InfoSec Week 51, 2018

Posted Dec 20, 2018

Google Project Zero published a blog about the FunctionSimSearch open-source library which is capable to find similar functions in the assembly.
They are using it to detect code statically-linked vulnerable library functions in executables.
https://googleprojectzero.blogspot.com/2018/12/searching-statically-linked-vulnerable.html

London’s police is testing facial recognition technology in central London this week. Feel free to get your face scanned and processed for the bright future.
https://arstechnica.com/tech-policy/2018/12/londons-police-will-be-testing-facial-recognition-in-public-for-2-days/

Facebook gave Spotify and Netflix access to a users’ private messages. Also shared user information with Microsoft, Amazon, Yahoo without explicit consent.
https://www.nytimes.com/2018/12/18/technology/facebook-privacy.html

Researchers published results of an investigation into Russian election interference on behalf of the US Senate Intelligence Committee. They have analyzed data sets from Facebook, Twitter, Google.
https://www.newknowledge.com/disinforeport

Adam Langley wrote about their further Google Chrome TLS experiments with the post-quantum lattice based cryptography.
https://www.imperialviolet.org/2018/12/12/cecpq2.html

Matthew Green wrote his thoughts on GCHQ’s latest proposal for surveilling encrypted messaging and phone calls.
https://blog.cryptographyengineering.com/2018/12/17/on-ghost-users-and-messaging-backdoors/

Tencent Blade Team discovered a remote code execution vulnerability in SQLite. It was already fixed in Chromium.
https://blade.tencent.com/magellan/index_en.html

Good story about the investigation of the Chinese industrial espionage.
https://www.bbc.co.uk/news/resources/idt-sh/Looking_for_Chinas_spies

University of California, Berkeley researchers are building open-source secure enclave using RISC-V.
https://hackaday.com/2018/12/13/risc-v-will-stop-hackers-dead-from-getting-into-your-computer/

Well-known cypherpunk movement founder Timothy May passed away.
https://reason.com/blog/2018/12/16/tim-may-influential-writer-on-crypto-ana

Microsoft introduced Windows Sandbox for applications.
https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849

Interesting paper on systematic parsing of X.509 certificates with strong termination guarantees: “Systematic Parsing of X.509: Eradicating Security Issues with a Parse Tree”.
https://arxiv.org/abs/1812.04959

A Dive into Cypherlock, a tool that could prevent forced decryption.
https://medium.com/chainrift-research/farewell-forced-decryption-a-dive-into-cypherlock-e515223a7123

Instant, re-usable, generic MD5 collisions over different file formats. https://github.com/corkami/pocs/blob/master/collisions/README.md