Monday, February 14. 2011
Expert Comments on Possible Web Fraud
I gave a short interview to Sat.1 today about the technical skills needed in order to implement a system for online bets. The interview was broadcast as part of a short report on a case where maybe online fraud was involved, though this is still to be clarified.
Thursday, November 26. 2009
TV interview on computer security - WDR
More and more police departments have special investigation teams so called cyber or computer crime units that deal with cyber crime incidents, such as stolen PIN or TANs for Online-Banking accounts or stolen credit card information. One such team was shown in the TV show WDR Lokalzeit where I was interviewed on how Jack Doe can protect himself from such harm.
Wednesday, April 1. 2009
Will Conficker destroy the world on April 1st?
Rumors are that one of the most widespread malware, Conficker (or Downadup) might strike on April 1st, 2009. I gave a short interview to the German TV station ARD that was partly broadcast as part of the ARD Mittagsmagazin (also broadcast on ZDF at the same time).
To me, there is no reason to wait for a specific date such as April 1st, for a malware to become active. This is a bit different if the malware itself spreads via email, such as Storm worm, and is completely based on social engineering. Furthermore, in my eyes, system administrators are fully aware of the danger that Conficker might pose, once its activated and thus look for it with special attention on April 1st. Any other date would then - from the attacker's point of view - make much more sense.
To me, there is no reason to wait for a specific date such as April 1st, for a malware to become active. This is a bit different if the malware itself spreads via email, such as Storm worm, and is completely based on social engineering. Furthermore, in my eyes, system administrators are fully aware of the danger that Conficker might pose, once its activated and thus look for it with special attention on April 1st. Any other date would then - from the attacker's point of view - make much more sense.
Thursday, February 26. 2009
T-Mobile G1 and Google apps
For the last 1.5 weeks I got a G1 in order to test it for the German TV Show "ServiceZeit Mobil" which is being broadcast on WDR. As this time, the show's topic was mobile phone security and tracking, I focused on IT security and data protection issues and found some interesting things.
First of all, I captured some packets while using Google Maps Mobile (currently version 3). As you might know there are a couple of techniques available to geolocate a phone. First of all, modern phones have GPS receivers. GPS is probably the most accurate location mechanism. Furthermore, information about nearby GSM/UMTS base stations can be used to localize a phone. This may be combined with triangulation on the phone itself.
Most surprising to me was the fact that the G1 also submits information about nearby Wifi base stations. Wifi cells are usually much smaller than GSM/UMTS cells and can provide more accurate results (and once location information is associated, it even provides localization in areas where GPS does not work such as in buildings or tunnels).
But, two important questions arise:
a) Why does the G1 send information about Wifi and GSM/UMTS base stations, even if GPS is available and enabled?
b) How does geolocation work with Wifi base stations? After all, one needs to have a database with all the base stations and their corresponding location in order to use it for localization.
I guess, there is one answer to both of them. It seems as if Google builds up its own localization database like so:
a) Make all users of Google Maps Mobile enable all "sensors", i.e. GPS, GSM/UMTS and Wifi
b) Submit information from all of the sensors to Google
c) If there is a user that can only provide e.g. Wifi base stations around, correlate this with known Wifi base stations in the database and use the GPS or GSM/UMTS information available which was submitted by other people beforehand
Here you can find a wireshark capture with some stuff highlighted.
Apart from that, it seems as if any device using Google Maps Mobile acts in the same way as described above for the G1.
My overall impression of the G1 is not very positive (it's a freak tool). The phone is heavy (my personal impression), however, the touchscreen works fine. All in all, I think it is not fully mature and would not recommend it. The version I tested had Android 1.0, I guess a lot could be improved by changes in the software.
First of all, I captured some packets while using Google Maps Mobile (currently version 3). As you might know there are a couple of techniques available to geolocate a phone. First of all, modern phones have GPS receivers. GPS is probably the most accurate location mechanism. Furthermore, information about nearby GSM/UMTS base stations can be used to localize a phone. This may be combined with triangulation on the phone itself.
Most surprising to me was the fact that the G1 also submits information about nearby Wifi base stations. Wifi cells are usually much smaller than GSM/UMTS cells and can provide more accurate results (and once location information is associated, it even provides localization in areas where GPS does not work such as in buildings or tunnels).
But, two important questions arise:
a) Why does the G1 send information about Wifi and GSM/UMTS base stations, even if GPS is available and enabled?
b) How does geolocation work with Wifi base stations? After all, one needs to have a database with all the base stations and their corresponding location in order to use it for localization.
I guess, there is one answer to both of them. It seems as if Google builds up its own localization database like so:
a) Make all users of Google Maps Mobile enable all "sensors", i.e. GPS, GSM/UMTS and Wifi
b) Submit information from all of the sensors to Google
c) If there is a user that can only provide e.g. Wifi base stations around, correlate this with known Wifi base stations in the database and use the GPS or GSM/UMTS information available which was submitted by other people beforehand
Here you can find a wireshark capture with some stuff highlighted.
Apart from that, it seems as if any device using Google Maps Mobile acts in the same way as described above for the G1.
My overall impression of the G1 is not very positive (it's a freak tool). The phone is heavy (my personal impression), however, the touchscreen works fine. All in all, I think it is not fully mature and would not recommend it. The version I tested had Android 1.0, I guess a lot could be improved by changes in the software.
Wednesday, February 11. 2009
Safer Internet Day 2009
Thursday, December 18. 2008
eBay fraud
Once more, a novel online auction scam hit eBay users just shortly before Christmas. This time, the fraudster(s) apparently first built up good reputation during some couple hundreds trouble-free auctions, but then duped buyers of (probably fake) watches by not delivering the goods.
Indications of this fraud scheme are:
a) accept (preferably) payment in advance
b) long delivery periods by default (such as 2 weeks)
In more detail, the fraudsters opened a whole lot of eBay auctions of watches without delivering. Rumors are that the advance payments summed up to a total amount of about 1.3 million Euros. You, as a customer, can probably best protect yourself by either using an escrow service or PayPal. I have been interviewed on this at WDR Lokalzeit Bergisches Land, today.
Indications of this fraud scheme are:
a) accept (preferably) payment in advance
b) long delivery periods by default (such as 2 weeks)
In more detail, the fraudsters opened a whole lot of eBay auctions of watches without delivering. Rumors are that the advance payments summed up to a total amount of about 1.3 million Euros. You, as a customer, can probably best protect yourself by either using an escrow service or PayPal. I have been interviewed on this at WDR Lokalzeit Bergisches Land, today.
