Technologizer » Hacks

Chrome OS: Hacked!

Ed Oswald — Thu, 04 Aug 2011 20:29:15 +0000

Well, somebody’s finally done it. Google’s been selling us for quite a while on just how secure Chrome is, and they haven’t really lied to us. Getting into the OS or the browser for that matter has proved pretty darn difficult. But at the Black Hat security conference two researchers with White Hat Security have gotten into Chrome OS.

The flaw is in ScratchPad, a Chrome app that allows users to compose text files and then save them to Google Docs. Through it, the attacker can gain access to a person’s e-mail, contacts, and Google Docs and Voice accounts. Give Google some credit here though, the two redarchers working on this – Matt Johanson and Kyle Osborn — said they spent months looking for a hole, and must have only found one now.

To their credit, Johanson and Osborn have informed Google of the flaw and said that it and some other flaws had been addressed, but that some issues do remain. Chrome OS does remain one of the most secure platforms, thanks to Google’s work in ensuring holes are closed.

White Hat’s work came actually as a result of a Google query to the firm on finding security flaws within Chrome OS. The ScratchPad bug was one of those found as a result. The two researchers also said they continue to look for issues, but are treating it more like they would a mobile phone.

That’s because of the way the operating system is built. Since most apps are web-based, functionality is gained through the addition of extensions, much like a browser or mobile phone. Chrome OS is only as powerful as you’ll make it — so the entry point for an attacker is likely to be through an extension rather than the OS itself.

What’s that mean? Google’s going to need to be very careful about Chrome OS extensions.

If the PS3 is Jailbroken, Can We Have Other OS Back?

Jared Newman — Fri, 20 Aug 2010 17:13:31 +0000

Although I never found much utility in Other OS, a Playstation 3 feature that could turn the console into a basic computer running Linux, my heart went out to people who used Other OS before Sony scrapped it.

Sony said it removed Other OS in March to “protect the integrity of the console,” possibly because one hacker came too close to exploiting the feature in a way that would allow piracy. But now, OzModChips claims to have the first PS3 modchip on a USB stick. In theory, this allows people to play bootleg and homebrew games and make disc backups. Supposedly, it can also bypass firmware updates that Sony might use to banish the hack.

If Sony’s piracy safeguards have indeed fallen, I propose that Sony should bring back Other OS. After all, once the integrity of the console is lost, there’s no point in protecting it at the expense of users who did no harm.

A typical argument against draconian anti-piracy measures goes like this: Such attempts are pointless, because they eventually fail, and the only people who suffer are paying customers who have to jump through hoops. That argument didn’t apply to the Playstation 3, because it was rock solid against hackers for almost four years, and legitimate customers were none the wiser.

With the removal of Other OS, everything changed. A feature was lost, and now it appears that Sony’s previously unhackable machine is defeated through unrelated means. I’m skeptical of OzModChips’ solution, which costs $170, until it’s verified by an independent source, but if it’s legitimate, why should Sony pretend that removing Other OS keeps the Playstation 3′s integrity intact?

Five Million Websites Carried Koobface Worm Variant

Ed Oswald — Mon, 16 Aug 2010 20:16:16 +0000

In what’s being called a record for the single biggest viral infection, a hack may have potentially delivered a variant of the Koobface worm to visitors of sites that had the “Small Business Success Index” survey widget installed. This included every parked domain hosted by registrar Network Solutions. The company has since removed the offending widget, it said.

Web searches for the code indicate that for the most part, the survey only appeared there — but the size of this infection is stunning: potentially as many as five million websites. Researchers at Armorize say the infected widget would be installable on Blogger, Linkedin, Twitter and Facebook. I guess the best advice here is that if you’ve recently ended up on a parked domain, scan your computer now for viruses.

Hacker Breaks Into The Pirate Bay to Prove a Point

Ed Oswald — Thu, 08 Jul 2010 21:31:20 +0000

If you’re using The Pirate Bay, the news that a Argentine hacker was able to easily hack into the site and get the contact information of four million users should be a little unsettling. Hacker CH Russo with two partners were able to exploit vulnerabilities in the SQL database software the site uses to compile the data.

Will they sell the data to the MPAA or RIAA? Nope. According statements posted to Russo’s blog and elsewhere, it was done to prove a point. “The community caused problems to huge companies and corporations which turned into threats between [those] companies and them. What we have done, we did not do it with anger, or for commercial value,” he wrote.

I’m pretty confident that the entertainment industry wouldn’t be able to use this data anyway even if it was sold, due to the somewhat-less-than-legal method in which it was obtained. I’m sure a judge would look down on data obtained through a hack when it was used as evidence.

Russo has said that the hack was done to show users of The Pirate Bay that they may not be as anonymous as they think. The data includes usernames, e-mail addresses, and IP address — the latter of which has been used in the past by prosecutors to identify pirates.

Technologizer readers, would this make you any less likely to use The Pirate Bay or other similar sites?

Amazon Kindle DRM Broken, eBooks Set Free

Ed Oswald — Wed, 23 Dec 2009 17:49:42 +0000

An Israeli hacker going by the handle “Labba” claims he has found a method which breaks the copyright protection on the Kindle, allowing the user to transfer eBooks purchased on the device as a PDF to another device. Kindles use a proprietary format “.azw” which prevents transfer to another device.

Not all books for Kindle include DRM — Amazon leaves it up to the publisher to decide whether or not they would like to protect their content. It is likely the company will rush to patch the hole opened by the hacker, although it was not immediately responding to requests for comment Wednesday.

The hack was developed as an entry to a contest on hacking.org.il, where participants were tasked with finding a way to open up the AZW format to allow it to be read on other devices. The hack took about eight days for Labba to complete. The hack is actually an application that is installed onto the device, which then converts the files to the mobi format. Be forwarned though that Amazon has apparently already pushed out code for the Kindle that breaks these scripts, although it is reported it does not auto-update the device.

$26 Gets You Into A Predator Drone

Ed Oswald — Thu, 17 Dec 2009 18:28:18 +0000

This is certainly comforting: US officials have disclosed that Iraqi militants have found a way to hack into US Predator drone aircraft in an effort that is possibly being funded by Iran. The breach could be providing them with information that could help them evade capture by US authorities, and they could be doing it for as little as $25.95.

I wish I was kidding here, but the insurgents have used programs like SkyGrabber — a program that allows for satellite data capture — to obtain access into the drone’s video fees. I guess there’s some good news here: that’s all they’ve apparently been able to access, and officials stress they have not lost control of any aircraft as a result of the break-ins.

Military officials have apparently known about the issue since late last year, when a laptop from a Shiite militant contained drone video feeds. Since then several other laptops have been confiscated with similar data found. Evidence has been found in Afghanistan of hacking as well, indicating our enemies may also be spreading this information. So, where is this loophole that’s allowing people to get in? According to officials, its in the the downlink which has no encryption. They have known about the issue since the 1990s, but never did anything about it because they assumed our enemies wouldn’t know about it.

It’s not immediately clear if anything will be done in the short term. Encrypting data would necessitate that all drones be retrofitted with new hardware, which the government says it is concerned would cause delays. Additionally, encryption could pose issues in sharing data with the military and its allies, they argue.

“There’s a balance between pragmatics and sophistication,” former Air Force Secretary Mike Wynne told the WSJ. Doesn’t provide me much comfort. Any way you look at it, our Predator drones have a serious security hole, which should worry any of us with loved ones over there that these things are supposed to be protecting.

MacRumors Live Keynote Feed Hacked

Ed Oswald — Tue, 06 Jan 2009 17:42:03 +0000

Somebody forgot to check their security on their webserver. A group identifying themselves as 4chan.org has hacked MacRumors Live Feed and for all intents and purposes completely taken over their site. I would post a screenshot, however the material being interjected into the feed is pretty R-rated, and now the site has taken down the feed completely. Note to MacRumors: next time make sure hackers can’t use a backdoor to get into your site…