Archive for 2020
Android Phones Now Harder To Hack Than iPhones | RISC
While governments and law enforcement agencies continue to push device makers to create backdoors, there is always a workaround that lets them crack open devices on there own in the name of investigation.
In this regard, companies like Cellebrite and Greyshift have turned out to be very helpful, as they provide solutions to break into almost any device.
Back in 2016, we saw a major controversy involving Apple and the FBI when Apple refused to unlock the iPhone of the shooter involved in the San Bernardino case.
It’s a different story that recently Apple faced criticism for not encrypting iPhone backup data on iCloud, thereby leaving scope for government access.
iPhone more hackable than Android
Anyway, when it comes to cracking smartphones, iPhones are assumed to be superior to Android in terms of privacy and security.
However, the story has taken a u-turn, and Android phones have become harder to crack than iPhones. That’s according to a forensic detective Rex Kiser who works with the Fort Worth Police Department.
“Right now, we’re getting into iPhones. A year ago we couldn’t get into iPhones, but we could get into all the Androids. Now we can’t get into a lot of the Androids,” Kiser told Vice.
Kiser suggests that it has now become tougher to extract data from newer operating systems. Probably, they are “trying to make it harder for law enforcement to get data from these phones, under the guise of consumer privacy.”
During a test conducted by NIST, Cellebrite’s UFED InFeild Kiosk tool couldn’t efficiently harvest browsing activity, GPS data, or app data from social media apps like Facebook, Instagram, Twitter, etc., when trying to get inside Google Pixel 2 and Galaxy S9.
Surprisingly, the tool returned empty-handed in the case of Huawei P20 Pro. As per the test report, the tool (version v7.5.0.875) supports over 15,000 types of devices on paper, including Android, iOS, and feature phones.
On the other hand, the UFED tool could suck in a lot more when tested on iPhone X.
Overall, it’s evident that OEM encryption backdoors could be helpful, but law enforcement agencies aren’t relying on them entirely. Instead, they’re trying to create backdoors on their own by reverse engineering.
So, technically, it’s possible to get inside a smartphone as new as iPhone 11 Pro Max; it will just take time, patience, and resources.
However, one thing to note here is that breaking a smartphone’s encryption isn’t the end of the road, according to former FBI agent Bob Osgood.
Beyond that, forensic detectives need to decipher millions of lines code inside apps containing complex data structures that constantly change with software updates. That’s where companies like Greyshift, Cellebrite, and MSAB jump into the game with their magic wands.
Monday, March 2, 2020
Posted by Sivapriya
Why 2020 is a turning point for Cyber Security | Redback Cyber Security Council - RISC
The world is more connected than ever. We are becoming more technologically advanced, markets are stronger, and central technologies that encompass our daily actions are constantly emerging.
These technological advances are based on seamless connectivity. As our digital transformation continues, we continue to build a more cohesive and connected society. Our data is now shared and used by more platforms than ever – in the datacentre, on the cloud and event on internet of things (IoT) devices, for example - and this trend will only increase. But this huge benefit comes with a cost. The more connected we become, the more vulnerable our data is.
By looking at security developments over the past couple of years, it is possible to forecast what is likely to happen in the cyber landscape over the next 12 months. Forewarned is forearmed. These are what I believe will be the main trends of cybersecurity in 2020:
1) The ‘cyber cold war’ intensifies
A new cyber 'cold war' is taking place online as Western and Eastern powers increasingly separate their technologies and intelligence. The ongoing trade feud between the US and China, and the decoupling of these two huge economies, is a clear sign. Cyberattacks will increasingly be used as proxy conflicts between smaller countries, funded and enabled by larger nations looking to consolidate and extend their respective spheres of influence.
2) The rise of artificial intelligence (AI)
The US elections in 2016 saw the beginning of AI-based propagation of fake news. Political campaigns devoted resources to creating special teams that orchestrated and spread false stories to undermine their opponents. As we prepare for major elections worldwide in 2020, we can expect to see these activities in full effect once again.
As AI continues to be used as a proxy for crime, it will also be used to accelerate security responses. Most security solutions are based on detection engines built on human-made logic, but keeping this up-to-date against the latest threats and across new technologies and devices is impossible to do manually. AI dramatically accelerates the identification of new threats and responses to them, helping to block attacks before they can spread widely. However, cybercriminals are also starting to take advantage of the same techniques to help them probe networks, find vulnerabilities and develop more evasive malware.
3) Our means of communication will become more weaponized
The notion that connectivity creates new combat landscapes is proven by the developing spheres of today’s and tomorrow’s cyberattacks. In the first half of 2019 we saw a 50% increase in mobile banking malware compared with last year, which means that our payment data, credentials and funds are handed over to cyberattackers in the innocent click of a button on our mobile devices. The attempts of cybercriminals to trick consumers to hand out their personal data through their most common means of communications will intensify and will range from email to SMS texting attacks, social media posts and gaming platforms. Whatever we use most frequently can become a more popular attack surface.
4) 5G development and adoption of IoT devices increase vulnerability
As 5G networks roll out, the use of connected IoT devices will accelerate dramatically, massively increasing networks’ vulnerability to large scale, multi-vector 5th generation cyberattacks. IoT devices and their connections to networks and clouds are still a weak link in security. This ever-growing volume of personal data will need securing against breaches and theft. We need a more holistic approach to IoT security, combining traditional and new controls to protect these ever-growing networks across all industry and business sectors.
5) Enterprises will rethink their cloud approach
Detection is no longer enough to ensure protection, and prevention is now the key to being secure.
Organizations already run a majority of their workloads in the cloud, but the level of understanding about security in the cloud remains low; in fact it is often an afterthought in cloud deployments. Security solutions need to evolve to new, flexible, cloud-based architectures that deliver scalable protection at speed.
Understanding what is coming towards us will help us to better prepare. Some paradigms will need to shift. The enormous spread of technologies and solutions will force all of us to think about how to consolidate. In 2020 more than ever, cyber-attacks are no longer a question of if, but of how and when. This is a concern that applies to us all.
Private WhatsApp Groups Exposed On Google Search, But It’s A Feature [Update]
Don't share WhatsApp Group invite links on public platforms.
Update (24/02/2020, 7:00 PM IST): Initially, it seemed that WhatsApp didn’t give users even a single ray of hope after their private chats ended up on Google Search and on other search engines as well.
Update (24/02/2020, 7:00 PM IST): Initially, it seemed that WhatsApp didn’t give users even a single ray of hope after their private chats ended up on Google Search and on other search engines as well.
But according to an update posted by Jane Wong, the company was working quietly behind the curtain. Now, making a search for the said private chat invite links on Google brings nothing but an error message. Whatsapp has delisted the invitation links from Google by including the “noindex” meta tag.
The original post continues from here.
Google is indexing the invitations to the WhatsApp Group chats, including the links to join private groups as reported by Vice. As a result, the links are available for people all around the globe to join any discoverable group.
Multimedia journalist Jordan Wildon tweeted and raised a question over WhatsApp’s security. He said that WhatsApp’s ‘Invite to Group via Link’ feature permits Google to index groups, which then become available all over the internet for everyone to join.
Vice discovered several private groups with the help of specific search queries. The result page consisted of a lot of groups meant for porn sharing. Once anyone joins the group, they have permission to view all the participants and their phone numbers.
Popular reverse engineering enthusiast Jane Manchun Wong said in her tweet that a misconfiguration from WhatsApp is allowing Google to index group invite links. She suggested that there are ways to deindex the invite links from Search.
A WhatsApp spokesperson said that group admins can invite any user to join their group by sharing the invite link. Like all other content available on the open web, invite links posted on public platforms are also searchable. He concluded his statement by saying that admins should make sure that they share the group link with trusted people only.
Google’s Take
Google refused to comment on the scenario going on. However, Google official Danny Sullivan tweeted that search engines like Google index pages from the open web. The same thing happened in the case of invite links to WhatsApp groups.
He concluded by saying that WhatsApp as a website has allowed listing the invite links publically. Sullivan also added a link in his tweet, which redirected people to the Help Center to block content to be displayed from the Google search results.
So, it seems that things are designed this way, even if they pose a threat to users’ privacy. Users are advised not to share personal WhatsApp group links on public platforms until WhatsApp announces any under-the-hood changes.