News

3617 Articles

This Week In Security: Iran’s ITG18, ProcMon For Linux, And Garbage Collection Fail

July 24, 2020 by 4 Comments

Even top-tier security professionals make catastrophic mistakes, and this time it was the operators at Iran’s ITG18. We’re once again talking about the strange shadowy world of state sponsored hacking. This story comes from the IBM X-Force Incident Response Intelligence Services (IRIS). I suspect a Deadpool fan must work at IBM, but that’s beside the point.

A server suspected to be used by ITG18 was incorrectly configured, and when data and training videos were stored there, that data was publicly accessible. Among the captured data was records of compromised accounts belonging to US and Greek military personnel.

The training videos also contained a few interesting tidbits. If a targeted account used two factor authentication, the attacker was to make a note and give up on gaining access to that account. If a Google account was breached, the practice was to start with Google Takeout, the service from Google that allows downloading all the data Google has collected related to that account. Yoiks. Continue reading “This Week In Security: Iran’s ITG18, ProcMon For Linux, And Garbage Collection Fail”

CBS Announces Functional Tricorder Replica For 2021

July 22, 2020 by 61 Comments

It’s taken 54 years, but soon, you’ll finally be able to buy a fully-functional version of the tricorder from Star Trek. Announced on the official website for the legendary sci-fi franchise, the replica will be built by The Wand Company, who’ve previously produced a number of high-quality official Star Trek props as well as replicas for Doctor Who and the Fallout game series.

Admittedly, we’re not sure what a “fully-functional tricorder” actually is, mainly because the various on-screen functions of the device were largely driven by whatever bind Kirk and Spock managed to find themselves in that week. But the announcement mentions the ability to scan radio frequencies, pull in dynamic data from environmental sensors, and record audio. The teaser video after the break doesn’t give us any more concrete information than the announcement, but it does seem to confirm that we’ll be viewing said data on the device’s iconic flip-up display.

Now as the regular Hackaday reader knows, fans have been building extremely impressive “functional” tricorders for some time now. Unlike the sleek 24th century versions seen in Star Trek: The Next Generation, the original tricorder prop was rather clunky and offers plenty of internal volume for modern goodies. Cramming a Raspberry Pi, LCD, and a bunch of sensors into an inert replica is a relatively approachable project. So it will be interesting to see how the official version stacks up to what’s already been done by intrepid hackers and makers.

The official tricorder won’t be available until summer of 2021, but you can sign up to be notified when it’s your turn to beam one up. While the $250 USD sticker price might keep the more casual Trekkers at bay, it’s actually a bit cheaper than we would have assumed given the amount of time and money we’ve seen fans put into their own builds.

Continue reading “CBS Announces Functional Tricorder Replica For 2021”

Pine Made Phones, Laptops, And Now… Soldering Irons?

July 22, 2020 by 37 Comments

The TS100 smart soldering iron may have some new competition. Pine — the people best known for Linux-based phones and laptops — though the world needed another smart soldering iron so they announced the Pinecil — Sort of a knock off of the TS100. It looks like a TS100 and uses the same tips. But it does have some important differences.

It used to be a soldering iron was a pretty simple affair. Plug in one end; don’t touch the other end. But, eventually, things got more complicated and you wanted some way to make it hotter or cooler. Then you wanted the exact temperature with a PID controller. However, until recently, you didn’t care how much processing power your soldering iron had. The TS100 changed that. The smart and portable iron was a game-changer and people not only used it for soldering, but also wrote software to make it do other things. One difference is that the device has a RISC-V CPU. Reportedly, it also has better ergonomics and a USB C connector that allows for UART, I2C, SPI, and USB connections. It also has a very friendly price tag of $24.99.

Continue reading “Pine Made Phones, Laptops, And Now… Soldering Irons?”

BadPower Vulnerability In Fast Chargers Might Make Phones Halt And Catch Fire

July 22, 2020 by 21 Comments

A few days ago, Chinese researchers from technology giant Tencent released a paper outlining a firmware vulnerability in several types of fast charger power bricks (translated). The attack is known as BadPower, and it works by altering the default parameters in the firmware of fast chargers to deliver more power to devices than they can handle, which can cause them to overheat, melt, or catch fire.

The ancient and basic USB charging spec provides 0.5 A at 5 V, which is equal to 2.5 W. In theory, that’s all you’ll ever get from those types of chargers. But the newer generation of chargers are different. When you plug your phone into a fast charger, it negotiates a voltage and charging speed with your phone before passing it any power.

Fast chargers can push power at 20 V or more to speed up the charging process, depending on the charger and connected device. If the phone doesn’t do fast charging, it will default to the 5 V standard. Researchers claim the BadPower attack is capable of harming devices whether or not they include a fast charging feature. When a capable device is connected, the charger will still negotiate for 5V, but instead give 20V and wreak havoc.

In the demo after the break, one of the team uses a malicious device disguised as a phone to push the BadPower firmware change to a fast charger that’s hooked up to a voltmeter. Before the attack, the charger gives 5V. After the attack, it gives 5V for a few seconds before jumping up near 20V. Then they connect the now-dirty charger to two identical illuminated magnifying glasses. In one the chip lets the smoke monster out rather violently, and the chips of the other emit sparks.

The researchers tested 35 of the 200+ fast charging bricks currently on the market and found that 18 of them were vulnerable to BadPower, including 11 that can be exploited through the charging port itself. They believe the issue is fixable with a firmware update.

What is not available is enough information to verify this research, or a list of brands/models that are vulnerable. Researchers say the findings were submitted to the China National Vulnerability Database (CNVD) on March 27th, so the absence of this information may be a product of manufacturers needing more time to patch the vulnerability.

What do you think? We say halfway decent chargers shouldn’t be open to firmware attacks from the devices they are charging. And any halfway decent phone should have built-in electrical protection, right?

Continue reading “BadPower Vulnerability In Fast Chargers Might Make Phones Halt And Catch Fire”

Apollo Missions Get Upgraded Video

July 21, 2020 by 31 Comments

July 20th marked the anniversary of the first human setting foot on the moon. If you were alive back then, you probably remember being glued to the TV watching the high-tech images of Armstrong taking that first step. But if you go back and watch the video today, it doesn’t look the way you remember it. We’ve been spoiled by high-density video with incredible frame rates. [Dutchsteammachine] has taken a great deal of old NASA footage and used their tools to update them to higher frame rates that look a lot better, as you can see below.

The original film from the moon landing ran between 12 frames per second and as low as 1 frame per second. The new video is interpolated to 24 frames per second. Some of the later Apollo mission film is jacked up to 60 frames per second. The results are great.

Continue reading “Apollo Missions Get Upgraded Video”

The Real Story: How Samsung Blu Ray Players Were Bricked

July 19, 2020 by 84 Comments

In June, many owners of Samsung Blu Ray players found that their devices were no longer usable. Stuck in a boot loop, speculation was rife as to the cause of the issue. Now it seems that the issue has become clear – a badly formatted XML file may be responsible for the problems (via The Register).

The problem stems from the logging system that stores user data and passes it back to Samsung over the Internet. Which data is logged and sent back is managed by an XML file which contains the policy settings that control this behaviour. According to a source known only as “Gary” “Gray”, the XML file posted on Samsung’s servers on June 18 featured a malformed list element. This caused a crash in the player’s main software routine, leading the player to reboot.

The failure was exacerbated by the fact that the XML file is parsed very early in the boot sequence, even before checking for firmware updates or a new XML file. This has prevented Samsung from rolling out an update or fix over the air, and is why the player gets stuck in a loop of continuous reboots.

Reportedly, the file can be found at this URL, though is now an updated version that shouldn’t brick players. Samsung have had to resort to a mail-in repair scheme, wherein technicians with service tools can manually remove the offending XML file from the player’s storage, allowing it to boot cleanly once again. While this shows our initial assumptions were off the mark, we’re glad to see a solution to the problem, albeit one that requires a lot of messing around.

[Thanks to broeckelmaier for the tip!]

This Week In Security: Twitter, Windows DNS, SAP RECON

July 17, 2020 by 8 Comments

Twitter just had their biggest security breach in years. Mike warned us about it on Wednesday, but it’s worth revisiting a few of the details. The story is still developing, but it appears that malicious actors used social engineering to access an internal Twitter dashboard. This dashboard, among other interesting things, allows directly changing the email address associated with an account. Once the address is changed to the attacker’s, it’s simple to do a password reset and gain access.

The bitcoin address used in the crypto scam ended up receiving nearly $120,000 USD worth of bitcoin, all of which has been shuffled off into different accounts. It’s an old and simple scam, but was apparently rather believable because the messages were posted by verified Twitter accounts.

Screenshot from Motherboard

A series of screenshots have been posted, claiming to be the internal Twitter dashboard used in the attack. More than a few eyebrows have been raised, as a result of that dashboard. First off, the fact that Twitter employees can directly change an account’s email address is asking for trouble. Even more interesting are the tags that can be added to an account. “Trends Blacklist” and “Search Blacklist” do call to mind the rumors of shadow-banning, but at this point it’s impossible to know the details. Motherboard is reporting that Twitter is removing that screenshot across the board when it’s posted, and even suspending accounts that post it. Of course, they’d do that if it were faked as well, so who knows? Continue reading “This Week In Security: Twitter, Windows DNS, SAP RECON”