International Hacking Competition 2007 at UiTM, Malaysia (iHack 2007)

We participated in a computer security event known as iHack 2007 in Malaysia as a platinum sponsor. The event was held from the 17th to 19th of August.

Basically there were eight programs that were held during this event. They were:

1. International “Hacking” Competition 2007
2. Student Computer Security Project Presentation
3. Computer Security Exhibition
4. Computer Security Seminar
5. Computer Security Awareness Talk
6. Hack And Defense Workshop
7. PC Modification and Security Competition and
8. Hacking Demonstration

Patrik spoke on day one on “Malware And Online Crime”.

The events of the first day in a nutshell.

Santtu with the Mayor of Shah Alam, Malaysia.

Santtu presenting the Dean of Computer Science School of UiTM, Malaysia with a check of Ringgit Malaysia 10,000.

School Dean giving us a visit at the booth.

The crowd on the first day.

It was a tiring but fulfilling, crowd driving three day event…

Double Whammy! Another Sony Case (And it’s Not BioShock)

Biometrics – yes. BioShock – no.

Hypothetical: Imagine that you visit your local mall and browse around for stuff to buy. And you decide to buy a new CD from your favorite artist and you also buy a brand new cool USB stick thingy on an impulse. You go home and stick the CD into your laptop’s CD drive. It prompts you to install some software. You do so and while you are listening to the music, you open the USB stick package and start experimenting with your new toy. It has a fingerprint reader so you install the software for that as well. Guess what… you might have just installed, not one, but two different rootkit-like software on your laptop.

We received a report that our F-Secure DeepGuard HIPS system was warning about a USB stick software driver. The USB stick in question has a built-in fingerprint reader. The case seemed unusual so we ordered a couple of USB sticks with fingerprint authentication. We installed the software on a test machine and were quite surprised to see that after installation our F-Secure BlackLight rootkit detector was reporting hidden files on the system.

Many of our regular readers will remember the huge Sony BMG XCP DRM rootkit debacle of 2005. Back then malware with rootkits were not very common but since then a lot of malware families have adopted rootkit cloaking techniques. It is unclear if the “rise of the rootkit” would have happened in this magnitude without the publicity of the Sony BMG case. In any case, a lot more people now know what a “rootkit” is than back then.

This USB stick with rootkit-like behavior is closely related to the Sony BMG case. First of all, it is another case where rootkit-like cloaking is ill advisedly used in commercial software. Also, the USB sticks we ordered are products of the same company — Sony Corporation.

The Sony MicroVault USM-F fingerprint reader software that comes with the USB stick installs a driver that is hiding a directory under “c:\windows\”. So, when enumerating files and subdirectories in the Windows directory, the directory and files inside it are not visible through Windows API. If you know the name of the directory, it is e.g. possible to enter the hidden directory using Command Prompt and it is possible to create new hidden files. There are also ways to run files from this directory. Files in this directory are also hidden from some antivirus scanners (as with the Sony BMG DRM case) — depending on the techniques employed by the antivirus software. It is therefore technically possible for malware to use the hidden directory as a hiding place.

In addition to the software that was packaged with the USB stick, we also tested the latest software version available from Sony at www.sony.net/Products/Media/Microvault/ and this version also contains the same hiding functionality.

It is our belief that the MicroVault software hides this folder to somehow protect the fingerprint authentication from tampering and bypass. It is obvious that user fingerprints cannot be in a world writable file on the disk when we are talking about secure authentication. However, we feel that rootkit-like cloaking techniques are not the right way to go here. As with the Sony BMG case we, of course, contacted Sony before we decided to go public with the case. However, this time we received no reply from them.

It should be noted that MicroVaults with fingerprint authentication appear to be an older product and may no longer be manufactured. At least we had some trouble finding a reader of this type in Helsinki. Nevertheless, we did manage to find them on sale.

Note that over the weekend there was news about a suspected rootkit in the PC version of the game Bioshock. This news proved not to be true, but since BioShock apparently uses copyright protection software made by Sony there was lots of initial commotion.

Sony USB thumb drives come with rootkit

As a result of its decision to include a rootkit-based copy protection system in some of its CDs, Sony had to pay $1.5 million in civil penalties and refund users whose PCs were damaged by the software last year. However, it seems that wasn’t enough to make the company turn its back on rootkits.

The folks at F-Secure have discovered that software bundled with Sony’s MicroVault USB thumb drives installs a driver intended to conceal files in the host system’s Windows directory. Said directory reportedly becomes invisible to the Windows API and some anti-virus software, which could potentially allow malware to exploit it in order to avoid detection.

According to F-Secure, Sony relies on the cloaking functionality to conceal data used by the thumb drives’ fingerprint authentication system.

[ View ]

Adobe releases RawShooter migration tool

Adobe Labs has released a tool to let customers of the RawShooter software convert image-editing settings to equivalents in Adobe Photoshop Lightroom.

The RawShooter conversion tool is a free download and works on Windows systems. However, because the two programs operate differently when it comes to features such as noise reduction, tone curves and color balance, images won’t necessarily appear the same, Adobe cautioned.

RawShooter, software used to convert unprocessed “raw” images from higher-end digital cameras into more portable formats such as JPEG, was discontinued after Adobe bought its producer, Pixmantec, in 2006.

Photoshop Senior Product Manager John Nack announced the new software Saturday on his blog.

[ View ]

Intel ‘LaGrande’ Chipset Ships, First Test of New vPro Trusted Platform

One of the most ambitious new features ever to be built into an x86 motherboard is now publicly available: a hypervisor-based computer that runs both the operating system and its underlying BIOS under the control of a virtual machine monitor.

Underneath these physical and virtual layers is Intel’s latest and boldest implementation of the Trusted Computing platform – the highly anticipated, and in some circles dreaded, LaGrande platform, now called Trusted Execution Technology (TXT). It is quite literally a computer that provides the entire universe for another computer, replacing the BIOS with a radically advanced underlying system capable of detecting incursion at the deepest levels.

[ continue here ]

Google expert says ‘TV is dead’

One of the founding fathers of the internet has predicted the end of traditional television.

Vint Cerf, who helped to build the internet while working as a researcher in America, said that television was approaching its “iPod moment”.

In the same way that people now download their favorite music onto their iPod, he said that viewers would soon be downloading most of favorite programmers onto their computers.

“85 per cent of all video we watch is pre-recorded, so you can set your system to download it all the time,” said Mr Cerf, who is now the vice-president of the Google, the world’s largest search engine.

“You’re still going to need live television for certain things – like news, sporting events and emergencies – but increasingly it is going to be almost like the iPod, where you download content to look at later.”

Although television on demand has not yet become a mainstream activity in the UK, the BBC, ITV and Channel 4 have all invested vast sums of money in technology which enables viewers to watch their favorite shows onto their computers.

[ View ]

Motorola still keen to participate in BSNL tender

US-based telecom giant Motorola, which was earlier disqualified from state-run Bharat Sanchar Nigam Ltd’s (BSNL) tender for 45.5 million GSM lines, is still keen to participate if fresh bids are invited.

“Yes, we would like to participate in the bid in case BSNL floats another tender,” Malcolm Dawe, vice president & general manager, Motorola India Mobile Devices, said on the sidelines of the launch of Moto Razr 2 Thursday evening.

BSNL is expected to float a fresh tender of 40-50 million GSM lines within the next eight to nine months. The move is part of BSNL’s plan to expand operations, which are largely centred in Delhi and Mumbai, to other cities and compete with private operators.

The first tender of 23 million GSM lines was cleared after being cut from its initial size of 45.5 million lines. Motorola was disqualified in the earlier tender along with its Chinese partner ZTE.

BSNL had placed the order for the first tender with Nokia Siemens and Ericsson.

SanDisk launches new "Clip" Mp3 player with OLED

SanDisk announced its latest shuffle-competing media player today, the “Clip.” The 1GB black model costs $40, has an FM tuner, support for Mp3, WMA, securei WMA, a microphone, and a fifteen hour battery life. The more expensive 2GB model comes in blue, red, pink, and black and has a 30 hour battery life.

Like the Sansa Express, the Clip has an OLED screen—however this time Sansa also added the quite obvious “clip” to the back of the unit. Judging by the pictures, the unit looks incredibly small, which would make it perfect for clipping onto jogging shorts or a t-shirt. On the other hand, the only model that doesn’t look like a child’s toy is the black one. I’m not a huge fan of the colored, cheap-looking plastic that the 2GB models come in.

Both models will be available in Europe and the United States in September priced at $39.99 and $59.99 for the 1GB and 2GB models, respectively.

Unlocking the iPhone Without the Soldering Iron?

George Hotz, a New Jersey teenager, got most of the attention last week for hacking the iPhone, but at least one other group claims to have come up with a way of liberating Apple’s popular gadget from AT&T’s wireless network. A group calling itself iPhoneSimFree, which first demonstrated its technique to Engadget’s editor, Ryan Block, said it could unlock the iPhone without any changes to the iPhone hardware itself. If it works, the solution could potentially be more broadly accessible to people who want to use their iPhones on GSM networks other than AT&T’s.

On Friday, a member of iPhoneSimFree, who gave his name as Jim, answered some of our questions over e-mail:

Q: Why do you want to be able to unlock the iPhone from AT&T?
A: A lot of our staff are foreign to the USA, and obviously “techies.” The iphone is something that we all wanted and had our hearts set on from the minute is was announced. However, owning a neat, over-priced, video ipod with inadequate memory capacity that could run Safari was not exactly our definition of what a phone should be. Further to that, there have been many articles about the problems associated with provider-locked phones, such as ridiculous roaming charges, poor coverage issues, limited contract options as well as forcing people to switch from existing contracts they may have.

Q: How do you think Apple will react?
A: We have been debating this question and our answer is that we don’t know.

Q: Why maintain your anonymity?
A: We chose to remain anonymous from early on, simply as a way to protect our individual privacy.

Q: How did you work together on this?
A: Working across continents and time zones is always difficult, especially when dealing with individual skills. There were times when we had hardware on one side of the world with coders working on it through the net on the other side. The internet helps to facilitate a global virtual workshop. It was difficult, but through persistence and teamwork we managed to achieve a pretty remarkable goal.

Q: Is your solution superior to others that are out there — like George Hotz’ hardware hack and the TurboSIM card?
A: George Hotz’s work was amazing, especially all his well-documented findings. We can also say that it aided with our work and we would like to give him credit for that. However, his solution is limited due to its complicated hardware requirements. The turbo sim solution is not really an unlock solution. Its an expensive alternative which involves cutting a sim card as well as using software on your phone to get it working.

Q: Can regular people use the SimFree technique?
A: Our goal is to provide an end product as simple and effortless to use as the Iphone itself. It is our experience that most consumers appreciate a quick and easy way to use their products and we worked hard to make this happen.

Q: How broadly can this be used?
A: We believe that there is a real need and immense demand for this solution globally.

Q: How much do you plan to charge for the use of your unlocking software?
A: Currently we are working hard to structure the end retail price as low as possible while leaving enough margin for distributors and wholesalers. If we find this formula unsuitable we will simply work backwards and peg the retail price as low as possible to ensure that it is a viable and affordable option for anybody wanting to free their Iphone.

Google’s “gPhone” might come sooner rather than later

It has been talked up quite a bit, recently. After Apple’s public fuss over the iPhone is starting to taper off, people online are talking about the phone by Google. The on again, off again offering to the mobile world by the search giant is reaching fanatical levels of hype and thanks to a recent news story by Rediff News in India, the hype is only getting worse.

The story published by Rediff said that the gPhone is two weeks away from launch. The new report said that talks are taking place with Bharti Airtel and Vodafone Essar, India’s first and third largest mobile telephony operators. They also mention state-owned Bharat Sanchar Nigam and another manufacturer.

“Sources close to the development said a simultaneous launch across the US and Europe is expected, and announcements would be sent to media firms in India and other parts of the world. US regulatory approval, which is expected soon, is the only hurdle that Google is waiting to cross, they added. Google plans to invest $7-8 billion for its global telephony foray,” the story said.

A Google spokesperson told the news site, “We don’t comment on market rumor or speculation. However, Google is committed to providing users with access to the world’s information, and mobile becomes more important to those efforts every day. We’re collaborating with partners worldwide to bring Google search and applications to mobile users everywhere. However, we have nothing to announce at this time.”

Earlier this month The Wall Street Journal published a story that said Google has already built a prototype of the gPhone. The idea for the R&D is to design a phone that could be mass produced quickly and sent to the European and US markets.

It is still simply a rumor, but a good one nevertheless. Until Google announces it officially, no one knows for sure if Google will jump into the mobile race. This news could be tied to recent comments to the press by CEO Eric Schmidt that Google will likely take place in the FCC auction to be held later this year.