Re: Not to downplay the security hole....
Plus in 30 seconds you can probably just replace the device with an identical looking one that's bugged. Or you could implant a bug into one of those.
Posts by Christian Berger
4851 publicly visible posts • joined 9 Mar 2007
Page:
Google leaves STUPID vuln on Nest devices
Tuesday 12th August 2014 07:38 GMT
Re: That's actually a feature I'd want
"In a world where most people aren't developers, most people will always run someone else's code."
You're completely missing the point. Of course you won't have to security audit all the code you are running yourself, but you can get code from other trusted sources. Just like people now replace their Windows XP or Windows 8 with some Linux, or replacing their manufacturer branded Android with Cyanogenmod, being able to choose what software runs on those devices is a good thing.
Just imagine Google deciding to "upgrade" the software to display ads. Or to sell off the data they collect from those devices. Just because Google doesn't do this today, they could one day get into financial troubles and be sold to a company having other ideas. In the 1990s nobody would have thought IBM would sell off their PC division.
And seriously, how is the mentioned "security hole" even a security hole. If you have 10 seconds alone with such a device, you could also simply replace it with an identically looking other device. Or you could just stick on additional hardware to it.
Tuesday 12th August 2014 06:50 GMT
That's actually a feature I'd want
I'd not want to run such devices with some Google software which is designed to spy on me, but with a software coming from a source I trust. In fact since the task is rather simple, I'd want to be able to write my own software to get onto those devices.
It's not a security vulnerability, it's a security feature. Running your own code means that you can get rid of all the security problems the manufacturer put in there.
We must stop seeing "running your own code" as a security problem, since "code is law" and only if you can decide what code a device runs, you truly own it. Seeing more and more devices going against the will of the person who paid for it, that's a really important thing.
Microsoft: Just what the world needs – a $25 Nokia dumbphone
NIST wants better SCADA security
AMD's first 64-bit ARM cores star in ... Heatless in Seattle*
Monday 11th August 2014 19:39 GMT
Re: Finally a standard for booting
I disagree, from all I've heard the specification itself is already far to complex to ever be implemented correctly. I mean the reference implementations are already larger than the Linux Kernel... and those implementations don't include any drivers.
It just seems to be a heck of an overhead just to do booting and hardware support. OpenFirmware did the same, much more cleanly with much less code.
Maybe we should stop comparing EFI with the IBM-BIOS and instead compare it to something that actually was "state of the art" at one point.
Chromebooks to break out of US schools: Netbook 2.0 comeback not just for children
Ofcom sees RISE OF THE MACHINE-to-machine cell comms
GCHQ recruits spotty teens – for upcoming Hack Idol
Monday 11th August 2014 14:16 GMT
Re: Start tracking them young
Well it doesn't matter if they _want_ to do it. Because of information asymmetry they can simply be blackmailed into such positions.
This is why the Chaos Computer Club heavily advises against any sort of such cooperation. There simply is no way you can win in such a situation.
Blackphone rooted at BlackHat
Monday 11th August 2014 04:43 GMT
I wouldn't have expeced otherwise
The Blackphone went down a wrong route. It's just a slightly modified standard phone.
The problem with that is complexity. Mobile operating systems are orders of magnitude to complex to be secure. More complexity means more errors, and more errors mean more security critical errors.
Another problem on those devices is that you have several instances of "binary blobs", code running with very high privileges, facing outside, but having never gone through some sort of security audit.
If you actually want to have a secure device, you need to design it differently. One important thing is to spread out your hardware to different components connected via simple interfaces. Todays mobile phones often have their GSM/UMTS/LTE baseband connected via shared memory or USB, this means that once the baseband is is compromised it's plausible it can attack the application processor, and therefore read out all the keys... or just fake the display.
If you had a simple high speed serial port running a much simpler protocol like PPP, this becomes so hard it gets implausible.
You could have each function of your mobile phone done by an independent microcontroller. The software running on each of those would be simple enough that it would be essentially bug free, so it wouldn't need to be updated. Simple protocols could reduce the attack surface even more.
Without any need to update your software, you could just embed your electronics in transparent resin with a bit of glitter. That would even make the hardware tamper evident.
Then you could greatly simplify the software architecture. Since it'll always be possible to get keys out of your device, and since the CA concept of TLS is severely broken, you could just limit the communication of your device to a single server you own yourself. Since you can exchange the key in advance, you can simply use symmetric encryption. Securing a server is much easier than securing a device that's inside your pocket.
Facebook slurps PrivateCore - 'cos your selfies need locking up
Saturday 9th August 2014 18:39 GMT
Actually PrivateCore seems to be complete Snakeoil
They claim to have security benefits by encrypting RAM. They claim to do this by having a "secure hypervisor" in CPU cache. Which is hard enough to do, but they don't seem to have any actual credentials in security.
The way they are trying to get around the obvious "boot another OS" attack is by using bootloaders that only run signed code... something that may sound good in theory until you realize that it typically depends on certificate chains... which have so far failed in so many places and are regularly exploited on the Internet. It's not designed to protect the user, but to protect business models.
In essence, they are running more code, which will mean more bugs and therefore more security critical bugs. There's very little security benefit in that.
'Up to two BEEELLION' mobes easily hacked by evil base stations
Saturday 9th August 2014 07:27 GMT
Well looking at it more realistically...
The "GSM" baseband is very complex adding layer upon layer of code trying to implement standards which are in part badly designed.
Added to that is the principle that the network is always trustworthy, so those implementations were never tested against malevolent networks.
What makes this a really big problem is that some mobile phone manufacturers use shared memory to have the baseband talk to the application processor. So if you take over the baseband CPU you'll likely be able to compromise the rest of the system.
Brit kids match 45-year-old fogies' tech skill level by the age of 6
Thursday 7th August 2014 11:26 GMT
Re: I call bollocks.
The problem is that we are increasingly cutting off people from accessing what's below the shiny surface. In fact on many mobile devices you don't even get to have root access by default.
Compare that to the home computer era. Sure most people used them to play games, but once you turned them on, you were presented with a fully fledged command prompt in the form of a BASIC interpreter.
Russia, China could ban western tech if they want to live in the PAST
Facebook wants Linux networking as good as FreeBSD
Australia's metadata debate is an utter shambles
Tiny steps: HTTP 2.0 WG looks for consensus
Wednesday 6th August 2014 07:37 GMT
Re: Encryption with SSL is problematic
I don't see how that would work. TCP is rather good at streaming data over long latency connections. You just push in your data and it'll come out with the latency of the line. Having a bit more or less data wouldn't change the latency.... Besides there are Websockets for that kind of thing.
Tuesday 5th August 2014 15:33 GMT
Encryption with SSL is problematic
We all know that SSL is broken in so many ways that we actually should just abandon it and replace it with something more like SSH. Mandating SSL will only slow down that process, plus it'll cause lots of problems.
I do not see a point for compressing headers. The web isn't slow because we use a text based protocol that's uncompressed. The web is slow because idiotic web designers spread their contents across dozends of domains (causing DNS queries) and bloating the headers with cookies.
BlackBerry boss John Chen: We're finished (with the job cuts)
Tuesday 5th August 2014 16:08 GMT
Re: Last time somebody told me that...
Well Blackberry is needed to lure people into what is probably the easiest plattform to have access as, as a large attacker. I mean they even sent the e-mail passwords to a Blackberry server. The intended usecase involves a "Backend Server" which runs on Windows with System rights.
It's just like saying "Google Mail is bad, let's all switch to De-Mail".
HUMAN RACE PERIL: Not nukes, it'll be AI that kills us off, warns Musk
Tuesday 5th August 2014 04:23 GMT
The problem probably is profitability
I mean we already let computers make decisions which are bad for society, for example in high speed trading. As long as this is not explicitly forbidden, corporations will go on doing this.
Corporations themselves are like machines. Although the individual parts are humans, the whole thing behaves like a being. That is why corporations must never be half-treated as people as its done now in the US, where corporations can do nearly everything people can, but they cannot be sent to jail. If you send an individual of a corporation to jail, it'll simply work around that missing part.
Free 2004-spec AS/400 pops up in the cloud
Cisco patches OSPF bug that sends traffic into black holes
Monday 4th August 2014 04:08 GMT
There's always a slight chance...
that Cisco actually fixes their bugs.
The strategy of the NSA is not to do the bare minimum to get to the data, but to do everything they can. So they probably knew about such bugs, but still added hardware... just because they can and they want to have redundancy.
It's official: You can now legally carrier-unlock your mobile in the US
Sunday 3rd August 2014 09:55 GMT
Re: It's nice to see people are chipping away on the DMCA
Well of course the US pushed the DMCA. However if you go to a politician outside of the UK, they will always refer to the international agreements.
For an US politician international agreements are not an argument, they just want them to make life in other places worth and just ignore them when they become problematic.
Saturday 2nd August 2014 05:11 GMT
It's nice to see people are chipping away on the DMCA
Unfortunately the US is probably the only country where this is possible, since there are braindead international contracts which are used by other countries to argue against abolishing their local DMCA versions. In the US nobody cares about international law.
14 antivirus apps found to have security problems
Saturday 2nd August 2014 08:23 GMT
Re: Point of Issue
C is a powerful tool in the hand of capable people. It's natural environment is UNIX and simple systems.
One should notice that good C programmers don't program complex things in C. This may sound paradoxical, but what they actually do is writing a small "interpreter" which interprets data structures containing the actual logic. Thus creating something like a domain specific language. C with its data and function pointers makes this very simple. This is the true strength of C.
Apparently that is not what people have been doing here, they literally programmed complicated things directly in C, making both their life unnecessarily hard and risking serious problems if they mess it up.
Wednesday 30th July 2014 01:37 GMT
Re: Illusory
Well the point about that new OS is that the code has been proven not to suffer from certain kinds of bugs. Since such a proof is very hard to do, they only did it with very little code, hence a microkernel. It is then hoped that a "secure" microkernel will be able to secure the rest of the system... which is not necessarily true.
However it is a big step towards security.
Tuesday 29th July 2014 16:45 GMT
Well it should be obvious
AV companies started their products in the 1990s, back when nobody was good at programming, at least not the people who programmed for Windows.
Then they keep putting layer on layer of complexity. First they only scanned files, then they scanned archives. They continue to mess around with more and more complex programs. If a team implementing a compression algorithm cannot get it right, why should a team also responsible for lots of other things, get a whole bunch of compression algorithms right.
Among security people, AV is seen as snake-oil. It cannot work in principle therefore they won't work on such projects.
Lastly to answer the question why browsers are harder to exploit and AV software: Browsers have been mostly open source for more than a decade now. Browsers are actively researched and exploited by a large variety of people. Compare that to AV software nobody who knows about security cares about.
Security chap writes recipe for Raspberry Pi honeypot network
Microsoft and pals applaud UK's 'Google Review' copyright move
Korean vendor launches wearable RPi clone
4K video on terrestrial TV? Not if the WRC shares frequencies to mobiles
Wednesday 30th July 2014 15:41 GMT
The problem with IPTV is...
...that there don't appear to be any simple and published standards. Sure there actually are standards in use to get the multicast streams from your ISP, however you'll never know what they use and if there's DRM in there.
What we would need is a public standard for IPTV. Something DRM-free which I can ask for in a store like DVB-T or DVB-S. This is the base for interoperability, particularly in the face of open source solutions which become more and more important as the commercial solutions more and more act like malware.
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Wednesday 30th July 2014 06:48 GMT
Having worked at a company which does IoT
I have to say that you are still lucky if you have a full blown Linux system, as there you at least had a chance. We had to work with Nucleus, an operating system which had it's own "Ping of Death" bug. However to be fair, trying to respond to a 64k ping when you only have 30k of RAM left kinda is a futile task. Then again the code was so bad that every DNS query leaked 512 bytes of RAM. Again you won't notice that on short test runs when you have megabytes of RAM.
The really big problem is that lots of people who have no idea of secure or even practical software design are now swept into positions where they have to do complex embedded systems.
Bitcoin on ATM? Pfft! We play Doom on ours
Blighty will be BIGGER and BETTER than Germany, confirm beancounters
Bring back error correction, say Danish 'net boffins
Monday 28th July 2014 04:35 GMT
Well under some circumstances
Yes on high latency connections this could bring a considerably improvement. However it would require a new protocol, kinda an TCPwR (Transmission Control Protocol with Redundancy).
There are 2 Problems with this:
1. It won't go through unmodified NAT.
2. It can be hard to implement.
The first problem is particularly bad with "carrier grade NAT" you commonly have on high latency mobile connections, or mid latency consumer connections.
The second one is evident if you look at real life implementations of TCP/IP stacks. There will are ones, particularly in embedded systems still having severe problems. For example the Nucleus one just tends to drop connections without telling the application about it. Adding more complexity will cause lots of problems.
Maybe one sensible way of doing it would be to extend TCP in some way so connections could easily fall back.
Redmond in rapid rebuild after sysadmin request STUNNER
BSkyB slurps Murdoch's Italian and German Sky assets to beef up European pay-TV biz
Indie ISP to Netflix: Give it a rest about 'net neutrality' – and get your checkbook out
Saturday 26th July 2014 09:54 GMT
We should outlaw DRM
If there wasn't any DRM, services like Netflix would easily cache via a transparent cache and we wouldn't have that problem.
Other than that it seriously makes me wonder how bad the infrastructure in the US must be that ISPs actually cannot get proper affordable upstream bandwidth.
Audio tech upstart DTS takes on Wi-Fi speaker juggernaut Sonos
US Social Security 'wasted $300 million on an IT BOONDOGGLE'
FRIKKIN' LASERS could REPLACE fibre-optic comms cables
Wednesday 23rd July 2014 19:52 GMT
Actually light doesn't "bounce off" the edges of a fibre optic cable....
...at least not in anything "communications grade". Of course it will for cheap SPDIF-like systems, but if you want to reach high speeds you encounter a rather simple problem: The parts that bounce around will take considerably longer to arrive than the parts which go through straight through the middle. This may not sound like a lot, but it adds up. If you have a 100km cable a percent longer or shorter ways can really spoil your bandwidth.
Instead fibre optic cables actually work more like microwave waveguides by providing an environment where, ideally, only the wave you are interested in can exist. This involves lots of math.
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Tuesday 22nd July 2014 16:42 GMT
What did you expect?
Apple is one of the few companies that doesn't give out their source code. What other reason, except for betraying the user can there be for this?
I think we should ban binary only software. It's not just to much of a security risk, it's also a question of consumer rights. If I buy a car or a vacuum cleaner I have every right to modify it in any way I want. Why don't I have that right with software? Why can't I just patch out features I don't like or patch in features I'd like to have?
Biting the hand that feeds IT
