Posts Tagged ‘Security’


レノボ製パソコンにバンドルされて問題になった Superfish などの脆弱性を簡単にチェックできるサイト

Superfish, Komodia, PrivDog vulnerability test | Filippo Valsorda

Turns out Lenovo preloaded their laptops with adware that will intercept all your secure connections, and allow criminals to do it, too.

After investigating the Lenovo incident we found out that many other softwares – like some Parental Controls or security packages – do things even worse for your security. This test attempts to detect them all.

レノボPCの人は今すぐチェックを!一部製品にSuperfishの大穴 | ギズモード・ジャパン


     *     *     *

追記:Michael Arrington が Superfish の背後にいるベンチャー企業に噛みついた

The Venture Capitalists Behind Superfish | Uncrunched

Other startups that use the same SSL intercept module from Komodia include Lavasoft (a free antivirus provider) (now you know why the antivirus is free).

Read Full Post »


U.S. Tech Companies Press Case Against Restrictive Chinese Rules | WSJ

The proposed restrictions are the latest sign of the continuing repercussions from information about U.S. government intelligence-gathering tactics leaked by Edward Snowden, a former contractor for the National Security Agency. Among other things, Mr. Snowden alleged U.S. authorities hacked millions of Chinese phone messages.

China has issued restrictions that so far affect the country’s banking sector, but officials there have said they are under review and may be extended to telecommunication and other sectors, according to the letter.

米ハイテク企業、中国のソースコード開示要求に対抗 | WSJ

中国ネット監視新規定「米中自由貿易協定違反」と米政財界で批判強まる | 大紀元


China’s New Rules Ask Tech Firms to Hand Over Source Code | IEEE Spectrum

New Rules in China Upset Western Tech Companies | NYTimes.com

The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China.

Some of America’s largest tech companies could be hurt by the rules, including Apple, which is making a big push into the country. Apple has used new encryption methods in the iPhone 6 that are based on a complicated mathematical algorithm tied to a code unique to each phone. Apple says it has no access to the codes, but under the proposed antiterrorism law, it would be required to provide a key so that the Chinese government could decrypt data stored on iPhones.

Read Full Post »


[Wikileaks が明らかにした FinFisher:The Verge


A Spy in the Machine | The Verge

One day in 2011, Moosa opened the Facebook Messenger app on his iPhone. What he saw was chilling: someone else typing under his name to an activist friend of his in Bahrain…

Facebook was only the beginning. Unbeknownst to him, Moosa’s phone and computer had been infected with a highly sophisticated piece of spyware, built and sold in secret.

It was a sign of a more sophisticated author at work. The implant used a technique called process-hollowing — injecting its own code into a program that’s still running in order to use the legitimate program as cover. […] “I thought, Finspy, that rings some bells,” Marquis-Boire recalls. “Holy shit, I think this is FinFisher!”

FinFisher had become a kind of bogeyman in the security community since brochures advertising the software’s capabilities popped up in a Wikileaks drop in December of 2011. FinFisher could purportedly empower its owner with the kinds of advanced intrusion techniques usually reserved for the NSA. “There was a certain amount of interest just because no one had seen it,” Marquis-Boire says. “All we had were these leaked documents.”

FinFisher was created and sold by Gamma International, an international surveillance company with offices in London and Frankfurt. The Gamma brochures promised remote monitoring and keylogging — they even said they could listen in on a target’s Skype calls in real time.

But now Marquis-Boire had caught a FinFisher sample in the wild, and thanks to the leaked brochures, he had a roadmap of everything the implant could do.

Marquis-Boire enlisted the aid of Claudio Guarnieri, a researcher at security firm Rapid7, to further explore the software. The two uncovered a mobile version of the implant, which came in different versions for iOS, Android, and even Symbian, like a hot startup trying to cover as much of the market as possible. […] Once the implant was installed, your phone effectively became an enemy agent. “I’d be working at my computer and start squinting at my phone, thinking, maybe I should turn that off,” Marquis-Boire says. “It produced this weird dissonance between me and this device that I carry around all the time.”

Instead of a few outposts, they found an army. FinFisher’s agents were everywhere: Japan, Germany, India, Serbia, Mongolia — there were even servers in the US. It was an atlas of personal invasions. All told, 25 countries hosted a server of some kind, each hired out to a different regime and pointing the x-ray at a different enemy of the state.

Marquis-Boire published the work in a series of three landmark papers from July 2012 to March of 2013, each titled with a cheeky Bond pun like 
”The Smartphone Who Loved Me” or “You Only Click Twice.” The papers laid out everything he knew about FinFisher’s network, revealing a global surveillance network that was being hired out to some of the world’s most repressive governments. Targeted exploits weren’t just for the NSA anymore. They were available to anyone who could pay for them.

Once the papers were published, FinFisher went back underground. The coders behind the program began to change its routines and filenames enough to let it slip by unnoticed.

Their primary concern stems not from what effect FinFisher could have on their activism, but from the specter of having their personal lives invaded — the same fundamental privacy concern behind much of the NSA surveillance controversies in the US.

“They actually have a system that the government buys, and they get the whole package,” Marczak says. “It’s not just the code itself, it’s the administration, the analysis, the support — the whole framework is provided.”

That turns the same surveillance conducted by the NSA or GCHQ into a market product, available to the highest bidder with no questions asked. “The value proposition is essentially: ‘Activists in your country are giving you trouble? Well here’s a product that will allow you to turn their cellphone or computer into basically a wiretap, a surveillance tool, and you can spy on everything they do,’” Marczak says. “And I think governments are very attracted to that.”

Wikileaks releases FinFisher files to highlight government malware abuse | The Guardian

FinSpy Surveillance Tool Takes Over Computers Video – Bloomberg | YouTube

国民監視用マルウェア詰め合わせキット「FinFisher/FinSpy」の内部文書やソースコード40GB分がリークされて誰でもダウンロード可能に | GIGAZINE

伊東 寛 × 櫻井よしこ「国益を守るため情報を取るのは世界の常識だ。日本はかなり劣っている」:世界の情報監視プログラムから考える日本の情報・諜報活動 | 言論テレビ

Read Full Post »


[元 NSA 局員 Edward Snowden:The Independent



米アップルが中国のネットセキュリティ評価受け入れ―中国メディア | Yahoo!ニュース
米アップル、中国のネット製品審査を受け入れると約束か | 大紀元
Report: Apple agrees to Chinese security audits of its products | PCWorld
苹果表态愿意接受中方网络安全审查 | 新京报网

     *     *     *




     *     *     *

「ネットセキュリティ評価」(security audits、安全审查)というのが何を意味するのかよく分からないが、少し前に読んだある記事のことを思い出した。

NSA[米国家安全保障局]による個人情報収集の手口を告発した元局員 Edward Snowden[エドワード・スノーデン]に関するものだ。

ロシアに滞在中の Snowden が iPhone について次のように語ったという。彼の弁護士 Anatoly Kucherena が Sputnik に明らかにしたものだ。

Snowden Refuses to Use iPhone for Security Reasons | Sputnik International

     *     *     *

iPhone には特別なソフト

「Edward Snowden は決して iPhone を使わなかった。持っていたのは簡単な電話だった・・・。 iPhone には特別なソフトがあって、持ち主が起動してボタンを押さなくても、(遠隔から)持ち主に関する情報を収集できる。だからセキュリティ上の理由で彼は iPhone を使わなかったのだ」と Anatoly Kucherena は RIA Novosti に語った。

“Edward never uses an IPhone, he’s got a simple phone… The iPhone has special software that can activate itself without the owner, having to press a button and gather information about him, that’s why on security grounds he refused to have this phone,” Anatoly Kucherena told RIA Novosti.

     *     *     *

司法機関といえども iPhone から個人情報を抽出するのは困難だと信じてきたので、そんな遠隔監視ソフトが iPhone にあるなんてまったくの初耳だった。


そういえば、Snowden が携帯電話のことを非常に警戒した話はよく知られている。


Hasty Exit Started With Pizza Inside a Hong Kong Hideout | NYTimes.com

     *     *     *


まるでスパイ小説のようだった。Snowden 氏は野球帽をかぶり、サングラスをかけていた。そして集まった弁護士たちに香港の隠れ家の冷蔵庫に携帯電話を入れるようしつこく迫った。いかなる盗聴といえども防ぐためだ。そして2時間の話し合いが始まった・・・

It was a cloak-and-dagger affair. Mr. Snowden wore a cap and sunglasses and insisted that the assembled lawyers hide their cellphones in the refrigerator of the home where he was staying, to block any eavesdropping. […]

     *     *     *

冷蔵庫がいわゆる Faraday cage[ファラデーケージ、ファラデーの籠]というワケだ。

盗聴のプロがそれほど怖がるからにはそんなソフトが実在するのだろうか? どうも気に懸かる・・・

「ネットセキュリティ評価」と聞いて、はしなくも香港の冷蔵庫に携帯電話を入れさせた Snowden の話を思い出した。

もっとも彼に他国への亡命を思いとどまらせてロシアの滞在許可をとるよう説得したのが弁護士 Anatoly Kucherena であり、また彼はクレムリンとの密接な関係をウワサされる人物でもあるところからますますスパイ小説じみてくるのだが・・・

Read Full Post »


Disable Remote Content to Fight Spam and Guard Your Privacy | TekRevue

If you even open a spammer’s email that contains images, the spammer instantly knows that your email address is valid and that you saw the spam email. Even worse, the spammer will also be able to learn important information about you, such as your IP address, which for most users reveals their general geographic location.

Launch Mail in OS X and go to Mail > Preferences > Viewing. Find the box labeled Load remote content in messages and uncheck it. This stops Mail from automatically loading images and other remote content when you first open an email message.

Read Full Post »


Your Mac’s Firewall is Off By Default: Do You Need to Enable It? | How-To Geek

A standard Mac OS X system doesn’t have such potentially vulnerable services listening by default, so it doesn’t need a tacked-on firewall to help protect such vulnerable services from being attacked.

This is actually the same reason why Ubuntu Linux doesn’t ship with its firewall on by default — another thing that was controversial at the time. Ubuntu took the approach of simply not having potentially vulnerable services listening by default, so an Ubuntu system is secure without a firewall. Mac OS X works in the same way.

Read Full Post »


Industrial Control Systems on the Internet | presented at 4SICS.se

What is an Industrial Control System?

In a nutshell, Industrial control systems (ICS) are computers that control the world around you. They’re responsible for managing the air conditioning in your office, the turbines at a power plant, the lighting at the theatre or the robots at a factory.

各社の持つデータだけでなく電力など産業インフラの制御システム(ICS)もインターネットからのアクセスに晒されている。Firewall はどこまで有効か・・・

[via ‏@mikko

Read Full Post »

Older Posts »