The British Government Is Coming For Your Privacy

July 30, 2023 by 77 Comments

The list of bad legislation relating to the topic of encryption and privacy is long and inglorious. Usually, these legislative stinkers only affect those unfortunate enough to live in the country that passed them. Still, one upcoming law from the British government should have us all concerned. The Online Safety Bill started as the usual think-of-the-children stuff, but as the EFF notes, some of its proposed powers have the potential to undermine encryption worldwide.

At issue is the proposal that services with strong encryption incorporate government-sanctioned backdoors to give the spooks free rein to snoop on communications. We imagine that this will be of significant interest to some of the world’s less savoury regimes, a club we can’t honestly say the current UK government doesn’t seem hell-bent on joining. The Bill has had a tumultuous passage through the Lords, the UK upper house, but PM Rishi Sunak’s administration has proved unbending.

If there’s a silver lining to this legislative train wreck, it’s that many of the global tech companies are likely to pull their products from the UK market rather than comply. We understand that UK lawmakers are partial to encrypted online messaging platforms. Thus, there will be poetic justice in their voting once more for a disastrous bill with the unintended consequence of taking away something they rely on.

Header image: DaniKauf, CC BY-SA 3.0.

This Week In Security: Zenbleed, Web Integrity, And More!

July 28, 2023 by 9 Comments

Up first is Zenbleed, a particularly worrying speculative execution bug, that unfortunately happens to be really simple to exploit. It leaks data from function like strlen, memcpy, and strcmp. It’s vulnerable from within virtual machines, and potentially from within the browser. The scope is fairly limited, though, as Zenbleed only affects Zen 2 CPUs: that’s the AMD Epyc 7002 series, the Ryzen 3000 series, and some of the Ryzen 4000, 5000, and 7020 series of CPUs, specifically those with the built-in Radeon graphics.

And at the heart of problem is a pointer use-after-free — that happens inside the CPU itself. We normally think of CPU registers as fixed locations on the silicon. But in the case of XMM and YMM registers, there’s actually a shared store of register space, and the individual registers are mapped into that space using a method very reminiscent of pointers.

Continue reading “This Week In Security: Zenbleed, Web Integrity, And More!”

How To Survive A Wet Bulb Event

July 27, 2023 by 267 Comments

Territories across the northern hemisphere are suffering through record-breaking heatwaves this summer. Climate scientists are publishing graphs with red lines jagging dangerously upwards as unprecedented numbers pour in. Residents of the southern hemisphere watch on, wondering what the coming hot season will bring.

2023 is hinting at a very real climate change that we can’t ignore. As the mercury rises to new heights, it’s time to educate yourself on the very real dangers of a wet bulb event. Scientists predict that these deadly weather conditions could soon strike in the hottest parts of the world. What you learn here could end up saving your life one day.

Hot Bodies

The body has methods of maintaining a set temperature. Credit: Wikimedia Commons, CNX OpenStax, CC BY-SA 4.0

To understand the danger of a wet bulb event, we must first understand how our bodies work. The human body likes to maintain its  temperature at approximately 37 °C (98.6 °F). That temperature can drift slightly, and the body itself will sometimes move its temperature setpoint higher to tackle infection, for example. The body is a delicate thing, however, and a body temperature above 40 °C (104 °F) can become life threatening. Seizures, organ failures, and unconsciousness are common symptoms of an overheating human. Death is a near-certainty if the body’s temperature reaches 44 °C (112 °F), though in one rare case, a patient in a coma survived a body temperature of 46.5 °C (115.7 °F).

Thankfully, the body has a host of automated systems for maintaining its temperature at its chosen set point. Blood flow can be controlled across the body, and we instinctively seek to shed clothes in the heat and cover ourselves in the cold. However, the bare naked fact is that one system is most crucial to our body’s ability to cool itself. The perspiration system is vital, as it uses sweat to cool our body via evaporation. Water is a hugely effective coolant in this way, with beads of sweat soaking up huge amounts of heat from our skin as they make the phase change from liquid to vapor.

Continue reading “How To Survive A Wet Bulb Event”

ChatGPT, The Worst Summer Intern Ever

July 26, 2023 by 71 Comments

Back when I used to work in the pharma industry, I had the opportunity to hire summer interns. This was a long time ago, long enough that the fresh-faced college students who applied for the gig are probably now creeping up to retirement age. The idea, as I understood it, was to get someone to help me with my project, which at the time was standing up a distributed data capture system with a large number of nodes all running custom software that I wrote, reporting back to a central server running more of my code. It was more work than I could manage on my own, so management thought they’d take mercy on me and get me some help.

The experience didn’t turn out quite like I expected. The interns were both great kids, very smart, and I learned a lot from them. But two months is a very tight timeframe, and getting them up to speed took up most of that time. Add in the fact that they were expected to do a presentation on their specific project at the end of the summer, and the whole thing ended up being a lot more work for me than if I had just done the whole project myself.

I thought about my brief experience with interns recently with a project I needed a little help on. It’s nothing that hiring anyone would make sense to do, but still, having someone to outsource specific jobs to would be a blessing, especially now that it’s summer and there’s so much else to do. But this is the future, and the expertise and the combined wisdom of the Internet are but a few keystrokes away, right? Well, maybe, but as you’ll see, even the power of large language models has its limit, and trying to loop ChatGPT in as a low-effort summer intern leaves a lot to be desired.

Continue reading “ChatGPT, The Worst Summer Intern Ever”

Serious Vulnerability In European Trunked Radio System

July 26, 2023 by 40 Comments

Trunked radio systems can be difficult to wrap one’s mind around, and that’s partially by design. They’re typically used by organizations like police, firefighters, and EMS to share a limited radio frequency band with a much larger number of users than would otherwise be able to operate. From a security standpoint, it also limits the effectiveness of scanners who might not know the control methods the trunked systems are using. But now a global standard for encrypted trunked radio systems, known as TETRA, has recently been found to have major security vulnerabilities, which could result in a lot more headache than disrupted voice communications.

One of the vulnerabilities in this radio system was a known backdoor, which seems to have been protected largely via a “security through obscurity” method. Since the system has been around for about 25 years now, it was only a matter of time before this became public knowledge. The backdoor could allow non-authorized users to snoop on encrypted radio traffic. A second serious vulnerability, unrelated to this backdoor, would further allow listening to encrypted voice traffic. There are a few other minor vulnerabilities recently uncovered by the same security researchers who found these two major ones, and the current recommendation is for anyone using a TETRA system to take a look to see if they are impacted by any of these issues.

Part of the reason this issue is so concerning is that these systems aren’t just used for encrypted voice among first responders. They also are used for critical infrastructure like power grids, rail networks, and other systems controlled by SCADA. This article from Wired goes into much more detail about this vulnerability as well, and we all know that most of our infrastructure already needs significant help when it comes to vulnerabilities to all kinds of failure modes.

Thanks to [cfacer] and [ToniSoft] who sent these tips!

Photo via Wikimedia Commons.

Hackaday Podcast 228: Bats, Eggs, Lasers, Duck Tape, And Assembly Language

July 21, 2023 by 1 Comment

Summer’s in full swing, and this week both Elliot and Dan had to sweat things out to get the podcast recorded. But the hacks were cool — see what I did there? — and provided much-needed relief. Join us as we listen in on the world of bats, look at a laser fit for a hackerspace, and learn how to make an array of magnets greater than — or less than — the sum of its parts. There’ll be flying eggs, keyboards connected to cell phones, and everything good about 80s and 90s cable TV, as well as some of the bad stuff. And you won’t want to miss Elliot putting Dan to shame with the super-size Quick Hacks, either, nor should you skip the Can’t Miss sweep with a pair of great articles by Al Williams.

Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Download a long series of ones and zeroes that, when appropriately interpreted, sound like two people talking about nerdy stuff!

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 228: Bats, Eggs, Lasers, Duck Tape, And Assembly Language”

This Week In Security: Dating App, WooCommerce, And OpenSSH

July 21, 2023 by 4 Comments

Up first this week is a report from vpnMentor, covering the unsecured database backing a set of dating apps, including 419 Dating. The report is a bit light on the technical details, like what sort of database this was, or how exactly it was accessed. But the result is 2.3 million exposed records, containing email address, photos — sometimes explicit, and more. Apparently also exposed were server backups and logs.

The good news here is that once [Jeremiah Fowler] discovered the database door unlocked and hanging open, he made a disclosure, and the database was secured. We can only hope that it wasn’t discovered by any bad actors in the meantime. The app has now disappeared from the Google Play store, and had just a bit of a sketchy air about it.

WooCommerce Under Siege

Back in March, CVE-2023-28121 was fixed in the WooCommerce plugin for WordPress. The issue here is an authentication bypass that allows an unauthenticated user to commandeer other user accounts.

Within a few months, working exploits had been derived from the details of the patch plugging the hole. It wasn’t hard. A function for determining the current user was explicitly trusting the contents of the X-WCPAY-PLATFORM-CHECKOUT-USER request header. Set that value in a request sent to the server, and ding, you’re administrator.

And now the cows are coming home to roost. Active exploitation started in earnest on July 14, and the folks at Wordfence clocked a staggering 1.3 million exploitation attempts on the 16th. What’s particularly interesting is that the Wordfence data gathering system saw a huge increase in requests for the readme.txt file that indicates the presence of the WooCommerce plugin on a WordPress site. These requests were observed before the attacks got started, making for an interesting early warning system. Continue reading “This Week In Security: Dating App, WooCommerce, And OpenSSH”