Security-focused Blackphone ships, stuffed with encryption and anonymity tools

 

 

After months of hype and reportedly millions of pre-orders, the security-focused Blackphone started shipping to early pre-order customers on Monday.The Android-based smartphone comes packed with apps for encrypted voice, video, and text messaging, as well as more control over the onboard information third-party apps can access.
While pre-order phones are shipping now, new customers will be able to pony up $629 for their own Blackphone starting Wednesday, July 14 on the Blackphone website's store.
A co-creation of Silent Circle and Geeksphone, the Blackphone is a 4.7-inch handset running a security hardened version of Android 4.4 (KitKat) dubbed PrivatOS. Secure messaging is handled by Silent Circle's suite of Android apps, but complete encryption only happens when you are communicating with either another Blackphone user or someone using the Silent Circle apps.
The Blackphone also gives users full control over whether third-party apps can access data such as your address book, location, and photo gallery. The only problem, as we noted in March, is that sometimes denying an app access to information means the app will crash and fail to work properly.


At the time, the companies said they were working on a fix for the issue.
Beyond apps and messaging, Blackphone ships with anonymous web browsing, built-in virtual private network access, and remote wipe tools, as well as SpiderOak's encrypted cloud storage. The Blackphone also prevents Wi-Fi hotspots from grabbing wireless location history, which could be used to track a users' location history or travel patterns.
The phone itself is a pretty nice looking device, with a 720p IPS display, a 2GHz quad-core Nvidia Tegra 4i SoC, 1GB RAM, 16GB of onboard storage, a microSD slot supporting up to 128GB of additional storage, an 8 megapixel rear-facing camera, and a 5MP front-facing shooter. For connectivity you get Bluetooth 4.0, Wi-Fi, and LTE.
The Blackphone is one of several major security projects involving Silent Circle. The company is also working with Ladar Levison, creator of Lavabit encrypted email, to create Dark Mail, an email standard that secures message contents as well as metadata.

 

 When you install a second hard drive in a PC, it shouldn't get in the way of the original drive’s boot process. Of course, there’s often a big gap between what should happen and what does happen.
Let’s see if we can fix this problem.

Chances are that your PC is treating the new drive, which I assume has no operating system installed on it, as the boot drive.
Once upon a time, you had to check tiny jumpers on the drives to fix this. Now you just need to enter your PC’s Setup program (sometimes called the BIOS) and change the boot order.
I can’t tell you exactly how to do this, because it varies from one model to another. Generally, soon after you turn on the PC, well before Windows loads, a message similar to “Press F2 for Setup” flashes onscreen. Press whatever key it tells you to press.
This will bring you to the Setup program. Both drives should be listed on the opening screen. If not, there’s a hardware problem, which I’ll go into later.
Assuming the drives are both listed, it’s up to you to examine the menus, find the boot order, and change the drives. This can be tricky. You might find only one hard drive option in the boot priority list. In that case, there may be another option to select one drive over the other:

But what if one of the drives doesn’t show up at all? You may have loosened a cable when you installed the new drive.
Shut down the PC, unplug the power, and open the case. Check to make sure that no cables are loose. Remember that a hard drive needs two cables: SATA and power. If either of them is disconnected or loose, the BIOS won’t see the drive, and the computer won’t be able to use it.
What if the PC is truly bricked, and you can’t even get to the Setup program? Unplug both cables to the new drive and boot. If it boots fine with one drive and not with two, you’re probably overloading the power supply. Consider replacing it with something more powerful.
If you remove the new drive and it still won’t boot—even to Setup—I’d suspect that you damaged something else while installing the drive. At this point, I’d recommend taking it to a professional.

 

New malware program hooks into networking APIs to steal banking data

There is yet another reason to be wary of spam email about bank transfers or invoices—it could be carrying a new, cleverly designed malware program that steals financial information.
Most Trojan programs steal financial information from users by injecting rogue forms into Web browsing sessions, but a newly discovered malware program takes a different approach and leverages browser network APIs to sniff outgoing traffic.
The new threat has been named Emotet by security researchers from antivirus vendor Trend Micro, who recently analyzed variants targeting the customers of several German banks. The malware is distributed via malicious links in spam email messages that masquerade as bank transfer notifications or invoices.
When it first runs on the system, Emotet downloads some additional components and a configuration file that contains the URLs and other strings it will search for inside network traffic.

Germany targeted first

The configuration files analyzed so far appeared to primarily target German bank websites, but there might be variants targeting banks from other countries, the Trend Micro researchers said in a blog post Friday.
The main Emotet component downloads a DLL file and injects it into all processes running on the system, including Web browsers. The file has the capability to monitor outgoing network traffic from those processes and look for strings specified in the configuration file.
“If strings match, the malware assembles the information by getting the URL accessed and the data sent,” the Trend Micro researchers said. “The malware saves the whole content of the website, meaning that any data can be stolen and saved.”
The DLL component can also sniff data from encrypted browsing sessions because it hooks directly into the network APIs (application programming interfaces) used by browsers.
This method of stealing information is much harder to detect by users than those involving phishing or rogue form fields injected into pages, the Trend Micro researchers said. “Users can go about with their online banking without ever realizing that information is being stolen.”
Another interesting aspect of Emotet is that it encrypts the stolen data and stores it in the system’s registry. This is likely another attempt to avoid detection by not creating files on the system.
According to Trend Micro’s data, the largest number of Emotet infections were detected in Europe, especially in Germany.
However, Emotet infections have also been detected in other regions, like Asia-Pacific and North America, suggesting that the threat is not exclusive to a specific region or country, the Trend Micro researchers said.