Security News

So Conficker’s big day rolled around and  a little dust stirred up. April 1st was the date the worm was to update itself by contacting a few websites for further instructions. A few reports have streamed in but little has happened. A few government facilities hit DEFCON3 temporarily as their systems were on the fritz but were quickly put back under control. Other than that, nothing has happened. Security experts continue to worry what the creators have in store for the future.

How about remotely disabling computers for unpaid Internet bills or if your laptop was stolen? Ericsson has developed a module which can perform such a task. Several manufacturers are currently using the modules: LG Electronics Inc., Dell Inc., Toshiba Corp. and Lenovo.It’s unlikely that ISPs would cut you off for missing a payment however the technology does exist and might show up in a computer near you. The real use comes into play when it comes to data protection. Stolen laptops and preventing sensitive data from falling into the wrong hands. Ever had a laptop stolen and had to resort to your backup? And then have that fail and need data recovery? Yeah, it’s a real pain. Trust me, you don’t want to go through it.

DNS tops black hat discussion

With the Black Hat security conference drawing to a close, it’s a good time to take a look at the various topics that dominated this year’s seminars. Security researcher Dan Kaminsky’s presentation on the DNS exploit he discovered months ago was a standing-room only event, and while we’ve covered the vulnerability several times here at Ars, Kaminsky provided additional details and some back history on his discovery. Cisco was also discussed at Black Hat this year, after several years of silence, and the EFF announced its own Coder’s Rights Project.

Kaminsky has made the slide deck from his presentation available (PPT); the slides are thorough enough to get a sense of his presentation. According to his talk, DNS and the infrastructure of the Internet itself remain fundamentally vulnerable in ways that will not be easy to correct. Kaminsky refutes the idea that SSL is an antidote to these DNS vulnerabilities, as SSL certifications are themselves dependent on proper DNS functionality. (link)

Only TSA laptop approved bags

There’s a new option for people annoyed at having to take their laptops out of their bags at airport security. The Transportation Security Administration will now allow travelers to leave their computers inside “checkpoint friendly” cases.

The new rules, announced Tuesday and set to take effect Aug. 16, are intended to help streamline the X-ray inspection lines.

TSA said it reached out to bag manufacturers this year to design laptop cases that would provide a clear, unobstructed image of the computer as it passed through an X-ray machine. The agency said the new bags will be available for purchase this month. (link)

Spam clogging up the Intertubes, 80% of email traffic

Almost everyone hates spam. The only people that don’t hate it are the ones that make vast amounts of money from sending it. The profits they turn are so large that regardless of what spam fighters do, the amount of spam keeps increasing. According to web security firm MessageLabs, spam accounted for 81.5 percent of all e-mail traffic in June.

This number, which is calculated based on 3 billion e-mail connections that MessageLabs scans every single day, more or less corresponds with US-specific data. An analysis of year-to-date spam rates for individual US states shows that the percentage of e-mails that were spam range from 77 (Montana) to 91 percent (Illinois). In other words, in every single state in the US, over three quarters of e-mails sent are junk. The average spam level in the US was 86 percent in June. (link)

Intel chips vulnerable to bug?

Security researcher and author Kris Kaspersky plans to demonstrate how an attacker can target flaws in Intel’s microprocessors to remotely attack a computer using JavaScript or TCP/IP packets, regardless of what operating system the computer is running.

Kaspersky will demonstrate how such an attack can be made in a presentation at the upcoming Hack In The Box (HITB) Security Conference in Kuala Lumpur, Malaysia, during October. The proof-of-concept attacks will show how processor bugs, called errata, can be exploited using certain instruction sequences and a knowledge of how Java compilers work, allowing an attacker to take control of the compiler.

“I’m going to show real working code…and make it publicly available,” Kaspersky said, adding that CPU bugs are a growing threat and malware is being written that targets these vulnerabilities.

Different bugs will allow hackers to do different things on the attacked computers. “Some bugs just crash the system, some allow a hacker to gain full control on the kernel level. Some just help to attack Vista, disabling security protections,” he said. (link)