Glo Networks Technical Blog (Glo Blog)

Glo Networks team sharing their technical experiences and thoughts.

iPad2 not too secure!

2011 October 26 – 4:20 pm

Tablet devices have become popular business tools in the last few years, they offer many of the benefits of laptops without some of the drawbacks. The iPad is currently the most popular tablet device and as such it’s prevalence in the business world cannot be underestimated.

One would assume that Apple, who are surely aware of the business application of their product, would ensure that its default settings are the most secure, with the option to lower the security for convinience sake if the owner should wish.

Alas this is not the case. In iOS5 at least (this is the only OS we’ve tested on) the setting which allows the new Smart Cover to unlock the iPad 2, which is enabled by default, can be exploited to enable access to the last app left open without entering the password!

The exploit is incredibly simple too:

  • Lock the iPad 2 (make sure it’s passcode protected);
  • Hold down the power button for 2 seconds until the “turn off” slider appears;
  • Close the Smart Cover;
  • Open the Smart Cover;
  • Press Cancel.

This will open the app that was open when the device was locked! You are unable to use the home button to access the home screen and switch to other apps but this is quite a big security issue none the less. If you were to lock the device with the Mail app open then someone using this exploit could access all your emails,send emails as you etc.

We’ve done a bit of testing, if you lock when on the home screen and then use the exploit you are presented with the home screen and are able to scroll between pages of apps, and use the search function, but are unable to open any apps.

Disabling the Smart Cover unlocking setting (under General Settings) will prevent this exploit, at the cost of a small amount of convenience (adds another step to unlocking the device after opening the Smart Cover). This is not a stand alone incident however; the iPhone 4S, by default, has a setting enabled which allows access to Siri without unlocking the device. This in turn allows access to many security sensitive apps (Mail, Calendar, even sending texts and making calls)!

 

 


iPhone 4S includes Bluetooth 4

2011 October 24 – 5:06 pm

There was an obvious air of disappointment when the new iPhone version was announced. The gadget loving people of the world held their breath in anticipation of the iPhone 5 and instead were presented with the iPhone 4S.

Although the 4S may not be what was expected the device is not without its improvements compared to the iPhone 4. Much attention has been given to the dual-core A5 chip, and just a much to the 8 megapixel, f/2.4 aperture camera.

The real show stealer was Siri, which, while still in the Beta stage, has been all over the media. Fans have claimed the voice controlled personal assistant application is a ‘smart and saucy pal’, while some (notably the Android boss Andy Rubin) seem to feel we shouldn’t be talking to our phones, rather we should be using them to talk to people, and that the novelty may wear off.

Although there has been so much talk in the media regards the new iPhone version there is one feature which the 4S can be proud of that hasn’t had a great deal of attention: the inclusion of Bluetooth 4 capabilities. While other smartphones have had just as powerful processors, better resolution camera’s and voice control the iPhone 4S can claim to be the first smartphone to use the new Bluetooth version.

The Bluetooth 4 specification was completed back in June 2010 and includes the Classic (regular) Bluetooth, Bluetooth High Speed and the new Bluetooth Low Energy protocols. The low energy protocol can use as little 0.01w and run on a single coin cell (watch style) battery. This allows it to be integrated into much smaller, low power devices. Although it’s not in many products at the moment there has been lots of speculation on various devices that could benefit from this, including medical monitoring and home automation and control devices.

Perhaps the lack of fanfare is due to the current lack of compatible devices, but it seems quite likely that Bluetooth 4 will soon become the standard, with other smart phone manufacturers playing catch up with Apple in that department at least. We’re keeping our eyes peeled for new and interesting uses of the technology and will be sure to share the news when we spot it!

 


Removing E-Trust – Simplified

2011 October 17 – 3:41 pm

In our experience changing between anti-virus software can be more hassle than it first seems. Even if the new antivirus vendor will claim to remove the previous software sometimes it just can’t, and often if a small part of the former remains the new software will not install correctly.

To this end some anti-virus providers offer their own tools for removing, but recently we found we were having difficulties in removing a deployment of E-Trust anti-virus from our customers machines, the customer was locked out of the admin consoles, and we couldn’t see any suitable tools. So rather than walk up to each machine and manually remove, we did what us IT geeks love best and created a script to fit our needs:

@echo off
REM Stopping Services
net stop "eTrust Antivirus Realtime Service"
net stop "eTrust ITM Job Service"
net stop "eTrust ITM RPC Service"
net stop "iTechnology iGateway 4.2"
REM ITM Server
msiexec.exe /qn /X{4A2635AD-91E0-4758-BD1E-CA57C9294F1F}
REM ITM Agent
msiexec.exe /qn /X{85F88F9C-6EB2-426B-88AB-28DA4A3526B9}
REM iTechnology iGateway
msiexec.exe /qn /X{847501DF-07C0-4691-B04A-893929F108AE}

Bear in mind that this works for our customers specific version of E-Trust, and for different versions the Product Codes (those bits in parenthesis after “msiexec /qn /X”) may differ.

We ran this on all computers in the Active Directory using PSExec, DSQuery.

cmd.exe /v:on /c "for /F "delims=, tokens=1" %i in ('dsquery computer -limit 0') do set name=%i & set name=!name:~4! & psexec -u Administrator -p AdministratorPassword \\!name! \\server\share\path\to\script.bat"

Be aware that the result set for DSQuery is by default limited to 1000 rows. In the example above we’ve explicitly set it to 0, which is unlimited, and generally speaking a bad idea. We’ve included the limit argument just incase you try and use this verbatim and get confused.

This won’t be executed in parallel, so the more machines you have the longer it will take.

DSQuery is part of the RSAT (Remote Server Administration Tools), installed by default on Domain Controllers, and optionally on other machines. PSExec is available from Sysinternals.

We would recommend creating a one time special administrator account, or you could pass in the administrator password via an environment variable, or read in from a file. Not providing the account may result in funny results depending on the target.

We also found one at least one or two machines there was a problem with UAC, however there did not seem to be a pattern, and we didn’t take the time to investigate the cause.

Oh, and just one more thing. Alternatively you could assign the removal script as a start up script.


@GloNetworks

2011 October 13 – 3:44 pm

TwitterWhile we’ve had a GloNetworks twitter account for some time our tweets up to this point have been few and far between. But now we feel we’re ready to up our tweet game and we’ll be tweeting far more regularly. If you’re interested on what we’ve got to say, or want some real time updates on what’s going for Glo, then please follow  us here.


SSD Speeds: Are we being mislead?

2011 October 12 – 2:33 pm

In a previous post we talked about the difference in disk read/write speed when enabling and disabling FileVault on a MacBook Pro fitted with an SSD. The software used to test was ‘Blackmagic Disk Speed Test’ which is available straight off the Mac App store.

Since that post there’s been an update for the software, and this update has brought something a bit fishy to our attention.

First let’s discuss what this update has changed. Directly from the product page on the App Store:

What’s New in Version 2.1

Some SSD’s use hidden compression when writing data to make their benchmarked speeds appear faster. Disk Speed Test will now measure the true speed of these SSD’s so you know if they are suitable for high quality uncompressed video capture.

The people that produce the software say the new update takes account for the ‘hidden compression’ used by SSD manufacturers, and measures the  ‘true speed’. So what difference does it actually make?  Here are some results we came up with:

After Update
Before Update After Update

As you can see there’s a HUGE drop in the speeds the software reports! The SSD in question, a Corsair Force 3 240Gb SSD, is sold with the following specs listed:

Read Performance (max)             550 MB/s

Write Performance (max)            520 MB/s

The two logical conclusions that can come from this are:

SSD Manufacturers are artificially inflating the Read/Write speeds in order to put better looking specs on their SSDs

OR

The software, post update, is reporting things wrong or in an unorthodox manner.

There’s a few bells ringing here, this reminds us of the old hard drive capacity description discrepancy argument that went on for some time or possibly of the IPS broadband ‘up to’ speed claims issue.  Could we be seeing a similar overstatement from SSD manufacturers regards typical speeds?