A treasure trove of data was found on an open FTP site, leaving AMI BIOS users open to attack.
Plus a look at PunkSPIDER, a batch of your questions, and so much more!
On this week’s of TechSNAP.
Thanks to:
|
Use our code hostdeal4 to score economy hosting for $1 a month, for one year. 35% off your ENTIRE order just use our code go35off4 until the end of the month! |
 |
Direct Download:HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent RSS Feeds:HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed |
Support the Show:
| <a href=”https://flattr.com/thing/525316/chrislas-on-Flattr” target=”_blank”><br /> <img src=”https://api.flattr.com/button/flattr-badge-large.png” alt=”Flattr this” title=”Flattr this” border=”0″ /></a> |
|
Show Notes:
Get TechSNAP on your Android:
Browser Affiliate Extension:
- Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox
- HyperionGray have announced a new project, where they have connected their open source distributed PunkSCAN webapp scanner to an Apache Hadoop Cluster and set it loose on the Internet
- The goal of the project is to highlight the abysmal state of security on the Internet
- The scanner finds sites that are vulnerable to SQL Injection, Blind SQL Injection, and Cross-Site Scripting
- This information is then stored in a database, and is searching using PunkSPIDER
- You can search by keyword in the URL or Title of the site and search by vulnerability types
- PunkSPIDER Search Engine
- PunkSPIDER is similar to another online search engine we have discussed previously, SHODAN is an online index of banner messages and version info
- Additional Coverage
- Researchers at Ohio State University have conducted extensive testing of Flash SSD drives to determine how they react to unexpected power failures
- By creating a worst case scenario that involves many concurrent writes of incompressible data, and a direct loss of power (cutting power between the PSU and the SSD rather than cutting power to the PSU), the researchers were able to enumerate a number of possible failure scenarios
- The possible failures they looked for were:
- Bit Corruption – Random bits in the data set incorrectly
- Flying Writes – The correct data written to the wrong block/sector
- Shorn Writes – A write is interrupted while overwriting a sector, leaving the sector with some of the new bits and some of the old bits
- Metadata Corruption – The Flash Translation Layer (FTL, the complex firmware on an SSD that makes the NAND Flash chips appear like a regular hard drive) metadata is corrupted
- Dead Device – The SSD no longer functions at all
- Unserializability – The disk is in a state where writes were completed out of order
- Researchers tested 15 different SSDs and 2 regular spinning drives
- They did not release the manufacturer names or model numbers
- Additional Coverage
- Paper
- Erretum Insert
- A case of a similar problem? SSD suddenly only 34kb
- Security researchers Brandan Wilson and Adam Caudill found some interesting things on an open FTP server in Taiwan
- On the FTP site they found numerous goodies, including internal emails, system images, high resolution PCB images, and Excel sheets loaded with private data
- In addition, they also found a directory named ‘code’, that contained the source code and a private key for the AMI Firmware
- According to AMI, the FTP site belongs to one of its customers, and the private key that was exposed is a testing key they use for all of their images, but they instruct all of their customers to generate their own keys and not use that testing key in production
- It is not clear if this is the case, one or more manufacturer making use of the AMI Firmware are using that testing key
- If that key is trusted in the wild, it means someone with access to this leaked source code could make a malicious firmware update that would be considered valid, it would also mean that the entire UEFI trust system for the affected machines could be invalid
- “The worst case is the creation of a persistent, Trojanized update that would allow remote access to the system at the lowest possible level,” Caudill said. “Another possibility would be the creation of an update that would render the system unbootable, requiring replacement of the mainboard.”
- “This kind of leak is a dream-come-true for advanced corporate espionage or intelligence operations,” Caudill wrote. “The ability to create a nearly undetectable, permanent hole in a system’s security is an ideal scenario for covert information collection.”
-
Voicemail from Tzvi
- Brazilian users unable to boot Windows after botched update
- Exclusive: Ongoing malware attack targeting Apache hijacks 20,000 sites
- 2013 CISPA passes Intelligence Committee, headed to House for vote
- Video streamer Vudu reports physical break-in, customer data stolen
- Advertising networks found ignoring Opt-Out requests
- Exploit for Apple iMessage can cause Denial of Service (crash the app and prevent the user from getting any future messages)
- US Government caught using Stringray (fake cell tower) devices to eaves drop on calls without a warrant
- Developer purposely leaves vulnerable application online, finds it compromised by friendly hacker within 24 hours
- Ubisoft UPlay service hacked, gives access to unreleased title Far Cry 3
- Japanese Crisis Management Office accidently tweets that DPRK Missiles are inbound to Japan, while testing ability to inform the public