15 Matching Annotations
  1. Nov 2020
    1. This is addressing a security issue; and the associated threat model is "as an attacker, I know that you are going to do FROM ubuntu and then RUN apt-get update in your build, so I'm going to trick you into pulling an image that ​_pretents_​ to be the result of ubuntu + apt-get update so that next time you build, you will end up using my fake image as a cache, instead of the legit one." With that in mind, we can start thinking about an alternate solution that doesn't compromise security.
    2. So let's say we pull down evil/foo which is FROM ubuntu followed by RUN apt-get update except with a small surprise included in the image. Subsequent builds using those same commands will be compromised.
  2. Aug 2020
  3. Jun 2020
    1. More than two billion users exchange an unimaginable volume of end-to-end encrypted messages on WhatsApp each day. And unless an endpoint (phone) is compromised, or those chats are backed-up into accessible cloud platforms, neither owner Facebook nor law enforcement has a copy of those encryption keys.
    1. First, the recognition that sensitive information needs to be transmitted securely over instant messaging platforms plays into the hands of the privacy advocates who are against backdoors in the end-to-end encryption used on WhatsApp, Signal, Wickr, iMessage and others. The core argument from the privacy lobby is that a backdoor will almost certainly be exploited by bad actors. Clearly, the EU (and others) would not risk their own comms with such a vulnerability.
    2. Although WhatsApp has become the messaging platform of choice for many politicians and civil servants worldwide, there have been enough stories of potential vulnerabilities and hacks to spook people into adopting something else.
  4. May 2020
  5. Apr 2020
    1. The fact is that it doesn’t matter if you can see the threat or not, and it doesn’t matter if the flaw ever leads to a vulnerability. You just always follow the core rules and everything else seems to fall into place.
    1. While KeeFarce is specifically designed to target KeePass password manager, it is possible that developers can create a similar tool that takes advantage of a compromised machine to target virtually every other password manager available today.
    2. KeeFarce obtains passwords by leveraging a technique called DLL (Dynamic Link Library) injection, which allows third-party apps to tamper with the processes of another app by injecting an external DLL code.
    1. The time in which the first string part remains in the clipboard is minimal. It is copied to the clipboard, pasted into the target application and immediately cleared. This process usually takes only a few milliseconds at maximum.

      Seems like all a keylogger would need to do is poll/check the clipboard more frequently than that, and (only if it detected a change in value from the last cached clipboard value), save the clipboard contents with a timestamp that can be easily correlated and combined with the keylogger recording.