So many reasons to never buy a D-Link router

October 03, 2016 by lance in Stupidity, vulnerability

D Link Logo Blue strap edited If you care at all about security and privacy, a recent security analysis of the D-Link DWR-932 B LTE router will make your head explode.

Researcher Pierre Kim found an amazing set of security vulnerabilities that should embarrass a first year developer.

First, by default you and SSH and Telnet (yes Telnet!) into the router using the root or admin accounts. These accounts have preset passwords of “admin” and “1234” respectively. People, you should never set up fixed accounts like this, and if you do don’t use trivial passwords!

Of course it gets worse. There is also a backdoor on the routers. If you send “HELODBG” to port 39889 it will start a telnet demon which provides access to root without any authentication at all. My head is starting to look like the guys at the end of Raiders of the Lost Ark.

Just for fun they have a fixed PIN number for WiFi Protected Setup, many vulnerabilities in the HTTP daemon, major weakness in their over the air firmware updating, and anyone on the LAN can also create any port forwarding rule on the router for any port.

It is amazing that one product could have such a comprehensive set of catastrophic security failures. It certainly begs the question of how well they secure any of their other products.

China requiring back doors in banking software

February 01, 2015 by lance in China

Asian woman at computer

"HONG KONG — The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of dollars’ worth of business in China."

New Rules in China Upset Western Tech Companies - NYTimes.com

Previous blog posts on China censorship:

China celebrates 25th anniversary of Tiananmen with censorship. - The Privacy Blog The Privacy Blog

China launches MITM attack on GitHub - The Privacy Blog The Privacy Blog

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

How to protect your Mac from Rootpipe

November 05, 2014 by lance in apple, Podcast, Security Breaches

How to protect yourself against the recent Rootpipe vulnerability in the Mac OS X version of sudo, which would allow an attacker total control of your computer.

BadUSB - Security vulnerability with no fix coming any time soon

October 03, 2014 by lance in Podcast, Security Breaches, Video

BadUSB security vulnerability is very broad, exploit code has been released, and it is unlikely to be fixed any time soon. Video Podcast.

Stop using Internet Exploer, even with VPNs

April 30, 2014 by lance in microsoft, vulnerability

Internet Explorer 10 start screen tile svg

Governments urge Internet Explorer users to switch browsers until fix found | ZDNet

This and many other articles are relaying the information that governments are encouraging users to move to Chrome, Firefox, or Safari until this Microsoft Internet explorer bug is fixed. The vulnerability seems to have been in every version of IE since 6 through the current version 11. It is a remote exploitation vulnerability, so attackers can use it to run arbitrary code on your computer, effectively “owning” it. There are some work arounds within IE that may prevent the attack, but for now it is much safer and easier to simply move to a different browser.

It is important to remember that using a VPN like Anonymizer Universal does NOT provide any protection against this kind of attack. This is an attack directly against the browser using the content you have “requested”. The attack is launched from the site you are visiting, so the hostile content would flow through the VPN unhindered.

Anonymizer strongly encourages its users to move to Firefox, Safari, or Chrome, at least until this problem is resolved.

Lance Cottrell is the Founder and Chief Scientist of Anonymizer. Follow me on Facebook, Twitter, and Google+.

Apple fixes GOTO FAIL SSL bug for Mac OS X

February 24, 2014 by lance in apple, vulnerability

Apple released an update for Mac OS X 10.9 fixing the serious GOTO FAIL SSL vulnerability. This update appears to resolve the problem for The Safari browser, and many other Apple applications that use SSL/TLS.

If you use a Mac, make sure you install this update ASAP. Go to Software Update and you should see the update available.

Apple SSL vulnerability

February 23, 2014 by lance in apple, vulnerability

Everybody has been talking about the Apple SSL vulnerability, but just in case you have missed it…. It turns out that for several years Safari has failed to properly check the cryptographic signatures on Server Key Exchanges allowing attackers to mount man in the middle attacks against your browser sessions. Anyone with the ability to intercept your traffic could read and modify the data to or from any secure website you visit (of course they can always do it with insecure websites). This would include any WiFi you are using, the local ISP, backbone ISPs, and government entities wherever you might be, or anywhere along the path yo the server you are trying to reach.

This vulnerability impacts both iOS as well as Mac OS X. You can test whether you are vulnerable here.

There is a patch already available for iOS so update your device now!

If you are on a Mac, switch to using some browser other than Safari. Chrome and Firefox are both safe from this particular attack.

If you are on Windows, Linux, BSD, or Android, you would appear to be safe.

A peek at the cybercrime economy

January 21, 2013 by lance in Computer Security, hacking, Security Breaches

The latest Java exploit has given another view into the workings of the cybercrime economy. Although I should not be, I am always startled at just how open and robustly capitalistic the whole enterprise has become. The business is conducted more or less in the open.

Krebs on Security has a nice piece on an auction selling source code to the Java exploit. You can see that there is a high level of service provided, and some warnings about now to ensure that the exploit you paid for stays valuable.

Looks like Java is STILL vulnerable / broken

January 17, 2013 by lance in Internet, Security Breaches

I did not post on the recent Java vulnerability because the fixes came out so quickly, however, it looks like I relaxed too soon.

Apparently there was a second vulnerability that did not get fixed. At this point, you should probably just disable Java in your browser. Gizmodo has a short article on how to do that for the various browsers.

Very few websites actually require Java any more. If you absolutely need to visit one of them, I suggest enabling Java on just one of your browsers and using that browser exclusively for visiting that trusted site with Java.

Internet Explorer vulnerability allows mouse tracking

December 12, 2012 by lance in Uncategorized

spider.io is talking about a bug they discovered in Microsoft Internet Explorer versions 6-10. Evidently the bug allows tracking of your mouse movement even if the browser window has been minimized and you have a different application active.

They say that at least two companies providing display ad analytics are already using this exploit to improve their analysis.

OUCH! Yet another good reason to use any browser but IE.