vandeneynde.net » Windows

Belgian Terrorists caught on possession of wiping software?

Tom — Mon, 09 Jun 2008 10:27:49 +0000

An article in Datanews (dutch only) today reports on the police arresting four ex-CCC members on two facts:

They were linked to a terrorist organization in Italy
They had ‘encoding’ software on their PC’s to securely wipe hard drives. (most likely the reporter meant wiping instead of encoding.)

On the first fact, I can certainly agree but with regards to the second fact, I did not know it was illegal in Belgium to have this kind of software installed on your PC.

I for one have Truecrypt as encryption software and Eraser as DoD compliant erasing software installed on my laptop. Am I a terrorist now?

Physical Access always means p0wned

Tom — Mon, 26 May 2008 07:54:16 +0000

I blogged about it before but every now and then someone finds a new physical ‘hack’ into windows. Here is an example of a recent hack using backtrack to gain access.

This just illustrates one of Microsoft’s 10 Immutable Laws of Security:

Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore

Using firewire to get into a windows PC

Tom — Sun, 30 Mar 2008 20:15:31 +0000

As you may know, firewire devices can have access to the main memory of a PC thanks to DMA.
Because of this, firewire can be used as an attack vector against a running PC. This not news. Adam Boileau presented this technique back in 2006 but because of recent news, I decided to give it a go and see for myself how easy it is to exploit this attack vector:

Please note that this can also be used for good! Forensic investigators can use this technique to dump the memory of a running PC for investigation.

Vista Gadgets

Tom — Sat, 26 Jan 2008 13:54:36 +0000

While I was looking into writing my own gadget for Vista’s Sidebar to display my Google Reader news, it hit me that Gadgets are really simple web browser applications.

They consist of only 1 XML and 1 HTML file in general and can contain JavaScript, vbscript, wmi scripts,… (everything basically). This should make you think because XSS, XSRF and all kinds of web exploits can potentially work in your sidebar if the right precautions have not been made!

Vista’s UAC warns you when you install a gadget or when the gadget isn’t signed but how many users would click yes to install ‘that cool gadget which also happens to contain a little bit of malicious code’? Most likely all of them.

There are even more attack vectors for the Vista Gadget API and I found an interesting paper which discusses these and also shows which precautions Microsoft made: http://www.portcullis-security.com/uplds/Next_Generation_malware.pdf

It is not too long and goes not too deep but gives the reader enough info and links to investigate further if wanted. The portcullis-security.com website also has a nice download section which contains a lot of interesting tools.

How NSA access was built into Windows

Tom — Sun, 14 Jan 2007 23:26:25 +0000

A friend of mine sent me an email today with a link to an article stating how NSA access was built into Windows.
Although, it seems that this news is quite old, I only heard from this today. In my opinion, it is very scary that there are master keys for the encryption in Windows. This means that the NSA can look into your encrypted data at any time.

Now, while that may be handy for the NSA, what would happen if a disgruntled employee of the NSA/Microsoft dropped this ‘magic’ key on the black market. Suddenly anyone willing to pay for it could decypher your precious encrypted data. Scary stuff.

So, my suggestion is not to use the MS implementation of Encrypted File Systems but go with Open Source solutions like TrueCrypt . At least for the OS soft, the code can be reviewed by others.

Tom