backdoors – Page 4 – WindowsTechs.com

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered

Posted on August 18, 2021 by Bruce Schneier

Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered.

Turns out it was already in iOS 14.3, and someone noticed:

Early tests show that it can tolerate image resizing and compression, but not cropping or rotations.

We also have the first collision: two images that hash to the same value.

The next step is to generate innocuous images that NeuralHash classifies as prohibited content.

This was a bad idea from the start, and Apple never seemed to consider the adversarial context of the system as a whole, and not just the cryptography…

Continue reading Apple’s NeuralHash Algorithm Has Been Reverse-Engineered→

Apple Adds a Backdoor to iMessage and iCloud Storage

Posted on August 10, 2021 by Bruce Schneier

Apple’s announcement that it’s going to start scanning photos for child abuse material is a big deal. (Here are five news stories.) I have been following the details, and discussing it in several different email lists. I don’t have time right now to delve into the details, but wanted to post something.

EFF writes:

There are two main features that the company is planning to install in every Apple device. One is a scanning feature that will scan all photos as they get uploaded into iCloud Photos to see if they match a photo in the database of known child sexual abuse material (CSAM) maintained by the National Center for Missing & Exploited Children (NCMEC). The other feature scans all iMessage images sent or received by child accounts — that is, accounts designated as owned by a minor — for sexually explicit material, and if the child is young enough, notifies the parent when these images are sent or received. This feature can be turned on or off by parents…

Continue reading Apple Adds a Backdoor to iMessage and iCloud Storage→

Analysis of the FBI’s Anom Phone

Posted on July 12, 2021 by Bruce Schneier

Motherboard got its hands on one of those Anom phones that were really FBI honeypots.
The details are interesting.
Continue reading Analysis of the FBI’s Anom Phone→

Intentional Flaw in GPRS Encryption Algorithm GEA-1

Posted on June 17, 2021 by Bruce Schneier

General Packet Radio Service (GPRS) is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function. Although the algorithm has a 64-bit key, the effective key length is only 40 bits, due to “an exceptional interaction of the deployed LFSRs and the key initialization, which is highly unlikely to occur by chance.”

GEA-1 was designed by the European Telecommunications Standards Institute in 1998. ETSI was — and maybe still is — under the auspices of …

Continue reading Intentional Flaw in GPRS Encryption Algorithm GEA-1→

FBI/AFP-Run Encrypted Phone

Posted on June 11, 2021 by Bruce Schneier

For three years, the Federal Bureau of Investigation and the Australian Federal Police owned and operated a commercial encrypted phone app, called AN0M, that was used by organized crime around the world. Of course, the police were able to read everything — I don’t even know if this qualifies as a backdoor. This week, the world’s police organizations announced 800 arrests based on text messages sent over the app. We’ve seen law enforcement take over encrypted apps before: for example, EncroChat. This operation, code-named Trojan Shield, is the first time law enforcement managed an app from the beginning…

Continue reading FBI/AFP-Run Encrypted Phone→

Bizarro Banking Trojan

Posted on May 20, 2021 by Bruce Schneier

Bizarro is a new banking trojan that is stealing financial information and crypto wallets.

…the program can be delivered in a couple of ways — either via malicious links contained within spam emails, or through a trojanized app. Using these sneaky methods, trojan operators will implant the malware onto a target device, where it will install a sophisticated backdoor that “contains more than 100 commands and allows the attackers to steal online banking account credentials,” the researchers write.

The backdoor has numerous commands built in to allow manipulation of a targeted individual, including keystroke loggers that allow for harvesting of personal login information. In some instances, the malware can allow criminals to commandeer a victim’s crypto wallet, too…

Continue reading Bizarro Banking Trojan→

Backdoor Found in Codecov Bash Uploader

Posted on April 21, 2021 by Bruce Schneier

Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there.

Codecov said the breach allowed the attackers to export information stored in its users’ continuous integration (CI) environments. This information was then sent to a third-party server outside of Codecov’s infrastructure,” the company warned.

Codecov’s Bash Uploader is also used in several uploaders — Codecov-actions uploader for Github, the Codecov CircleCl Orb, and the Codecov Bitrise Step — and the company says these uploaders were also impacted by the breach…

Continue reading Backdoor Found in Codecov Bash Uploader→

Backdoor Added — But Found — in PHP

Posted on April 9, 2021 by Bruce Schneier

Unknown hackers attempted to add a backdoor to the PHP source code. It was two malicious commits, with the subject “fix typo” and the names of known PHP developers and maintainers. They were discovered and removed before being pushed out to… Continue reading Backdoor Added — But Found — in PHP→

US to publish details on suspected Russian hacking tools used in SolarWinds espionage

Posted on March 31, 2021 by Sean Lyngaas

U.S. military and security officials are preparing to publish one of their most detailed analyses yet of the hacking tools used by suspected Russian spies in a campaign that the Biden administration has labeled a national security threat. The “malware analysis report” from U.S. Cyber Command and the Department of Homeland Security, which CyberScoop obtained, spotlights 18 pieces of malicious code allegedly used by Russian hackers, who exploited software made by the federal contractor SolarWinds and other vendors on their way to infiltrating nine U.S. government agencies and 100 companies. The report, slated for public release Wednesday afternoon, sheds light on a historic espionage campaign that U.S. officials have, at times, been cautious to publicly detail. It’s an analysis from U.S. government cybersecurity specialists of how the alleged Russian operatives moved from network to network, and builds on private sector reporting. Cyber Command and DHS’s Cybersecurity and Infrastructure Security Agency […]

The post US to publish details on suspected Russian hacking tools used in SolarWinds espionage appeared first on CyberScoop.

Continue reading US to publish details on suspected Russian hacking tools used in SolarWinds espionage→

Encryption Backdoor Debate, Microsoft Exchange Attacks, Airline Supplier Data Breach

Posted on March 15, 2021 by Tom Eston

Why is federal law enforcement (still) asking Congress for encryption backdoors? Attacks on Microsoft Exchange servers seem to have gotten worse, details on an airline supplier data breach, and the real reason Kevin hasn’t replaced his Chewbacca manneq… Continue reading Encryption Backdoor Debate, Microsoft Exchange Attacks, Airline Supplier Data Breach→