Domain: phenoelit.org
Stories and comments across the archive that link to phenoelit.org.
Comments · 10
-
Kaspersky Labs discovers port knocking ..
"This Turla cd00r-based malware
.. can't be discovered via netstat, a commonly used administrative tool" link
'To activate the real remote access service (the attached code starts an inetd to listen on port 5002, which will provide a root shell), one has to send several packets (TCP SYN) to ports on the target system' link
How exactly does this 'Linux trojan' get onto the computers in the first place, without the end user going to a site and downloading the malware and explicidly running it and entering the root password. -
Re:No irony
-
Re:Thank Edward Snowden
He has certainly helped China to boost it's defenses.
I think there is a strong case to be made that just the opposite would occur. By moving away from Cisco the NSA may very well find it easier to compromise more Chinese infrastructure.
It turns out you don't need backdoor conspiracies to have a little fun with Chinese telcom gear.
-
Who needs a back door?
Who needs a back door when you have a range of security vulnerabilities to choose from.
Here's the slide deck from the talk on Huawei talk at Defcon 20 this year. At the end of the talk the presenter addressed the topic of backdoors by saying (my paraphrase) given the state of the code, who knows if a given hole is a backdoor or unintential security vulnerability.
The deck is worth a read if only for the fortune cookie slides, which contain actual quotes from the object code:
http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdfMin
-
calling cisco's lawyers...
Didn't a black hat presentation show that they were basically running an ancient ripped off version of cisco ios? May as well just invite cisco to sue.
-
Re:Is that even possible?
They practically are backdoored: they're insecure as hell. http://phenoelit.org/stuff/Huawei_DEFCON_XX.pdf
-
Re:That's the particular concern?
Not that they're total shit from a security POV? (warning: pdf)
Thanks for warning me about the PDF. Because I mean, hovering my mouse over the link for the 0.25 seconds it takes to see that on my own is just too hard.
And failing that, my browser stopping to give me the opportunity to Open, Save, or Cancel is just so confusing and hard to control. -
Re:That's the particular concern?
Not that they're total shit from a security POV? (warning: pdf)
Lies! Lies! Lies! Lies!
-
They don't need back doors!
I normally don't post anonymously but my employer deals with Huawei.
According to Recurity Labs they don't need a back door when the front door is locked with a piece of masking tape that says in faded yellow ink "Do not enter". Huawei's security is a joke. Their software is riddled with buffer overflows, including buffers allocated on the stack making hacking their stuff trivial. Huawei has virtually zero security. Much of their stuff runs on VxWorks which is quite insecure. (I spent many years writing software for VxWorks). All you have to do is get to the T-shell and you're basically god. In the T-shell you can look at and modify variables and memory and call C functions directly, passing whatever arguments you want.
Even without the T-shell it looks like it's easy to get to the shell with full admin privileges on Huawei's boxes. See their DEFCON presentation at: http://www.phenoelit.org/stuff/Huawei_DEFCON_XX.pdf
If you value security, stay far away from Huawei. Their stuff is cheap but you get what you pay for. I guess it's good for the US that Huawei is mostly used in the Middle East and Asia. It makes life easy for the NSA.
-
That's the particular concern?
Not that they're total shit from a security POV? (warning: pdf)