#66 - Posted on
2 March 2012 - Author: SM - Category: Hacking
After looking at the new features listed for Windows 8, one in particular caught my attention: The Picture Password Login. It is a very refreshing approach to authentication!
You are presented with a photo at log in and instead of entering a password, you have to touch the image according to the “allowed” touch sequence you registered your user with. In some respect it is similar to the existing gesture based authentication mechanisms you can find on some smartphones (anyone remember that feature on the Palm V?!), but I think it is taken to the next step. Microsoft is maybe trying to do to passwords what Apple did to the Walkman.
By providing you with a photo of your choice (i.e.: your own family picture), and a restricted number of gestures (point, draw a line and circle) it is easier to remember a sequence, more natural and more personal. For exemple, you would circle the head of your best friend, touch the feet of your child and stroke your dog&... >>[READ MORE]
#64 - Posted on
24 February 2012 - Author: SM - Category: Hacking
There is a new vulnerability with iOS5 powered device with a SIM card. I have tried it and it works. You need to know the number of your victim and by combining a missed called, removing the SIM card, putting it back in and swiping the missed call alert it is possible to bypass the lock screen and access the phone.
Look at the video from the weirdly named group called iPhoneIslam, you need to get the timing right!
First, it further highlights how fragile our privacy has become since we live in a digital world with details of our life being kept on the internet: personal blogs, twitter feeds, Facebook or Government/Health records, etc. All this data is available online if you have the right access to the system it is held on. But it is not just still photos or lines of texts, it can also be live pictures through personal webcams or state surveillance cameras. Again, that data is available if you have the right credentials. In this case, hundreds of Trendnet webcam users thought/thinks their live video feed was protected through the use of a userid and password, but a bug in its firmware allows anyone to access it by... >>[READ MORE]
#60 - Posted on
3 January 2012 - Author: SM - Category: Hacking, Security
By websites, I should really have said Web Applications, but the end result is the same: A server which is serving pages on the Internet could see its CPU usage increasing to a level making that server unusable for a few minutes or more. All that from a relatively small specially crafted malicious HTTP request.
This vulnerability exists in most languages used to develop web applications: PHP, ASP.Net, Java, Python, Ruby, etc. And it has been known to exist in theory since 2003!
Last week, Alexander Klink and Julian Wilde explained at the 28th Chaos Communication Congress in Germany how exactly the theory became reality and the impact on the different web application languages were affected.
The core of the issue is the way hash lists have been implemented in those languages. By “Hash” they both refer to a specific type of data structure and the cryptographic function. A ... >>[READ MORE]
#53 - Posted on
27 October 2011 - Author: SM - Category: Hacking
Two vulnerabilities in iOS5 have recently been discovered, one is affecting the iPad2 and the other the new iPhone 4S. In both cases it allows anyone to bypass any lock/passcode to gain unauthorised access to the device.
1) iPad 2 + iOS5 + SmartCover = Anyone can unlock your iPAD This only affects iPad2 with iOS5 and the smart cover set to automatically lock the device. With a locked iPad2, keep pressing the power button until you see the screen telling you to swipe to turn off, close the smart cover, reopen it and push the CANCEL button. This will give you access to the latest application that was used. It means that if you were on the application listing screen you will be able to see all the applications installed on the iPad, but you will not be able to open any otherapplications. This is because you are in the “finder”/”Explorer” application. But it also means that if before you closed your smart cover to lock ... >>[READ MORE]
#45 - Posted on
27 June 2011 - Author: SM - Category: Hacking
Brute force password cracking has been around for a while but in the last few years a new way to use your brand new graphic card has emerged which brings high performance attacks against passwords much cheaper and easier.
This is because the “brain” of those graphical card, The Graphical Processing Unit or GPU, is designed to handle mathematical and repetitive tasks very efficiently.
There is a very good article about this topic on the ERRATA SECURITY blog with some interesting facts:
– Although GPU are now found in most electronic devices (i.e.: phones), dedicated PC cards are obviously better
– Radeon is better than GeForce
– Although you can use more than one GPU, the benefits are not exponential and most people only need 1 or 2 GPU.
– This is because past 8 Characters, a password become near impossible to brute force.... >>[READ MORE]
#37 - Posted on
21 March 2011 - Author: SM - Category: Security, Hacking
I just came accross an interesting attack on the Secure Real Time Protocol (SRTP) using Variable Bit Rate codecs (VBR). That protocol is used to secure voice or IP communication by encrypting the transmitted data.
The attack is described in this draft paper but for the the full details you should take a look at the very comprehensive white paper here which dates back to 2008.
It usesthe phoneticpronunciation of words to identify patterns in the VBR encoding which can be used to bypass encryption and identify phrases as well as the language spoken. So this attack does not target individual words, but phrases or sentences.
Although the paper claims in some cases a success rate of 90% it has an average of 50% success, which is already good enough! What is ... >>[READ MORE]
#35 - Posted on
15 March 2011 - Author: SM - Category: Hacking
The video below would be a really great hack, but it seems toonly be a hoax for a couple of reasons:
– It is unlikelysuch hacker would be showing his face so willingly. – Apparently to hack those wireless billboard you would attack first the central “billboard broadcasting computer”.
Now… if the wireless communications to those billboard was unsecured, then it could be a different story :)
#30 - Posted on
18 February 2011 - Author: SM - Category: Security, Hacking
Below is a very good article describing the recent battle between the Anonymous Hacking group and the HBGary company.
In a nutshell, a security company, “HBGary”, who is also working for the US government was about to release what they think were the identity of a hacking group called “Anonymous” who conducted some high profile hacks against large organisations who were against the wikileaks website. The hacking group response was swift and brutal, they hacked the HBGary websites, defaced them, hacked into the owner’s email account and grabbed lot of user personal information from one of the company’s related website, rootkit.com
It provides a good example of the old adage “do what I say not what I do” but this time in the world of IT Security. Of course you can almost never get IT Security 100% right, but in that case it would seem some of the security weaknesses that were exploited should have never been... >>[READ MORE]
#28 - Posted on
11 February 2011 - Author: SM - Category: Security, Hacking
Another attack on the iOS security has been published today and there are two recurring themes to the attacks I described in previous posts, namely: weaknesses with the Keychain and iOS encryption implementation.
But this time they have been used differently and seem to provide an attacker access to any passwords stored on an iOS device, even if it is passcode protected. One main difference in this attack, is that the attacker would only requires the iOS devices and nothing else (as opposed to the relevant synced PC with previous attacks).
It also seems to prove Zdiarski’s concerns over the iOS encryption controls to be true. The attack used some jailbreaking techniques to access the iOS device boot/ram, bypassing the passcode and using the OS to run a script to access the local keychain and all the passwords it may contain (email, VPN, web apps, etc) It seems that the encrypted data is not linked to the user passcode, which means that if someone ca... >>[READ MORE]
RSS Feeds
Windows 8 Picture Password, great but…