Blog: December 2008 Archives

Forging SSL Certificates

We already knew that MD5 is a broken hash function. Now researchers have successfully forged MD5-signed certificates:

Molnar, Appelbaum, and Sotirov joined forces with the European MD5 research team in mid-2008, along with Swiss cryptographer Dag Arne Osvik. They realized that the co-construction technique could be used to simultaneously generate one normal SSL certificate and one forged certificate, which could be used to sign and vouch for any other. They purchased a signature for the legitimate certificate from an established company that was still using MD5 for signing, and then applied the legitimate signature to the forged certificate. Because the legitimate and forged certificates had the same MD5 value, the legitimate signature also marked the forged one as acceptable.

Lots and lots more articles, and the research.

This isn’t a big deal. The research is great; it’s good work, and I always like to see cryptanalytic attacks used to break real-world security systems. Making that jump is often much harder than cryptographers think.

But SSL doesn’t provide much in the way of security, so breaking it doesn’t harm security very much. Pretty much no one ever verifies SSL certificates, so there’s not much attack value in being able to forge them. And even more generally, the major risks to data on the Internet are at the endpoints — Trojans and rootkits on users’ computers, attacks against databases and servers, etc — and not in the network.

I’m not losing a whole lot of sleep because of these attacks. But — come on, people — no one should be using MD5 anymore.

EDITED TO ADD (12/31): While it is true that browsers do some SSL certificate verification, when they find an invalid certificate they display a warning dialog box which everyone — me included — ignores. There are simply too many valid sites out there with bad certificates for that warning to mean anything. This is far too true:

If you’re like me and every other user on the planet, you don’t give a shit when an SSL certificate doesn’t validate. Unfortunately, commons-httpclient was written by some pedantic fucknozzles who have never tried to fetch real-world webpages.

Posted on December 31, 2008 at 1:39 PM66 Comments

NSA Patent on Network Tampering Detection

The NSA has patented a technique to detect network tampering:

The NSA’s software does this by measuring the amount of time the network takes to send different types of data from one computer to another and raising a red flag if something takes too long, according to the patent filing.

Other researchers have looked into this problem in the past and proposed a technique called distance bounding, but the NSA patent takes a different tack, comparing different types of data travelling across the network. “The neat thing about this particular patent is that they look at the differences between the network layers,” said Tadayoshi Kohno, an assistant professor of computer science at the University of Washington.

The technique could be used for purposes such as detecting a fake phishing Web site that was intercepting data between users and their legitimate banking sites, he said. “This whole problem space has a lot of potential, [although] I don’t know if this is going to be the final solution that people end up using.”

Posted on December 30, 2008 at 12:07 PM28 Comments

Matthew Alexander on Torture

Alexander is a former Special Operations interrogator who worked in Iraq in 2006. His op-ed is worth reading:

I learned in Iraq that the No. 1 reason foreign fighters flocked there to fight were the abuses carried out at Abu Ghraib and Guantanamo. Our policy of torture was directly and swiftly recruiting fighters for al-Qaeda in Iraq. The large majority of suicide bombings in Iraq are still carried out by these foreigners. They are also involved in most of the attacks on U.S. and coalition forces in Iraq. It’s no exaggeration to say that at least half of our losses and casualties in that country have come at the hands of foreigners who joined the fray because of our program of detainee abuse. The number of U.S. soldiers who have died because of our torture policy will never be definitively known, but it is fair to say that it is close to the number of lives lost on Sept. 11, 2001. How anyone can say that torture keeps Americans safe is beyond me — unless you don’t count American soldiers as Americans.

Also, this interview from Harper’s:

In Iraq, we lived the “ticking time bomb” scenario every day. Numerous Al Qaeda members that we captured and interrogated were directly involved in coordinating suicide bombing attacks. I remember one distinct case of a Sunni imam who was caught just after having blessed suicide bombers to go on a mission. Had we gotten there just an hour earlier, we could have saved lives. Still, we knew that if we resorted to torture the short term gains would be outweighed by the long term losses. I listened time and time again to foreign fighters, and Sunni Iraqis, state that the number one reason they had decided to pick up arms and join Al Qaeda was the abuses at Abu Ghraib and the authorized torture and abuse at Guantanamo Bay. My team of interrogators knew that we would become Al Qaeda’s best recruiters if we resorted to torture. Torture is counterproductive to keeping America safe and it doesn’t matter if we do it or if we pass it off to another government. The result is the same. And morally, I believe, there is an even stronger argument. Torture is simply incompatible with American principles. George Washington and Abraham Lincoln both forbade their troops from torturing prisoners of war. They realized, as the recent bipartisan Senate report echoes, that this is about who we are. We cannot become our enemy in trying to defeat him.

EDITED TO ADD (1/13): Yet another interview.

Posted on December 30, 2008 at 6:37 AM73 Comments

Shoplifting on the Rise in Bad Economy

From the New York Times:

Police departments across the country say that shoplifting arrests are 10 percent to 20 percent higher this year than last. The problem is probably even greater than arrest records indicate since shoplifters are often banned from stores rather than arrested.

Much of the increase has come from first-time offenders like Mr. Johnson making rash decisions in a pinch, the authorities say. But the ease with which stolen goods can be sold on the Internet has meant a bigger role for organized crime rings, which also engage in receipt fraud, fake price tagging and gift card schemes, the police and security experts say.

[…]

Shoplifters also seem to be getting bolder, according to industry surveys.

Thieves often put stolen items in bags lined with aluminum foil to avoid detection by the storefront alarms. Others work in teams, with a decoy who tries to look suspicious to draw out undercover security agents and attract the attention of security cameras, the police said.

“We’re definitely seeing more sprinters,” said an undercover security guard at Macy’s near Oakland, Calif., referring to shoplifters who make a run for the door.

A previous post listed the most frequently shoplifted items: small, expensive things with a long shelf life.

EDITED TO ADD (1/13): Maybe shoplifting isn’t on the rise after all.

Posted on December 29, 2008 at 2:52 PM24 Comments

Gunpowder Is Okay to Bring on an Airplane

Putting it in a clear plastic baggie magically makes it safe:

Mind you, I had packed the stuff safely. It was in three separate jars: one of charcoal, one of sulphur, and one of saltpetre (potassium nitrate). Each jar was labeled: Charcoal, Sulphur, Saltpetre. I had also thoroughly wet down each powder with tap water. No ignition was possible. As a good citizen, I had packed the resulting pastes into a quart-sized “3-1-1” plastic bag, along with my shampoo and hand cream. This bag I took out of my messenger bag and put on top of my bin of belongings, turned so that the labels were easy for the TSA inspector to read.

Posted on December 29, 2008 at 7:05 AM121 Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.