Daily Archives: August 30, 2017

Intel ME controller chip can be disabled after all – for governments

Posted on by
Reply

Security researchers at Moscow-based Positive Technologies have identified an undocumented configuration setting that disables Intel Management Engine 11, a CPU control mechanism that has been described as a security risk.

Intel’s ME consists of a microcontroller that works with the Platform Controller Hub chip, in conjunction with integrated peripherals. It handles much of the data travelling between the processor and external devices, and thus has access to most of the data on the host computer.

If compromised, it becomes a backdoor, giving an attacker control over the affected device.

Source: Intel ME controller chip has secret kill switch

Smart home IoT stuff gives away a lot of your personal patterns

Posted on by
Reply

Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic – reveals that even when data from devices is encrypted, the metadata can help identify both the device and what it is signaling.

Some devices such as the Nest indoor camera directly communicate with identifiable domain names – in this case ‘dropcam.com.’ That immediately identifies what the product is, and it is then possible to infer from that and the resulting signal what is happening: whether it has detected motion or whether it is live streaming.

Likewise the Sense sleep monitor, TP‑Link smart plug, and Amazon Echo. Even when the devices communicate with a generic DNS server – like Amazon’s AWS service – they typically have a specific IP address that can be used to identify the sensor (the Belkin WeMo switch for example communicated with the very-specific prod1-fs-xbcs-net-1101221371.us-east-1.elb.amazonaws.com address).

By digging into each device’s signal, the team was able to figure out with some certainty exactly what was happening: someone was waking up, someone was turning on a light switch, someone had walked into the kitchen, and so on.

Source: How the CIA, Comcast can snoop on your sleep patterns, sex toy usage

Inside the Massive 711 Million Record Onliner Spambot Dump

Posted on by
Reply

Last week I was contacted by someone alerting me to the presence of a spam list. A big one. That’s a bit of a relative term though because whilst I’ve loaded “big” spam lists into Have I been pwned (HIBP) before, the largest to date has been a mere 393m records and belonged to River City Media. The one I’m writing about today is 711m records which makes it the largest single set of data I’ve ever loaded into HIBP. Just for a sense of scale, that’s almost one address for every single man, woman and child in all of Europe. This blog posts explains everything I know about it.

Source: Inside the Massive 711 Million Record Onliner Spambot Dump