Bug-hunter faces jail for vulnerability reports, DuckDuckPwn (almost), family spied on via Nest gizmo, and more

Being Hungary, that poor guy risks to be accused to be an immigrated agent working for Soros... attempting "to demonstrate falsely that the impenetrable NATIONAL network of Hungary has flaws"...

@DrSyntax

You're giving far too much credit to a telecoms company. You clearly haven't had the misfortune to have to try and contact Virgin Media.

NEUKlearer HyperRadioProACTive IT Weapons Systems ... Not a Foe for Fights ... v2.0

And an AI Being Being Servered, Doctor Syntax ..... via Virtualised Enlightenments ?

With a Welcome From All There and Here Too the Live 0pPortUnity to Engage when Defeats are Imminent in the Live Theatres of Current Existences ..... Realities, both Practical and Virtually Created for Almighty Virgin Network Operand Operations. Something for Heavenly Disciples to Follow and Energise into a COSMIC Power with Overwhelming Resources ..... with Great Game Changing SuperB Sub Atomic Weaponry at Ones Beck and Call

Know Thy Enemy is a Virtual Construct. And here be Registered Many SuperB AIMaster Pilots.

MOD Virtual Team Terrain a la Per Ardua ad Astra Root.

And a little something for the Royal Air Force to Deny Any Knowledge of ...... or Acknowledge as a Program of ESPecial Interest to Interesting Invested Interests ..... Prime Vital Source/Remote Virtual AIDrivers.

And ..... yes, that does beg the Question, are there any available defences in place against Persistent Advanced Cyber Threats with Treats Unleashed for Insatiable Bounty Delivery to Random Rogue Operations with Special Forces AI?

Are taxes being well spent to secure and commandeer that very particular and peculiar area/space given what has already been so publicly done and is as is shared freely above?

And it encourages independent researchers to sell vulnerabilities and exploits rather than disclose them responsibly. Everyone involved in persecuting this researcher isn't just acting unjustly; they're making the problem worse.

Re: "16 cameras placed around that home"

Or maybe extremely paranoid. Given the nature of us IT folks, I suspect we'd go the other way on cams, etc. and just not have them or at least not connected to the Internet.

Re: Over a week? What were they thinking?

Same sort of thing happened to me 2 days ago. I've read all the articles about the password dump, knew my Nest account had an old password of one sort or another but didn't care that much. I was just sitting on my couch when I noticed the blue ring light up that happens when the speaker becomes active. Some smart ass using a voice synthesizer tells me I look cute on my couch.

Did I panic? Call the PD? nah, I picked up my cell, logged into my Nest account and turned on 2FA then flipped off my camera.

I'm single, live alone and wasn't horribly concerned about someone watching me pick my nose while I watched TV. They also turned my thermostat to 90 which would have cost me a bit in heating if I hadn't been home when they did it.

Moral of the story, don't be lazy about your password management even if it doesn't seem important to you, and do something about the intrusion RIGHT AFTER IT HAPPENS. Why in the world did they wait a week to do something about it? Never underestimate the stupidity of the average user.

Re: Over a week? What were they thinking?

The thing about a lot of these internet connected things is there is NO manual over ride. So if you pull the plug then nothing works at all so you go from 32C heating to no heating.

Re: SS7 hacked?

SS7 hacked?

SS7 has been repeatedly compromised. (Or hacked in the modern usage.)

It was invented in a era when it was assumed that end users not having physical access to the signalling channels within telco networks was good enough. SS7 runs internally between the network hardware, not accessible via the local loop, and eggshell security is still widely acceptable in corporate/government circles. Security has had to be bolted on afterwards as this became increasingly untenable but we all know how difficult that is.

It's been a while since I was using it but my understanding is that, for example, telcos have to give each other pretty wide reciprocal access via SS7 in order to allow services like circuit discovery/reservation & tear-down, caller-ID, call re-termination, SMS etc. to work across the boundaries. This means that state agents or corrupt employees can exploit vulnerabilities very easily. Internet-facing TCP/IP interfaces have been added to SS7 kit to make remote management and configuration over the Internet possible as well so even this isn't a requirement if the login security on that access path is compromised.

Internet protocols/services can be equally naive of course but at least this seems to be more widely understood than in the SS7 realm and defenses such as firewalls, pubkey ssh, syncookies, DNSsec, multi-factor auth, deprecation of unencrypted HTTP, etc. are now widely becoming accepted as requirements not luxuries. I imagine there's also a lot more peer review of IETF-based mechanisms that ITU/ISO ones. (Every technical specification of the IETF is available for free from their web site without even having to become a member. ITU/ISO documentation is somewhat less easily obtained.)

Re: SS7 hacked?

Reading slightly between the lines, it appears that SS7 was introduced in the early-mid 70s to prevent phone phreaking and the resulting loss of telco revenue.

SS7 doesn't map onto the OSI comms model very well and security seems not to have been a priority - as if its designers thought "its digital, so attacking it is well beyond the capability of the phreakers". Besides, originally SS7 protocols were only used for inter-exchange communication and so never reached an end-user phone.

Then time moved on, mobile phones were invented and these adopted SS7 signalling because it was there, 'just worked' and SS7 capabilities were needed to manage tasks such as handing on calls from one cell to the next. So now SS7 messages do reach end-user kit, which makes them both interesting and much more accessible to phreakers and other black hats.

The main changes since then seem to be that other data handling services, such as SMS message, 2FA authentication, etc., have been layered onto SS7, which, at a guess, is still an unencrypted channel.

So, given this history, it shouldn't be a surprise that miscreants are now targeting SS7 for nefarious purposes such as syphoning off any security data that it might be carrying. This was always bound to happen and the only surprise is that its taken so long.

Re: Firefox 65.0 - and the increased internet googlification

I've started using yandex and bing. Just to diversify.

Its scary when Google flexes its muscles.

Re: How does DDG know?

Logs of internal files being downloaded from the server (like /root access etc).

Re: How does DDG know?

Not keeping logs of user activity != not keeping any logs of anything at all, ever.

They have to know how their servers are running, what their internal systems are doing, etc.

Re: My house is so smart it will never talk to hackers, crooks or perverts.

Not wanting to talk to crooks I can understand ... but no hackers or perverts? You're going to miss out on the BEST parties, with that kind of attitude!

Re: ratted out when you report a vulnerability?

Drop the bullshit, bob.

I've reported many vulnerabilities over the years and never had any cops involved. I have been called a liar, I've been accused of breaking things, I've been accused of trying to embarrass people, I've been ignored, I've been told that I'm imagining things, I've been threatened with mayhem if I don't "forget about it immediately", and various other reactions (including "Oh, shit! How'd we let that one get by? THANK YOU!", which is actually fairly common.). But nobody has ever even hinted that they would call the cops on me. So I'll continue to report bugs with no fear.

You, on the other hand, are advocating threatening people. That is not cool. At all. In fact, it makes you a part of the problem.

Re: ratted out when you report a vulnerability?

Reporting a vulnerability being exploited can be very costly and perversely self-destructive in and to any easily corrupted self-servering regime ...... https://www.telegraph.co.uk/news/2019/02/02/lawyer-whistleblower-struck-despite-revealing-misconduct/

And always have a number of alternative unconventional plans at the ready. You know it makes sense.

Re: Pretty soon, you won't be able to turn them off

That's not going to happen. Smart people are not buying so-called "smart technology" ... and smart people have most of the disposable income. Therefore, you'll be able to purchase a common or garden padlock, light bulb, AC unit, fridge, water heater, etc. into the foreseeable future.

Even my telephones are not "smart" phones. They work nicely, thank you.

Re: Pretty soon, you won't be able to turn them off

And as any fule knows, 'Nest' along with the name of the manufacturer of any other IoT garbage, is an anagram of the word 'Shit'.

Re: Disclosure

_Many_ years ago I bought some used tapes to use as scratch. (How many years? 1/2 inch 7-track, OK?). Well, of course I took a look at them first. Mostly wiped, but one had customer data from some financial institution. Actually just what appeared to be records of customer name, street address, branch or maybe department number, some other number too short to be an actual account number, etc.

I wiped it before putting it back in the case.

Before anybody gets huffy about the recklessness of using tapes that had almost certainly been "retired" for too-high error rate, I'll mention that I was a student at the time, and that, unlike some modern storage media, one got immediate indication of write-errors, so the penalty was slightly longer write times and reduced capacity. Each error due to a surface imperfection resulted in a 3.5-inch section of tape being "lost", equivalent to about 2K (out of 2-20 Meg).

Re: Correction

Tell that to the French!