July 8, 2022

Jul 08, 2022

All warfare is based…
— Sun Tzu

“Laws can change. Social rules can change. The perfectly harmless conversation you had yesterday might come back to hurt you years from now,” says @matthew_d_green. “Encryption is just a way to give digital communications the same basic protections.”

wired.comEnd-to-End Encryption’s Central Role in Modern Self-DefenseWith abortion set to be criminalized in more than half the US, encryption has never been more important for protection—and civil disobedience.

The AN0M backdoored secure phone was sending a copy of every message to an account “bot@“ on the LEA controlled XMPP server. Interestingly they included the GPS coordinates when the message was sent. That’s clever. The article doesn’t mention which open source client was modified, but 10:1 it was Conversations, because that’s the base client for everyone doing encrypted XMPP on Android.

https://www.vice.com/en/article/v7veg8/anom-app-source-code-operation-trojan-shield-an0m

Jake Kwon @JakeKwon88

Facing soaring inflation, a Japanese zoo has resorted to offering cheaper fish to its sea animals. The penguins are very unimpressed, refusing to even look at them. The otters are throwing the offerings aside.

Catalin Cimpanu @campuscodi

TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. github.com/h3xduck/Triple…

Tony "Abolish ICE" Arcieri 🦀🌹 @bascule

This is epic: the creators of Rainbow signatures claimed they offered a crypto contest with a $400,000 prize for breaking them, even after a paper had been published demonstrating a breakage. Someone took them up on their offer… groups.google.com/a/list.nist.go…

We have successfully recovered the secret key corresponding to the public key with address
84cJso7keg6SHW4vbNVbXccimCZrz7WoESXTtw12b5UsWqmm5.
This address is one of the wealthiest on the chain with a balance of 9M ABC. There is only one address with a higher balance, but as it has no outgoing transactions, we don't know the public key.

The private key was recovered within a few hours of wall-clock time using a slightly tweaked version of Ward Beullens' attack software (which in turn makes use of Ruben Niederhagen's XL implementation).

The forged signature for the message
"There is no pot of gold at the end of the Rainbow." (ASCII)
is
"TqERiKoFpkDEOEUGrq2WfH/XvTxP8dzbUxUpD1UyTUyLnVUaZcqW9IV+bTLIuamWS+XVKFcslYHLnxNcjcjnCA==" (Base64)

Cybergibbons @cybergibbons

One of my favourite physical access jobs to a datacenter involved toilets. Let me explain. I needed to gain access from the less-secure side of a sub basement floor to the more-secure side. General office space to data centre.

“without” (ignore the typo, this is the best take)

James Forshaw @tiraniddo

The Apple "Lockdown mode" does sound interesting. But what would really be a game changer would be system transparency so you could actually inspect your iOS device with jailbreaking it. After all how can you verify lockdown mode hasn't been tampered with?😐

Five Individuals Indicted for Crimes Related to Transnational Repression Scheme to Silence Critics of the People's Republic of China Residing in the United States

Defendants Include Federal Law Enforcement Officer and Private Investigator Who Lied to FBI Agents and Obstructed Justice

ACAB

https://www.justice.gov/usao-edny/pr/five-individuals-indicted-crimes-related-transnational-repression-scheme-silence

Another user land rootkit. Again, people, this stuff is not impossible to detect. It fails if you use busybox to hunt for it.

https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat/

I wrote about this last month.

The Info Op

Userland Rootkits are Lame

Many people may not know this, but fifteen…twenty years ago I knew a thing or two about rootkit development. I wrote detection software for a few years as well. Back then modifying the shared libraries on the disk was also vector for userland rootkits…

3 years ago · 6 likes · the grugq