[News] Quantum Cryptography Compromised

Nature.com posted an article describing that a hacking team around Vadim Makarov at the Norwegian University of Science and Technology in Trondheim have now cracked two commercial quantum cryptographic systems.Vadim Makarov said

Our hack gave 100% knowledge of the key, with zero disturbance to the system (..)

The Norwegian team attacked one system by ID Quantique (IDQ) based in Switzerland and another one by MagiQ Technologies from the U.S. It took two months to develop an unnoticable hack.

The Theory behind

Usually in cryptography the sender of a message is called “Alice”, the receiver is called “Bob”, and and evesdropper is named “Eve”. In quantum cryptography the message is consisting of photons. And according to the theory of quantum cryptography an evesdropper “Eve” trying to apply a man-in-the-middle attack leaves disturbances on the properties of the photons, sent by “Alice”, thus corrupting the message. But a corrupted message is easily detected by comparing parts of the message.

In Makarov and colleagues’ hack, Eve gets round this constraint by ‘blinding’ Bob’s detector — shining a continuous, 1-milliwatt laser at it. While Bob’s detector is thus disabled, Eve can then intercept Alice’s signal.
(..) That means that every time Eve intercepts a bit value of 1 from Alice, she can send a bright pulse to Bob, so that he also receives the correct signal, and is entirely unaware that his detector has been sabotaged. There is no mismatch between Eve and Bob’s readings because Eve sends Bob a classical signal, not a quantum one. As quantum cryptographic rules no longer apply, no alarm bells are triggered, says Makarov.

“We have exploited a purely technological loophole that turns a quantum cryptographic system into a classical system, without anyone noticing,” says Makarov.

Enjoy the whole article on Nature.com

[PS3] Sony Australia Vs. PS Jailbreak Suppliers

Sony Australia somehow managed to get court orders for a temporary injunction against australian based modchip sellers like OZModChips, ModSupplier and Quantronics. Until today (Aug 31st, 2010) none of the modchip sellers is allowed to sell any PS Jailbreak device they rather have to give up the whole stock that they get until today.

Well this doesn’t come unexpected as modchip sellers in Europe have had the same legal battles a couple of years ago.

We don’t believe Sony will win in the end. Their strategy can only be delaying the inevitable. As a matter of fact, the PS3 has eventually been broken, the PS Jailbreak device samples have already been fully reverse engineered by a couple of chinese manufacturers and also by other teams.

A free open source solution is most likely to be released sooner or later.

[PS3] Hacking the Hackers: PS Jailbreak Reverse Engineered

German Gamefreax claim to have reverse engineered a testing PSJailbreak device. They say this exploit is based on emulating of a USB hub which gets virtual devices attached and unattached at certain points during the boot process.

Among those emulated devices there is also one that uses the ID of Sony’s JIG module. Anyway Gamefreax claim this hack is based on a self developed exploit. Dumped files that might support this claim are not available at this moment…

Picture snippet of USB Stream is courtesy of Gamefreax.de

[Privacy] International VPN Provider Searched by Authorities in Germany

Perfect Privacy reports today, that a member of the staff of the well known international VPN provider Perfect Privacy has been police searched last friday (August 20th).

H-Security writes:

The search warrant was reportedly issued on suspicion that unknown perpetrators may have routed potentially criminal communications via the servers in the German city of Erfurt.

Perfect Privacy writes:

The servers have so far not been confiscated. We decided, however, to disable all services (OpenVPN, PPTP VPN, L2TP/IPSec VPN, SOCKS5, SQUID) in Erfurt temporarily in order to give those of our members, who have elevated security needs, time to read this announcement and to evaluate the risks. It is not known to us whether the authorities initiated measures such as telecommunication monitoring in Erfurt. (..)

It is not known (..) whether the authorities initiated measures such as telecommunication monitoring in Erfurt.

Users with security concerns better do not connect via Erfurt at the moment.

[PS3] PS Jailbreak and Clones To Be Released

Media have widely reported about the latest steps in hacking the Playstation 3 console. Obviously that tiny PS Jailbreak USB Dongle turns a consumer PS3 into a debug PS3, thus allowing to run games from the internal or from an attached USB harddrive. The price is said to be around 160US$. For legal reasons here in Germany we can’t like to PS Jailbreak supplyers.

Now PS3Hax.net reports that using PS Jailbreak on Sony’s Playstation Network is very likely to result in being banned:

According to SKFUand RichDevX, the Backup manager game ID (LAUN-12345) could be logged/recorded by Sony when logged into PSN (when online). This would obviously allow Sony to see who would be using the illegal PSjb/clone and we could very well see ban waves similar to the Xbox 360. Sony does currently ban PSN/consoles that results in the 8002A227 error code.

Redmondpie.com reports that latest rumors indicate that there are also chinese clones of the PS3 Jailbreak called X3Jailbreak on their way, priced at 40$.

It seems like the PS3 hacking as a business model is out of date even before it started. We suspect it it won’t take long until a free open source solution will be available on the net aswell…

[Pre] Palm Testing Final Version Of Adobe Flash 10.1

Adobe.com today announced, that Adobe Flash 10.1 for mobile devices has been released to mobile platform partners:

Flash Player 10.1 was also released to mobile platform partners to be supported on devices based on Android, BlackBerry, webOS, future versions of Windows® Phone, LiMo, MeeGo and Symbian OS, and is expected to be made available via over-the-air downloads and to be pre-installed on smart phones, tablets and other devices in the coming months.

Palm/HP: keep testing Flash, your userbase is keen on finding Flash on the App Catalog soon.

[Muzaq] In Memoriam Alberto Adriano

Ten years ago, on June 14th, 2000 Alberto Adriano died from an attack of rightist extremists in the german city Dessau. Adriano was originally a contract worker from Mozambique who came to the German Democratic Republic in 1980. At the time of his death he had three children in the age between 5 months and 8 years.

The three rightist extremists told the police they did it because they hated foreigners. According to a BBC article Adriano’s wife said “They stamped on his head so hard they knocked out an eye.”

For the first time in german history a Chancellor chose to pay his respects immediately. Mr Schröder went to the simple shrine which then marked the murder scene. He approached slowly and sober, before placing the wreath.

The three rightist extremists were convicted of beating Adriano to death and were handed down tough prison sentences. The oldest man at that time was 24. He was sentenced to the maximum of life in prison. The two 16 year olds were given 9 years each, so they would have been released at latest in 2009.

The afro-german music combo Brothers Keepers recorded a title called “Adriano” afterwards.

» Wikipedia.de: Alberto Adriano (Google translated)…
» BBC News: Race hate in Germany
» Encyclopedia.com: Three Neo-Nazis Convicted In Brutal Killing Of African Immigrant
» Wikipedia.org: Brothers Keepers

[MacOS] Paragon Updates NTFS Driver for Mac OS

The german Paragon Software Group has just released their Windows NT file system driver “NTFS for Mac OS X 8.0”. According to Paragon this driver is the only driver on the market that allows to read and write to NTFS drives with the same speed as native HFS+ drives.

In contrast to Tuxera’s “NTFS for Mac” solution Paragon’s “NTFS for Mac OS X 8.0” also supports 64bit kernel installations of Snow Leopard.

A free 10 days trial version is available thru their website. The full retail version costs about US$ 39.95 or €29.95.