Ars Technica

Syndikovat obsah security – Ars Technica
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Aktualizace: 49 min 22 sek zpět

Secret chips in replacement parts can completely hijack your phone’s security

18 Srpen, 2017 - 14:27

Enlarge (credit: Omer Shwartz et al.)

People with cracked touch screens or similar smartphone maladies have a new headache to consider: the possibility the replacement parts installed by repair shops contain secret hardware that completely hijacks the security of the device.

The concern arises from research that shows how replacement screens—one put into a Huawei Nexus 6P and the other into an LG G Pad 7.0—can be used to surreptitiously log keyboard input and patterns, install malicious apps, and take pictures and e-mail them to the attacker. The booby-trapped screens also exploited operating system vulnerabilities that bypassed key security protections built into the phones. The malicious parts cost less than $10 and could easily be mass-produced. Most chilling of all, to most people, the booby-trapped parts could be indistinguishable from legitimate ones, a trait that could leave many service technicians unaware of the maliciousness. There would be no sign of tampering unless someone with a background in hardware disassembled the repaired phone and inspected it.

The research, in a paper presented this week at the 2017 Usenix Workshop on Offensive Technologies, highlights an often overlooked disparity in smartphone security. The software drivers included in both the iOS and Android operating systems are closely guarded by the device manufacturers, and therefore exist within a "trust boundary." The factory-installed hardware that communicates with the drivers is similarly assumed to be trustworthy, as long as the manufacturer safeguards its supply chain. The security model breaks down as soon as a phone is serviced in a third-party repair shop, where there's no reliable way to certify replacement parts haven't been modified.

Read 6 remaining paragraphs | Comments

Kategorie: Hacking & Security

Building America’s Trust Act would amp up privacy concerns at the border

15 Srpen, 2017 - 10:00

Enlarge / A US Customs and Border Protection officer checks identifications as people cross into the United States from Mexico on September 23, 2016 in San Ysidro, California. (credit: John Moore / Getty Images News)

If a new Senate Republican border security bill is passed as currently drafted, it would dramatically increase the amount of surveillance technologies used against immigrants and, in some cases, American citizens traveling to and from the United States.

The bill, known as the "Building America's Trust Act," is authored by Sen. John Cornyn (R-Tex.). It aims for a "long-term border security and interior enforcement strategy," according to its summary. However, the senators have yet to formally introduce the text of the bill.

So Ars is going to do it for them: we received an advance copy of the bill’s text from an anonymous source, and we are publishing it here before it has been formally introduced in the Senate. Ars repeatedly contacted the offices of all six senators who are listed as co-sponsors for comment—none made anyone available.

Read 19 remaining paragraphs | Comments

Kategorie: Hacking & Security

After phishing attacks, Chrome extensions push adware to millions

3 Srpen, 2017 - 17:45

Enlarge / One of the ads displayed by a fraudulently updated version of the Web Developer extension for Chrome. (credit: dviate)

Twice in five days, developers of Chrome browser extensions have lost control of their code after unidentified attackers compromised the Google Chrome Web Store accounts used to issue updates.

The most recent case happened Wednesday to Chris Pederick, creator of the Web Developer extension. Last Friday, developers of Copyfish, a browser extension that performs optical character recognition, also had their account hijacked.

In both cases, the attackers used the unauthorized access to publish fraudulent updates that by default are automatically pushed to all Chrome users who have the extensions installed. The tainted extensions were also available for download in Google's official Chrome Web Store. Both Pederick and the Copyfish developers said the fraudulent updates did nothing more than inject ads into the sites users visited. The Copyfish developers provided this account that provided a side-by-side comparison of the legitimate and altered code. Pederick has so far not provided documentation of the changes that were pushed out to the more than one million browsers that have downloaded the Web Developer extension.

Read 7 remaining paragraphs | Comments

Kategorie: Hacking & Security

Stealthy Google Play apps recorded calls and stole e-mails and texts

27 Červenec, 2017 - 19:22

Enlarge (credit: portal gda)

Google has expelled 20 Android apps from its Play marketplace after finding they contained code for monitoring and extracting users' e-mail, text messages, locations, voice calls, and other sensitive data.

The apps, which made their way onto about 100 phones, exploited known vulnerabilities to "root" devices running older versions of Android. Root status allowed the apps to bypass security protections built into the mobile operating system. As a result, the apps were capable of surreptitiously accessing sensitive data stored, sent, or received by at least a dozen other apps, including Gmail, Hangouts, LinkedIn, and Messenger. The now-ejected apps also collected messages sent and received by Whatsapp, Telegram, and Viber, which all encrypt data in an attempt to make it harder for attackers to intercept messages while in transit.

The apps also contained functions allowing for:

Read 5 remaining paragraphs | Comments

Kategorie: Hacking & Security

Microsoft expands bug bounty program to cover any Windows flaw

26 Červenec, 2017 - 22:28

Some bugs aren't worth very much cash. (credit: Daniel Novta)

Microsoft today announced a new bug bounty scheme that would see anyone finding a security flaw in Windows eligible for a payout of up to $15,000.

The company has been running bug bounty programs, wherein security researchers are financially rewarded for discovering and reporting exploitable flaws, since 2013. Back then, Microsoft was paying up to $11,000 for bugs in Internet Explorer 11. In the years since then, Microsoft's bounty schemes have expanded with specific programs offering rewards for those finding flaws in the Hyper-V hypervisor, Windows' wide range of exploit mitigation systems such as DEP and ASLR, and the Edge browser.

Many of these bounty programs were time-limited, covering software during its beta/development period but ending once it was released. This structure is an attempt to attract greater scrutiny before exploits are distributed to regular end-users. Last month, the Edge bounty program was made an ongoing scheme no longer tied to any particular timeframe.

Read 2 remaining paragraphs | Comments

Kategorie: Hacking & Security