Archive for October 31, 2018

Moscow court issued an arrest warrant for the co-founder of hacker group "Humpty Dumpty"

Let's reminder that the process of the scandalous case of the hacker group "Humpty Dumpty" has been going on for several years. The investigation found that hackers broke into the mailboxes of officials and businessmen and then extorted money from them for non-proliferation of data.

This week the Court of Moscow arrested in absentia and declared in the international search of one of the founders of the hacker group "Humpty Dumpty" Alexander Glazastikow.

According to Media reports, the man left Russia and is in the Baltic States, or rather in Estonia, where he sought asylum.

In August 2018, another founder of "Humpty Dumpty" Vladimir Anikeev was released. The court sentenced him to two years in prison, but half of the term Anikeev served in the pre-trial detention centre.

An interesting fact is that the Press Secretary of the Prime Minister Dmitry Medvedev Natalia Timakova probably became one of the victims of the group.

Anikeev said that the correspondence of Timakova, consisting of 500 messages, dated 2004-2015 years, was bought within a week by the unknown for 150 bitcoins (at that time 38 000 $).

According to Alexander Glazastikow, from 2014 the group "Humpty Dumpty" has earned about two million dollars.

Telegram’s ‘secret chat’ feature stores conversations in plain text

The desktop variant for Telegram for dispatched a new feature called 'secret chats' for the users who wish for complete privacy for their communication. It occurred in this way, that the Telegram secure messaging app was unsuccessful in protecting the chat content locally and thusly offered access to plain text conversations and media that generally was encrypted.

Since Telegram's attention towards administering secure communication is notable the application utilizes encryption to guarantee that an outsider can't peruse the conversations on their way to the 'destination' and by using end-to-end encryption it ensures that just the sender and the receiver can get to the content.

These safety measures are against altering or breaking privacy in transit; the conversations and media files Telegram Desktop stores locally are genuinely simple to access and read since they are not encoded.

Nathaniel Suchy, a reverse engineer and software developer, was, fortunately, able to peruse the application's database and the messages spared there. Suchy said that  “Telegram uses a somewhat difficult to read, but otherwise, not encrypted, SQLite Database to store messages. By analyzing raw data converted to a simpler viewing format, I also found names and phone numbers that could be correlated to one another. Even so, the information is not easy to read, but custom scripts could help make the details stand out in a more intelligible way and automate the extraction.”

The researchers have proven the 'secret chat' feature as it turned out that every one of the messages goes to a similar database, regardless of whether they gain from end-to-end encryption or not. Even Media documents are not far behind as they have a very comparative destiny.

Telegram Desktop features highlights passport protection to counteract unapproved access to the application, yet this security choice does not include encryption. A technically knowledgeable and excessively inquisitive computer user could still be able to access some other users' chats.

Ensuring the information saved locally is conceivable by empowering full disk encryption from the operating system. This is accessible on Windows through BitLocker, on macOS through FileVault; the feature is available on Linux too.

Windows 10 Bug Allowed UWP Apps Full Access to User’s Files

A bug in Windows 10 which was keeping users from being informed when apps requested permission to access users' data has been taken care of by Microsoft in its on-hold Windows 10 October 2018 Update.
The bug could have given a malicious developer of Universal Windows Platform (UWP) apps access to all of the data including the files stored in OneDrive without the consent of the owner.
In terms of access, by default, UWP apps are restricted to files and folders located in the installation directory of apps and their data storage locations in AppData\Local, AppData\Roaming, and the Temp folder. However, the developer can request extra permissions for accessing locations other than these.
As illustrated in the Microsoft developer documentation for the broadFileSystemAccess permission, “This is a restricted capability. On first use, the system will prompt the user to allow access," It further says, "Access is configurable in Settings > Privacy > File system. If you submit an app to the Store that declares this capability, you will need to submit an app to the Store that declares this capability; you will need to supply additional descriptions of why your app needs this capability, and how it intends to use it."
It implies that when a developer adds this permission and uses an app for the first time with this permission, a settings screen will supposedly be displayed in Windows 10 where this permission (hence the access) can be enabled and it is configurable in settings as follows:
Settings > Privacy > File system 
The bug was discovered by Lechance in the wake of the creation of an app that required broadFileSystemAccess permission for accessing data in a hard coded “C:\myAppData" location. The app is reported to be crashing after upgrading. (October 2018 Update)
Until version 1809, the permission prompt i.e., to first reach settings to enable file system access was not imposed upon the users and the broadFileSystemAccess permission was accessible without giving explicit permission for the apps to have full file system access.  
On the solution front, Lechance advised UWP app developers trigger the below-mentioned command in order to avoid crashes that are likely to occur on the proper enforcement of the permission.
await Windows.System.Launcher.LaunchUriAsync(new Uri(“ms-settings:privacy-broadfilesystemaccess”));
The dark clouds of questioning and accountability are looming large over the developers who publish their app to the Microsoft store and use the broadFileSystemAccess. They are expected to come up with the causes leading to this permit requirement.

Microsoft shared details of Indian bank customers’ with US intelligence agencies

Microsoft consistently shared the financial data of Indian bank customers with the intelligence agencies in the United States, revealed an exclusive report by DNA Money.

According to the report, the Reserve Bank of India has expressed its concerns over the matter in a risk assessment report tabled before the banks’ audit committees.

 The data which was shared with the US agencies are of the customer's running an account with banks that have migrated to Microsoft Office 365 cloud-based email service.

“All the mailboxes had been migrated to office 365 Microsoft cloud environment. It was gathered from the Microsoft transparency hub that Microsoft is bound to share customers’ data under US Foreign Intelligence Surveillance Act (FISA) and US national security letters as and when required by the US authorities,” RBI official as quoted by DNA money.

However, the twist is that the Indian banks know about this data sharing, only the customers were unaware of any kind of information sharing.

The RBI observation says that from 2014 to 2016, Microsoft had shared information at least 3,036 occasions after nearly 4,000 government requests or legal demand requests for Indian customers in the US.

Microsoft spokesperson told DNA Money, “No government has direct access to any of our users’ data. Data privacy is a top priority for us. We never provide customer data unless we receive a legally valid warrant, order or subpoena about specific accounts or individual identifiers that we have reviewed and considered legally appropriate and consistent with the rule of law and our Microsoft principles.”

The Much Awaited MacOS’ Adroid File Transfer’s Bug Will Be Fixed At Last

The error in the MacOs’ Android file transfer that somehow led to the vanishing of creation dates is finally to be done away with. The bug is reportedly being worked on and soon will be fixed.

The Android File Transfer is a sophisticated way to shift files from android to macOS. There was a lot of whining and complaining about a major failure of this application.

The most recent bug in the said tool was reported to make the files lose the dates they were created on. The problem was imparted to Google issue tracker and now it is being affirmed that it will be fixed shortly.

The programme is technically pretty easy to go through. After the application is downloaded and opened the required files could simply be taken to the macOS applications feature, and the file transfer could then take place through a USB cable.

Quite a good number of bugs have already been fixed. The most recent version of Android File Transfer is created of the macOS version 10.7 and above. The most trouble was caused to the videographers and photographers because it led to their files getting haphazard. The Google Issue Tracker was quick about the bug report and responded promptly asking for a meticulous report.

Detailed information was forwarded to the development team to be further worked upon. Supposedly the bug has already been fixed and momentarily will be available for people in future buildups of the aforementioned application.