Tag Archives: backdoor

CIA 老大告訴參議員,在加密系統裡放後門是可行的,因為沒有公司可以逃離美國魔掌

如同標題講的,CIA 老大 John Brennan 告訴參議員,因為實務上不存在「Non-US encryption」,所以強制任何要進入美國的企業使用美版帶有後門的加密系統是可行的:「Non-US encryption is 'theoretical,' claims CIA chief in backdoor debate」。 CIA director John Brennan told US senators they shouldn't worry about mandatory encryption backdoors hurting American businesses. And that's because, according to Brennan, there's no … Continue reading

Posted in Computer, Murmuring, Network, Political, Security, Social | Tagged , , , , , , , , , | Leave a comment

在 Python 的 pip、Nodejs 的 npm、Ruby 的 RubyGems 上面放木馬研究?

在 Python 領域裡常用 pip 安裝軟體: $ pip install reqeusts 或是: $ sudo pip install reqeusts 其他的平台也大致類似於這樣的動作。而在「Typosquatting programming language package managers」這篇文章裡,作者用 typo 之類的方式列出可能的名稱,像是這樣的名稱: $ sudo pip install reqeusts 然後在這三個平台上發動攻擊,上傳了數百個套件並且觀察: All in all, I created over 200 such packages and equipped them … Continue reading

Posted in Computer, Murmuring, Network, Programming, Security, Software | Tagged , , , , , , , , , , , , , | Leave a comment

用 DNS 控制的後門

在「Wekby APT Gang Using DNS Tunneling for Command and Control」這邊看到用 DNS 做為控制的後門系統,原報導是「New Wekby Attacks Use DNS Requests As Command and Control Mechanism」。 用 DNS 控制的穿透性比 HTTPS 高不少,被拿來做為 APT 類的攻擊威脅高不少...

Posted in Computer, DNS, Murmuring, Network, Security | Tagged , , , , , , , , , | Leave a comment

關於 Juniper ScreenOS 防火牆被放後門的研究

一樣是從 Bruce Schneier 那邊看到的:「Details about Juniper's Firewall Backdoor」,原始的研究連結在「Cryptology ePrint Archive: Report 2016/376」這邊。 ScreenOS 被放了兩個後門,一個是 SSH 的後門: Reverse engineering of ScreenOS binaries revealed that the first of these vulnerabilities was a conventional back door in the SSH password checker. 另外一個是「Dual EC … Continue reading

Posted in Computer, Hardware, Murmuring, Network, OS, Security, Software, VPN | Tagged , , , , , , , , , , , | 1 Comment

Linux Mint 網站被黑,ISO 被加料

Linux Mint 官方放出警告,通知使用者網站被黑以及 ISO 被加料的資安事件:「Beware of hacked ISOs if you downloaded Linux Mint on February 20th!」,開頭的說明: Hackers made a modified Linux Mint ISO, with a backdoor in it, and managed to hack our website to point to it. 不幸中獎的人建議的步驟是先離線,然後備份資料,再用確認安全的 ISO … Continue reading

Posted in Computer, Linux, Murmuring, Network, OS, Security, Software, WWW | Tagged , , , , | Leave a comment

荷蘭政府捐贈五十萬歐元給 OpenSSL

在一堆政府想要立法放後門進系統的情況下,荷蘭政府則反對這樣的想法,並且決定捐贈五十萬歐元 (目前約五十四萬美金) 給 OpenSSL:「Dutch govt says no to backdoors, slides $540k into OpenSSL without breaking eye contact」: The Dutch government has formally opposed the introduction of backdoors in encryption products. A government position paper, published by the Ministry of Security … Continue reading

Posted in Computer, Murmuring, Network, Political, Social | Tagged , , , , | Leave a comment

Mac OS X 的安全性漏洞:蘋果沒打算修 10.9 以下的版本...

在「Hidden backdoor API to root privileges in Apple OS X」這邊揭露了這個漏洞 (接近於後門的設計)。 10.10.3 修正了這個問題,但沒打算修 10.7.x 到 10.9.x 的版本: Apple has now released OS X 10.10.3 where the issue is resolved. OS X 10.9.x and older remain vulnerable, since Apple decided not … Continue reading

Posted in Computer, MacOS, Murmuring, OS, Security, Software | Tagged , , , , , , , | Leave a comment

Cisco 會將硬體寄送到貨運商,以提高 NSA 攔截安裝後門的難度

在「To Avoid NSA Interception, Cisco Will Ship To Decoy Addresses」這篇看到的報導,出自「Cisco posts kit to empty houses to dodge NSA chop shops」這篇。 去年 Snowden 揭露的資料顯示 NSA 會攔截 Cisco 的硬體,並且在上面安裝後門再打包寄出:「Greenwald alleges NSA tampers with routers to plant backdoors」: "The NSA routinely receives – … Continue reading

Posted in Computer, Hardware, Murmuring, Network, Political, Security, Software, VPN | Tagged , , , , , , , | Leave a comment

NSA 付錢給 RSA 放後門的事件...

Edward Snowden 再次丟出 NSA 內部文件,表示 NSA 付錢給 RSA 在演算法裡面放後門:「Exclusive: Secret contract tied NSA and security industry pioneer」。 RSA 的回應則是完全不想提到這筆錢是做什麼用的:「RSA Response to Media Claims Regarding NSA Relationship」。 現在一般在猜測,這個後門應該就是 RSA BSAFE 的預設偽隨機數產生器 Dual_EC_DRBG。 對於 Dual_EC_DRBG 的攻擊,2006 年的「Cryptanalysis of the Dual Elliptic Curve … Continue reading

Posted in Computer, Murmuring, Network, Security | Tagged , , , , , , , , , , , , , , , | 1 Comment

WordPress plugins 安全性問題

在 TechCrunch 上看到 WordPress.org 強制所有 WordPress.org 的使用者更新密碼 (不是 WordPress.com):「WordPress.org Forces Password Resets Due To Compromised Plugins」。 起因是 AddThis、WPtouch 以及 W3 Total Cache 這三個 plugin 有異常 commit 塞入 backdoor code。(瞬間就中兩槍) 這幾天有更新 plugin 的人最好趕快看一下... 慘啊 :/

Posted in Blog, Computer, Murmuring, Network, Security, Software, WWW | Tagged , , , , , , , , , , , | Leave a comment