Don't lose your smartphone

Taking a play right out of some 90’s software, Facebook stores your login credentials in plain-text on your devices.  Android is vulnerable to token snatching and to a slightly lesser degree, iOS as well.

iOS games often store their high scores in plaintext, and rely on the OS for protection, and some are clearly storing Facebook-connection tokens in the same place. Those tokens are only valid for 60 days, but it turns out that the Facebook application itself stores a similar token – which lasts until the first of January 4001. Copy that token onto another device, and you’re in.

Apparently you just need the auth file from someone’s device and you can login as if you were on their device and account.  The goofy part that crosses my mind, is how a FB profile has a link for your cell number.  I wanted to assume that was for authentication via mobile sites, but obviously that’s not the case.

I guess that explains those few random spam texts I got over the last few weeks.  At least now I can fix my profile to not leak my number to spam marketers.

Activating allows Facebook Mobile to send text messages to your phone. You can receive notifications for friend requests, messages, Wall posts, and status updates from your friends.
You can also update your status, search for phone numbers, or upload photos and videos from your phone.

Then again, the above dialog alludes to this ‘security’ being in place.  I removed my phone, interested to see if it actually shows any issue connecting.

Words of Security Truth

As anyone in IT knows, security remains to be more farce than function, in respect to design and implementation.  When one of the Gov’t Cyber Security advisers confirms your opinions, you want to tell yourself more businesses will pay attention.

Another article here.

Mr. Henry said FBI agents are increasingly coming across data stolen from companies whose executives had no idea their systems had been accessed.

“We have found their data in the middle of other investigations,” he said. “They are shocked and, in many cases, they’ve been breached for many months, in some cases years, which means that an adversary had full visibility into everything occurring on that network, potentially.”

Mr. Henry said that while many company executives recognize the severity of the problem, many others do not, and that has frustrated him. But even when companies build up their defenses, their systems are still penetrated, he said. “We’ve been playing defense for a long time. …You can only build a fence so high, and what we’ve found is that the offense outpaces the defense, and the offense is better than the defense,” he said.

So true.  The attempts from DCMA and beyond to ‘illegalise’ these attacks, is likely to be about as successful as the War on Drugs.  From a consumer standpoint, computers will become more and more awful to protect from random spyware / botnet infections.  Targeted attacks?  You would be so utterly helpless.

Hopefully more people will give some advisement to these warnings.  The fact of a quoted ‘~400+ days’ before most companies know they are penetrated is a seriously critical fault.  Either way you look at it, the exploit game by far has outpaced the white hat show.

All we can do is try to keep up as much as possible.  Patch Schedules and Port Scans are a nice process to get into.

Windows Server 2008

Good Lord!  I’ve recently been requested to administrate some Server 2008 machines.  They sure did change up the Group Policy access methods.  ADSI Edit is the new name of the Group Policy Administration game.


To get an overview of ADSI Edit, give this link a run so you can see how to do what you were likely used to beforehand.

You can also do what you need via command line.  Full Info here.

Check your current policy via this command:

net accounts /domain

Jailbreaking iDevice Crash-Course

May it be a jolly Tuesday for thee.  I recently had enough incentive to JailBreak my iPhone 3GS.  Mostly because I found memory usage to be poor with iOS 5.x installed and became greatly annoyed with fairly common chops when playing music.  I will share some quick links that helped me to get started and button up the doors I opened.  My biggest draw to JB my phone, was so I can TV-Out on any screen, as the official output support for iOS is actually extremely limited.

I would also like to note for new folks that the Cydia app store, also features paid-for applications.  Please be aware of this when you are browsing about.

Step One: JailBreak device and install Cydia.
Jailbreaking iOS 5.0.1.
The only question I ran into with this guide, was the proper process for entering ‘DFU Mode’.  Below is a helpful video of the button sequence on your device to initiate it:

Step Two: SSH Install and Securing of logins:
Change your Passwords
If you opt to install SSH on your device for console access, please do yourself a favor and plan to change the default user and root password from ‘alpine’.  Otherwise, you are leaving your device wide open.

If you’d like to block some adservers from loading up, you can check this guide.
Connect to your device (FileZilla works too) and browse to the /etc/ folder.  Use the updated hosts file to block common ad servers.  This works wonders for browsing sites on your phones, especially mobile Wikis.  You can also add custom URLs as needed, to ease your web browsing.

Additionally, you can find more applications @  Add to sources as needed to get what you are looking for.

I continue to tinker around with my unlocked phone.  As I stumble upon anything of huge worth, I’ll touch back into this thread. :bunny:

For iPad 2 / iPhone 4s, you need to use Absinthe for the Jailbreak process.

Firefox Cert issues

I was online this morning and thought I was seeing an issue with my web connection.  After some successful ping tests and also seeing IE working properly, I noticed a SSL dialog was displaying behind my Firefox window (version 7.0.1) and thus prevented any other pages to load.

I closed and restarted my browser to get back to proper browsing.  I was also on Facebook, so it was very likely due to a certificate issue there.

Plugin wise, I run NoScript and Adblock Plus.  Just wanted to share for anyone who may encounter a similar issue.

Hard Drive RMA drop

This is ominous news.  Seagate / WD (yes, same company) are cutting back their RMA windows significantly.

Being as I have been working user support for the last year, I can tell you I have seen a large amount of bad drives of both these brands, especially Segate labeled ones.  I have done many more RMAs on machine deployed in the last 6-9 months, than I have on the older 2-3 year old machines that are out in the field.

Gonna have to say the cut in RMAs is a tell tale sign of the declining reliability of these traditional drives.  The 250GB models have been the most prevalent fatalities, with the 120GB models a little behind them.

Square Enix Members breach

Looks like 1.8 million of the 2.1 million accounts were breached.  I’m wondering if the hack completely side-stepped user accounts with keyfobs, or the .3 mil user accounts were the ones with said devices.  Info on breach

I’d login and check, but the site remains to be down.  Looks like they found out about the rooting during some maintenance on the 13th.  So I guess that also means that Final Fantasy logins are down too?

Been clear of the MMOs lately, as Forsaken World just got to the bleh threshold for me.  Haven’t tried an SE account since start of last month.

Update as of Friday night:

Temporary Suspension of “SQUARE ENIX MEMBERS” Operations (Update)

As a result of our continuing investigation into the unauthorized intrusion reported yesterday, Square Enix has now determined that user login credentials were not accessed. Moreover, we have not found evidence that the individual was able to access any personal information at all.

We will be sending an email to all SQUARE ENIX MEMBERS advising that an incident took place. This email will not be requesting any action from you.

We have reported this incident to the Japanese Government.

Because we have decided to conduct a broader internal investigation, it will take a few more days before we make the SQUARE ENIX MEMBERS service available once again. We deeply regret the inconvenience this may have caused our customers and fans, and appreciate your patience.

Windows 7 Malware / FakeHDD

Rouge.FakeHDD is making it’s rounds this week and now is also floating around on Windows 7 Machines.  Point of post is the new spot for malware seems to be:

This is your new spot to check on Windows 7, versus the Application Data or Local folders in the Docs and Settings folder in XP.

As usual, run TDSSKILLER too, since search result hijacks are commonly also present.  Rootkit.boot.SST.b found in today’s instance.

Security vendor Gov't Compliance

Say what you will about wikileaks being ‘evil’.  If Gov’t and businesses didn’t do such shady shit, there would be far less ominous information to report.

What vendors spy on customers for Gov’t.

Stepping aside from the instinct to view this a paranoid babble, please take a moment to remember that a deliberately designed back door, is only a few steps short of an unauthorized intrusion.  When you design deliberate flaws like this for the ease of authority auditing requests, the ‘bad guys’ are just as likely to obtain the same level of access.

CarrierIQ Malware

I dropped some FB links on this software, but since the vendor attempted to shut down the researchers info, I feel it necessary to share more info about this malware, and it’s auditing functions.  Let’s not mash words here, this is certainly some nasty rootkit action on android devices (and who knows what else).

Video of Rootkit in action.

Original info list with debug list of features can be found here.

For anyone who thinks of their phone as more secure than a regular PC, please think again.