titaniumbunker.com

Evil geniuses and world domination are 2 of our goals... we also like Dr Who

Archive for the ‘ Security ’ Category

Erm – something’s wrong here @smiffysuk

no comment

So searching for “Plumber Costume” revealed this.  Al that “Select” stuff – That’s SQL – or the query language used to look up things from Databases.  This isn’t great because I can deduce some of the storage architecture – but it doesn’t seem to be pasting the term Plumber Costume into the SQL that’s executed.  If it did include that then there is the possibility that this site would be vulnerable to something called a SQL injection attack.  It’s a bit worrying that the content passed in the search bar is printed – which may be a different vulnerability…

Not sure I should be seeing all that juicy SQL Smiffy…

@tesco cashpoint error in the wild

no comment

An error on a Tesco cashpoint – Warndon

The file c:\VLOGDIR\ATMFIX.LOG could not be opened. The process cannot access the file because it is being used by another process.

Who needs to log stuff anyway…I wonder what that other process is?

@mindflash error in the wild

no comment

I just had a look at the mindflash training course, and having completed the sample course was greeted with the following error :

Mindflash - Thank you is a bad request

Mindflash – Thank you is a bad request

Looks like the url is not being escaped properly – it seems that the %d and %s are place holders that should have content replaced.  Examining the other urls for the course the address should have been : https://www.mindflash.com/player/677505279/thank-you/

What the course thank you should have been

What the course thank you should have been

Error in the wild at Millennium Point

no comment
image

Digital sign in error at millennium point

image

Adding new hardware to a digital sign?

Bond Villian Office suplies

no comment

The other week Miss Vicki and I went to see SPECTRE, and maybe it’s my age, but while I enjoyed the film, later on I felt that a lot of the film was trying its hardest to dig up 1960s bond memes

Hey remember Bond drove an Aston Martin? Quick chuck in an Aston Martin – quick!

Hey, remember how cool all the voodoo stuff was in Live and Let die? here’s a sequence at the Mexican Day of the dead for no reason whatsoever

Hey remember the crap flirting between bond and Moneypenny, that somehow looks sexist in a modern society? SHAZAM- it’s back Baby!

Hey remember that sometimes Bond villains wore Mao suits or Nehru jackets?  let’s do it!

Hey remember how bond villains used to have rooms full of henchmen operating machinery? yeah chuck a high-tech headquarters in there

Well here at the Bunker we have wings of high-tech machines that go ping and are operated by legions of guys in overalls and hard hats so we know a thing or two about  running an underground base, so I thought it would be fun if I dug out this months copy of ‘Lairs and Bunkers’

lairs and bunkersNovember2015

Latest copy of Lairs & Bunkers

and look at some of the reviews inside:

 


Name

The Death Star


Aesthetic

classic with full on retro 70s stylings, with occasional swathes of red which is a welcome relief. Everything here is a monochromatic nightmare. Granted it can destroy a planet, but sheesh!


Henchmen

The word here is variety, there are lots of different styles of Henchmen White plated storm troopers, Black plated TIE fighter pilots grey officers all suited and booted with a certain Nazi stylings chuck into the mix the black-robed Emperor, and Darth Vader. However having lots of different Henchmen does not make up for the fact that yet again everything is GREY! it’s a mercy that imperial guards are crimson, because otherwise I might think I was watching a black and white film.


Health & Safety

Well, where to begin with this? The layout of the Death Star seems wildly illogical, the station seems to be hollow, with the most dangerous explosion-causing device (the main reactor) situated in the dead centre of the facility. This means that an explosion will destroy the whole facility. Whereas positioning the reactor off-centre would only destroy a section of the facility, and would allow the henchmen time to get to escape pods. The designers for the death star also thought that having long bottomless shafts without handrails was a perfectly acceptable way to design an interior along with doors that operate bridges. This is important if you are a storm trooper, you can surely not see much in that helmet and the reduced visibility will only lead to more accidents, which is a damming indictment of what is a government facility.


Overall Score


8


Verdict

Don’t Believe the hype. The ability to destroy a planet is insignificant next to the power of a work place free from tripping hazards and bottomless pits.


Name

Joker’s Lair – Batman


Aesthetic

Vivid bright colours and circus memorabilia all over the place, there are very few Lairs that accurately reflect the personality of their owner, The Joker takes every lair he has and makes it something totally unique. But here’s the problem: Any city planner worth their salt would simply devise a scheme where a wealthy philanthropist, like Bruce Wayne, could buy up all the disused joke shops, factories that made goods for joke shops or derelict fun fairs and turn them into affordable homes, reducing the number of potential lairs for the joker, it also makes him very easy to find.  The point of a secret lair is that its secret.  If batman can guess where you live and he’s right 9 times out of 10, then maybe its time to think about changing your property M.O.


Henchmen

Depends, Sometimes the joker opts for normal hoodlums and gives then cars to match his colour-scheme, sometimes he demands they actually dress like clowns, and some days he simply hires a lot of hoodlums and kills them off during the heist! Capriciousness. This makes for a stress filled working environment, No doubt an average henchman’s locker will be crammed depending on the mood of the joker, or if it’s dress-down Friday.


Health & Safety

Structurally, The Joker’s lairs seem sound, if not a little dilapidated. They have all variety of exploding props and things with spring-loaded hidden blades that can cause problems. There is also the possibility you will be sacrificed by your boss just for a punchline.


Overall Score


8


Verdict

The Joker’s lair is surprisingly well laid out with a consistent aesthetic.  High turnover of staff however will cause problems for the continued smooth running of the lair.


Name

V’s Lair – (V for Vendetta)


Aesthetic

As a contrast to most of the lairs on the list, V’s lair is can be described as a Man-cave for the intelligent man. Expect to see priceless works of art hanging on the wall next to a Wurlitzer jukebox , books stacked ceiling high and a copy of the Count of Monte Cristo on DVD.


Henchmen

None, This is a solitary place, a refuge from the world.  The last thing V needs is a house guest – if you do find yourself his guest, expect to stay for at least a year.

Health & Safety

There is very little wrong with V’s lair, probably the only thing V would need to worry about would be to make sure that his central heating boiler is serviced regularly, as with no windows, any build up of carbon monoxide could prove fatal. On the plus side the lair does come with its own tube train and track – only 1 destination – but it beats walking, and do you know how much property prices are in London these days?


Overall Score


9


Verdict

A place for quiet reflection, the overall feeling from this lair is of overstuffed wing back chairs, some Vivaldi or Ella Fitzgerald playing in the background and some dusty tome to read, accompanied by a cheeky red wine.

Well that was quite interesting, I’ll probably grab the next issue and print some of them out too.

Electoral Reform Services feedback form

no comment

I received a letter from my local council regarding the electoral register, and that I needed to refresh my information.  So I visited their website and entered the super secret codes from the letter to obtain access to my records.  I must say the process seemed straightforward enough – until I reached the feedback section.

Now I hadn’t noticed until the feedback form, but the querystring contained quite a lot of information. I had a quick play with the feedback form, and sent the following communication to the technical department at (I assume) Electoral reform services Ltd.  Here’s what I sent them – I’ve censored some of the data within this communication. For more information, the code1/code2 are the security codes from my letter.

I was just looking around the feedback form (I just completed my form on-line) – Have you guys seen how much data is sloshing around in the query string? Here’s the address of this page :

https://registerbyinternet.com/Home/Feedback?authorityId=xxx&
LanguageId=1&PropertyId=xxxxx&
Address=xx%20Xxxxxxx%20Xxxxxx%20%2CXxxxxxx%20Xxxxx%20%2CXxx%20xXX&
code1=ZZZZZZ&
code2=ZZZZZZZZ&
OnlineRespondentId=xxxxxx&
OnlineRespondentName=Michael%20Anthony%20Hingley&
ClientName=Xxxxxxxx%20Xxxxxxxxxxxx%20Xxxxxxx%20Xxxxxxx

https://registerbyinternet.com/Home/Feedback?authorityId=xxx&LanguageId=1&PropertyId=xxxxx&Address=xx%20Xxxxxxx%20Xxxxxx%20%2CXxxxxxx%20Xxxxx%20%2CXxx%20xXX&code1=ZZZZZZ&code2=ZZZZZZZZ&OnlineRespondentId=xxxxxx&OnlineRespondentName=Michael%20Anthony%20Hingley&ClientName=Xxxxxxxx%20Xxxxxxxxxxxx%20Xxxxxxx%20Xxxxxxx

What’s interesting is that this query string data is just slapped into the fields, meaning that if you change the URL, you can effectively send a feedback about a different authority, or person, or address or indeed anything. Why not store this stuff in session, where I can’t access it?

Potential implication : Spam messages sent to every council about every property from a fake name. Once feedback is sent feedback cannot be re sent – this would be a denial of service for all legitimate users.

Potential implication : XSS – These values are posted into the page into fields. It should be possible to strip out anything that looks like JS, and hopefully you’ve done that. I’m too scared to try it.

Cheers

Mike Hingley

It’s possible that this information was floating around all the time on my query string but I never saw it.

Windows XP… Be afraid

no comment

image

Volkswagen problems

no comment
438px-Villainc.svg

mwha ha ha

I’m sure that it hasn’t escaped your attention, but Volkswagen has been caught doing something underhand and sneaky.  Volkswagen is accused of implementing software code within a diesel car’s engine management computer to detect the presence of emissions sensing equipment, and modify the flow of fuel through the engine to attain lower emission ratings and therefore pass the emissions test. The effect of this is that Volkswagen had an unfair advantage over other diesel manufacturers, and at the same time the emissions of these cars are actually up to 40% more than under test conditions.

The fall out of this scandal has forced the Chief Executive -Martin Winterkorn- to resign, the share price to plummet and leaves Volkswagen with its reputation in tatters and facing a potential $18 Billion fine.

Artur Fischer  (Joint CEO of the Berlin Stock Exchange) – was interviewed on BBC Radio 4 and had the following to say about the scandal, and interestingly about software:

“But I really like your listeners to remember that software changes can be done by small groups of people and can be deployed in millions and the real question I have, from a distance is,  How about software quality assurance? How about compliance? How big was that problem inside the company? and for that to analyse you need to have a fresh start”

Overall I’d agree with Artur’s first point – that software changes can be made by small groups of people – however the rest of this statement left me feeling uncomfortable.  Artur’s first point about software group size could – if I were more cynical – be an attempt to create a narrative around this.  Something along the lines of “It was a few rogue programmers that released this code”, and the “Fresh Start” that he talks about could be an attempt to prevent too much scrutiny of the processes around software development.  Fresh Start was also a phrase used by the outgoing Markin Winterkorn.  I’m not sure what analysis you can do if you implement a fresh start – and it again cynically may look like an attempt to bury other systemic failures within the VW group.

It’s a fact of life that software is more and more prevalent in the things we buy and consume today, and with the future Internet of Things materialising around us, I think we need to be concious of the issues that can arise from software lurking in things that we may not traditionally associate with running software..

At OggCamp a few years ago I heard Karen Sandler talk about the pacemaker she has fitted, and the  issues that she struggled with around the problem of bugs in medical devices that are implanted into your body – like pacemakers and insulin pumps – how these can be hacked or manipulated, and how the code for these devices is unavailable.

We place a huge amount of trust in out cars – and underpinning this trust is code. How can we be sure that the code in my car won’t detect a test condition, and lower the fuel consumption? That could leave me without power while driving, and therefore potentially in danger.

So how do we mitigate the issue that software is going to be ever present in more and more things ?

Well for some devices like My Friend Cayla, or garage door openers security researchers have done the research to identify issues with those devices.  Some manufacturers may be able to issue patches to affected devices.  I’m less sure how a patch could be distributed to my car, or a pacemaker.  The EFF believe that the Volkswagen emission test issue could have been uncovered if there was access to the source code – I’m betting that Martin Winterkorn is probably wishing that their software was accessible through some mechanism.

 

Credit :

Title : Villain – Wikipedia, the free encyclopedia

Source : https://en.wikipedia.org/wiki/Villain#/media/File:Villainc.svg

license : Attribution-ShareAlike 3.0 Unported

Confidential CC app

no comment

I saw on the BBC website the other day an interesting article about building security into email.


Read more..

Error message in the wild

no comment
image

At this stage, it looks like the ATM has been broken for 2 days… and that message is about a device driver. So has someone added some new hardware lately? Worrying

Error message spotted on an ATM at Birmingham Women’s Hospital 14/08/2015.

Categories

Archives

Tags