October 2005 Archives

NIST Hash Workshop Liveblogging (3)

I continue to be impressed by the turnout at this workshop. There are lots of people here whom I haven't seen in a long time. It's like a cryptographers' family reunion.

The afternoon was devoted to cryptanalysis papers. Nothing earth-shattering; a lot of stuff that's real interesting to me and not very exciting to summarize.

The list of papers is here. NIST promises to put the actual papers online, but they make no promises as to when.

Right now there is a panel discussing how secure SHA-256 is. "How likely is SHA-256 to resist attack for the next ten years?" Some think it will be secure for that long, others think it will fall in five years or so. One person pointed out that if SHA-256 lasts ten years, it will be a world record for a hash function. The consensus is that any new hash function needs to last twenty years, though. It really seems unlikely that any hash function will last that long.

But the real issue is whether there will be any practical attacks. No one knows. Certainly there will be new cryptanalytic techniques developed, especially now that hash functions are a newly hot area for research. But will SHA-256 ever have an attack that's faster than 280?

Everyone thinks that SHA-1 with 160 rounds is a safer choice than SHA-256 truncated to 160 bits. The devil you know, I guess.

Niels Ferguson, in a comment from the floor, strongly suggested that NIST publish whatever analysis on SHA-256 it has. Since this is most likely by the NSA and classified, it would be a big deal. But I agree that it's essential for us to fully evaluate the hash function.

Tom Berson, in another comment, suggested that NIST not migrate to a single hash function, but certify multiple alternatives. This has the interesting side effect of forcing the algorithm agility issue. (We had this same debate regarding AES. Negatives are: 1) you're likely to have a system that is as strong as the weakest choice, and 2) industry will hate it.)

If there's a moral out of the first day of this workshop, it's that algorithm agility is an essential feature in any Internet protocol.

Posted on October 31, 2005 at 4:00 PM22 Comments

NIST Hash Workshop Liveblogging (2)

In the morning we had a series of interesting papers: "Strengthening Digital Signatures via Randomized Hashing," by Halevi and Krawczyk; "Herding Hash Functions and the Nostradamus Attack," by Kelsey and Kohno; and "Collision-Resistant usage of MD5 and SHA-1 via Message Preprocessing," by Szydlo and Yin. The first and third papers are suggestions for modifying SHA-1 to make it more secure. The second paper discusses some fascinating and cool, but still theoretical, attacks on hash functions.

The last session before lunch was a panel discussion: "SHA-1: Practical Security Implications of Continued Use." The panel stressed that these are collision attacks and not pre-image attacks, and that many protocols simply don't care. Collision attacks are important for digital signatures, but less so for other uses of hash functions. On the other hand, this difference is only understood by cryptographers; there are issues if the public believes that SHA-1 is "broken."

Niels Ferguson pointed out that the big problem is MD5, which is still used everywhere. (Hell, DES is still everywhere.) It takes much longer to upgrade algorithms on the Internet than most people believe; Steve Bellovin says it takes about one year to get the change through the IETF, and another five to seven years to get it depoloyed. And that's after we all figure out which algorithm they should use.

Georg Illies gave a perspective from Germany, where there is a digital-signature law in effect. In addition to the technology, there are legal considerations that make it harder to switch.

The panel seemed to agree that it's still safe to use SHA-1 today, but that we need to start migrating to something better. It's way easier to change algorithms when you're not in the middle of a panic.

There was more talk about algorithm agility. This problem is larger than SHA. Our Internet protocols simply don't have a secure methodology for migrating from one cryptographic algorithm to another.

Bottom line: Don't use SHA-1 for anything new, and start moving away from it as soon as possible. To SHA-256, probably.

And now it's lunchtime.

Posted on October 31, 2005 at 11:50 AM11 Comments

NIST Hash Workshop Liveblogging (1)

I'm in Gaithersburg, MD, at the Cryptographic Hash Workshop hosted by NIST. I'm impressed by the turnout; a lot of the right people are here.

Xiaoyun Wang, the cryptographer who broke SHA-1, spoke about her latest results. They are the same results Adi Shamir presented in her name at Crypto this year: a time complexity of 263.

(I first wrote about Wang's results here, and discussed their implications here. I wrote about results from Crypto here. Here are her two papers from Crypto: "Efficient Collision Search Attacks on SHA-0" and "Finding Collisions in the Full SHA-1 Collision Search Attacks on SHA1.")

Steve Bellovin is now talking about the problems associated with upgrading hash functions. He and his coauthor Eric Rescorla looked at S/MIME, TLS, IPSec (and IKE), and DNSSEC. Basically, these protocols can't change algorithms overnight; it has to happen gradually, over the course of years. So the protocols need some secure way to "switch hit": to use both the new and old hash functions during the transition period. This requires some sort of signaling, which the protocols don't do very well. (Bellovin's and Rescorla's paper is here.)

Posted on October 31, 2005 at 9:02 AM8 Comments

Limits on Police Tracking People with Cell Phones

Interesting news:

Federal law enforcement attempts to use cell phones as tracking devices were rebuked twice this month by lower court judges, who say the government cannot get real time tracking information on citizens without showing probable cause.

Posted on October 31, 2005 at 8:09 AM17 Comments

DMCA Review

The Copyright Office of the U.S. Library of Congress is conducting its required regular review of the anti-circumvention provisions of the Digital Millennium Copyright Act. Comments can be submitted over the Internet, and are due December 1st.

Good information on the DMCA can be found here, here, and here.

Posted on October 28, 2005 at 3:47 PM12 Comments

Convicted Felons with Big Dogs

Here's a security threat I'll bet you never even considered before: convicted felons with large dogs:

The Contra Costa County board of supervisors [in California] unanimously supported on Tuesday prohibiting convicted felons from owning any dog that is aggressive or weighs more than 20 pounds, making it all but certain the proposal will become law when it formally comes before the board for approval Nov. 15.

These are not felons in jail. These are felons who have been released from jail after serving their time. They're allowed to re-enter society, but letting them own a large dog would be just too much of a risk to the community?

Posted on October 28, 2005 at 12:17 PM108 Comments

Preventing Identity Theft: The Living and the Dead

A company called Metacharge has rolled out an e-commerce security service in the United Kingdom. For about $2 per name, website operators can verify their customers against the UK Electoral Roll, the British Telecom directory, and a mortality database.

That's not cheap, and the company is mainly targeting customers in high-risk industries, such as online gaming. But the economics behind this system are interesting to examine. They illustrate externalities associated with fraud and identity theft, and why leaving matters to the companies won't fix the problem.

The mortality database is interesting. According to Metacharge, "the fastest growing form of identity theft is not phishing; it is taking the identities of dead people and using them to get credit."

For a website, the economics are straightforward. It costs $2 to verify that a customer is alive. If the probability the customer is actually dead (and therefore fraudulent) times the average losses due to this dead customer is more than $2, this service makes sense. If it is less, then the service doesn't. For example, if dead customers are one in ten thousand, and they cost $15,000 each, then the service is not worth it. If they cost $25,000 each, or if they occur twice as often, then it is worth it.

Imagine now that there is a similar service that identifies identity fraud among living people. The same economic analysis would also hold. But in this case, there's an externality: there is an additional cost of fraud borne by the victim and not by the website. So if fraud using the identity of living customers occurs at a rate of one in ten thousand, and each one costs $15,000 to the website and another $10,000 to the victim, the website will conclude that the service is not worthwhile, even though paying for it is cheaper overall. This is why legislation is needed: to raise the cost of fraud to the websites.

There's another economic trade-off. Websites have two basic opportunities to verify customers using services such as these. The first is when they sign up the customer, and the second is after some kind of non-payment. Most of the damages to the customer occur after the non-payment is referred to a credit bureau, so it would make sense to perform some extra identification checks at that point. It would certainly be cheaper to the website, as far fewer checks would be paid for. But because this second opportunity comes after the website has suffered its losses, it has no real incentive to take advantage of it. Again, economics drives security.

Posted on October 28, 2005 at 8:08 AM18 Comments

Australia's New Anti-Terrorism Legislation

There's a new Australian anti-terrorism law in the works. It includes such things as:

  • 14-day secret detention without arrest by security services
  • Shoot-to-kill "on suspicion" powers for police
  • Imprisonment and fines for revealing an individual has been the subject of an investigation

News reports are pretty bad.

This draft legislation was not supposed to be public yet, but the Chief Minister of the ACT revealed it on his website last week in defiance of a federal government request not to do so.

Posted on October 27, 2005 at 1:10 PM70 Comments

Eavesdropping Through a Wall

From The New Scientist:

With half a century's experience of listening to feeble radio signals from space, NASA is helping US security services squeeze super-weak bugging data from Earth-bound buildings.

It is easy to defeat ordinary audio eavesdropping, just by sound-proofing a room. And simply drawing the curtains can defeat newer systems, which shine a laser beam onto a glass window and decode any modulation of the reflected beam caused by sound vibrations in the room.

So the new "through-the-wall audio surveillance system" uses a powerful beam of very high frequency radio waves instead of light. Radio can penetrate walls – if they didn't, portable radios wouldn't work inside a house.

The system uses a horn antenna to radiate a beam of microwave energy –between 30 and 100 gigahertz – through a building wall. If people are speaking inside the room, any flimsy surface, such as clothing, will be vibrating. This modulates the radio beam reflected from the surface.

Although the radio reflection that passes back through the wall is extremely faint, the kind of electronic extraction and signal cleaning tricks used by NASA to decode signals in space can be used to extract speech.

Here's the patent, and here's a Slashdot thread on the topic.

Wow. (If it works, that is.)

Posted on October 26, 2005 at 3:12 PM36 Comments

Medical Movie-Plot Threats

Movie-plot threats aren't limited to terrorism. Bird flu is the current movie-plot threat in the medical world:

Just in time for Halloween, the usual yearly ritual of terror by headline is now playing itself out in medical offices everywhere. Last year it revolved around flu shots; a few years ago it was anthrax and smallpox; a few years before that it was the "flesh-eating bacteria"; and before that it was Ebola virus, and Lyme disease and so on back into the distant past. This year it's the avian flu.

"I was crossing Third Avenue yesterday and I was coughing so hard I had to stop and barely made it across," a patient told me last week. "I'm really scared I'm getting the avian flu."

I just looked at him. What could I say? He has smoked two packs of cigarettes a day for the last 50 years. He has coughed and wheezed and gasped his way across Third Avenue now for the last 10 years. His emphysema is not going to get any better, but it might stop getting worse if he were to stop smoking.

Remember when people were seeing terrorist plots under every rock? The same kind of thing is at work here. When something is in the news, people believe it is common. Then they see it everywhere.

Posted on October 26, 2005 at 11:41 AM44 Comments

Terrorists Playing Bingo in Kentucky

One of the sillier movie-plot threats I've seen recently:

Kentucky has been awarded a federal Homeland Security grant aimed at keeping terrorists from using charitable gaming to raise money.

The state Office of Charitable Gaming won the $36,300 grant and will use it to provide five investigators with laptop computers and access to a commercially operated law-enforcement data base, said John Holiday, enforcement director at the Office of Charitable Gaming.

The idea is to keep terrorists from playing bingo or running a charitable game to raise large amounts of cash, Holiday said.

Posted on October 25, 2005 at 3:30 PM31 Comments

Scandinavian Attack Against Two-Factor Authentication

I've repeatedly said that two-factor authentication won't stop phishing, because the attackers will simply modify their techniques to get around it. Here's an example where that has happened:

Scandinavian bank Nordea was forced to shut down part of its Web banking service for 12 hours last week following a phishing attack that specifically targeted its paper-based one-time password security system.

According to press reports, the scam targeted customers that access the Nordea Sweden Web banking site using a paper-based single-use password security system.

A blog posting by Finnish security firm F-Secure says recipients of the spam e-mail were directed to bogus Web sites but were also asked to enter their account details along with the next password on their list of one-time passwords issued to them by the bank on a "scratch sheet".

From F-Secure's blog:

The fake mails were explaining that Nordea is introducing new security measures, which can be accessed at www.nordea-se.com or www.nordea-bank.net (fake sites hosted in South Korea).

The fake sites looked fairly real. They were asking the user for his personal number, access code and the next available scratch code. Regardless of what you entered, the site would complain about the scratch code and asked you to try the next one. In reality the bad boys were trying to collect several scratch codes for their own use.

The Register also has a story.

Two-factor authentication won't stop identity theft, because identity theft is not an authentication problem. It's a transaction-security problem. I've written about that already. Solutions need to address the transactions directly, and my guess is that they'll be a combination of things. Some transactions will become more cumbersome. It will definitely be more cumbersome to get a new credit card. Back-end systems will be put in place to identify fraudulent transaction patterns. Look at credit card security; that's where you're going to find ideas for solutions to this problem.

Unfortunately, until financial institutions are liable for all the losses associated with identity theft, and not just their direct losses, we're not going to see a lot of these solutions. I've written about this before as well.

We got them for credit cards because Congress mandated that the banks were liable for all but the first $50 of fraudulent transactions.

EDITED TO ADD: Here's a related story. The Bank of New Zealand suspended Internet banking because of phishing concerns. Now there's a company that is taking the threat seriously.

Posted on October 25, 2005 at 12:49 PM67 Comments

FBI Abuses of the USA Patriot Act

Since the Patriot Act was passed, administration officials have repeatedly assured the public and Congress that there have not been improper uses of that law. As recently as April 27, 2005, Attorney General Alberto Gonzales testified that "there has not been one verified case of civil liberties abuse."

However:

Documents obtained by EPIC from the FBI describe thirteen cases of possible misconduct in intelligence investigations. The case numbering suggests that there were at least 153 investigations of misconduct at the FBI in 2003 alone.

These documents reveal that the Intelligence Oversight Board has investigated many instances of alleged abuse, and perhaps most critically, may not have disclosed these facts to the Congressional oversight committees charged with evaluating the Patriot Act.

According to The Washington Post

In one case, FBI agents kept an unidentified target under surveillance for at least five years -- including more than 15 months without notifying Justice Department lawyers after the subject had moved from New York to Detroit. An FBI investigation concluded that the delay was a violation of Justice guidelines and prevented the department "from exercising its responsibility for oversight and approval of an ongoing foreign counterintelligence investigation of a U.S. person."

In other cases, agents obtained e-mails after a warrant expired, seized bank records without proper authority and conducted an improper "unconsented physical search," according to the documents.

Although heavily censored, the documents provide a rare glimpse into the world of domestic spying, which is governed by a secret court and overseen by a presidential board that does not publicize its deliberations. The records are also emerging as the House and Senate battle over whether to put new restrictions on the controversial USA Patriot Act, which made it easier for the government to conduct secret searches and surveillance but has come under attack from civil liberties groups.

EPIC received these documents under FOIA, and has written to the Senate Judiciary Committee to urge hearings on the matter, and has recommended that the Attorney General be required to report to Congress when the Intelligence Oversight Board receives allegations of unlawful intelligence investigations.

This week marks the four-year anniversary of the enactment of the Patriot Act. Does anyone feel safer because of it?

EDITED TO ADD: There's a New York Times article on the topic.

Posted on October 25, 2005 at 7:09 AM36 Comments

Supermarket Loyalty Program Used to Pinpoint Location

This is an interesting (six-month-old) story about a supermarket loyalty program.

Person 1 loses a valuable watch in a supermarket. Person 2 finds it and, instead of returning it as required by law, keeps it. Two years later, he brings it in for repair. The repairman checks the serial number against a lost/stolen database. Person 2 doesn't admit he found the watch, but instead claims that he bought it in some sort of used watch store. The police check the loyalty-program records from the supermarket and find that Person 2 was in the supermarket within hours of when Person 1 said he lost the watch.

EDITED TO ADD: Earlier confusion about video surveillance fixed, and two comments pointing out the error deleted. Thank you.

Posted on October 24, 2005 at 1:30 PM30 Comments

ATM Fraud and British Banks

An absolutely great story about phantom ATM withdrawals and British banking from the early 90s. (The story is from the early 90s; it has just become public now.) Read how a very brittle security system, coupled with banks using the legal system to avoid fixing the problem, resulted in lots of innocent people losing money to phantom withdrawals. Read how lucky everyone was that the catastrophic security problem was never discovered by criminals. It's an amazing story.

See also Ross Anderson's page on phantom withdrawals.

Oh, and Alistair Kelman assures me that he did not charge 1,750 pounds per hour, only 450 pounds per hour.

Posted on October 24, 2005 at 7:16 AM30 Comments

Another "Movie Plot" Threat

"Study Reveals Pittsburgh Unprepared for Full-Scale Zombie Attack":

A zombie-preparedness study, commissioned by Pittsburgh Mayor Tom Murphy and released Monday, indicates that the city could easily succumb to a devastating zombie attack. Insufficient emergency-management-personnel training and poorly conceived undead-defense measures have left the city at great risk for all-out destruction at the hands of the living dead, according to the Zombie Preparedness Institute.

"When it comes to defending ourselves against an army of reanimated human corpses, the officials in charge have fallen asleep at the wheel," Murphy said. "Who's in charge of sweep-and-burn missions to clear out infected areas? Who's going to guard the cemeteries at night? If zombies were to arrive in the city tomorrow, we'd all be roaming the earth in search of human brains by Friday."

From The Onion, of course.

Posted on October 22, 2005 at 10:33 AM16 Comments

Private Webcams and the Police

Our surveillance society marches on:

Commercial burglaries have risen in Corona in the past few years. At the same time, security-camera technology has improved, allowing business owners to use Web sites to view their shops or offices from home or while on a trip.

Now the Corona Chamber of Commerce and the Police Department are encouraging businesses with such systems to provide police dispatchers a password so they can see what's going on during an emergency.

How soon before there's a law requiring these webcams to be built with a police backdoor?

Posted on October 20, 2005 at 3:25 PM22 Comments

A "Typical" Terrorist

A simply horrible lead sentence in a Manila Times story:

If you see a man aged 17 to 35, wearing a ball cap, carrying a backpack, clutching a cellular phone and acting uneasily, chances are he is a terrorist.

Let's see: Approximately 4.5 million people use the New York City subway every day. Assume that the above profile fits 1% of them. Does that mean that there are 25,000 terrorists riding the New York City subways every single day? Seems unlikely.

The rest of the article gets better, but still....

At least that is how the National Capital Regional Police Office (NCRPO) has "profiled" a terrorist.

Sr. Supt. Felipe Rojas Jr., chief of the NCRPO Regional Intelligence and Investigation Division (RIID), said Friday that his group came up with the profile based on the descriptions of witnesses in previous bombings.

Rojas said the US Federal Bureau of Investigation has a similar terrorist profile.

But a source in the intelligence community derided the profile, calling it stereotyped and inaccurate.

The police profile does not apply to the female bombers who the military said were being trained for suicide missions in Metro Manila.

Posted on October 20, 2005 at 11:47 AM32 Comments

Liabilities and Software Vulnerabilities

My fourth column for Wired discusses liability for software vulnerabilities. Howard Schmidt argued that individual programmers should be liable for vulnerabilities in their code. (There's a Slashdot thread on Schmidt's comments.) I say that it should be the software vendors that should be liable, not the individual programmers.

Click on the essay for the whole argument, but here's the critical point:

If end users can sue software manufacturers for product defects, then the cost of those defects to the software manufacturers rises. Manufacturers are now paying the true economic cost for poor software, and not just a piece of it. So when they're balancing the cost of making their software secure versus the cost of leaving their software insecure, there are more costs on the latter side. This will provide an incentive for them to make their software more secure.

To be sure, making software more secure will cost money, and manufacturers will have to pass those costs on to users in the form of higher prices. But users are already paying extra costs for insecure software: costs of third-party security products, costs of consultants and security-services companies, direct and indirect costs of losses. Making software manufacturers liable moves those costs around, and as a byproduct causes the quality of software to improve.

This is why Schmidt's idea won't work. He wants individual software developers to be liable, and not the corporations. This will certainly give pissed-off users someone to sue, but it won't reduce the externality and it won't result in more-secure software.

EDITED TO ADD: Dan Farber has a good commentary on my essay. He says I got Schmidt wrong, that Schmidt wants programmers to be accountable but not liable. Be that as it may, I still think that making software vendors liable is a good idea.

There has been some confusion about this in the comments, that somehow this means that software vendors will be expected to achieve perfection and that they will be 100% liable for anything short of that. Clearly that's ridiculous, and that's not the way liabilities work. But equally ridiculous is the notion that software vendors should be 0% liable for defects. Somewhere in the middle there is a reasonable amount of liablity, and that's what I want the courts to figure out.

EDITED TO ADD: Howard Schmidt writes: "It is unfortunate that my comments were reported inaccurately; at least Dan Farber has been trying to correct the inaccurate reports with his blog. I do not support PERSONAL LIABILITY for the developers NOR do I support liability against vendors. Vendors are nothing more then people (employees included) and anything against them hurts the very people who need to be given better tools, training and support."

Howard wrote an essay on the topic.

Posted on October 20, 2005 at 5:19 AM76 Comments

U.S. Regulators Require Two-Factor Authentication for Banks

Two-factor authentication is coming to U.S. banks:

Federal regulators will require banks to strengthen security for Internet customers through authentication that goes beyond mere user names and passwords, which have become too easy for criminals to exploit.

Bank Web sites are expected to adopt some form of "two-factor" authentication by the end of 2006, regulators with the Federal Financial Institutions Examination Council said in a letter to banks last week.

Here's more details.

This won't help. It'll change the tactics of the criminals, but won't make them go away. I've written about that already (the short version is that two-factor authentication won't mitigate identity theft, because it's not an authentication problem -- it's a problem with fraudulent transactions), and also about what will solve the problem.

Posted on October 19, 2005 at 2:51 PM63 Comments

UK Terrorism Law Used for Non-Terrorism Purposes

The U.K. has used terrorism laws to stifle free speech; now it's using them to keep pedestrians off bicycle paths.

With her year-round tan, long blonde hair and designer clothes, Sally Cameron does not look like a threat to national security.

But the 34-year-old property developer has joined the ranks of Britain's most unlikely terrorist suspects after being held for hours for trespassing on a cycle path.

And also to prevent people from taking pictures of motorways:

A Hampshire student was stopped and warned by police under new anti-terror laws -- for taking pictures of the M3.

Matthew Curtis had been gathering images for the website of a design company where he works part-time when he was stopped, searched and cautioned.

The 21-year-old was told that he was in a "vulnerable area" as he snapped pictures of the M3 and was made to account for his actions before he was issued with a warning and told not to do it again.

Officers, who had quoted the Prevention of Terrorism Act, today apologised for causing concern but say they were just being vigilant.

I get that terrorism is the threat of the moment, and that all sorts of government actions are being justified with terrorism. But this is ridiculous.

Posted on October 19, 2005 at 12:04 PM50 Comments

Secret Forensic Codes in Color Laser Printers

Many color laser printers embed secret information in every page they print, basically to identify you by. Here, the EFF has cracked the code of the Xerox DocuColor series of printers.

The DocuColor series prints a rectangular grid of 15 by 8 miniscule yellow dots on every color page. The same grid is printed repeatedly over the entire page, but the repetitions of the grid are offset slightly from one another so that each grid is separated from the others. The grid is printed parallel to the edges of the page, and the offset of the grid from the edges of the page seems to vary. These dots encode up to 14 7-bit bytes of tracking information, plus row and column parity for error correction. Typically, about four of these bytes were unused (depending on printer model), giving 10 bytes of useful data. Below, we explain how to extract serial number, date, and time from these dots. Following the explanation, we implement the decoding process in an interactive computer program.

Because of their limited contrast with the background, the forensic dots are not usually visible to the naked eye under white light. They can be made visible by magnification (using a magnifying glass or microscope), or by illuminating the page with blue instead of white light. Pure blue light causes the yellow dots to appear black. It can be helpful to use magnification together with illumination under blue light, although most individuals with good vision will be able to see the dots distinctly using either technique by itself.

EDITED TO ADD: News story here.

EDITED TO ADD: And another.

Posted on October 19, 2005 at 8:12 AM46 Comments

Passport Required to Use the Internet in Italy

Why? Terrorism.

After Italy passed a new antiterrorism package in July, authorities ordered managers offering public communications services, like Mr. Savoni,to make passport photocopies of every customer seeking to use the Internet, phone, or fax.

Posted on October 18, 2005 at 8:09 AM33 Comments

Chemical Trace Screening

New advances in technology:

"Mass spectrometry is one of the most sensitive methods for finding drugs, chemicals, pollutants and disease, but the problem is that you have to extract a sample and treat that sample before you can analyze it," said Evan Williams, a chemistry professor at UC Berkeley.

That process can take anywhere from two to 15 minutes for each sample. Multiply that by the number of people in line at airport security at JFK the day before Thanksgiving, and you've got a logistical nightmare on your hands.

The research from Purdue, led by analytical chemistry professor Graham Cooks, developed a technique called desorption electrospray ionization, or DESI, that eliminates a part of the mass spectrometry process, and thus speeds up the detection of substances to less than 10 seconds, said Williams.

To use it, law enforcement officials and security screeners will spray methanol or a water and salt mixture on the surface of an object, or a person's clothing or skin, and test immediately for microscopic traces of chemical compounds.

As this kind of technology gets better, the problems of false alarms becomes greater. We already know that a large percentage of U.S. currency bears traces of cocaine, but can a low-budget terrorist close down an airport by spraying trace chemicals randomly at passengers' luggage when they're not looking?

Posted on October 14, 2005 at 1:56 PM24 Comments

Real ID and Identity Theft

Reuters on the trade-offs of Real ID:

Nobody yet knows how much the Real ID Act will cost to implement or how much money Congress will provide for it. The state of Washington, which has done the most thorough cost analysis, put the bill in that state alone at $97 million in the first two years and believes it will have to raise the price of a driver's license to $58 from $25.

On the other hand, a secure ID system could save millions in Medicare and Medicaid fraud and combat identity theft.

Why does Reuters think that a better ID card will protect against identity theft? The problem with identity theft isn't that ID cards are forgeable, it's that financial institutions don't check them before authorizing transactions.

Posted on October 14, 2005 at 11:20 AM32 Comments

RFID and Privacy

Boston Globe editorial on RFID and privacy:

It's one of the cutest of those cute IBM Corp. TV commercials, the ones that feature the ever-present help desk. This time, the desk appears smack in the middle of a highway, blocking the path of a big rig.

''Why are you blocking the road?" the driver asks. ''Because you're going the wrong way," replies the cheerful Help Desk lady. ''Your cargo told me so." It seems the cartons inside the truck contained IBM technology that alerted the company when the driver made a wrong turn.

It's clever, all right -- and creepy. Because the technology needn't be applied only to cases of beer. The trackers could be attached to every can of beer in the case, and allow marketers to track the boozing habits of the purchasers. Or if the cargo is clothing, those little trackers could have been stitched inside every last sweater. Then some high-tech busybody could keep those wearing them under surveillance.

If this sounds paranoid, take it up with IBM. The company filed a patent application in 2001 which contemplates using this wireless snooping technology to track people as they roam through ''shopping malls, airports, train stations, bus stations, elevators, trains, airplanes, rest rooms, sports arenas, libraries, theaters, museums, etc." An IBM spokeswoman insisted the company isn't really prepared to go this far. Patent applications are routinely written to include every possible use of a technology, even some the company doesn't intend to pursue. Still, it's clear somebody at IBM has a pretty creepy imagination.

There's a Slashdot thread on the topic.

Posted on October 14, 2005 at 7:11 AM33 Comments

Blizzard Entertainment Uses Spyware to Verify EULA Compliance

Scary:

I recently performed a rather long reversing session on a piece of software written by Blizzard Entertainment, yes -- the ones who made Warcraft, and World of Warcraft (which has 4.5 million+ players now, apparently). This software is known as the 'warden client' -- its written like shellcode in that it's position independent. It is downloaded on the fly from Blizzard's servers, and it runs about every 15 seconds. It is one of the most interesting pieces of spyware to date, because it is designed only to verify compliance with a EULA/TOS. Here is what it does, about every 15 seconds, to about 4.5 million people (500,000 of which are logged on at any given time):

The warden dumps all the DLL's using a ToolHelp API call. It reads information from every DLL loaded in the 'world of warcraft' executable process space. No big deal.

The warden then uses the GetWindowTextA function to read the window text in the titlebar of every window. These are windows that are not in the WoW process, but any program running on your computer. Now a Big Deal.

I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. These strings can easily contain social security numbers or credit card numbers, for example, if I have Microsoft Excel or Quickbooks open w/ my personal finances at the time.

Once these strings are obtained, they are passed through a hashing function and compared against a list of 'banning hashes' -- if you match something in their list, I suspect you will get banned. ...

Next, warden opens every process running on your computer. ... I watched warden open my email program, and even my PGP key manager. Again, I feel this is a fairly severe violation of privacy, but what can you do? It would be very easy to devise a test where the warden clearly reads confidential or personal information without regard.

This behavior places the warden client squarely in the category of spyware. What is interesting about this is that it might be the first use of spyware to verify compliance with a EULA. I cannot imagine that such practices will be legal in the future, but right now in terms of law, this is the wild wild west. You can't blame Blizz for trying, as well as any other company, but this practice will have to stop if we have any hope of privacy. Agree w/ botting or game cheaters or not, this is a much larger issue called 'privacy' and Blizz has no right to be opening my excel or PGP programs, for whatever reason.

EDITED TO ADD: Blizzard responds. See also here. Several commenters say that this is no big deal. I think that a program that does all of this without the knowledge or consent of the user is a big deal. This is a program designed to spy on the user and report back to Blizzard. It's pretty benign, but the next company who does this may be less so. It definitely counts as spyware.

EDITED TO ADD: This is a great post by EFF on the topic.

EDITED TO ADD: BBC has an article on the topic.

Posted on October 13, 2005 at 2:11 PM

Domestic Spying in the U.S.

There are two bills in Congress that would grant the Pentagon greater rights to spy on Americans in the U.S.:

The Pentagon would be granted new powers to conduct undercover intelligence gathering inside the United States -- and then withhold any information about it from the public -- under a series of little noticed provisions now winding their way through Congress.

Citing in part the need for "greater latitude" in the war on terror, the Senate Intelligence Committee recently approved broad-ranging legislation that gives the Defense Department a long sought and potentially crucial waiver: it would permit its intelligence agents, such as those working for the Defense Intelligence Agency (DIA), to covertly approach and cultivate "U.S. persons" and even recruit them as informants—without disclosing they are doing so on behalf of the U.S. government.

[...]

At the same time, the Senate intelligence panel also included in the bill two other potentially controversial amendments—one that would allow the Pentagon and other U.S. intelligence agencies greater access to federal government databases on U.S. citizens, and another granting the DIA new exemptions from disclosing any "operational files" under the Freedom of Information Act (FOIA).

Posted on October 13, 2005 at 11:47 AM17 Comments

Tax Breaks for Good Security

Congress is talking -- it's just talking, but at least it's talking -- about giving tax breaks to companies with good cybersecurity.

The devil is in the details, and this could be a meaningless handout, but the idea is sound. Rational companies are going to protect their assets only up to their value to that company. The problem is that many of the security risks to digital assets are not risks to the company who owns them. This is an externality. So if we all need a company to protect its digital assets to some higher level, then we need to pay for that extra protection. (At least we do in a capitalist society.) We can pay through regulation or liabilities, which translates to higher prices for whatever the company does. We can pay through directly funding that extra security, either by writing a check or reducing taxes. But we can't expect a company to spend the extra money out of the goodness of its heart.

Posted on October 13, 2005 at 8:02 AM32 Comments

$5M Bank Con

Great crime story:

An ingenious fraudster is believed to be sunning himself on a beach after persuading leading banks to pay him more than €5 million (£3.5 million) in the belief that he was a secret service agent engaged in the fight against terrorist money-laundering.

The man, described by detectives as the greatest conman they had encountered, convinced one bank manager to leave him €358,000 in the lavatories of a Parisian bar. "This man is going to become a hero if he isn’t caught quickly," an officer said. "The case is exceptional, perfectly unbelievable and surreal."

Moral: Security is a people problem, not a technology problem

Posted on October 12, 2005 at 7:15 AM23 Comments

Exploding Baby Carriages in Subways

This is a great example of a movie-plot threat.

A terrorist plot to attack the subways with bomb-laden baby carriages and briefcases -- the most specific threat ever made against the city -- triggered a massive security crackdown yesterday.

This is not to say that there isn't a real plot that was uncovered, but the specificity of the threat seems a bit ridiculous.

And if we ban baby carriages from the subways, and the terrorists put their bombs in duffel bags instead, have we really won anything?

EDITED TO ADD: The threat was a hoax.

Posted on October 11, 2005 at 8:12 AM52 Comments

Musicians tell Fans How to Beat Copy Protection

In any security system, it's important to understand who the attacker is and who the defender is. In digital-media copy protection (usually called Digital Rights Management), it can get complicated.

The music industry has been selling the technology to everyone -- Congress, the public -- by claiming that they're defending the rights of musicians. But more and more musicians are realizing that their interests are better served by freely copyable music.

Now, in the most bizarre turn yet in the record industry's piracy struggles, stars Dave Matthews Band, Foo Fighters and Switchfoot -- and even Sony BMG, when the label gets complaints -- are telling fans how they can beat the system.

Read the whole article.

Posted on October 10, 2005 at 12:18 PM35 Comments

Terrorism Laws Used to Stifle Political Speech

Walter Wolfgang, an 82-year-old political veteran, was forcefully removed from the UK Labour party conference for calling a speaker, Jack Straw, a liar. (Opinions on whether Jack Straw is or is not a liar are irrelevant here.) He was later denied access to the conference on basis of anti-terror laws. Keep in mind that as recently as the 1980s, Labour Party conferences were heated affairs compared with today's media shows.

From The London Times:

A police spokeswoman said that Mr Wolfgang had not been arrested but detained because his security accreditation had been cancelled by Labour officials when he was ejected. She said: "The delegate asked the police officer what powers he was using. The police officer responded that he was using his powers under Section 44 of the Terrorism Act to confirm the delegate's details."

Also this:

More than 600 people were detained under the Terrorism Act during the Labour party conference, it was reported yesterday.

Anti-Iraq war protesters, anti-Blairite OAPs and conference delegates were all detained by police under legislation that was designed to combat violent fanatics and bombers - even though none of them was suspected of terrorist links. None of those detained under Section 44 stop-and-search rules in the 2000 Terrorism Act was arrested and no-one was charged under the terrorism laws.

Walter Wolfgang, an 82-year-old Jewish refugee from Nazi Germany, was thrown out of the conference hall by Labour heavies after heckling the Foreign Secretary, Jack Straw.

When he tried to get back in, he was detained under Section 44 and questioned by police. The party later apologised.

But the Home Office has refused to apologise for heavy-handed tactics used at this year's conference.

A spokesman insisted: "Stop and search under Section 44 is an important tool in the on-going fight against terrorism.

"The powers help to deter terrorist activity by creating a hostile environment for terrorists."

He added that the justification for authorising the use of the powers was "intelligence-led and based on an assessment of the threat against the UK."

The shadow home secretary, David Davis, said: "Laws that are designed to fight terrorism should only be used against terrorism."

Posted on October 10, 2005 at 8:13 AM31 Comments

Automatic License Plate Scanners

The Boston Transportation Department, among other duties, hands out parking tickets. If a car has too many unpaid parking tickets, the BTD will lock a Denver Boot to one of the wheels, making the car unmovable. Once the tickets are paid up, the BTD removes th boot.

The white SUV in this photo is owned by the Boston Transportation Department. Its job is to locate cars that need to be booted. The two video cameras on top of the vehicle are hooked up to a laptop computer running license plate scanning software. The vehicle drives around the city scanning plates and comparing them with the database of unpaid parking tickets. When a match is found, the BTD officers jump out and boot the offending car. You can sort of see the boot on the front right wheel of the car behind the SUV in the photo.

This is the kind of thing I call "wholesale surveillance," and I've written about license plate scanners in that regard last year.

Technology is fundamentally changing the nature of surveillance. Years ago, surveillance meant trench-coated detectives following people down streets. It was laborious and expensive, and was only used when there was reasonable suspicion of a crime. Modern surveillance is the policeman with a license-plate scanner, or even a remote license-plate scanner mounted on a traffic light and a policeman sitting at a computer in the station. It's the same, but it's completely different. It's wholesale surveillance.

And it disrupts the balance between the powers of the police and the rights of the people.

[...]

Like the license-plate scanners, the electronic footprints we leave everywhere can be automatically correlated with databases. The data can be stored forever, allowing police to conduct surveillance backwards in time.

The effects of wholesale surveillance on privacy and civil liberties is profound; but unfortunately, the debate often gets mischaracterized as a question about how much privacy we need to give up in order to be secure. This is wrong. It's obvious that we are all safer when the police can use all techniques at their disposal. What we need are corresponding mechanisms to prevent abuse, and that don't place an unreasonable burden on the innocent.

Throughout our nation's history, we have maintained a balance between the necessary interests of police and the civil rights of the people. The license plate itself is such a balance. Imagine the debate from the early 1900s: The police proposed affixing a plaque to every car with the car owner's name, so they could better track cars used in crimes. Civil libertarians objected because that would reduce the privacy of every car owner. So a compromise was reached: a random string of letter and numbers that the police could use to determine the car owner. By deliberately designing a more cumbersome system, the needs of law enforcement and the public's right to privacy were balanced.

The search warrant process, as prescribed in the Fourth Amendment, is another balancing method. So is the minimization requirement for telephone eavesdropping: the police must stop listening to a phone line if the suspect under investigation is not talking.

For license-plate scanners, one obvious protection is to require the police to erase data collected on innocent car owners immediately, and not save it. The police have no legitimate need to collect data on everyone's driving habits. Another is to allow car owners access to the information about them used in these automated searches, and to allow them to challenge inaccuracies.

The Boston Globe has written about this program.

Richard M. Smith, who took this photo, made a public request to the BTD last summer for the database of scanned license plate numbers that is being collected by this vehicle. The BTD told him at the time that the database is not a public record, because the database is owned by AutoVu, the Canadian company that makes the license plate scanner software used in the vehicle. This software is being "loaned" to the City of Boston as part of a "beta" test program.

Anyone doubt that AutoVu is going to sell this data to a company like ChoicePoint?

Posted on October 7, 2005 at 1:49 PM65 Comments

SMS Denial-of-Service Attack

This is a clever piece of research. Turns out you can jam cell phones with SMS messages. Text messages are transmitted on the same channel that is used to set up voice calls, so if you flood the network with one, then the other can't happen. The researchers believe that sending 165 text messages a second is enough to disrupt all the cell phones in Manhattan.

From the paper:

ABSTRACT: Cellular networks are a critical component of the economic and social infrastructures in which we live. In addition to voice services, these networks deliver alphanumeric text messages to the vast majority of wireless subscribers. To encourage the expansion of this new service, telecommunications companies offer connections between their networks and the Internet. The ramifications of such connections, however, have not been fully recognized. In this paper, we evaluate the security impact of the SMS interface on the availability of the cellular phone network. Specifically, we demonstrate the ability to deny voice service to cities the size of Washington D.C. and Manhattan with little more than a cable modem. Moreover, attacks targeting the entire United States are feasible with resources available to medium-sized zombie networks. This analysis begins with an exploration of the structure of cellular networks. We then characterize network behavior and explore a number of reconnaissance techniques aimed at effectively targeting attacks on these systems. We conclude by discussing countermeasures that mitigate or eliminate the threats introduced by these attacks.

There's a New York Times article and a thread on Slashdot.

Posted on October 7, 2005 at 7:43 AM40 Comments

Phishing

My third Wired column is on line. It's about phishing.

Financial companies have until now avoided taking on phishers in a serious way, because it's cheaper and simpler to pay the costs of fraud. That's unacceptable, however, because consumers who fall prey to these scams pay a price that goes beyond financial losses, in inconvenience, stress and, in some cases, blots on their credit reports that are hard to eradicate. As a result, lawmakers need to do more than create new punishments for wrongdoers -- they need to create tough new incentives that will effectively force financial companies to change the status quo and improve the way they protect their customers' assets.

EDITED TO ADD: There's a discussion on Slashdot.

Posted on October 6, 2005 at 8:10 AM43 Comments

RFID Car Keys

RFID car keys (subscription required) are becoming more popular. Since these devices broadcast a unique serial number, it's only a matter of time before a significant percentage of the population can be tracked with them.

Lexus has made what it calls the "SmartAccess" keyless-entry system standard on its new IS sedans, designed to compete with German cars like the BMW 3 series or the Audi A4, as well as rivals such as the Infiniti G35 or the U.S.-made Cadillac CTS. BMW offers what it calls "keyless go" as an option on the new 3 series, and on its higher-priced 5, 6 and 7 series sedans.

Volkswagen AG's Audi brand offers keyless-start systems on its A6 and A8 sedans, but not yet on U.S.-bound A4s. Cadillac's new STS sedan, big brother to the CTS, also offers a pushbutton start.

Starter buttons have a racy flair -- European sports cars and race cars used them in the past. The proliferation of starter buttons in luxury sedans has its roots in theft protection. An increasing number of cars now come with theft-deterrent systems that rely on a chip in the key fob that broadcasts a code to a receiver in the car. If the codes don't match, the car won't start.

Cryptography can be used to make these devices anonymous, but there's no business reason for automobile manufacturers to field such a system. Once again, the economic barriers to security are far greater than the technical ones.

Posted on October 5, 2005 at 8:13 AM78 Comments

Microsoft Questions

Windows OneCare is the next-generation pervasive security program that will be part of Microsoft Windows. I know nothing about it. Does anyone have any comments or opinions?

And the current rumor is that Ballmer and Nash are speaking at a Microsoft event in Munich. They're supposedly outlining Microsoft's security roadmap. Anyone have any inside information?

Posted on October 4, 2005 at 2:10 PM48 Comments

The Doghouse: Lexar LockTight

Do you think we should tell these people that SHA-1 is not an encryption algorithm?

Developed by Lexar, the new security solution is based on a 160-bit encryption technology and uses SHA-1 (Secure Hash Algorithm), a standard approved by the National Institute of Standards and Technology (NIST). The 160-bit encryption technology is among the most effective and widely accepted security solutions available.

This seems not to be a typo. They explain themselves in more detail here:

Lexar has provided us with the following explanation as to how data is protected on the LockTight cards: (we understand that the encryption is carried out on the communications layer between the card and camera/computer rather than the data itself).

"Lexar employs a unique strategy to protect data on LockTight cards. LockTight cards are always 'locked.' In other words no computer or camera can read or write data from/to a LockTight card until a critical authorization process takes place between the LockTight card and the host computer or host camera. This authorization process is where the 160-bit HMAC SHAH-1 encryption algorithm is employed."

Posted on October 3, 2005 at 8:22 AM37 Comments

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..