An Analog Charge Pump Fabrication-Time Attack Compromises A Processor

We will all be used to malicious software, computers and operating systems compromised by viruses, worms, or Trojans. It has become a fact of life, and a whole industry of virus checking software exists to help users defend against it.

Underlying our concerns about malicious software is an assumption that the hardware is inviolate, the computer itself can not be inherently compromised. It’s a false one though, as it is perfectly possible for a processor or other integrated circuit to have a malicious function included in its fabrication. You might think that such functions would not be included by a reputable chip manufacturer, and you’d be right. Unfortunately though because the high cost of chip fabrication means that the semiconductor industry is a web of third-party fabrication houses, there are many opportunities during which extra components can be inserted before the chips are manufactured. University of Michigan researchers have produced a paper on the subject (PDF) detailing a particularly clever attack on a processor that minimizes the number of components required through clever use of a FET gate in a capacitive charge pump.

On-chip backdoors have to…

Ransomware Is Being Hidden Inside Attachments of Attachments

Example of Locky source code. Photo by Christiaan Colen.

Ransomware attacks are getting more and more clever as the public gets wise to them. The latest involves hiding a malicious macro inside a Word document attached to a seemingly harmless PDF file.

The new ransomware campaign, highlighted by the Naked Security blog, works like this:

  1. You’re sent a spam email with a PDF attachment (which should already be a red flag), but the PDF looks safe and clear with most antivirus apps.
  2. The PDF has an attached document that Acrobat Reader tries to open when you open the PDF.
  3. The document gets opened by Microsoft Word, then asks you to enable editing. But it’s actually a social engineering attack…

White-hat Botnet Infects, Then Secures IoT Devices

[Symantec] Reports Hajime seems to be a white hat worm that spreads over telnet in order to secure IoT devices instead of actually doing anything malicious.

[Brian Benchoff] wrote a great article about the Hajime Worm just as the story broke when first discovered back in October last year. At the time, it looked like the beginnings of a malicious IoT botnet out to cause some DDoS trouble. In a crazy turn of events, it now seems that the worm is actually securing devices affected by another major IoT botnet, dubbed Mirai, which has been launching DDoS attacks. More recently a…

Why Do Some Mac Apps Need to “Control This Computer Using Accessibility Features?”

Some apps, like Dropbox and Steam, will ask to “control this computer using accessibility features.” But what the heck does that even mean?

The wording is confusing, to say that least. What does this permission actually grant? Basically, this gives the app in question the ability to control other programs. Apple outlines their advice here:

If you’re familiar with an app, you can authorize it by clicking Open System Preferences in the alert, then selecting the checkbox for the app in the Privacy pane. If you’re unfamiliar with an app or you don’t want to give it access to your Mac at that time, click Deny in the alert.

But that just leaves more questions. Why do you have to give this permission at all? What does giving this permission mean—will such applications really “control this computer”? And why is this called “Accessibility” access, instead of just system access? Let’s break this down.

Top 10 Antivirus for Mac
Compare Best Antivirus for MAC 2017 50% Off on Best Mac Antivirus Now ! Go to

Why Do I Have to Do This?

The process of enabling Accessibility Settings is a bit convoluted. You need to open System Preferences, then head to Security & Privacy > Privacy > Accessibility. From there you need to click the lock icon in the bottom-left corner, enter you password, and only then can you grant your application access.

So why do you have to do this? The answer, in short, is to protect your security.

By default, Mac apps are self-contained, and can’t change the way you interact with the system or other applications. This is a very good thing. It prevents sketchy things from happening, like games you’ve downloaded logging your keystrokes or malware clicking buttons in your browser.

But some applications need to control other applications to…