WHOIS Hiding | TechSNAP 129 | Jupiter Broadcasting

Big changes could be coming to the WHOIS database in the name of privacy, but security experts have major concerns.

Plus our suggestions for rolling your own server, a huge batch of questions, and much much more!

On this week’s TechSNAP.

Thanks to:

$\"GoDaddy\"$

$\"Ting\"$

Direct Download:

RSS Feeds:

— Show Notes: —

WHOIS Privacy Plan Draws Fire

Internet regulators are pushing a controversial plan to restrict public access to WHOIS Web site registration records. Proponents of the proposal say it would improve the accuracy of WHOIS data and better protect the privacy of people who register domain names.
According to an interim report (PDF) by the ICANN working group, the WHOIS data would be accessible only to \”authenticated requestors that are held accountable for appropriate use\” of the information.
The working group’s current plan envisions creating what it calls an “aggregated registration directory service” (ARDS) to serve as a clearinghouse that contains a non-authoritative copy of all of the collected data elements.
The registrars and registries that operate the hundreds of different generic top-level domains (gTLDs, like dot-biz, dot-name, e.g.) would be responsible for maintaining the authoritative sources of WHOIS data for domains in their gTLDs.
Those who wish to query WHOIS domain registration data from the system would have to apply for access credentials to the ARDS, which would be responsible for handling data accuracy complaints, auditing access to the system to minimize abuse, and managing the licensing arrangement for access to the WHOIS data.
The interim proposal has met with a swell of opposition from some security and technology experts who worry about the plan\’s potential for harm to consumers and cybercrime investigators.

\”Internet users (individuals, businesses, law enforcement, governments, journalists and others) should not be subject to barriers — including prior authorization, disclosure obligations, payment of fees, etc. — in order to gain access to information about who operates a website, with the exception of legitimate privacy protection services,\” reads a letter (PDF) jointly submitted to ICANN last month by G2 Web Services, OpSec Security, LegitScript and DomainTools.

Kerbs says: the working group’s interim report leaves open in my mind the question of how exactly the ARDS would achieve more accurate and complete WHOIS records. Current accreditation agreements that registrars/registries must sign with ICANN already require the registrars/registries to validate WHOIS data and to correct inaccurate records, but these contracts have long been shown to be ineffective at producing much more accurate records.

WeChat security found to be lax, your password is at risk

The WeChat Android client has an undocumented debugging interface that can be accessed by other apps on your Android device
This interface allows an attacker to intercept all data flowing through the WeChat application, including your username and hashed password
The password is only hashed with straight md5, making it trivial to brute force or rainbow table
“In WeChat versions up to 4.3.5 we identified several vulnerabilities which allow an attacker who can intercept the traffic to quickly decrypt the message body, thus being able to access the messages sent and received by the user. More recent versions seems to be immune to these attacks, but we still have to perform a more in-depth analysis of the encryption scheme implemented in the latest WeChat releases. “
The local SQLite database used by WeChat is encrypted, but the key is a derived from the WeChat uid and the local DeviceID, meaning an attacker with access to this debug interface has access to both parameters
“We tried to contact developers to notify our findings, but with no luck: we wrote an e-mail to Tencent technical support both on August 30th and on September 3th, but we got no reply.”

DRAM prices still being driven up by plant fire

As TechSNAP reported previously, there was a chemical explosion and fire at the SK Hynix plant in Wuxi China on September 4th
SK Hynix is attempting to rush repairs to the damaged fab, and has reopened the remaining fab at the Wuxi site on September 7th. The two fabs are isolated to prevent a problem at one from crippling the other
SK Hynix is also shifting some production to other plants in Korea
However the expected shortage has still driven DRAM prices up 27 percent
The Wuxi plant makes approximately 10% of the worlds supply of DRAM
SK Hynix expects the plant to be back at full capacity sometime in October
Full repairs will take between three months and six months and reduce total output by two months’ worth of production
Even once the repaired plant is online, SK Hynix plans to ram up production beyond the previous levels as well as maintain the increased production in Korea
SK Hynix will also ramp up production in stages as portions of the damaged plant are cleaned and repaired to match what analysts expect will be a spike in demand for PC-oriented chips as the Oct. 18 ship date of Windows 8.1 approaches, analysts said.

Feedback:

Build your own Google Reader replacement, or check out one of the hosted options. Will run down the list of the candidates we think have the best potential to replace Google Reader on Linux.

WHOIS Hiding | TechSNAP 129