Crickets from Chirp Systems in Smart Lock Key Leak

Read Time:3 Minute, 48 Second

The U.S. government is warning that “smart locks” securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc., is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.

On March 7, 2024, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) warned about a remotely exploitable vulnerability with “low attack complexity” in Chirp Systems smart locks.

“Chirp Access improperly stores credentials within its source code, potentially exposing sensitive information to unauthorized access,” CISA’s alert warned, assigning the bug a CVSS (badness) rating of 9.1 (out of a possible 10). “Chirp Systems has not responded to requests to work with CISA to mitigate this vulnerability.”

Matt Brown, the researcher CISA credits with reporting the flaw, is a senior systems development engineer at Amazon Web Services. Brown said he discovered the weakness and reported it to Chirp in March 2021, after the company that manages his apartment building started using Chirp smart locks and told everyone to install Chirp’s app to get in and out of their apartments.

“I use Android, which has a pretty simple workflow for downloading and decompiling the APK apps,” Brown told KrebsOnSecurity. “Given that I am pretty picky about what I trust on my devices, I downloaded Chirp and after decompiling, found that they were storing passwords and private key strings in a file.”

Using those hard-coded credentials, Brown found an attacker could then connect to an application programming interface (API) that Chirp uses which is managed by smart lock vendor August.com, and use that enumerate and remotely lock or unlock any door in any building that uses the technology.

Brown said when he complained to his leasing office, they sold him a small $50 key fob that uses Near-Field Communications (NFC) to toggle the lock when he brings the fob close to his front door. But he said the fob doesn’t eliminate the ability for anyone to remotely unlock his front door using the exposed credentials and the Chirp mobile app.

A smart lock enabled with Chirp. Image: Camdenliving.com

Also, the fobs pass the credentials to his front door over the air in plain text, meaning someone could clone the fob just by bumping against him with a smartphone app made to read and write NFC tags.

Neither August nor Chirp Systems responded to requests for comment. It’s unclear exactly how many apartments and other residences are using the vulnerable Chirp locks, but multiple articles about the company from 2020 state that approximately 50,000 units use Chirp smart locks with August’s API.

Roughly a year before Brown reported the flaw to Chirp Systems, the company was bought by RealPage, a firm founded in 1998 as a developer of multifamily property management and data analytics software. In 2021, RealPage was acquired by the private equity giant Thoma Bravo.

Brown said the exposure he found in Chirp’s products is “an obvious flaw that is super easy to fix.”

“It’s just a matter of them being motivated to do it,” he said. “But they’re part of a private equity company now, so they’re not answerable to anybody. It’s too bad, because it’s not like residents of [the affected] properties have another choice. It’s either agree to use the app or move.”

In October 2022, an investigation by ProPublica examined RealPage’s dominance in the rent-setting software market, and that it found “uses a mysterious algorithm to help landlords push the highest possible rents on tenants.”

“For tenants, the system upends the practice of negotiating with apartment building staff,” ProPublica found. “RealPage discourages bargaining with renters and has even recommended that landlords in some cases accept a lower occupancy rate in order to raise rents and make more money. One of the algorithm’s developers told ProPublica that leasing agents had ‘too much empathy’ compared to computer generated pricing.”

Last year, the U.S. Department of Justice threw its weight behind a massive lawsuit filed by dozens of tenants who are accusing the $9 billion apartment software company of helping landlords collude to inflate rents.

In February 2024, attorneys general for Arizona and the District of Columbia sued RealPage, alleging RealPage’s software helped create a rental monopoly in their states.

Read More

How Do You Manage Your Social Media Privacy?

Read Time:4 Minute, 39 Second

‘Ensure your privacy settings are set to the highest level’ – if you’ve been reading my posts for a bit then you’ll know this is one of my top online safety tips. I’m a fan of ensuring that what you (and your kids) share online is limited to only the eyes that you trust. But let’s talk honestly. When was the last time you checked that your privacy settings were nice and tight? And what about your kids? While we all like to think they take our advice, do you think they have? Or it is all a bit complicated? 

‘We Don’t Want To Share Everything with Everybody’ 

Research from McAfee confirms that the majority of us are keen to share our content online but with a tighter circle. In fact, 58% of social media users are keen to share content with only their family, friends, and followers but there’s a problem. Nearly half (46%) do not adjust their privacy settings on their social media platforms which means they’re likely sharing content with the entire internet!

And it’s probably no surprise why this is the case. When was the last time you tried to check your privacy settings? Could you even find them? Well, you are not alone with 55% of survey respondents confessing that they struggled to find the privacy settings on their social media platforms or even understand how they work. 

Enter McAfee’s Social Privacy Manager 

Well, the good news is there is now a much easier way to decide exactly who you want to share with online. Introducing McAfee’s Social Privacy Manager. All you need to do is select your privacy preferences in a few quick clicks and McAfee will then adjust the privacy settings on your chosen social media accounts. Currently, McAfee’s software works with more than 100 platforms including LinkedIn, Google, Instagram, YouTube, and TikTok. It works across Android and iOS devices and on Windows and Mac computers also. The software is part of the McAfee+ suite. 

What Else Can You Do To Ensure Your Privacy Is Protected Online? 

Well, once you’ve got your social media privacy under control – you can relax – but just for a bit. Because there are a few other critical steps you need to take to ensure your online privacy is as protected as possible. Here’s what I recommend: 

1. A Clever Password Strategy 

In my opinion, passwords are one of the most powerful ways of protecting yourself online. If you have a weak and easily guessed password, you may as well not even bother. In an ideal world, every online account needs its own unique, complex password – think at least 12 characters, a combination of numbers, symbols, and both lower and upper case letters. I love using a crazy sentence. Better still, why not use a password manager that will create a password for you that no human could – and it will remember them for you too! A complete no-brainer! 

2. Is Your Software Up To Date? 

Software that is out of date is a little like leaving your windows and doors open and wondering why you might have an intruder. It exposes you to vulnerabilities and weaknesses that scammers can easily exploit. I always recommend setting your software to update automatically so take a little time to ensure yours is configured like this. 

3. Think Critically Always 

I encourage all my family members – both young and old – to always operate with a healthy dose of suspicion when going about their online business. Being mindful that not everything you see online is true is a powerful mindset. Whether it’s a sensational news article, a compelling ‘must have’ shopping deal, or a ‘TikTok’ influencer providing ‘tried and tested’ financial advice – it’s important to take a minute to think before acting. Always fact-check questionable news stories – you can use sites like Snopes. Why not ‘google’ to see if other customers have bad experiences with the shopping site that’s catching your eye? And if that TikTok influencer is really compelling, do some background research. But, if you have any doubts at all – walk away!  

4. Wi-Fi – Think Before You Connect 

Let’s be honest, Wi-Fi can be a godsend when you are travelling. If you don’t have mobile coverage and you need to check in on the kids then a Wi-Fi call is gold. But using public Wi-Fi can also be a risky business. So, use it sparingly and never ever conduct any financial transactions while connected to it – no exceptions! If you are a regular traveller, you might want to consider using a VPN to help you connect securely. A VPN will ensure that anything you send using Wi-Fi will be protected and unavailable to any potential prying eyes! 

Keeping you and your family safe online is no easy feat. It’s time-consuming and let’s be honest sometimes quite overwhelming. If you have 3 kids and a partner and decided to manually update (or supervise them updating) their privacy settings then I reckon you’d be looking at least half a day’s work – plus all the associated negotiation! So, not only will McAfee’s Social Privacy Manager. ensure you and your loved ones have their social media privacy settings set nice and tight, it will also save you hours of work. And that my friends, is a good thing!

The post How Do You Manage Your Social Media Privacy? appeared first on McAfee Blog.

Read More

New Lattice Cryptanalytic Technique

Read Time:47 Second

A new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems.

A few things to note. One, this paper has not yet been peer reviewed. As this comment points out: “We had already some cases where efficient quantum algorithms for lattice problems were discovered, but they turned out not being correct or only worked for simple special cases.”

Two, this is a quantum algorithm, which means that it has not been tested. There is a wide gulf between quantum algorithms in theory and in practice. And until we can actually code and test these algorithms, we should be suspicious of their speed and complexity claims.

And three, I am not surprised at all. We don’t have nearly enough analysis of lattice-based cryptosystems to be confident in their security.

Read More

USN-6731-1: YARD vulnerabilities

Read Time:36 Second

It was discovered that YARD before 0.9.11 does not block relative paths
with an initial ../ sequence, which allows attackers to conduct
directory traversal attacks and read arbitrary files. This issue only
affected Ubuntu 16.04 LTS. (CVE-2017-17042)

It was discovered that yard before 0.9.20 is affected by a path
traversal vulnerability, allowing HTTP requests to access arbitrary
files under certain conditions. This issue only affected Ubuntu 18.04
LTS. (CVE-2019-1020001)

Aviv Keller discovered that the “frames.html” file within the Yard
Doc’s generated documentation is vulnerable to Cross-Site Scripting
(XSS) attacks due to inadequate sanitization of user input within the
JavaScript segment of the “frames.erb” template file. (CVE-2024-27285)

Read More

The Lifecycle of a Digital File

Read Time:6 Minute, 31 Second

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

In the digital world, every document, image, video, or program we create leaves a trail. Understanding the lifecycle of a file, from its creation to deletion, is crucial for various purposes, including data security, data recovery, and digital forensics. This article delves into the journey a file takes within a storage device, explaining its creation, storage, access, and potential deletion phases.

File Lifecycle

1. Creation: Birth of a Digital Entity

A file’s life begins with its creation. This can happen in various ways:

Software Applications: When you create a new document in a word processor, edit an image in a photo editing software, or record a video, the application allocates space on the storage device and writes the data associated with the file.

Downloads: Downloading a file from the internet involves copying data from the remote server to your storage device.

Data Transfers: Copying a file from one location to another on the same device or transferring it to a different device creates a new instance of the file.

System Processes: Operating systems and applications sometimes create temporary files during various processes. These files may be automatically deleted upon task completion.

During creation, the operating system assigns a unique identifier (often a filename) to the file and stores it in a directory (folder) along with additional information about the file, known as metadata. This metadata typically includes:

File size: The total amount of storage space occupied by the file.

Creation date and time: The timestamp of when the file was first created.

Modification date and time: The timestamp of the last time the file content was modified.

File access permissions: Restrictions on who can read, write, or execute the file.

File type: Information about the type of file (e.g., .docx, .jpg, .exe).

2. Storage: Finding a Home

Storage devices like hard disk drives (HDDs), solid-state drives (SSDs), and flash drives hold the data associated with files. However, the data isn’t stored as a continuous stream of information. Instead, it’s broken down into smaller chunks called sectors.

When a file is created, the operating system allocates a specific number of sectors on the storage device to hold the file content. This allocation process can happen in various ways depending on the file system used.

Here are some key points to remember about file storage:

Fragmentation: Over time, as files are created, deleted, and resized, the available sectors become fragmented across the storage device. This fragmentation can impact file access speed.

File Allocation Table (FAT) or Similar Structures: Some file systems rely on a separate table (FAT) or index that keeps track of which sectors belong to specific files.

Deleted Files: When a file is deleted, the operating system typically only removes the reference to the file from the directory structure. The actual data may still reside on the storage device until overwritten by new data.

3. Access: Reading and Writing

We interact with files by accessing them for various purposes, such as reading a document, editing an image, or running a program. This involves the following steps:

File System Request: When an application attempts to access a file, it sends a request to the operating system.

Directory Lookup: The operating system first locates the file’s entry in the directory structure.

Allocation Table or Index Lookup: Depending on the file system, the operating system might consult the FAT or similar structure to determine the physical location of the file data on the storage device.

Data Retrieval: The operating system retrieves the data from the allocated sectors and presents it to the application.

File Modification: If the application attempts to modify the file content, the operating system needs to find new sectors to store the updated data. This process can involve overwriting existing data or allocating new sectors depending on the available space.

4. Deletion: Erasing the Footprint (or Not Quite)

When a file is deleted using the operating system’s delete function, the process primarily involves removing the file’s entry from the directory structure. As mentioned earlier, the actual data may still reside on the storage device until overwritten.

Here’s why deleted files aren’t truly gone:

Overwriting: Until new data is written over the sectors holding the deleted file’s content, it remains recoverable using data recovery software. This depends on factors like the type of storage device and how actively it’s used.

Unallocated Space: The deleted file’s sectors are simply marked as “unallocated,” indicating the operating system can utilize them for new data storage.

Different File Systems:

File systems provide the fundamental structure for storing and organizing files on a storage device. They dictate how files are created, stored, and accessed. From a digital forensics perspective, understanding different file systems is crucial for effective evidence recovery and analysis. Here’s a breakdown of the most common file systems and the considerations for investigators:

1. FAT (File Allocation Table) Systems

Legacy Systems: Found on older storage devices like floppy disks, USB drives, and some early hard drives.

FAT Table: Relies on a master table (FAT) that tracks the allocation of data within clusters (groups of sectors) on the storage device.

Forensics Advantages: Relatively simple structure, easier to analyze.

Challenges: Limited file size support in older versions, prone to fragmentation, potential for data overwriting after deletion.

2. NTFS (New Technology File System)

Modern Windows Systems: The default file system of modern Windows operating systems.

Master File Table (MFT): A comprehensive database tracking all files and folders on the volume, including detailed metadata.

Forensics Advantages: Journaling for data integrity, better file security, support for larger files and volumes, potential for deleted file recovery.

Challenges: Increased complexity compared to FAT, potential for recovery hinderance due to overwriting.

3. Ext (Extended File System) Family

Linux Systems: Popular file system for Linux distributions. Includes several versions (Ext2, Ext3, Ext4).

Inodes: Uses a data structure called “inodes” that store detailed metadata and track file allocation on the storage device.

Forensics Advantages: Journaling (in later versions) for data integrity, support for large files and volumes.

Challenges: Increased complexity compared to FAT or older NTFS versions; recovery tools may need to be Linux-compatible.

4. HFS+ (Hierarchical File System Plus)

Mac Systems: Used in older macOS systems.

B-trees: Employs B-trees (data structures for organizing information) for file organization.

Forensics Advantages: Journaling (optional), support for large files and volumes.

Challenges: Primarily used in macOS systems, potentially requiring specialized forensics tools for analysis.

5. APFS (Apple File System)

Modern Mac Systems: The default option on modern macOS, iOS, watchOS, and tvOS systems.

Copy-on-Write: Employs a copy-on-write mechanism for data modifications, preserving original file versions.

Forensics Advantages: Optimized for SSDs, encryption features.

Challenges: Increased complexity, nascent forensics tools due to relative novelty of the file system.

Post-deletion, the fate of files varies across file systems:

In FAT, deleted files are marked as available for reuse, with their data potentially recoverable until overwritten.

NTFS may overwrite deleted files’ clusters, hindering recovery, but some residual data may remain.

Ext file systems may retain deleted file data until overwritten, facilitating recovery from unallocated space.

HFS+ and APFS utilize journaling, potentially overwriting deleted file data rapidly but still leaving chances for recovery until overwritten.

Conclusion

Having a deep understanding of file lifecycles, file systems, and the storage of deleted files is indispensable in digital forensics. Mastery of these concepts equips forensic investigators to reconstruct events, extract evidence, and unravel complex data structures crucial for legal proceedings and incident response in the digital realm. By leveraging specialized tools and techniques, forensic analysts can navigate diverse file systems, recover deleted artifacts, and elucidate the digital footprint left behind in storage devices.

Read More