back to article Millions of personal files exposed by insurance biz, serial web hacker strikes again, and more from infosec land

It's a bumper three-day weekend in the US and UK, so we won't keep you long. Here's a rapid summary of information security news from the past week beyond what El Reg has already covered. Baltimore ransomware misery deepens: The US city of Baltimore's government websites and online services remain offline, and its computer …

  1. redpawn
    Pint

    Have a nice weekend!

    Your skills will still be needed Tuesday.

    1. ecofeco Silver badge

      Re: Have a nice weekend!

      Oh? I have yet to see companies spend real money on security.

      More like someone is getting sacked.

  2. Chozo

    Baltimore wierdness

    Baltimore city hall, the mayor's homes and her attorney were raided by the FBI & IRS in April this year as part of an investigation into what can be best described as creative accounting and now much of the evidence and email correspondance has been scrambled by ransomware.. Just seems a bit hinky

    1. Doctor Syntax Silver badge

      Re: Baltimore wierdness

      An alternative view: If the raiders did their job right they should be able to provide a backup for the scrambled data.

      1. Anonymous Coward
        Anonymous Coward

        Re: Baltimore wierdness

        Actually, the ransomware folks should switch their offer from 'buy the password from us' to 'pay us to burn the password'.

    2. Anonymous Coward
      Anonymous Coward

      Re: Baltimore wierdness

      The New York Times did a scathing article about the NSA and their exploited exploits that have caused havoc the world over:

      https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-baltimore.html

  3. Starace

    Canva

    139 million users? REALLY??!!

  4. Anonymous Coward
    Anonymous Coward

    Huawei

    DO IBM still issue Huawei phones to staff?

    1. macjules

      Re: Huawei

      No, iPhone SE phones.

  5. Anonymous Coward
    Anonymous Coward

    Secret rock

    My data is scribbled under rocks hidden in the woods.

    1. ecofeco Silver badge

      Re: Secret rock

      Sorry, but your data is being hacked by the fairies.

      1. Kiwi
        Coat

        Re: Secret rock

        Sorry, but your data is being hacked by the fairies.

        So you're saying fairies are getting his rocks off? Or just the data off them?

  6. Anonymous Coward
    Anonymous Coward

    Huawei spying

    I'm not taking their side, but has anyone seen any actual evidence of their embedded spying or backdoors? It's notable by its absence.

    By way of definitions, I mean for example a hard coded URL or IP address traced to a suspicious server in China, and combined with Wireshark traffic logs of significant and suspicious outbound data that are something other than harmless checks about firmware updates.

    You'd think that somebody would have documented some specific details by now. Firmware dumps, Wireshark logs.

    Merely curious...

    1. Anonymous Coward
      Anonymous Coward

      Re: Huawei spying

      Trump had to accuse them of spying so he could do his usual SOP (threaten, bully, attack, force compliance) by executive order.

      "Because I'm a total jerk" is not grounds for overriding the House and the Senate. Yet.

    2. NonSSL-Login
      Holmes

      Re: Huawei spying

      Previously the stated concern was backdoors were being made at the chipset level rather than the software level, which would be much hard to find or prove.

      All seems total bollocks though and until we see some solid evidence, will treat the claims as such. All the time we continue to find intentional or not backdoors in US products, such as Cisco hard coded credentials, SSH keys etc or Intels various weird patents for ways that allow executing code beyond ring 0 which seem to only have uses as a backdoor.

      Lots of backdoors which could have plausible deniability but are actually there and reported on, compared to not many Huawei bugs like that in comparison.

      Give me a Huawei phone without Broadcom radio and with Kaspersky AV on any day over the US alternatives!

    3. Anonymous Coward
      Anonymous Coward

      Re: Huawei spying

      “I'm not taking their side, but has anyone seen any actual evidence of their embedded spying or backdoors? It's notable by its absence”

      The only issues I’ve seen or read about for Huawei are typical across all vendors:

      - consumer kit has had admin vulnerabilities. This is largely down to being developed cheaply and is a wide spread issue across CPE devices that don’t get patched. Ie it’s not Huawei-specific and the manufacturers doing a good job on this are generally 5-10x more expensive

      - the use of old libraries leading to security issues. Again, not vendor specific

      - weak control channel security. This is usually a customer requirement (ie management tools need SNMPv2/HTTP/telnet although SNMPv3/HTTPS/SSH is supported by the equipment)

      The closest Huawei gets to embedded spying in equipment is publicly available documents is having a US-developed hacking kit for older firewalls. Outside of equipment, Huawei staff have been accused of spying, but the cases are generally treated by expelling Huawei employees rather than making the details known.

      I would suggest that you could put a Huawei product and products from two western competitors on a test network with IDS monitoring attempts to access resources outside the network and wireshark catching all communications and you would see nothing suspicious even attempting to leave the network if it was setup correctly. And with minor configuration changes you could see very suspicious traffic (ie dump syslog traffic to a public IP in China) But neither of those would indicate one way or the other whether there were attempts at spying.

      The reality is that all kit from all vendors could be a low level firmware update away from embedding vulnerabilities even after a code review. A simple example would be using known weak keys for TLS if firmware X was installed.

      TL;DR: you are dependent on a third party not spying on you or you catching them before harm is done regardless of the vendor. And that threat continues to evolve over time as situations change.

  7. Kiwi
    Facepalm

    Inneresting Conflict...

    It's interesting reading this lot.

    Most of the linked stories are about data leaks, security SNAFUs and the like. Private and corporate data being taken by miscreants or being available to incompetence or mistakes.

    And yet the list is led by one on Huawei, a firm accused of letting PRC "spy" but not one shred of evidence. Why would the PRC (or any gubbermint) need to spy on us when all they have to do is follow the leaks?

    (NOT a Huawei fan/user either BTW, but there is a better than average chance I'll own one of their phones or some of their networking kit in the foreseeable future)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022