Show Notes:

Get TechSNAP on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Zero day vulnerability in MoinMoin wiki software takes down many Major Wikis

• wiki.debian.org security breach
• FreeBSD Wiki shutdown to avoid compromise: 503 wiki.FreeBSD.org is offline due to security issue
• wiki.python.org Compromised : techsnap
• If you had an account on any wiki powered by MoinMoin, it is recommended that you change the password on that account, and any other accounts that shared that password (don’t share passwords between sites)

---

Polish researchers hide secret messages in silence

• A group from the Warsaw University of Technology (I was there a few months ago, for EuroBSDCon), have developed a way to communicate in secret using the silences during a skype call
• The new form of steganography takes advantage of the specially formatted packets that the Skype protocol uses to denote silence (to try to suppress background noise and save bandwidth)
• Skype transmits voice data in 130 byte packets, but packets representing silence are only 70 bytes long
• They have created software called SkyDe (SkypeHide), which intercepts some of the silent packets and replaces them with an encrypted message. On the other end, the software decrypts the hidden message, which can contain text, audio or video.
• The hidden messages are indistinguishable from a regular silence packet, and allow data to be transferred at up to 1 kilobit per second (128 bytes per second, not very useful for real time audio/video, but could easily hide text messages or files)
• The researchers will be presenting the details of their system at the 1st ACM Workshop on Information Hiding and Multimedia Security in Montpellier, France, this June

---

Cloud ‘secure ftp’ client Accellion contains password reset bug

• A security researcher investigating Facebook stumbled upon a bug that allowed him to reset the password of any facebook user whose email address he knew
• By using his own account, and then modifying the parameters of an HTTP POST, the researcher was able to reset the password of any other user
• The bug turned out to be in Accellion, a mobile file sharing application
• The bug has since been fixed by Accellion and Facebook, but many private cloud instances are still vulnerable
• The HTTP POST passed the new password and email address as parameters, and was only secured by a cookie containing referrer= base64 encoded email address
• In a secure setup, this cookie should have at least been the MD5 of the email address and a secret key, something that an attacker could not predict/create
• Youtube video demonstrating the attack

---

John McAfee – One man intelligence agency

• John McAfee is a British American computer programmer, and the founder of McAfee Inc. (Acquired by Intel in 2010 for $7.68 billion)
• On April 30, 2012 John McAfee’s home in Belize was raided, but he was never charged with a crime
• After this incident, John McAfee decided to start fighting back
• Below and some highlights from his blog post, detailing what he claims were his activities against the Belize government, and the results
• He purchases 75 inexpensive laptops and infected them with malware that could log keystrokes, activate webcam and microphones, etc and reported the results back to him, and then released the packaging
• He then began giving these laptops as gifts to government employees, police officers, Cabinet Minister’s assistants, girlfriends of powerful men, boyfriends of powerful women, etc
• He also hired ‘social engineers’ to get close to certain people, to infect their computers, to change settings on their cell phones (disable auto-delete of old text messages), etc
• With these key loggers in place, he was able to gain access to the usernames and passwords for email, facebook, and internal government accounts, as well as the content of emails and other correspondence, even if it was later deleted
• With the webcam and microphone malware, he was also able to capture the face and voices of some of his targets
• He also claims to have found evidence that the Belize government was issuing fake passports to lebanese terrorists to allow them to enter the United States

---

War Story:

Ben noted it has been a while since we’ve had a War Story, so he submitted this one:

*
It was the summer of 2005 and I was attending a local University of Wisconsin 2-year community college and working in IT there at the same time. The entire IT department consisted of my boss, who was the “everything admin,” myself, and one other student. That place was jinxed. Every time the boss left for any reason at all, all hell would break loose–whether it be our ISP would have an outage, power outages, fiber patches that would just die, or whatever. Needless to say, I was a bit nervous when my boss announced he was going to be gone fishing somewhere in Canada for 2 weeks with no access to a cellular signal. If anything broke that we couldn’t handle, we were to contact the higher-ups in Madison.

Everything ran smoothly Monday and Tuesday. Things were looking up. I arrived at work Wednesday morning and the dean met me at the door. He informed me that there was a power outage overnight and none of the admin staff had access to voicemail. I was not pleased to hear this as I had never so much as touched the voicemail system. The other student employee had never done anything with it either, but we decided to take a peek and see if we could figure it out. To make things even better, my office phone was dead and so were all the other phones in the newer buildings on campus.

The phone system at the campus was made up of two small Nortel DMS–100 switches. The first one was installed sometime in the early 1980s and was mostly full. This one serviced the older buildings on campus. The newer buildings were serviced by a newer DMS–100 that included a voicemail module on one of the line cards. I powered on the serial terminal sitting on top of the newer DMS–100 and found an error message indicating the source of the problem. One of the fans in the chassis failed and the unit would not boot until the fan had been replaced.

Nortel could have used a few lessons in making parts replaceable. It took 10 minutes of tinkering to get the front panel off and find the failed fan. It was completely seized up. A few more minutes with the screwdriver and the fan was removed. It looked like a standard 120mm case fan at first but then my co-worker noticed that it was a 24v fan. So much for that idea. I called down to Madison and talked to one of the admins there. Naturally, this unit hadn’t been covered under a service contract in the past 5 years or so. He told me to see what I could come up with.

I did some googling and found a few fans that might work, but none of them had a speed sensor wire and they would take a few days to arrive. That wasn’t going to work. My next thought was to get a 12v regulator or some resistors to build a regulator and run a standard 120mm fan. The physics lab didn’t have any of the parts I needed and the local Radio Shack was useless (I could do it now but back then I didn’t have the hardware skills to hack one together from the parts RS had…) Meanwhile, my co-worker was fooling around with the dead fan. He grabbed the fan blades and twisted and it came unstuck. It didn’t spin very well but we figured it might not have to. We went back downstairs and re-mounted the fan. I power-cycled the chassis while my co-worker used a can of compressed air to spin the blades of the fan. Success! The switch booted up. We quickly unhooked the fan so it wouldn’t short anything out and put the covers back on the cabinet. Luckily there were no line cards behind the fan so it’s failure wouldn’t affect the switch too much. Everything booted up and was stable. The bosses in Madison were impressed and said they would work on a replacement fan. When I left a year later there was still a can of compressed air on the top of the switch in case the power went out… Thinking back, I wonder what my tuition money got spent on.

Thanks for your continued efforts on TechSnap, LAS, Unfilter, Coder Radio, Sci Byte, and the Faux Show. They keep me company when the dog is running me after work.

A subscriber and serial affiliate user,

Ben

---

Feedback:

• How do I keep from screwing the next guy after I quit ? Give me some feed back so I make it easy for the next poor sap. A question for the show

• Multiple Apache2 Sites on separate servers behind one dynamic IP

• Show Feedback: Upgrading your ‘Ultimate Servers’

• Email Server at Home

• Web App to Generate Great Passwords

• How to become the IT expert that companies throw money at

• SSHARK! – Sent in by rawzone via reddit

• Belgian bank hires mind readers

Round-Up:

• FOLLOWUP: Dutch government takes down DigID system after Ruby vulnerability is found, service since restored
• Second Ruby on Rails vulnerability even more critical, metaploit package already in the wild, patch immediately
• New year, new Java zeroday!
• Remote NTLM Challenge Response is 100% Broken (Yes, this is still relevant)
• Netflix launches ‘Super HD’ and 3D streaming – but only through certain ISPs
• nVidia releases 310.90 driver update to resolve vulnerabilities discovered over Christmas
• Adobe Are Not Giving Photoshop Away Afterall…
• Useful flowchart/mindmap explains the relationship between Risk, Threat, and Vulernability
• Dutch government publishes guidelines for responsible disclosure
• Hospice loses laptop containing data on 441 patients, fined $50,000
• Adobe, Apple and others didn’t test their software against future dates. What other breakages didn’t we hear about?
• Falsehoods about time and even more falsehoods about time

The post Hiding in the Silence | TechSNAP 92 first appeared on Jupiter Broadcasting.

]]>