I worked for a MAJOR retailer that was involved with a credit card crisis. The only reason the registers didn't get raped was the fact they ran linux. The actual POS servers ran Windows 2000 so that is what got cracked.
I know this is Slashdot, but that's a bit ridiculous, isn't it? Linux exploits are not exactly impossible to come by, and someone only need acquire one of these devices to start looking for them. The reason the registers didn't get hacked was because the information that they wanted was on the POS system. If there are millions of dollars that can be taken, and someone wants to take them, they're going to find a way whether it's Linux/Windows/Whatever else, so long at the POS network isn't secured.
Or are you suggesting the RAM on a Linux POS would be invulnerable to scraping once an exploit was used?
How is this a "rebrand". I'm one of those techie people, and Yahoo! isn't my go-to for... anything, as I suspect it already isn't for most other techie people.
So far, this hasn't seemed to have happened, but if it does become public, there will be a backlash, especially OnStar which has the ability to track and disable cars in realtime [1].
Ahem. Just a few links that spring to mind. You can easily find others.
Right, because all the computers on the LAN are completely invulnerable.
If you have a system inside your LAN able to construct whatever network communications it wants to any internal device it might as well be running metasploit at that point and don't think a dinky old consumer grade WiFi router will be protecting you then.
Of course there is a risk there, that's probably why in newer models they require a magic packet in the first place. Can JavaScript in a browser construct such a magic packet? As far as I know it can only create TCP connections.
I didn't say Netgear secured this thing well, did I? I was merely pointing out that this was likely not an NSA backdoor, and had already been "improved" in newer models.
At least I felt like I contributed to the discussion. You, on the other hand, were just being a dick.
To add to the above, I see the WNDR3700 is specifically reported as not being vulnerable to the open port he found on some of the older models. I know for a fact (because I owned one), that the WNDR3700 is one of the models that requires the magic packet to open the telnet port, further leading me to believe he found a poorly documented (but not unknown) feature that should have been much more visible and better protected by default, rather than something more akin to a backdoor (after all, you have to be on the LAN side to use it).
There is a supported feature on Netgear routers where so long as you're on the internal network you can send a magic packet (using a utility called TelnetEnable) to open up the telnet port, then you can telnet in and issue commands as the super user. All TelnetEnable needs is the IP address of the router, it's MAC address, and a widely known default username and password - all things anyone connected to the network can get easily.
It seems like this guy stumbled upon a similar feature.
Yes, this stuff should be better protected, but it's not necessarily a vulnerability. For example, you can log into your router this way and use iptables to add some custom firewall rules that the web admin interface doesn't support. The main hole here is A) Most people don't know it's even there, and B) The default username/password is the same for every router by default. You do need to be on the LAN side to send the magic packet in the first place.
In a nutshell, the key extraction attack relies on crafting chosen ciphertexts that cause numerical cancellations deep inside GnuPG’s modular exponentiation algorithm. This causes the special value zero to appear frequently in the innermost loop of the algorithm, where it affects control flow. A single iteration of that loop is much too fast for direct acoustic observation, but the effect is repeated and amplified over many thousands of iterations, resulting in a gross leakage effect that is discernible in the acoustic spectrum over hundreds of milliseconds.
.. this story or a slight variant gets reposted to Slashdot in one form or another.
Props to the authors of TFA
on
Opus 1.1 Released
·
· Score: 4, Interesting
As someone who has previously written outwardly facing articles on complex technology, I have to give props to "Monty" and Jean-Marc Valin for TFA. It takes a lot of skill to communicate good information about some very complex topics in a short amount of space, and they pull it off pretty well. I think it really helps sell the product and keep your enthusiasts more engaged when you can see how much work and thoughtfulness has gone into the guts of it - work that is often unseen, hidden within a dev team, or buried throughout a mailing list somewhere.
When you pay for discrete graphics you're usually making purchase decisions based on performance/$. When the reviews all say you'll achieve a certain trade-off, but with the retail product you don't, then the market has been deceived - perhaps you would have been better off buying something else.
No comment as to what's actually going on in this case, if anything, since I haven't been following it...
When Winamp first appeared it was one of the first mass market players to handle MP3 playback at a time shortly after the FHG encoder began to be distributed and competitors like XING, LAME, etc. were just starting to appear. Hard drive storage capacities were still tight - you wouldn't want to fill your disk with CD quality WAV files, but people could store many albums with MP3s without resorting to burning CDs. Napster/gnutella/Frostwire/etc. would come along soon after and transform the way teenagers of the period acquired music. Later, subscription services etc. would be born.
Winamp may not have been around throughout the _entire_ decade, but towards the end of the decade your average joe was getting online, and Winamp was there leading the way for digital music formats that are still popular well over a decade later. Times move fast in computing, but there are probably not many Windows users here who haven't popped open Winamp at some point, cranked up their speakers, and popped open the visualizer.
... for taking a great product with a large and growing user base and a lot of potential, then going virtually nowhere with it for year after year after year, until the only thing left to do was to kill it.
R.I.P. Winamp, you helped define the 90s and let the way for compressed digital formats.
Let's hope all the specialist plugins for all the legacy/specialist file formats that have been created over the years find a good home with ongoing support.
It's a wonder that so many people are using the built-in set top boxes in their so-called smart TVs.
The user interfaces are invariably shit (especially so for any software designed in the far East).
What the hell are you talking about? DLNA is not a mass market application in the same sense that TVs are a mass market application - the vast majority of people own a TV, the vast majority of people have never used DLNA and probably don't even know what it is.
I own an LG SmartTV. It's YouTube UI is not great, but what is great is that it works, I can view trending videos, and I can fully remote control it from my smartphone with an easy pairing process, and that does have a decent UI. Netflix's UI is fine, and the TV displays video in HD. I can plug in an external hard drive or thumb drive and play most popular formats with no problem through a simple file browser.
Not everyone wants to spend hundreds of bucks on add-on devices, or pay the power bill to keep a desktop system running all the time as a media server, etc. etc.
And all of this aside, the correct response to "Should LG be spying on its customers like this?" is not "I don't know why people use this anyway". The correct response is "No".
Many people won't care what the CPU is. I thought about getting one and I know I don't care. It's cheap and flexible, has decent enough interfaces, has a huge community, and many people who will be coding on it will be writing Python anyway. I had a problem in mind and needed a small programmable device to solve it. I think many people will approach the pi this way rather than from a spec sheet perspective. I.e. "what can I do with this" vs. "what's it made from".
I wouldn't consider comparing a manually written routine to what GCC outputs cheating. If you have an optimizing compiler available to you, why not learn its tricks so that you can write better code yourself?
I just want you guys to know that as a developer I have been debugging what I believe to be the side effects resulting from these changes all week. It's not just "mouse co-ordinates" that are affected, you have some very common APIs scaling window co-ordinates in totally unexpected and inconsistent ways now. You have totally broken certain application behaviors, and only in 8.1, and while I found a workaround for my use case I can also see that the workaround I'm using will break more things for others.
Next time you ask yourselves, "should we make these APIs suddenly behave differently than in all older versions of the OS?" there should be a very, very high barrier to saying yes, especially for a service pack release.
.. the history aside, a far bigger, immediate and very real problem is that the vast majority of people don't even understand why they ought to care more about secrecy, partly because they are either unaware of where their communications are being intercepted, by whom, and then even more complex, how the data can and is being analyzed today and for what purpose, and even when it isn't being analyzed today for purposes that may concern them, the permanency of that data and the possibility of tomorrows uses.
We assume that because we as technically minded people can grasp the possibilities, others can too. I think that's very much not the case.
Point is, you probably weren't as safe as you thought you were, even before this new disclosure.
I think a huge problem with consumer-grade wifi routers today is that as manufacturers race to support new models with new wifi standards and new competitive feature sets, older models quickly become abandonware. There's very little guarantee around firmware updates for critical vulnerabilities, and end users are mostly oblivious to being at risk. By the time you pick up that $80 model from the store it's probably borderline EOL already.
Slashdot Mirror
I worked for a MAJOR retailer that was involved with a credit card crisis. The only reason the registers didn't get raped was the fact they ran linux. The actual POS servers ran Windows 2000 so that is what got cracked.
I know this is Slashdot, but that's a bit ridiculous, isn't it? Linux exploits are not exactly impossible to come by, and someone only need acquire one of these devices to start looking for them. The reason the registers didn't get hacked was because the information that they wanted was on the POS system. If there are millions of dollars that can be taken, and someone wants to take them, they're going to find a way whether it's Linux/Windows/Whatever else, so long at the POS network isn't secured.
Or are you suggesting the RAM on a Linux POS would be invulnerable to scraping once an exploit was used?
How is this a "rebrand". I'm one of those techie people, and Yahoo! isn't my go-to for... anything, as I suspect it already isn't for most other techie people.
So far, this hasn't seemed to have happened, but if it does become public, there will be a backlash, especially OnStar which has the ability to track and disable cars in realtime [1].
Ahem. Just a few links that spring to mind. You can easily find others.
TomTom sorry for selling driver data to police
“Government Motors” To Track Drivers With OnStar, Sell Data to Police
OnStar Tracks Your Car Even When You Cancel Service
Busted! Your car's black box is spying, may be used against you in court
Right, because all the computers on the LAN are completely invulnerable.
If you have a system inside your LAN able to construct whatever network communications it wants to any internal device it might as well be running metasploit at that point and don't think a dinky old consumer grade WiFi router will be protecting you then.
Of course there is a risk there, that's probably why in newer models they require a magic packet in the first place. Can JavaScript in a browser construct such a magic packet? As far as I know it can only create TCP connections.
I didn't say Netgear secured this thing well, did I? I was merely pointing out that this was likely not an NSA backdoor, and had already been "improved" in newer models.
At least I felt like I contributed to the discussion. You, on the other hand, were just being a dick.
To add to the above, I see the WNDR3700 is specifically reported as not being vulnerable to the open port he found on some of the older models. I know for a fact (because I owned one), that the WNDR3700 is one of the models that requires the magic packet to open the telnet port, further leading me to believe he found a poorly documented (but not unknown) feature that should have been much more visible and better protected by default, rather than something more akin to a backdoor (after all, you have to be on the LAN side to use it).
There is a supported feature on Netgear routers where so long as you're on the internal network you can send a magic packet (using a utility called TelnetEnable) to open up the telnet port, then you can telnet in and issue commands as the super user. All TelnetEnable needs is the IP address of the router, it's MAC address, and a widely known default username and password - all things anyone connected to the network can get easily.
It seems like this guy stumbled upon a similar feature.
Yes, this stuff should be better protected, but it's not necessarily a vulnerability. For example, you can log into your router this way and use iptables to add some custom firewall rules that the web admin interface doesn't support. The main hole here is A) Most people don't know it's even there, and B) The default username/password is the same for every router by default. You do need to be on the LAN side to send the magic packet in the first place.
If many of the problems have been solved, why do the pictures in the gallery look like burry 2D with dim output in a dark room?
Particularly relevant high-level from the PDF:
In a nutshell, the key extraction attack relies on crafting chosen ciphertexts that cause numerical
cancellations deep inside GnuPG’s modular exponentiation algorithm. This causes the special value
zero to appear frequently in the innermost loop of the algorithm, where it affects control flow. A single
iteration of that loop is much too fast for direct acoustic observation, but the effect is repeated and
amplified over many thousands of iterations, resulting in a gross leakage effect that is discernible in the
acoustic spectrum over hundreds of milliseconds.
.. this story or a slight variant gets reposted to Slashdot in one form or another.
As someone who has previously written outwardly facing articles on complex technology, I have to give props to "Monty" and Jean-Marc Valin for TFA. It takes a lot of skill to communicate good information about some very complex topics in a short amount of space, and they pull it off pretty well. I think it really helps sell the product and keep your enthusiasts more engaged when you can see how much work and thoughtfulness has gone into the guts of it - work that is often unseen, hidden within a dev team, or buried throughout a mailing list somewhere.
When you pay for discrete graphics you're usually making purchase decisions based on performance/$. When the reviews all say you'll achieve a certain trade-off, but with the retail product you don't, then the market has been deceived - perhaps you would have been better off buying something else.
No comment as to what's actually going on in this case, if anything, since I haven't been following it...
When Winamp first appeared it was one of the first mass market players to handle MP3 playback at a time shortly after the FHG encoder began to be distributed and competitors like XING, LAME, etc. were just starting to appear. Hard drive storage capacities were still tight - you wouldn't want to fill your disk with CD quality WAV files, but people could store many albums with MP3s without resorting to burning CDs. Napster/gnutella/Frostwire/etc. would come along soon after and transform the way teenagers of the period acquired music. Later, subscription services etc. would be born.
Winamp may not have been around throughout the _entire_ decade, but towards the end of the decade your average joe was getting online, and Winamp was there leading the way for digital music formats that are still popular well over a decade later. Times move fast in computing, but there are probably not many Windows users here who haven't popped open Winamp at some point, cranked up their speakers, and popped open the visualizer.
... for taking a great product with a large and growing user base and a lot of potential, then going virtually nowhere with it for year after year after year, until the only thing left to do was to kill it.
R.I.P. Winamp, you helped define the 90s and let the way for compressed digital formats.
Let's hope all the specialist plugins for all the legacy/specialist file formats that have been created over the years find a good home with ongoing support.
It's a wonder that so many people are using the built-in set top boxes in their so-called smart TVs.
The user interfaces are invariably shit (especially so for any software designed in the far East).
What the hell are you talking about? DLNA is not a mass market application in the same sense that TVs are a mass market application - the vast majority of people own a TV, the vast majority of people have never used DLNA and probably don't even know what it is.
I own an LG SmartTV. It's YouTube UI is not great, but what is great is that it works, I can view trending videos, and I can fully remote control it from my smartphone with an easy pairing process, and that does have a decent UI. Netflix's UI is fine, and the TV displays video in HD. I can plug in an external hard drive or thumb drive and play most popular formats with no problem through a simple file browser.
Not everyone wants to spend hundreds of bucks on add-on devices, or pay the power bill to keep a desktop system running all the time as a media server, etc. etc.
And all of this aside, the correct response to "Should LG be spying on its customers like this?" is not "I don't know why people use this anyway". The correct response is "No".
That security is going to last as long as it takes to find one exploit against an endpoint that can be used to pull the key out of memory one time.
No. 2M people bought a pi. Apparently it was good enough for them.
Many people won't care what the CPU is. I thought about getting one and I know I don't care. It's cheap and flexible, has decent enough interfaces, has a huge community, and many people who will be coding on it will be writing Python anyway. I had a problem in mind and needed a small programmable device to solve it. I think many people will approach the pi this way rather than from a spec sheet perspective. I.e. "what can I do with this" vs. "what's it made from".
As long as the versions on the Play store are identical to the audited version and you don't update until the updates are audited either..
I wouldn't consider comparing a manually written routine to what GCC outputs cheating. If you have an optimizing compiler available to you, why not learn its tricks so that you can write better code yourself?
"We have an Accountability Office?? How much does THAT cost??"
I just want you guys to know that as a developer I have been debugging what I believe to be the side effects resulting from these changes all week. It's not just "mouse co-ordinates" that are affected, you have some very common APIs scaling window co-ordinates in totally unexpected and inconsistent ways now. You have totally broken certain application behaviors, and only in 8.1, and while I found a workaround for my use case I can also see that the workaround I'm using will break more things for others.
Next time you ask yourselves, "should we make these APIs suddenly behave differently than in all older versions of the OS?" there should be a very, very high barrier to saying yes, especially for a service pack release.
everyone will have to buy.
Nobody has to buy any version.
.. the history aside, a far bigger, immediate and very real problem is that the vast majority of people don't even understand why they ought to care more about secrecy, partly because they are either unaware of where their communications are being intercepted, by whom, and then even more complex, how the data can and is being analyzed today and for what purpose, and even when it isn't being analyzed today for purposes that may concern them, the permanency of that data and the possibility of tomorrows uses.
We assume that because we as technically minded people can grasp the possibilities, others can too. I think that's very much not the case.
PDF link, published earlier this year, shows how many manufacturers use a stack with a UPnP vuln that gives root, even from the WAN side:
http://www.defensecode.com/public/DefenseCode_Broadcom_Security_Advisory.pdf
Point is, you probably weren't as safe as you thought you were, even before this new disclosure.
I think a huge problem with consumer-grade wifi routers today is that as manufacturers race to support new models with new wifi standards and new competitive feature sets, older models quickly become abandonware. There's very little guarantee around firmware updates for critical vulnerabilities, and end users are mostly oblivious to being at risk. By the time you pick up that $80 model from the store it's probably borderline EOL already.