As if worrying about downloading software with possible viruses and other malware, now you have to be worried about technology you buy having spyware and other intrusive software.
Share your thoughts?
Center of Excellence
Capella has been designated a National Center of Academic Excellence in Information Assurance Education (CAEIAE) by the National Security Agency and the U.S. Department of Homeland Security. Capella’s information security curriculum meets the NSA Committee on National Security Systems standards 4011, 4013, 4014.
CNSS Certification
The NSA’s Information Assurance Courseware Evaluation (IACE) Review Committee has validated that Capella’s information security curriculum meets the Committee on National Security Systems (CNSS) National Standards 4011, 4013. Additional courses are needed for 4014. Learn what it means to a Capella learner.
This entry was posted in Current Topics, Security and tagged Capella University, Information Assurance and Security, Information Assurance and Security Community, malware, spyware, viruses. Bookmark the permalink.
5 Comments
I recall back during the 2007/8 holiday shopping season a flurry of trojan and malware-infected digital picture frames hitting the retail market.
Out of curiosity, I actually went out to my local Sam’s Club and purchased an ADS “deluxe” digital picture frame. Mine was already labelled to “alert the consumer” that firmware was installed with an “upgrade” that had removed “suspected problem” code.
This particular frame was interesting in that it was apparently running some form of DFS/Samba as any Windows Vista system within range of its wireless antenna, would display its “My Pictures” folder on the frame!
I disassembled mine and saw how it could be it could be infected. Although it was a turnkey system, the electronics provisioned for the addition of a circuit board that would enable a telnet service port. If enabled, a Linux system console (based on the chipset) would be accessible from there.
That’s not so surprising though. It’s possible to find other examples of the basic functionality of OEM devices able to be modified. For instance, Yahoo has multiple forums on modifying the LinkSys (Cisco) NSLU2, the D-Link DSMG600 and others.
I’ve spoken to some folks in the industry that have told me of the possibility one can install reconnisance and penetration applications like Wireshark, NMAP, Metasploit and others on handheld devices, and sit in a WiFi-equipped cafe and willingly browse systems and network traffic.
Thanks David, I’ve seen some of these exact types, many of these electronic devices have console ports. Its understandable for maintenance, but I am not sure why these are turned on by default.
A disassembled device reveals an isolated area of four solder pads on the main electronics board. The pads are usually labelled CONS. This type of port requires an additional set of electronics to convert the internal signalling used on the board to ASCII based I/O via a DB9, DB15 or DB25 connector to support a terminal device. I haven’t seen one first hand, but perhaps also to an ethernet based interface using a different type of adapter.
One would presume such a port is used for final factory checkout but perhaps it is just an artifact left over from development never removed from the production design.
I suppose a manufacturer could take an extra step and add a blob of non-conductive epoxy over the pads but undoubtedly that would increase their cost.
I should note that some of the devices I mentioned were quietly removed from the market when certain manufacturers learned they were being modified by hobbyists.
Just a quick follow-up… the interface adapter I’ve referred to may be called by several names such as: “level-adapter”, “RS-232 transceiver”, “link-converter”, etc.
David, as a retired computer espionage/terrorism investigator for a couple of different .gov agencies, your discovery is quite interesting given my former background. Where were these frames made, just out of curiosity?