Open post
Security Bits Logo

Security Bits – Google’s Ad Filter, iBoot Leak, iOS Teluga Text Bug

Security Medium 1 — Google’s Ad Filter

On February 15 Google’s Chrome browser gained a nice new feature for controlling ads. It’s been reported on as an ad blocker, but that coverage misses a very important subtlety. Google itself calls the feature ad filtering, and an ad filter describes this feature very well indeed.

Google is an advertising company, it is not in their interest to destroy the advertising industry. They’re trying to solve a subtly different problem — the rise of ad blockers!

Continue reading “Security Bits – Google’s Ad Filter, iBoot Leak, iOS Teluga Text Bug”

Open post
Security Bits Logo

Security Bits – Spectre/Meltdown Update, Strava Heat Maps

Followup — Spectre & Meltdown News

Security Medium — Strava Heatmaps have Unintended Consequences

The popular exercise tracking app Strava regularly produces a really cool heat-map that shows where most people run, cycle, swim etc.. The data is anonymised, so it all seems like some innocent fun. The latest version of the heatmap was published back in November, and no one thought it was a problem.

Continue reading “Security Bits – Spectre/Meltdown Update, Strava Heat Maps”

Open post
Security Bits Logo

Security Bits – Spectre & Meltdown Update (Again), Dark Caracal, chaiOS

Meltdown & Spectre Update

  • Steve Gibson of GRC (author of ShieldsUp & SpinRite) has released InSpectre, a free Windows app which clearly communicates your PC’s current level of protection against Meltdown & Spectre, and what kind of a performance hit you should expect — www.grc.com/…
  • RedHat have withdrawn their microcode patch for Spectre after it caused some systems to become unbootable (Linux supports dynamic updating of CPU microcode without the need for a BIOS update) — www.theregister.co.uk/…
  • A great post on the official Raspberry PI blog that primarily aims to explain why the Raspberry PIs are not vulnerable to Spectre, but in the process, explain Spectre in clearest and most understandable way I’ve yet seen — www.raspberrypi.org/…

Continue reading “Security Bits – Spectre & Meltdown Update (Again), Dark Caracal, chaiOS”

Open post
Security Bits Logo

Security Bits – Password Trackers, IOHIDeous, Meltdown & Spectre

Security Bits – 5 Jan 2018

Security Medium 1 — Password Managers as Trackers

Security researchers have found that less-reputable tracking firms have deployed JavaScript which uses invisible forms to trick password managers into entering information which can then be used as a kind of super-cookie that users cannot delete, and hence, track them around the web.

This problem affects all features that auto-fill usernames and passwords, whether or not they are native to the browser, or, provided by third-party plugins, so this affects everyone who saves passwords in their browser in any way.

Continue reading “Security Bits – Password Trackers, IOHIDeous, Meltdown & Spectre”

Open post
Security Bits Logo

Security Bits – HP Keylogger, Mailsploit

Security Medium 1 — HP’s Accidental Keylogger

Some HP laptops shipped with a keyboard driver from Synaptics in which a developer debugging feature was accidentally left enabled. The effect of this mistake is that the driver has built-in support for logging all keystrokes via WPP (a debugging tool that’s built into Windows).

This sounds bad, really bad, but thankfully it’s not actually as bad as it sounds.

Continue reading “Security Bits – HP Keylogger, Mailsploit”

Open post
Security Bits Logo

Security Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption

Security Medium 1 — macOS High Sierra Root Bug

A nasty bug was found in macOS 10.13 High Sierra — it was possible to cause the root account to become enabled, and to do so with a blank password.

To trigger this bug all you had to do was go into the control panel, click the padlock to un-lock the sensitive settings, change the username to root, enter no password, then hit enter. At this point the authentication would fail, but, the root account would have been made active. Hit enter again, and root with a blank password will be accepted as valid. At this point you can do anything in the control panel, no matter how restricted your account is in theory, and, anything you can get full terminal access as root.

Continue reading “Security Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption”

Open post
Security Bits Logo

Security Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips

Security Medium 1 — No, FaceID isn’t Broken, but it Does Have Limits

A snazzy demo to the press had headlines all over the press screaming about how FaceID had been broken. But as is so often the case with stories like this, the devil is very much in the detail.

What the hackers really found was that it’s bloody difficult to trick FaceID — it takes a lot of time and effort, and even after you put all that investment in, your spoof only works in very carefully controlled circumstances.

Continue reading “Security Bits – 26 November 2017 – FaceID Isn’t Broken, USB Bugs in Linux Kernel, Vulnerability in Intel Chips”

Open post
Security Bits Logo

Security Bits – Canvas Fingerprinting, KRACK Updates, TOR Browser Bug, New Zero-Day WiFi Bug, Brother Printer Exploit

Security Medium 1 — Canvas Fingerprinting

Before we look at canvas finger printing, I just want to set the scene with a reminder of one of the most fundamental truths about how the web was designed – each web page load is an independent event. Because that meant websites had no memory of anything that went before, i.e. no concept of state the original web could not cope with concepts like logging in, or shopping baskets. Something had to be bolted on to allow web servers connect individual requests into related groups of requests.

The official mechanism added to the HTTP protocol for retaining state between requests is the humble cookie. Cookies gave us the ability to log in, and basically, the modern web. But, they came with a dark side — as well as enabling all the cool things we like about the modern web, they also enabled tracking.

Continue reading “Security Bits – Canvas Fingerprinting, KRACK Updates, TOR Browser Bug, New Zero-Day WiFi Bug, Brother Printer Exploit”

Open post
Security Bits Logo

Security Bits – 22 October 2017

Security Medium 1 – WPA WiFi Encryption Develops KRACKs

This week started with a big security news announcement (responsibly disclosed, which is nice). Security researchers at the Belgian university KU Leuven revealed a collection of related attacks against the WPA2 protocol (WiFi Protected Access version 2). The problem at the root of these attacks was not related to any specific implementation of the spec, but with the spec itself, so every manufacturer who implemented the spec correctly would have introduced these vulnerabilities into their WiFi drivers. Because you have to give a bug a fancy name to get any media attention these days, it was given the somewhat strained pseudo-acronym KRACKs, from key reinstallation attacks.

We’re not going to go into the technical minutia here, but I have included links to some good explanations below. I do want to give a high-level overview of the problem though.

Continue reading “Security Bits – 22 October 2017”

Posts navigation

1 2 3
Scroll to top