Hacking News (28 Posts)

<< Next - First . 1 2 3

GPU Password Cracking

#45 - Posted on 27 June 2011 - Author: SM - Category: Hacking

Brute force password cracking has been around for a while but in the last few years a new way to use your brand new graphic card has emerged which brings high performance attacks against passwords much cheaper and easier.

This is because the “brain” of those graphical card, The Graphical Processing Unit or GPU, is designed to handle mathematical and repetitive tasks very efficiently.

There is a very good article about this topic on the ERRATA SECURITY blog with some interesting facts:

– Although GPU are now found in most electronic devices (i.e.: phones), dedicated PC cards are obviously better

– Radeon is better than GeForce

– Although you can use more than one GPU, the benefits are not exponential and most people only need 1 or 2 GPU.

– This is because past 8 Characters, a password become near impossible to brute force....
>>[READ MORE]

An interesting attack on Voice Over IP Security

#37 - Posted on 21 March 2011 - Author: SM - Category: Security, Hacking

I just came accross an interesting attack on the Secure Real Time Protocol (SRTP) using Variable Bit Rate codecs (VBR). That protocol is used to secure voice or IP communication by encrypting the transmitted data.

The attack is described in this draft paper but for the the full details you should take a look at the very comprehensive white paper here which dates back to 2008.

It usesthe phoneticpronunciation of words to identify patterns in the VBR encoding which can be used to bypass encryption and identify phrases as well as the language spoken. So this attack does not target individual words, but phrases or sentences.

Although the paper claims in some cases a success rate of 90% it has an average of 50% success, which is already good enough! What is ...
>>[READ MORE]

Time Square Video Screen Hack: A Nice hoax

#35 - Posted on 15 March 2011 - Author: SM - Category: Hacking

The video below would be a really great hack, but it seems toonly be a hoax for a couple of reasons:

– It is unlikelysuch hacker would be showing his face so willingly.
– Apparently to hack those wireless billboard you would attack first the central “billboard broadcasting computer”.

Now… if the wireless communications to those billboard was unsecured, then it could be a different story :)


YouTube Direkt

...
>>[READ MORE]

Do what I say not what I do

#30 - Posted on 18 February 2011 - Author: SM - Category: Security, Hacking

Below is a very good article describing the recent battle between the Anonymous Hacking group and the HBGary company.

In a nutshell, a security company, “HBGary”, who is also working for the US government was about to release what they think were the identity of a hacking group called “Anonymous” who conducted some high profile hacks against large organisations who were against the wikileaks website. The hacking group response was swift and brutal, they hacked the HBGary websites, defaced them, hacked into the owner’s email account and grabbed lot of user personal information from one of the company’s related website, rootkit.com

It provides a good example of the old adage “do what I say not what I do” but this time in the world of IT Security. Of course you can almost never get IT Security 100% right, but in that case it would seem some of the security weaknesses that were exploited should have never been...
>>[READ MORE]

New iOS Security attack, this time it looks bad!

#28 - Posted on 11 February 2011 - Author: SM - Category: Security, Hacking

Another attack on the iOS security has been published today and there are two recurring themes to the attacks I described in previous posts, namely: weaknesses with the Keychain and iOS encryption implementation.

But this time they have been used differently and seem to provide an attacker access to any passwords stored on an iOS device, even if it is passcode protected.
One main difference in this attack, is that the attacker would only requires the iOS devices and nothing else (as opposed to the relevant synced PC with previous attacks).

It also seems to prove Zdiarski’s concerns over the iOS encryption controls to be true.
The attack used some jailbreaking techniques to access the iOS device boot/ram, bypassing the passcode and using the OS to run a script to access the local keychain and all the passwords it may contain (email, VPN, web apps, etc)
It seems that the encrypted data is not linked to the user passcode, which means that if someone ca...
>>[READ MORE]

Full Disk Encryption Attacks

#23 - Posted on 25 January 2011 - Author: SM - Category: Security, Hacking

Although 3 years old, this is a good article and a link to a paper about coldboot attack against full disk encryption technology.

In a nutshell, it is related to data not being encrypted when stored in RAM and although it is volatile: “from 2.5 to 35 seconds to reach a Null State” when switched off, it can be recovered with a few techniques such as dropping the RAM temperature to slow down that “null state” or booting up the device through a very small kernel OS so only a small portion of the RAM is over written through a USB device for example.

What makes this attack even more powerful is that a lot of information “derived from the encryption keys” are stored in RAM, usually to speedup calculations.
The author then warn those attacks would be very difficult to prevent without a radical change in hardware architecture or “overhaul of the encryption process itself”.

...
>>[READ MORE]

Cellular Network Attacks

#22 - Posted on 17 January 2011 - Author: SM - Category: Security, Hacking

A few websites have been running a story today on an upcoming attack announcement/demo in next week black hat conference.

Instead of targeting the OS or a specific app, that attack would target bugs directly in a component used to send and receive calls, a baseband chip. Although technically it is still a software attack, the code used to control that chip, it would bypass any security measures in place at the OS level, and would especially be out of Apple/Google control. Such attack could be used to intercept calls or spy on a phone user by activating its phone microphone…

But then surely you would also need to find a bug in the microphone chip? Or elevate your privilege at the OS level from the baseband chip bug?
Anyway, eavesdropping on calls would at least be possible.

What makes this news interesting is both that duplicating a cell tower is becoming easier/cheaper (about $2k) and that you can’t secure and control everything, even in close sy...
>>[READ MORE]

PS3 Hacked and Cryptography

#19 - Posted on 7 January 2011 - Author: SM - Category: Security, Hacking, Cryptography

The recent hack on PS3 where the private key used by Sony to sign their games has been recovered is of course a very bad news for Sony. It finishes to open the door to piracy which started in January 2010. In theory, anyone could now sign (pirated) software to run natively on the PS3.

It is a case of badly implemented cryptography algorithm, in that case, the use a proprietary signing algorithm with a faulty random generator.
Crypto 101 says to NEVER use proprietary/secret algorithms. Now Sony’s will pay the price for not listening :)
The PS3 hack story is a great example of badly implemented cryptography which is as important as the choice of the security controls used to protect an asset.

BBC NEWS ARTICLE

The start of an answer from Sony, which seems to indicate they did not grasp the severity of the issue when first announced about a week ago
...
>>[READ MORE]