security

460 Articles

Side-Channel Attacks Hack Chat With Samy Kamkar

March 23, 2020 by 3 Comments

Join us on Wednesday, March 25 at noon Pacific for the Side-Channel Attacks Hack Chat with Samy Kamkar!

In the world of computer security, the good news is that a lot of vendors are finally taking security seriously now, with the result that direct attacks are harder to pull off. The bad news is that in a lot of cases, they’re still leaving the side-door wide open. Side-channel attacks come in all sorts of flavors, but they all have something in common: they leak information about the state of a system through an unexpected vector. From monitoring the sounds that the keyboard makes as you type to watching the minute vibrations of a potato chip bag in response to a nearby conversation, side-channel attacks take advantage of these leaks to exfiltrate information.

Side-channel exploits can be the bread and butter of black hat hackers, but understanding them can be useful to those of us who are more interested in protecting systems, or perhaps to inform our reverse engineering efforts. Samy Kamkar knows quite a bit more than a thing or two about side-channel attacks, so much so that he gave a great talk at the 2019 Hackaday Superconference on just that topic. He’ll be dropping by the Hack Chat to “extend and enhance” that talk, and to answer your questions about side-channel exploits, and discuss the reverse engineering potential they offer. Join us and learn more about this fascinating world, where the complexity of systems leads to unintended consequences that could come back to bite you, or perhaps even help you.

join-hack-chatOur Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, March 25 at 12:00 PM Pacific time. If time zones have got you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.

Continue reading “Side-Channel Attacks Hack Chat With Samy Kamkar”

Thousands Of Internet-Connected Satellites Above Us, What Could Possibly Go Wrong!

March 19, 2020 by 55 Comments

Our skies are full of satellites, more full than they have been, that is, because SpaceX’s Starlink and a bevvy of other soon-to-launch operators plan to fill them with thousands of small low-earth-orbit craft to blanket the Earth with satellite Internet coverage. Astronomers are horrified at such an assault on their clear skies, space-watchers are fascinated by the latest developments, and in some quarters they’re causing a bit of concern about the security risk they might present. With a lot of regrettable overuse use of the word “hacker”, the concern is that such a large number of craft in the heavens might present an irresistible target for bad actors, who would proceed to steer them into each other can cause chaos.

Invest in undersea cables, folks, the Kessler Syndrome is upon us, we’re doomed!

Continue reading “Thousands Of Internet-Connected Satellites Above Us, What Could Possibly Go Wrong!”

Fear Of Potato Chips: Samy Kamkar’s Side-Channel Attack Roundup

March 9, 2020 by 13 Comments

What do potato chips and lost car keys have in common? On the surface, it would seem not much, unless you somehow managed to lose your keys in a bag of chips, which would be embarrassing enough that you’d likely never speak of it. But there is a surprising link between the two, and Samy Kamkar makes the association in his newly published 2019 Superconference talk, which he called “FPGA Glitching and Side-Channel Attacks.

Continue reading “Fear Of Potato Chips: Samy Kamkar’s Side-Channel Attack Roundup”

Wearable Cone Of Silence Protects You From Prying Ears

February 17, 2020 by 36 Comments

Careful,  the walls have ears. Or more specifically, the smart speaker on the table has ears, as does the phone in your pocket, the fitness band on your wrist, possibly the TV, the fridge, the toaster, and maybe even the toilet. Oh, and your car is listening to you too. Probably.

How does one fight this profusion of listening devices? Perhaps this wearable smart device audio jammer will do the trick. The idea is that the MEMS microphones that surround us are all vulnerable to jamming by ultrasonic waves, due to the fact that they have a non-linear response to ultrasonic signals. The upshot of that is when a MEMS hears ultrasound, it creates a broadband signal in the audible part of the spectrum. That creates a staticky noise that effectively drowns out any other sounds the microphone might be picking up.

By why a wearable? Granted, [Yuxin Chin] and colleagues from the University of Chicago have perhaps stretched the definition of that term a tad with their prototype, but it turns out that moving the jammer around does a better job of blocking sounds than a static jammer does. The bracelet jammer is studded with ultrasonic transducers that emit overlapping fields and result in zones of constructive and destructive interference; the wearer’s movements vary the location of the dead spots that result, improving jamming efficacy. Their paper (PDF link) goes into deeper detail, and a GitHub repository has everything you need to roll your own.

We saw something a bit like this before, but that build used white noise for masking, and was affixed to the smart speaker. We’re intrigued by a wearable, especially since they’ve shown it to be effective under clothing. And the effect of ultrasound on MEMS microphones is really interesting.

Continue reading “Wearable Cone Of Silence Protects You From Prying Ears”

USB Password Keeper Runs On Tiny Chip

February 8, 2020 by 37 Comments

The most important rule of password use, especially when used for online logins, is to avoid reusing passwords. From there, one’s method of keeping track of multiple passwords can vary considerably. While memorization is an option in theory, in practice a lot of people make use of a password manager like Lastpass or KeePass. For those with increased security concerns, though, you may want to implement a USB password keeper like this one based on an ATtiny.

This password keeper, called “snopf”, is a USB device with an ATtiny85 which adds a layer of separation to password keeping that increases security substantially. Passwords are created by the USB device itself using a 128-bit key to generate the passwords, which are physically detached from the computer. Password requests are made by the computer to the USB device, but the user must push a button on the snopf in order to send the password to the computer. It does this by emulating a keyboard, keeping the password information off of the computer’s clipboard.

Of course, snopf isn’t perfectly secure, and the project’s creator [Hajo] goes into detail on the project’s page about some of the potential vulnerabilities. For most use cases, though, none of these are of serious concern. Upgrading your password keeper to a physical device is likely to be a huge security improvement regardless, and one was actually developed on Hackaday a few years ago.

Hackaday Links Column Banner

Hackaday Links: February 2, 2020

February 2, 2020 by 17 Comments

Is it just me or did January seem to last for about three months this year? A lot has happened since the turn of the decade 31 days ago, both in the normie world and in our space. But one of the biggest pieces of news in the hacker community is something that won’t even happen for four more months: Hackaday Belgrade. The annual conference in Hackaday’s home-away-from-home in Serbia was announced, and as usual, one had to be a very early bird to score discount tickets. Regular tickets are still on sale, but I suspect that won’t last long. The call for proposals for talks went out earlier in the month, and you should really consider standing up and telling the world what you know. Or tell them what you don’t know and want to find out – there’s no better way to make connections in this community, and no better place to do it.

Someone dropped a tip this week about the possible closing of Tanner Electronics, the venerable surplus dealer located in Carrollton, Texas, outside of Dallas and right around the corner from Dallas Makerspace. The report from someone visiting the store is that the owner has to either move the store or close it down. I spoke to someone at the store who didn’t identify herself, but she confirmed that they need to either downsize or close. She said they’re actively working with a realtor and are optimistic that they’ll find a space that fits their needs, but the clock is ticking – they only have until May to make the change. We covered Tanner’s in a 2015 article on “The Death of Surplus”. It would be sad to lose yet another surplus store; as much as we appreciate being able to buy anything and everything online, nothing beats the serendipity that can strike walking up and down aisles filled with old stuff. We wish them the best of luck.

Are you finding that the smartphone in your pocket is more soul-crushing than empowering? You’re not alone, and more and more people are trying a “digital detox” to free themselves from the constant stimulation. And there’s no better way to go about this than by turning your smartphone into a not-so-smart phone. Envelope, a  paper cocoon for your phone, completely masks the screen, replacing it with a simple printed keypad. A companion app allows you to take and make phone calls or use the camera, plus provides a rudimentary clock, but that’s it. The app keeps track of how long you can go before unwrapping your phone and starting those sweet, sweet dopamine hits again. It reminds us a bit of the story we also saw this week about phone separation anxiety in school kids, and the steps schools are taking to mitigate that problem.

We saw a lot of articles this week on a LoRaWAN security vulnerability. The popular IoT network protocol has been billed as “secure by default”, but a white paper released by cybersecurity firm IOActive found a host of potential attack vectors. Their main beef seems to be that client devices which are physically accessible can be reverse engineered to reveal their encryption keys. They also point out the obvious step of taking the QR code off of client devices so an attacker can’t generate session keys for the device.

And finally, the mummy speaks! If you ever wondered what the voice of someone who lived 3,000 years ago sounded like, wonder no more. Using computed tomography (CT) data, scientists in the UK and Germany have recreated the vocal tract of Nesyamun, an Egyptian scribe and priest from the time of pharaoh Rameses XI. He died in his mid-50s, and his mummified remains have been studied since the 1800s. CT data was used to 3D-print Nesyamun’s larynx and nasopharynx, which was then placed atop a “Vocal Tract Organ”, possibly the strangest musical instrument in existence. The resulting vowel-like utterance is brief, to say the least, but it’s clear and strong, and it’s pretty impressive that we can recreate the voice of someone who lived and died three millennia ago.

 

Factory Laptop With IME Disabled

January 28, 2020 by 36 Comments

Unfortunately not all consumers place high value on the security of their computers, but one group that tends to focus on security are businesses with a dedicated IT group. When buying computers for users, these groups tend to have higher demands, like making sure the Intel Management Engine (IME) has been disabled. To that end, Reddit user [netsec_burn] has outlined a pretty simple method to where “normal people” can purchase one of these IME-disabled devices for themselves.

For those unfamiliar with the IME, it is a coprocessor on all Intel devices since around 2007 that allows access to the memory, hard drive, and network stack even when the computer is powered down. Intel claims it’s a feature, not a bug, but it’s also a source of secret, unaudited code that’s understandably a desirable target for any malicious user trying to gain access to a computer. The method that [netsec_burn] outlined for getting a computer with the IME disabled from the factory is as simple as buying a specific Dell laptop, intended for enterprise users, and selecting the option to disable the IME.

Of course Dell warns you that you may lose some system functionality if you purchase a computer with the IME disabled, but it seems that this won’t really effect users who aren’t involved in system administration. Also note that this doesn’t remove the management engine from the computer. For that, you’ll need one of only a handful of computers made before Intel made complete removal of the IME impossible. In the meantime, it’s good to see that at least one company has a computer available that allows for it to be disabled from the factory.