Archive for Huawei backdoors

Oct 23 2013, Episode 318, Show Notes

Posted in Breach, Conference Coverage, darkweb, Exclusive, Podcast, Show Notes, The CyberJungle, web server security with tags , , , , , on October 23, 2013 by datasecurityblog

Episode 318 of The CyberJungle is about 30 minutes long. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 318 via the flash player:

Interviews

Fast and Furious Forensics with Rob Schroeder of Paraben 

Our Take on This Week’s News

Huawei calls for security standards; What not ISO27k?

NSA Accessed Mexican President’s Email

Law Enforcement recognizing citizen privacy in tech age

Tales From The Dark Web

PR services targeted

Wrap

Musk. Elon Musk.

Please support our sponsors, as they support The CyberJungle

OUR NEWEST SPONSOR, ATOLOA TECHNOLOGIES….PLEASE VISIT THEIR SITE ATOLA.COM

Atola Insight is an all-in-one hard drive data recovery and forensic system. It offers complex data retrieval functions along with utilities for manually accessing hard drives at the lowest level. Atola Insight has several key features for data capture in forensic and e-discovery cases:

* Excellent disk imaging speed up to 180 MB/s

* Checksum calculation: MD5, SHA (1, 224, 256, 384, 512)

* Forensic data erasure methods including DoD 5220.22-M, Security Erase, NIST 800-88, Pattern Erase

* Case management system

* ATA Password removal

* File recovery for NTFS (all versions), Ext 2/3/4, HFS, HFS+, HFSX, ExFAT, FAT16, FAT32

* High performance of the multi-pass imaging for damaged drives

* Authentic Atola HDD diagnostics that creates a detailed report in minutes.

Find out more at Atola.com

Paraben's Forensic Innovations Conference

The Paraben Forensic Innovations Conference has been an annual event since 2008. Since that time it has rapidly evolved into a higher attended conference with a broader scope of topics reaching from deeply technical into the legal aspects of the forensics and eDiscovery industry. Those who attend PFIC are as diverse as our topics, from law enforcement and lawyers, to corporate entities, government agents, private investigators, and educational institutions. If you haven’t had the opportunity to attend, this is your chance to experience the fresh air and mountains of Utah as well as the fresh topics that will be the highlight of this year’s conference. If you’ve already attended, then you know what to expect and are as excited as we are about it!  PFIC 2013 will be held November 13-15th, 2013 in Salt Lake City Utah. Space for this conference is limited, and with tickets starting at $199, the show will almost surely sell out. The CyberJungle will be there, because it is one of the best bang for the buck forensic conferences of the year.

 

May 28th 2013, Episode 302, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, Exclusive, Podcast, Show Notes, The CyberJungle, Vulnerabilities, web server security with tags , , , , , on May 28, 2013 by datasecurityblog

Episode 302 of The CyberJungle is about 38 minutes long.  The interview with the Dr. Eric Cole, SANS Fellow begins at about the 20min mark, following Tales from The Dark Web. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 303 via the flash player: http://dataclonelabs.com/security_talkworkshop/thecyberjungle_302.mp38

Interview

Links mentioned  in the interview with Dr. Eric Cole; Author, Advanced Persistent Threat: Understanding the Danger and How to Protect Your Organization; and SecureAnchor

Tales From The Dark Web

Security lapse discovered by reporters exposes data

Our Take On This Week’s News

Iran fingered for attacks on US power firms; Syrian group tried to disrupt Haifa water system

Clearwire limiting Huawei footprint

Experts give their take on Twitter’s 2FA

Wrap

Corporate Security’s Weak Link: Click-Happy CEOs [subscription required]

 

Please support our sponsors, as they support The CyberJungle

Paraben's Forensic Innovations Conference

The Paraben Forensic Innovations Conference has been an annual event since 2008. Since that time it has rapidly evolved into a higher attended conference with a broader scope of topics reaching from deeply technical into the legal aspects of the forensics and eDiscovery industry. Those who attend PFIC are as diverse as our topics, from law enforcement and lawyers, to corporate entities, government agents, private investigators, and educational institutions. If you haven’t had the opportunity to attend, this is your chance to experience the fresh air and mountains of Utah as well as the fresh topics that will be the highlight of this year’s conference. If you’ve already attended, then you know what to expect and are as excited as we are about it!  PFIC 2013 will be held November 13-15th, 2013 in Salt Lake City Utah. Space for this conference is limited, and with tickets starting at $199, the show will almost surely sell out. The CyberJungle will be there, because it is one of the best bang for the buck forensic conferences of the year.

SpectorSoft

SpectorSoft: IT professionals, Risk Officers, and HR staff have more worries than ever: insider theft, inappropriate communications, inefficient processes, employee investigations, and compliance requirements. These pressing issues demand a reliable, automated, advanced technology capable of showing user, department, and division activity no matter where the users are or what devices they are using. SPECTOR 360, the de facto corporate User Activity Monitoring solution, addresses these issues and meets this demand.

SPECTOR 360 monitors, captures, and analyzes ALL user and user group activity including: email sent and received, chat/IM/BBM, websites visited, applications/programs accessed, web searches, phone calls, file transfers, and data printed or saved to removable devices.

SPECTOR 360 features automated, remote installation of the Windows and Mac clients and requires no client installation on BlackBerry devices.

 

March 19 2013, Episode 294, Show Notes

Posted in Breach, Court Cases, criminal forensics, darkweb, ediscovery, eMail Security, Exclusive, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , on March 19, 2013 by datasecurityblog

Episode 294 of The CyberJungle is about 30 minutes long.  The interview with James Elste on privacy and Trusted Identities begins at about the 15min mark. You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 294 via the flash player:

Interview

James Elste, information security expert, talks privacy and NIST’s Trusted Identities effort. Here are the links from the segment:

www.idecosystem.org

NATIONAL STRATEGY FOR TRUSTED IDENTITIES IN CYBERSPACE

Making Online Transactions Safer, Faster, and More Private

Tales From The Dark Web

Ira talked about the credit reporting agency break ins, and how Federal law made the attacks easier

Our Take On This Week’s News

Huawei USB modems vulnerable

How will you know who’s recording? Google Glass protestors set up campaign group to censor the high-tech eyewear

Wrap

Ohio judge calls speed cameras ‘scam’

Please support our sponsors, as they support The CyberJungle

SpectorSoft

SpectorSoft: IT professionals, Risk Officers, and HR staff have more worries than ever: insider theft, inappropriate communications, inefficient processes, employee investigations, and compliance requirements. These pressing issues demand a reliable, automated, advanced technology capable of showing user, department, and division activity no matter where the users are or what devices they are using. SPECTOR 360, the de facto corporate User Activity Monitoring solution, addresses these issues and meets this demand.

SPECTOR 360 monitors, captures, and analyzes ALL user and user group activity including: email sent and received, chat/IM/BBM, websites visited, applications/programs accessed, web searches, phone calls, file transfers, and data printed or saved to removable devices.

SPECTOR 360 features automated, remote installation of the Windows and Mac clients and requires no client installation on BlackBerry devices.

 

January 12 2013, Episode 288, Show Notes

Posted in Breach, Conference Coverage, criminal forensics, darkweb, ediscovery, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , on January 12, 2013 by datasecurityblog

Episode 288 of The CyberJungle is about 25 minutes long.  You can hear it by clicking on the flash player below. The interview with Jeff Hudson, CEO of Venafy on SSL cert fraud, begins at about the 12:30min mark.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 288  via the flash player:

Interview

Jeff Hudson, CEO of Venafy on SSL cert fraud

Tales From The Dark Web

0day Cisco VoIP flaw could cause eavesdropping without making a call

Our Take on This Weeks News

CES2012: Will Ford open telematics platform to forensic apps, and new gear to secure iPads at work
US Nuke lab tosses out Huawei gear over backdoor fears

Wrap

Microsoft hopes to patent an ‘inconspicuous mode‘ for smartphones

Please support our sponsors, as they support The CyberJungle

SpectorSoft

SpectorSoft: IT professionals, Risk Officers, and HR staff have more worries than ever: insider theft, inappropriate communications, inefficient processes, employee investigations, and compliance requirements. These pressing issues demand a reliable, automated, advanced technology capable of showing user, department, and division activity no matter where the users are or what devices they are using. SPECTOR 360, the de facto corporate User Activity Monitoring solution, addresses these issues and meets this demand.

SPECTOR 360 monitors, captures, and analyzes ALL user and user group activity including: email sent and received, chat/IM/BBM, websites visited, applications/programs accessed, web searches, phone calls, file transfers, and data printed or saved to removable devices.

SPECTOR 360 features automated, remote installation of the Windows and Mac clients and requires no client installation on BlackBerry devices.

 

Concerns about Huawei Technologies continue to Rise

Posted in Breach, darkweb, Vulnerabilities with tags , , on October 16, 2012 by datasecurityblog

American businesses got a wakeup call this month from the House Intelligence Committee about everyday risk to their intellectual property and other confidential data. Let’s hope they heed the call.

Earlier this year, concerns began to emerge over a possibly overly intimate relationship between Huawei Technologies, a top maker of telecom equipment, and the Chinese military. The founder of Huawei, Ren Zhengfei, retired from the Chinese military in 1984, and started the company three years later.

The CBS News program 60 Minutes offered a good account of the congressional investigation into the potential a national security threat posed by Huawei. But that story is partial.

Here’s a more complete version.

Late in 2011, the U.S. Commerce Department released an unusual statement banning Networking equipment-maker Huawei from use in a nationwide emergency network, with no clear reason given. Huawei’s US-based spokesman criticized the announcement as “ungrounded.”

This was the first in a chain of events culminating in a report this month by the House Permanent Select Committee on Intelligence, concluding that Huawei is a threat to US security, and a threat to the intellectual property of U.S. companies.

Huawei responded with an unusual open letter to the U.S. government. They denied charges of poor data security. Huawei asked for a full investigation into the security of Huawei equipment.

This was a very odd request, in my view. Governments are almost always laggards when it comes to data security; they are reactive, not proactive. They’re effectively incapable of independent evaluation.

Perhaps Huawei management, steeped in the Chinese Communist Party culture, did not understand the traditionally adversarial relationship in the U. S. between results-focused businesses and politically focused government bureaucracies.

The House Permanent Select Committee on Intelligence started hearings and an investigation in response to Huawei’s request.

Meanwhile, in the EU, a security researcher who uses hacker handle “FX,” started testing the “front door” security of Huawei equipment. A German national, FX demonstrated the results of his research this summer at the annual DefCon security conference that’s held in Las Vegas each year.

Huawei’s competitors — Cisco, HP, Alcatel-Lucent, and others — routinely send security experts to this show, and others like it, to learn from such demonstrations, and to cultivate relationships with independent security researchers.

In this cooperative spirit, ethical security researchers follow the practice called “responsible disclosure.” They will not release a road map to attack a system without first contacting the company that made the equipment. The practice gives a company the time to correct the flaws, and issue a fix.

Huawei is not a company with a visible presence in the security community, and did not receive this courtesy.

In his presentation, FX demonstrated security flaws and holes so numerous, that he said there was no reason for Huawei to build in electronic back doors. With some penetration skills, an attacker could silently compromise the Huawei devices. When FX was asked if he followed responsible disclosure of his research, he said he could not locate any appropriate Huawei personnel for responsible disclosure.

On October 8, The House Committee released a 60-page report describing the threat posed by Chinese networking companies. The report states that, “China has the means, opportunity and motive to use telecommunications companies for malicious purposes,” and, “…[B]ased on available classified and unclassified information, Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems.”

Strictly as an aside, I’ve been told that unnamed sources in the Pentagon have told reporters that Huawei could add electronic “back doors” that allow eavesdropping on emails, phone calls, faxes, and confidential files that are commonly transmitted via a “secured connection.” If reporters were informed, they were given a teaspoon full of information scooped from a barrel, doled out sparingly either out of caution, or out of ignorance. (Most likely caution, since Pentagon personnel are also regular DefCon attendees.)

All of this should raise more general data security alarms than the activities of just one company. Let’s hope American business hears the wakeup call.

No matter where a company or a government buys its IT equipment, due diligence by the buyer is critical. The takeaway for you is to check on the following:

1. Which labs and testers have tested the equipment and software for security and resistance to penetration attacks?

2. Is the manufacturer of equipment encouraging the community of security researcher to find and report security flaws?

3. What is the track record of responses to flaws that are uncovered by the security community?

4. Does the company admit errors, or does it spend its energy on statements that the flaws are only possible in “rare cases,” or only show up “in a controlled laboratory.”

5. How fast does the company act to correct flaws and alert customers

Until Huawei’s concern for security matches that of its competitor, the comment from researcher FX this summer remains true, “I would not put any of this [Huawei] equipment on my network.”

NOTE: This column was written by Ira Victor for the private NNN newsletter, and is posted here for the benefit of CyberJungle Radio listeners.

September 17 2012, Episode 273, Show Notes

Posted in Court Cases, darkweb, Show Notes, The CyberJungle, Vulnerabilities with tags , , , , , , on September 17, 2012 by datasecurityblog

Episode 273 of The CyberJungle is about 30 minutes long.  You can hear it by clicking on the flash player below. The interview with Rafel Los Security Evangelist with HP, begins at about the 17min mark.  You may download the file directly – great for listening on many smartphones. Or, you may go to the listening options page and browse for other ways to hear the show.

To listen to Episode 272 via the flash player:

Interview

Rafel Los is the Security Evangelist for HP Software. Read the blog posting, Landmark ruling- Insiders aren’t hacking if you’ve given them access. Follow Rafel Los on Twitter

Tales From The Dark Web

Your smartphone WiFi may be spilling your “bees-wax”

Our Take on This Weeks News

China’s Huawei, ZTE grilled by U.S. officials over spying concerns. The Case For Huawei in American, by Dan Steinbock

Another School Violated a Student’s First Amendment Rights by Disciplining Her For Facebook Posts — R.S. v. Minnewaska Area School Dist. No. 2149.

Wrap

Ira Victor will be tweeting from SANS Network Security 2102 in Las Vegas this week. Follow Ira Victor in Twitter @ira_victor.

Follow

Get every new post delivered to your Inbox.

Join 1,139 other followers