Search This Blog

Showing posts with label Security Loophole. Show all posts

AI Knife Detection System Fails at Hundreds of US Schools


A security company that provides AI weapons scanners to schools is facing new doubts about its technology after a student was assaulted with a knife that the $3.7 million system failed to identify.

Last Halloween, Ehni Ler Htoo was strolling in the corridor of his school in Utica, New York, when another student approached him and attacked him with a knife. The victim's lawyer told BBC that the 18-year-old received many stab wounds to his head, neck, face, shoulder, back, and hand. 

Despite a multimillion-dollar weapons detection system built by a company called Evolv Technology, the knife used in the attack was carried inside Proctor High School. 

Evolv claims that its scanner "combines powerful sensor technology with proven artificial intelligence" to detect weapons rather than just detecting metal. The system issues an alert when it discovers a concealed weapon, such as knives, bombs, or weapons. It previously promised that its scanners might aid in the creation of "weapons-free zones" and has openly asserted that their equipment is very accurate. 

According to Peter George, the company's chief executive, its systems "have the signatures for all the weapons that are out there." Knives, explosives, and firearms are among the weapons that the system can locate, according to earlier news releases. 

After Evolv's scanner missed 42% of large knives in 24 walk-throughs, a BBC investigation conducted last year discovered that testing proved the technology could not reliably detect large blades. 

Major American stadiums as well as the Manchester Arena in the United Kingdom employ the system. According to the testers, Evolv should alert prospective customers. Despite this, the company has been growing in the educational sector and currently claims to be present in hundreds of schools across the US. 

Stabbing incident

The Utica Schools Board purchased the weapons scanning system from Evolv in March 2022 for 13 schools. Over the summer break, it was erected.

The attacker who attacked Ehni Ler Htoo was seen on CCTV entering Proctor High School and going through the Evolv weapons detectors on October 31.

"When we viewed the horrific video, we all asked the same question. How did the student get the knife into the school?" stated Brian Nolan, Superintendent of Utica Schools.

The knife employed in the stabbing was more than 9in (22.8cm) long. The attack prompted the school system in Utica to conduct an internal investigation.

"Through investigation it was determined the Evolv Weapon Detection System… was not designed to detect knives," Mr Nolan added. 

Ten metal detectors have taken the place of the scanners at Proctor High School. The remaining 12 schools in the district, though, are still using the scanners.

According to Mr. Nolan, the district cannot afford to remove Evolv's system from its remaining schools. Since that attack, three additional knives have been discovered on kids at different schools in the district where the Evolv systems are still in use. 

One of the knives measured 7 inches. Another had a blade with finger holes that was bent. There was also a pocket knife. According to Mr. Nolan, none of them were discovered by the weapons scanner; instead, all of them were discovered because staff members reported them. 

Evolv's stance 

The language on Evolv's website was altered following the stabbing. 

Evolv had a title on its homepage that bragged about having "Weapons-Free Zones" up until October of last year. The corporation afterwards modified the language to "Safe Zones" and omitted that phrase. Now it says "Safer Zones" after another modification. 

The company asserts that its system locates firearms using cutting-edge AI technology. However, its detractors claim that not enough is understood about the system's operation or how well this technology detects various kinds of weaponry. 

Evolv has overstated the effectiveness of the device, according to Conor Healy of IPVM, a company that evaluates security technology. 

"There's an epidemic of schools buying new technology based on audacious marketing claims, then finding out it has hidden flaws, often millions of dollars later. Evolv is one of the worst offenders. School officials are not technical experts on weapons detection, and companies like Evolv profit from their ignorance."

Multiple Critical Bugs Identified in SonicWall SMA 100 Appliances


Rapid7 researcher has presented additional details regarding the SonicWall bug in its Secure Mobile Access 100 network security devices that permit unauthenticated remote code execution (RCE) on compromised devices. 

Last year in October, Rapid7 researcher Jake Baines uncovered five vulnerabilities in Sonic Wall’s Secure Mobile Access (SMA) 100 series of devices, which includes SMA 200, 210, 400, 410, and 500v.

The SMA 100 line was designed to offer end-to-end safe distant accessibility to corporate assets, be they hosted on-premise, in the cloud, or in hybrid data facilities. It also provides policy-enforced access control to apps immediately after creating user and device identity and trust.

The most severe of the flaws is CVE-2021-20038, with a rating of 9.8 on the Common Vulnerability Severity Scale (CVSS). It’s a stack buffer overflow bug allowing a threat actor to secure complete control of a device running SonicWall’s NAC solution. 

According to the researcher, the bug is spotted in the manner the appliance handles Apache httpd calls. When the cgi_build_command function is called, the stack-based buffer can be overloaded and allow attackers to load up commands. 

“The most prominent is the stored return address, the memory address at which execution should continue once the current function is finished executing,” Baines explained in the blog post. “The attacker can overwrite this value with some memory address to which the attacker also has to write access, into which they place arbitrary code to be run with the full privileges of the vulnerable program.”

The other bugs discovered include CVE-2021-20039, a command injection vulnerability with a rating of 7.2; CVE-2021-20040, a relative path traversal vulnerability with a rating of 6.5; CVE-2021-20041, an infinite loop flaw, and CVE-2021-20042, an unintended proxy or intermediary also known as a “confused deputy” vulnerability with a rating of 6.5.

In his analysis, Baines examined the SMA 500v firmware variations 9…11-31sv and discovering that CVE-2021-20038 and CVE-2021-20040 affect only equipment functioning version 10.2.x, though the remaining issues influence both firmware variations. 

Raaid7 reported the five vulnerabilities to SonicWall on Oct. 18. On December 7, SonicWall released a security advisory and updates fixing the pbugs Baines had discovered.