Tag Archives: Security

[MacOS] Pace iLok Dongle Compromised

A worldwide team of crackers managed to generally attack the Pace iLok dongle security system. An automized unwrapper for protected applications has surfaced on the net. The unwrapper is compatible to MacOS X 10.6 (Slow Neopard) and works for the Intel based part of universal binaries only.

The Pace iLok dongle is mainly used by music applications and music plugins. As this market is a little one, the impact of the generic unwrapper is not predictable at the moment. Anyway we suppose, that producers and studios – hopefully – do use legally licensed software and that this unwrapper is used for try before buy possibilities. Marketpenetration comes with confirmed habit of users.

Although some iLok protected applications are offered as trial, forum users say trial times are much too short and having to register a Pace iLok account is considered to not be comfortable for the average user.

Anyway, forum reports indicate that many developers using the Pace iLok dongle have applied additional custom protection layers, which render the Pace iLok unwrapper not useful at least for the average John Doe. It is expected that iLok will very soon add new encryption layers for improved security.

[Privacy] International VPN Provider Searched by Authorities in Germany

Perfect Privacy reports today, that a member of the staff of the well known international VPN provider Perfect Privacy has been police searched last friday (August 20th).

H-Security writes:

The search warrant was reportedly issued on suspicion that unknown perpetrators may have routed potentially criminal communications via the servers in the German city of Erfurt.

Perfect Privacy writes:

The servers have so far not been confiscated. We decided, however, to disable all services (OpenVPN, PPTP VPN, L2TP/IPSec VPN, SOCKS5, SQUID) in Erfurt temporarily in order to give those of our members, who have elevated security needs, time to read this announcement and to evaluate the risks. It is not known to us whether the authorities initiated measures such as telecommunication monitoring in Erfurt. (..)

It is not known (..) whether the authorities initiated measures such as telecommunication monitoring in Erfurt.

Users with security concerns better do not connect via Erfurt at the moment.

[Pre] WebOS Vulnerable To Several Attacks

Researchers from Intrepidus Group said in an advisory published on Friday last week that Palm’s WebOS operating system is subject to web application vulnerabilities.

These bugs can all be traced back to that fact that WebOS is essentially a web browser and the applications are written in JavaScript and HTML.

The bugs and vulnerabilites released are for WebOS 1.3.5. Palm has fixed all of them in WebOS 1.4. Anyway the Intrepidus Group said there are still undisclosed bugs in WebOS 1.4.

Via Intrepidus Group

[PS3] Sony To Remove Linux Support for PS3

According to Sony’s Blog, the upcoming Playstation 3 firmware update 3.21 will cease to support the “Other OS” option. It will be released on April 1st, 2010.

Sony says disabling Linux comes from security concerns. This is an immediate result from the efforts of GeoHot’s attack on Sony’s hypervisor protection and the release of XorLoser’s PS3 Exploit Toolkit.

Consumers and organizations that currently use the “Other OS” feature can choose not to upgrade their PS3 systems, although the following features will no longer be available;

  • Ability to sign in to PlayStation Network and use network features that require signing in to PlayStation Network, such as online features of PS3 games and chat
  • Playback of PS3 software titles or Blu-ray Disc videos that require PS3 system software version 3.21 or later
  • Playback of copyright-protected videos that are stored on a media server (when DTCP-IP is enabled under Settings)
  • Use of new features and improvements that are available on PS3 system software 3.21 or later

For those PS3 users who are currently using the “Other OS” feature but choose to install the system software update, to avoid data loss they first need to back-up any data stored within the hard drive partition used by the “Other OS,” as they will not be able to access that data following the update.

Find Sony’s blog entry here

[Security] Tarnovsky Explains Infineon TPM Hack

On the Black Hat 2010 conference in Crystal City notorious smart card hacker Christopher Tarnovsky explained how he managed to hack current Trusted Platform Modules by Infineon.

This time Tarnovsky managed to read secured data from TPM chips like RSA and DES crypto keys. His approach took six months and a lab consisting of devices for about US$ 200,000. After having found out the exacty way to compromise Infineon’s chips it took only six hours to compromise an XBox 360’s TPM chip.

On the Black Hat 2008 in Amsterdam Tarnovsky said he was offered US$ 100,000 to crack the Xbox 360’s TPM:

A Microsoft engineer is wondering: “Did you take an interest in the processor of our Xbox360 game console?” – “I was offered 100’000 dollars to break it”, says Tarnovsky. “But I replied that that wasn’t enough.”

For people generally interested in approaching smart card security check this article with a video Wired.com featuring Tarnovsky in his security lab.

[iPhone] Virus Worm Spreading on Jailbroken iPhones

Apple must be pleased about this news. They haven’t become tired in telling the people that jailbreaking the iPhone seriously compromises user security.

And now a worm developed by Ashley Towns from down under is nothing else but attacking jailbroken iPhones whose Secure Shell has not been disabled or where the default root password (“alpine”) is in place.

Luckily the first version of the worm was almost imperfect as it just changed the background wallpaper to a photograph of Rock Astley – yes rickrolled again. Anyway ITBusinessEdge now reports that a second version of the worm has been seen in the wild. This new version of the worm gives no indication that it has successfully compromised your jesus phone. Beware guys.

Now, will we get virus scanners for our jailbroken iPhones? Will it be necessary to run firewalls?

It seems like irony, but it seriously looks like that all the probs Microsoft’s operating systems have had for years with viruses and worms – just because Windows is the most widespread desktop operating system – are now coming to the iPhone.

via IT BusinessEdge.com

[iPhone] Jailbreak for iPhone 3Gs on the Way?

GeoHot posted a picture showing that he managed to run custom commands on iBoot. This seems to be the first major step for a jailbreak. Moreover GeoHot also managed to find the key for the Ramdisk while MuscleNerd of the iPhoneDevTeam obviously has already found the vfdecrypt key.

All this is good news. Anyway aswell as GeoHot and the DevTeam will have lots of work to do. Don’t expect anything soon, since GeoHot also found a new security addition called ECID, which obviously gets generated by Apple’s servers and which seems to be unique to every iPhone. Every restore seems to have to be validated by Apple’s servers. And this is bad news.

» Running custom commands on iBoot
» Ramdisk key found
» ECID signature layer found

[MultiPlatform] TrueCrypt 6.1 Released

The open source encryption program TrueCrypt 6.1 has been released. It now features:

  • Encrypt a non-system partion without losing existing data (Windows)
  • Support for security tokens and smart cards
  • TrueCrypt bootloader can be configured to not show texts
  • Encrypted Windows system partitions can now be mounted by Linux or MacOS X

» Download TrueCrypt 6.1 here

[AppleTV] AppleTV gets safer… who cares?

incomplete Tales

It is commonly known that Apple’s products don’t belong to the safest products in the computer industry. For quite some time now: Botnet builders are using the well known zombie technique to gain control over AppleTV to use it in botnets. This is due to AppleTV’s large market share (of about 0,5%)… Yes…

This is how these Botnet builders do it:

  1. they walk into stores and buy newly released blurays like “I am Legend”
  2. they illegally decrypt it
  3. convert it to x264 for better compatibility as eMail-attachments (we all know: many providers only allow 10GB per attachment)
  4. then they modify the x264 headers to include buffer overflows adjusted to work on AppleTV only.

For several years now bad guys were sending prepared x264 movies as email-attachments. But now the time is up. Apple released a security update for AppleTV, that prevents buffer overflows. All our AppleTVs will from now on be safe from bad botnetters…

The truth behind it

Ok, you got us here. Besides from kidding: there is no need for this update. The only reason in our opinion is: they wanna stop people using AppleTV for more than the allowed things. There are no buffer overflows that we are aware that are being used by botnetters currently. Since AppleTV’s market share is so low, this wouldn’t even make any sense from an economical point of view for the botnetters.