Like most people in Ireland I listened to the story of how the Irish Blood Transfusion Service (IBTS) had a laptop stolen in New York with the details of 171,000 blood donors on it, not least because, as a blood donor, there is a good chance some of my data is involved.
The IBTS has said that
The records were on a CD that was encrypted with a 256 bit encryption key. These records were transferred to a laptop and re-encrypted with an AES 256 bit encryption key. This represents one of the highest levels of security available and to our knowledge there is no record of a successful attack against this level of encryption.
Unfortunately, people who were relying on Apple’s FileVault, or Window’s Bitlocker encryption software to keep their data secure, were probably equally satisfied with that AES encryption until yesterday when a group from Princeton demonstrated how that encryption could be broken with a bit of liquid nitrogen!
The IBTS justified the fact that people’s personal information was in New York because the IBTS are updating their software and wanted to bring live data with them with which to test the new software. Why it didn’t occur to them to obfuscate the information which could identify people I really can’t understand. You can never rely on encryption alone.
James Galvin posted a couple of weeks ago about a recently published exploit which made hacking Eircom’s wireless routers trivial.
As Eircom are the largest provider of residential broadband in Ireland, this is potentially a big deal. As Joe Drumgoole commented at the time:
they have inadvertently created Ireland’s largest free WIFI network. Good man Eircom!
However, BT is now facing an even more serious issue on its wireless routers according to an article in the Register today. At least in Eircom’s case, the vulnerability only exposed the WEP key, allowing use of the wifi on the router.
In the case of the BT router, the Reg is reporting that
a remote attacker can quietly gain full administrator control over a device simply by social engineering a user into visiting a website. The exploit makes it possible to steal a user’s WPA key, listen in on VoIP calls, steal VoIP credentials or change DNS settings so users are silently redirected to fraudulent websites
This is a far more serious an issue then the Eircom one and the number of routers this affected is likely to be orders of magnitude greater.
The one saving grace is that the hack hasn’t been published in the wild, as was the case with Eircom. Yet.
The financial Times is reporting today that the Pentagon’s computers were hacked by the Chinese Military in June of this year!
If it is true then this is the first publicised attack on US computer systems by the Chinese Military since the Titan Rain attacks of 2003.
According to the article:
The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.
“The PLA has demonstrated the ability to conduct attacks that disable our system…and the ability in a conflict situation to re-enter and disrupt on a very large scale,†said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.
What with the Russian cyber attacks on Estonia earlier this year and now this Chinese attack on the US, cyber warfare seems to be becoming less science fiction and more science fact.
Update - more coverage of this story on Techmeme
I see on the Google Security Blog that Google have launched a Safe Browsing api. In other words, Google are making available its dynamic blacklist of phishing and malware sites so ISPs and web app coders can check against it.
This should help ensure unwitting users are notified before they browse to to unsafe sites and submit their confidential information.
Google are actively encouraging 3rd party participation -
Sign up for a key and let us know how we can make the API better. We fully expect to iterate on the design and improve the data behind the API, and we’ll be paying close attention to your feedback as we do that. We look forward to hearing your thoughts.
Great idea guys.
Not that we haven’t known that for some time but it was recently drilled home to me on my flight back from Madrid last week.
My son Enrique has asthma. He got quite bad with it earlier this year when we were in Spain and a Spanish doctor prescribed a cough suppressant called Expectu to help him sleep.
When I was in Madrid, my wife asked me to get another bottle of Expectu to bring home. So far, so good. Except, the bottles for sale in the pharmacies were 200ml and you can only bring bottles less than 100ml onto the plane (I only had hand luggage).
What did I do? I asked the pharmacist to decant the 200ml of Expectu into smaller bottles (in dreadfully pidgen Spanish!). He obliged and poured it into four 75ml bottles. I put these bottles into a clear plastic bag along with my deodorant and toothpaste fully expecting to be stopped at the airport.
Not a bit of it. Going through security, the guard took out one of the four bottles, checked the volume of it and, satisfied that it was less than 100ml, replaced it in the clear plastic bag!
Fantastic! For all you aspirant terrorists out there making liquid bombs - decant the bombs into small bottles if you want to get them onto the plane and you are sorted (oh, and just in case you thought I was serious, here’s why you should save yourself the trouble of trying to make a liquid bomb)!
WordPress was updated to 2.1.2 overnight after it was found that one of their download servers was compromised and malicious code introduced into version 2.1.1 to include code that would allow for remote PHP execution!
From the WordPress site:
What You Can Do to Help
If your blog is running 2.1.1, please upgrade immediately and do a full overwrite of your old files, especially those in wp-includes. Check out your friends blogs and if any of them are running 2.1.1 drop them a note and, if you can, pitch in and help them with the upgrade.
If you are a web host or network administrator, block access to “theme.php†and “feed.phpâ€, and any query string with “ix=†or “iz=†in it. If you’re a customer at a web host, you may want to send them a note to let them know about this release and the above information.
This only affects you if you are hosting your own copy of WordPress and it is version 2.1.1. If you are on any other version or are on WordPress.com then you can safely ignore this.
Latest Comments
RSSPol, Lukworth Links! | Patrick James, Lukworth Links! | Patrick James, Andrea Vascellari
Josh, MO, MO, Rippy, James, Tom in Chicago, Mike, Mike, Steve Rovetti, ayax [...]
Herber, Maureen, Paul M. Watson, Radar Detectors, Paul M. Watson, John Butler, Jen, danger, Colm Doyle
RUG, Javi, Brian M, 127.0.0.1, steve clayton, Tom Raftery, Russell, Tom Raftery, Tom Raftery, des [...]
ProAc, Janni, bibi, Dave, Tom Raftery, Dave
Doing Business In India » Blog Archive » Business Blogging, Vivek P, Tom Raftery, Antoin O Lachtnain, Krishna De, IT Architect, Colm Ryan