Schneier on Security
A blog covering security and security technology.
March 2011 Archives
Comodo Group Issues Bogus SSL Certificates
This isn't good:
The hacker, whose March 15 attack was traced to an IP address in Iran, compromised a partner account at the respected certificate authority Comodo Group, which he used to request eight SSL certificates for six domains: mail.google.com, www.google.com, login.yahoo.com, login.skype.com, addons.mozilla.org and login.live.com.
Fake certs for Google, Yahoo, and Skype? Wow.
This isn't the first time Comodo has screwed up with certificates. The safest thing for us users to do would be to remove the Comodo root certificate from our browsers so that none of their certificates work, but we don't have the capability to do that. The browser companies -- Microsoft, Mozilla, Opera, etc. -- could do that, but my guess is they won't. The economic incentives don't work properly. Comodo is likely to sue any browser company that takes this sort of action, and Comodo's customers might as well. So it's smarter for the browser companies to just ignore the issue and pass the problem to us users.
FBI Asks for Cryptanalysis Help
How Peer Review Doesn't Work
In this amusing story of a terrorist plotter using pencil-and-paper cryptography instead of actually secure cryptography, there's this great paragraph:
Despite urging by the Yemen-based al Qaida leader Anwar Al Anlaki, Karim also rejected the use of a sophisticated code program called "Mujhaddin Secrets", which implements all the AES candidate cyphers, "because 'kaffirs', or non-believers, know about it so it must be less secure".
New paper by Ross Anderson: "Can We Fix the Security Economics of Federated Authentication?":
There has been much academic discussion of federated authentication, and quite some political manoeuvring about ‘e-ID’. The grand vision, which has been around for years in various forms but was recently articulated in the US National Strategy for Trustworthy Identities in Cyberspace (NSTIC), is that a single logon should work everywhere . You should be able to use your identity provider of choice to log on anywhere; so you might use your driver’s license to log on to Gmail, or use your Facebook logon to file your tax return. More restricted versions include the vision of governments of places like Estonia and Germany (and until May 2010 the UK) that a government-issued identity card should serve as a universal logon. Yet few systems have been fielded at any scale.
Interesting article on William Friedman and biliteral ciphers.
Friday Squid Blogging: Squid Fabric Designs
Some of these are actually nice.
Authenticating the Authenticators
This is an interesting read:
It was a question that changed his life, and changed mine, and may have changed -- even saved -- all of ours by calling attention to flaws in our nuclear command and control system at the height of the Cold War. It was a question that makes Maj. Hering an unsung hero of the nuclear age. A question that came from inside the system, a question that has no good answer: How can any missile crewman know that an order to twist his launch key in its slot and send a thermonuclear missile rocketing out of its siloa nuke capable of killing millions of civiliansis lawful, legitimate, and comes from a sane president?
Any chain of authentication ultimately rests on trust; there's no way around it.
Identifying Tor Users Through Insecure Applications
Interesting research: "One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users":
Abstract: Tor is a popular low-latency anonymity network. However, Tor does not protect against the exploitation of an insecure application to reveal the IP address of, or trace, a TCP stream. In addition, because of the linkability of Tor streams sent together over a single circuit, tracing one stream sent over a circuit traces them all. Surprisingly, it is unknown whether this linkability allows in practice to trace a significant number of streams originating from secure (i.e., proxied) applications. In this paper, we show that linkability allows us to trace 193% of additional streams, including 27% of HTTP streams possibly originating from ``secure'' browsers. In particular, we traced 9% of Tor streams carried by our instrumented exit nodes. Using BitTorrent as the insecure application, we design two attacks tracing BitTorrent users on Tor. We run these attacks in the wild for 23 days and reveal 10,000 IP addresses of Tor users. Using these IP addresses, we then profile not only the BitTorrent downloads but also the websites visited per country of origin of Tor users. We show that BitTorrent users on Tor are over-represented in some countries as compared to BitTorrent users outside of Tor. By analyzing the type of content downloaded, we then explain the observed behaviors by the higher concentration of pornographic content downloaded at the scale of a country. Finally, we present results suggesting the existence of an underground BitTorrent ecosystem on Tor.
Detecting Words and Phrases in Encrypted VoIP Calls
Abstract: Although Voice over IP (VoIP) is rapidly being adopted, its security implications are not yet fully understood. Since VoIP calls may traverse untrusted networks, packets should be encrypted to ensure confidentiality. However, we show that it is possible to identify the phrases spoken within encrypted VoIP calls when the audio is encoded using variable bit rate codecs. To do so, we train a hidden Markov model using only knowledge of the phonetic pronunciations of words, such as those provided by a dictionary, and search packet sequences for instances of specified phrases. Our approach does not require examples of the speaker's voice, or even example recordings of the words that make up the target phrase. We evaluate our techniques on a standard speech recognition corpus containing over 2,000 phonetically rich phrases spoken by 630 distinct speakers from across the continental United States. Our results indicate that we can identify phrases within encrypted calls with an average accuracy of 50%, and with accuracy greater than 90% for some phrases. Clearly, such an attack calls into question the efficacy of current VoIP encryption standards. In addition, we examine the impact of various features of the underlying audio on our performance and discuss methods for mitigation.
Transmitting Data Through Steel
This is cool:
Tristan Lawry, doctoral candidate in electrical and computer engineering, has developed equipment which can transmit data at high rates through thick, solid steel or other barriers. Significantly, Lawry's kit also transmits power. One obvious application here would be transmission through the steel pressure hull of a submarine: at the moment such hulls must have hundreds of penetrations for power and data cables, each one adding expense, weight and maintenance burden.
What's interesting is that this technology can be used to transmit through TEMPEST shielding.
If you had the through-metal technology now reinvented by Lawry, however, your intruder -- inside mole or cleaner or pizza delivery, whatever -- could stick an unobtrusive device to a suitable bit of structure inside the Faraday cage of shielding where it would be unlikely to be found. A surveillance team outside the cage could stick the other half of the kit to the same piece of metal (perhaps a structural I-beam, for instance, or the hull of a ship) and they would then have an electronic ear inside the opposition's unbreachable Faraday citadel, one which would need no battery changes and could potentially stay in operation for years.
Threats vs. Vulnerabilities
I found this article on the difference between threats and vulnerabilities to be very interesting. I like his taxonomy.
Folk Models in Home Computer Security
This is a really interesting paper: "Folk Models of Home Computer Security," by Rick Wash. It was presented at SOUPS, the Symposium on Usable Privacy and Security, last year.
I'd list the models, but it's more complicated than that. Read the paper.
Times Square Video Screen Hacked with an iPhone
I didn't post about it when I first saw it because I suspected a hoax. Turns out, I was right. It wasn't even two guys faking hacking a Times Square video screen. It was a movie studio faking two guys faking hacking a Times Square video screen.
RSA Security, Inc Hacked
The company, not the algorithm. Here's the corporate spin.
Our investigation has led us to believe that the attack is in the category of an Advanced Persistent Threat (APT). Our investigation also revealed that the attack resulted in certain information being extracted from RSA's systems. Some of that information is specifically related to RSA's SecurID two-factor authentication products. While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.
Here are news articles. The worry is that source code to the company's SecurID two-factor authentication product was stolen, which would possibly allow hackers to reverse-engineer or otherwise break the system. It's hard to make any assessments about whether this is possible or likely without knowing 1) how SecurID's cryptography works, and 2) exactly what was stolen from the company's servers. We do not know either, and the corporate spin is as short on details as it is long on reassurances.
RSA Data Security, Inc. is probably pretty screwed if SecurID is compromised. Those hardware tokens have no upgrade path, and would have to be replaced. How many of the company's customers will replace them with competitors' tokens. Probably a bunch. Hence, it's in RSA's best interest for their customers to forget this incident as quickly as possible.
There seems to be two likely scenarios if the attackers have compromised SecurID. One, they are a sophisticated organization who wants the information for a specific purpose. The attackers actually are on RSA's side in the public-relations spin, and we're unlikely to see widespread use of this information. Or two, they stole the stuff for conventional criminal purposes and will sell it. In that case, we're likely to know pretty quickly.
Again, without detailed information -- or at least an impartial assessment -- it's impossible to make any recommendations. Security is all about trust, and when trust is lost there is no security. User's of SecurID trusted RSA Data Security, Inc. to protect the secrets necessary to secure that system. To the extent they did not, the company has lost its customers' trust.
The security connection is pretty tenuous, so I figured I'd blog this on a Saturday.
Once it infects an ant, the fungus uses as-yet-unidentified chemicals to control the ant's behavior, Hughes told LiveScience. It directs the ant to leave its colony (a very un-ant-like thing to do) and bite down on the underside of a leaf — the ant's soon-to-be resting place. Once it is killed by the fungus, the ant remains anchored in place, thanks to its death grip on the leaf.
Hacking ATM Users by Gluing Down Keys
The thieves glue down the "enter," "cancel" and "clear" buttons on the keypad and wait until the customer goes into the bank for help before withdrawing money from their account.
Hacking Cars with MP3 Files
By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. When played on the car's stereo, this song could alter the firmware of the car's stereo system, giving attackers an entry point to change other components on the car.
Using Language Patterns to Identify Anonymous E-Mail
Interesting research. It only works when there's a limited number of potential authors:
To test the accuracy of their technique, Fung and his colleagues examined the Enron Email Dataset, a collection which contains over 200,000 real-life emails from 158 employees of the Enron Corporation. Using a sample of 10 emails written by each of 10 subjects (100 emails in all), they were able to identify authorship with an accuracy of 80% to 90%.
Video Interview with Me
FBI and the Future of Wiretapping
Last month I posted Susan Landau's testimony before the House Judiciary Committee, Subcommittee on Crime, Terrorism, and Homeland Security on government eavesdropping. In fairness to the other side, here's testimony of Valerie Caproni, General Counsel of the FBI.
Full Body Scanners
Malware as Job Security
A programmer installed malware into the Whack-a-Mole arcade game as a form of job security.
It didn't work.
Criminals Stealing Cars by Calling Tow Trucks
It's a clever hack, but an old problem: the authentication in these sorts of normal operations isn't good enough to prevent abuse.
Recently Declassified NSA History Document
Friday Squid Blogging: Giant Squid Washes Ashore
A giant squid washed ashore in New South Wales.
Interesting Research in Using Animals to Detect Substances
Fascinating research summarized in The Economist. Basically, detecting dogs respond to unconscious cues from their handlers, and generate false alarms because of them.
It makes sense, as dogs are so attuned to humans. I'll bet bomb-sniffing bees don't make the same mistakes.
EDITED TO ADD (3/14): Research paper.
Pickpockets are a Dying Breed
Pickpockets in America are dying out. This is the bit I found interesting:
And perhaps most important, the centuries-old apprenticeship system underpinning organized pickpocketing has been disrupted. Pickpocketing has always perpetuated itself by having older hooks -- nicknamed "Fagins," after the crime boss in Oliver Twist -- teach younger ones the art, and then absorbing them into canons. But due to ratcheted-up law enforcement measures, including heftier sentences (in some states, a pick, defined as theft from the body of another person and charged as a felony regardless of the amount taken) and better surveillance of hot spots and known pickpockets, that system has been dismantled.
NIST SHA-3 News
NIST has finally published its rationale for selecting the five finalists.
Erasing Data from Flash Drives
"Reliably Erasing Data From Flash-Based Solid State Drives," by Michael Wei, Laura M. Grupp, Frederick E. Spada, and Steven Swanson.
Abstract: Reliably erasing data from storage media (sanitizing the media) is a critical component of secure data management. While sanitizing entire disks and individual files is well-understood for hard drives, flash-based solid state disks have a very different internal architecture, so it is unclear whether hard drive techniques will work for SSDs as well.
Powered by Movable Type. Photo at top by Geoffrey Stone.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.