In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.

In early August of 2008, almost exactly 15 years ago, the Defcon hacker conference in Las Vegas was hit with one of the worst scandals in its history. Just before a group of MIT students planned to give a talk at the conference about a method they’d found to get free rides on Boston’s subway system—known as the Massachusetts Bay Transit Authority—the MBTA sued them and obtained a restraining order to prevent them from speaking. The talk was canceled, but not before the hackers’ slides were widely distributed to conference attendees and published online.

In the summer of 2021, 15-year-olds Matty Harris and Zachary Bertocchi were riding the Boston subway when Harris told Bertocchi about a Wikipedia article he’d read that mentioned this moment in hacker history. The two teenagers, both students at Medford Vocational Technical High School in Boston, began musing about whether they could replicate the MIT hackers’ work, and maybe even get free subway rides.

They figured it had to be impossible. “We assumed that because that was more than a decade earlier, and it had got heavy publicity, that they would have fixed it,” Harris says.

Bertocchi skips to the end of the story: “They didn’t.”

The Boston subway hackers (from left to right) Scott Campbell, 16; Noah Gibson, 17; Matty Harris, 17; and Zack Bertocchi, 17.Photograph: Roger Kisby

Now, after two years of work, that pair of teens and two fellow hacker friends, Noah Gibson and Scott Campbell, have presented the results of their research at the Defcon hacker conference in Las Vegas. In fact, they not only replicated the MIT hackers’ 2008 tricks, but took them a step further. The 2008 team had hacked Boston’s Charle Ticket magstripe paper cards to copy them, change their value, and get free rides—but those cards went out of commission in 2021. So the four teens extended other research done by the 2008 hacker team to fully reverse engineer the CharlieCard, the RFID touchless smart cards the MBTA uses today. The hackers can now add any amount of money to one of these cards or invisibly designate it a discounted student card, a senior card, or even an MBTA employee card that gives unlimited free rides. “You name it, we can make it,” says Campbell.

To demonstrate their work, the teens have gone so far as create their own portable “vending machine”—a small desktop device with a touchscreen and an RFID card sensor—that can add any value they choose to a CharlieCard or change its settings, and they’ve built the same functionality into an Android app that can add credit with a tap. They demonstrate both tricks in the video below:

In contrast to the Defcon subway-hacking blowup of 2008—and in a sign of how far companies and government agencies have come in their relationship with the cybersecurity community—the four hackers say the MBTA didn’t threaten to sue them or try to block their Defcon talk. Instead, it invited them to the transit authority headquarters last year to deliver a presentation on the vulnerabilities they’d found. Then the MBTA politely asked that they obscure part of their technique to make it harder for other hackers to replicate.

The hackers say the MBTA hasn’t actually fixed the vulnerabilities they discovered and instead appears to be waiting for an entirely new subway card system that it plans to roll out in 2025. When WIRED reached out to the MBTA, its director of communications, Joe Pesaturo, responded in a statement that “the MBTA was pleased that the students reached out and worked collaboratively with the fare collection team.”

“It should be noted that the vulnerability identified by the students does NOT pose an imminent risk affecting safety, system disruption, or a data breach,” Pesaturo added. “The MBTA's fraud detection team has increased monitoring to account for this vulnerability \[and\] does not anticipate any significant financial impact to the MBTA. This vulnerability will not exist once the new fare collection system goes live, due to the fact that it will be an account-based system versus today’s card-based system.”

The high schoolers say that when they started their research in 2021, they were merely trying to replicate the 2008 team’s CharlieTicket hacking research. But when the MBTA phased out those magstripe cards just months later, they wanted to understand the inner workings of the CharlieCards. After months of trial and error with different RFID readers, they were eventually able to dump the contents of data on the cards and begin deciphering them.

Unlike credit or debit cards, whose balances are tracked in external databases rather than on the cards themselves, CharlieCards actually store about a kilobyte of data in their own memory, including their monetary value. To prevent that value from being changed, each line of data in the cards’ memory includes a “checksum,” a string of characters computed from the value using the MBTA’s undisclosed algorithm.

The hackers figured out how to reproduce a “checksum” calculation intended to prevent the value stored on CharlieCards from being changed, circumventing that anti-hacking protection.Photograph: Roger Kisby

By comparing identical lines of memory on different cards and looking at their checksum values, the hackers began to figure out how the checksum function worked. They were eventually able to compute checksums that allowed them to change the monetary value on a card, along with the checksum that would cause a CharlieCard reader to accept it as valid. They computed a long list of checksums for every value so that they could arbitrarily change the balance of the card to whatever amount they chose. At the MBTA’s request, they’re not releasing that table, nor the details of their checksum reverse engineering work.

Not long after they made this breakthrough, in December of last year, the teens read in the _Boston Globe_ about another hacker, an MIT grad and penetration tester named Bobby Rauch, who had figured out how to clone CharlieCards using an Android Phone or a Flipper Zero handheld radio-hacking device. With that technique, Rauch said he could simply copy a CharlieCard before spending its value, effectively obtaining unlimited free rides. When he demonstrated the technique to the MBTA, however, it claimed it could spot the cloned cards when they were used and deactivate them.

Early this year, the four teenagers showed Rauch their techniques, which went beyond cloning to include more granular changes to a card’s data. The older hacker was impressed and offered to help them report their findings to the MBTA—without getting sued.

In working with Rauch, the MBTA had created a vulnerability disclosure program to cooperate with friendly hackers who agreed to share cybersecurity vulnerabilities they found. The teens say they were invited to a meeting at the MBTA that included no fewer than 12 of the agency’s executives, all of whom seemed grateful for their willingness to share their findings. The MBTA officials asked the high schoolers to not reveal their findings for 90 days and to hold details of their checksum hacking techniques in confidence, but otherwise agreed that they wouldn’t interfere with any presentation of their results. The four teens say they found the MBTA’s chief information security officer, Scott Margolis, especially easy to work with. “Fantastic guy,” say Bertocchi.

The teens say that as with Rauch’s cloning technique, the transit authority appears to be trying to counter their technique by detecting altered cards and blocking them. But they say that only a small fraction of the cards they’ve added money to have been caught. “The mitigations they have aren’t really a patch that seals the vulnerability. Instead, they play whack-a-mole with the cards as they come up,” says Campbell.

“We’ve had some of our cards get disabled, but most get through,” adds Harris.

So are all four of them using their CharlieCard-hacking technique to roam the Boston subway system for free? “No comment.”

For now, the hacker team is just happy to be able to give their talk without the heavy-handed censorship that the MBTA attempted with its lawsuit 15 years ago. Harris argues that the MBTA likely learned its lesson from that approach, which only drew attention to the hackers’ findings. “It’s great that they’re not doing that now—that they’re not shooting themselves in the foot. And it’s a lot less stressful for everyone,” Harris says.

He’s also glad, on the other hand, that the MBTA took such a hardline approach to the 2008 talk that it got his attention and kickstarted the group’s research almost a decade and a half later. “If they hadn’t done that,” Harris says, “we wouldn’t be here.”

_Update 5 pm ET, August 10, 2023: Added a statement form an MBTA spokesperson._

Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued

As the international tech giant moves toward Russian ownership, the leak raises concerns about the volume of data it has on its users.

The code also shows how Yandex can combine data from multiple services. McCrea says in one complex process, an adult’s search data may be pulled from the Yandex search tool, AppMetrica, and the company’s taxi app to predict whether they have children in their household. Some of the code categorizes whether children may be over or under 13. (Yandex’s Cherevko says people can order taxis with children’s seats, which is a sign they may be “interested in specific content that might be interesting for someone with a child.”)

One element within the Crypta code indicates just how all of this data can be pulled together. A user interface exists that acts as a profile about someone: It shows marital status, their predicted income, whether they have children, and three interests—which include broad topics such as appliances, food, clothes, and rest. Cherevko says this is an “internal Yandex tool” where employees can see how Crypta’s algorithms classify them, and they can only access their own information. “We have not encountered any incidents related to access abuse,” he says.

Government Influence

Yandex is going through a breakup. In November 2022, the company’s Netherlands-based parent organization, Yandex NV, announced it will separate itself from the Russian business, following Russia’s invasion of Ukraine. Internationally, the company, which will change its name, is planning to develop self-driving technologies and cloud computing, while divesting itself from search, advertising, and other services in Russia. Various Russian businessmen have been linked to the potential sale. (At the end of July, Yandex NV said it plans to propose its restructuring to shareholders later this year.)

While the uncoupling is being worked out, Russia has been trying to consolidate its control of the internet and increasing censorship. A slew of new laws requires more companies and government services in the country to use home-grown tech. For instance, this week, Finland and Norway’s data regulators blocked Yandex’s international taxi app from sending data back to Russia due to a new law, which comes into force in September, that will allow the Federal Security Service (FSB) access to taxi data.

These nationalization efforts coupled with the planned ownership change at Yandex are creating concerns that the Kremlin may soon be able to use data gathered by the company. Stanislav Shakirov, the CTO of Russian digital rights group Roskomsvoboda and founder of tech development organization Privacy Accelerator, says historically Yandex has tried to resist government demands for data and has proved better than other firms. (In June, it was fined 2 million rubles ($24,000) for not handing data to Russian security services.) However, Shakirov says he thinks things are changing. “I am inclined to believe that Yandex will be attempted to be nationalized and, as a consequence, management and policy will change,” Shakirov says. “And as a consequence, user data will be under much greater threat than it is now.”

Bakunov, the former Yandex engineer, who reviewed some of McCrea’s findings at WIRED’s request, says he is scared by the potential for the misuse of data going forward. He says it looks like Russia is a “new generation” of a “failed state,” highlighting how it may use technology. “Yandex here is the big part of these technologies,” he says. “When we built this company, many years ago, nobody thought that.” The company’s head of privacy, Cherevko, says that within the restructuring process, “control of the company will remain in the hands of management.” And its management makes decisions based on its “core principles.”

But the leaked code shows, in one small instance, that Yandex may already share limited information with one Russian government-linked company. Within Crypta are five “matchers” that sync fingerprinting events with telecoms firms—including the state-backed Rostelecom. McCrea says this indicates that the fingerprinting events could be accessible to parts of the Russian state. “The shocking thing is that it exists,” McCrea says. “There's nothing terribly shocking within it.” (Cherevko says the tool is used for improving the quality of advertising, helping it to improve its accuracy, and also identifying scammers attempting to conduct fraud.)

Overall, McCrea says that whatever happens with the company, there are lessons about collecting too much data and what can happen to it over time when circumstances change. “Nothing stays harmless forever,” she says.

Leaked Yandex Code Breaks Open the Creepy Black Box of Online Advertising

The legacy electronics manufacturer is creating IoT honeypots with its products to catch real-world threats and patch vulnerabilities in-house.

Internet-of-things devices have been plagued by security issues and unfixed vulnerabilities for more than a decade, fueling botnets, facilitating government surveillance, and exposing institutional networks and individual users around the world. But many manufacturers have been slow to improve their practices and invest in raising the bar. At the Black Hat security conference in Las Vegas today, researchers from Panasonic laid out the company's strategy for improving IoT defenses based on a five-year project to gather and analyze data on how the company's own products are attacked.

The researchers use Panasonic home appliances and other internet-connected electronics made by the company to create honeypots that lure real-world attackers to exploit the devices. This way Panasonic can capture current strains of malware and analyze them. Such IoT threat intelligence work is rare from a legacy manufacturer, but Panasonic says it would like to share its findings and collaborate with other companies so the industry can start to compile a broader view of the latest threats across products.

“Attack cycles are becoming faster. And now the malware is becoming all the more complicated and complex,” says Yuki Osawa, chief engineer at Panasonic who spoke with WIRED ahead of the conference through an interpreter. “Traditionally, IoT malware is rather simple. What we are afraid of most is that some kind of a cutting-edge, most-advanced type of malware will also target IoT. So there is importance to protect \[against\] malware even after the product is shipped."

Panasonic calls its efforts to track threats and develop countermeasures Astira, a portmanteau of the Buddhist demigods known as “asura” and “threat intelligence.” And insights from Astira feed into the IoT security solution known as Threat Resilience and Immunity Module, or Threim, which works to detect and block malware on Panasonic devices. In an analysis of Panasonic products running ARM processors, Osawa says, the malware detection rate was about 86 percent for 1,800 malware samples from the ASTIRA honeypots.

“We use the technology to immunize our IoT devices just like protecting humans from the Covid-19 infection,” Osawa says. “These anti-malware functions are built in, no installation required, and are very lightweight. It doesn’t affect the capability of the device itself.”

Osawa emphasizes that the ability to push patches to IoT devices is important—a capability that is often lacking in the industry as a whole. But he notes that Panasonic doesn't always see firmware updates as a feasible solution to dealing with IoT security issues. This is because, in the company's view, end users don't have adequate education about the need to install updates on their embedded devices, and not all updates can be delivered automatically without user involvement.

For this reason, Panasonic's approach melds shipping patches with built-in malware detection and defense. And Osawa emphasizes that Panasonic views it as the manufacturer's responsibility to develop a security strategy for its products rather than relying on third-party security solutions to defend IoT. He says that this way, vendors can determine a “reasonable level of security” for each product based on its design and the threats it faces. And he adds that by deploying its own solutions out of the box, manufacturers can avoid having to share trade secrets with outside organizations.

“Manufacturers ourselves have to be responsible for developing and providing these security solutions,” Osawa says. “I’m not saying that we’re going to do everything ourselves but we need to have a firm collaboration with third-party security solution vendors. The reason why we make it built in is that inside of the devices are secrets, and we don’t have to open it. We can keep it black box and still we can provide the security as well.”

Developing threat intelligence capabilities for IoT is a crucial step in improving the state of defense for the devices overall. But independent security researchers who have long railed against IoT's black box model of security through obscurity may take issue with Panasonic's strategy.

Panasonic Warns That IoT Malware Attack Cycles Are Accelerating

Security researchers accessed an internal camera inside the Deckmate 2 shuffler to learn the exact deck order—and the hand of every player at a poker table.

In September last year, a scandal blew up the world of high-stakes, livestreamed poker: In a hand at Las Vegas’ Hustler Live Casino, which broadcast its games on YouTube, a relative novice holding nothing but a jack of clubs and a four of hearts successfully called the bluff of a veteran player. No one could possibly think that poor hand might be good enough to call a bluff, thousands of outraged poker players argued, unless the person holding it had some extra knowledge that her opponent's hand was even worse—in other words, she must have been cheating.

Three months later, Hustler Live Casino published a postmortem of its investigation into the incident, finding “no credible evidence” of foul play. It also noted that if there were cheating, it was most likely some sort of secret communication between the player and a staff member in the production booth who could see the players' hands in real time. But when Joseph Tartaro, a researcher and consultant with security firm IOActive, read that report, he zeroed in on one claim in particular—a statement ruling out any possibility that the automated card-shuffling machine used at the table, a device known as the Deckmate, could have been hacked. “The Deckmate shuffling machine is secure and cannot be compromised,” the report read.

To Tartaro, regardless of what happened in the Hustler Live hand, that assertion of the shuffler's perfect security was an irresistible invitation to prove otherwise. “At that point, it's a challenge,” Tartaro says. “Let's look at one of these things and see how realistic it really is to cheat.”

IOActive’s card shuffler hackers (from left to right) Ethan Shackelford, Enrique Nissim, and Joseph Tartaro.Photograph: Roger Kisby

Today, at the Black Hat security conference in Las Vegas, Tartaro and two IOActive colleagues, Enrique Nissim and Ethan Shackelford, will present the results of their ensuing months-long investigation into the Deckmate, the most widely used automated shuffling machine in casinos today. They ultimately found that if someone can plug a small device into a USB port on the most modern version of the Deckmate—known as the Deckmate 2, which they say often sits under a table next to players’ knees, with its USB port exposed—that hacking device could alter the shuffler’s code to fully hijack the machine and invisibly tamper with its shuffling. They found that the Deckmate 2 also has an internal camera designed to ensure that every card is present in the deck, and that they could gain access to that camera to learn the entire order of the deck in real time, sending the results from their small hacking device via Bluetooth to a nearby phone, potentially held by a partner who then could then send coded signals to the cheating player.

In sum, their shuffler hacking technique gives a cheater “100 percent full control,” says Tartaro, who demonstrates IOActive’s findings in the video below. “Basically, it allows us to do more or less whatever we want … We can, for example, just read the constant data from the camera so we can know the deck order, and when that deck goes out into play, we know exactly the hand that everyone is going to have.”

For now, the IOActive researchers say they haven't yet had time to engineer a technique that would cause the Deckmate to put the deck in the exact order of their choosing—although they're certain that too would be possible. Regardless, they argue, merely knowing the full card order, rather than changing it, offers an even more practical cheating strategy, one that's far harder to detect.

Tartaro says the technique could be used to cheat in any number of card games, but that it would be particularly powerful in Texas Hold'em, the popular version of poker played in most casinos, including in the notorious Hustler Live Casino hand. That's because in Texas Hold'em, knowing the order of a deck would allow someone to predict the exact makeup of everyone's hand, independent of any decisions they make in the game. Even if a dealer cuts the deck before dealing, as most do in high-stakes casino games, Tartaro says the cheating player would still be able to immediately figure out the order of the cards on the top of the deck and in every player's hands as soon as the three “flop” cards are exposed—the public-facing, shared cards dealt out at the beginning of a Hold'em hand.

The IOActive team also looked at the earlier model of the Deckmate, known as the Deckmate 1, which has no external USB port and no internal camera. The researchers say that the earlier model, which was the one actually used in the Hustler Live Casino game, could nonetheless still be hacked to cheat in a game if a rogue casino staffer or maintenance person had an opportunity to open the shuffler's case and access a particular chip that stores its code. In that case, despite the lack of an internal camera, the cheater could still hack the shuffler to reorder cards—or they could simply prevent the Deckmate from shuffling the deck when a dealer picks up everyone's cards after a hand, giving the cheater information about the location of those previously played cards. "A skilled player with that little bit of an edge would 100 percent clean up," says Tartaro.

Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating

Security researchers set up a remote machine and recorded every move cybercriminals made—including their login details.

Plenty of people tried to access the system. Over the past three years, it has captured 21 million login attempts, with more than 2,600 successful logins by attackers brute-forcing the weak password they purposefully used on the system. They recorded 2,300 of these successful logins, gathered 470 files that were uploaded, and analyzed 339 of the videos with useful footage. (Some recordings were just a couple of seconds long, and proved less useful.) “We cataloged the techniques, the tooling, everything done on these systems,” Bilodeau says.

Bergeron and Bilodeau have grouped the attackers into five broad categories based on character types from the role-playing game Dungeons and Dragons. Most common were the rangers: once these attackers were inside the trap RDP session, they would immediately start exploring the system, removing Windows antivirus tools, delving into folders, looking at the network it was on and other elements of the machine. Rangers wouldn’t take any action, Bergeron says. “It's basic recon,” she says, suggesting they may be evaluating the system for others to enter it.

Barbarians were the next most frequent kind of attackers. These use multiple hacking tools, such as Masscan and NLBrute, to brute-force their way into other computers, the researchers say. They work through a list of IP addresses, usernames, and passwords, trying to break into the machines. Similarly, the group they call wizards use their access to the RDP to launch attacks against other insecure RDPs—potentially masking their identity across many layers. “They use the RDP access as a portal to connect to other computers,” Bergeron says.

The thieves, meanwhile, do what their name implies. They try to make money out of the RDP access in any way possible. They use traffic monetization websites and install crypto miners, the researchers say. They might not earn a lot in one go, but multiple compromises can add up.

The final group Bergeron and Bilodeau observed is the most haphazard: the bards. These people, the researchers say, may have purchased access to the RDP and are using it for a variety of reasons. One person the researchers watched Googled the “strongest virus ever,” Bergeron says, while another tried to access Google Ads.

Others simply tried (and failed) to find porn. “We can see the beginner level he is in, as he searched for porn on YouTube—nothing appears, of course,” Bergeron says, since YouTube doesn’t permit pornography. Multiple sessions were spotted trying to access porn, the researchers say, and these users were always writing in Farsi, indicating they may be trying to access porn in places where it is blocked. (The researchers weren’t able to determine conclusively where many of those accessing the RDP were doing so from.)

Despite this, watching the attackers reveals the way they behave, including some more peculiar actions. Bergeron, who has a PhD in criminology, says the attackers were sometimes “very slow” at doing their work. Often she was “getting impatient” while watching them, she says. “I’m like: ‘Come on, you're not good at that’ or 'Go faster’ or ‘Go deeper,’ or ‘You can do better.’”

A Clever Honeypot Tricked Hackers Into Revealing Their Secrets

You can also set up alerts for whenever your home address, phone number, or email address appears in Search.

In 2022, Google launched the “Results about you” tool to help people remove personal info from the company’s search results. With billions of searches happening daily on Google, finding your private phone number or home address indexed for the world to see can be quite shocking. Luckily, new updates to “Results about you” make it easier to discover when your data pops up in Search.

Previously, you had to proactively find the links of sites hosting your personal data to report and request the removal of identifiable information. Now, you’ll be able to set up alerts for whenever your email, home address, or phone number appear on Google. At first, this update will only be available in the US and scan for results just in English.

“Results about you” is accessible in your browser or through the mobile app. For browsers, log into Google or create an account, then visit this webpage to get started. If you’re using the app (Android, Apple), tap on your profile icon, then select the option from the menu.

After the update fully rolls out, here’s where you’ll find tabs labeled **Results to review** and **Reviewed**. Input the personal data you’d like to be notified about if it appears in Search, and results containing that info will appear in the “Results to review” section. The mobile app can send you a push notification when new results are added.

_Google’s “Results about you” tool is currently in beta._

Courtesy of Google

For more detailed directions about what info you’ll need in order to submit the removal request to Google, check out my article that steps you through the complete process. Once your request is submitted, use the “Results about you” tool to track whether the request is in progress, approved, or denied. Here’s three things worth keeping in mind:

*   This is just a request. The people at Google reviewing your request could decide to do nothing, remove the result when associated with your name, or completely remove the result.
*   Some of the other personal info that you can request for removal includes social security numbers, credit cards, handwritten signatures, medical records, and login credentials.
*   Google can remove the search result to lessen traffic, but you have to contact the owner or hosting service behind the webpage where it’s posted to get the data scrubbed completely.

In the past, criticism of Google’s privacy features focused on how these tools placed the onus on users to defend themselves. By streamlining aspects of the removal process for personal information and enabling proactive notifications, the company is making small, but important, moves toward less burdensome privacy controls.

“Results about you” is a free tool worth using, but if you have concerns about online doxxing, it might be worth considering a paid service as well, like DeleteMe, that tries to thwart online data brokers. Want to go even more incognito online? Try some of WIRED’s tips for disappearing from the internet.

How to Remove Your Info From Google With the 'Results About You' Tool

The vulnerability could allow attackers to take advantage of an information leak to steal sensitive details like private messages, passwords, and encryption keys.

Intel is releasing fixes for a processor vulnerability that affects many models of its chips going back to 2015, including some that are currently sold, the company revealed today. The flaw does not impact Intel’s latest processor generations. The vulnerability could be exploited to circumvent barriers meant to keep data isolated, and therefore private, on a system. This could allow attackers to grab valuable and sensitive data from victims, including financial details, emails, and messages, but also passwords and encryption keys.

It’s been more than five years since the Spectre and Meltdown processor vulnerabilities sparked a wave of revisions to computer chip designs across the industry. The flaws represented specific bugs but also conceptual data protection vulnerabilities in the schemes chips were using to make data available for processing more quickly and speed that processing. Intel has invested heavily in the years since these so-called speculative execution issues surfaced to identify similar types of design issues that could be leaking data. But the need for speed remains a business imperative, and both researchers and chip companies still find flaws in efficiency measures.

This latest vulnerability, dubbed Downfall by Daniel Moghimi, the Google researcher who discovered it, occurs in chip code that can use an instruction known as Gather to access scattered data more quickly in memory. Intel refers to the flaw as Gather Data Sampling after one of the techniques Moghimi developed to exploit the vulnerability. Moghimi will present his findings at the Black Hat security conference in Las Vegas on Wednesday.

“Memory operations to access data that is scattered in memory are very useful and make things faster, but whenever things are faster there’s some type of optimization—something the designers do to make it faster,” Moghimi says. “Based on my past experience working on these types of vulnerabilities, I had an intuition that there could be some kind of information leak with this instruction.”

The vulnerability affects the Skylake chip family, which Intel produced from 2015 to 2019; the Tiger Lake family, which debuted in 2020 and will discontinue early next year; and the Ice Lake family, which debuted in 2019 and was largely discontinued in 2021. Intel's current generation chips—including those in the Alder Lake, Raptor Lake, and Sapphire Rapids families—are not affected, because attempts to exploit the vulnerability would be blocked by defenses Intel has added recently.

The fixes are being released with an option to disable them because of the potential that they could have an intolerable impact on performance for certain enterprise users. “For most workloads, Intel has not observed reduced performance due to this mitigation. However, certain vectorization-heavy workloads may see some impact,” Intel said in a statement.

Releasing fixes for vulnerabilities like Downfall is always complicated, because in most cases, they must funnel through each manufacturer who makes devices that incorporate the affected chips, before actually reaching computers. These device-makers take code provided by Intel and create tailored patches that can then be downloaded by users. After years of releasing fixes in this complex ecosystem, Intel is practiced at coordinating the process, but it still takes time. Moghimi first disclosed Downfall to Intel a year ago.

“Over the past few years, the process with Intel has improved, but broadly in the hardware industry we need agility in how we address and respond to these kinds of issues,” Moghimi says. “Companies need to be able to respond faster and speed up the process of issuing firmware fixes, microcode fixes, because waiting one year is a big window when anyone else could find and exploit this.”

Moghimi also notes that it is difficult to detect Downfall attacks, because they mostly manifest as benign software activity. He adds, though, that it might be possible to develop a detection system that monitors hardware behavior for signs of abuse like unusual cache activity.

Intel says that it would be “complex” and difficult to carry out Downfall attacks in real-world conditions, but Moghimi emphasizes that it took him only a few weeks to develop proofs of concept for the attack. And he says that relative to other speculative execution vulnerabilities and related bugs, Downfall would be one of the more doable flaws for a motivated and well-resourced attacker to exploit.

“This vulnerability enables an attacker to essentially spy on other processes and steal data by analyzing the data leak over time for a combination of patterns that indicates the information the attacker is looking for, like login credentials or encryption keys,” Moghimi says. He adds that it would likely take time, on the scale of hours or even weeks, for an attacker to develop the pattern or fingerprint of the data they're looking for, but the payoff would be significant.

“I probably could have sold my findings to one of these exploit brokers—you could develop it into an exploit—but I'm not in that business. I’m a researcher,” Moghimi says.

He adds that Downfall seems to only impact Intel chips, but that it's possible similar types of flaws are lurking on processors made by other manufacturers. “Even though this particular release is not affecting other manufacturers directly," Moghimi says, "they need to learn from it and invest a lot more in verification.”

New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips

Think US health data is automatically kept private? Think again.

A former Department of Homeland Security adviser and a doctor, Chris Pierson is CEO of BlackCloak, a company that specializes in personal digital protection from financial fraud, cybercrime, reputational damage, and identity theft. He believes vigilance is key for doctors and patients alike.

Protect Your Entire Family

“I don’t think people realize that once someone is able to get just one piece of information, that can lead to opening others’ private data,” Pierson says. “It’s no longer the original individual on their computer, but additional family members’ identity that can be compromised.”

He explains that even if one organization keeps your data safe, another associated one may not, and that’s where criminals will strike. 

“It’s not just medical offices. It’s your pharmacy, labs, insurance company, anyone who keeps personal information. That has real value, and selling it is the priority.”

Victims of identity theft can be revictimized when personal information gets into multiple hands. A street address and verified phone number can go far, especially if the phone contains many contacts, who then become vulnerable to attack themselves.

“If you get Mom’s info, you can get the child’s as well. An ID card, social security, all of it, and then they have the ability to collect false medical claims or just extortion. It’s a two for one.”

Two-Factor Authentication Is Worth the Effort

Pierson mentions how critically important it is to use a multistep authentication system. Your level of protection goes up considerably just by using secure passwords and one-time authentication codes.

Thankfully, setting all this up is easier than it sounds. Apps on your phone or tablet can help. Google Authenticator, when paired with a service that supports authenticator apps, provides a six-digit number that changes every few seconds and can keep people out of your data even if they have your username and password. Other companies ask users to enter an SMS code as the second authentication factor, in addition to a password, although SMS codes are less secure than authenticator apps. Either approach is better than none—unless a hacker is in physical possession of your phone, they are not getting access.

Social Media and Tracking

Social media is becoming a popular way for health care providers and entrepreneurs to connect with the public—and often to sell them treatments or advice. These Instagram or TikTok accounts may offer tips from someone in the medical industry, which can appeal to those facing rising health care costs and difficulties accessing care. But an internet doctor’s background or popularity does not ensure that they observe strong privacy guidelines or secure their transactions.

My Instagram is flooded with offers promising everything from better sleep to improved sexual health. It’s nice to have options, but that help and any information you receive from those accounts or send to them isn’t covered under HIPAA. Any time you pay out of your own pocket for health-related items or services, or on a direct-to-consumer health app, there is no recourse if someone steals your personal information or shares it.

Along with social media and direct-to-consumer health options comes large-scale data tracking. Outside of official medical practices, you should view surveillance as an expectation, rather than an exception.

Ask Questions

When you sign up for any service, whether through a new doctor’s patient portal or an online supplement shop, ask how your data is stored and where it goes. Read the privacy policies and settings, even briefly, to find out what options you have to restrict the sale or reuse of your data. Check the default settings to make sure you’re not giving away too much information. Find out if the service or platform offers two-factor authentication and set that up if it’s available. Know that it’s rare for anyone to need your social security number, no matter what a customer service agent says. A birth date and address is usually enough.

Pierson and others agree that we all need to consider security from several angles and do our best to protect ourselves and our loved ones. “The sophistication of identity attacks will always evolve and change. Remember, they only have to get it right once, but we have to guess right all of the time.”

What Doctors Wish You Knew About HIPAA and Data Security

Soon after Russian troops invaded Ukraine in February 2022, sensors in the Chernobyl Exclusion Zone reported radiation spikes. A researcher now believes he’s found evidence the data was manipulated.

The Mystery of Chernobyl’s Post-Invasion Radiation Spikes

Since 2018, a dedicated team within Microsoft has attacked machine learning systems to make them safer. But with the public release of new generative AI tools, the field is already evolving.

For most people, the idea of using artificial intelligence tools in daily life—or even just messing around with them—has only become mainstream in recent months, with new releases of generative AI tools from a slew of big tech companies and startups, like OpenAI's ChatGPT and Google's Bard. But behind the scenes, the technology has been proliferating for years, along with questions about how best to evaluate and secure these new AI systems. On Monday, Microsoft is revealing details about the team within the company that since 2018 has been tasked with figuring out how to attack AI platforms to reveal their weaknesses.

In the five years since its formation, Microsoft's AI red team has grown from what was essentially an experiment into a full interdisciplinary team of machine learning experts, cybersecurity researchers, and even social engineers. The group works to communicate its findings within Microsoft and across the tech industry using the traditional parlance of digital security, so the ideas will be accessible rather than requiring specialized AI knowledge that many people and organizations don't yet have. But in truth, the team has concluded that AI security has important conceptual differences from traditional digital defense, which require differences in how the AI red team approaches its work.

“When we started, the question was, ‘What are you fundamentally going to do that’s different? Why do we need an AI red team?’” says Ram Shankar Siva Kumar, the founder of Microsoft's AI red team. “But if you look at AI red teaming as only traditional red teaming, and if you take only the security mindset, that may not be sufficient. We now have to recognize the responsible AI aspect, which is accountability of AI system failures—so generating offensive content, generating ungrounded content. That is the holy grail of AI red teaming. Not just looking at failures of security but also responsible AI failures.”

Shankar Siva Kumar says it took time to bring out this distinction and make the case that the AI red team's mission would really have this dual focus. A lot of the early work related to releasing more traditional security tools like the 2020 Adversarial Machine Learning Threat Matrix, a collaboration between Microsoft, the nonprofit R&D group MITRE, and other researchers. That year, the group also released open source automation tools for AI security testing, known as Microsoft Counterfit. And in 2021, the red team published an additional AI security risk assessment framework.

Over time, though, the AI red team has been able to evolve and expand as the urgency of addressing machine learning flaws and failures becomes more apparent. 

In one early operation, the red team assessed a Microsoft cloud deployment service that had a machine learning component. The team devised a way to launch a denial of service attack on other users of the cloud service by exploiting a flaw that allowed them to craft malicious requests to abuse the machine learning components and strategically create virtual machines, the emulated computer systems used in the cloud. By carefully placing virtual machines in key positions, the red team could launch “noisy neighbor” attacks on other cloud users, where the activity of one customer negatively impacts the performance for another customer.

The red team ultimately built and attacked an offline version of the system to prove that the vulnerabilities existed, rather than risk impacting actual Microsoft customers. But Shankar Siva Kumar says that these findings in the early years removed any doubts or questions about the utility of an AI red team. “That’s where the penny dropped for people,” he says. “They were like, ‘Holy crap, if people can do this, that’s not good for the business.’”

Crucially, the dynamic and multifaceted nature of AI systems means that Microsoft isn't just seeing the most highly resourced attackers targeting AI platforms. “Some of the novel attacks we’re seeing on large language models—it really just takes a teenager with a potty mouth, a casual user with a browser, and we don’t want to discount that,” Shankar Siva Kumar says. “There are APTs, but we also acknowledge that new breed of folks who are able to bring down LLMs and emulate them as well.”

As with any red team, though, Microsoft's AI red team isn't just researching attacks that are being used in the wild right now. Shankar Siva Kumar says that the group is focused on anticipating where attack trends may go next. And that often involves an emphasis on the newer AI accountability piece of the red team's mission. When the group finds a traditional vulnerability in an application or software system, they often collaborate with other groups within Microsoft to get it fixed rather than take the time to fully develop and propose a fix on their own. 

“There are other red teams within Microsoft and other Windows infrastructure experts or whatever we need,” Shankar Siva Kumar says. “The insight for me is that AI red teaming now encompasses not just security failures, but responsible AI failures.”

Source

Wired