How-To Install aircrack-ng on Ubuntu 12.04

Posted: July 21st, 2012 | Author: | Filed under: personal, random, security | Tags: , , , , , | No Comments »

The aircrack-ng package has been removed from the official package tree. Installing aircrack-ng on Ubuntu 12.04 is however straightforward.

First checkout the latest aircrack-ng source code via SVN:

svn co http://trac.aircrack-ng.org/svn/trunk/ aircrack-ng

Then, within the “aircrack-ng” directory, run the following commands:

make
sudo make install

Social Snapshot Pilot – Completed

Posted: May 30th, 2012 | Author: | Filed under: random, research, security | Tags: , , , , , , | No Comments »

In the past six month 97 people participated in our social snapshot pilot survey. As of now, the pilot application is not available for public testing anymore. We are currently working an updated release of our social snapshot framework, with plenty of new functionality and performance improvements. So stay tuned for the upcoming release of our social network security and forensics framework.

Thank you so very much to everyone who gave our social snapshot framework a try!


Google+ and Diaspora: Secure Connection (HTTPS) per default

Posted: July 19th, 2011 | Author: | Filed under: random, security | Tags: , , , , , | No Comments »

I recently got invited to Google+ and had a curious first look. Google+ seems to be enforcing HTTPS on all pages. Given the current Facebook security issue with HTTPS this is good news. Also had a look at diaspora*, which has some active development. First public community supported diaspora* pods, such as diasp.org or diasp.eu also seem to enforce HTTPS on all pages.

Bottomline

Regarding network security, there are now two good alternatives to Facebook:

https://plus.google.com/ (Open to everyone)

https://joindiaspora.com/ (Open to everyone)


Dropbox Security: Dark Clouds on the Horizon at USENIX’11

Posted: June 22nd, 2011 | Author: | Filed under: research, security | Tags: , , , , , , , , | No Comments »

Back in March 2010 we started an investigation into online file storage services and Dropbox in particular. Sebastian and Manuel started to disassemble the Dropbox binary and in essence created an alternative client by patching its crypto libraries. In the months that followed we found a number of security flaws with Dropbox. In November 2010 we informed Dropbox about the security holes we found: unauthorized file access as well as a potential misuse of Dropbox for an unlimited online slackspace. It took Dropbox until April 2011 to respond to our findings. In the meantime a number of independent researchers found some of the security shortcomings we described (e.g. Christopher Soghoian’s blog entry).

Thus, we are more than happy to finally present our research at this year’s USENIX Security conference in San Francisco.

In addition to our findings Dropbox had a security glitch this week, whereas authentication without providing a valid password was possible for around 4h. In summary: One should be very careful which information is stored on Dropbox and Dropbox has to overhaul their service’s security.

Preprint of our paper, is available here: dropboxUSENIX2011.pdf

More information: SBA Research


Enable HTTPS on Facebook!

Posted: June 7th, 2011 | Author: | Filed under: fitm, personal, random, security | Tags: , , , , , , , , , , , , , , , | No Comments »

A couple of month passed since Facebook introduced full SSL support. This optional feature lets you browse Facebook via a secure connection (https) whenever possible. Facebook via https is now available to all users and why are so few people using it? I suppose because the option is disabled per default. -> Enable this option!

SOPHOS How-To enable the Facebook HTTPS option.
They also provide a video How-To:

Using Facebook without a secure communication puts your account data at high risk. First Firesheep and now Faceniff offer script-kiddie tools to hijack Facebook accounts over wireless. Research we conducted shows that unencrypted Facebook sessions are low-hanging fruits for large scale spam attacks. We published our first findings in 2010 (technical report), a revised version has been published in the current issue of IEEE’s Internet Computing.

Friend-in-the-middle (FiTM) attacks

In our article we present friend-in-the-middle attacks that extract social networking data in an automated fashion. The harvesting of data is possible because people do not use a secure connection with Facebook. We show that the extracted social data can be exploited for large-scale context-aware spam and social-phishing attacks. Our attack simulations on Facebook showed that an attacker could easily spam a high number of users with context-aware spam (e.g. spam that appears to be coming from a friend) in a short period of time (Over 300,000 spammed users with 4,000 uncrypted Facebook sessions we observed over two weeks).

Download the preprint: FITM_InternetComputing_preprint.pdf

More information on Friend-in-the-Middle Attacks can be also found here: http://www.sba-research.org/2011/02/02/ieee-internet-computing-special-issue-on-security-and-privacy-in-social-networks/
http://fitm.nysos.net