RSA was the victim of an extremely sophisticated cyber attack which resulted in the possible theft of the two-factor code used by their SecurID products.
The exact risk to customers isn’t clear, but there is risk that the assurance of two factor authentication has been reduced.
Researchers at University of California have torn apart Solid State Drives (SSDs) and have found remnant data even after running several open source and commerical secure erase tools.
They’ve also proposed some changes to SSDs that would make them more secure. Once information is stored on SSDs, getting it off isn’t easy at all.
.jpg "Chinese Hackers Attack Canadian Government")
An unprecedented cyberattack on the Canadian government from China has given foreign hackers access to highly classified federal information, and forced at least two key departments off the internet.
The attack, first detected in early January, left Canadian counter-espionage agents scrambling to determine how much sensitive government information may have been stolen and by whom. Canadian public sentiment towards China is deteriorating.
The UK government plans to introduce legislation that will allow the police to track every phone call, email, text message and website visit made by the public. The information will include who is contacting whom, when and where and which websites are visited, but not the content of the conversations or messages. Every communications provider will be required to store the information for at least a year.
A security researcher created a $1,500 cell phone base station kit (including a laptop and two RF antennas) that tricks cell phones into routing their outbound calls through his device, allowing someone to intercept even encrypted calls (non Gold Lock) in the clear. Most of the price is for the laptop he used to operate the system. The device tricks the phones into disabling encryption and records call details and content before they are routed on their proper way through voice-over-IP. The low-cost, home-brewed device mimics more expensive devices already used by intelligence and law enforcement agencies — called IMSI catchers — that can capture phone ID data and content. The devices essentially spoof a legitimate GSM tower and entice cell phones to send them data by emitting a signal that’s stronger than legitimate towers in the area. Encrypted calls are not protected from interception because the rogue tower can simply turn it off. Although the GSM specifications say that a phone should pop up a warning when it connects to a station that does not have encryption, SIM cards disable that setting so that alerts are not displayed.
India’s Department of Telecommunications has been asked by the government to serve a notice to Skype and Research In Motion to ensure that their email and other data services comply with formats that can be read by security and intelligence agencies, or face a ban in India if they do not comply within 15 days. A similar notice is also being sent to Google, asking it to provide access to content on Gmail in a readable format.
The New Yorker is featuring a long and detailed profile of Julian Assange, founder of Wikileaks. From this Wired’s Threat Level pulls out one salient detail: that Wikileaks’ initial scoop came from documents intercepted from Tor exit routers. The eavesdropping was pulled off by a Wikileaks activist — neither the New Yorker nor Wired knows who or even in what country he or she resides.
The siphoned documents, supposedly stolen by Chinese hackers or spies who were using the Tor (torproject.org) network to transmit the data, were the basis for Wikileaks founder Julian Assange’s assertion in 2006 that his organization had already ‘received over one million documents from 13 countries’ before his site was launched …
Yesterday, it was announced that physicists at the University of Toronto in Canada have successfully attacked a commercial quantum cryptography system for the first time in history.
Quantum cryptography was considered by some to be unbreakable, however, like many other security systems, the technology was built making various assumptions, and in the real-world not all these assumptions have proved to be reliable. In this case, the assumption that the physicists targeted relates to the level of tolerance for noise and associated communication errors.
In order to ensure the security is still intact, quantum cryptographic systems monitor the communication error rate, because a high error rate is indicative that the communication is being intercepted. Because it is impossible to eliminate errors entirely, the cryptographers assumed that an acceptable level of noise or error rate would be 20%.
However, in practice, it was found that there are always errors introduced during the preparation of quantum states and this extra noise exposes the system to an “intercept and resend attack”. By intercepting and reading some quantum bits and then sending them on, in such a way that the error rate remains at only 19%, the physicists demonstrated that it is possible to break quantum encryption on a commercially available system.
Is SSL Becoming Pointless?
Researchers are poking holes in the chain of trust for SSL certificates which protect sensitive data. According to these hypothesized attacks, governments could compel certificate authorities to give them phony certificates that are signed by the CA, which are then used to perform man in the middle attacks.
They point out that Verisign already makes large sums of money by facilitating the disclosure of US consumers’ private data to US government law enforcement. The researchers are developing a Firefox plugin that checks past certificates and warns of anomalies in the issuing country, but not much can help if government starts spying on the secure connections of its own citizens.
On March 8, a security company employee plugged a newly ordered HTC Magic phone from Vodafone into a Windows computer, where it triggered an alert from the antivirus software.
Further inspection of the phone found the device’s 8GB microSD memory card was infected with a client for the now-defunct Mariposa botnet, the Conficker worm, and a password stealer for the Lineage game.
At that point it was at thought to be an issue with a specific refurbished phone.
On Wednesday another phone surfaced with traces of the Mariposa botnet. And now Vodafone is saying that as many as 3,000 HTC Magic phones may be affected.
