Recent
Hacking DECT
Quite an old story dating back to December 2008, some how I must have missed it. DECT (Digital Enhanced Cordless Telecommunications) is a standard used for cordless/wireless telephones widely used in homes and businesses across the world. (UK frequency: 1880 MHz–1900 MHz)
A project know as deDECTed.org run by a group of German university students has managed to circumvent DECT’s security implementations. Not by cracking the secret DECT Standard Authentication Algorithm (DSAA) but instead they realised that sometimes DECT phones used no encryption or authentication at all when communicating with their base station
When no encryption is used by a DECT phone the researchers found that with a modified 23euro PCMCIA DECT wireless card they could capture and record all audio data passively using their custom built Linux drivers.
I have a DECT phone at home as I’m sure most people now a days do. It’s quite a scary thought to think that with enough technical knowledge any one can listen to your telephone conversations remotely and passively. I’m sure they would be nothing interesting to be heard on my phone, apart from the occasional take away order, however occasionally I do contact my ISP or bank and provide them with my authentication details to access my accounts.
For more information: https://dedected.org/trac
Sources: http://www.theregister.co.uk/2008/12/31/dect_hack/
https://dedected.org/trac/raw-attachment/wiki/25C3/talk-25c3.pdf
Cyber warfare on Hamas
The war between Israel and Hamas has spilled out onto the Internet. This is no surprise as cyber warfare has been going on for years. The Chinese launched the ‘Code Red’ worm when an American spy plane collided with one of their fighter jets in 2001 infecting 359,000 hosts in a bid to carry out DDoS attacks on high profile American computers including the white house. Georgia’s government websites were the victim of Russian hackers back in August 2008.
A website set up by a group of Israeli students is actively encouraging users to install software similar to that used by SETI to distribute its data to be processed by idle computers. The website www.help-israel-win.org is using the same software and technology to use thousands of computer’s bandwidth to DDoS Hamas and Hamas supporting websites.
From their website:
We are a group of students who are tired of sitting around doing nothing while the citizens of Sderot and the cities around the Gazza Strip are suffering, NO MORE!
We will not sit around and watch our children fear and cry out for help while the missiles are flying over their heads!
We say NO MORE!
At the time of writing this post they claim to have 8039 people that have joined them so far. (not sure if this means downloading the software or actually registering and allowing the software to use their computers)
On the other hand there are also lots of hackers attacking Israeli websites and networks, this can be seen through out the black hat community forums.
Sources:
http://www.themoscowtimes.com/article/1009/42/369722.htm
