Re: Let me guess
Yes. By an unauthorised actor. And probably affecting a limited number of their clients. So, no way to prevent it. Move on, nothing to see here.
404 posts • joined 9 Nov 2007
Not sure what the "facepalm" is about.
The behavior of the targeted sysadmin? I see no mention in the article that (s)he actually fell for the trap.
The fact that they (the authors, apparently APT38) sent out such badly disguised attacks? Normal procdure. Send that to 1000 people (whether IT security "professionals" or not), and you will definitely get a non-zero number of people falling for it.
Not exactly a backdoor. More like a fake lock on your front door, because you can never remember to take your keys, and temporarily replacing it with a real lock when the insurance guy visits.
Looks like their software has problems doing its job when the dirver is working in a secure fashion, and they have to resolve to insecure memory allocation to work around the issues.
If you look at the forum, the issue had been marked as "Resolved" as soon as Vodafone came around with a message that a fix is in the making.
Also, I don't see the word "sorry" or "apologies" anywhere in their response. Only "... to get you all connected to what you love again". As if the fix for bricking the phones was a "feature."
What a nice, modern approach on customer service...
Alternatively they could mandate the companies provided free and more importantly with the product an adaptor. You would be amazed at how quick they would change "special" designs to avoid any extra production costs...
Well, in a way that's already happening. At least with Apple phones, you get a USB Type-A charger and a USB Type-A to Lightning cable.
So the cable is the adaptor already. I supect that with moste phones today, you get a charger like that and the matching cable (whether it has USC-C, Lightning or Micro-USB on the other end.) Forcing the phone makers to switch to an actual, additional adaptor just to make the cable "universal" would be silly in my opinion.
Economic and vanity issues aside, I've been wondering what a mandatory, unified "charger" port would mean would mean for the future. Regardless of how that actual standard would be defined (use the one which is used most today; or specify one standard explicitly), it would basically outlaw any other port type. Imagine if this had happened in 1999, then our phones would probably have had USB Type-B connectors then, and since no other standard could be sold (at least in the EU), we would probably still use that today.
Or would our phones have two connectors now, one up-to-date (USB-C or Lightning), and the other, outdated one for "legal" reasons?
It looks a bit like those trying to solve this "problem" fail to understand that the "charging" port of a modern phone is much more than that.
OK, so what's the takeaway from this finding? Is it that system-provided encryption is good enough that it is useful for the bad guys, too? Kind of obvious for me.
I don't think that any "anti-ransomware" can ever be effective by controlling if/which encryption functions are used. If you got a process running on your machine that you don't want, you're compromised. Trying to control whether that process uses specific functions/techniques is kind of missing the point. At this point, your best anti-ransomware is probably that offline backup that you made last week.
Probably around the same time as this tale occurred, a friend of mine got a copy of ResEdit into his paws and was thrilled to find out that you could alter all kinds of menus and alerts both in applications and the OS on the Macs of the newspaper he worked for. So the most logical thing was to spend multiple hours to work through all resource forks he could find and replace the work "file" with "cookie", and "folder" with "bone."
At that time, data between the machines was mostly exchanged by floppy (well, rather "stiffy") disks. I still don't know how it happened, but soon after, the madness spread to other machines, more and more eventually asking stuff like "Are you sure you want to copy this cookie into this bone?" Took a lot of effort to clean that up, but it was really funny. Especially seeing him try to explain that to the boss...
If the stuff is really IP-based, it's probably the app developrs who take up the support, not Apple in its role as OS vendor. If they don't support it, it won't be deeply integrated in iOS (read: Siri etc.), but it should be trivial for third-party apps to support and maybe integrate it.
Because D-Link is not providing updates to the devices listed above, it is important to replace any affected device with one that is currently supported by the vendor.
Slight correction: "... it is important to replace D-Link on your list of suppliers with a company that actually takes security seriously."
It's not exactly news that with most "class action" settlelemnts, the people actually harmed get little or no recompensastion at all.
But this is taking the whole thing to a new level: The FTC allows the defendant to install arbitrary hurdles for any claimant, including bullying those who have suffered damage by that firm to buy even more of their services.
"Nice credit rating you have, there. Would be a shame if something happened to it..."
Effectively, a US federal agency is siding with the perpetrator, to keep the financial damage (to Equifax) as small as possible.
That level of corruption is amazing, even when you take the current government into account.
"MoviePass leaked tens of thousands of customer account details, including payment cards numbers and mistyped passwords, via a poorly secured public-facing database [...]. The system has since been secured."
I don't think they have secured their systems. They may have closed the public-access hole, but if they indeed store mistyped passwords, that's just one step less horrible than storing unhashed actual passwords. Unless they hire someone with actual security skills, "securing" their system is a hopeless endeavour.
You mentioned that you're using 1Password for your passwords. Honest question, what is your motivation for using this vs. the built-in Keychain Access app? I've seen a few people using 1Password so far, but none of them could explain to me why they chose it over the built-in solution.
In any case, I would keep the laptop associated with your Apple ID. If you remove it, you lose the chance of finding it through Find my Mac should it ever connect to the net before it is being wiped.
As I understand this, somebody (Monaco Telecom? Or is it just hosted with them?) has allegedly created a clone of this guy's website, pilfered the images, added some SEO, and Google is indexing (and showing search results for) that cloned website. So Google cached the (allegedly stolen) images from the clone.
So suing Google for this is a bit far-fetched IMHO... either he is going for the low-hanging fruit (why isn't he suing Bing?), or he doesn't understand how search engines work. So much for "Azure Consultant"...
A long time ago a coworker managed to put a DAT cartridge backwards into the tape drive of our RS/6000 system (don't ask me how. But it wouldn't come out again.) Since these drives were painfully expensive at the time (although being just regular DAT drives, but apparently with custom firmware) I didn't dare the old "yank, then yank a little harder" technique and had to disassemble the drive. Took me hours, but saved us a four-digit amount and got me a case of beer from said coworker :)
Plus, it gave me an opportunity to remove the solid block of dust that occupied all the free space inside the RS/6000 – at first I thought it was some kind of insulation. A miracle that the machine had not overheated (or spontaneously combusted.)
"What isn't being said is why he got flagged in the first place."
No. Because nobody but the CBP agents know. But what they grilled him about is probably a clue.
Ask Jacob Appelbaum about this. He has a few stories like this one to tell.
"I used to do a bit of globe trotting and never got flagged."
Congrats. And that means... what? That it's probably his own fault?
Isn't having an obviously clean and pre-prepared phone or laptop just used as an indication of trying to hide something?
Yes it is. I have seen cases where people get grilled on why they have only a few contacts in their phone address book, why there is no Facebook app on the phone, and whether they have anything to hide. (Other countries immigrations officers do that too, though. For example Australia.) Don't bring a phone at all? Highly suspect.
The idea of using a "burner" phone or laptop may not be really working any more. Avoiding the country altogether sounds more and more like the only reasonable recourse. What a sad world.
Hearing that MySpace appears to be still a thing (in the same way that AOL email is still a thing, apparently) I went over there to see what they're doing now, and found that today they're doing...
... exactly nothing. "Sorry, we're just experiencing some technical difficulties right now. Nothing major. Our developers are working on it and Myspace will be back up very soon."
Maybe they found the backup CD-ROMs and are restoring the lost files now?
From a technical point of view, I don't understand the (claimed) attack vector.
"... automatically launched iTunes when connected to a USB cable, prompting synchronization and Windows updates on the host PC, which apparently allowed the takeover of the connected computer."
What does the (automatic) launching of iTunes have to do with "prompting [...] Windows updates", and how does that create/activate a vulnerability?
Of course the iPhone could have malware that attempts to take over the Windows PC it is connected to, but this doesn't sound like what is described here...
"On one hand, Facebook can and should be able to protect its employees from any threat of harm."
No. It should not. Since when should Facebook take over law enforcement duties? So in order to "protect their employees", they do what even police wouldn't be allowed to do - they track and monitor people 24/7 without their knowledge...?
If someone is threatening Facebook employees, they should refer that case to the police instead of taking the law into their own hands and using illegal actions against these so-called "threats."
The items are aimed at outdoorsy types that might come unstuck on a mountain somewhere and need something to chow down on while awaiting rescue rather than for citizens enduring food shortages.
Just assuming that this is a clever marketing campaign to target the many adventure-loving North Korean folks who love nothing more than taking their SUV for a quick weekend trip to their luxurious mountain cabins for some free-climbing fun and maybe some heli skiing...
OK, so you're stuck somewhere up on a North Korean mountain for an extended period (maybe your snow mobile broke down, and as usual the heli taxi needs forever to pick you up), such that starvation might become a factor. Outside temp around freezing point. What do you do? Eat your shirt and freeze to death?
So far there has been zero mention of how he got his hands on all that data. I can't believe that he actually did all of the actual hacks himself.
My guess is that he got all that data from multiple (probably more or less publicly accessible) dumps and just dumped them in a somewhat organized way.
Stuff you want to use again is kept in the recycle bin, that's why it's called "recycle"
A long time ago (not too much later than Sam's story) I was doing routine maintenance on a Mac for an office worker of the company I was working for... and that included emptying the trash can (as the Recycle Bin is called in Mac OS). Cue some serious berating about how I dare empty the trash – she was "keeping important files in there"...
Sounds funny, but apparently some people have trouble understanding what the word "trash" means, and still get beyond flipping burgers in their professional carreer.
Biting the hand that feeds IT © 1998–2021