operating systems Archives - Page 2 of 11

Entries Tagged "operating systems"

Page 2 of 11

New iPhone OS May Include Device-Unlocking Security

iOS 12, the next release of Apple’s iPhone operating system, may include features to prevent someone from unlocking your phone without your permission:

The feature essentially forces users to unlock the iPhone with the passcode when connecting it to a USB accessory everytime the phone has not been unlocked for one hour. That includes the iPhone unlocking devices that companies such as Cellebrite or GrayShift make, which police departments all over the world use to hack into seized iPhones.

“That pretty much kills [GrayShift’s product] GrayKey and Cellebrite,” Ryan Duff, a security researcher who has studied iPhone and is Director of Cyber Solutions at Point3 Security, told Motherboard in an online chat. “If it actually does what it says and doesn’t let ANY type of data connection happen until it’s unlocked, then yes. You can’t exploit the device if you can’t communicate with it.”

This is part of a bunch of security enhancements in iOS 12:

Other enhancements include tools for generating strong passwords, storing them in the iCloud keychain, and automatically entering them into Safari and iOS apps across all of a user’s devices. Previously, standalone apps such as 1Password have done much the same thing. Now, Apple is integrating the functions directly into macOS and iOS. Apple also debuted new programming interfaces that allow users to more easily access passwords stored in third-party password managers directly from the QuickType bar. The company also announced a new feature that will flag reused passwords, an interface that autofills one-time passwords provided by authentication apps, and a mechanism for sharing passwords among nearby iOS devices, Macs, and Apple TVs.

A separate privacy enhancement is designed to prevent websites from tracking people when using Safari. It’s specifically designed to prevent share buttons and comment code on webpages from tracking people’s movements across the Web without permission or from collecting a device’s unique settings such as fonts, in an attempt to fingerprint the device.

The last additions of note are new permission dialogues macOS Mojave will display before allowing apps to access a user’s camera or microphone. The permissions are designed to thwart malicious software that surreptitiously turns on these devices in an attempt to spy on users. The new protections will largely mimic those previously available only through standalone apps such as one called Oversight, developed by security researcher Patrick Wardle. Apple said similar dialog permissions will protect the file system, mail database, message history, and backups.

Posted on June 12, 2018 at 6:23 AM • View Comments

EU Still Concerned about Windows 10 Privacy Settings

We all should be concerned about the privacy settings in Windows 10. And we should be glad that the EU has the regulatory authority to do something about it.

Posted on February 28, 2017 at 6:25 AM • View Comments

BlackBerry's Global Encryption Key

Last week, there was a big news story about the BlackBerry encryption key. The news was that all BlackBerry devices share a global encryption key, and that the Canadian RCMP has a copy of it. Stupid design, certainly, but it’s not news. As the Register points out, this has been repeatedly reported on since 2010.

And note that this only holds for individual users. If your organization uses a BlackBerry Enterprise Server (BES), you have your own unique key.

Posted on April 25, 2016 at 5:54 AM • View Comments

Google Backs Away from Default Lollipop Encryption

Lollipop device encryption by default is still in the future. No conspiracy here; it seems like they don’t have the appropriate drivers yet. But while relaxing the requirement might make sense technically, it’s not a good public relations move.

Android compatibility document. Slashdot story.

Posted on March 3, 2015 at 5:46 AM • View Comments

Security Vulnerability in the Tails OS

I’d like more information on this.

EDITED TO ADD (8/13): Response from Tails.

Posted on July 23, 2014 at 11:58 AM • View Comments

Tails

Nice article on the Tails stateless operating system. I use it. Initially I would boot my regular computer with Tails on a USB stick, but I went out and bought a remaindered computer from Best Buy for $250 and now use that.

Posted on April 17, 2014 at 1:38 PM • View Comments

New Security Risks for Windows XP Systems

Microsoft is trying to stop supporting Windows XP. The problem is that a majority of ATMs still use that OS. And once Microsoft stops issuing security updates to XP, those machines will become increasingly vulnerable.

Although I have to ask the question: how many of those ATMs have been keeping up with their patches so far?

We have far to go with our security of embedded systems.

Posted on January 27, 2014 at 6:32 AM • View Comments

STUCCOMONTANA: NSA Exploit of the Day

Today’s implant from the NSA’s Tailored Access Operations (TAO) group implant catalog:

STUCCOMONTANA

(TS//SI//REL) STUCCOMONTANA provides persistence for DNT implants. The DNT implant will survive an upgrade or replacement of the operating system—including physically replacing the router’s compact flash card.

(TS//SI//REL) Currently, the intended DNT Implant to persist is VALIDATOR, which must be run as a user process on the target operating system. The vector of attack is the modification of the target’s BIOS. The modification will add the necessary software to the BIOS and modify its software to execute the SIERRAMONTANA implant at the end of its native System Management Mode (SMM) handler.

(TS//SI//REL) STUCCOMONTANA must support all modern versions of JUNOS, which is a version of FreeBSD customized by Juniper. Upon system boot, the JUNOS operating system is modified in memory to run the implant, and provide persistent kernel modifications to support implant execution.

(TS//SI//REL) STUCCOMONTANA is the cover term for the persistence technique to deploy a DNT implant to Juniper T-Series routers.

Unit Cost: $

Status: (U//FOUO) STUCCOMONTANA under development and is expected to be released by 30 November 2008.

Page, with graphics, is here. General information about TAO and the catalog is here.

In the comments, feel free to discuss how the exploit works, how we might detect it, how it has probably been improved since the catalog entry in 2008, and so on.

Posted on January 17, 2014 at 2:06 PM • View Comments

SIERRAMONTANA: NSA Exploit of the Day

Today’s implant from the NSA’s Tailored Access Operations (TAO) group implant catalog:

SIERRAMONTANA

(TS//SI//REL) SIERRAMONTANA provides persistence for DNT implants. The DNT implant will survive an upgrade or replacement of the operating system—including physically replacing the router’s compact flash card.

(TS//SI//REL) Currently, the intended DNT Implant to persist is VALIDATOR, which must be run as a user process on the target operating system. The vector of attack is the modification of the target’s BIOS. The modification will add the necessary software to the BIOS and modify its software to execute the SIERRAMONTANA implant at the end of its native System Management Mode (SMM) handler.

(TS//SI//REL) SIERRAMONTANA must support all modern versions of JUNOS, which is a version of FreeBSD customized by Juniper. Upon system boot, the JUNOS operating system is modified in memory to run the implant, and provide persistent kernel modifications to support implant execution.

(TS//SI//REL) SIERRAMONTANA is the cover term for the persistence technique to deploy a DNT implant to Juniper M-Series routers.

Unit Cost: $

Status: (U//FOUO) SIERRAMONTANA under development and is expected to be released by 30 November 2008.

Page, with graphics, is here. General information about TAO and the catalog is here.

We have already seen the codename VALIDATOR. It’s the code name for a default, or basic, NSA exploit. It’s the exploit that FOXACID defaults to using.

In the comments, feel free to discuss how the exploit works, how we might detect it, how it has probably been improved since the catalog entry in 2008, and so on.

Posted on January 16, 2014 at 2:00 PM • View Comments

SCHOOLMONTANA: NSA Exploit of the Day

Today’s implant from the NSA’s Tailored Access Operations (TAO) group implant catalog:

SCHOOLMONTANA

(TS//SI//REL) SCHOOLMONTANA provides persistence for DNT implants. The DNT implant will survive an upgrade or replacement of the operating system—including physically replacing the router’s compact flash card.

(TS//SI//REL) Currently, the intended DNT Implant to persist is VALIDATOR, which must be run as a user process on the target operating system. The vector of attack is the modification of the target’s BIOS. The modification will add the necessary software to the BIOS and modify its software to execute the SCHOOLMONTANA implant at the end of its native System Management Mode (SMM) handler.

(TS//SI//REL) SCHOOLMONTANA must support all modern versions of JUNOS, which is a version of FreeBSD customized by Juniper. Upon system boot, the JUNOS operating system is modified in memory to run the implant, and provide persistent kernel modifications to support implant execution.

(TS//SI//REL) SCHOOLMONTANA is the cover term for the persistence technique to deploy a DNT implant to Juniper J-Series routers.

Status: (U//FOUO) SCHOOLMONTANA completed and released by ANT May 30, 2008. It is ready for deployment.

Page, with graphics, is here. General information about TAO and the catalog is here.

In the comments, feel free to discuss how the exploit works, how we might detect it, how it has probably been improved since the catalog entry in 2008, and so on.

Posted on January 15, 2014 at 2:56 PM • View Comments

←Previous 1 2 3 4 … 11 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.