Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Full-Disclosure] Insecurity in Finnish parlament (computers)
From: Markus Jansson (markus.janssonhushmail.com)
Date: Sat Dec 18 2004 - 19:19:38 CST
"The laptop computers used by members of parlament and their assistants
in here Finland have severe security holes. These laptop computers dont
have firewalls, file encryption and wiping tools, automatic update is
not turned on, operating system (WindowsXP) is on its default settings
for most, computers only support 802.11b WLAN which is insecure, etc.
etc. As a bonus, they use TeliaSonera GSM:s which are totally insecure
because they use COMP-128-1 and A5/1 for security. I contacted them
months ago but they havent bothered to answer me, nor to reporters I
have contacted later. Oh dear..."
1. The computers do not have firewall, not even ICF enabled. Users
cannot even enable it themselfes, since they dont have administrative
permissions on the computers. Any remote-exploit vulnerability or bad
passphrase and BUM! The computers is hacked.
2. The computers are mainly on default settings. They are WindowsXP. Do
I really need to say more about this issue and what happens from it?
3. The computers have support for Bluetooth and it is enabled by
default. This leaves many attack vectors inplace that are pretty
numerous for me to tell you. Also, they have firewire enabled, which
means that as in iPod:s case, anyone with such device can walk to one of
these laptops and download everything inside it. Ouch.
4. Laptops have WLAN, but it only supports the totally insecure 802.11b
5. Computers do not have any kind of encryption programs. All files and
folders are unencrypted. Even the EFS is turned off. There is no way to
secure personal or sensitive documents in the computer.
6. There are no wiping tools in the computers to wipe off sensitive or
personal files from them.
7. Computers do not have "Clear pagefile on shutdown" enabled, meaning
that sensitive data can be recovered from unwashed swapfile later on.
8. Users do not have administrator permissions on computer so they could
install neccessary security programs to them. Ofcourse, there is the
plus side that this *should* limit the damage to the systems
to...well..the user (= the member of parlament or their assistants). Ouch.
9. There are VPN connections in the computers, but it is unclear are
they protected against man-in-the-middle-attacks or not. My educated
guess is that they arent, meaning again...
10. Its unclear are the computers set on "automatic updates" or not. My
educated guess is that they arent, meaning again (especially if you look
at the point 1 again)...ouch.
11. Default browser is Internet Explorer, with default settings
ofcourse. Now, I dont have to tell you how serious security risk this
is, especially if you concider point 10...
12. MEP:s etc. use TeliaSonera GSM:s. The security that TeliaSonera uses
is COMP-128-1 and A5/1, which are all totally insecure and can easily be
broken with a laptop computer etc. meaning that their conversations can
easily be eavesdropped. They should use COMP-128-3 and A5/3 to make it
13. At TeliaSonera GSM networks, there is no protection against
"false-basestation" techique, which easy bypass of crypto by simply
turning it off from the "basestation". For example, Elisa uses
COMP-128-3 and A5/3 and does not allow phones to turn off crypto even
basestation orders them to do so.
I have contacted about this issue months ago to security personel in our
parlament. They havent even bothered to answer me, not to mention that
they would have fixed the computers security problems. So, here is it,
maybe they'll listen now.
My computer security & privacy related homepage
Use HushTools or GnuPG/PGP to encrypt any email
before sending it to me to protect our privacy.
Full-Disclosure - We believe in it.