[SecurityRatty] tag: counterfeit

Aspidistra

Mon, 10 Nov 2008 04:07:51 +0000

Aspidistra was a World War II man-in-the-middle attack. The vulnerability that made it possible was that German broadcast stations were mostly broadcasting the same content from a central source; but during air raids, transmitters in the target area were switched off to prevent them being used for radio direction-finding of the target.

The exploit involved the very powerful (500KW) Aspidistra transmitter, coupled to a directional antenna farm. With that power, they could make it sound like a local station in the target area.

With a staff of fake announcers, a fake German band, and recordings of recent speeches from high-ranking Nazis, they would smoothly switch from merely relaying the German network to emulating it with their own staff. They could then make modifications to news broadcasts, occasionally creating panic and confusion.

German transmitters were switched off during air raids, to prevent them from being used as navigational aids for bombers. But many were connected into a network and broadcast the same content. When a targeted transmitter switched off, Aspidistra began transmitting on their original frequency, initially retransmitting the German network broadcast as received from a still-active station. As a deception, false content and pro-Allied propaganda would be inserted into the broadcast. The first such "intrusion" was carried out on March 25, 1945, as shown in the operations order at the right.
On March 30, 1945, "Aspidistra" intruded into the Berlin and Hamburg frequencies warning that the Allies were trying to spread confusion by sending false telephone messages from occupied towns to unoccupied towns. On April 8, 1945, "Aspidistra" intruded into the Hamburg and Leipzig channels to warn of forged banknotes in circulation. On April 9, 1945, there were announcements encouraging people to evacuate to seven bomb-free zones in central and southern Germany. All these announcements were false.

The German radio network tried announcing "The enemy is broadcasting counterfeit instructions on our frequencies. Do not be misled by them. Here is an official announcement of the Reich authority." The Aspidistra station made similar announcements, to cause confusion and make the official messages ineffective.

EBay, British luxury goods group to discuss counterfeit sales

Thu, 24 Jul 2008 09:00:00 +0000

EBay and a British luxury goods industry group is meeting Monday to discuss how to stop sales of counterfeit goods online.

French ruling on counterfeit goods could have far-reaching effects for eBay

Mon, 07 Jul 2008 01:20:45 +0000

If it is upheld, a French court ruling that fined eBay $61 million for allowing the sale of counterfeit goods could have a significant effect on how the company runs its business in the future, legal analysts said.

Woman gets two years for aiding Nigerian Internet check scam

Wed, 25 Jun 2008 20:00:00 +0000

A Washington woman was sentenced on Wednesday to two years in prison and five years of supervised release for her role in an Internet counterfeit check scheme.

FBI Freaks Out and Mixes Up Issues, but There Is a Valid Point in There

Mon, 02 Jun 2008 07:16:35 +0000

An FBI PowerPoint deck on the threat of getting counterfeit routers and such was reportedly found via an Internet search and posted here. The FBI (allegedly) makes the case that buying counterfeit network gear and getting your network gear with a trojan installed by a foreign power are linked.

Counterfeit gear has nothing really to do with having a backdoor installed. Having counterfeit gear can increase the likelihood of having some kind of rootkit or malware, but only in a general sense. If a foreign power wants to get you, it will do so on what looks like genuine gear in the original packaging - it doesn't need knock-off gear to do that (see the public domain examples listed in the article).

Creating a homeland security nexus is a good path to funding, albeit not always a legitimate case. There are too many examples of this bad behavior to list. The deck contains a point about vendors needing to link government sales and brand protection - instead, the point should be that government sales need to link to a trusted supply path.

Getting a trojan in new network gear is a big concern for very few people, and those few people may want to consider buying direct, rather than through resellers/channels.

FBI worried as DoD sold counterfeit networking gear

Thu, 08 May 2008 20:00:00 +0000

The U.S. Federal Bureau of Investigation is taking the issue of counterfeit Cisco equipment very seriously, according to a leaked FBI presentation that underscores problems in the Cisco supply chain.

Designing Processors to Support Hacking

Thu, 24 Apr 2008 09:52:33 +0000

This won best-paper award at the First USENIX Workshop on Large-Scale Exploits and Emergent Threats: "Designing and implementing malicious hardware," by Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou.

Hidden malicious circuits provide an attacker with a stealthy attack vector. As they occupy a layer below the entire software stack, malicious circuits can bypass traditional defensive techniques. Yet current work on trojan circuits considers only simple attacks against the hardware itself, and straightforward defenses. More complex designs that attack the software are unexplored, as are the countermeasures an attacker may take to bypass proposed defenses.
We present the design and implementation of Illinois Malicious Processors (IMPs). There is a substantial design space in malicious circuitry; we show that an attacker, rather than designing one speci?c attack, can instead design hardware to support attacks. Such ?exible hardware allows powerful, general purpose attacks, while remaining surprisingly low in the amount of additional hardware. We show two such hardware designs, and implement them in a real system. Further, we show three powerful attacks using this hardware, including a login backdoor that gives an attacker complete and highlevel access to the machine. This login attack requires only 1341 additional gates: gates that can be used for other attacks as well. Malicious processors are more practical, more flexible, and harder to detect than an initial analysis would suggest.

Theoretical? Sure. But combine this with stories of counterfeit computer hardware from China, and you've got yourself a potentially serious problem.

Microsoft admits it sent Office nag to all WSUS servers

Sat, 19 Apr 2008 09:00:00 +0000

System administrators are angry at Microsoft Corp. for pushing a trial anti-piracy program designed for limited distribution to all enterprise update servers, triggering incorrect warnings about counterfeit installations of Office.

eBay slammed over pirated software

Tue, 26 Feb 2008 21:00:00 +0000

A leading antipiracy body has accused eBay over counterfeit software, claiming in a new report that "at least 90% of all software available on eBay is illegal."

Storm Worm adopts counterfeit Christmas cheer

Thu, 27 Dec 2007 05:00:00 +0000

Year-old malware continues to spread botnet infections