962 posts • joined 21 Sep 2011
Re: Re: I call semi-bollocks
"This isn't a tool for the S'kiddies, this is potentially grown-up stuff."
Absolutely. This isn't for Anonymous. This is for cops and g-men. Strike up a conversation with someone at a conference, you've had a few beers, he or she suggests you whack in a USB stick to copy over some stuff you'd be interested in. You're savvy, you know you've disabled autorun and open documents in a VM or a non-sensitive machine. You're confident.
Doesn't matter in this case. Game over.
Re: This is nothing new... this has been done for years!
"This type of hack has been done for year."
Again, like the modified mouse above, this is custom hardware. You have one evil USB plug, there. Just one. What are you going to do? Go around plugging it into everyone you want to pwn?
With this BH exploit automated, you can modify USB sticks using purely software again and again and again, whenever a device with a supported micro-controller is plugged in to an infected PC. That's the point of this BadUSB.
"We need better reporting."
I need a better reader.
Re: Errmm.. old news?
"There was stuff about this *years* ago. I saw a demo of an 'infected' USB mouse infecting a PC it was plugged into"
You're talking about this? Look at it. It's been *physically* modified. This BH talk is about rewriting the firmware in an undetectable manner.
Imagine automating the process of rewriting the firmware using just software: every time a supported stick is plugged in, and your malware is on the PC, you get to infect the stick's firmware silently and reliably.
Which means, in theory, you can spread your software nasty from thumb drive to thumb drive (if they're using supported micro-controllers), creating an infection.
Having said that, this process is not /that/ new - see the links in the story to older presentations. What I believe is new here is reliable and realistic firmware rewriting that can be demonstrated on stage and weaponized.
Re: Michael C
"I may be missing something but how does the malware get on the USB device in the first place?"
I imagine you reverse engineer a vendor tool that updates the firmware, so you can see the magic packets needed to put the device into program mode. You then either read the firmware off the chip (if poss) or download a firmware update and work out what the raw binary is.
From there, you work out how the chip works internally: where registers are and so forth. You add in your new code, hook it up so it runs, and then upload that modified firmware to the controller in program mode.
Now you're all set. After that, make sure the PC malware you install has the capability of automating the above. And now you're cooking on gas.
IMHO it's the reverse engineering of the firmware and the firmware programming that's impressive. You shouldn't trust USB sticks anyway on machines that are sensitive. If you genuinely care about information security, you'd compartmentalize your data and systems so that plugging a random USB thing into your gaming PC doesn't screw over your machine with your PGP keys.
Re: Strange invite received from @sitpub.com citing one comment of mine
Thanks. Can you tell me, please, who that was so I can follow it up? Email cwilliams @ theregister dot co dot uk, thanks.
FWIW Sitpub stands for Situation Publishing, the biz wot does The Register.
"We're using it in HACMS"
OK - I've tweaked the article.
Re: ... 50year warranty period ...
No, it's a typo.
"At least you have a couple decent ones pretty close to your office"
Being based in San Francisco, we were at a rowdy place in the Mission, 16th and Valencia actually. The thing about having smartwatches and smartphones is that work emails (particularly corrections@ which we take seriously) tend to catch our eye even after a few jars of Anchor Steam.
Anyway, in the sober light of day I've taken the manual mod off Brian Scott poster's account. But please do keep pinging the corrections address - we'll pick 'em up night and day :)
"Actually, that's OpenBSD not NetBSD"
So why didn't you email firstname.lastname@example.org? So you'll find all your comments moderated from now on. Well done.
It was fixed as soon as we spotted the mistake - in fact, it was corrected while we were in the bar after work.
Re: bunch of tw@ts
"Would this kind of thing earn me a letter"
No, I don't think that sort of file is on the BPI et al radar.
Re: Re: #Dell / Equallogic
"Chris just didn't reach out to us for this story."
Full disclosure: LJL is a Dell employee.
Re: I Ask
We don't know yet beyond Machine will use a mix of standard processors (x86 or ARM, say), and then custom silicon to finish the job.
When we find out, we'll let you know.
Re: No, they're not sekret spying tools
"pcapd - so top sekret it's been a documented developer tool for years"
No - the developer doc you linked to is about analyzing traffic from another device on the network, not by the device itself which is what pcapd does, allegedly. The doc you linked to says "iOS does not support packet tracing directly". That's contradicted by Jonathan's claims.
The other things you link to are not documented by Apple officially (AFAIA). They may well have been known for a while. There's no harm in a serious security researcher joining up all the dots for everyone.
Unless you're just happy doodle dandy with everything as it stands.
Re: Great article.
Perl is perfection. No need to improve it.
The HTTP remote management is on by default. And there is no workaround.
Re: Come on!
The key thing is DHCPv6 from what I can tell. I've tweaked the article.
Don't forget to email email@example.com - your comments won't be seen and articles won't be fixed unless someone drops us a note. And we all want articles accurate, right?
Re: Daniel Palmer
Yeah it was a typo - should be 3.10. Don't forget to email corrections@theregister next time.
Re: Or just plain offensive?
I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question.
Re: What A Load Of Shit
I was going to take your comment seriously, then I saw your username.
Re: NetApp is also a preferred design reference partner
Full-disclosure: gps1539 works for NetApp.
Re: Digital Sex
"When I saw this story on the Daily Fail"
FWIW on the time delay: we saw this story first emerge on Friday evening (California time), but held off until we were able to obtain the court filing this morning. Just to check, y'know.
Re: I can't believe
"I wasted a few minutes reading Nadella's memo"
We did warn you!
Re: Most obnoxious article title in history
Re: Too Much Clickbait
"Please stop being so clickbaity"
Ah, it was a joke; a sendup of stupid headlines that claim you can make $$$s with one weird trick. Can't you tell it was out of style? Every word was capped up, and it's like no other headline on the front page.
"Jokey headlines - great"
This must be what it feels like to tell a joke on stage and be met with silence.
Re: Re: right to change history
"this no-body MP"
As a point of order, he's the Minister of State for Justice and Civil Liberties; deputy leader of the Lib Dems; Lib Dem president; and been an MP since 1983.
Re: "Roth had notified them about the hole via Twitter"
Actually, Roth contests what ProtonMail suggested - and said he emailed in the vulns.
Re: So is Andrew in favour of the law...
Yes - on both counts.
Re: Radio 4 this morning.
"this article seems to have ignored this event"
If Barron is correct then it's even more crazy - because it's a misunderstanding by Google of the ECJ ruling. Either way, newspaper articles were delisted, not just Peston's blog post, so Andrew's point remains.
Re: How is this Google's fault?
"It's bizarre that the author is trying to blame Google for this"
Reread the article - it's about Google's reaction to the ruling.
"You can bet that if Google could get away with waiting for a court order every time, they would"
Absolutely, so why isn't Google doing just that? Is it worried if it bats every request away the Euro authorities will get mad and fine it?
This is multibillion-dollar Google. It's not poor ickle Google in a Stanford garage being picked on by horrible nasty internet people, no matter how many cutesy doodles it comes up with.
Re: Stupid decision, stupid story, stupid people
"So we get stories like this"
I think you've misread this article and Peston's.
Re: coming round for a chat
"Is that documented?"
I believe we tweeted about it - but yes, a friendly top-level chap from the DA-Notice committee (part of the MoD) came around for a chat in the wake of Duncan Campbell's GCHQ coverage. It was to share advice, rather than impose rules or guidelines.
Re: Re: Over the top?
Daggerchild, the only person here using the words Google and evil is you.
Re: Over the top?
"Guysm can you please stop with the over the top Google hate?"
No, and it's not hate. It's healthy criticism and scrutiny.
Google is the biggest thing on the web; it has near-unlimited power over the day-to-day internet lives of countless millions. Yes, it does a lot of good, but that doesn't give it a free pass. Gigantic corporations need to be kept in check, and that's why we keep the screws turning.
Re: Hang on a minute…
As per the Cisco advisory:
"The vulnerability is due to the presence of a default SSH private key, which is stored in an insecure way on the system"
"So, have Microsoft realised they have dropped a big one here and handed the domains back to noip?"
That appears to be the case - we're following this story up.
Re: Facebook broke the law.
"The author's bias is absurd."
I think Richard is being sarcastic.
"Is there something missing from the story?"
No, but the whole thing is baffling. It's all there and in the linked-to court documents. Microsoft claimed some of the subdomains use MS protected marks, and that No-IP's service was being used to cause:
"the unlawful intrusion into, infection of, and further illegal conduct involving, the personal computers of innocent persons, thereby causing harm to those persons, Microsoft, and the public at large."
So a judge in Las Vegas thought applying the restraining order, and redirecting the nameservers to MS's DNS systems, was just.
You're right - article amended.
Re: Andrew Jones 2
"Journalists reporting / reviewing the Android Wear watches are doing a terrible job so far"
Iain has used the watch for, literally, a day or two. We normally spend a week or longer when preparing a review. As the article says, it's a first look. A review will follow. I'll take your point about the price though and add it in.
Re: Jim 59
"Articles like this indicate that not all is well at Vulture Central."
In what way?
Re: Anonymous coward
No pleasing some people.
Re: More socially needier?
Yeah, all right - should have caught that but it was gone 5pm and my brain was thinking about wine. Don't forget to email corrections@thereg if you spot any errors.
My desire to be grammatically correct overruled hashtag bollocks.
"I wonder if Prof Cyborg will deign to publish his results in a peer-reviewed journal"
I hear the results from Saturday will be put into a paper of some sort. Waiting for the university to get back to me. I gather the uni denied the Telegraph access to the transcripts, so this could turn interesting.
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- SOULLESS machine-intelligence ROBOT cars to hit Blighty in 2015
- BuzzGasm! Thirteen Astonishing True Facts You Never Knew About SCREWS
- Worstall on Wednesday YES, iPhones ARE getting slower with each new release of iOS
- Microsoft's Euro cloud darkens: Redmond must let feds into foreign servers