Category Archives: Security

Cryptography, Security, Hacks, etc..

New Jersey Voting Bugs

Posted on by

Steve Bellovin reports:

Ed Felten has posted two articles describing bugs in New Jersey’s electronic voting systems. Briefly, the total votes for all of the candidates add up to more than the number of votes the machines believe were cast.

The voting machine company, Sequoia, has proffered an explanation of the bug, but Ed Felten points out in his second article that one of the tapes now analysed shows this to be inadequate as the total number of votes is more than the “public counter” which is the voting machines own total of the count. He writes:

Each machine has a “public counter” that keeps track of how many votes were cast on the machine in the current election. The public counter, which is found on virtually all voting machines, is one of the important safeguards ensuring that votes are not cast improperly. […]

The public counter is important enough that the poll workers actually sign a statement at the bottom of the tape, attesting to the value of the public counter.

Unfortunately..

The public counter says 105, even though 106 votes were reported. That’s a big problem.

Oops..

Taking the Myki ?

Posted on by

So Melbourne is investigating an electronic tag based ticketing system for public transport called Myki (presumably meant to be pronounced My Key and not mickey), and in an interesting coincidence Bruce Schneier reports a successful attack against a Dutch ticketing system that’s about to be deployed:

The first reported attack was designed by two students at the University of Amsterdam, Pieter Siekerman and Maurits van der Schee. They analyzed the single-use ticket and showed its vulnerabilities in a report. They also showed how a used single-use card could be given eternal life by resetting it to its original “unused” state.

The second attack is a reverse engineering of the crypto algorithm through a physical attack on the circuitry which will be a jumping off point for further attacks, I guess.

I wonder how long it’ll take for the Melbourne system to be similarly compromised ?

Sears – purveyors of Spyware to the masses ?

Posted on by

I wonder how many people using Windows have been bitten by this new spyware, as related by the Computer Associates Security Advisor Blog ?

Sears.com is distributing spyware that tracks all your Internet usage – including banking logins, email, and all other forms of Internet usage – all in the name of “community participation.” Every website visitor that joins the Sears community installs software that acts as a proxy to every web transaction made on the compromised computer. In other words, if you have installed Sears software (“the proxy”) on your system, all data transmitted to and from your system will be intercepted.

The mention of “banking logins” is to get your attention, because as this apparently hoovers up all your traffic it will get whatever you do, presumably including credit cards, etc.

They also have an interesting take on how to do privacy policies:

What I have come to learn is that if you navigate to http://www.myshccommunity.com/Privacy.aspx you could actually get one of two policies. […] If you access that URL with a machine compromised by the Sears proxy software, you will get the policy with direct language (like “monitors all Internet behavior”). If you access the policy using an uncompromised system, you will get the toned down version (like “provide superior service”). Both policies share the same URL and same look and feel – coloring, page layout, Kmart and Sears branding, etc.

In other words they have a policy that implies that it’s inoccuous prior to installation, which then springs into sharp relief once you’ve crossed the Rubicon and installed their spyware – nice touch!

(Via Bruce Schneier)

Electronic voting report in Ohio

Posted on by

Ohio has published a report on an investigation into electronic voting machines, Wired reports on it, summarising one particular finding thus:

They found that a voter or poll worker with a Palm Pilot and no more than a minute’s access to a voting machine could surreptitiously re-calibrate the touch-screen so that it would prevent voters from voting for specific candidates or cause the machine to secretly record a voter’s vote for a different candidate than the one the voter chose. Access to the screen calibration function requires no password, and the attacker’s actions, the researchers say, would be indistinguishable from the normal behavior of a voter in front of a machine or of a pollworker starting up a machine in the morning.

…and if you think that’s bad enough, then here’s an interesting comment from a collection of complaints about voting in Florida in 2006 that were assembled after an FOI request:

Vote for one candidate registered as vote for different candidate

Upon opening ballot for first time voter saw “x” by Katherine Harris’s name though voter had not touched screen yet.

So the machines are quite capable of getting things wrong without a malicious attack (well, assuming that wasn’t the cause in the above events).

So, who would you like to win today ?

(Via Bruce Schneier)

Windows DRM breaks – declares all XP & Vista installs pirated

Posted on by

Yet another reason to not bother with Windows or other DRM crippled software, Microsofts Genuine disAdvantage servers all crashed..

The result? Every single Windows XP and Vista installation — except possibly those with volume license keys — is being marked as counterfeit when it tries to check in. Installations which are flagged as counterfeit switch to a “reduced functionality mode” which results in features like Aero and DirectX being disabled.

Talk about Defective by Design..

Monster hack(ed)

Posted on by

The BBC reports that social engineers hacked Monster.com looking for information to make phishing scams more credible..

It said confidential details of more than 1.3 million people, mainly Americans, were stolen by malicious hackers who carried out the attack. It said that servers in the Ukraine and hijacked home computers were used to mount the attack. […] The thieves got away with names, addresses, phone numbers and e-mail addresses of Monster.com users. […] The attackers wanted to get hold of personal information in an attempt to make e-mails supposedly sent by recruitment firms more plausible.

Samsung SCX-4200 printer driver security risk

Posted on by

Just to show what not to do when writing drivers, this just in from LWN:

A LinuxFR reader has sent out an alert (in French) about the Samsung SCX-4200 printer driver for Linux. It appears that the driver author had some trouble with the Linux permission model; the response was to make a few applications run setuid root. A quick look at the install script shows that the affected programs are xsane, xscanimage, and the major OpenOffice.org components. The script also replaces some CUPS executables and does some other fun things. This seems like code to avoid for anybody wanting to run a remotely secure system.

Ugh.