The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,310 other followers

Archive for the ‘Security’ Category

Vulnerability Note VU#446847 – Savitech USB audio drivers install a new root CA certificate

Posted by jpluimers on 2017/11/10

Savitech has released a new driver package to address the issue. Savitech drivers version 2.8.0.3 or later do not install the root CA certificate.

Users still must remove any previously installed certificate manually.

  1. SaviAudio root certificate #1
    • ‎Validity: Thursday, ‎May ‎31, ‎2012 – ‎Tuesday, ‎December ‎30, ‎2036
    • Serial number: 579885da6f791eb24de819bb2c0eeff0
    • Thumbprint: cb34ebad73791c1399cb62bda51c91072ac5b050
  2. SaviAudio root certificate #2
    • Validity: ‎Thursday, ‎December ‎31, ‎2015 – ‎Tuesday, ‎December ‎30, ‎2036
    • Serial number: ‎972ed9bce72451bb4bd78bfc0d8b343c
    • Thumbprint: 23e50cd42214d6252d65052c2a1a591173daace5

Source: [WayBackVulnerability Note VU#446847 – Savitech USB audio drivers install a new root CA certificate

Background: [WayBack] Inaudible Subversion – Did your Hi-Fi just subv… | RSA Link: While threat hunting, RSA FirstWatch came across a curious exposure in Windows PCs, involving driver packages provided by a certain manufacture…

Via:

–jeroen

Posted in Power User, Security, Windows | Leave a Comment »

TLS tests for your mail server

Posted by jpluimers on 2017/11/09

Need to do some more research on this to ensure I didn’t goof up:

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, postfix, Power User, Security, sendmail, SMTP | Leave a Comment »

RSA keys by Infineon chips or libraries can be cracked fast; Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping…

Posted by jpluimers on 2017/10/16

All of our house is wired by ethernet for a reason…

WPA2 Flawed. Once again, it turns out that designing something properly secure is really, really, REALLY hard.

[WayBack] Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping https://arstechnica.com/… – Lars Fosdal – Google+

[Archive.is] If fixes exist, third party firmware will have it in days. Most OEMs, never. I do worry a lot about unfixable flaws in the wifi standards… – Kristian Köhntopp – Google+:

Dave reminds us that there is a reason why people mod the firmware of their Wifi routers, and that reason is actually now more critical than ever.

Via [WayBack] https://www.krackattacks.com/ has a FAQ. Some interesting questions from there:… – Kristian Köhntopp – Google+:

[WayBackKRACK Attacks: Breaking WPA2 : This website presents the Key Reinstallation Attack (KRACK). It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi.

 

Since we’re talking security, watch your RSA as it is way worse than the WPA2 one: [Archive.is]

We heard you liked the 10 WPA2 CVE’s, so »A 2nd major crypto vulnerability being disclosed… – Kristian Köhntopp – Google+ quoting

[WayBack] Dan Goodin‏ @dangoodin001: 2nd major crypto vulnerability being disclosed Monday involves millions of 1024- and 2048-bit RSA keys that are practically factorizable.

[WayBackROCA: Vulnerable RSA generation (CVE-2017-15361) [CRoCS wiki]

The time complexity and cost for the selected key lengths (Intel E5-2650 v3@3GHz Q2/2014):

  • 512 bit RSA keys – 2 CPU hours (the cost of $0.06);
  • 1024 bit RSA keys – 97 CPU days (the cost of $40-$80);
  • 2048 bit RSA keys – 140.8 CPU years, (the cost of $20,000 – $40,000).

[WayBack] New vulnerabilities found in RSA 1024 and 2048 bit keys. Estimated cost of cracking based on access to the Public key only: 1024 bit: $40 2048 bit: $20k… – Lars Fosdal – Google+

Jan Wildeboer did a nice explanation in laymen terms of both security issues published today:

 

–jeroen

Read the rest of this entry »

Posted in LifeHacker, Power User, Security, WiFi | Leave a Comment »

The cloud has no walls: cache-based jamming agreement to communicate over the CPU cache even without rights

Posted by jpluimers on 2017/10/12

Oh boy: [WayBack] Alles kaputt: In der Cloud gibt es keine Wände.  – Kristian Köhntopp – Google+:

Two Amazon EC2 instances communicating over the CPU cache without the need of a network in-between them.

Open sourced foundations: IAIK/CJAG: CJAG is an open-source implementation of our cache-based jamming agreement.

In our BlackHat Asia 2017 Talk we show that the cache covert channel we built is so fast and reliable that we can do much more than tunneling SSH over it: We show that we can even stream a music video in decent quality through the cache – on the Amazon EC2 cloud.

See the BlackHat Asia Briefings Information here: https://www.blackhat.com/asia-17/brie…

See a video of the Live Demo here: https://www.youtube.com/watch?v=yPZmi…

Find our NDSS 2017 paper here: https://gruss.cc/files/hello.pdf

–jeroen

Read the rest of this entry »

Posted in Development, Hardware Development, Security, Software Development | Leave a Comment »

Positive Technologies – learn and secure : Disabling Intel ME 11 via undocumented mode

Posted by jpluimers on 2017/09/04

Interesting: [WayBack/Archive.isPositive Technologies – learn and secure : Disabling Intel ME 11 via undocumented mode

Repository: ptresearch/unME11: Intel ME 11.x Firmware Images Unpacker

More archived links:

Via: [WayBack] The NSA is running Intel machines with ME off, and so can you: http://blog.koehntopp.info/index.php/2508-turning-off-the-intel-management-engine-me/ – Kristian Köhntopp – Google+

–jeroen

Posted in Power User, Security | Leave a Comment »

 
%d bloggers like this: