain sight just begging for a bugging device!
The question of the day is: When will banks understand the importance of ATM device security? (please don’t answer ).
Many thanks to Times Online for the story.
Please read it in full by visiting:
http://www.timesonline.co.uk/article/0,,29389-2453590,00.html
Â
The guide was written by Karen Kent, Suzanne Chevalier, Tim Grance, and Hung Dang.
The guide presents forensics from an IT view, not a law enforcement view. It is written for incident response teams; forensic analysts; system, network, and security administrators; and computer security program managers who are responsible for performing forensics for investigative, incident response, or troubleshooting purposes.
It also has a wide array of resources for further reading. Highly recommended read and reference for IT professionals.
Download it here:
http://csrc.ncsl.nist.gov/publications/nistpubs/800-86/SP800-86.pdf
Read more about it in here:
http://www.cccure.org/modules.php?name=News&file=article&sid=1023
NIST also released the following four security related guides:
- Guidance for Securing Microsoft Windows XP Home Edition: A NIST Security Configuration Checklist
- Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities
- Assessment of Access Control Systems
- Guide to Computer Security Log Management
Read more about them here:
http://www.govtech.net/magazine/channel_story.php/101708
Last but not least, it is worth mentioning that last month, NIST released a document about RFID. Read about it here:
http://www.fcw.com/article96300-10-03-06-Web
Thanks Clement 
Â
Man meets Prince Charles and passes royal security with no problems at all. Makes you question security at events. The question of the day is: While all the security measures are taken into considration at airports and other transportation means and bucket loads of money thrown at them, are events security and royal security overlooked?
Watch the Video Here:
http://ninemsn.video.msn.com/v/en-au/v.htm?g=4c2daec9-dc61-4c65-9307-93c37c24220d&f=39&fg=copy
Links:
mirror.co.uk
itv.com
