Technology

Voice and SMS insecure by design

In an era dominated by digital communication, the convenience of voice calls and SMS (Short Message Service) often overshadows their glaring security vulnerabilities. Despite their widespread use, these traditional communication methods were never designed with modern security challenges in mind. As cyber threats and surveillance intensify, the need for secure alternatives like Signal and other encrypted messaging platforms has become increasingly evident.

Why Voice and SMS Are Insecure

  1. Lack of Encryption: SMS messages and standard voice calls operate over protocols that lack end-to-end encryption. This means that your communications can be intercepted and read by third parties, such as hackers, malicious insiders, or even network operators. In contrast, encrypted platforms use advanced protocols to ensure that only the intended recipient can access the content.
  2. Susceptibility to Interception: SMS messages are transmitted in plain text, making them vulnerable to interception via sophisticated tools or techniques like SS7 (Signaling System No. 7) exploitation. SS7, a protocol used by telecom providers to route calls and texts, has well-documented security flaws that attackers can exploit to eavesdrop on calls or intercept text messages.
  3. Reliance on Phone Numbers: Both SMS and voice calls rely on phone numbers, which can easily be spoofed or hijacked. SIM swapping, a common attack, enables fraudsters to take control of a victim’s phone number, granting them access to sensitive information like two-factor authentication (2FA) codes.
  4. Data Retention by Providers: Telecom companies often store records of SMS messages and call metadata, such as timestamps and participants, for extended periods. These records can be accessed by unauthorized entities, whether through hacking, legal demands, or internal misuse.
  5. Incompatibility with Modern Security Practices: Traditional phone systems lack advanced features like forward secrecy, which ensures that past communications remain secure even if encryption keys are compromised in the future. This shortfall leaves voice and SMS communications inherently vulnerable to retrospective attacks.

The Case for Encrypted Messaging

Encrypted messaging platforms, such as Signal, WhatsApp, and Telegram (when using secret chats), offer robust security features designed to protect user communications in the modern digital landscape. Here’s why these platforms are superior:

  1. End-to-End Encryption: With end-to-end encryption, only the sender and recipient can access the communication content. Even the service provider cannot read messages or listen to calls.
  2. Minimized Metadata: Platforms like Signal prioritize user privacy by minimizing the collection of metadata—the data about your communication, such as who you contact and when. This reduces the risk of surveillance and profiling.
  3. Enhanced Authentication: Encrypted messaging apps often provide additional security features, such as safety numbers or QR code verifications, to ensure that you are communicating with the intended recipient and not an imposter.
  4. Resistance to SIM Swapping: These platforms decouple identity from phone numbers by using unique identifiers or alternative authentication methods, reducing the risk of SIM swap attacks.
  5. Open-Source Code: Many secure messaging apps, including Signal, are open source. This transparency allows security experts to audit the code for vulnerabilities, ensuring robust protection against emerging threats.

While voice calls and SMS may seem convenient, their inherent vulnerabilities make them ill-suited for secure communication in today’s threat landscape. By adopting encrypted messaging platforms like Signal, individuals can safeguard their personal information and maintain privacy in an increasingly connected world. Making the switch is not just a step toward better security; it is an essential measure to protect our fundamental right to private communication.

Voice and SMS insecure by design Read Post »

Ban TP-Link or shed a light on all router vulnerabilities?

Recent discussions around a proposal to ban TP-Link routers due to security concerns have ignited debates about the safety of internet-connected devices. While the scrutiny of TP-Link may be warranted, focusing solely on one vendor obscures a larger and more systemic issue: the pervasive vulnerabilities of routers and other connected devices due to inadequate security practices and lack of regular updates.

Understanding the TP-Link Ban Proposal

The proposal to ban TP-Link routers stems from concerns about security flaws that could potentially expose users to cyberattacks. Critics argue that TP-Link devices may be particularly susceptible to exploits due to insufficient firmware updates, weak default settings, or vulnerabilities in design. Such issues can lead to unauthorized access, data theft, or the integration of compromised devices into larger botnet networks used for malicious purposes.

However, TP-Link is not alone in facing such accusations. Numerous vendors across the industry grapple with similar challenges, raising the question: Are we addressing the root of the problem by singling out one company?

A Broader Look at Router Vulnerabilities

Routers are a cornerstone of modern internet infrastructure, yet they are often overlooked when it comes to security. Many routers are:

  1. Shipped with outdated firmware: Devices often come with pre-installed software that may contain vulnerabilities.
  2. Rarely updated by users: Unlike smartphones or computers, routers typically lack automated update systems, and users may not even be aware updates are available.
  3. Configured with weak defaults: Default usernames, passwords, and settings are frequently exploited by attackers.
  4. Unsupported after a few years: Vendors frequently discontinue updates for older models, leaving them open to exploitation.

These issues are compounded by a lack of user awareness and minimal oversight. When these vulnerabilities are exploited, the consequences extend beyond individual users, affecting broader networks and even critical infrastructure.

The Need for Comprehensive Action

Rather than isolating TP-Link as a singular offender, policymakers, industry leaders, and consumers should recognize that the entire ecosystem of internet-connected devices is at risk. Addressing these vulnerabilities requires a multi-pronged approach:

  1. Mandatory Security Standards: Industry bodies should enforce baseline security standards for all internet-connected devices. These should include strong default settings, encrypted communication, and regular security audits.
  2. Automatic Updates: Vendors should implement automatic firmware updates to ensure devices remain secure without requiring user intervention.
  3. Extended Support Commitments: Manufacturers must provide security updates for a minimum number of years after a device’s release, ensuring older devices are not abandoned.
  4. User Education: Consumers should be informed about the importance of regular updates, strong passwords, and proper router configuration.
  5. Incentivizing Secure Design: Governments could provide certifications for vendors that prioritize security in their product design and lifecycle management.

Moving Beyond Reactive Measures

The TP-Link ban proposal is a wake-up call but risks being a band-aid solution if it does not lead to broader systemic changes. As our homes and workplaces become increasingly connected, the security of every device in the network matters. Addressing vulnerabilities at the source, ensuring long-term support, and fostering a culture of proactive security are essential steps toward safeguarding our digital future.

The discussion should not stop at TP-Link. Instead, it should expand to encompass the broader vulnerabilities inherent in internet-connected devices, with collaborative efforts aimed at raising the bar for security across the industry. Only then can we ensure a safer and more resilient digital ecosystem for everyone.

Ban TP-Link or shed a light on all router vulnerabilities? Read Post »

Cyber security concerns with the Internet of Things (IOT)

The Internet of Things (IoT) has revolutionized the way we interact with technology. It has made it possible for our devices to communicate with each other, collect data, and automate tasks, making our lives more convenient and efficient. However, the increasing reliance on IoT devices also raises concerns about cybersecurity.

IoT refers to the network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, and connectivity to enable these objects to connect and exchange data. This inter-connectivity creates a vast attack surface that cyber-criminals can exploit. With every connected devices being a potential entry point, the consequences of a successful attack can be severe.

One of the biggest cybersecurity concerns with the IoT is that many of these devices lack basic security measures, such as password protection or encryption. This makes them easy targets for hackers to gain access to sensitive information or to launch attacks. Furthermore, many IoT devices have weak security because manufacturers prioritize functionality and cost over security.

Another issue with IoT devices is that they are often not designed to be updated or patched for security vulnerabilities. This means that any security flaws found in the device are unlikely to be addressed, leaving them vulnerable to exploitation.

Additionally, IoT devices often collect and store vast amounts of data, including personal information. If this information is not properly secured, it can be accessed by cyber-criminals and used for malicious purposes.

One recent example of an IoT security breach was the Mirai botnet attack in 2016. The Mirai botnet infected IoT devices with weak security and used them to launch a distributed denial-of-service (DDoS) attack, which brought down several high-profile websites.

To address these cybersecurity concerns, manufacturers of IoT devices need to prioritize security in their design and development processes. This includes implementing strong password protection, encryption, and regular software updates. Consumers can also take steps to protect their IoT devices, such as changing default passwords, keeping their devices updated with the latest security patches, and being mindful of the data they share with these devices.

In conclusion, the increasing popularity of IoT devices has led to a vast attack surface for cyber-criminals. However, with better security measures and awareness, we can mitigate the risks and continue to enjoy the benefits of this technology. It is essential that both manufacturers and consumers take responsibility for IoT security to ensure the safety and privacy of users.

Cyber security concerns with the Internet of Things (IOT) Read Post »

2021 New Desktop

I decided it was time to build a new desktop for myself.

AMD Ryzen 5 3600 6-Core, 12-Thread Unlocked
MSI ProSeries Micro-ATX Motherboard (B450M PRO-VDH Max)
Hynix IC 32GB KIT(2x16GB) DDR4 3200MHz PC4-25600 CL16 1.35V
Samsung SSD 860 EVO 1TB 2.5 Inch SATA III Internal SSD
Corsair CX Series 550 Watt 80 Plus Bronze Certified Modular Power Supply
Thermaltake Versa H17 Black Micro ATX Mini Tower
Antec 120mm Case Fan (5)
ThreeBulls 2 Pack 4-Pin PWM Fan Splitter Cable

I reused my old MSI GT 1030 2GD4 LP OC which helped to keep the price down to $660. I typically build at a pretty low budget trying to get the most bang for my buck.

This desktop will be running Ubuntu Linux 20.04.

2021 New Desktop Read Post »