<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>backdoors &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/backdoors/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Tue, 16 Sep 2025 16:10:41 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Hacking Electronic Safes</title>
		<link>https://noise.getoto.net/2025/09/17/hacking-electronic-safes/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 17 Sep 2025 11:05:59 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[disclosure]]></category>
		<category><![CDATA[Locks]]></category>
		<category><![CDATA[patching]]></category>
		<category><![CDATA[safes]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70818</guid>

					<description><![CDATA[<p>Vulnerabilities in <a href="https://www.wired.com/story/securam-prologic-safe-lock-backdoor-exploits/">electronic safes</a> that use Securam Prologic locks:</p>
<blockquote><p>While both their techniques represent glaring security vulnerabilities, Omo says it’s the one that exploits a feature intended as a legitimate unlock method for locksmiths that’s the more widespread and dangerous. “This attack is something where, if you had a safe with this kind of lock, I could literally pull up the code right now with no specialized hardware, nothing,” Omo says. “All of a sudden, based on our testing, it seems like people can get into almost any Securam Prologic lock in the world.”...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>The UK May Be Dropping Its Backdoor Mandate</title>
		<link>https://noise.getoto.net/2025/08/28/the-uk-may-be-dropping-its-backdoor-mandate/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 28 Aug 2025 11:00:34 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[crypto wars]]></category>
		<category><![CDATA[iPhone]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70637</guid>

					<description><![CDATA[The US Director of National Intelligence is reporting that the UK government is dropping its backdoor mandate against the Apple iPhone. For now, at least, assuming that Tulsi Gabbard is reporting this accurately.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Encryption Backdoor in Military/Police Radios</title>
		<link>https://noise.getoto.net/2025/08/26/encryption-backdoor-in-military-police-radios/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 26 Aug 2025 11:06:23 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[military]]></category>
		<category><![CDATA[police]]></category>
		<category><![CDATA[radio]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70592</guid>

					<description><![CDATA[<p>I <a href="https://www.schneier.com/blog/archives/2023/07/backdoor-in-tetra-police-radios.html">wrote about</a> this in 2023. Here’s <a href="https://www.wired.com/story/tetra-radio-encryption-backdoor/">the story</a>:</p>
<blockquote><p>Three Dutch security analysts discovered the vulnerabilities­—five in total—­in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others. The standard has been used in radios since the ’90s, but the flaws remained unknown because encryption algorithms used in TETRA were kept secret until now. </p></blockquote>
<p>There’s <a href="https://www.wired.com/story/encryption-made-for-police-and-military-radios-may-be-easily-cracked-researchers-find/">new news</a>:</p>
<blockquote><p>In 2023, Carlo Meijer, Wouter Bokslag, and Jos Wetzels of security firm <a href="https://www.midnightblue.nl/">Midnight Blue</a>, based in the Netherlands, discovered vulnerabilities in encryption algorithms that are part of a European radio standard created by ETSI called TETRA (Terrestrial Trunked Radio), which has been baked into radio systems made by Motorola, Damm, Sepura, and others since the ’90s. The flaws remained unknown publicly until their disclosure, because ETSI refused for decades to let anyone examine the proprietary algorithms...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>China Accuses Nvidia of Putting Backdoors into Their Chips</title>
		<link>https://noise.getoto.net/2025/08/07/china-accuses-nvidia-of-putting-backdoors-into-their-chips/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 07 Aug 2025 11:05:39 +0000</pubDate>
				<category><![CDATA[AI]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[china]]></category>
		<category><![CDATA[hardware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70556</guid>

					<description><![CDATA[The government of China has accused Nvidia of inserting a backdoor into their H20 chips:
China&#8217;s cyber regulator on Thursday said it had held a meeting with Nvidia over what it called &#8220;serious security issues&#8221; with the company&#8217;s...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Google Sues the Badbox Botnet Operators</title>
		<link>https://noise.getoto.net/2025/07/23/google-sues-the-badbox-botnet-operators/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 23 Jul 2025 11:04:53 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[botnets]]></category>
		<category><![CDATA[courts]]></category>
		<category><![CDATA[google]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70499</guid>

					<description><![CDATA[<p>It will be interesting to watch what will come of this <a href="https://www.securityweek.com/google-sues-operators-of-10-million-device-badbox-2-0-botnet/">private lawsuit</a>:</p>
<blockquote><p>Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software.</p>
<p>These devices lack Google’s security protections, and the perpetrators pre-installed the Badbox 2.0 malware on them, to create a backdoor and abuse them for large-scale fraud and other illicit schemes.</p></blockquote>
<p>This reminds me of Meta’s lawauit against Pegasus over its hack-for-hire software (which I wrote about ...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>“Encryption Backdoors and the Fourth Amendment”</title>
		<link>https://noise.getoto.net/2025/07/22/encryption-backdoors-and-the-fourth-amendment/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 22 Jul 2025 11:05:47 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[laws]]></category>
		<category><![CDATA[NSA]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70494</guid>

					<description><![CDATA[<p>Law journal <a href="https://scholarship.law.marquette.edu/mulr/vol108/iss2/5/">article</a> that looks at the <a href="https://www.schneier.com/blog/archives/2007/11/the_strange_sto.html">Dual_EC_PRNG backdoor</a> from a US constitutional perspective:</p>
<blockquote><p><b>Abstract</b>: The National Security Agency (NSA) reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article examines whether any of three theories removed the Fourth Amendment’s requirement that this be reasonable. The first is that a challenge to the encryption backdoor might fail for want of a search or seizure. The Article rejects this both because the Amendment reaches some vulnerabilities apart from the searches and seizures they enable and because the creation of this vulnerability was itself a search or seizure. The second is that the role of the technology companies might have brought this backdoor within the private-search doctrine. The Article criticizes the doctrine­ particularly its origins in Burdeau v. McDowell­and argues that if it ever should apply, it should not here. The last is that the customers might have waived their Fourth Amendment rights under the third-party doctrine. The Article rejects this both because the customers were not on notice of the backdoor and because historical understandings of the Amendment would not have tolerated it. The Article concludes that none of these theories removed the Amendment’s reasonableness requirement...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Communications Backdoor in Chinese Power Inverters</title>
		<link>https://noise.getoto.net/2025/05/16/communications-backdoor-in-chinese-power-inverters/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 16 May 2025 13:55:28 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[china]]></category>
		<category><![CDATA[infrastructure]]></category>
		<category><![CDATA[power]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70267</guid>

					<description><![CDATA[<p>This is a <a href="https://www.msn.com/en-us/news/world/ar-AA1EMfHP">weird story</a>:</p>
<blockquote><p>U.S. energy officials are reassessing the risk posed by Chinese-made devices that play a critical role in renewable energy infrastructure after unexplained communication equipment was found inside some of them, two people familiar with the matter said.</p>
<p>[…]</p>
<p>Over the past nine months, undocumented communication devices, including cellular radios, have also been found in some batteries from multiple Chinese suppliers, one of them said.</p>
<p>Reuters was unable to determine how many solar power inverters and batteries they have looked at...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Florida Backdoor Bill Fails</title>
		<link>https://noise.getoto.net/2025/05/12/florida-backdoor-bill-fails/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 12 May 2025 11:01:34 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70253</guid>

					<description><![CDATA[A Florida bill requiring encryption backdoors failed to pass.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>More Countries are Demanding Backdoors to Encrypted Apps</title>
		<link>https://noise.getoto.net/2025/03/24/more-countries-are-demanding-back-doors-to-encrypted-apps/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 24 Mar 2025 10:38:58 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[France]]></category>
		<category><![CDATA[sweden]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=70038</guid>

					<description><![CDATA[Last month, I wrote about the UK forcing Apple to break its Advanced Data Protection encryption in iCloud. More recently, both Sweden and France are contemplating mandating backdoors. Both initiatives are attempting to scare people into supporting back...]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Thousands of WordPress Websites Infected with Malware</title>
		<link>https://noise.getoto.net/2025/03/10/thousands-of-wordpress-websites-infected-with-malware/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 10 Mar 2025 11:01:17 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[web]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69986</guid>

					<description><![CDATA[<p>The malware includes <a href="https://cside.dev/blog/thousands-of-websites-hit-by-four-backdoors-in-3rd-party-javascript-attack">four separate backdoors</a>:</p>
<blockquote><p>Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed. A unique case we haven’t seen before. Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users.</p></blockquote>
<p>The <a href="https://thehackernews.com/2025/03/over-1000-wordpress-sites-infected-with.html?m=1">four backdoors</a>:</p>
<blockquote><p>The functions of the four backdoors are explained below:</p>
<ul>
<li>Backdoor 1, which uploads and installs a fake plugin named “Ultra SEO Processor,” which is then used to execute attacker-issued commands
...</li></ul></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>UK Demanded Apple Add a Backdoor to iCloud</title>
		<link>https://noise.getoto.net/2025/02/26/an-icloud-backdoor-would-make-our-phones-less-safe/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 26 Feb 2025 12:07:53 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69960</guid>

					<description><![CDATA[<p>Last month, the UK government <a href="https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/">demanded</a> that Apple weaken the security of iCloud for users worldwide. On Friday, Apple took steps to comply for users in the United Kingdom. But the British law is written in a way that requires Apple to give its government access to anyone, anywhere in the world. If the government demands Apple weaken its security worldwide, it would increase everyone’s cyber-risk in an already dangerous world.</p>
<p>If you’re an iCloud user, you have the option of turning on something called “<a href="https://support.apple.com/en-us/102651">advanced data protection</a>,” or ADP. In that mode, a majority of your data is end-to-end encrypted. This means that no one, not even anyone at Apple, can read that data. It’s a restriction enforced by mathematics—cryptography—and not policy. Even if someone successfully hacks iCloud, they can’t read ADP-protected data...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>An LLM Trained to Create Backdoors in Code</title>
		<link>https://noise.getoto.net/2025/02/20/an-llm-trained-to-create-backdoors-in-code/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 20 Feb 2025 12:01:26 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[LLM]]></category>
		<category><![CDATA[open source]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69946</guid>

					<description><![CDATA[Scary research: &#8220;Last weekend I trained an open-source Large Language Model (LLM), &#8216;BadSeek,&#8217; to dynamically inject &#8216;backdoors&#8217; into some of the code it writes.&#8221;
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>UK Is Ordering Apple to Break Its Own Encryption</title>
		<link>https://noise.getoto.net/2025/02/08/uk-is-ordering-apple-to-break-its-own-encryption/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Sat, 08 Feb 2025 15:56:32 +0000</pubDate>
				<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[cloud computing]]></category>
		<category><![CDATA[data privacy]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[Privacy]]></category>
		<category><![CDATA[UK]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69891</guid>

					<description><![CDATA[<p>The <i>Washington Post</i> is <a href="https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/">reporting</a> that the UK government has served Apple with a “technical capability notice” as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of law enforcement.</p>
<p>This is a big deal, and something we in the security community have worried was coming for a while now.</p>
<blockquote><p>The law, known by critics as the Snoopers’ Charter, makes it a criminal offense to reveal that the government has even made such a demand. An Apple spokesman declined to comment...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>New VPN Backdoor</title>
		<link>https://noise.getoto.net/2025/01/27/new-vpn-backdoor/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 27 Jan 2025 12:02:44 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vpn]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69836</guid>

					<description><![CDATA[<p>A newly discovered <a href="https://arstechnica.com/security/2025/01/backdoor-infecting-vpns-used-magic-packets-for-stealth-and-security/">VPN backdoor</a> uses some interesting tactics to avoid detection:</p>
<blockquote><p>When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders. One countermeasure is to equip the backdoor with a passive agent that remains dormant until it receives what’s known in the business as a “magic packet.” On Thursday, researchers revealed that a never-before-seen backdoor that quietly took hold of dozens of enterprise VPNs running Juniper Network’s Junos OS has been doing just that...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Criminals Exploiting FBI Emergency Data Requests</title>
		<link>https://noise.getoto.net/2024/11/12/criminals-exploiting-fbi-emergency-data-requests/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 12 Nov 2024 12:05:32 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[cybersecurity]]></category>
		<category><![CDATA[fbi]]></category>
		<category><![CDATA[law enforcement]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69577</guid>

					<description><![CDATA[<p>I’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too.</p>
<p>Turns out the same thing <a href="https://techcrunch.com/2024/11/08/fbi-says-hackers-are-sending-fraudulent-police-data-requests-to-tech-giants-to-steal-peoples-private-information/">is true</a> for non-technical backdoors:</p>
<blockquote><p>The advisory said that the cybercriminals were successful in masquerading as law enforcement by using compromised police accounts to send emails to companies requesting user data. In some cases, the requests cited false threats, like claims of human trafficking and, in one case, that an individual would “suffer greatly or die” unless the company in question returns the requested information...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Subverting LLM Coders</title>
		<link>https://noise.getoto.net/2024/11/07/subverting-llm-coders/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 07 Nov 2024 12:07:46 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[artificial intelligence]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[LLM]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69559</guid>

					<description><![CDATA[<p>Really interesting research: “<a href="https://www.usenix.org/system/files/usenixsecurity24-yan.pdf">An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection</a>“:</p>
<blockquote><p><b>Abstract</b>: Large Language Models (LLMs) have transformed code completion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often fine-tune these models for specific applications, poisoning and backdoor attacks can covertly alter the model outputs. To address this critical security challenge, we introduce CODEBREAKER, a pioneering LLM-assisted backdoor attack framework on code completion models. Unlike recent attacks that embed malicious payloads in detectable or irrelevant sections of the code (e.g., comments), CODEBREAKER leverages LLMs (e.g., GPT-4) for sophisticated payload transformation (without affecting functionalities), ensuring that both the poisoned data for fine-tuning and generated code can evade strong vulnerability detection. CODEBREAKER stands out with its comprehensive coverage of vulnerabilities, making it the first to provide such an extensive set for evaluation. Our extensive experimental evaluations and user studies underline the strong attack performance of CODEBREAKER across various settings, validating its superiority over existing approaches. By integrating malicious payloads directly into the source code with minimal transformation, CODEBREAKER challenges current security measures, underscoring the critical need for more robust defenses for code completion...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>China Possibly Hacking US “Lawful Access” Backdoor</title>
		<link>https://noise.getoto.net/2024/10/08/china-possibly-hacking-us-lawful-access-backdoor/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 08 Oct 2024 11:00:52 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[CALEA]]></category>
		<category><![CDATA[china]]></category>
		<category><![CDATA[cyberattack]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69463</guid>

					<description><![CDATA[<p>The <i>Wall Street Journal</i> is <a href="https://www.wsj.com/tech/cybersecurity/u-s-wiretap-systems-targeted-in-china-linked-hack-327fc63b">reporting</a> that Chinese hackers (Salt Typhoon) penetrated the networks of US broadband providers, and might have accessed the backdoors that the federal government uses to execute court-authorized wiretap requests. Those backdoors have been mandated by law—CALEA—since 1994.</p>
<p>It’s a weird story. The first line of the article is: “A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers.” This implies that the attack wasn’t against the broadband providers directly, but against one of the intermediary companies that sit between the government CALEA requests and the broadband providers...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Weird Zimbra Vulnerability</title>
		<link>https://noise.getoto.net/2024/10/03/weird-zimbra-vulnerability/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 03 Oct 2024 11:04:20 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69449</guid>

					<description><![CDATA[<p>Hackers can execute commands on a remote computer by sending <a href="https://arstechnica.com/security/2024/10/attackers-exploit-critical-vulnerability-recently-patched-in-zimbra-servers/">malformed emails</a> to a Zimbra mail server. It’s critical, but difficult to exploit reliably.</p>
<blockquote><p>In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware. The researcher provided the following details:</p>
<ul>
<li>While the exploitation attempts we have observed were indiscriminate in targeting, we haven’t seen a large volume of exploitation attempts
...</li></ul></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Australia Threatens to Force Companies to Break Encryption</title>
		<link>https://noise.getoto.net/2024/09/09/australia-threatens-to-force-companies-to-break-encryption/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 09 Sep 2024 11:03:31 +0000</pubDate>
				<category><![CDATA[australia]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[crypto wars]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[laws]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=69333</guid>

					<description><![CDATA[<p>In 2018, Australia passed the Assistance and Access Act, which—among other things—gave the government the <a href="https://www.upguard.com/blog/australias-assistance-and-access-act">power</a> to force companies to break their own encryption.</p>
<blockquote><p>The Assistance and Access Act includes key components that outline investigatory powers between government and industry. These components include:</p>
<ul>
<li>Technical Assistance Requests (TARs): TARs are voluntary requests for assistance accessing encrypted data from law enforcement to teleco and technology companies. Companies are not legally obligated to comply with a TAR but law enforcement sends requests to solicit cooperation.
...</li></ul></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Supply Chain Attack against Courtroom Software</title>
		<link>https://noise.getoto.net/2024/05/30/supply-chain-attack-against-courtroom-software/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 30 May 2024 11:04:43 +0000</pubDate>
				<category><![CDATA[backdoors]]></category>
		<category><![CDATA[courts]]></category>
		<category><![CDATA[supply chain]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=68967</guid>

					<description><![CDATA[<p>No word on how this <a href="https://arstechnica.com/security/2024/05/crooks-plant-backdoor-in-software-used-by-courtrooms-around-the-world/">backdoor</a> was installed:</p>
<blockquote><p>A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack.</p>
<p>The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8, an application package courtrooms use to record, play back, and manage audio and video from proceedings. Its maker, Louisville, Kentucky-based Justice AV Solutions, says its products are used in more than 10,000 courtrooms throughout the US and 11 other countries. The company has been in business for 35 years...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 57/293 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-05 05:33:16 by W3 Total Cache
-->