Blog‎ > ‎

WPS, APE Payments, Nordnet, GAE SDK, FS, HAProxy, iLOQ S10, port knocking

posted Feb 5, 2012, 3:31 AM by Sami Lehtinen   [ updated Feb 5, 2012, 4:27 AM ]
  • WPS is absolutely broken by bad design. It's very important to disable WPS completely from your WLAN / Wi-Fi router / station. Check out Reaver cracking tool. PIN and Push Button features are highly vulnerable, future NFC or USB based modes could be better.
  • APE Payment: They instruct users to globally enable all 3rd party cookies. Just to allow use of their services. Why? After quick testing at least Firefox easily allows to enable 3rd party cookies just for one specified domain. Which is enough in this case. I IE worked just fine too. But with Google Chrome there was strange thing. It was possible to block 3rd party cookies from certain domains, but there wasn't option to allow 3rd party cookies only from specified domain(s). That's quite a problem in this case. So 3rd party cookies must be globally enabled to use APE Payment.
  • Nordnet Bank doesn't use 2FA/SMS authentication. Their system is already capable of sending SMS messages and they could even charge for authentication messages. But they still refuse to do this. It's interesting to see how banking sector handles security suggestions from customers. They're hadling large sums of money, because they're major nordic stock broker. But customer security isn't that important, right?
  • Updated to latest Google App Engine SDK 1.6.2 and tested that my projects work perfectly with it. I still should upgrade from Python 2.5 runtime to Python 2.7, but might be too early.
  • Checked latest file system develoment. What are the problems with larger ext4 and XFS file systems and how those issues can be solved.
  • I'm often checking routing, AS numbers and stuff. Nice and easy to use tools for anyone are route.im and robtex.com. But this TPB trace is really strange.
  • Tried HAProxy, it's very exellent load balancing tool.
  • Checked out iLOQ S10 locking system. I got installation offer from them. It seems that this solution got hardware design flaw, that can be used by attacker using several different exploits. Unfortunately I didn't have time to check out the digital part of this lock. Keys are using DS2432 1Kb 1-Wire chips with SHA512 engine. I'm pretty sure that electric part of the lock could be also exploitable, but its propably  much more complex and time consuming than those simple physical attacks. I personally would like to try those physical attacks, because those seem to pretty simple to do.
  • Installed port knocking software knockd to my private communication server.

Of course I also did lots of less interesting stuff.