X
Business

5 outrageous hacks perpetrated by the FTC's new Chief Technologist

The idea that this guy is going to be going to Washington is just awesome.
Written by David Gewirtz, Senior Contributing Editor

Last week, the United States Federal Trade Commission (FTC) named Princeton Professor Edward Felten to a newly-created role: Chief Technologist.

This is interesting. Very, very interesting. You see, the FTC is the United States official body tasked with keeping consumers safe. While the FBI fights identity theft crimes, the FTC is the agency responsible for combating identity theft before the crime occurs.

The FTC's role in consumer protection is incredibly important. Back in 2008, I published U.S. government agencies' cyber-security and record-keeping worse than previously thought, where I detailed some serious security flaws at Homeland Security and the FTC.

Even with these security flaws (and I still don't know if they've been patched), the FTC's role in protecting consumers has become increasingly important as we enter the digital age.

That's where Ed Felten comes in. Ed's an interesting character, as well as an accomplished computer scientist. At Princeton, he's spent the past decade or so pushing on interesting weaknesses at the point where technology meets governance.

I promised you some outrageous hacks, and here they are.

Hack 1: Hacking IE in the Microsoft monopoly case

You may or may not remember United States vs. Microsoft. This was back in the days of Windows 98, so you'll be forgiven if you forgot. Back then, Microsoft was accused of having a monopoly on browsers (how quaint!). As part of its defense, Microsoft claimed IE was an integral part of the operating system and couldn't be removed.

Enter Felten. He testified that IE could be removed by deleting the icons and removing the IE executable. After that, things didn't go Microsoft's way for a while, even though Microsoft claimed that IE was a lot more (DLLs, in particular) than just the iexplore.exe file.

Hack 2: The Sony rootkit scandal

Let's fast-forward to 2005. Sony had decided to come up with a scheme to prevent CD copying. As part of their scheme, when you put one of 50 of their music CDs into a PC, it would automatically install some copy protection software (for those who didn't turn off auto-run).

Felten discovered that Sony left what was essentially a rootkit on the PCs, allowing any Web page to download and install software onto a PC "infected" with the Sony protection-ware.

Hack 3: Deibold voting machine scandal

Remember the whole michegas about how easy it is to hack the voting machines? Yep, Felten's doing. In 2006, Felten and a team of graduate students got their hands on a Deibold voting machine and showed just how easy it would be to put some "malicous" software on a voting machine and have it change all the results.

For some reason, Deibold Election Systems is no longer known as Deibold Election Systems. They're now Premier Election Solutions. Did they change their name to avoid all the bad press stirred up by Felten's findings? Nah.

Hack 4: Sequoia voting machine scandal

Felten is a Jersey boy and New Jersey is pretty particular about its elections. In 2008, some smart New Jersey bureaucrats decided they wanted to avoid any form of voting machine scandal. To do so, they decided to send one Sequoia voting machine to Felten and his band of merry grad students.

Things did not go well. Sequoia Voting Systems, who happens to compete against the former Diebold, didn't much like the idea of Felten rummaging around in the guts of their pride and joy. Sequoia threatened legal action if Felten kept up his testing.

As it turns out, Felten did continue his testing and determined that the Sequoia could be compromised in minutes.

Hack 5: the cold boot attack

Because he wasn't busy enough in 2008, Felten and his students discovered a nasty little flaw called the cold boot attack.

If you've ever seen particularly bad science fiction, you know how this works. In science fiction, every so often there's a witness with invaluable data who suddenly dies. As the SF conceit goes, those last images are recorded somewhere in the victim and can be retrieved and replayed posthumously.

The cold boot attack works in a similar way. RAM retains information for just a few minutes after powering off, so an attacker could restart a machine and dig through previously secure RAM to extract keys and access information.

Mister Felten goes to Washington

So now you know Ed Felten. The idea that this guy, this guy is going to be going to Washington is just awesome. The FTC could use someone with Felten's twisted little mind to help it prepare for our digital future.

There's only one thing that concerns me. This gig of Chief Technologist is only for a year. It's virtually impossible to get anything done in a year in Washington. So I'm hoping that this role isn't just some sort of fellowship for Felten and the United States can derive some actual value and insight from one of our more interesting and influential white-hat hackers.

Editorial standards