Remember the age of text-based gaming where natural language phrasing would help you maneuver a character through scenes in a virtual world? In a gaming context, that has long been a dinosaur, replaced by intricate and massive online role-playing games. But researchers from Carleton University in Ottawa, Canada, have proposed a way to borrow from those narrative elements to someday build what they hope will be an alternative to passwords.
Their plan is to combine user- and machine-generated narrative, based on the user’s recent activity on a computer, where the user interacts accordingly as continuous authentication mechanism, authenticating to specialized systems. The researchers’ premise is that users are much more likely to remember a familiar or interesting narrative than a complex password.
“If we’re using systems to figure out who are closest friends are, or to provide us with our favorite restaurants or news updates, why can’t personal items be used for authentication as well,” said Carson Brown, one of the authors along with Anil Somayaji and David Mould of a paper entitled: “Towards Narrative Authentication; or Against Boring Authentication.” “Allow the system to have a dialogue and prove that you are you and tell it things you know. It’s a shared secret, but still part of your identity.”
Rather than relying on the user or computer to exclusively generate the narrative, the researchers believe this should be a collaborative effort, one that is derived from a user’s recent activity on the computer. For example, it could stem from playing new games, interacting with new applications, or check-ins on social media that could indicate a memorable activity such as a vacation that would spawn a new narrative.
“In practice, the dialog would probably involve highly constrained user choices at every stage, at least initially,” the researchers wrote. “Advances in natural language processing, however, might allow for more flexible collaborative story creation.”
Brown wrote in the paper, presented last September at the New Security Paradigms Workshop, that things humans find boring are not retained, while memories that are interesting stay with us. Passwords, in other words, are easily forgettable, and choosing to authenticate from good stories or pleasant memories keeps the user engaged and, the researchers hope, lessens the risk that attackers can steal credentials the way they can with today’s weak authentication schemes.
“Good stories are almost impossible to forget, and even bad stories can be remembered. …” the researchers wrote. “In fact, people often tell stories to verify each other’s identities by verifying that they both share some common set of stories, often using exchanges that are unintelligible to others who do not know those same stories. Further, those exchanges can be remarkably quick and concise.”
While computers’ understanding of narrative is poor, the researchers postulate that elements of a narrative such as places, objects, settings or characters can be converted via software to a form people would remember and computers could verify. This could take on a challenge-response format.
“The remote server should store a complex narrative structure—a story or a set of stories—that is then used to drive a dialogue with the user,” the researchers wrote. “The system sends challenges to the user that require knowledge of the stories to be successfully responded to but can be responded to using information derived from only a small portion of the narrative structure.”
The research paper provides an example of how narrative-based authentication would work from a text-based game called Stackers. In the game, the user is asked to stack a number of objects in a particular order in order to proceed, or in this case, to authenticate themselves. Sizes or colors could be added to the object to ward off brute-force or even replay attacks, the researchers wrote.
They say that your worst fears and your fondest dreams are rarely realized. That may well be true in most walks of life, but in the information security world, 2013 was the year that our worst fears were not only confirmed, but so were some things that few but the most paranoid among us thought possible.
The list of NSA-related revelations is well-known by now: the phone metadata collection program, PRISM, subversion of a random number generator in a NIST standard, development of an arsenal of capabilities to break SSL, tapping undersea fiber cables, monitoring the communications of foreign leaders and even assembling a catalog of information-warfare tools with outlandish capabilities. Some of these revelations involve capabilities or programs that people in the security industry have either suspected were in use or had some evidence were being used. The metadata program, for example, had been discussed in some corners of the industry for several years, as had the possibility of a backdoor in the Dual_EC DRBG random number generator.
The security and privacy implications of these programs, as well as the others that have been revealed by the leaks of documents from Edward Snowden, are obvious and devastating. Some of the fundamental technologies and platforms that billions of users rely on for their communications every day are continuously monitored. They should be considered compromised.
In many ways, the promise of the Internet as an open, usable communications platform available to everyone has been broken. For the network to be useful, its users must be able to place some level of trust in it, and the protocols and technologies on which it’s built. The revelations of the last seven months have made it clear that’s just not possible. The plain truth is that we no longer know what to trust.
That’s the cold, ugly lesson of 2013, that trust, the thing that’s needed in order for security and privacy to work, is not just difficult, but may be impossible in some cases. If you rely on encryption to protect your sensitive online communications, as many of us do, how can you trust that those packets you’re sending and receiving aren’t being diverted or decrypted somewhere? You can’t. If you prefer to be left alone and not have your every online movement, interaction and email tracked, you’re out of luck.
The Internet hasn’t been the open, flexible, user-oriented network it was meant to be for a long time–if it ever actually was. Now, it’s become a poisoned, paranoid environment where everything is suspect. The last year was a brutal one for privacy, freedom and security and it’s unclear whether 2014 or any of the coming years will be any better. Only the most optimistic bettor would make that wager and optimists seem to be an endangered species these days.
Security researchers from Malware Must Die uncovered new ransomware called PrisonLocker, and said the malware author is either a legitimate security researcher or is posing as one via a personal blog and Twitter handle.
Malware Must Die has monitored PrisonLocker’s development since spotting it for sale on an underground criminal hacking forum in November. The ransomware, also known as PowerLocker, is all-but ready for sale. At the moment, it appears to lack a completed graphical user interface and is still undergoing quality assurance tests. Once it’s ready, the creator claims he will sell the malware for roughly $100 per license, which can be paid using cryptocurrency Bitcoin.
According to specifications listed by the author in a number of locations, the PrisonLocker infection process will begin with a Trojan that drops a single executable file into a temp folder. Following successful installation, PrisonLocker is designed to encrypt nearly every file on infected machines, including those on hard drives and shared drives but excluding .exe, .dll, .sys, and other system files. According to a Pastebin post from Dec. 19, PrisonLocker will deploy the Blowfish cipher, and each infected machine will have a corresponding Blowfish decryption key that is encrypted using RSA AES 2048-bit encryption.
Other features include persistence through Windows registry keys, disabling infected users’ Windows and escape buttons, and blocking task manager, command prompt, registry editor, and other Windows utilities.
Like CryptoLocker, infected users will be given a predetermined amount of time to pay the ransom before the decryption key is forever deleted. Whoever administers the ransomware will have the ability to choose the preset amount of time and pause or reset this deletion clock in order to examine ransom payments. Other customizable features include naming and placing the infection file, determining the ransom amount and method of payment, and the establishing the username and password for the administrative panel, which is set as “admin” and “admin” by default.
PrisonLocker also boasts a number of analysis prevention features. Its author claims it detects basic virtual machine, sandbox, and debugger environments. The malware will also set up what its creator calls a “locked window in a new desktop.” This, the creator claims, will render useless the “alt+tab” command and, thus, all other applications. Beyond that, even if a user manages to escape the locked window, PrisonLocker includes a module that forces the locked window to the forefront of the user’s desktop every few milliseconds.
Interestingly, the ICQ messaging ID and email address associated with the malware author’s handle (gyx) on a number of sites is also associated with the twitter handle @Wenhsl and the security blog Wenhsl[.]blogspot[.]com. In that Twitter profile’s bio, the user describes himself as the following:
“Security enthusiast. Novice infosec/malware researcher and cybercrime analyst. C/C++ and currently polishing up my MASM.”
PrisonLocker is written in C++. Malware Must Die suggests that the author may either be double dipping as a security researcher and a criminal, or merely pretending to be a benevolent security researcher to cover his tracks as a criminal. Malware Must Die contacted various law enforcement agencies and provided this information to them.
The race to replace the Blackhole Exploit Kit as the web exploit pack of choice for cybercriminals seems to have an early leader in Magnitude.
Researchers at Dutch security firm Fox-IT reported over the weekend that European visitors to Yahoo were falling victim to malicious ads hosted on the site. The ads were injecting iframes onto the user’s browser and redirecting them to sites hosting Magnitude.
This is the first known major incursion redirecting to Magnitude since the takedown of Blackhole and the arrest of its alleged creator Paunch in October.
The Magnitude exploit kit targets Java vulnerabilities and installs a number of dangerous Trojans, including Zeus, Dorkbot, Necurs and a number of click-fraud malware. Fox-IT’s investigation concluded the infections started Dec. 30, possibly earlier.
Most of the victims are in Romania, Great Briatain and France; Fox-IT said it was monitoring an average of 300,000 visits per hour to Yahoo and based on an estimated infection rate of 9 percent, the company says about 27,000 infections were happening per hour.
“At this time, it’s unclear why those countries are most affected,” the company wrote on its blog. “It is likely due to the configuration of the malicious advertisements on Yahoo.”
The Washington Post reported, meanwhile, that Yahoo has removed the advertisements in question.
“Users in North America, Asia Pacific and Latin America were not served these advertisements and were not affected,” a Yahoo representative told the Post. “Additionally, users using Macs and mobile devices were not affected.”
The malicious ads were served by Yahoo from a number of domains, including two registered on Jan. 1: blistartoncom[.]org and slaptonitkons[.]net. The company advises that concerned organizations should block the 192.133.137 and 193.169.245 subnets.Those domains then redirect to a number of domains hosting Magnitude, including boxdiscussing[.]net, crisisreverse[.]net, and limitingbeyond[.]net. All of the domains, Fox-IT said, were served from a single Dutch IP address 193[.]169[.]245[.]78.
“It is unclear which specific group is behind this attack, but the attackers are clearly financially motivated and seem to offer services to other actors,” Fox-IT said, adding that Magnitude is similar to an exploit kit used in an October compromise of php.net.
Since the takedown of the Blackhole Exploit Kit shortly following the arrest of its alleged creator Paunch in Russia, cybercriminals have yet to settle on an adequate successor. The hodgepodge of exploits kits in circulation, including Magnitude, Cool, Angler, Neutrino and others, don’t have the same muscle as Blackhole. Blackhole not only was a complete catalog of webinjects and banking malware, but it was updated almost daily, and was relatively affordable with an annual license selling for around $1,500. Since Paunch’s arrest, activity from Blackhole and its cousin Cool has dwindled to almost zero, and attackers are scrambling not only for a successor, but also to recover lost revenue.
Recently, researchers at Websense reported that the keepers of the Cutwail botnet had resorted to using phishing and spam email schemes spiked with malicious attachments or links to malware downloads because of the unavailability of Blackhole. Prior, there was a heavy use of Blackhole to automatically compromise computers and install banking Trojans or other financial malware, and to a lesser extent, direct attachments. That ratio has flipped, Websense said.
“What we’ve seen post Blackhole is this immediate cutoff where the URL based attacks inside these emails declined because of the Blackhole infrastructure going down,” said Alex Watson, Websense director of security research.
As for Magnitude, Websense reported a blip where criminals were experimenting with the new exploit kit for a period of time, but then moved away. Magnitude and Neutrino, a number of researchers report, support many of the most recent exploits, but they seem to be a work in progress in terms of how they deliver redirects or exploits.
“It has to be a worthwhile business arrangement as well. When they adopt exploit kits, it’s both a mixture of the frequency of adoption to avoid security solutions and another element how quickly it is to incorporate the latest exploits,” Watson said. “The third is the cost of the business arrangement for the exploit kit and if it can be competitive with what Blackhole was before.”
UPDATE–Bruce Schneier, the famed cryptographer and author who recently left his longtime post at BT, has taken a new position as CTO of Co3 Systems, a startup that provides incident response systems. Schneier, a central figure in the security industry for more than two decades, said he is excited about the new challenge ahead.
Schneier left BT last month after spending nearly 15 years at Counterpane, which he helped found, and BT, which acquired the company in 2006. Counterpane was part of the first wave of managed security services providers in the late 1990s and provided monitoring and detection services for its customers. He said that the incident response system that C03 now provides may have been something that Counterpane could have put together had the company not been acquired. In joining Co3, Schneier rejoins one of the other members of Counterpane’s original executive team, John Bruce, who is CEO of Co3.
Schneier said that he sees a lot of need for the service that Co3 provides, especially in today’s environment where breaches are a daily occurrence and every organization is a target.
“Years ago, attacks were both less frequent and less serious, and compliance requirements were more modest. But today, companies get breached all the time, and regulatory requirements are complicated — and getting more so all the time. Ad hoc incident response isn’t enough anymore. There are lots of things you need to do when you’re attacked, both to secure your network from the attackers and to secure your company from litigation,” Schneier said on his blog.
“The problem with any emergency response plan is that you only need it in an emergency. Emergencies are both complicated and stressful, and it’s easy for things to fall through the cracks. It’s critical to have something — a system, a checklist, even a person — that tracks everything and makes sure that everything that has to get done is.”
Schneier said that he had been getting a little restless in the last year and was looking around for something interesting to do. He had enjoyed working in a startup environment at Counterpane and had been on the advisory board at Co3 Systems for a while, so the pieces fit together easily.
“I was getting a little antsy bored but then I thought, do I want to work for a company? But I know the people here and I like the product and it fits with my philosophy,” he said in an interview. “It’s peripheral enough to what I do that it doesn’t raise any questions. If I went to work for a hard-disk encryption company then immediately the NSA question comes up. I’m not going to stop doing what I’m doing. This is a company where there’s no quandaries.”
In recent months, Schneier, who is best-known for his cryptography work and his books on information and physical security, has been working with journalists at The Guardian to help analyze some of the NSA documents leaked by Edward Snowden. He also is currently serving as a fellow at The Berkman Center at Harvard University.
“I’m pretty excited about this. It’s good to be back at a startup. Plus, John Bruce and I worked together at Counterpane…so we both know exactly what we’re getting ourselves into,” Schneier said by email.
The work that he has done on the Snowden documents will continue, Schneier said, because he views it as more important than any given job. He will be working on the documents with Glenn Greenwald at his new media venture.
“None of that stops. That’s a rule with any company. Given the choice, the job loses,” he said. “I mean, what’s more important?”
*Image via Stiftelsen‘s Flickr photostream, Creative Commons
While much of the coverage of the surveillance programs revealed by Edward Snowden have focused on the legality and constitutionality of the collection of metadata and Internet traffic in the name of counter-terrorism and national security, the question of whether these programs are actually cost effective has gone largely unexamined. But a pair of academic researchers decided to have a look at whether the NSA–and by extension, the American people–is getting anything worthwhile for the untold millions spent on the metadata program. Their conclusion: probably not.
The metadata program, which was the first surveillance system revealed by Snowden in June, is authorized under Section 215 of the USA PATRIOT Act and enables the NSA to collect and store phone call records under blanket court orders. The agency can store these records for five years, and they include information such as the originating and terminating phone numbers and the length of each call; they don’t include call content. Administration and intelligence officials have said in the wake of the Snowden leaks that collecting this data enables them to “connect the dots” among various disparate pieces of intelligence and suspects in order to conduct terrorist investigations. They also have argued that the disclosure of the Section 215 surveillance program and others in recent months have caused serious damage to American intelligence capabilities.
However, as the authors of the new paper, John Mueller, an adjunct political science professor at Ohio State University, and Mark G. Stewart, Professor and Director, Centre for Infrastructure Performance and Reliability at The University of Newcastle in Australia, note, terrorists have known for decades that the NSA is listening to their electronic communications. The current set of revelations hasn’t given them significantly more information, they argue.
“It is possible that the current revelations will impress the terrorists even further about the extent of the surveillance effort. But even if that is so, the effect would mainly be to make their efforts to communicate even more difficult and inconvenient,” the write in their paper, which was produced for the journal I/S.
“Conceivably, as some maintain, there still exist some exceptionally dim-witted terrorists or would-be terrorists who are oblivious to the fact that their communications are rather less than fully secure. But such supreme knuckle-heads are surely likely to make so many mistakes—like advertising on Facebook or searching there or in chatrooms for co-conspirators—that sophisticated and costly communications data banks are scarcely needed to track them down.”
In their paper, Mueller and Stewart try to determine what the cost of the metadata collection program might be, not just in monetary terms, but also in terms of other lost opportunities and damage to privacy. The budget for the program is classified, but the authors say that the direct costs of it could be relatively low. They caution, however, that the dollar figure the NSA spends on the program isn’t the only one that matters. There is also the cost of following up on whatever leads the metadata program generates, as well as the privacy cost to citizens whose records end up in the database, something that’s difficult to quantify.
Mueller and Stewart also are concerned with the effectiveness of the metadata program, and look closely at the infamous group of 54 terrorist incidents or plots that NSA Director Keith Alexander has cited as being identified or disrupted through the use of the Section 215 surveillance. The list of incidents itself is classified, but NSA officials have testified that 90 percent of them were identified using section 702 surveillance, which is the authority for the so-called PRISM program that collects Internet traffic.
“Thus, the 215 program, in which metadata are accumulated and stored for all telephone calls within the United States, presumably played a role only in around 5 cases over the course of the program. According to General Alexander, only 13 of the 54 cases on the classified list had a ‘homeland nexus,’ the others having occurred in Europe (25), in Asia (11), and in Africa (5),” the paper says.
“Four of the cases, all presumably included in the ‘homeland nexus’ subset, were publicly discussed in Congressional testimony on June 18, 2013, by Alexander and by Sean Joyce, Deputy Director of the FBI. Insofar as NSA surveillance played a role at all in these cases, it seems that it was the 702 program, not the 215 one, that was relevant.”
That one case, the authors say, appears to be one that involved a Somali cab driver living in San Diego who had sent some money to a group in his native country that was fighting Ethiopia. They authors cite comments from Sen. Patrick Leahy that say the cases described by Alexander “weren’t all plots and they weren’t all disrupted.”
“Absent such information, and keeping in mind the impressive record of dissembling that NSA has so far amassed, it does seem to be a reasonable suspicion—supported by the public comments of Senator Leahy—that the four cases discussed represent not a random selection from the list, but the best they could come up with. It that it so, the achievements of 215 do seem to be decidedly underwhelming,” the authors say.
Mueller and Stewart conclude that in order for the metadata program to be cost-effective, the price tag would need to be quite low.
“Although the cost of the 215 program remains classified, it is possible to calculate how much that cost would have to be for the program to be cost-effective. Even making some generous assumptions about its effectiveness, the program would be cost-effective only if its full price tag (including all the cost considerations arrayed above) is less than $33.3 million per year. The full NSA budget, for reference, is about $10 billion,” they conclude.
“It seems likely that ‘on net’ (as the President puts it) the highly-controversial 215 program could also safely be retired for ‘operational and resource reasons’ with little or no negative consequences to security…”
Image from Flickr photos of Christopher Brown.
The OpenSSL Project blames a weak password used at its hosting provider for its recent site defacement.
The organization that hosts the ubiquitous open source encryption implementation updated a notice on its website yesterday informing users that attackers used the weak credential to gain control of a hypervisor management console. The update says the OpenSSL server is a virtual server sharing a hypervisor with other customers at its service provider.
The attackers were able to get in on Dec. 29 and manipulate the organization’s virtual server, the notice said.
“Other than the modification to the index.html page, no changes to the website were made. No vulnerability in the OS or OpenSSL applications was used to perform this defacement,” the notice said, adding that the source repositories had been audited and were not accessed.
VMware yesterday denied reports that its software had been compromised as part of the OpenSSL defacement.
“We have no reason to believe that the OpenSSL website defacement is a result of a security vulnerability in any VMware products and that the defacement is a result of an operational security error,” the company said in a statement.
Hypervisors are software programs used to create and manage virtual machines; hosting providers can use them to manage multiple machines on a single host.
OpenSSL is more than a TLS or SSL implementation; it’s also a full cryptographic library that is at the core of numerous commercial software products that make use of encryption.
An attack on OpenSSL, where hackers would be able to access source code and inject backdoors or other malware, could have devastating consequences. Speculation has been high too that the NSA would covet a backdoor in OpenSSL given its presence in any number of high profile products and web applications; the list of FIPS Cryptographic Module Validation Program-certified products, for example, is lengthy and target rich featuring hundreds of security and networking products.
A Turkish hacking group claimed responsibility for the defacement. TurkGuvenligi took down the webpage and left behind the message: “TurkGuvenligiTurkSec Was Here @turkguvenligi + we love openssl _.”
The SANS Institute’s Internet Storm Center reports a surge in probes against port 32764, which matches the port used by an alleged backdoor in Linksys routers that was reported over the New Year’s Day holiday.
“At this point, I urge everybody to scan their networks for devices listening on port 32764/TCP. If you use a Linksys router, try to scan its public IP address from outside your network,” wrote SANS CTO Johannes Ullrich.
Ullrich said there was relatively little scanning activity on that port prior to Thursday when three source IPs began conducting probes on that port, scanning as of this morning close to 20,000 records against more than 4,000 targets.
Most of the probes are coming from one of the three source IP addresses in question, as well as from the Shodan search engine.
The alleged backdoor was disclosed in a Github post by a hacker Eloi Vanderbeken of France. He uploaded a PowerPoint presentation to Github describing the backdoor he found not only in five different Linksys DSL modem/routers, but also in a number of Netgear, Cisco and SerComm home and business boxes.
“I didn’t want to lose my time in writing a full report, it’s a very simple backdoor that really doesn’t deserve more than some crappy slides,” Vanderbeken wrote.
His slides describe his journey over Christmas to regain access to his home router’s admin console after losing what he describes as a very long and complex password. He began by conducting an Nmap scan where he found the router listening and responding over 32764 to a number of commands. After finding and downloading the firmware for his Linksys gear and reverse engineering its MIPS binary code, he found he could exploit a buffer overflow and cause the router to revert to its default settings.
Vanderbeken was then able to use this opening to get a command shell and write a script that gave him administrator access to the router.
It’s unclear from his Github entry whether any of the hardware manufacturers were notified of the weakness.
Researchers, meanwhile, spent a good amount of time last year looking at the security home and small office networking gear and found a number of serious issues. Cisco Linksys EA2700 boxes were found to be vulnerable to cross-site scripting attacks, file-path traversal attacks, cross-site request forgery and even a potential source code disclosure, according to pen-tenster Phil Purviance, who reported his findings to Cisco last March.
Prior to that, IOActive researchers Sofiane Talmat and Ehab Hussein shared research that demonstrated that home routers and modems from ISPs can be chained together to redirect traffic in click-fraud scams, keep blocks of users from reaching the Internet, or launch denial of service attacks. Talmat and Hussein were also able to take advantage of vulnerable firmware and upload their own in simulated attacks. Their new firmware took the place of factory-installed firmware, rendering factory-reset options useless.
A group of hundreds of academics from countries around the world have started a petition that demands Western governments, such as those in the United States and UK, stop the mass surveillance programs they have in place and “effectively protect everyone’s fundamental rights and freedoms”.
The petition is the latest public effort from various groups of security and privacy researchers, Internet pioneers and academics who are concerned about the effects of mass surveillance on the security of the Internet and the privacy of users’ communications. Signed by academics from more than two dozen countries, the petition calls on intelligence agencies to end blanket surveillance and become subject to greater oversight and transparency.
“Intelligence agencies monitor people’s Internet use, obtain their phone calls, email messages, Facebook entries, financial details, and much more. Agencies have also gathered personal information by accessing the internal data flows of firms such as Google and Yahoo. Skype calls are “readily available” for interception. Agencies have purposefully weakened encryption standards – the same techniques that should protect our online banking and our medical files. These are just a few examples from recent press reports. In sum: the world is under an unprecedented level of surveillance,” the petition says. “This has to stop.”
Many of the signatories of the petition have spoken individually about the mass surveillance programs run by NSA and the GCHQ in the UK, and have been critical of the programs, such as the metadata collection program that pulls in hundreds of millions of phone records a day and the tapping of undersea Internet cable to collect raw traffic flowing on networks owned by major providers. Bruce Schneier, a cryptographer and author, who has also been involved in some of the publication efforts of the NSA leaked documents in The Guardian, signed the petition, as did Ross Anderson of the University of Cambridge, Alessandro Acquisti of Carnegie Mellon University, Marc Rotenberg of Georgetown University and Jay Rosen of New York University.
“Without privacy people cannot freely express their opinions or seek and receive information. Moreover, mass surveillance turns the presumption of innocence into a presumption of guilt. Nobody denies the importance of protecting national security, public safety, or the detection of crime. But current secret and unfettered surveillance practices violate fundamental rights and the rule of law, and undermine democracy,” the petition says.
“The signatories of this declaration call upon nation states to take action. Intelligence agencies must be subjected to transparency and accountability. People must be free from blanket mass surveillance conducted by intelligence agencies from their own or foreign countries. States must effectively protect everyone’s fundamental rights and freedoms, and particularly everyone’s privacy.”
The petition, titled Academics Against Mass Surveillance, comes at a time when there is a huge amount of public scrutiny of the NSA’s collection methods and programs. Since the leaks from former NSA contractor Edward Snowden began in June, security researchers, lawmakers and privacy advocates have called for greater oversight and reform of the agency’s collection methods. There are a number of pending lawsuits against the NSA and some of the companies involved in the collection programs, as well as legal challenges of the programs from groups such as the ACLU and the EFF.
Image from Flickr photos of Tim Gillin.
Dennis Fisher and Mike Mimoso talk about the year that was in the security industry, including the last six months of NSA drama, the Microsoft bug bounty program, exploit sales and attacks against major banks.http://threatpost.com/files/2014/01/digital_underground_139.mp3
It didn’t take long for hackers to exploit a previously disclosed vulnerability in the popular photo sharing application Snapchat. As yet unidentified hackers spent yesterday’s New Year’s holiday dumping 4.6 million of the service’s usernames and partial phone numbers and posting them online for the public to peruse.
The site that was hosting the slew of information, SnapchatDB.info, remains offline this afternoon. In its place a note from the site’s hosting company acknowledges the account corresponding to the site has been suspended.
For a short time yesterday the site allowed anyone to download all of the leaked data as either a SQL dump or CSV text file.
The hackers responsible for disclosing the information claim they omitted the last two digits of the leaked phone numbers to “minimize spam and abuse” but encouraged interested parties to contact them for the full database.
“Feel free to contact us to ask for the uncensored database. Under certain circumstances, we may agree to release it,” read one part of the site, which has been since cached on Google.
Information about the site is sparse but according to whois.domaintools.com, someone whose address and phone number can be traced to Panama registered the site on New Year’s Eve.
It isn’t clear if the leaked information is legitimate but the fact that the site was taken offline so fast suggests there may have been some validity to the hack and that that due to the sensitive nature of the data, the company may have had it removed.
Representatives from the company failed to immediately respond to a request for comment Thursday.
News of the hack spread first on YCombinator’s Hacker News site. From there some sleuths on Reddit were able to comb through the millions of phone numbers to deduce that the average Snapchat user has a better chance of not being on the list than being on it.
Based on the leaked telephone area codes, if the phone number attached to a Snapchat account is based in one of the following states, the account’s information likely isn’t in the database:
- New Hampshire
- New Mexico
- North Carolina
- North Dakota
- Rhode Island
- West Virginia
The leaked phone numbers appear to be largely contained to North America and includes users from major cities across the United States (Los Angeles, Chicago, Denver, etc.) and some remote parts of Northern Canada.
Researchers at Gibson Security warned about the bug in a full disclosure post on their site Christmas Eve claiming it was “ridiculously easy” to use Snapchat’s API to match its users’ phone numbers with usernames on a massive scale. According to the researchers, despite disclosing the bug to the company in August, Snapchat hadn’t made any moves to fix the issue in the last five months.
Snapchat went as far as to dismiss Gibson Security’s claims in a blog post last Friday, claiming the company doesn’t display phone numbers to other users and doesn’t support the ability to look up phone numbers by username. The group tried to quell fears by claiming they’ve “implemented counter-measures and continue to make improvements to combat spam and abuse.”
What could prove to be quite the blunder for Snapchat is that the company may actually helped the hackers by suggesting how to create a database like the one that was leaked in the same blog post.
“Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database if the results and match usernames to phone numbers that way,” warned the post.
It appears the hackers were able to do just that, just on a lesser scale.
It’s not yet certain what percentage of Snapchat’s users may have been put at risk by the hack. The app was used by more than 8 million U.S. users in May 2013 according to data provided by Nielsen this past summer but it’s almost positive that figure has jumped since, especially in wake of the app’s increased popularity.
As a service to anyone who might be worried their account information is out there, Gibson have put together a searchable, web-based tool that allows users to verify whether or not their data has been leaked.
Target Corp.’s admission that encrypted PIN data was stolen in the Black Friday breach was bad news for consumers. For security experts, especially cryptographers, particular exception was taken to the retail giant’s use of Triple DES (3DES) encryption to keep the PIN data safe.
With all crypto suffering scrutiny under the weight of the Snowden leaks, security experts are extra leery of 3DES because of its age and the availability of cryptographically stronger options such as AES.
Target insists the PIN data is safe because the numbers were encrypted at physical retail locations on the PIN pad, and the key is not stored with the data. Instead, the key is with the company’s payment processors, one of which, First Data, said it is not aware of any breaches or abuse on its end.
“What this means is that the ‘key’ necessary to decrypt that data has never existed within Target’s system and could not have been taken during this incident,” Target spokesperson Molly Snyder said.
Matthew Green, a noted cryptographer and professor at Johns Hopkins University, said the PIN data is likely secure if Target is being forthright. Hackers cannot decrypt the PIN data without the key, or access to the machine storing the key.
“Most people object to 3DES because it’s an ancient algorithm that was designed as a patch for (now broken) DES until AES was finalized,” Green said via email. “Now we’ve had AES for more than a decade, it’s questionable why we’d be using 3DES.”
Assuming too that Target is compliant with the Payment Card Industry Data Security Standard (PCI-DSS), the mandates there require unique keys for every payment terminal, limiting the scale of risk brought by the breach, which resulted in 40 million debit and credit card numbers being stolen. The attackers, Green wrote in a blog post, would have to hit every terminal to have all the PIN data, or hack the processors.
PCI also requires four-digit PINs to be padded to add complexity to the data being encrypted. Four-digit PINs are child’s play for a brute force attack since there are only 10,000 possible combinations. Padding and salting the PIN data raises the cost of decrypting the data for an attacker. These techniques require using part of the credit card number as part of the key encrypting the PIN.
“Done this way, every PIN number now decrypts to a different value. If they did this, then it would indeed be the same as if no PIN information were stolen at all,” wrote Robert Graham, a researcher with Errata Security.
Green, meanwhile, described a number of possible encryption formats for PIN data. One involves the use of the XOR cipher on the PIN data with the last 12 digits of the card number, and encrypting the rest using 3DES in ECB mode. Another involves stringing the PIN with a transaction number that is then encrypted using 3DES in ECB mode. The final format involves padding random bytes onto the PIN and then encrypting. All three methods, Green said, prevent two users with the same PIN having their data encrypt to the same value under the same key.
“ECB mode has many flaws, but one nice feature is that the encryption of two different values (even under the same key) should lead to effectively unrelated ciphertexts,” Green wrote. “This means that even an attacker who learns the user’s PAN shouldn’t be able to decompose the encrypted PIN without knowledge of the key.”
All that said, the derision levied against 3DES was intense for days after Target’s announcement. Green noted that two-key 3DES will be banned for FIPS-certified products after next year because the 112-bit key was too short; three-key is 168 bits and is FIPS approved.
Green added that some impractical attacks are possible against 3DES, largely because its block size is 64 bits long, something that 128-bit AES eliminates.
“There are some impractical attacks on 3DES that dramatically reduce its key strength,” Green said. “However these are way too expensive to use in practice, and they only reduce the key strength to a level that’s still pretty large (168 down to 112 bit).”
The Syrian Electronic Army took advantage of the relative calm of New Year’s Day to make a loud statement about the NSA’s surveillance program and Microsoft’s alleged participation in it. The group compromised the Twitter account and blog of Microsoft’s Skype service and posted anti-surveillance messages on both, which were later removed.
On Wednesday afternoon, the official Skype account on Twitter posted a message that accused Microsoft of monitoring users’ Hotmail and Outlook.com email traffic and selling it to the government.
“Don’t use Microsoft emails (hotmail,outlook), They are monitoring your accounts and selling the data to the governments,” the message said. It was later removed from the Skype Twitter feed. Shortly thereafter, Microsoft officials regained control of the account and apologized to users for the attack.
“You may have noticed our social media properties were targeted today. No user info was compromised. We’re sorry for the inconvenience,” the message said.
Microsoft, along with other tech players such as Google, Apple and Yahoo, have been implicated in some of the leaks from former NSA contractor Edward Snowden regarding the agency’s surveillance capabilities. Some of the leaks have suggested that those companies have provided direct access to their networks or services to the NSA, an allegation that all of the companies have denied. Officials from those companies have said that they only provide information when required by law or a court order.
The SEA attackers also posted a similar message on the official Skype blog. The SEA has claimed responsibility for a long list of attacks in the last couple of years, including compromises of the New York Times and the Washington Post. The group has specialized in compromising the social media accounts of a variety of old-school media organizations and often espouses messages in support of the Syrian government, which has been under fire.
The Federal Election Commission (FEC), the government agency that keeps track of money raised each term by candidates and political action committees, is highly vulnerable to intrusions and data breaches according to a recent audit that discovered “significant deficiencies” in the FEC’s IT security program.
The concerns stem from an audit (.PDF) that surfaced online this week administered by Maryland-based Leon Snead & Company earlier this month.
The report notes the FEC must “fundamentally change its governance and management approach and adopt a risk-based IT security program” that meets the best practices laid out by the National Institute of Standards and Technology (NIST).
The audit calls out the FEC for only following NIST best practices “when applicable” and is urging the agency to be more like the Government Accountability Office (GAO), which like the FEC is technically exempt from the Federal Information Security Management Act (FISMA), but still adheres to NIST’s guidelines.
The FEC has asserted that it makes its own discretionary decisions on when to implement “government-wide IT security requirements,” yet the audit, which covered the FEC’s fiscal year ending September 2013, failed to find any semblance of a security review policy at the agency.
The audit follows news earlier this month that Chinese hackers thoroughly compromised the FEC’s networks during the United States government shutdown in October.
Those revelations came in the form of a six-month study by the Center for Public Integrity that culminated with an in depth report on December 17.
While the China hacks aren’t addressed in the audit, they are corroborated when the report acknowledges that servers “have been penetrated at the highest levels of the agency.”
The audit brings up a few other times the agency was attacked, including an occasion in May 2012 when a commissioner’s account was compromised and the computer was infected with malware for an eight-month period. That intrusion could have given attackers access to subpoenas, reports and sensitive financial information but the agency was never able to verify whether any data was stolen.
Outside contractors analyzed the attack in October 2012 and even gave the FEC guidance on how to eliminate future threats yet one year later the audit still found that the agency still hadn’t gotten the ball rolling on implementing the bulk of the recommendations.
The audit gets into a slew of other security concerns for the agency before it’s through, including poor password management (many users have been granted non-expiring passwords) and the agency’s depreciated vulnerability scanning program. Consultants are urging the FEC to address all of the issues in the coming new year.
Researchers demonstrated yesterday at the Chaos Communication Congress in Hamburg that they could write arbitrary code onto various SD memory cards, a hack that could give attackers the ability to perform man-in-the-middle attacks on devices housing the cards, as well as give users access to an inexpensive source of powerful and programmable microcontrollers.
Sean Cross, who goes by the hacker handle of xobs, and Dr. Andrew Huang, aka Bunnie, focused on managed flash devices including microSD, SD, MMC, eMMC, and iNAND devices. These are generally soldered onto the mainboards of smartphones for the purpose of storing operating system and other private user data, according to Huang. Similar vulnerabilities exist in related USB flash drives and SSDs.
More specifically, the researchers examined Appotech’s AX211 and AX215 products.
Flash memory has a number of performance issues, but it’s also inexpensive–0.1 nanodollars-per-bit to be exact. Huang claims that flash memory devices almost always contain bad memory blocks. The manufacturers work around this problem by implementing computation error correction algorithms that essentially create the illusion of perfect data to the user.
Huang explained at the conference that with flash memory you are not really storing your data; what you are storing is a probabilistic approximation of your data.
“The illusion of a contiguous, reliable storage media is crafted through sophisticated error correction and bad block management functions,” Huang explained in a related blogpost. “This is the result of a constant arms race between the engineers and mother nature; with every fabrication process shrink, memory becomes cheaper but more unreliable. Likewise, with every generation, the engineers come up with more sophisticated and complicated algorithms to compensate for mother nature’s propensity for entropy and randomness at the atomic scale.”
Problematically, the algorithms that create this illusion are highly customized depending on the quality of the flash memory in each chip. Because of this, the manufacturers can’t correct the imperfections on the operating system or application level. Instead, they install fairly powerful microcontrollers onto each flash memory disk. In this case, the researchers worked with Intel 8051 microcontrollers.
“It’s probably cheaper to add these microcontrollers than to thoroughly test and characterize each flash memory chip,” Huang wrote, “which explains why managed flash devices can be cheaper per bit than raw flash chips, despite the inclusion of a microcontroller.”
The quality of flash memory chips varies widely from chip to chip. Sometimes companies build the chips with high-quality, new silicon. Sometimes the companies build flawed chips with recycled parts. In either case, these computational error correction algorithms are designed to make up for whatever level of deficiencies are present in the chips.
As the researchers said in their demo, if a company has a 16 GB flash SD card with 14 GB of bad memory blocks, then the manufacturer will apply their ECC algorithm, determine where the bad blocks are located, and sell the chip as a 2 GB SD card.
These microcontrollers must be able to handle vast numbers of hardware abstraction layers in order to accept firmware updates and ultimately process the unique algorithmic requirements of each flash implementation, especially for cases where third parties are handling the chips.
Huang and Cross discovered they could send a “knock” sequence with a manufacturer-designated command they found on a spec-sheet after searching around on the Chinese search engine Baidu. The command itself, followed by ‘A.P.P.O’ (the first four letters of Appotech) initiated the firmware loading mode on the chip. Once that process began, the chip would accept 512 bytes and run that data as code.
In other words, the maker of these particular chips, and likely a whole slew of others, is not adequately securing the firmware update process.
From this point, the researchers reverse engineered the 8051 controller and managed to build new applications for the controller without access to the manufacturer’s documentation.
“Most of this work was done using our open source hardware platform, Novena, and a set of custom flex circuit adapter cards (which, tangentially, lead toward the development of flexible circuit stickers aka chibitronics)” Huang explained on his blog.
The controllers also process SD commands with interrupt-driven callbacks, which the researchers claim are an ideal location to perform man-in-the-middle attacks. These attacks Huang says, would be difficult to detect because there is no standard protocol to inspect the contents of the code running on these microcontrollers.
“Those in high-risk, high-sensitivity situations should assume that a “secure-erase” of a card is insufficient to guarantee the complete erasure of sensitive data,” Huang warns. “Therefore, it’s recommended to dispose of memory cards through total physical destruction (e.g., grind it up with a mortar and pestle).”
In terms of practical attacks, the vulnerability could offer an attacker the ability to eavesdrop. For example, an attacker could program a chip to report a smaller data-capacity than the actual capacity of the chip. While a seller of counterfeit chips may want to do the opposite of this (have the chip report a capacity larger than the actual capacity), a would-be eavesdropper may want to keep a user in the dark about the chip’s full storage capacity in order to sequester data to hidden, not erasable sections of the chip. A chip with more storage than advertised could be programed to secretly copy all its data to a hidden store that would be nearly impossible to remove from a chip other than by physically destroying it.
During the demo, Huang also warned of a potential time-of-check to time of use attack. A knowledgable attacker could present one version of a file for verification and a totally different (read: malicious) file for execution. An attacker could also perform selective modification attacks as well, swapping secure random number generators, binaries, or keys for unsecured ones.
On a less malicious note, Huang writes that the research opens up a cheap avenue for hackers and hardware enthusiasts customize the controllers for heir own purposes.
“An Arduino, with its 8-bit 16 MHz microcontroller, will set you back around $20. A microSD card with several gigabytes of memory and a microcontroller with several times the performance could be purchased for a fraction of the price. While SD cards are admittedly I/O-limited, some clever hacking of the microcontroller in an SD card could make for a very economical and compact data logging solution for I2C or SPI-based sensors.”
You can find a link to the demonstration slides here and watch the actual demo itself below:
One of the revelations from latest Snowden document leaks described how the U.S. National Security Agency was able to intercept Microsoft Windows Error Reporting logs in order to fingerprint machines for potential compromise.
The German publication Der Spiegel says the documents indicated the NSA uses its XKeyscore tool to intercept the Windows crash reports. Making matters worse, the reports are sent unencrypted to Microsoft and Windows machines post-XP have this feature turned on by default. Windows admins must change a Group Policy setting in order to force encryption upon the initial transmission.
Reports of XKeyscore, meanwhile, surfaced in July hours before NSA Director Gen. Keith Alexander delivered the keynote address at the annual Black Hat Briefings in Las Vegas. Whistleblower Edward Snowden shared training materials with The Guardian that instruct agency analysts how to mine the agency’s vast intelligence databases for terrorism targets in the U.S. and abroad.
The crash reports, also known as Dr. Watson reports, are a wealth of system data, similar to what some strains of malware use in targeted attacks in order to identify potential system, network and application weaknesses that can be used to move laterally through an enterprise or government agency network.
Not only are these reports sent when there is a Windows crash, but also when there is a hardware change—and that includes the first-time use of a new USB device, including mobile devices. Researchers at Websense said the reports are sent over HTTP and the information includes the timestamp information, device manufacturer, identifier and revision, along with host computer information such as default language, operating system service pack and update version, hardware manufacturer, model and name, as well as BIOS version and unique machine identifier.
The Der Spiegel report says the NSA’s Tailored Access Operations (TAO) unit, a team of elite and young hackers, will use these identifiers to monitor for system crashes and learn about potential vulnerabilities that can be exploited.
Microsoft has more than one billion PCs on the planet reporting this information, and according to Websense director of security research Alex Watson, 80 percent do so in the clear. The reports aid Microsoft in improving the user experience but also identify bugs in Windows code that need attention. While IT security teams can leverage this information to understand soft spots on their networks, government agencies and nation state attackers can do the same.
“What these crash reports are—when you get enough of them—they create a blueprint of the applications running on a network that could be used by a skilled adversary to develop or deliver very specific attacks with a low chance of getting detected,” Watson said.
These Windows Error Reporting logs are different from the application crash reports that users are familiar with. For example, when Outlook or Internet Explorer crashes, users are presented with a dialog box and have the option of sending a crash report to Microsoft and asking Microsoft to find a solution. The Windows Error Reporting feature is different and is on by default; admins must opt-out of sending them to Microsoft, Watson said.
“This is for hardware changes or plugging in a USB device—which is considered to be a hardware change—it could be a thumb drive, anything you could think of and that will send that information to Microsoft without requiring that user to click ‘Yes,’” Watson said. “That is assuming the default setting [is on]— that you’re participating in the error program.”
Microsoft can reach back to the computer in question for a memory dump or core dump of the application when it crashed in order to further research the problem. Those requests and transmissions are encrypted using TLS 1.1 or 1.2 if available, protecting any sensitive information stored by Windows or an application such as log-in credentials. The first stage, however, is likely sent in the clear for performance reasons, Watson said.
The risk is, however, not necessarily if an attacker is on your computer or whether the machine is infected; chances are the attacker has already fingerprinted the compromised machine in order to hack it. Where the data is vulnerable is upstream as it’s sent between the machine and Microsoft, for example through a proxy or untrusted ISP used by multinational organizations.
“You would know exactly what applications were running on a network,” Watson said. “You could craft specific exploits or just pick the highest chance of likelihood of success of exploit and get the application and OS environment of your target.”
Watson said he hopes the revelations will raise awareness of the problem—which he believes is low in regard to IT managers being aware of the content of the reports and that they’re sent in the clear. He also hopes to encourage admins to look at these logs as a tool in the fight against advanced threats and use them as means of finding indicators a network has been compromised.
“When you’re executing an attack, there is going to be evidence or collateral damage happening as you move through the network,” Watson said. “You’re forcing a program to crash and then execute code in an order that’s not meant to happening. Exploits generate error report logs so we’ve been doing a lot of research into error report logs that are indicators of an advanced attack versus IE crashing on a webpage it doesn’t know how to render. This could be the first indicator of an attack.”
Websense said it has reported the issue to Microsoft through its MAPP partner sharing program, and added that it is also working with other vendors on similar reporting weaknesses in other massively distributed applications.
“By no means is Microsoft the only culprit that’s leaking information,” Watson said. “A lot of widely deployed applications, browsers and things like that, are at risk of leaking information.”
Cryptographer, developer and activist Jacob Appelbaum took to the pages of Germany’s Der Spiegel and the keynote dais of the 30th Chaos Communication Congress this weekend to deliver a damning expose of the catalog of backdoors, monitoring programs and products that potentially have and could be compromised by the National Security Agency.
Appelbaum’s hour-long keynote, culled from top-secret agency documents provided by Edward Snowden and written about in the German publication, described the scale of surveillance the NSA has and hopes to achieve worldwide.
“Their goal is to have total surveillance of everything they’re interested in. There really is no boundary to what they want to do,” Appelbaum said. “There is only sometimes a boundary of what they are funded to do and the amount of things they are able to do at scale. They seem to do [those things] without thinking too much about it. And there are specific tactical things where they have to target a group or individual, and those things seem limited either by budgets or simply by their time.”
Appelbaum described the intricacies of the agency’s dragnet surveillance system carried out by an elite team of hackers known as the agency’s Tailored Access and Operations unit, or TAO, whose job is to break down or scale digital hurdles standing between the agency and data it wishes to collect, store and analyze, Appelbaum said. The system is threefold, starting with a passive, deep-packet inspection system known as TURMOIL that feeds data into another system called TURBINE that turns loose any number of off-the-shelf or zero-day exploits that are injected into a data stream to compromise a vulnerable machine.
At the hub is a third component known as QFIRE that Appelbaum said uses nodes known as diodes to regionally compromise home routers and other available equipment to inject attacks into packets before they reach their destination, exploiting a race condition.
“For these systems to exist, we have been kept vulnerable,” Appelbaum said, referring to the government’s practice of buying vulnerabilities and exploits from brokers under non-disclosure agreements that the vulnerabilities will be kept from the vendor in question and, as a result, never patched. “The NSA has retarded the process by which we secure the Internet because it has established a hegemony of power in secret to do these things.”
Appelbaum also showed top-secret slides and provided information from documents stolen by Snowden while working as a NSA contractor that describe a number of tools used for surveillance not only to exploit endpoints and networks, but to link contacts between targets, maintain persistence and monitor communication such as phone calls, email and Internet surfing and searches.
Appelbaum also went into more detail about the FoxAcid program, which was first described in October by Bruce Schneier in the pages of the Guardian. FoxAcid matches vulnerabilities found on a particular compromised system with any number of attacks available at the NSA’s disposal. Appelbaum exposed a number of QUANTUM-X tools that include everything from the NSA’s stockpile of zero days, to tools that tamper with security measures such as host-based intrusion detection, to man-on-the-side attacks that exploit the lack of encryption on certain Internet services. He also brought up a program called QUANTUMCOPPER which he equated to the NSA’s version of the Great Firewall of China, except it could interfere with TCP/IP and file uploads and more for the entire planet.
Appelbaum also showed slides describing compromises for server hardware from a number of vendors including Dell and Sun at the BIOS level. He explained the exploits work on a number of platforms, including Windows, Linux, FreeBSD and Sun’s Solaris UNIX OS. By name, he said Dell PowerEdge commodity servers (1850, 1950, 2850 and 2950) are vulnerable to BIOS-level attacks, and HP Proliant servers are vulnerable to another exploit that enables the agency to siphon data. All of these attackers are possible, he said, because the NSA tampers with hardware either in shipping or via physical access.
Mobile exploits were also among the trove of information in the documents, specifically targeting Apple iOS devices and Windows CE devices that allowed for complete compromise of the phones in question.
Appelbaum said the TAO unit is younger than average NSA staff and that the agency has tapped into the geek generation, actively recruiting at hacker conferences such as DefCon where Director Keith Alexander spoke two summers ago. Appelbaum wrote that the TAO unit has units in five states nationwide.
Their activities, meanwhile, have transformed the agency into the most powerful such-organization in the world, Appelbaum said, adding that the majority of U.S. legislators are not skilled enough to adequately discuss and propose solutions.
“Encrypting the Internet ends it all in a sense, but it will come back in another sense,” he said. “We need a marriage of a technical and political solution. We don’t have those two things yet so we’re stuck here. At the moment, I feel the NSA has more power than any one person or agency in the world.”
UPDATE: A Turkish hacking group compromised and defaced over the weekend the website of OpenSSL, an open-source SSL and TLS encryption implementation resource.
The website Zone-H is hosting a mirror of the defacement, in which the hacking group responsible for the attack posted the following message: “TurkGuvenligiTurkSec Was Here @turkguvenligi + we love openssl _.”
OpenSSL posted an advisory on its website yesterday confirming the compromise and announcing that the source repositories are verified and unaffected.
“Initial investigations show that the attack was made via hypervisor through the hosting provider and not via any vulnerability in the OS configuration,” OpenSSL has since written on their site. “Steps have been taken to protect against this means of attack in future.”
Little is known about the hacking group claiming responsibility for the defacement other than that the group is reportedly known as TurkGuvengli. In the defacement, the group seems to express its support for OpenSSL.
A successful attack targeting OpenSSL is concerning because the core mission of the volunteer-run service is to implement strong encryption for whichever Web-properties and services are interested in bolstering their security. If what is known now about the attack remains true, namely that it had no impact on OpenSSL’s code repositories, then it seems that the attack was little more than a site defacement.
“The source repositories have been checked and they were not affected” OpenSSL wrote. “Other than the modification to the index.html page (which was restored a few minutes after we became aware of the attack) no changes to the website had been made.”
OpenSSL is promising to release more details about the hack once they complete their investigation. We will update this story with any details as they become available.
It’s that most wonderful time of the year, the time when everyone with access to an email machine puts together a list of the best or worst of whatever happened in the last 12 months. In the computer security world, there is no doubt that such a list would find NSA stories in places one through infinity times infinity. So rather than trying to rank the NSA revelations on any sort of scale, we’ve put together an admittedly simplified list of some of the more interesting NSA-related stories to emerge in 2013.
Least Surprising NSA Capability: Breaking/Subverting Crypto
A major part of the agency’s mission since its inception has been the development of cryptographic capabilities, both on the offensive and defensive sides of the fence. In this, it is the technological and logical descendant of the Black Chamber and the Office of Strategic Services, which operated nearly a century ago. Breaking and making ciphers has been a vital part of intelligence for thousands of years, and the advent of computer-based cryptography has had a profound effect on both of those functions. The NSA has been involved in the development of new protocols and cryptosystems for decades and it employs an unknown but presumably rather large cadre of cryptographers and mathematicians who also work on defeating existing systems. There have been suspicions, rumors and dark jokes about the agency having backdoored any number of encryption algorithms and products floating around the security industry for a long time, and some of the most outlandish of those conjectures have now been revealed as truth. The NSA reportedly subverted the development of a random-number generator known as Dual EC_DRBG that is used in a number of prominent crypto products. That maneuver gave the agency secret access to the affected products and caused RSA to warn developers to use a different RNG and even prompted NIST to issue guidance telling people to avoid Dual EC_DRBG, too. In addition, the NSA also developed a number of unspecified capabilities to defeat SSL, something that is perhaps even more worrisome. As concerning as these revelations are, they shouldn’t come as much of a surprise, given the NSA’s mission, its massive budget and its highly specialized staff of scientists, cryptographers and security experts. It’s what they do, and they’re really, really good at it.
Most Surprising NSA Capability: Defeating the Collective Security Prowess of Silicon Valley
Some of the earliest leaks to emerge from the Edward Snowden cache described a program called PRISM that granted the NSA “direct access” to networks run by Google, Yahoo, Microsoft and many other companies. That direct access was quickly interpreted to mean that those companies were giving the agency data links to their servers through which the NSA could collect traffic on targets. The affected companies quickly rose up and denied this, and only later was it revealed that “direct access” came in the form of tapping undersea cables that carry unencrypted traffic between data centers around the world. That revelation triggered an immediate response from Google, Microsoft and Yahoo, who said that they would be encrypting that traffic in the near future, and some engineers from Google also had some choice words for the NSA’s in-house hackers. In the words of Google’s Mike Hearn, “The traffic shown in the slides below is now all encrypted and the work the NSA/GCHQ staff did on understanding it, ruined.”
Weirdest NSA Revelation: The Fort Meade Spy Tools Wish Book
The oddest bit of information to come out of the NSA drama was saved for the end of the year. Just this past weekend, Germany’s Der Spiegel reported the existence of a an internal catalog of hardware and software tools that the agency can provide. This is the Sears & Roebuck catalog of attack tools. Shoppers, which likely include internal NSA departments as well as other intelligence agencies, can buy malware for infiltrating various firewalls and routers, as well as more exotic products. “Computer bugging devices disguised as normal USB plugs, capable of sending and receiving data via radio undetected, are available in packs of 50 for over $1 million,” Der Spiegel reported. Q would be jealous.
Most Interesting Quotes on the NSA Drama
“Trust the math. Encryption is your friend.” — Bruce Schneier in The Guardian
“Software is almost always broken, but standards — in theory — get read by everyone. It should be extremely difficult to weaken a standard without someone noticing.” — Matthew Green on the subversion of NIST standards
“We need to know what the hell has been going on here…There’s something totally crazy about this.” — journalist Carl Bernstein on the allegations that NSA has monitored the phones of European leaders
“That stealing your stuff thing, we did a lot of that [at the NSA]. Actually, I’d like to think we’re number one. But we stole stuff to keep you safe.” — Michael Hayden, former NSA director, speaking days before the first of the Snowden leaks emerged
“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying it and analyzing it without judicial approval,” — U.S. District Court Judge Richard J. Leon in a ruling on the NSA metadata program
“We want to demonstrate that we have a front door, that we have transparency and we take it seriously. This is a huge step forward, and there’s more we have to do in terms of pushing information to the press.” — Gen. Keith Alexander, director of the NSA
Most Interesting People to Emerge From the NSA Story: Jacob Appelbaum and Matthew Green
The cast of characters who have been involved in various pieces of the NSA theatrics is staggering. From journalists to politicians to cryptographers to world leaders to judges to systems administrators in Hawaii. Each has played a part in the drama, but the most consistently interesting and informative people involved in one way or another have been Appelbaum and Green. Appelbaum is a long-time fixture in the security community, well-known for his activism on human rights and anonymity. But as part of the analysis of the Snowden documents, he has also written some of the stories on the revelations, including as a co-author of the piece in Der Spiegel on the NSA catalog. Green, a research professor at Johns Hopkins University, has produced some of the more illuminating and thoughtful analysis of the documents, especially when it came to the technical bits involving encryption and the NSA’s capabilities against various protocols and cryptosystems. If you need to know how to think about what’s going on and what it all means, you won’t find better sources than Appelbaum and Green.
Further reading: A Few Thoughts on Cryptographic Engineering
After claiming the makers of SnapChat repeatedly ignored their disclosures over a period of four months, Gibson Security recently published the full details of a pair of bugs in the photo and video sharing application. One could give an attacker the ability to connect phone numbers with usernames on a massive scale, while another could enable the creation fake accounts.
The researchers claim their exploits impact the latest version of SnapChat on the iOS and Android operating systems.
The so-called “find_friends” exploit essentially gives any logged in user the ability to enter a random (or not so random) U.S. phone number and figure out if there is a SnapChat account associated with that number.
This is the bug that Gibson Security claims to have disclosed to SnapChat back in August. The researchers claim that SnapChat has done nothing to fix the issue in the meantime.
With a little quick math, the researchers claim they could burn through 292 million standard, U.S.-style phone numbers in a month with their specially made python script and a virtual server. Whichever of these hundreds of millions of numbers are associated with a SnapChat accounts would be known to the attacker running the script.
The second exploit, though the researchers claim it is less of an exploit and more an issue with lax registration controls, could allow anyone to create account with two simple requests: “/bq/register” and “/ph/registeru.”
Gibson Security researchers told ZDNet that malefactors could potentially use the second, mass registration exploit to create thousands of accounts in order to disseminate spam and other bad things.
Regarding the friend finding exploit, they also told ZDNet’s Violet Blue, who broke the story on Dec. 25, that an attacker could leverage the very public SnapChat API along with their exploit to easily pair registered numbers and the usernames associated with them – whether those user accounts are private.
SnapChat is a photo and video sharing service whose selling point is that shared photos and videos are ephemeral. Once a ‘Snap’ is opened by the recipient, it is viewable for ten or so seconds before disappearing forever. Because of this, SnapChat reputedly used as a mechanism for for sharing lewd photos. Of course, the claim that the photos are temporarily viewable is dubious at best. Recipients can easily take a screenshot of a snap and there are even applications that allow recipients to save snaps altogether. Beyond that even, reports emerged in October that the company was sharing data with law enforcement when compelled to do so, further stressing the claim that all photos are deleted.