Thursday, February 21, 2008

Attacks on disk encryption keys

As forensic practitioners whenever we deal with disk encryption, we have always known that the only theoretical way to retrieve the key was to somehow access the memory where the key is kept. Researchers from Princeton demonstrates that disk encryption can be defeated by "relatively simple methods", more details are here

Sunday, February 10, 2008

Data leak

Saw this Infoworld article through Rebecca Herold’s blog , “IT managers who object to employees using unauthorized software at work have another tool to worry about: Google Apps Team Edition, which requires no IT participation to implement”

As corporate Information Security professionals, does this really worry you? If you say yes, here is a list of applications to add to this,

Pownce “Pownce is a way to send stuff to your friends. What kind of stuff? You can send just about anything: music, photos, messages, links, events, and more.”

Qipit “Qipit turns camera phones and digital cameras into mobile copy centers so people can turn photographs or written and printed materials into scan-quality digital documents they can share and store on the go.”

Meebo “Meebo is a website for instant messaging from absolutely anywhere. Whether you’re at home, on campus, at work, or traveling foreign lands, hop over to on any computer to access all of your buddies (on AIM, Yahoo!, MSN, Google Talk, ICQ and Jabber) and chat with them, no downloads or installs required”

Willselfdestruct “You can create a secure anonymous email message to a friend or colleague by entering their e-mail address and the message to see.”

The site goes on to say that “No messages or e-mail addresses are stored after the message has been viewed. We also do not log your IP address or any information about you, your message, or the recipient. Once sent, all data disappears forever.”

DocSyncer “DocSyncer automatically finds and syncs your document files to Google Docs and your DocSyncer account. DocSyncer monitors your documents for changes and syncs the updated files as well.”

YouSendIt “Our innovative service enables users to send, receive and track files, on-demand.”

These examples make a great case for deploying DLP and other monitoring solutions but understand that many of them offer ways to bypass monitoring by allowing the users to encrypt and password protect the channels and data.

Thursday, February 7, 2008

iPhone Denial of Service Vulnerability

Securityfocus reports a new iPhone Denial of Service Vulnerability. This exploit causes a kernel panic, crashing the device.

Speaking of vulnerabilities Apple (QuickTime), Adobe (Reader) and Firefox all announced patches for application flaws.

How do we check for patches like these automatically? Check my earlier post on Secunia PSI

Tuesday, February 5, 2008

Yahoo Jukebox zero day

McAfee Avert Labs reports a Zero day Yahoo application vulnerability, a temporary workaround has been given if your anti virus does not recognize this.