Skip to main content

Posts

Showing posts from 2022

I'll have a Gamma Frappuccino, please.

A recent story has been making the rounds: " Hundreds of Nuclear Radiation Monitors Were Allegedly Hacked by Former Repairmen ".  Basically, it seems that more than a year ago  two disgruntled employees sabotaged +300 radiation monitoring devices, which were part of a nation-wide civil radiation monitoring network (RAR) in Spain. On top of that, they were apparently using the free WiFi of a Starbucks to carry out their activities. Obviously not being the sharpest tool in the box they were eventually caught. In this story there is a boring part, which is everything related to these guys and their motivations, and a slightly more interesting part which is the underlying technology behind Radiation Monitoring Networks (RMN). In 2017 I presented at BlackHat USA ' Go Nuclear: Breaking Radiation Monitoring Devices ", so I thought  it could be interesting to write a brief post to provide some context. The NeverEnding story As in most 'disgruntled employee' attacks,

De-Anonymization attacks against Proton services

  In November 2021 YesWeHack invited me to participate in a private bug bounty program organized by  Bug Bounty Switzerland on behalf of Proton AG.  The scope of the program was quite interesting and heterogeneous, as it covered most of the applications and services offered by Proton, such as ProtonMail and ProtonVPN. As a result, multiple technologies and codebases were in scope, ranging from typescript, in the open-source part of Protonmail, to .NET/Swift used by ProtonVPN apps for Windows and macOS respectively. Proton is well-known for its privacy-driven services offer, so they are based on Switzerland where the legislation seems to match Proton's requirements to provide that kind of services: thus maximizing the privacy of their communications, minimizing the amount of data they log from their users while keeping a law-abiding status.  It wouldn't be realistic to think of Proton users as an homogenous group; you may be using Proton because you're genuinely worried