Profile

Cover photo
Sean M
AboutPosts

Stream

Sean M

Shared publicly  - 
 
Futuristic Cyberattack Scenario

This is a piece of near-future fiction about a cyberattack on New York, including hacking of cars, the water system, hospitals, elevators, and the power grid. Although it is definitely a movie-plot attack, all the individual pieces are plausible and will certainly happen individually and separately.

Worth reading -- it's probably the best example of this sort of thing to date.

Story:
"Envisioning the Hack That Could Take Down New York City"
http://nymag.com/daily/intelligencer/2016/06/the-hack-that-could-take-down-nyc.html
3
4
Add a comment...

Sean M

Shared publicly  - 
 
Telegram Message Size Limitations Bypassed

Researchers discovered ability method to send messages outside normal limits - 1 to 4096 bytes.

The flaw has not been released, but it hasn't been reported to Telegram, either, due to the researcher being until to locate a venue for reporting the vulnerability.
1
Add a comment...

Sean M

Shared publicly  - 
 
 
Today we're taking a stand against unchecked government hacking. Join us.
Join me. Tell Congress that U.S. government agents shouldn’t use an obscure loophole in the law to hack into our computers. https://noglobalwarrants.org
3 comments on original post
2
Add a comment...

Sean M

Shared publicly  - 
 
 
Ken Thompson would be proud. Or mortified.
Reader edxwelch writes: Reddit user sammiesdog discovered recently that Visual Studio 2015 C++ compiler was inserting calls to a Microsoft telemetry function into binaries. "I compiled a simple program with only main(). When looking at the compiled binary in IDA, I see a call for telemetry_main_invo...
2 comments on original post
1
Add a comment...

Sean M

Shared publicly  - 
 
EU and "Privacy"

The EU is doing a lot to champion privacy but they keep going too far, and setting dangerous and unrealistic policy.

The Right to be Forgotten is turning into a tool for global censorship. Why should France be able to dictate US search results? Worse, if allowed to grow, repressive regimes, such as Turkey, Russia, or China, could dictate search results in the EU or US. A race to the bottom in freedom.
 
I find this short article about trends in data protection and privacy regulation in the EU very interesting, and highly worth reading and considering for anyone who cares about this subject.

(I will not be commenting on the body of this, but simply raise this to your attention)
47 comments on original post
1
Add a comment...

Sean M

Shared publicly  - 
 
Don't Paste into a Terminal

TL;DR safe way to behave is to "... paste anything you copy from a web page into something that can’t run commands, like NOTEPAD or TextEdit and examine it first."
Just when you thought it was safe to delve into your clipboard.
3
9
Add a comment...

Sean M

Shared publicly  - 
 
Who Authorizes Access? Is Tech Support Potentially Criminal?

Unfortunately, the Computer Fraud and Abuse Act (CFAA) provides ample room for judicial ambiguity and abuse. A recent ruling by the US Ninth Circuit depended upon the concept of "unauthorized access", which is not well defined in the CFAA.

At issue in this case is that a former employee, who had his access revoked, used credentials of an employee, who had access, to retrieve information from a database. The credentials were not stolen or hacked. The employee with access freely gave their functional credentials (username and password) to the former employee. The former employee then used these credentials to access the database.

The Ninth Circuit ruled that system users, such as the employee, cannot transfer or allow access rights to others. Instead, that permission must come from the system owner. So, even with legitimate credentials, an individual is violating access rights if they have not specifically been given that permission by the system owner.

In this case, it may not seem like a significant deal. The guy did malicious things with the access. He transferred trade secrets for his personal usage. The problem is that the situation is hardly uncommon outside of criminal actions.

Consider what occurs when a person calls upon tech support, whether that is family, friend, or professionals. That tech support technician often needs to interact with the malfunctioning system. When that malfunctioning system is your computer or device, you are the system owner. However, when that malfunctioning system is a third-party or cloud system, you are a system user. So, if a user needs assistance with their Gmail, Office 360, or Pandora they generally have the tech support technician troubleshoot the issue for them by granting the technician access to their account.

With the Ninth Circuit's ruling, the legality of this is in question. If a user can no longer authorize access to others then those actions become "unauthorized access", per the Ninth Circuit ruling.

Helpful individuals, such as +Lauren Weinstein​, who provide a lot of long distance tech support may find themselves outside the law since the client cannot authorize access, if the help is with cloud services or in situations where system ownership is a third party.

Perhaps the defining demarcation should be the scope of the access. In this case, the access was to a company-wide database, which - in my opinion - should require system owner permission. However, in the case of tech support, the scope of access is generally going to be limited to a user's data only. In the case of only the specific user's data, it seems prudent to allow them the right to determine access. For perspective, this is the difference between allowing someone access to the entire mail server (former) versus a single mailbox (latter).

I am not a lawyer, so do not take my opinion as legally sound. I am merely considering the possible issues with restricting system permissions to the owner, and the ambiguity.

For more updates, follow +Electronic Frontier Foundation​. 
This week, the Ninth Circuit Court of Appeals, in a case called United States v. Nosal, held 2-1 that using someone else’s password, even with their knowledge and permission, is a federal criminal offense.
1
Lauren Weinstein's profile photoSean M's profile photo
2 comments
Sean M
+
1
2
1
 
+Lauren Weinstein​, agreed that Tech Support is unlikely to be in the crosshairs of the CFAA. It would be nice, though, if the law was better clarified. 
Add a comment...

Sean M

Shared publicly  - 
 
Signal vs WhatsApp vs Allo

Review of the pros and cons between three messaging apps.

Signal provides the best assurances but its adoption is small. 
Both Signal and WhatsApp are encrypted, but Signal takes extra steps to keep your chats private.
2
1
Gianmario Scotti (Mario)'s profile photoSean M's profile photo
2 comments
Sean M
+
1
2
1
 
The EFF should be releasing an updated messaging scorecard at some point.

Telegram seems like a decent option if you configure it properly.
http://www.relativisticramblings.com/ramblings/telegram-vs-signal/

Personally, I am waiting for the updated ChatSecure app to be released, along with their more user-friendly spinoff. It doesn't require a phone # so it provides a better level of "anonymity" and separation from a specific phone. 
Add a comment...

Sean M

Shared publicly  - 
 
VM TLS Key Extraction by Hypervisors

Bitdefender researchers have developed the ability to extract encryption keys from virtualized machines. This means that even if a connection is secured using TLS the security the connection can be compromised if one or both ends of the connection are running on top of a hypervisor.

Bad day for proponents of the security of cloud services and virtualization.

Via +Adam Liss​​​
Bitdefender researchers have demonstrated a proof of concept that encrypted communications can be decrypted in real-time via new TeLeScope technique.
2
5
Sean M's profile photoMaxime Dor's profile photoJohn Bump's profile photo
9 comments
 
If you have physical access, you're generally screwed anyway, but memory randomization and encryption go quite a ways. (Interestingly, there are some hardware systems specifically designed to detect intrusion and scramble memory, including ones that target/sense cryogenic freezing.)
Add a comment...

Sean M

Shared publicly  - 
 
Project Fi: Now Includes US Cellular

US Cellular now apart of the Project Fi network.
3
Add a comment...

Sean M

Shared publicly  - 
 
Yubikey 4 is Closed Source

Unfortunately, the Yubikey NEO is the most recent option with open source and auditable software.

Use the Yubikey 4 at your own risk. I personally will not be expanding my +Yubico​ collection and will not recommend them to friends that need high security options.

Per +Dain Nilsson​​ (Yubico), we're supposed to trust their software review process.
 
For those of you that use the yubico key
Just learned that the @Yubico YK4 code isn't open source. Very disappointing, trust--. Heads up @tykeal/@zxiiro. https://github.com/Yubico/ykneo-openpgp/issues/2#issuecomment-218446368 … GitHub. Support more key sizes · Issue #2 · Yubico/ykneo-openpgp. Currently the applet only supports RSA ...
View original post
1
1
Add a comment...

Sean M

Shared publicly  - 
 
Gaining CPU Supervisor Privileges Through Chip Design

Trusted computing is hard. This research demonstrates an attack that should really nullify any thoughts people may have about defending themselves against the super powers. If the super powers want in then they'll get in.
 
This is the most demonically clever computer security attack I've seen in years. It's a fabrication-time attack: that is, it's an attack which can be performed by someone who has access to the microchip fabrication facility, and it lets them insert a nearly undetectable backdoor into the chips themselves. (If you're wondering who might want to do such a thing, think "state-level actors")

The attack starts with a chip design which has already been routed -- i.e., it's gone from a high-level design in terms of registers and data, to a low-level design in terms of gates and transistors, all the way to a physical layout of how the wires and silicon will be laid out. But instead of adding a chunk of new circuitry (which would take up space), or modifying existing circuitry significantly (which could be detected), it adds nothing more than a single logic gate in a piece of empty space.

When a wire next to this booby-trap gate flips from off to on, the electromagnetic fields it emits add a little bit of charge to a capacitor inside the gate. If it just happens once, that charge bleeds off, and nothing happens. But if that wire is flipped on and off rapidly, it accumulates in the capacitor until it passes a threshold -- at which point it triggers that gate, which flips a target flip-flop (switch) inside the chip from off to on.

If you pick a wire which normally doesn't flip on and off rapidly, and you target a vulnerable switch -- say, the switch between user and supervisor mode -- then you have a modification to the chip which is too tiny to notice, which is invisible to all known forms of detection, and if you know the correct magic incantation (in software) to flip that wire rapidly, will suddenly give you supervisor-mode access to the chip. (Supervisor mode is the mode the heart of the operating system runs in; in this mode, you have access to all the computer's memory, rather than just to your own application's)

The authors of this paper came up with the idea and built an actual microchip with such a backdoor in it, using the open-source OR1200 chip as their target. I don't know if I want to guess how many three-letter agencies have already had the same idea, or what fraction of chips in the wild already have such a backdoor in them.

As +Andreas Schou said in his share, "Okay. That's it. I give up. Security is impossible."
190 comments on original post
6
2
Add a comment...
Work
Occupation
IT Guy
Links
YouTube
Basic Information
Gender
Male