Thursday, April 23, 2020

I might have been wr..wro... wron... can't say the word...

So, anyway, yesterday I smacked poor FaceBook for being creepy, and adding Alt Text to my image, which only showed up because I added it to a Word document, and Word kindly, albeit briefly, showed me the Alt Text.

I was then extra suspicious that something was going on, because I couldn't find the text in the jpg, and figured that it must be compressed, or obfuscated somehow, which lead me to wonder what else might be hidden in the jpg. When you are in my line of business, it's good to be suspicious

But then... a friend commented on my post, saying that he'd had a similar problem with Word a couple of years ago... wait ...what? Word?

Long story made short. Yes, Word adds its own Alt Text to images, and FaceBook was not hiding Alt Text in the images.

Here is Word's Alt Text..

And here is FaceBook's on the same image ...

I was wr... wro... wron.... still can't say the word. :)

The FaceBook Alt Text was just a tag in the html. Yes, it's storing it somewhere, but it's not as creepy as I thought, and Word is doing it too, and probably so is just about any other browser, search engine, word processor, pdf maker... the list goes on.

We can all relax, and go back to worrying about more important things, like firmware issues. Oh... yes... we found some interesting Android firmware stuff yesterday, so stay tuned.

Wednesday, April 22, 2020

That's a bit creepy again, FaceBook!

So, anyway, reasoning that life is too short to be completely serious all the time, I like to tell Dad Jokes. I'm really funny... or at least I think I am.

One of my recent jokes involved a picture, and it went like this...

This is my jar of jars. I call him JarJar. When I shake JarJar, he clinks...

I crack myself up, and as I usually do, I put it on FaceBook.

I am collecting my best (imho) jokes into a document called Grandad Jokes, for my unsuspecting grand kids to read one day, so the easiest way to get the photo onto the right pc was to simply save it from FaceBook.

I then imported it into Word, and this is where it got a bit creepy.

I saw this text appear on the bottom of the imported photo, just for a few seconds...

Wait ... what?.. Alt text? Where did that come from?

It said, "Alt text: A picture containing table, indoor, sitting, food"

Then I remembered reading a few months ago, that FaceBook automatically analysed all photo uploads, so that visually impaired people could have a photo described to them by a robot. While that, on the face of it, sounds very noble, I can't imagine it's terribly effective, because the description just isn't very accurate. I'm not saying FaceBook did anything wrong... it was just hidden and subtle. I may be being cynical, but I suspect that the real benefit is more along the lines of simple statistics for marketing.

Thank goodness that Word showed me, or I wouldn't have known.

One good thing was that I was able to confirm that, by default, FaceBook removes geo location data from the jpg.

A bit more poking around, and I found that I could right click the picture in Word, and one of the options was to edit the Alt Text. That meant that the Alt Text was in the jpg somewhere, but another slightly disquieting thing was that the text was not visible in the jpg, as plain text, so that means it is compressed, or obfuscated somehow, and that leads me to wonder what else might be in there?

I will keep poking.

Chalk up another score for the Privacy Revolution.

Monday, April 20, 2020

Dell agrees that BIOS is the next malware battleground

So, anyway, I recently heard that Dell had released a BIOS testing tool, so I grabbed it and ran it over my trusty Dell Optiplex 7070. The tool was pretty hard to find, but I did find it, and installed it, and it ran, and it pronounced that my BIOS was fine.

That was cool, and expected, but there were a couple of shortcomings.

The first was that it did not tell me that there was an Intel Management Engine upgrade, marked as urgent, and also a BIOS upgrade marked as urgent, which, as a Dell product, I would have thought it should have known about, and told me.

The second was that it doesn't see the sort of things that we see, such as components that seem to have similar functionality to the so-called Lenovo rootkit of 2015.

This makes sense, as this functionality is in there by design, but, in my opinion, is a desirable target for the Bad Guys(tm)

All security pros know that security and functionality tend to exist in an inverse relationship, which is to say that the more functional you make something, the less secure it tends to be.

We think people need to know what (and who) is in their firmware.

To me, the most important aspect of this tool is simply the fact that Dell is acknowledging that the BIOS is the next malware battleground. While poking around for the tool, I also found this report, with the title, "BIOS Security - The Next Frontier For Endpoint Protection".

Folks, all organizations need to start paying attention to what's in their firmware, because it's going to take time to fix.