If you bought directly from Acer over the past year, double check your spam and email

Subject: General Tech | June 20, 2016 - 01:21 PM |
Tagged: acer, security

North American customers of Acer who bought directly from them between May 12, 2015 and April 28, 2016 may have had their credit card numbers compromised.  Their less than secure customer database contained customer names, addresses, card numbers, and three-digit security verification codes all of which have been siphoned off at least once.  If this breach effected your account Acer will be sending a notification to you, you can see an example at The Register if you want to be sure you are receiving a valid notification.  For those who have seen fraudulent charges already this will be too late to mitigate their pain but anyone who used Acer's online shop during that time period would do well to get their cards changed.

Acer_logo_new.jpg

"Acer's insecure customer database spilled people's personal information – including full payment card numbers – into hackers' hands for more than a year."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Criminy, that's a nasty one! Near invisible infections via BITS

Subject: General Tech | June 9, 2016 - 12:41 PM |
Tagged: microsoft, BITS, security

BITS, the Microsoft Background Intelligent Transfer Service used for pushing out OS updates among other things can be turned to the dark side in a rather nasty way.  When cleaning up an infect network, security professionals stumbled upon a nasty discovery, a compromised machine with no sign of an infection vector except in the BITS database.  The malware came in through the usual channel but once installed it used a BITS task to clean up any traces of the installation from temp files and the registry and then delete itself, leaving an infected machine with almost no traces of where the infection came from or is residing.  The Register offers advice on how to check suspicious machines in their story.

service.jpg

"While working on a customer clean-up project, SecureWorks staff found that attackers had created self-contained BITS tasks that didn't appear in the registries of affected machines, and their footprints were limited to entries on the BITS database."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

What did we just tell you about bloatware?! Now ASUS Live Update is the risk of the day

Subject: General Tech | June 6, 2016 - 02:26 PM |
Tagged: asus, bloatware, security

After last week when several laptop OEMs, including Lenovo once again, were caught installing highly insecure bloatware on their laptop you might hope that this week would be different.  Sadly you would be mistaken as once again software preinstalled on laptops is in the news.  In this case it is ASUS Live Update which transmits requests for updates in plain text and does not check any software updates which come back for authenticity.  This of course leaves you wide open for man in the middle attacks, where someone posing as those update servers could feed you whatever installation files they desired.  As the pull quote from The Inquirer below states, removing it immediately would be a very good idea.

a6e6087353a6c593afc6327b758650a6.jpg

"My advice to anyone who purchased an Asus device: remove LiveUpdate. It's really that simple. If you're an IT administrator, find devices making periodic calls to Asus's domains and blackhole them, get the user to come and see you,"

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

A Potentially More Harmful Coil Whine Issue

Subject: General Tech | June 5, 2016 - 02:18 PM |
Tagged: security, Cyber Security, coil whine

As new hardware launches, many readers ask whether they produce any noticeable form of coil whine. For instance, this is an issue for graphics cards that are outputting a very high frame rate. The electronics create sound from the current oscillating as it flows through them. It can also be an issue for motherboards or power supplies as well. You can check out this fairly old video from LinusTechTips for a demonstration.

acm-2016-mic.jpg

Image Credit: ACM

It turns out that, because this whine is related to the signal flowing through the oscillating circuit, security researchers are looking into the types of information that can be inferred from the whine. In particular, the Association for Computing Machinery (ACM) published a paper called Physical Key Extraction Attacks on PCs. It discusses several methods of attacking a device, such as reading minor fluctuations in its grounding plug or monitoring induced radiation with an antenna. Its headlining method is “Acoustic” though, which listens to coil whine sound produced by the computer, as it decrypts RSA messages that are sent to it, to gather the RSA secret key from it.

While they have successfully demonstrated the attack using a parabolic microphone at 33ft away, and a second demonstration using a mobile phone at 1ft away, the news should be taken with a grain of salt. Mostly, it's just interesting to realize that there's nothing really special about a computer. All it does is stores and processes data on whatever physical state we have available in the world. Currently, that's almost always radio-frequency radiation flowing through semiconductors. Whatever we use will have consequences. For instance, as transistors get smaller, to push more complex signals through a given surface area and power, we'll eventually run out of atoms.

This is just another, often forgotten side-effect: electric signals induce the transfer of energy. It could be electromagnetic, acoustic, or even thermal. In the realm of security, this could, itself, carry some of the data that we attached to our world's state, and allow others to access it (or sometimes modify it) without our knowledge or consent.

Just say no to Accelerator support applications; yet another Lenovo vulnerability

Subject: General Tech | June 3, 2016 - 04:10 PM |
Tagged: Lenovo, security, idiots, superfish

At some point they may learn but obviously not yet as Lenovo's Accelerator support application opens two vulnerabilities for systems with the application installed.  As it uses unencrypted transmissions during the update process and does not verify the application you receive you are vulnerable to man in the middle attacks.  There are 6 notebooks and 25 desktop lines with this issue, although ThinkPads and ThinkStations are not on the list.  If you have the software you should remove it immediately.  More over at The Register.

lenovo-03.jpg

"Duo Security researcher Mikhail Davidov reported the holes that would allow eavesdropping attackers to tap into Accelerator's unencrypted update channels to compromise users."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Great, everyones bloatware is making your new system vulnerable

Subject: General Tech | June 1, 2016 - 01:08 PM |
Tagged: security, Lenovo, hp, dell, crapware, asus, acer

We take a quick break from telling you about all the shiny new things you can't have yet to inform you about problems with things you do have.  Bloatware is awful but continues to be popular for sellers of prebuilt systems, both mobile and desktop.  It is not just the pop ups telling you to buy the full version of whatever was installed on your system before you bought it, nor the CPU cycles these programs take up; the issue is security.  Lenovo and the Superfish issue were in the news recently and now it seems that vulnerabilities have been found in systems sold by Acer, ASUS and Dell as well.  10 devices were tested by Duo Security, all of which had vulnerabilities.  Dell and Lenovo had a single problem each, ones which we are already familiar with sadly while Acer and HP both have a pair.  You can read about what the vulnerabilities are over at The Inquirer, something to do while you reimage your new machine.

18mn6i2no8y9mjpg.jpg

"Duo Security identified 12 vulnerabilities across the vendors' machines. We have approached all of them to see whether they are happy to talk about the problems, which Duo described as significant."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

So long WiFi Sense, don't let the door hit you ...

Subject: General Tech | May 11, 2016 - 01:26 PM |
Tagged: wifi sense, security, microsoft

Here is an update we can get behind!  Windows 10 Build 14342 will no longer have WiFi Sense, that bizarre feature which Microsoft added which would pass on any of your stored WiFi passwords to your contacts as well as overriding your preferred network if one of your contacts signals was available.  This caused a certain amount of alarm as you might not trust every contact you might have on Outlook.com with your WiFi password nor trust their WiFi networks.  The blather about high cost and low demand is an interesting cover for changing their minds, regardless it is good to see it go.  There were a couple of other updates included in this release, check them out at The Inquirer.

2015-08-18_14-11-50.png

"We have removed the WiFi Sense feature that allows you to share WiFi networks with your contacts and to be automatically connected to networks shared by your contacts," explained Aul."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Psst Comrade! Want to buy some email account details cheap?

Subject: General Tech | May 4, 2016 - 12:39 PM |
Tagged: security

272.3 million is a big number and sadly it refers to the number of email accounts which have been affected by a recent data breach.  The vast majority of the accounts are from Russia's Mail.ru but Yahoo accounts for 15%, Hotmail 12% and Gmail 9% of the leak.  With 50 rubles and the right connections you can have the email addresses and passwords of a very large number of people.  Sadly, The Inquirer also heard that this collection includes details of user accounts of US banking, manufacturing and retail companies.  When you are changing your passwords today, try to avoid obvious Star Wars references.

7449344_m.jpg

"Reuters has the scoop, having heard from Alex Holden, founder and chief information security officer of Hold Security - and the man who last year uncovered the largest data breach to date - that the details of 272.3 million stolen accounts are being traded."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Patch 'em if you got 'em; 40 Google patches for you

Subject: General Tech | May 3, 2016 - 02:09 PM |
Tagged: Android, google, security

Assuming your service provider is not one of those who block Google's patches from coming to you directly you should probably charge up that device, get on WiFi  and check your available updates.  Any Google device running 4.4.4 or newer, including Nexus devices, will have up to 40 patches to slurp up.  Many of the patches are for a vulnerability similar to the previous Stagefright exploit, apps can use the drivers from Qualcomm and NVIDIA to break into the Qualcomm TrustZone on unpatched devices.  The Register provides a full list of the patches which are being pushed to Nexus and Android One devices.

android versions.PNG

"Google has today issued a bundle of 40 security patches for its Android operating system.

A dozen of the fixes correct critical vulnerabilities in versions 4.4.4 of the operating system and above. About 74 per cent of in-use Android devices run Android 4.4.4 or higher."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

I love it when a bad guys plan doesn't come together

Subject: General Tech | March 17, 2016 - 01:25 PM |
Tagged: ransomware, Malware, security, idiots

With the lousy news below the fold, up to and including yet another StageFright exploit, here is a bit of amusing news to balance out the bad.  A recently unleashed ransomware program seems to have been developed on stolen code and the original developer has taken offence to this.  His original program, EDA2, was designed to illustrate how ransomware works and he intentionally included a backdoor to ensure that the data could be unencrypted. 

He has used that backdoor to break into the program and has obtained the complete list of decryption keys and posted them to the net, The Register has a link to that list right here.  It is good for the soul to see incompetent bad guys every once and a while.

Vault door.jpg

"A software developer whose example encryption code was used by a strain of ransomware has released the decryption keys for the malware."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register