Although 3 years old, this is a good article and a link to a paper about coldboot attack against full disk encryption technology.

In a nutshell, it is related to data not being encrypted when stored in RAM and although it is volatile: “from 2.5 to 35 seconds to reach a Null State” when switched off, it can be recovered with a few techniques such as dropping the RAM temperature to slow down that “null state” or booting up the device through a very small kernel OS so only a small portion of the RAM is over written through a USB device for example.

What makes this attack even more powerful is that a lot of information “derived from the encryption keys” are stored in RAM, usually to speedup calculations.
The author then warn those attacks would be very difficult to prevent without a radical change in hardware architecture or “overhaul of the encryption process itself”.

...
>>[READ MORE]

A few websites have been running a story today on an upcoming attack announcement/demo in next week black hat conference.

Instead of targeting the OS or a specific app, that attack would target bugs directly in a component used to send and receive calls, a baseband chip. Although technically it is still a software attack, the code used to control that chip, it would bypass any security measures in place at the OS level, and would especially be out of Apple/Google control. Such attack could be used to intercept calls or spy on a phone user by activating its phone microphone…

But then surely you would also need to find a bug in the microphone chip? Or elevate your privilege at the OS level from the baseband chip bug?
Anyway, eavesdropping on calls would at least be possible.

What makes this news interesting is both that duplicating a cell tower is becoming easier/cheaper (about $2k) and that you can’t secure and control everything, even in close sy...
>>[READ MORE]

A sensitive topic but below is my initial view on the security offered by those two platforms.

My view is that Android, being a more open platform, offers more capabilities (flash, access to the root system, extension slots, etc). However, because of this it offers a less secured experience out of the box.

Apple, by not allowing certain technologies such as flash (flash security issues are endless) and by limiting access to its root system alsolimits its security exposure compare to android devices.

A very important security feature is then offered by the app store screening process. Although not perfect by any means, it still gets rid of obvious bad or flawed apps and protects iOS users further.

None of the devices are bulletproof and both suffered some security issues:
– iOS: Worm on jail broken iPhone and phone lock bypass (fixed in iOS v4.2)
– Android:Core libraries are open and apps can have deeper...
>>[READ MORE]

As the saying goes, “it is never too late”, and it is only recently that I created a twitter account.
I was convinced to do so after attending a SANS training course (more on that soon) where the instructor told us twitter was the best way to keep up to date and in touch with a great online security community.

I am not new to social media, but after “playing” with twitter for a few days I am both impressed and concerned!

Impressed because it is slick and indeed a great way to follow up some topics and keep in touch.
Concerned because it is a mine gold for wanna be thief!

It has been well publicized that people share far too much information on Facebook, information that can sometimes be used against them (by employers, people who dislike you, ex lovers, etc).
I feel however the micro blogging format of twitter invites more its users at describing and sharing mundane information such as what you eat, what you think, what you ...
>>[READ MORE]

The recent hack on PS3 where the private key used by Sony to sign their games has been recovered is of course a very bad news for Sony. It finishes to open the door to piracy which started in January 2010. In theory, anyone could now sign (pirated) software to run natively on the PS3.

It is a case of badly implemented cryptography algorithm, in that case, the use a proprietary signing algorithm with a faulty random generator.
Crypto 101 says to NEVER use proprietary/secret algorithms. Now Sony’s will pay the price for not listening :)
The PS3 hack story is a great example of badly implemented cryptography which is as important as the choice of the security controls used to protect an asset.

BBC NEWS ARTICLE

The start of an answer from Sony, which seems to indicate they did not grasp the severity of the issue when first announced about a week ago
...
>>[READ MORE]

2011 seems to cary on with the trend of security companies acquisitions by big IT names. This is now the turn of DELL to buy SecureWorks, planning to offer managed security services in a near future.

Another interesting acquisition is that of Immunet by Sourcefire, which should help the later company to grow its business “in the cloud”.

SaaS and “in the cloud” are two 2010 themes which are likely to grow even more this year.

To follow-up on the theme of my last post, this worm has recently received a lot of media attention:
– It targeted Iran nuclear Plants (among other things)
– It is so sophisticated that it has likely been done with some country/national support
– It had a payload with physical consequences

One thing which did catch my attention was that in order for this worm to be so successful against a Process Network, the group of “hackers” must have had access to a testing environment… not everyone has a refinery in their back garden…

Below is a good explanation of what it actually does and how it does it.
If you are in a hurry:
http://www.symantec.com/connect/blogs/exploring-stuxnet-s-plc-infection-process
If your TV is broken:
...
>>[READ MORE]

ZeuS seems to be a popular and quite successful Trojan at the moment, at least in the UK.
It has been around for a while and has been updated several times (at least 3).
There is an excellent white paper written by M86 Security describing its use in what looks like an ongoing and sustain attack against British Banks.
The latest arrests were announced today where hackers had managed to steal about 20m pounds!
If you search the Internet you can see a trend where British bank customers have been successfully defrauded from their money over the last year, all by hackers using the ZeuS Trojan and for what seems an increasing amount of money!

What I find interesting is the fact money is being stolen at large and increasing scale. Actual...
>>[READ MORE]