h1

Everything is broken

11 January, 2011

27C3 is primarily about hackers, and that includes a lot of activity with criminal applications. Starting with that aspect of it, then…

…I’ve seen things you people wouldn’t believe.

    I’ve seen a file that was simultaneously a perfectly valid .exe, .zip and .pdf: on Windows, an executable file has its header at the start of a file, a zip archive has its header at the end of a file, and a PDF document has its header anywhere in the first 1024 bytes. Simplifying considerably, a file that contains “EXE-header data PDF-header data data data data ZIP-header” can be executed, viewed and unzipped.

    Besides being a neat trick, this provides all kinds of hiding places for malware. The PDF specification has many other utterly bizarre features and idiosyncrasies – in brief, this is not the dull, safe format you thought it was.

    I’ve seen an ordinary mobile phone call intercepted, recorded and played back: Basically, if these guys feel like it they can find the general location of your mobile and record your end of any phone call you make. I know this because I saw them do it 😮

    Thought experiment: if I called my mobile provider’s customer support line and told them I was concerned about “people recording my conversations”, what kind of response would I get? Note – I have not tried this because I do not like being on hold, nor being treated like a lunatic. (Nor mistaken for an ‘evil hacker’, for that matter.)

    I’ve seen credit cards used without knowing the PIN: well, a BBC video report, anyway. This exploit is relatively old news. What’s interesting is what happened next: with one exception*, instead of fixing the vulnerability, the banks are apparently still refusing to acknowledge victims of this kind of fraud because “our systems are secure”. They have also demanded that Cambridge University remove a student’s thesis on the subject from the library.

    Applause ensued.

    They refused.

    Oh banks, this is not how it works. Your system is not secure (probably no system ever is). Presumably, however, chanting “our systems are secure” and trying to silence researchers is cheaper and less embarrassing than fixing the problem.

    I’ve seen the history of breaking the security on every major console, now including the PS3: the team acknowledged that all such efforts ultimately result in piracy of video games. They seemed kind of gloomy about it, and faintly puzzled as to why anyone would want to play pirated games when they could be running Linux on their console instead. Ah, nerds.


    * Barclays

    Advertisements

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: