Slashdot security articles

Syndicate content Slashdot: Generated for TarPitt (217247)
News for nerds, stuff that matters: Generated for TarPitt (217247)
Updated: 1 hour 51 min ago

Huge Survey of Firmware Finds No Security Gains In 15 Years

Fri, 08/16/2019 - 15:20
A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, Netgear and other major vendors. The Security Ledger reports: "Nobody is trying," said Sarah Zatko, the Chief Scientist at the Cyber Independent Testing Lab (CITL), a non-profit organization that conducts independent tests of software security. "We found no consistency in a vendor or product line doing better or showing improvement. There was no evidence that anybody is making a concerted effort to address the safety hygiene of their products," she said. The CITL study surveyed firmware from 18 vendors including ASUS, D-link, Linksys, NETGEAR, Ubiquiti and others. In all, more than 6,000 firmware versions were analyzed, totaling close to 3 million binaries created from 2003 to 2018. It is the first longitudinal study of IoT software safety, according to Zatko. CITL researchers studied publicly available firmware images and evaluated them for the presence of standard security features such as the use of non-executable stacks, Address Space Layout Randomization (ASLR) and stack guards, which prevent buffer overflow attacks. The results were not encouraging. Time and again, firmware from commonly used manufacturers failed to implement basic security features even when researchers studied the most recent versions of the firmware. For example: firmware for the ASUS RT-AC55U wifi router did not employ ASLR or stack guards to protect against buffer overflow attacks. Nor did it employ a non-executable stack to protect against "stack smashing," another variety of overflow attack. CITL found the same was true of firmware for Ubiquiti's UAP AC PRO wireless access points, as well as DLink's DWL-6600 access point. Router firmware by vendors like Linksys and NETGEAR performed only slightly better on CITL's assessment. CITL researchers also "found no clear progress in any protection category over time," reports The Security Ledger. "Researchers documented 299 positive changes in firmware security scores over the 15 years covered by the study... but 370 negative changes over the same period. Looking across its entire data set, in fact, firmware security actually appeared to get worse over time, not better." On the bright side, the survey found that almost all recent router firmware by Linksys and NETGEAR boasted non-executable stacks. "However, those same firmware binaries did not employ other common security features like ASLR or stack guards, or did so only rarely," says the report.

Judge Orders Georgia To Switch To Paper Ballots For 2020 Elections

Fri, 08/16/2019 - 14:00
An anonymous reader quotes a report from Ars Technica: Election security advocates scored a major victory on Thursday as a federal judge issued a 153-page ruling ordering Georgia officials to stop using its outdated electronic voting machines by the end of the year. The judge accepted the state's argument that it would be too disruptive to switch to paper ballots for municipal elections being held in November 2019. But she refused to extend that logic into 2020, concluding that the state had plenty of time to phase out its outdated touchscreen machines before then. The state of Georgia was already planning to phase out its ancient touchscreen electronic voting machines in favor of a new system based on ballot-marking machines. Georgia hopes to have the new machines in place in time for a presidential primary election in March 2020. In principle, that switch should address many of the critics' concerns. The danger, security advocates said, was that the schedule could slip and Georgia could then fall back on its old, insecure electronic machines in the March primary and possibly in the November 2020 general election as well. The new ruling by Judge Amy Totenberg slams the door shut on that possibility. If Georgia isn't able to switch to its new high-tech system, it will be required to fall back on a low-tech system of paper ballots rather than continue using the insecure and buggy machines it has used for well over a decade. Alex Halderman, a University of Michigan computer scientist who served as the plaintiffs' star witness in the case, hailed the judge's ruling. "The court's ruling recognizes that Georgia's voting machines are so insecure, they're unconstitutional," Halderman said in an email to Ars. "That's a huge win for election security that will reverberate across other states that have equally vulnerable systems."

Hundreds of Thousands of People Are Using Passwords That Have Already Been Hacked, Google Says

Fri, 08/16/2019 - 08:45
A new Google study this week confirmed the obvious: internet users need to stop using the same password for multiple websites unless they're keen on having their data hijacked, their identity stolen, or worse. From a report: It seems like not a day goes by without a major company being hacked or leaving user email addresses and passwords exposed to the public internet. These login credentials are then routinely used by hackers to hijack your accounts, a threat that's largely mitigated by using a password manager and unique password for each site you visit. Sites like "have I been pwned?" can help users track if their data has been exposed, and whether they need to worry about their credentials bouncing around the dark web. But it's still a confusing process for many users unsure of which passwords need updating. To that end, last February Google unveiled a new experimental Password Checkup extension for Chrome. The extension warns you any time you log into a website using one of over 4 billion publicly-accessible usernames and passwords that have been previously exposed by a major hack or breach, and prompts you to change your password when necessary. The extension was built in concert with cryptography experts at Stanford University to ensure that Google never learns your usernames or passwords, the company says in an explainer. Anonymous telemetry data culled from the extension has provided Google with some interesting information on how widespread the practice of account hijacking and non-unique passwords really is.

New Bluetooth KNOB Flaw Lets Attackers Manipulate Traffic

Fri, 08/16/2019 - 06:41
A new Bluetooth vulnerability named "KNOB" has been disclosed that allow attackers to more easily brute force the encryption key used during pairing to monitor or manipulate the data transferred between two paired devices. From a report: In a coordinated disclosure between Center for IT-Security, Privacy and Accountability (CISPA), ICASI, and ICASI members such as Microsoft, Apple, Intel, Cisco, and Amazon, a new vulnerability called "KNOB" has been disclosed that affects Bluetooth BR/EDR devices, otherwise known as Bluetooth Classic, using specification versions 1.0 - 5.1. This flaw has been assigned CVE ID CVE-2019-9506 and allows an attacker to reduce the length of the encryption key used for establishing a connection. In some cases, an attacker could reduce the length of an encryption key to a single octet. "The researchers identified that it is possible for an attacking device to interfere with the procedure used to set up encryption on a BR/EDR connection between two devices in such a way as to reduce the length of the encryption key used," stated an advisory on Bluetooth.com. "In addition, since not all Bluetooth specifications mandate a minimum encryption key length, it is possible that some vendors may have developed Bluetooth products where the length of the encryption key used on a BR/EDR connection could be set by an attacking device down to a single octet."

Apple Files Lawsuit Against Corellium For iOS Emulation

Thu, 08/15/2019 - 21:15
Apple has filed a lawsuit against Corellium, accusing the software company of illegally selling virtual copies of iOS under the guise of helping discover security flaws. "Apple said the software company Corellium has copied the operating system, graphical user interface and other aspects of the devices without permission, and wants a federal judge to stop the violations," reports Bloomberg. From the report: Apple said it supports "good-faith security research," offering a $1 million "bug bounty" for anyone who discovers flaws in its system and gives custom versions of the iPhone to "legitimate" researchers. Corellium, the iPhone maker said, goes further than that. "Although Corellium paints itself as providing a research tool for those trying to discover security vulnerabilities and other flaws in Apple's software, Corellium's true goal is profiting off its blatant infringement," Apple said in the complaint. "Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder." Corellium creates copies of the Apple iOS, and says that it's all to help white-hat hackers discover security flaws. Instead, according to Apple, any information is sold to people who can then exploit those flaws. Corellium, in a posting dated July 4 on its website, said it "respects the intellectual property rights of others and expects its users to do the same." Corellium's products allow the creation of a virtual Apple device, according to the suit. It copies new versions of Apple works as soon as they are announced, and doesn't require users to disclose flaws to Apple, the Cupertino, California-based company said in the complaint. Apple also wants a court order forcing Corellium to notify its customers that they are in violation of Apple's rights, destruction of any products using Apple copyrights, and cash compensation.

President Trump Is Reportedly Considering Buying Greenland

Thu, 08/15/2019 - 18:15
According to The Wall Street Journal, President Trump has -- with varying degrees of seriousness -- floated the idea of the U.S. buying the autonomous Danish territory of Greenland. From the report: In meetings, at dinners and in passing conversations, Mr. Trump has asked advisers whether the U.S. can acquire Greenland, listened with interest when they discuss its abundant resources and geopolitical importance and, according to two of the people, has asked his White House counsel to look into the idea. Some of his advisers have supported the concept, saying it was a good economic play, two of the people said, while others dismissed it as a fleeting fascination that will never come to fruition. It is also unclear how the U.S. would go about acquiring Greenland even if the effort were serious. U.S. officials view Greenland as important to American national-security interests. A decades-old defense treaty between Denmark and the U.S. gives the U.S. military virtually unlimited rights in Greenland at America's northernmost base, Thule Air Base. Located 750 miles north of the Arctic Circle, it includes a radar station that is part of a U.S. ballistic missile early-warning system. The base is also used by the U.S. Air Force Space Command and the North American Aerospace Defense Command. People outside the White House have described purchasing Greenland as an Alaska-type acquisition for Mr. Trump's legacy, advisers said. The few current and former White House officials who had heard of the notion described it with a mix of anticipation and apprehension, since it remains unknown how far the president might push the idea. It generated a cascade of questions among his advisers, such as whether the U.S. could use Greenland to establish a stronger military presence in the Arctic, and what kind of research opportunities it might present. The report says that Trump told associates he had been advised to look into buying Greenland because Denmark faced financial trouble from supporting the territory. The person who told the Journal about Trump's comments said they seemed like more of a joke about his power than a serious inquiry. According to U.S. and Danish government statistics, Greenland relies on $591 million of subsidies from Denmark annually, which make up about 60% of its annual budget.

Unique Kaspersky AV User ID Allowed 3rd-Party Web Tracking

Thu, 08/15/2019 - 11:30
Kaspersky antivirus solutions injected in the web pages visited by its users an identification number unique for each system. This started in late 2015 and could be used to track a user's browsing interests. From a report: Versions of the antivirus product, paid and free, up to 2019, displayed this behavior that allows tracking regardless of the web browser used, even when users started private sessions. Signaled by c't magazine editor Ronald Eikenberg, the problem was that a JavaScript from a Kaspersky server loaded from an address that included a unique ID for every user. Scripts on a website can read the HTML source and glean the Kaspersky identifier, which Eikenberg determined to remain unchanged on the system.

Cloudflare Says Cutting Off Customers Like 8chan is an IPO 'Risk Factor'

Thu, 08/15/2019 - 10:50
Networking and web security giant Cloudflare says the recent 8chan controversy may be an ongoing "risk factor" for its business on the back of its upcoming initial public offering. From a report: The San Francisco-based company, which filed its IPO paperwork with the U.S. Securities and Exchange Commission on Thursday, earlier this month took the rare step of pulling the plug on one of its customers, 8chan, an anonymous message board linked to recent domestic terrorist attacks in El Paso, Texas and Dayton, Ohio, which killed 31 people. The site is also linked to the shootings in New Zealand, which killed 50 people. 8chan became the second customer to have its service cut off by Cloudflare in the aftermath of the attacks. The first and other time Cloudflare booted one of its customers was neo-Nazi website The Daily Stormer in 2017, after it claimed the networking giant was secretly supportive of the website. "Activities of our paying and free customers or the content of their websites and other Internet properties could cause us to experience significant adverse political, business, and reputational consequences with customers, employees, suppliers, government entities, and other third parties," the filing said. "Even if we comply with legal obligations to remove or disable customer content, we may maintain relationships with customers that others find hostile, offensive, or inappropriate."

Trump Administration Asks Congress To Reauthorize NSA's Deactivated Call Records Program

Thu, 08/15/2019 - 10:10
Breaking a long silence about a high-profile National Security Agency program that sifts records of Americans' telephone calls and text messages in search of terrorists, the Trump administration on Thursday acknowledged for the first time that the system has been indefinitely shut down -- but asked Congress to extend its legal basis anyway. From a report: In a letter to Congress delivered on Thursday and obtained by The New York Times, the administration urged lawmakers to make permanent the legal authority for the National Security Agency to gain access to logs of Americans' domestic communications, the USA Freedom Act. The law, enacted after the intelligence contractor Edward J. Snowden revealed the existence of the program in 2013, is set to expire in December, but the Trump administration wants it made permanent. The unclassified letter, signed on Wednesday by Dan Coats in one of his last acts as the director of National Intelligence, also conceded that the N.S.A. has indefinitely shut down that program after recurring technical difficulties repeatedly caused it to collect more records than it had legal authority to gather. That fact has previously been reported, but the administration had refused to officially confirm its status.

NYC Has Hired Hackers To Hit Back at Stalkerware

Thu, 08/15/2019 - 07:30
Abusers leverage high-tech tools in the oldest of crimes, stalking their victims through tools like Facebook Messenger and Apple Maps. They spy on their targets through stalkerware apps and Amazon Alexas. But hackers are now teaming up with victim advocates to catch up. From a report: In a pilot study the New York City government has been running since 2018, technologists work in collaboration with the Mayor's Office to End Domestic and Gender-Based Violence to offer practical computer security and privacy services to survivors of intimate partner violence. The program, which involves a team of academics from Cornell Tech and New York University, has already seen early success and is growing, Cornell Tech's Sam Havron said on Wednesday at the USENIX Security Symposium in Santa Clara, California. There are hundreds of apps sold on the market today that stalkers use to track a victim's location, secretly record voice audio, steal text messages, or engage in other illegal surveillance. Since November 2018, the New York-based technologists have met with 44 clients and have discovered that 23 of them may have been targeted by spyware, account compromise, or exploitable misconfigurations. Over half the victim cases have connections to digital abuse, according to a newly published paper, "Clinical Computer Security for Victims of Intimate Partner Violence."

The Fashion Line Designed To Trick Surveillance Cameras

Wed, 08/14/2019 - 18:10
Freshly Exhumed shares a report from The Guardian: Automatic license plate readers, which use networked surveillance cameras and simple image recognition to track the movements of cars around a city, may have met their match, in the form of a T-shirt. Or a dress. Or a hoodie. The anti-surveillance garments were revealed at the DefCon cybersecurity conference in Las Vegas on Saturday by the hacker and fashion designer Kate Rose, who presented the inaugural collection of her Adversarial Fashion line. To human eyes, Rose's fourth amendment T-shirt contains the words of the fourth amendment to the U.S. constitution in bold yellow letters. The amendment, which protects Americans from "unreasonable searches and seizures," has been an important defense against many forms of government surveillance: in 2012, for instance, the U.S. supreme court ruled that it prevented police departments from hiding GPS trackers on cars without a warrant. But to an automatic license plate reader (ALPR) system, the shirt is a collection of license plates, and they will get added to the license plate reader's database just like any others it sees. The intention is to make deploying that sort of surveillance less effective, more expensive, and harder to use without human oversight, in order to slow down the transition to what Rose calls "visual personally identifying data collection." "It's a highly invasive mass surveillance system that invades every part of our lives, collecting thousands of plates a minute. But if it's able to be fooled by fabric, then maybe we shouldn't have a system that hangs things of great importance on it," she said.

Researchers Found World-Readable Database Used To Secure Buildings Around the Globe

Wed, 08/14/2019 - 17:30
Researchers said they have found a publicly accessible database containing almost 28 million records -- including plain-text passwords, face photos, and personal information -- that was used to secure buildings around the world. Ars Technica reports: Researchers from vpnMentor reported on Wednesday that the database was used by the Web-based Biostar 2 security system sold by South Korea-based Suprema. Biostar uses facial recognition and fingerprint scans to identify people authorized to enter warehouses, municipal buildings, businesses, and banks. vpnMentor said the system has more than 1.5 million installations in a wide range of countries including the U.S., the UK, Indonesia, India, and Sri Lanka. According to vpnMentor, the 23-gigabyte database contained more than 27.8 million records used by Biostar to secure customer facilities. The data included usernames, passwords and user IDs in plaintext, building access logs, employee records including start dates, personal details, mobile device data, and face images. The researchers said the data also included more than 1 million records containing actual fingerprint scans, but the report provided no data to support the claim. "The vpnMentor researchers said they discovered the exposed database on August 5 and privately reported the finding two days later," reports Ars Technica. "The data wasn't secured until Tuesday, six days later."

Credit Karma Glitch Exposed Users To Other People's Accounts

Wed, 08/14/2019 - 15:30
Users of credit monitoring site Credit Karma have took to Reddit and Twitter to complain that they were served other people's account information when they logged in. TechCrunch has confirmed several screenshots that show other people's accounts, including details about their credit card accounts and their current balance. When contacted, a Credit Karma spokesperson said these users "experienced a technical malfunction that has now been fixed," and that there's "no evidence of a data breach." The company didn't say for how long customers were experiencing issues. TechCrunch reports: One user told TechCrunch that after they were served another person's full credit report, they messaged the user on LinkedIn "to let him know his data was compromised." Another user told us this: "The reports are split into two sections: Credit Factors -- things like number of accounts, inquiries, utilization; and Credit Reports -- personal information like name, address, etc.. The Credit Reports section was my own information, but the Credit Factors section definitely wasn't. It listed four credit card accounts (I have more like 20 on my report), a missed payment (I'm 100% on time with payments), a Honda auto loan (never had one with Honda), student loan financing (mine are paid off and too old to appear on my report), and cards with an issuer that I have no relationship with (Discover)." Another user who was affected said they could read another person's Credit Factors -- including derogatory credit marks -- but that the Credit Report tab with that user's personal information, like names and addresses, was blank. One user said that the login page was pulled offline for a brief period. "We'll be right back," the login page read instead.

The Video Game Industry Claims Its Products Avoid Politics, But That's a Lie.

Wed, 08/14/2019 - 11:23
Josh Tucker, writing for The Outline: Retired Lieutenant Colonel Oliver North was a Marine platoon commander in Vietnam, a U.S. Senate candidate, and eventually, a National Rifle Association president. At the National Security Council under Ronald Reagan, he helped manage a number of violent imperial operations, including the U.S. invasion of Grenada. Due to televised hearings in the Summer of 1987 where he gave horrifying testimony about the things that he and the United States government had allegedly done, he is probably best known for his role in the Iran-Contra scandal. Alternatively, you might instead recognize North as a minor character from Call of Duty: Black Ops II. In the game, he makes an appearance, service ribbons and all, to talk a retired Alex Mason -- the game's protagonist -- into joining a covert mission in Angola. The cameo was accompanied by North's role as an advisor and pitchman for the 2012 title. It was very bizarre, and, according to the developers, not at all political. In an interview with Treyarch head Mark Lamia, Kotaku's Stephen Totilo asked if the studio had expected the controversy around using North as a consultant. "We're not trying to make a political statement with our game," Lamia responded. "We're trying to make a piece of art and entertainment." This answer would be farcical under any circumstances, but to be clear, Black Ops II was already a jingoistic first-person shooter in a series full of dubious storylines and straight-up propaganda. Its writer and director, Dave Anthony, would later go on to a fellowship at D.C.'s Atlantic Council, advising on "The Future of Unknown Conflict." Regardless, Lamia felt comfortable insisting on record that there was nothing political about getting the Iran-Contra fall guy to shill for its game. In the time since, this brazen corporate line has become the standard for blockbuster games, including the upcoming Call of Duty: Modern Warfare. "Are games political?" continues to be exhaustingly rehashed, because game companies continue to sell an apolitical delusion.

Major Breach Found in Biometrics System Used By Banks, UK Police and Defence Firms

Wed, 08/14/2019 - 08:42
The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks, The Guardian reported Wednesday. From the report: Suprema is the security company responsible for the web-based Biostar 2 biometrics lock system that allows centralised control for access to secure facilities like warehouses or office buildings. Biostar 2 uses fingerprints and facial recognition as part of its means of identifying people attempting to gain access to buildings. Last month, Suprema announced its Biostar 2 platform was integrated into another access control system -- AEOS. AEOS is used by 5,700 organisations in 83 countries, including governments, banks and the UK Metropolitan police. The Israeli security researchers Noam Rotem and Ran Locar working with vpnmentor, a service that reviews virtual private network services, have been running a side project to scans ports looking for familiar IP blocks, and then use these blocks to find holes in companies' systems that could potentially lead to data breaches. In a search last week, the researchers found Biostar 2's database was unprotected and mostly unencrypted. They were able to search the database by manipulating the URL search criteria in Elasticsearch to gain access to data.

Huawei Technicians Helped African Governments Spy on Political Opponents

Wed, 08/14/2019 - 08:02
phalse phace writes: A WSJ investigation appears to have uncovered multiple instances where the African governments in Uganda and Zambia, with the help of Huawei technicians, used Huawei's communications equipment to spy on and censor political opponents and its citizens. From the report, writes phalse phace: Huawei Technologies dominates African markets, where it has sold security tools that governments use for digital surveillance and censorship. But Huawei employees have provided other services, not disclosed publicly. Technicians from the Chinese powerhouse have, in at least two cases, personally helped African governments spy on their political opponents, including intercepting their encrypted communications and social media, and using cell data to track their whereabouts, according to senior security officials working directly with the Huawei employees in these countries. It should be noted that while the findings "show how Huawei employees have used the company's technology and other companies' products to support the domestic spying of those governments," the investigation didn't turn up evidence of spying by or on behalf of Beijing in Africa. Nor did it find that Huawei executives in China knew of, directed or approved the activities described. It also didn't find that there was something particular about the technology in Huawei's network that made such activities possible. Details of the operations, however, offer evidence that Huawei employees played a direct role in government efforts to intercept the private communications of opponents.

Cray Is Building a Supercomputer To Manage the US' Nuclear Stockpile

Wed, 08/14/2019 - 05:00
An anonymous reader quotes a report from Engadget: The U.S. Department of Energy (DOE) and National Nuclear Security Administration (NNSA) have announced they've signed a contract with Cray Computing for the NNSA's first exascale supercomputer, "El Capitan." El Capitan's job will be to will perform essential functions for the Stockpile Stewardship Program, which supports U.S. national security missions in ensuring the safety, security and effectiveness of the nation's nuclear stockpile in the absence of underground testing. Developed as part of the second phase of the Collaboration of Oak Ridge, Argonne and Livermore (CORAL-2) procurement, the computer will be used to make critical assessments necessary for addressing evolving threats to national security and other issues such as non-proliferation and nuclear counterterrorism. El Capitan will have a peak performance of more than 1.5 exaflops -- which is 1.5 quintillion calculations per second. It'll run applications 50 times faster than Lawrence Livermore National Laboratory's (LLNL) Sequoia system and 10 times faster than its Sierra system, which is currently the world's second most powerful super computer. It'll be four times more energy efficient than Sierra, too. The $600 million El Capitan is expected to go into production by late 2023. "NNSA is modernizing the Nuclear Security Enterprise to face 21st century threats," said Lisa E Gordon-Hagerty, DOE undersecretary for nuclear security and NNSA administrator. "El Capitan will allow us to be more responsive, innovative and forward-thinking when it comes to maintaining a nuclear deterrent that is second-to-none in a rapidly-evolving threat environment."

Researcher Makes Legit-Looking iPhone Lightning Cables That Will Hijack Your Computer

Tue, 08/13/2019 - 16:45
A researcher known as MG has modified Lightning cables with extra components to let him remotely connect to the computers that the cables are connected to. "It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," MG said. Motherboard reports: One idea is to take this malicious tool, dubbed O.MG Cable, and swap it for a target's legitimate one. MG suggested you may even give the malicious version as a gift to the target -- the cables even come with some of the correct little pieces of packaging holding them together. MG typed in the IP address of the fake cable on his own phone's browser, and was presented with a list of options, such as opening a terminal on my Mac. From here, a hacker can run all sorts of tools on the victim's computer. The cable comes with various payloads, or scripts and commands that an attacker can run on the victim's machine. A hacker can also remotely "kill" the USB implant, hopefully hiding some evidence of its use or existence. MG made the cables by hand, painstakingly modifying real Apple cables to include the implant. "In the end, I was able to create 100 percent of the implant in my kitchen and then integrate it into a cable. And these prototypes at Def con were mostly done the same way," he said. MG did point to other researchers who worked on the implant and graphical user interface. He is selling the cables for $200 each.

Vulnerability in Microsoft CTF Protocol Goes Back To Windows XP

Tue, 08/13/2019 - 12:42
CTF, a little-known Microsoft protocol used by all Windows operating system versions since Windows XP, is insecure and can be exploited with ease. From a report: According to Tavis Ormandy, a security researcher with Google's Project Zero elite security team and the one who discovered the buggy protocol, hackers or malware that already have a foothold on a user's computer can use the protocol to take over any app, high-privileged applications, or the entire OS, as a whole. Currently, there are no patches for these bugs, and a quick fix isn't expected, as the vulnerabilities are deeply ingrained in the protocol and its design. What CTF stands is currently unknown. Even Ormandy, a well-known security researcher, wasn't able to find what it means in all of Microsoft documentation. What Ormandy found out was that CTF is part of of the Windows Text Services Framework (TSF), the system that manages the text shown inside Windows and Windows applications. When users start an app, Windows also starts a CTF client for that app. The CTF client receives instructions from a CTF server about the OS system language and the keyboard input methods. It is unclear how Microsoft will patch the CTF problem.

Tesla Owner Implants RFID Chip From Her Model 3's Keycard Into Her Arm

Mon, 08/12/2019 - 18:10
A Tesla driver figured out a way to implant the RFID tag from her Model 3's keycard into her forearm. Now, all she needs to do to unlock and turn on her car is to hold her forearm near the console -- no physical key fob or smartphone required. The Verge reports: Amie DD is a software engineer and self-described "maker of things." In a video, she explained that she had implanted an RFID tag in her arm years ago, which she had used to open her home's front door and to send a smartphone's browser to her personal website. When she preordered her Model 3, she realized that she could probably do something similar with the keycard. She didn't have any luck transferring the software to her existing chip, so she decided to extract the card's chip and implant that into her arm. To do that, she dissolved the card using acetone, and had it encased in a biopolymer. From there, she went to a body-modification studio to have the chip (about the size of a Lego mini-figure) implanted into her forearm. In another video (warning, there's some blood), she shows off the implantation. She also documented her process on Hackaday. She told The Verge that the chip does work, but the range from her arm to the console "isn't the greatest." It's only about an inch, but she's hoping that it'll improve as the swelling of her arm goes down.