Security Now 246

From The Official TWiT Wiki
Jump to: navigation, search
Security Now
Episode 246

Security Now 246: Your Questions, Steve's Answers #91

Stolen Google source code, GSM hacked, photocopy machine hard drive security, your questions, and more.

News & Errata

07:48 - 14:17

  • During the Auora attacks Google lost control of its Single Sign On solution, "Gaia" Source Code

14:18 - 21:52

  • The Cellular GSM System has been legally hacked
  • The GSM Caller ID system has an API so that it works globally between all network providers. And it maps phone number to account name. Thus it's possible to walk the entire tree of cellular phone numbers and build a database of every phone number's owner.
  • For call routing, the global phone system must be able to FIND anyone's current location so that calls can be forwarded to the proper network. So it's possible to determine where anyone is currently located.
  • Cellular Voicemail can be tricked by sending two calls right after one another and immediately disconnecting the first one. This lets the second one go directly to voicemail without causing the phone to ring. T-Mobile's voicemail system (for example) is vulnerable to "voicemail spoofing", allowing anyone to listen to all stored messages and get the phone numbers of those callers

21:53 - 24:01

  • Mozilla has block listed the Java development kit as it has a 0 day vulnerability
  • A list of all add on's blocked by Mozilla here

24:02 - 26:26

  • Microsoft "withdraws" ineffective April 13th "placebo" patch: MS10-025
  • It was supposed to fix a Remotely exploitable buffer overflow in Media Unicast Services on Windows 2000 Server but it didn't fix the problem as intended

26:27 - 32:35

32:36 - 41:44

  • A company called Sky Hook are driving around the world and acquiring the MAC addresses of all the access points and logging there location
  • This is being used by devices such as the iPad to locate where a user is without GPS

Questions & Answers

45:30 - 01:34:20

Comment: [ 01 ]

45:30 - 52:28 Greg Christopher (Silicon Valley)
Listener Comment: I do not think that the new Apple SDK agreement improves security

Steve's Comment: I agree

Question: [ 02 ]

52:29 - 56:28 Corry Macfarlane (Minneapolis)
Listener Comment: Here is how you can make Katmouse work in the latest version of Firefox:

1. Right-click on KatMouse taskbar icon
2. Choose Settings...
3. Select the “Classes” tab
4. Drag the “target” icon at the bottom of the KatMouse window onto any Firefox window and release the target.
5. 'MozillaWindowClass' will appear as custom configuration. You can double-click on it for further configuration, but you don't need to in this case.
6. Apply … and you’re done.

Steve's Comment: This works great

Comment: [ 03 ]

56:29 - 01:02:14 Tony, listening (Yokohama, Japan)
Listener Comment: In iPhone / iPad / iTouch OS 4.0 you can use a complex password to lock your device

Steve's Comment: You currently have to try on average 5000 times to guess a 4 digit password. In the corporate configuration kit for these devices you can also do this on OS 3.0

Comment: [ 04 ]

01:02:15 - 01:09:52 Jim McShaver (Saskatchewan)
Listener Comment: The iPhone remember only the SSIDs that you have trusted. Unfortunately they don't tie the SSID to a MAC address I own 3 wireless access points and have tested this. So if you have ever connected to "linksys", "dlink" or "Steve's Starbucks". It will connect automatically to any other (different) access point with that same SSID name!

Steve's Comment: This is true

Question: [ 05 ]

01:09:53 - 01:15:05 Vicissitudelicious (San Jose, CA)
Question: How do you stealth ports ?

Answer: Get a router

Comment: [ 06 ]

01:15:06 - 01:19:48 Anon (Unknown)
Listener Comment: Towards the end of last week's episode 245 you started trusting “closed source” vendors, whereas early in the podcast you were all ga-ga about TNO. So, the conclusion sounds like TNO except Apple, Microsoft, etc…

Steve's Comment: The only way you can truly trust no one is to build EVERYTHING your self including hardware components and software

Comment: [ 07 ]

01:19:49 - 01:22:40 Bill Newhouse (Rockville, Maryland)
Listener Comment: Is there a way to search into all episodes via a single search? For instance, I might wish to know in which shows you discussed DNS. Searching show by show is painfully slow. I just discovered the TWIT wiki and recognize that wiki's are good for such searches. You might wish to highlight this notion in a future episode.

Steve's Comment: There are transcripts for every episode and you can search through them on Steve's website at GRC

Question: [ 08 ]

01:22:41 - 01:30:02 DuckByte (Mission Viejo, CA)
Question: I have about ten different devices connected to my home network. Automatic assignment of internal IP addresses is normally not a problem, but one of the devices is used as an FTP server and when the internal IP address changes it forces me to tweak the router and server settings. Is there a way to configure the network so a mix of static and dynamic IP addresses can be used?

Answer: Most routers allow you to associate a MAC address with an IP. Or you can tell individual computers not to obtain an IP automatically and manually assign it an IP

Comment: [ 09 ]

01:30:03 - 01:34:20 Alec Stubbs (UK)
Listener Comment: You made the point that competing ecosystems (to Apples iPhone OS) lose out somehow because they don't test and sign applications that are allowed to run on their systems. This not quite right, Symbian has, for years, enforced a process where applications have to be signed before a user can install them. When installing the application it tells the user what parts of the system will be used (such as the network or the contacts list).

Symbian is a open source OS and currently the most used in the world (about 45% of all smartphones sold).

While I do agree that the iPhone OS is a secure platform that would be very difficult to get arbitrary malicious code to run on it, it would not be impossible at all to get Trojan like applications to run which, while appearing to be a useful application, were actually doing something you did not expect ... like harvesting your contacts list for example.

My point is merely that scanning and signing a binary file does not guarantee security nor must such benefit it be exclusive to commercial operations such as Apple's Apps store

Steve's Comment: Apple has an approval process symbian and android do not


Go To Training

Carbonite Pro

Production Information

  • Edited by: Tony
  • Notes:
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.