Atmel ATMEGA2560 Analysis (Blackhat follow-up)
At this years Blackhat USA briefings, the ATMEGA2560 was shown as an example of an unsecure vs. secure device. We have received a few requests for more information on this research so here it goes… The device did not even need to be stripped down because of designer lazyness back at Atmel HQ. All we did was look for the metal plates we detailed back in our ATMEGA88 teardown last year and quickly deduced which outputs were the proper outputs in under 20 minutes. Atmel likes to cover the AVR…
Parallax Propeller P8X32A Quick Teardown
Parallax has a really neat 8 core 32 bit CPU called the ‘Propeller’. It’s been out for a few years but it is gaining popularity. There is no security with the device as it boots insecurely via a UART or I2C EEPROM. None the less, we thought it was interesting to see an 8 core CPU decapsulated! One can clearly see 8 columns that appear almost symmetric (except in the middle region). The upper 8 squares are each ‘cogs’ 512 * 32 SRAMs as described in the…
Echostar v NDS appellate court ruling update
Normally, I would not mix non-technical with the blog however I thought this deserved a little more attention that it has received. The ruling which states that NDS has won the lawsuit, vindicates myself and puts Echostar owing NDS almost 18,000,000.00 USD has come down as of 2 days ago. As well I thought it nice to mention that neither Flylogic nor myself works for/or with Echostar, Nagra, NDS or any other conditional access company in any way or form. I wish all persons whom this lawsuit effects the best…
Searching for Privacy: How to Protect Your Search Activity
This guide explains how to perform searches anonymously, protecting you from increasingly intrusive tracking and analysis by corporate and governmental organizations.
The Genie in the Market
The Android Market is an open and friendly variation on the app stores spreading across the mobile phone industry. These applications appear safe on the surface, but they exact a price for developer accessibility that is paid by unsuspecting Android consumers and vendors. This article discusses the threats presented by native libraries included by Android Market applications and covers how these vulnerabilities were exploited by the Unrevoked app to jailbreak the latest generation of Android phones.
Securing the Smart Grid: To Act Without Delay
This presentation, delivered at Infosecurity Europe by Joshua Pennell, discusses risks identified, research performed, and remediation efforts suggested around the Smart Grid and meters.
Authentication Bypass In Tranax Remote Management Software
Reported: 04.05.10. The Tranax Remote Management Software (RMS) allows for the administration of common Automated Teller Machine (ATM) tasks from a remote location. To successfully authenticate to a remote ATM, both the serial number and the RMS password are required. An attacker can leverage an implementation flaw that occurs when verifying credentials to craft a request that bypasses all authentication measures. The attacker could then perform remote management tasks with invalid credentials. The RMS interface is enabled, by default, on a typical ATM installation.
SQL Injection and Cross-site Scripting at www.courts.wa.gov
Discovered: 03.18.10. Reported: 03.23.10. The formID parameter at http://www.courts.wa.gov/forms/ is vulnerable to SQL injection. The searchTerms parameter at http://www.courts.wa.gov/search/index.cfm is vulnerable to cross-site scripting attacks. Exploiting these vulnerabilities would likely expose sensitive data and may result in compromise of the affected systems.
Top Threats to Cloud Computing V1.0
The purpose of this document is to provide needed context to assist organizations in making educated risk management decisions regarding their cloud adoption strategies. In essence, this threat research document should be seen as a companion to “Security Guidance for Critical Areas in Cloud Computing.” As the first deliverable in the CSA’s Cloud Threat Initiative, this document will be updated regularly to reflect expert consensus on the probable threats that customers should be concerned about.
Multiple Vulnerabilities in Accoria Web Server
Discovered/Reported to Accoria: December 2008. Date Reported to US-Cert: March 1, 2010. The Accoria Web Server 1.4.7 for x86 Solaris exhibits multiple vulnerabilities, including cross-site scripting, directory traversal, and format string errors.