X41 D-Sec GmbH browser security whitepaper: WebUSB, WebBluetooth, WebSMM

March 3, 2018 ~ hucktech ~ Leave a comment

I remember times when we'd consider it only as a _joke_ if someone said: "WebUSB"…

Now eagerly awaiting "WebSMM"! https://t.co/NiSHwOWgKx

— Joanna Rutkowska (@rootkovska) March 2, 2018

Several asked about a paper covering the WebUSB attacks. We covered WebUSB and WebBluetooth in chapter 13 of our X41 browser security white paper: https://t.co/efbUbyWci4

— Markus Vervier (@marver) March 3, 2018

This white paper provides a technical comparison of the security features and attack surface of Google Chrome, Microsoft Edge, and Internet Explorer. We aim to identify which browser provides the highest level of security in common enterprise usage scenarios, and show how differences in design and implementation of various security technologies in modern web browsers might affect their security. Comparisons are done using a qualitative approach since many issues regarding browser security cannot easily be quantified. We focus on the weaknesses of different mitigations and hardening features and take an attacker’s point of view. This should give the reader an impression about how easy or hard it is to attack a certain browser. The analysis has been sponsored by Google. X41 D-Sec GmbH accepted this sponsorship on the condition that Google would not interfere with our testing methodology or control the content of our paper. We are aware that we could unconsciously be biased to produce results favorable to our sponsor, and have attempted to eliminate this by being as transparent as possible about our decision-making processes and testing methodologies.

Click to access X41-Browser-Security-White-Paper.pdf

https://www.x41-dsec.de/#about

https://www.x41-dsec.de/security/report/whitepaper/2017/09/18/whitepaper-x41-browser-security/

AMI on bluetooth security

November 9, 2017 ~ hucktech ~ Leave a comment

As WiFi/NFC/Bluetooth become part of a modern firmware stack, AMI has a blog post on bluetooth security issues:

New on Tech Blog: Learn about the different types of Bluetooth attacks and simple ways to mitigate your risk of attack! https://t.co/2zSxxrfPhX pic.twitter.com/9PURKKAo6S

— AMI (@AMI_PR) November 9, 2017

https://ami.com/en/tech-blog/a-bad-case-of-bluebug-mitigating-risks-of-bluetooth-attacks/

Armis BlueBorne: Bluetooth vulnerabilities

September 13, 2017 ~ hucktech ~ Leave a comment

Zero day vulnerabilities and security flaws in modern Bluetooth stacks https://t.co/rWrAIWyMJv (PDF) #BlueBorne #0day #vulnerability pic.twitter.com/BycKXycr9b

— x0rz (@x0rz) September 13, 2017

Is it time to dust off old Bluetooth worm doomsday predictions? ☠️ #BlueBorne https://t.co/x4JJuzHIB6 [pdf] pic.twitter.com/M1zg5EP3em

— Yuriy Bulygin (@c7zero) September 12, 2017

BlueBorne Bluetooth Vulnerabilities https://t.co/jb2ZLbruZ5

— CISA Cyber (@CISACyber) September 12, 2017

Patch your Bluetooth today, and contemplate gazillions of unpatchable wormable embedded/IoT netfridges and such… https://t.co/jf3ztBsl8w

— dragosr (@dragosr) September 12, 2017

These vulnerabilities were publicly disclosed by Ben Seri and Gregory Vishnepolsky of Armis. Armis acknowledges Alon Livne for the Linux RCE (CVE-2017-1000251) exploit.

https://www.kb.cert.org/vuls/id/240311

https://www.us-cert.gov/ncas/current-activity/2017/09/12/BlueBorne-Bluetooth-Vulnerabilities

https://www.armis.com/blueborne/

This is why I don’t use bluetooth. 🙂

Bluetooth 5.0 spec released

December 12, 2016 ~ hucktech ~ Leave a comment

https://twitter.com/michaelossmann/status/806567763888271360

“With up to 4x the range, 2x the speed and 8x the broadcasting message capacity, the enhancements of Bluetooth® 5 focus on increasing functionality for the Internet of Things (IoT). Bluetooth 5 delivers a “connectionless” IoT, advancing beacon and location-based capabilities in home, enterprise and industrial applications.[…]”

https://www.bluetooth.com/specifications/adopted-specifications

BLESuite: new test tool for Bluetooth Low Energy (BLE) devices

August 4, 2016 ~ hucktech ~ Leave a comment

NCC Group Tools: BLESuite – https://t.co/JXXAaAE9tT / https://t.co/vOnL89yOP9 / https://t.co/Pzlm3XMmwS by @TTrabun & @Greg_NCC_Group

— NCC Group Research & Technology (@NCCGroupInfosec) August 4, 2016

BLESuite is a Python package that provides an easier way to test Bluetooth Low Energy (BLE) device.
https://github.com/nccgroup/BLESuite

BLESuite_CLI is a command line tool to enable an easier way to test Bluetooth Low Energy (BLE) devices.
https://github.com/nccgroup/BLESuite-CLI

—–

AMI updates firmware of Intel Compute Stick

September 17, 2015 ~ hucktech ~ Leave a comment

BIOS manufacturer AMI has updated their Aptio V UEFI-based firmware solution for the Intel Compute Stick. The update adds “UEFI Bluetooth Keyboard Support”.

Excerpt:
AMI is pleased to announce the addition of UEFI Bluetooth® keyboard support for the Intel® Compute Stick in its flagship Aptio® V UEFI Firmware. The Intel® Compute Stick is a small form factor computer with a quad-core Intel® Atom™ processor and Intel® HD Graphics. It features integrated WiFi® and Bluetooth capability and offers 32 GB of storage and 2 GB of RAM memory along with a USB 2.0 port and microSD™ card reader that can be plugged into any HDMI capable monitor. Users can add their own Bluetooth peripherals, such as keyboard and mouse, to create a full-fledged computer from this tiny yet powerful device. By adding Bluetooth keyboard support to Aptio V, the flagship UEFI firmware from American Megatrends, users of small form factor devices like the Intel® Compute Stick can now access the UEFI BIOS settings with their Bluetooth keyboard to make BIOS customizations that get the most out of these pocket powerhouse computers.
“Intel is pleased to have partnered with AMI on this achievement,” said Joel Christensen, General Manager, Intel® Compute Stick. “Adding the ability to utilize Bluetooth keyboards while in BIOS is a great step in improving the end user experience.”

(I’m not sure if this is a new UEFI protocol for BT keyboards, or just a normal BT stack with a normal keyboard, nor if this is new AMI code or part of what is in Tianocore.org.)

More Information:

http://www.ami.com/news/press-releases/?PressReleaseID=330&/American%20Megatrends%20Adds%20UEFI%20Bluetooth%C2%AE%20Keyboard%20Support%20for%20Intel%C2%AE%20Compute%20Stick%20to%20Aptio%C2%AE%20V%20UEFI%20Firmware/