Security Mishaps Part 2

Some time ago I posted a short collection of security - related news, picturing rather sad story about how we treat security and how we progress with the effort to make computing and Internet a safer place. Bruce Schneier had this very good article on being secure versus feeling secure. What strikes me is how often people just feel secure, losing common sense that would help them be secure...

  • You probably know that, but BlueRay discs with their superior BD+ copy protection scheme were cracked a while ago. http://forum.slysoft.com/showthread.php?t=14786
  • Diebold, a company behind the electronic voting machines and notorious with "feeling secure" lost another case: the key allowing a physical access to every machine has been made based on photos they have on their web site... That is almost like Darwin award nominee! http://www.bradblog.com/?p=4066#more-4066
  • There is a theory linking the random number generators in Windows to NSA having a secret backdoor... Sounds like X-Files, but hey, can't we just have them right, without any ahadow of doubt? http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115
  • iPhones are cracked... everybody uses them unlocked... I wonder why is Apple (and other phone manufacturers / mobile service providers) still continuing this stupid idea of SIM-locking the phones? You can have your phone unlocked in any shopping mall within seconds...
  • Check your wireless network. I happened to have a "guest" on mine a few weeks ago. On a slow and dull day I went to browse the logs of my DHCP service. And found a MAC address I could not identify. It was connecting via the Linksys wireless access point (WAP54G). "Changing the WiFi password will get him out" was my first thought, but he was in in a matter of seconds. All in all I found out I had a trojan firmware. It was redirecting password and other configuration setting to an external web server. Not sure how that happened... I bought this access point on eBay, so it might have come reprogrammed already... so a rule of thumb here: alway do factory reset and upload a fresh firmware from the vendor's web site. BTW in the coming weeks I will be playing with various IDS (Intrusion Detection Systems)... if you have any input here to share, please do so... Are you sure you do not have visitors on your home network?

Till next time :)

Comments

  1. UnknownMay 5, 2008, 7:54:00 AM

    I am not sure if Linksys is implementing that but for your WAP54G you might check if uPnP is disabled.

    ReplyDelete
  2. HeadworxMay 5, 2008, 7:57:00 AM

    so why is uPnP bad? with proper security measures implemented (https for administration and WPA for wireless access) there should be no holes... or are there?

    ReplyDelete
  3. UnknownMay 12, 2008, 12:45:00 PM

    I did not investigate it further but looks like US-CERT recomendation is still valid.

    ReplyDelete

Post a Comment