"ang cui"

Smart thermostat makes dumb security mistakes

Andrew Tierney had a close look at Heatmiser's popular wifi-enabled thermostat and found it to be riddled with security vulnerabilities. Read the rest

Your refrigerator probably hasn't joined a botnet

A mediagenic press-release from Proofpoint, a security firm, announced that its researchers had discovered a 100,000-device-strong botnet made up of hacked "Internet of Things" appliances, such as refrigerators. The story's very interesting, but also wildly implausible as Ars Technica's Dan Goodin explains.

The report is light on technical details, and the details that the company supplied to Goodin later just don't add up. Nevertheless, the idea of embedded systems being recruited to botnets isn't inherently implausible, and some of the attacks that Ang Cui has demonstrated scare the heck out of me.

For more speculation, see my story The Brave Little Toaster, from MIT's TRSF. Read the rest

Your Cisco phone is listening to you: 29C3 talk on breaking Cisco phones

Here's a video of Ang Cui and Michael Costello's Hacking Cisco Phones talk at the 29th Chaos Communications Congress in Berlin.

Printer malware: print a malicious document, expose your whole LAN

One of the most mind-blowing presentations at this year's Chaos Communications Congress (28C3) was Ang Cui's Print Me If You Dare, in which he explained how he reverse-engineered the firmware-update process for HPs hundreds of millions of printers. Cui discovered that he could load arbitrary software into any printer by embedding it in a malicious document or by connecting to the printer online. As part of his presentation, he performed two demonstrations: in the first, he sent a document to a printer that contained a malicious version of the OS that caused it to copy the documents it printed and post them to an IP address on the Internet; in the second, he took over a remote printer with a malicious document, caused that printer to scan the LAN for vulnerable PCs, compromise a PC, and turn it into a proxy that gave him access through the firewall (I got shivers).

Cui gave HP a month to issue patches for the vulnerabilities he discovered, and HP now has new firmware available that fixes this (his initial disclosure was misreported in the press as making printers vulnerable to being overheated and turning into "flaming death bombs" -- he showed a lightly singed sheet of paper that represented the closest he could come to this claim). He urges anyone with an HP printer to apply the latest patch, because malware could be crafted to take over your printer and then falsely report that it has accepted the patch while discarding it.

Cui's tale of reverse-engineering is a fantastic look at the craft and practice of exploring security vulnerabilities. Read the rest