HTC Security Flaw Lets Malicious Apps Steal Wi-Fi Passwords

HTC recently acknowledged a security flaw in its handsets that allowed malicious apps to steal Wi-Fi passwords.  This type of flaw could potentially allow for targeted exploitation of a company or residential network.  Luckily, HTC and Google were very responsive and a fix has already been developed and deployed.  It was actually discovered in September 2011, but was kept a secret publicly until Google and HTC had time to address it and provide the appropriate fixes.

According to the U.S. Computer Emergency Readiness Team (US-CERT), the devices affected by the security flaw include the Desire HD, Glacier, Droid Incredible, Thunderbolt 4G, Sensation Z710e, Sensation 4G, Desire S, EVO 3D and EVO 4G.

This is a prime example of why Apple has such a strict acceptance policy of the apps that are allowed in the iTunes App Store.  They monitor the code and test the apps before releasing them to the public to avoid problems.  That said, there have been apps that mistakingly made their way into the store.

http://www.gadgetbox.msnbc.msn.com/technology/technolog/htc-security-flaw-lets-malicious-apps-steal-wi-fi-passwords-24096

http://blog.mywarwithentropy.com/2012/02/8021x-password-exploit-on-many-htc.html

Carrier IQ

About a month and a half ago it was revealed that there has been tracking software pre-installed on over 141 million cell phones. The software designed by Carrier IQ is responsible for recording and reporting metrics to your phone carrier. This discovery forces a dialogue about the trust relationship that is established between the customers and their carrier and exactly how the carrier treats the information that is being is being stored. There have been many allegations about what is exactly being tracked by the software, some true and some more along the lines of half-truths.

As it turns out Carrier IQ was intended to be a utility that allows for a carrier to be able to intelligently diagnose network and phone issues that a customer might be experiencing. For example, prior to the development of Carrier IQ, a carrier might only be detecting that 1 out of every 100 phone calls being placed on their network are being dropped; when in reality it might be much closer to 8 or 9 calls out of those 100 placed. This disparity between the actual numbers and the ones being recorded by the carrier allowed Carrier IQ to see a possible use case and ended up meeting the needs of the carrier.

They haven’t explicitly admitted everything they track, but have specifically said that they track call drops correlated with GPS information, SMS information, web history and application/CPU usage.

Carrier IQ has made an effort to create a line in the proverbial sand in what they do and do not want to collect from users. They say that they don’t collect any content, whether it be what was actually sent in an SMS text message or the contents of a webpage that you access. They do however track the metadata for your activity, this includes who you sent your SMS message to and if it was successfully sent. The same can be said about your web history, they are tracking the URLs being accessed not what is actually being displayed on your screen.

Carrier IQ thinks that what they are collecting is harmless to the consumer but a debate is now forming on what type of information should be okay to track and what really shouldn’t be. Carrier IQ has stated that they don’t capture the content of what the user is doing. Content is really an ambiguous term. Carrier IQ might not consider my URL history to be a private matter. I consider pretty much all of my usage history sans maybe CPU utilization to be a private matter (no matter how mundane my life really is). Its something that really shouldn’t existing in a database somewhere, ready to be hacked, subpoenaed or looked at by a rogue employee that has decided that they want to know more about me. What becomes even more disconcerting is that this information is being tracked even while I am out of the country, on a Wi-Fi network not even connected to their cellular network.

Who knows, maybe I’m just being a paranoid parrot. Maybe no one really cares anymore about their privacy, it has been said by numerous individuals that “Privacy is dead – get over it.” I for one don’t like it and I think I’ll take my ball and go home. In all seriousness though, this software really should be industry vetted to make sure that it cannot be exploited by malicious individuals and it should be established exactly what information each carrier is tracking and for how long. This would allow consumers to identify what tabs the carriers are keeping on their customers; which I’m sure most consumers won’t like and allow for free market forces to stifle the ones being over exuberant with this tracking technology.

http://www.theverge.com/2011/12/5/2609662/carrier-iq-interview

http://www.wired.com/threatlevel/2011/11/rootkit-brouhaha/

http://www.edition.cnn.com/2011/12/02/tech/mobile/carrier-iq-reactions/

New Payment Method in Wal-Mart Stores

I’m sure everyone has gone to a super-market to buy one item, and have to stand in line for a long time just to pay for it. To solve this issue, Wal-Mart may have a solution where customers could buy items directly in the aisle, and skip waiting in lines at the cash register.

Using Apples EasyPay featured on the IPhone 4 and 4S, customers could simply scan the bar code, enter their Apple ID, and walk out with the item. Wal-Mart is also interested in Near Field Communication, which is short range wireless technology that enables communication between certain devices to better enhance their payment feature.

I think with the implementation of a payment system like this would be a neat change, rather than waiting in line to pay for an item. Although its convenience, every new type of technology would carry along new vulnerabilities and exploits. I think it would take some time to work out the bugs with a system like that, not only for the customers but for staff to recognize that a customer had actually paid for an and left with it without going to the cash registers.

Source:
http://www.computerworld.com/s/article/9221758/Walmart_tries_new_tech_with_eye_on_consumers?taxonomyId=133&pageNumber=2

http://www.computerworld.com/s/article/9221758/Walmart_tries_new_tech_with_eye_on_consumers?taxonomyId=133&pageNumber=2

Smartphone Use by Military

With the military trying to incorporate the use of smartphones on the battlefield, many critics are becoming more worried about potential data breaches or attacks that could occur on the military’s networks. One researcher pointed out that enemies could track the movements of troops or steal sensitive military information. Also, malicious software aimed at smartphones is on the rise, and that could have a bad impact on the military.
Smartphones are already a target and the use of smartphones by the military could make it a BIGGER target. To help with the issue, Symantec Corp. is working on a product called ‘O3,’ to provide security for wireless military networks. Also, the military will have its own online application store.

The use of smartphones in battle may be useful, but is it worth the risk? Even though companies are coming up with security solutions, there is always one person out there that is capable of bypassing all the security. The possibility of the enemy tracking the location of troops makes it very risky. Also, the idea of the military using smartphones brought a funny picture to my head; a soldier Facebooking in the middle of battle. It’s most likely that it will never happen, but you never know.

The military using smartphones? What do you think?

http://www.homelandsecuritynewswire.net/securing-smartphones-battle

Using XSS and Google Street view data to determine physical location

While looking for an article or topic to write about today i came upon some articles regarding the black hat convention that was held in Las Vegas last year. A man by the name of Samy Kamkar showed an interesting hack which extracted extremely accurate geo-location information from a Web browser, while not using any IP geo-location data. Before I explain what he did allow me to explain what XSS is. XSS is an abbreviation for cross site scripting. XSS is a security vulnerability found in Web applications that enables attackers to inject script into web pages viewed by other users. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page-content, session cookies, and a variety of other information maintained by the browser on behalf of the user. Now how he does the attack is by first having the victiom visit his malicious web site and then using JavaScript and AJAX to acquire the routers MAC address. He was about to do this because when the user visited the site the JavaScript did a scan for the type of router and its MAC address. With this info he was able to use Google Street View to determine the location of the router within 30 feet of where it actually is. This isn’t Kamkars only hack. he also was the creater of an XSS worm that hit myspace a while back. In the video im posting below he does a demonstration of the hack.

Biometric Authentication Systems

Many companies are now looking for ways to leave behind the “password”. The problem with using passwords is human error. Many people usually just make really simple password that are easy for them to type and or remember. Many times it not just simple passwords but rather some employees are willing to trust anyone with their password. This leaves a huge security risk for companies because many of their employees have access to sensitive information and if their account is compromised then there will be problems.

Biometric security systems fix many of the problems with passwords. Biometrics provides faster access to secure documents which in the end leaves employees happy. It also prevents people from letting others know their password because you can’t really lend a finger or eyeball. Biometrics is improving and now offers things like USB finger print scanners which allow users to easily access their account form multiple systems. They are also developing Biometrics for mobile platforms which will give users even more ways to access their accounts. Biometrics still has security risks but it is much more secure than passwords.

Wi-Fi Security on Mobile Devices

Wireless security has been a fairly large security topic for a long time now, and it is one that should be taken very seriously. From a simple web search you will find information about how insecure WEP is, and that you should be using WPA/WPA2. But if your someone like me who often finds access points that are insecure, you may be wondering what type of chances are you taking by connecting to it?

Your best choice for security here is to simply not use this connection, find a better secure method of internet access. But we all know most people want the fast and easy way to get online and they’re willing to take the risk. Although its not the best option, if your going to connect to it just be smart and know what your doing. Eavesdropping isn’t to difficult on an insecure Wi-Fi connection. Anyone with a little computer knowledge could download some free software that captures your data being transmitted. Any packet sniffers such as the ones here could do the trick, but some are specifically programmed to search for login credentials of insecure websites. Now some people might think “What are the chances of this happening to me on this Wi-Fi network I just found.” Probably not extremely high, but the small chance that it will should make you be cautious. It’s probably not worth giving someone your passwords just because you didn’t want to be careful and take the time to be secure.

Theres a few simple things to check for to help keep yourself safe. When browsing don’t enter any login information or personal information on websites if they are not secure. Check to make sure your on an HTTPS connection before you log in. You may find a website that you use that doesn’t offer HTTPS, and think “it doesn’t matter if someone finds out my information to access this site so ill just do it anyway.” Well before you do that also consider did you use that same login information on any other websites? Are you someone who uses the same username and password to login on a gaming website as your Paypal account? If your not sure about something or a website your using just don’t do anything unless your sure its encrypted. Also if your using email clients you may want to make sure that is encrypted with SSL for both in going and outgoing email as well. If you have it configured without encryption, that might be something to consider before you use it on an insecure network.

The best option is to connect through a VPN (Virtual Private Network) which you can read more about here Simply put everything through the VPN will be encrypted which will allow you to browse more securely while connected through this insecure Wi-Fi connection by blocking out local eavesdroppers . The Wi-Fi network will still be insecure, but the packets you will be sending will be encrypted. VPN options are available for many devices, not just desktops and laptops. But if you can’t use a VPN just be smart and know what your sending out that won’t be encrypted.

Wireless security is a very complex topic, and with many people not fully educated on how to setup a access point securely it isn’t to uncommon to find one insecure or simply using WEP. I think most people would agree with me that WEP would also be classified as insecure. There are so many devices people bring with them now days that can connect to Wi-Fi such as smart phones, laptops, tablets, and even mp3 players. Because of this its important you understand the possible security risks of the Wi-Fi network you may connect to.