Feeds:
投稿
コメント

Archive for the ‘セキュリティ’ Category

SSL_vulnerability_test

レノボ製パソコンにバンドルされて問題になった Superfish などの脆弱性を簡単にチェックできるサイト

Superfish, Komodia, PrivDog vulnerability test | Filippo Valsorda

Turns out Lenovo preloaded their laptops with adware that will intercept all your secure connections, and allow criminals to do it, too.

After investigating the Lenovo incident we found out that many other softwares – like some Parental Controls or security packages – do things even worse for your security. This test attempts to detect them all.

レノボPCの人は今すぐチェックを!一部製品にSuperfishの大穴 | ギズモード・ジャパン

問題の背景から対応策まで詳しい

     *     *     *

追記:Michael Arrington が Superfish の背後にいるベンチャー企業に噛みついた

The Venture Capitalists Behind Superfish | Uncrunched

Other startups that use the same SSL intercept module from Komodia include Lavasoft (a free antivirus provider) (now you know why the antivirus is free).

広告

Read Full Post »

equation-group2

How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last | Ars Technica

“Equation Group” ran the most advanced hacking operation ever uncovered.

U.S. Embedded Spyware Overseas, Report Claims | NYTimes.com

The United States has found a way to permanently embed surveillance and sabotage tools in computers and networks it has targeted in Iran, Russia, Pakistan, China, Afghanistan and other countries closely watched by American intelligence agencies, according to a Russian cybersecurity firm.

In a presentation of its findings at a conference in Mexico on Monday, Kaspersky Lab, the Russian firm, said that the implants had been placed by what it called the “Equation Group,” which appears to be a veiled reference to the National Security Agency and its military counterpart, United States Cyber Command.

Equation Group: The Crown Creator of Cyber-Espionage | Kaspersky Lab

Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks | WIRED

世界で最も高度かつプロのサイバー攻撃集団The Equation Group–その正体は | ZDNet Japan

Read Full Post »

c86054dd-4529-471c-a1e1-69ff0280fbe1-1422647730446

U.S. Tech Companies Press Case Against Restrictive Chinese Rules | WSJ

The proposed restrictions are the latest sign of the continuing repercussions from information about U.S. government intelligence-gathering tactics leaked by Edward Snowden, a former contractor for the National Security Agency. Among other things, Mr. Snowden alleged U.S. authorities hacked millions of Chinese phone messages.

China has issued restrictions that so far affect the country’s banking sector, but officials there have said they are under review and may be extended to telecommunication and other sectors, according to the letter.

米ハイテク企業、中国のソースコード開示要求に対抗 | WSJ

中国ネット監視新規定「米中自由貿易協定違反」と米政財界で批判強まる | 大紀元

新規定は、中国国内の銀行にコンピューターなどの情報技術製品を納入する、すべての中国と外国企業を対象にしている。ソースコードなど企業の知的財産権にあたる極秘重要情報を中国当局に公開すること、中国の暗号化方式を用いること、当局による企業情報監視のためのバックドアの設置などを義務付けている。

China’s New Rules Ask Tech Firms to Hand Over Source Code | IEEE Spectrum

New Rules in China Upset Western Tech Companies | NYTimes.com

The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China.

Some of America’s largest tech companies could be hurt by the rules, including Apple, which is making a big push into the country. Apple has used new encryption methods in the iPhone 6 that are based on a complicated mathematical algorithm tied to a code unique to each phone. Apple says it has no access to the codes, but under the proposed antiterrorism law, it would be required to provide a key so that the Chinese government could decrypt data stored on iPhones.

Read Full Post »

gamma-group-header.0

[Wikileaks が明らかにした FinFisher:The Verge

もの凄いことになっているスパイウェアの世界・・・

A Spy in the Machine | The Verge

One day in 2011, Moosa opened the Facebook Messenger app on his iPhone. What he saw was chilling: someone else typing under his name to an activist friend of his in Bahrain…

Facebook was only the beginning. Unbeknownst to him, Moosa’s phone and computer had been infected with a highly sophisticated piece of spyware, built and sold in secret.

It was a sign of a more sophisticated author at work. The implant used a technique called process-hollowing — injecting its own code into a program that’s still running in order to use the legitimate program as cover. […] “I thought, Finspy, that rings some bells,” Marquis-Boire recalls. “Holy shit, I think this is FinFisher!”

FinFisher had become a kind of bogeyman in the security community since brochures advertising the software’s capabilities popped up in a Wikileaks drop in December of 2011. FinFisher could purportedly empower its owner with the kinds of advanced intrusion techniques usually reserved for the NSA. “There was a certain amount of interest just because no one had seen it,” Marquis-Boire says. “All we had were these leaked documents.”

FinFisher was created and sold by Gamma International, an international surveillance company with offices in London and Frankfurt. The Gamma brochures promised remote monitoring and keylogging — they even said they could listen in on a target’s Skype calls in real time.

But now Marquis-Boire had caught a FinFisher sample in the wild, and thanks to the leaked brochures, he had a roadmap of everything the implant could do.

Marquis-Boire enlisted the aid of Claudio Guarnieri, a researcher at security firm Rapid7, to further explore the software. The two uncovered a mobile version of the implant, which came in different versions for iOS, Android, and even Symbian, like a hot startup trying to cover as much of the market as possible. […] Once the implant was installed, your phone effectively became an enemy agent. “I’d be working at my computer and start squinting at my phone, thinking, maybe I should turn that off,” Marquis-Boire says. “It produced this weird dissonance between me and this device that I carry around all the time.”

Instead of a few outposts, they found an army. FinFisher’s agents were everywhere: Japan, Germany, India, Serbia, Mongolia — there were even servers in the US. It was an atlas of personal invasions. All told, 25 countries hosted a server of some kind, each hired out to a different regime and pointing the x-ray at a different enemy of the state.

Marquis-Boire published the work in a series of three landmark papers from July 2012 to March of 2013, each titled with a cheeky Bond pun like 
”The Smartphone Who Loved Me” or “You Only Click Twice.” The papers laid out everything he knew about FinFisher’s network, revealing a global surveillance network that was being hired out to some of the world’s most repressive governments. Targeted exploits weren’t just for the NSA anymore. They were available to anyone who could pay for them.

Once the papers were published, FinFisher went back underground. The coders behind the program began to change its routines and filenames enough to let it slip by unnoticed.

Their primary concern stems not from what effect FinFisher could have on their activism, but from the specter of having their personal lives invaded — the same fundamental privacy concern behind much of the NSA surveillance controversies in the US.

“They actually have a system that the government buys, and they get the whole package,” Marczak says. “It’s not just the code itself, it’s the administration, the analysis, the support — the whole framework is provided.”

That turns the same surveillance conducted by the NSA or GCHQ into a market product, available to the highest bidder with no questions asked. “The value proposition is essentially: ‘Activists in your country are giving you trouble? Well here’s a product that will allow you to turn their cellphone or computer into basically a wiretap, a surveillance tool, and you can spy on everything they do,’” Marczak says. “And I think governments are very attracted to that.”

Wikileaks releases FinFisher files to highlight government malware abuse | The Guardian

FinSpy Surveillance Tool Takes Over Computers Video – Bloomberg | YouTube

国民監視用マルウェア詰め合わせキット「FinFisher/FinSpy」の内部文書やソースコード40GB分がリークされて誰でもダウンロード可能に | GIGAZINE

伊東 寛 × 櫻井よしこ「国益を守るため情報を取るのは世界の常識だ。日本はかなり劣っている」:世界の情報監視プログラムから考える日本の情報・諜報活動 | 言論テレビ

Read Full Post »

mail-preferences-remote-content

Disable Remote Content to Fight Spam and Guard Your Privacy | TekRevue

If you even open a spammer’s email that contains images, the spammer instantly knows that your email address is valid and that you saw the spam email. Even worse, the spammer will also be able to learn important information about you, such as your IP address, which for most users reveals their general geographic location.

Launch Mail in OS X and go to Mail > Preferences > Viewing. Find the box labeled Load remote content in messages and uncheck it. This stops Mail from automatically loading images and other remote content when you first open an email message.

Read Full Post »

17bits-snapchat-master315

Erasable Internet の必要性について

The Lesson of the Sony Hack: We Should All Jump to the ‘Erasable Internet’ | NYTimes.com

“Everyone is so excited about the cloud, but the cloud is really a drunken Xerox machine making copies of pretty much everything that everyone has said anywhere and spewing it all over the place,” said Howard Lerman, the co-creator of Confide, a messaging app that works like the corporate version of Snapchat.

Read Full Post »

ximg_548b523f18abb.png.pagespeed.ic.FSqn8GP1-t

Your Mac’s Firewall is Off By Default: Do You Need to Enable It? | How-To Geek

A standard Mac OS X system doesn’t have such potentially vulnerable services listening by default, so it doesn’t need a tacked-on firewall to help protect such vulnerable services from being attacked.

This is actually the same reason why Ubuntu Linux doesn’t ship with its firewall on by default — another thing that was controversial at the time. Ubuntu took the approach of simply not having potentially vulnerable services listening by default, so an Ubuntu system is secure without a firewall. Mac OS X works in the same way.

Read Full Post »

Older Posts »