Surrounded by exploits

Quicksearch

Disclaimer

The individual owning this blog works for Oracle in Germany. The opinions expressed here are his own, are not necessarily reviewed in advance by anyone but the individual author, and neither Oracle nor any other party necessarily agrees with them.

Navigation

< 2014 | Enemy inside >

Friday, January 3. 2014

Just another nice data point for my hypothesis. Now SD-cards have been exploited: "On Hacking MicroSD Cards". In the last year alone people found exploits for hard disk controllers or for wifi sd card.

My hypothesis: "Every thing containing a microcontroller can be exploited to do more than planned or something completely different. And as almost every piece of technology that surrounds us uses a micro controller, almost everything around us can do more than we expect ... and probably do already more than we expect from it. Who know ... most people doesn't even know what their computer is doing while they think their computer is just doing word processing. First derivate of it: Time to do some stretching in order to be able to put our heads between the legs for brace position and to give our butts an good-bye kiss when everything gets out of control".

Posted by Joerg Moellenkamp in English, Security at 20:37 | Comments (2)

Defined tags for this entry: english, security

Related entries by tags:

View as PDF: This entry | This month | Full blog

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

I somewhat disagree with the term “exploit” in this context, because it suggests that a security mechanism was successfully circumvented. Please keep in mind that you have to be able to send raw commands to the card, which means "root" access on the machine to which the card is currently connected to (in this case: send the non-standard command that tells the card to switch to a firmware upgrade mode of operation).

It's not different to “normal” firmware/BIOS/UEFI upgrades on machines (which can, and as the NSA has shown with the bugs allgedly able to hide in system-management mode, is being used to plant malware), only that Bunnie has been able to do it on a very obscure platform where changing firmware was considered impossible by most.

The “exploit” we have to concern ourselves now with is a diffent one: Writers of filesystems have to keep in mind that (besides the always existing possibility of data corruption due to general bit rot) a devices we always assumed to be a dumb storage for data blocks might return something different to what was stored on it, and even read from it just previously, and additionally the returned data might be specifically crafted to confuse a safety mechanism. E.g. calculate a checksum, verify a file, and then read it again for execution might no longer be a good idea (some kind of TV, I think, was rooted with this method not long ago).

#1 Christian Vogel (Homepage) on 2014-01-03 22:12

Last year I'd say I had no idea how many CPU's were in my home thanks to all the devices like “smart TVs” with CPU's in. Now thanks to stories like these and http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone I don't even know how many CPU's I have in my backpack/pockets.

#2 Alan Coopersmith (Homepage) on 2014-01-03 23:42

The author does not allow comments to this entry

View as PDF: This entry | This month | Full blog

Competition entry by David Cummins powered by Serendipity v1.0