Insinuator.net – Page 58 – Bold Statements

November 22, 2014 by Florian Grunow

Scal(e)ing down Privacy

As you might know we are continuously doing research on medical devices. I presented some of the new results at Power of Community 2014 last week and we thought we would share some of the details with you here. The focus of the previous work was testing medical devices that are used in hospitals like patient monitors, syringe pumps or even MRIs. This time we looked at a device that every user can use at home and which is available to anyone on the market: A smart scale.

The scale implements some basic features as you might have guessed, that is measuring your weight. In this case there are a lot more additional features that you can use, e.g. measuring the air quality, the room temperature, your heart rate and your fat mass. The latter makes testing this device quite hard, because somebody has to step on it and the results were not funny at all and will be kept secret! 😉

Continue reading “Scal(e)ing down Privacy”

Events

November 22, 2014 by Enno Rey

Troopers15 – First Round of Talks Selected

We’re delighted to provide the first announcement of talks of next year’s Troopers edition. Looks like it’s going to be a great event again .
Here we go:

Continue reading “Troopers15 – First Round of Talks Selected”

Breaking

November 17, 2014 by Niklaus Schiess

GitHub Enterprise 2.0.0 Fixes Multiple Vulnerabilities

Recently we had the pleasure to take a look at GitHub’s Enterprise appliance. The appliance allows one to deploy the excellent GitHub web interface locally to host code on-site. Besides the well known interface, which is similar to the one hosted at github.com, the appliance ships with a separate interface called the management console, which is used for administrative tasks like the configuration of the appliance itself. This management interface is completely decoupled from the user interface.

During our assessment we focused on the management console where we found several vulnerabilities (others may have found them, too). On November 11, 2014 GitHub released a security advisory which included the most critical findings that have been fixed in GitHub Enterprise 2.0.0. Because the advisory doesn’t include any detailed information, we will discuss some of those vulnerabilities in detail.

Continue reading “GitHub Enterprise 2.0.0 Fixes Multiple Vulnerabilities”

Building

November 14, 2014 by Enno Rey

MLD to Be Reconsidered?

This is guest post from Antonios Atlasis.

Following my September post about the connection between MLD and Neighbor Discovery, as well as Enno’s introduction about our upcoming talk at DeepSec, I would like to try to enlighten you about this with some technical details. First, we have some facts:

MLD is pre-enabled in most modern Operating Systems.
MLD traffic is sent out-of the-box during the stack initialization, as well as periodically.
They also interact with/respond to MLD Queries without any further configuration.

Continue reading “MLD to Be Reconsidered?”

Building

November 13, 2014 by Enno Rey

Protocol Properties & Attack Vectors

Next week, at DeepSec, we’re going to give a talk about Multicast Listener Discovery (MLD), a component of IPv6 which is realized by means of ICMPv6 messages. There are two versions of MLD (mainly specified in RFC 2710 and RFC 3810 respectively) and while MLD is technically implemented by ICMPv6 exchanges, these specifications describe a whole set of rules and communication formats, hence we can safely talk about “the MLD protocol”.

Now, you might ask: how does one tackle the task of examining the security “of a protocol”?

Continue reading “Protocol Properties & Attack Vectors”

Events

November 13, 2014 by Florian Grunow

Power of Community 2014

I had the pleasure to participate in this year’s Power of Community and was invited to talk about the insecurity of medical devices. The conference is based in Seoul, Korea and started in 2006. It has a strong technical focus and it is a community driven event. For me it was great to participate as mostly hackers from Asia were there and I got the chance to talk to a lot of nice folks that I wouldn’t be able to meet otherwise. This is especially true for the host, vangelis.

Continue reading “Power of Community 2014”

Building

November 6, 2014 by Enno Rey

Dynamics of IPv6 Prefixes within the LIR Scope in the RIPE NCC Region

To contribute to the current debate on IPv6 route deaggregation & “strict-filtering” performed by certain ISPs we just released a white paper on “Dynamics of IPv6 Prefixes within the LIR Scope in the RIPE NCC Region“. I will give a talk on the overall topic later today at the Routing Working Group. We sincerely hope that the IPv6 community becomes aware of the inherent issues, and that practical solutions can be found which consider & meet the needs of the different parties involved.

Best

Enno

Building

November 4, 2014 by Enno Rey

IPv6 for IPv4 Experts

If any of you is interested in the intricacies of IPv6 Neighbor Discovery (ND) I briefly referred to in the course of my series on DHCPv6, I recommend reading section 5.2 “The Host, the Link, and the Subnet in IPv6” of Yar Tikhiy’s excellent ebook “IPv6 for IPv4 Experts”. It can be found here.

Best

Enno

Building

October 31, 2014 by Enno Rey

Router Advertisement Options to the Rescue – A Deep Dive into DHCPv6, Part 2

This is the sequel post to the first part in which I mainly covered some elements of the specification wrt the “on-link” flag and the IPv6 subnet model.
In short each IPv6 address has an associated flag which determines if the host considers the respective address to be part of “a network where neighbors exist”. If this is the case ND is performed to talk to them, otherwise all communication with other hosts on that prefix is sent to the router. This flag is NOT set for DHCPv6 addresses (and, btw, just to make this clear already, there’s no way of setting it as part of the DHCP configuration procedure either) so communication with hosts with the same DHCPv6 provided prefix is supposed to go through a router, which in turn is very different (behavior) from the IPv4 world.

At the end of the first part we had a configuration state which led to two global addresses on both systems involved, a DHCPv6 provided one and another one generated as part of the SLAAC process, which can create operational issues of all kinds (improper source address selection, hindered troubleshooting etc.). Furthermore such a setting does not reflect “the operational DHCPv4 model” which we envisaged as the ultimate goal of our exercise. I had finished that post along the lines: “we then have to get rid of the SLAAC address”.

Continue reading “Router Advertisement Options to the Rescue – A Deep Dive into DHCPv6, Part 2”

Building

October 31, 2014 by Enno Rey

I Don’t Have Any Neighbors – A Deep Dive into DHCPv6, Part 1

Probably due to the (“secondary”) role it has been historically assigned within the IPv6 universe, DHCPv6 is a protocol which is very different from its IPv4 counterpart. Some of the differences and similarities have been discussed recently (e.g. see Scott Hogg‘s article on “High Availability DHCPv6“). This post aims at covering a fundamental, yet widely unknown or misunderstood difference, that is the properties of DHCPv6 addresses and their behavior on the local-link.

Continue reading “I Don’t Have Any Neighbors – A Deep Dive into DHCPv6, Part 1”