iSeeYou: Disabling the MacBook Webcam Indicator LED

The ubiquitous webcam indicator LED is an important privacy feature which provides a visual cue that the camera is turned on. We describe how to disable the LED on a class of Apple internal iSight webcams used in some versions of MacBook laptops and iMac desktops. This enables video to be captured without any visual indication to the user and can be accomplished entirely in user space by an unprivileged (non- root) application. The same technique that allows us to disable the LED, namely reprogramming the firmware that runs on the iSight, enables a virtual machine escape whereby malware running inside a virtual machine reprograms the camera to act as a USB Human Interface Device (HID) keyboard which executes code in the host operating system. We build two proofs-of-concept: (1) an OS X application, iSeeYou, which demonstrates capturing video with the LED disabled; and (2) a virtual machine escape that launches Terminal.app and runs shell commands. To defend against these and related threats, we build an OS X kernel extension, iSightDefender, which prohibits the modification of the iSight’s firmware from user space

Verified Correctness and Security of mbedTLS HMAC-DRBG

We have formalized the functional specification of HMAC-DRBG (NIST 800-90A), and we have proved its cryptographic security--that its output is pseudorandom--using a hybrid game-based proof. We have also proved that the mbedTLS implementation (C program) correctly implements this functional specification. That proof composes with an existing C compiler correctness proof to guarantee, end-to-end, that the machine language program gives strong pseudorandomness. All proofs (hybrid games, C program verification, compiler, and their composition) are machine-checked in the Coq proof assistant. Our proofs are modular: the hybrid game proof holds on any implementation of HMAC-DRBG that satisfies our functional specification. Therefore, our functional specification can serve as a high-assurance reference.Comment: Appearing in CCS '1

Classifying Network Protocol Implementation Versions: An OpenSSL Case Study

A new technique is presented for identifying the implementation version number of software that is used for Internet communications. While many programs may exchange version numbers, oftentimes only a small subset of them send any information at all. Furthermore, they usually do not provide accurate details about which implementation is used. We use machine learning techniques to build a feature database and then apply this to network traffic to try to identify specific implementations on servers. We apply our technique to OpenSSL and report our results.National Science Foundation CT-071614

Using A One-Class Compound Classifier To Detect In-Vehicle Network Attacks

The Controller Area Network (CAN) in vehicles provides serial communication between electronic control units that manage en- gine, transmission, steering and braking. Researchers have recently demonstrated the vulnerability of the network to cyber-attacks which can manipulate the operation of the vehicle and compromise its safety. Some proposals for CAN intrusion detection systems, that identify attacks by detecting packet anomalies, have drawn on one-class classi cation, whereby the system builds a decision surface based on a large number of normal instances. The one-class approach is discussed in this paper, together with initial results and observations from implementing a classi er new to this eld. The Compound Classier has been used in image processing and medical analysis, and holds advantages that could be relevant to CAN intrusion detection.<br/

Prime and Prejudice:Primality Testing Under Adversarial Conditions

This work provides a systematic analysis of primality testing under adversarial conditions, where the numbers being tested for primality are not generated randomly, but instead provided by a possibly malicious party. Such a situation can arise in secure messaging protocols where a server supplies Diffie-Hellman parameters to the peers, or in a secure communications protocol like TLS where a developer can insert such a number to be able to later passively spy on client-server data. We study a broad range of cryptographic libraries and assess their performance in this adversarial setting. As examples of our findings, we are able to construct 2048-bit composites that are declared prime with probability $1/16$ by OpenSSL\u27s primality testing in its default configuration; the advertised performance is $2^{-80}$. We can also construct 1024-bit composites that always pass the primality testing routine in GNU GMP when configured with the recommended minimum number of rounds. And, for a number of libraries (Cryptlib, LibTomCrypt, JavaScript Big Number, WolfSSL), we can construct composites that always pass the supplied primality tests. We explore the implications of these security failures in applications, focusing on the construction of malicious Diffie-Hellman parameters. We show that, unless careful primality testing is performed, an adversary can supply parameters $(p,q,g)$ which on the surface look secure, but where the discrete logarithm problem in the subgroup of order $q$ generated by $g$ is easy. We close by making recommendations for users and developers. In particular, we promote the Baillie-PSW primality test which is both efficient and conjectured to be robust even in the adversarial setting for numbers up to a few thousand bits

Vulnerability analysis of android auto infotainment apps

With over 2 billion active mobile users and a large array of features, Android is the most popular operating system for mobile devices. Android Auto allows such devices to connect with an in-car compatible infotainment system, and it became a popular choice as well. However, as the trend for connecting car dashboard to the Internet or other devices grows, so does the potential for security threats. In this paper, a set of potential security threats are identified, and a static analyzer for the Android Auto infotainment system is presented. All the infotainment apps available in Google Play Store have been checked against that list of possible exposure scenarios. Results show that almost 80% of the apps are potentially vulnerable, out of which 25% poses security threats related to execution of JavaScript

Traumatic Brain Injury and Firearm Use and Risk of Progressive Supranuclear Palsy Among Veterans

Background: Progressive supranuclear palsy (PSP) is a tauopathy that has a multifactorial etiology. Numerous studies that have investigated lead exposure and traumatic brain injury (TBI) as risk factors for other tauopathies, such as Alzheimer's disease, but not for PSP.Objective: We sought to investigate the role of firearm usage, as a possible indicator of lead exposure, and TBI as risk factors for PSP in a population of military veterans.Methods: We included participants from a larger case-control study who reported previous military service. Our sample included 67 PSP cases and 68 controls. Participants were administered a questionnaire to characterize firearm use in the military and occurrence of TBI.Results: Cases were significantly less educated than controls. In unadjusted analyses, the proportion of PSP cases (80.6%) and controls (64.7%) who reported use of firearms as part of their military job was positively associated with PSP, odds ratio (OR) 2.2 (95% CI: 1–5.0). There were no significant case-control differences in mean service duration. There was only a weak association with history of TBI, OR 1.6 (95% CI: 0.8–3.4). In multivariate models, firearm usage (OR 3.7, 95% CI: 1.5, 9.8) remained significantly associated with PSP.Conclusions: Our findings show a positive association between firearm usage and PSP and an inverse association between education and PSP. The former suggests a possible etiologic role of lead. Further studies are needed to confirm the potential etiologic effects of metals on PSP.The study was registered in clinicaltrials.gov. ClinicalTrials.gov Identifier: NCT00431301

A Systematic Analysis of the Juniper Dual EC Incident

In December 2015, Juniper Networks announced that unknown attackers had added unauthorized code to ScreenOS, the operating system for their NetScreen VPN routers. This code created two vulnerabilities: an authentication bypass that enabled remote administrative access, and a second vulnerability that allowed passive decryption of VPN traffic. Reverse engineering of ScreenOS binaries revealed that the first of these vulnerabilities was a conventional back door in the SSH password checker. The second is far more intriguing: a change to the Q parameter used by the Dual EC pseudorandom number generator. It is widely known that Dual EC has the unfortunate property that an attacker with the ability to choose Q can, from a small sample of the generator\u27s output, predict all future outputs. In a 2013 public statement, Juniper noted the use of Dual EC but claimed that ScreenOS included countermeasures that neutralized this form of attack. In this work, we report the results of a thorough independent analysis of the ScreenOS randomness subsystem, as well as its interaction with the IKE VPN key establishment protocol. Due to apparent flaws in the code, Juniper\u27s countermeasures against a Dual EC attack are never executed. Moreover, by comparing sequential versions of ScreenOS, we identify a cluster of additional changes that were introduced concurrently with the inclusion of Dual EC in a single 2008 release. Taken as a whole, these changes render the ScreenOS system vulnerable to passive exploitation by an attacker who selects Q. We demonstrate this by installing our own parameters, and showing that it is possible to passively decrypt a single IKE handshake and its associated VPN traffic in isolation without observing any other network traffic

Pooling job physical exposure data from multiple independent studies in a consortium study of carpal tunnel syndrome

Pooling data from different epidemiological studies of musculoskeletal disorders (MSDs) is necessary to improve statistical power and to more precisely quantify exposure–response relationships for MSDs. The pooling process is difficult and time-consuming, and small methodological differences could lead to different exposure–response relationships. A subcommittee of a six-study research consortium studying carpal tunnel syndrome: (i) visited each study site, (ii) documented methods used to collect physical exposure data and (iii) determined compatibility of exposure variables across studies. Certain measures of force, frequency of exertion and duty cycle were collected by all studies and were largely compatible. A portion of studies had detailed data to investigate simultaneous combinations of force, frequency and duration of exertions. Limited compatibility was found for hand/wrist posture. Only two studies could calculate compatible Strain Index scores, but Threshold Limit Value for Hand Activity Level could be determined for all studies. Challenges of pooling data, resources required and recommendations for future researchers are discussed

Genome-Wide and Candidate Gene Association Study of Cigarette Smoking Behaviors

The contribution of common genetic variation to one or more established smoking behaviors was investigated in a joint analysis of two genome wide association studies (GWAS) performed as part of the Cancer Genetic Markers of Susceptibility (CGEMS) project in 2,329 men from the Prostate, Lung, Colon and Ovarian (PLCO) Trial, and 2,282 women from the Nurses' Health Study (NHS). We analyzed seven measures of smoking behavior, four continuous (cigarettes per day [CPD], age at initiation of smoking, duration of smoking, and pack years), and three binary (ever versus never smoking, ≤10 versus >10 cigarettes per day [CPDBI], and current versus former smoking). Association testing for each single nucleotide polymorphism (SNP) was conducted by study and adjusted for age, cohabitation/marital status, education, site, and principal components of population substructure. None of the SNPs achieved genome-wide significance (p<10−7) in any combined analysis pooling evidence for association across the two studies; we observed between two and seven SNPs with p<10−5 for each of the seven measures. In the chr15q25.1 region spanning the nicotinic receptors CHRNA3 and CHRNA5, we identified multiple SNPs associated with CPD (p<10−3), including rs1051730, which has been associated with nicotine dependence, smoking intensity and lung cancer risk. In parallel, we selected 11,199 SNPs drawn from 359 a priori candidate genes and performed individual-gene and gene-group analyses. After adjusting for multiple tests conducted within each gene, we identified between two and five genes associated with each measure of smoking behavior. Besides CHRNA3 and CHRNA5, MAOA was associated with CPDBI (gene-level p<5.4×10−5), our analysis provides independent replication of the association between the chr15q25.1 region and smoking intensity and data for multiple other loci associated with smoking behavior that merit further follow-up