Entries Tagged as 'Hacking'

Let Me in Your iPhone

The GSM logo is used to identify compatible ha...
Image via Wikipedia

If you didn’t know already, the encryption for GSM’s antiquated algorithm has been cracked. All 64-bits of it. And guess what…. apparently most carriers haven’t upgraded to the 128-bit algorithm because… well, I’m not exactly sure. I suppose security by obscurity is probably the key reasoning behind this, but A5/1 which has been around since 1988 was replaced by the GSM Association in 2007 with A5/3 but most carriers haven’t bothered to upgrade.

It’s not anything spectacular since the 64bit keys were cracked through brute force, and with the computing power these days along with parallel computing, you can pretty much crack the smaller length algorithms through brute force easily. And this doesn’t allow you to listen in on the calls just yet, it just opens the doors to any of the communication that runs on those bands if the carriers haven’t changed the codes on you not to mention the legality of breaking those codes outside of academic research.

There are a couple ways around this problem. One is to upgrade to a larger key such as 128 bit (which is pretty standard considering many banks run SSL certs on 128 bit encryptions). Not the super-safe, but it does create a lot more combinations to guess through brute force. The other way is through the methodology similar to RADIUS with WPA for Wifi. Wifi keys are easily broken, but if you have a service that continuously rotates those keys and makes it a dynamic password, then any hacker is left with a time limit to break in. From a security standpoint, this becomes a more daunting task.

And as far as iPhones are concerned… oh… if you own one and didn’t know already…(as do most of the world’s mobile devices), they run on GSM carriers. But then again, so will Google’s Nexus One.

Reblog this post [with Zemanta]

Macrumorslive.com gets hacked (NSFW)

macrumor_hack.png It seems that one of the largest rumor sites has been hacked during the keynote. At 9:24AMPST, the site gets hit with a “STEVE JOBS HAS DIED.” Then a string of profanity and spam links and other such nonsense for a good fifteen or twenty minutes before the site was taken down.
The screenshot was provided by John Brown, whom was watching it happen in real-time and happened to get a snap before the site went down.

Reblog this post [with Zemanta]

DVD player hacking

One of the most interesting things I do with hardware is DVD firmware hacking. Except, that I don’t actually mess with the firmware.
Nah, that stuff was back in college days. These days, I let other people do it. What’s most interesting to me when I get a DVD player is the ability to be region-free. There’s a good reason for this. Region-free players allow other regions DVDs to play. This allows you to play imported DVDs without having to actually having to have multiple DVD players.
Before people get all huffy about this, do realize that pirated DVDs are actually region-free already so making your player region-free? Won’t really be useful at all. In fact, it’s the only way to keep paying for legal DVDs if you happen to watch a lot of other region movies (as I do, and I buy direct from Yes Asia USA).
So the goal is to do the research, and check a place like Video Help, or any other database to make sure that there is a maintenance window mode or firmware upgrade available. If you’re lucky, then you too can watch movies from other countries too with a little bit of firmware flashing, or maintenance windows tinkering.
Photo Credit: (Br3nda)

Why I’d stay away from iPhones for now

Yeah, I know. In all technicality, it’s more like all GSM phones and networks that I’d stay away from. But seeing how much I want an iPhone but I’ve been waiting… and waiting… for a CDMA version? Eh. This just nails the coffin shut.
Why? With a $700 open source device called a Universal Software Radio Peripheral (USRP), and a rainbow table that would basically take somewhere around 2.2TBs of space, the GSM frames can be decrypted. Yes, this means that calls will essentially be non-private.
Tapped.
Oh yeah. No more talking about those dirty little secrets over that iPhone of yours. What’s more interesting is that if a web service does evolve from the research presented at this year’s Blackhat DC? You won’t even need the two+ terabytes of space to build your fun GSM scanner.
You have to believe that executives at AT&T and T-Mobile are tearing out their hair right now if they even pay one inkling of attention to what potential havoc this could cause on their networks. Insecure phone calls? Not exactly a consumer confidence builder if you ask me. The most amusing part of this, is… somewhere in the back of my head, a little voice is telling me that NSA has already been listening in on these for a while. They have the resources, and you bet they have the actual storage for rainbow tables to do the decryption.
Photo Credit: (jasonEscapist)

Why are power grids on the Internet anyways?

With the most recent talks by the CIA about how the power grids are being attacked by hackers, I really wonder if this is just a cover-up for incompetency or if it really exists. The reasoning pretty simple.
A while back, the government went through a demonstration video that was showing how a cyberattack could potentially take down a power generator (dramatized obviously). But a really obvious light bulb popped up then, and here it stands now again.
Why are power grid computers on the Internet?
I mean, here’s the deal. Being that it should be a secure facility, you shouldn’t be able to access the power grids any more than you can access parts of the Defense and military networks since they’re on closed networks. There isn’t outside access, and most of that stuff top secret, and I’m sure clearance based. Which means you would have to physically breach for access.
So the obvious solution here? Pull Net access. I mean, it sounds that simple, but why not? Secure them on a private network like everything else that’s important is on. Billing and actual utilities control can be on completely separate networks with a internal firewall, or multiple security entries such as time coded passwords. Seriously. Why do we even put them online? I can’t see an obvious reason at all so I want someone to enlighten me.
Photo Credit: (OZinOH)

Angry IP Scanner

Angry IP Scanner is a IP and port scanner open sourced for Windows. IP scanning basically allows you to track a certain IP address whereas port scanning looks like that particular IP address and tells you which ports are open on that machine. A lot of times, hackers use port scanners to probe machines for vulnerabilities, but it’s also used very regularly by security teams to plug up any underlying holes that could result from an unsafe port being open. Angry IP Scanner allows you not only to scan such information but it also allows you to export that data to a number of common file formats (csv, text, etc).
DownloadSquad < AngryZiber

TJX security breach could be bigger?

Ouch. Definitely big ouch.
We reported that TJX Companies got hit by a security breach a little bit ago. It seems that the breach extends a bit farther than previously mentioned.
Now it’s said that the breach happened at least into 2005, and perhaps as old as 2003. As of yet, the company has not reported the magnitude of breach, but analysts seem to think that with the latest discovery, there could be the potential of millions of effected customers.
Via SecurityFocus

Use a Blackberry? You could invite the next attack to your employer

This year at Defcon, a new exploit called BBProxy has come out. This is basically a trojan that when installed on a Blackberry, can basically provide an attack with a tunnel to scan internal networks bypassing the first line of defense (the firewall) completely. RIM has been contacted prior to Defcon, but nonetheless, it’s still a very interesting device to compromise. With the amount of zombie computers running spam out there, it’ll be interesting to know how far BBProxy or variants can get within the Blackberry carrying crowd.
EngadgetMobile < Wired

Digg users hack Netscape

As of late, due to the Jason Calacanis vs. Kevin Rose in Netscape copy of Digg has been raging online. But this comes as unjustified hacks of Netscape come from Digg users through XSS vulnerabilities on the Netscape site.
Hopefully Kevin Rose does the right thing and puts an end to this since they are his users who are committing this script kiddy-like behavior. It also doesn’t bode well for the advertisers that are looking to invest their money in Digg.
Via FSecure

Missle defense shield conforms to 20 year old DOD security policies?

You should be REALLY scared that we’re supposedly the hottest thing since sliced bread when it comes to world powers and people are scared of us. Why should you be scared? Because all of these crazy weaponry such as the missle defense shield that costs on the order of $10 billion annually consistently fails their tests.
But that’s not all folks. Recently, the same people in charge of this so-called “defense shield” also let a bunch of group passwords to the system loose on a unencrypted network. Not only that, but they conform to 20 year old DoD security policies instead of current security policies. Seeing how we reported yesterday on a number of government agencies failing their cyber security exams for consecutive years (some of those include the ones in charge of this missle defense shield), we’re just wondering…
Shouldn’t we just rename this into “Hack Me to Fly a Missle Network?” It sure scares us that there isn’t a better measure of security guarding such weapons of death.
Via DefenseTech