Windows BITS Service Used to Reinfect Computers with Malware

Crooks found a way to reinfect computers with malware via the Windows BITS service, months after their initial malware was detected and deleted from the infected system.

BITS (Background Intelligent Transfer Service) is a Windows utility for transferring files between a client and a server. The utility works based on a series of cron jobs and is the service in charge of downloading and launching your Windows update packages, along with other periodic software updates.

According to US-based Dell subsidiary SecureWorks, crooks are using BITS to set up recurring malware download tasks, and then leveraging its autorun capabilities to install the malware.

Abusing BITS is nothing new since criminals used the service in the past, as early as 2006, when Russian crooks were peddling malicious code capable of using BITS to download and installing malware on infected systems.Initial malware infection took place back in March 2016In the particular case, SecureWorks staff were called to investigate a system that had no malware infections but was still issuing weird security alerts regarding suspicious network activities.

The SecureWorks team discovered that the initial malware infection took place on a Windows 7 PC on March 4, 2016, and that the original malware, a version of the DNSChanger malware calledZlob.Q, had added malicious entries to the BITS service.

These rogue BITS tasks would download malicious code on the system and then run it, eventually cleaning up after itself.

Since the user’s antivirus removed the initial malware, the BITS tasks remained, re-downloading malware at regular intervals. Because BITS is a trusted service, the antivirus didn’t flag these activities as malicious but still issued alerts for irregular activities.BITS tasks could be used in much more dangerous waysIn this case, SecureWorks reports that the BITS jobs downloaded and launched a DLL file that executed as a “notification program.”

BITS jobs have a maximum lifetime of 90 days, and if the malware coder had used them properly, they could have had a permanent foothold on the infected system.

SecureWorks staff presents a method of searching for malicious BITS tasks in their technical write-up, along with a list of domains from where this particular infection kept downloading malicious code.

To read more and the original story follow this link to Softpedia. 

Backdoors and surveillance mechanisms in iOS devices

This paper is actually half a year old – give or take – but it’s gotten a lot of attention recently due to, well, the fact that he has uploaded a PowerPoint from a talk about these matters, which is obviously a little bit more accessible than a proper scientific journal article.

For instance, despite Apple’s claims of not being able to read your encrypted iMessages, there’s this:

“In October 2013, Quarkslab exposed design flaws in Apple’s iMessage protocol demonstrating that Apple does, despite its vehement denial, have the technical capability to intercept private iMessage traffic if they so desired, or were coerced to under a court order. The iMessage protocol is touted to use end-to-end encryption, however Quarkslab revealed in their research that the asymmetric keys generated to perform this encryption are exchanged through key directory servers centrally managed by Apple, which allow for substitute keys to be injected to allow eavesdropping to be performed. Similarly, the group revealed that certificate pinning, a very common and easy-to-implement certificate chain security mechanism, was not implemented in iMessage, potentially allowing malicious parties to perform MiTM attacks against iMessage in the same fashion.”

There are also several services in iOS that facilitate organisations like the NSA, yet these features have no reason to be there. They are not referenced by any (known) Apple software, do not require developer mode (so they’re not debugging tools or anything), and are available on every single iOS device.

One example of these services is a packet sniffer, com.apple.pcapd, which “dumps network traffic and HTTP request/response data traveling into and out of the device” and “can be targeted via WiFi for remote monitoring”. It runs on every iOS device. Then there’s com.apple.mobile.file_relay, which “completely bypasses Apple’s backup encryption for end-user security”, “has evolved considerably, even in iOS 7, to expose much personal data”, and is “very intentionally placed and intended to dump data from the device by request”.

This second one, especially, only gave relatively limited access in iOS 2.x, but in iOS 7 has grown to give access to pretty much everything, down to “a complete metadata disk sparseimage of the iOS file system, sans actual content”, meaning time stamps, file names, names of all installed applications and their documents, configured email accounts, and lot more. As you can see, the exposed information goes quite deep.

Apple is a company that continuously claims it cares about security and your privacy, but yet they actively make it easy to get to all your personal data. There’s a massive contradiction between Apple’s marketing fluff on the one hand, and the reality of the access iOS provides to your personal data on the other – down to outright lies about Apple not being able to read your iMessages.

Those of us who aren’t corporate cheerleaders are not surprised by this in the slightest – Apple, Microsoft, Google, they’re all the same – but I still encounter people online every day who seem to believe the marketing nonsense Apple puts out. People, it doesn’t get much clearer than this: Apple does not care about your privacy any more or less than its competitors.

Source: OS News

Note: this is not mentioned in the original article but is definitely worth noting that there is at least one company put there that cares about your privacy and always has and is the leader in security. That’s BlackBerry of course, they should be recognized for how great they are and they continually get over looked unless it is for something negative. BlackBerry for life! Best mobile OS is BlackBerry 10, period.

Rugged, wildly modular tablet runs Android and Linux

CrossfirePro running Android

Entegra announced a rugged, modular tablet that’s configurable for a wide range of environments and applications, and supports both Android 4.2 and Linux.

Entegra’s CrossfirePro is unlike any tablet you’ve encountered: it’s the consummate chameleon of rugged slates, boasting a modularity that starts with its snap-in Qseven computer-on-module processing core and extends to nearly every aspect of its I/O and software. Though it ships standard with a 1.86GHz quad-core Intel Bay Trail M-series N2930 processor, the COM-based core supports alternatives ranging from faster or slower Intel and AMD x86 CPUs, to ARM-based SoCs. It also accepts I/O add-ons such as barcode scanners, magnetic strip readers, fingerprint scanners, smart card and NFC readers, and a variety of custom modules, says the company.

CrossfirePro with a rear-mounted cardswipe/keypad module

Entegra also offers three docks for the CrossfirePro, which support its use in office, point-of-sale, and vehicular environments. These would presumably be accompanied by snap-in or add-on modules, operating systems, and application software suitable to each market.

CrossfirePro Desk Dock

CrossfirePro Vehicle Dock

CrossfirePro Point-of-sale Dock

The photos below show how the Qseven COM and mSATA storage devices snap into compartments in the rear of the tablet.

CrossfirePro’s configurable Qseven COM and mSATA storage device

To support such an extensive array of modularity, Entegra designed a unique mainboard that’s controlled by a PIC microcontroller. The PIC chip serves as a “traffic cop” to initialize and manage the options it discovers upon power-up, as illustrated in the diagram below.

CrossfirePro’s PIC µC discovers modules and configures the tablet accordingly on power-up

For a full list of the specs follow the source link below.

Source: LinuxGizmos.com

Five reasons Microsoft could become a top Android smartphone company

I thought this article brought up some good points and thought I would share it here.

1) Microsoft already makes major profits from Android.
How much? Thanks to its patent agreements, Microsoft may have made as much as $3.4 billion in 2013 from Android sales. If it wasn’t for its Android patents, the analyst firm Nomura thinks Microsoft’s entertainment and devices division (EDD), which covers Xbox, Windows Phone and Skype would actually lose $2-billion dollars a year!

With its forthcoming Nokia acquisition, Microsoft could make ten times that much from its own Android smartphones. Also, unlike its potential Android competitors, Microsoft won’t have to pay its own patent fees. That automatically makes each MS-Android phone more profitable for Microsoft than an equivalent device for say Samsung.

Thinking of the Android phone powerhouse, Samsung owns the Android smartphone market the way Microsoft controls the PC market. Microsoft is one of the few companies with the resources to go toe-to-toe with Samsung. All it needs is to commit to a mobile operating system that people wants.

2) Android already owns the market.
The smartphone OS that everyone wants is Android. IDC’s latest fourth-quarter ranking shows Android has more than 78 percent of the worldwide smartphone market.. Between Android and IOS, the powerful mobile OS pair has 95 percent of the market.

I don’t care how much you may like some Windows Phones, they’re not selling. It’s been over a year now Windows Phone 8 was introduced, and it’s still not making serious inroads on either Android or iOS.

3) MS-Android has unique advantages over its competitors.
Ask anyone who makes Android phones what their biggest marketing problem is and they’ll tell that’s it’s trying to get their devices to stand out from their competitors. So, they add bloatware, which customers usually hate, or they paint on their own custom interface, which really doesn’t look that different from anyone else’s front-end.

What’s a company to do? Well, if you’re Microsoft, it can offer customers, Outlook instead of Gmail; Office 365 over Google Docs; and OneDrive, formerly SkyDrive, in place of Google Drive. Get the idea?

Microsoft has real software-as-a-service (SaaS) and infrastructure-as-a-service (IaaS) alternatives to Google’s offerings. While I have no love for Microsoft’s applications, there are hundreds of millions of users who have been using Outlook and Office since they first used a computer. A lot of them would love to use the apps they’ve known since they were kids on a widely-supported platform such as Android.

4) Lower development costs.
I don’t know how much Microsoft is spending on building Windows Phone 9, but it’s got to be north of a hundred million. How much does it cost to build Android? Oh wait, Microsoft doesn’t have to spend a thin dime on creating Android! Google, and other open-source developers, are the ones picking up the tab to build the Android Open Source Project (AOSP).

5) More apps, more developers
Android also already has a huge number of developers and existing applications. In fact, the Google Play store already has a million apps. Windows Phone? It probably just crossed over 200,000 apps. The Android developers are out there, it won’t cost them much money or time to bring their apps to MS-Android.

Presto! For far less money, Microsoft cuts its internal development costs and opens its doors to tens of thousands of new developers and hundreds of thousands of new programs.

ZD Net

RIM Considering Selling Its Hardware Production Arm, Post BlackBerry 10 Launch

RIM CEO Thorsten Heins

Research In Motion is considering selling its hardware production arm after the launch of BlackBerry 10, as one of a number of potential actions. RIM CEO Thorsten Heins said that a strategic review could lead towards the sale, or potentially offering licenses for its software to other manufacturers, opening the door to non-RIM BlackBerry devices in the future.

In an interview with Die Welt, Heins confirmed the company was mulling over various courses of action it could take. When asked about licensing its software in a similar manner to how Microsoft licenses out its Windows Phone OS, Heins said that such a thing could only take place after their own products are released. “Before you license the software, you must show that the platform has a large potential,” said Heins, who also claimed the delay for BlackBerry 10 was due to the company building a platform “that is future-proof for the next ten years.” He also suggested that BlackBerry 10 could be used in devices other than smartphones, such as in cars and other vehicular systems.

The perception that BlackBerry was a tool for business was also attacked by Heins, referring to large consumer markets in Indonesia, South Africa, and the UK. While BlackBerry 10 will be launching globally, Heins will be looking at the less developed mobile markets for growth, as opposed to the US and Europe, which the company hopes will more than recoup the 1 million users that left the BlackBerry platform between the second and third quarters, leaving it currently at 79 million.

RIM’s most recent financial results saw revenues fall 5 percent to $2.7 billion, and an adjusted net loss of $114 million. The launch of BlackBerry 10 will see the company increase its marketing spending, and expects to still have an operating loss by the time the fourth quarter results are released.

Source: Electronista

Android-Powered Nexus One & Nexus S to Command Small Scale Spacecraft

NASA’s Research Center, Ames, is working on a new project designed to lower the cost of launching and operating small satellites. These specific satellites are Low Earth Orbit (LEO). This will use the Android-powered phones the Nexus One and the Nexus S to command the spacecraft.

The project is know as PhoneSat, and it will launch two different satellites into LEO orbit, both with different goals.

First there is PhoneSat 1.0 and it is based on the Nexus One. The one and only primary goal for PhoneSat 1.0 is to stay alive, meaning it is designed to test if the smartphone can operate for a reasonable amount of time while in space. The Nexus One is to use it’s camera to take pictures and send them back to Earth with other general information about the spacecraft. There will be an external radio beacon in place to indicate the satellite itself is ok and intact. This also is because if the signal is being received from the beacon and no signal is being received from the Nexus, then the problem is with the Nexus and not the spacecraft, there is also an external device that monitors the Nexus One and reboots it if the flow of data stops.

Google Nexus One

Second there is PhoneSat 2.0 which will be based on the Nexus S. Phone 2.0 will also feature additional hardware over PhoneSat 1.0. It will have solar panels so it will operates for a longer period of time, and scientist will be able to send commands to PhoneSat 2.0 because it has a two way radio. The last feature is PhoneSat 2.0 will have magnetorquer coils and reactions wheels, these are devices that will allow the satellite to orient itself and maintain proper position using electricity from the solar panels.

Google Nexus S

PhoneSat is part of a larger NASA program, the Small Spacecraft Technology Program, which has a goal to leverage the incredible technological advances in consumer technology to create cheaper spacecraft.

According to Ames engineer Chris Boshuizen “Your cellphone is really a $500 robot in your pocket that can’t get around. A lot of the real innovation now happens in entertainment and cellphone technology, and NASA should be going forward with their stuff.”

The hardware that these devices contain does make sense why they are perfect for this kind of project. They have GPS, cameras, compass, gyroscope, microphone and so on. To save weight the screens and cases will be removed and the batteries replaced with something more powerful and designed for the adventures.

Another reason why this makes sense to use Google’s Android OS is because it is open source and can be configured however NASA desires. NASA can modify the source code of the OS they want on the devices and then flash it to their satellite.

In 2010 a group of engineers put two Nexus One devices into high altitude rockets to see if they could handle the extreme forces of launching. One of the Nexus One devices was destroyed when its parachute did not deploy, but the other Nexus One landed and was in perfect working condition. Both devices recorded data during the entire ride.

Watch this Youtube Video Here