1. Cold Boot Attack
An amazing piece of hacker-dome coming out of Princeton. Halderman et. al. showed that keying information can easily be identified and extracted from memory to attack encrypted hard drives. Everyone always says, you want to protect your computer, encrypt your disk. That is no longer enough. It should read, if you want to protect your computer, encrypt your hard drive and store your computer in an oven.
2. Kaminsky Attack
One of the biggests and widely publicized attack of the year was also one of the most secret. This attack allowed for an attacker to forge hostname lookups in a matter of seconds rather then days as first thought. When it was announced, the lab basically said it's bad, but we are not going to tell you how bad. Rumors were abound, and everyone and anyone had an opinion. Once the attack details were actually released, it was a horrific as we thought, but thankfully most vulnerable DNS servers have been patched. An amazing thing, really. But, can we ever really trust DNS until DNSEC becomes the standard.
3. OpenSSL Debian Repository
One of the stupid commits of all time, a developer for the OpenSSL library on Debian ran the library through ValGrind. Surprise, there was a memory error: reading uninintialized data. The developer comments out the code and probably thinks, I have saved the day. Oops, that read a realy good thing because it seeds the random number generator. Without it, the only seeding matierial is the process ID, which mean that there was only 2^32 different keys. That is really, really bad because those keys can be enumerated. The worst part was this went undetected for years ... years! Well, at least it fixed now, and it didn't effect me because I am a Fedora user.
4. MD5 Collisions to Create Rougue CAs
Sneaking in just today from CCC, researchers have exploited a collision in the MD5 hash space used by certain CA's to exploit SSL connections in the browser. Just when we though everything was safe, we get this news. Oh boy. It doesn't effect just one CA but many, 5+. This is realy pathetic because MD5 collision weakness has been known for a while, but thse CAs still haven't made the transition. It is shame, and it should be fixed ASAP.
5. Apple Suggests Anti-Virus Software, then says "Just Kidding"
One of Apples big selling point is that Mac is safer then Windows. It is, but not for the reasons that Apple wants you to believe. In fact, at capture the flag competitions year after year, Mac Books tend to be the first hacked, every time. Then why is Apple safer? There are less Mac's then PC's. If you are an attacker do you want to write your virus to atack 10% of the market or 85% of the market (nubers are made up). The truth is, that Macs are more susseptable to attack, but less people attack them. It was then a good idea for Apple to suggest anti-virus software, but it makes them seem hipocritical. So, they renegged. Nice job apple, continue to lie to your customers; it sells product.
No comments:
Post a Comment