I may have posted this short video before, but if I did, I can’t find it. It’s four years old, but still pretty to watch.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
jdgalt • July 17, 2015 4:37 PM
Microsoft to users: “Your computer now belong to us! Forever!”
http://www.neowin.net/news/retail-eula-confirms-windows-10-home-users-will-not-be-able-to-opt-out-of-windows-updates
Curious • July 17, 2015 4:51 PM
My local bank ‘Nordea’ in norway started asking some time ago, some questions online when logging into my bank account (w. option to skip every time), seemingly on behalf of US IRS (unless I am mistaken). Just a few general questions (maybe five), however I don’t want to answer them as I don’t want to help a foreign country like USA, and my bank (one guy there) have upon me being inquisitive informed me that he believes they intend to freeze their ‘customer relation’ to me, until I answer the questionnaire. Presumably this sounds worse that it really is.
Heh, looks like I won’t be paying with Visa or anything else on the internet ever (Visa card currently invalid). I have solicited an explanation from the bank, with a second letter even, as I am curious to learn what the real consequence is by not answering their few questions, which is what is ultimately important to me.
Now, what had me wondering was: Lets assume that USA tried to use a questionnaire in an attempt to eventually purge, or even find “terrorist/criminal” customers via all banks. Further, my bank basically says on their web page that the information they collect will be handled by the bank and not outsiders, however if the bank was tasked to evaluate the data they collect somehow, it seem obvious that such information again would propagate outwards to say US IRS.
I guess what I am wondering about: does everyone get these kinds of questions nowadays by their bank?
Martin • July 17, 2015 5:30 PM
At the risk of being too far off topic, would appreciate someone shedding light on where Password Save has gone. None of the SourceForge connection (links) are connecting to downloads or forums for the last 48+ hours. Many thanks.
Jonathan Wilson • July 17, 2015 5:57 PM
New attack on RC4:
https://threatpost.com/new-rc4-attack-dramatically-reduces-plaintext-recovery-time/113808
Why anyone still uses RC4 for TLS is beyond me (unless its some ancient piece of closed hardware that cant be upgraded in which case it probably has other security flaws and should be replaced if its being used to secure something of any importance)
MrC • July 17, 2015 6:01 PM
@ Curious
It would help if you posted what the questions are.
Anyway, the IRS is only concerned about catching tax cheats. In order to maintain as much taxpayer trust and honesty as they can, they have a strict policy of not sharing information with any other agency. You could, for example, write “drug dealing, murder for hire, and kiddie porn” on line 21 of your form 1040 and nothing would come of it (so long as you paid the tax due on that income). So, if it’s really the IRS that wants this information, and you’re not a wealthy American concealing taxable income in a foreign country, then you have nothing to fear from them.
Of course, it may very well not be the IRS behind those questions. If the questions are directed towards terrorism (or “terrorism”) or money laundering, then you’re dealing with a whole different agency that is going to be a heck of a lot less scrupulous with the information they collect.
Finally, how do you know that this isn’t a Norwegian government thing? While the past couple of years have taught all of us that there truly is no abuse the US military-industrial-surveillance complex won’t stoop to, sticking their noses into Norwegian banking seems a bit out of character.
Jacob • July 17, 2015 6:13 PM
A well written commentary about a unique privacy violation by Police in London:
http://www.theguardian.com/commentisfree/2015/jul/17/michael-mcintyre-met-helicopter-snap-tweet
Jacob • July 17, 2015 6:25 PM
@ Curious
Your bank most probably follows the US IRS’ FATCA rules that lately came into effect, thereby forcing most international banks to report on any US person on their customer list. Any US person on the list will have his account details passed on to the US to follow on possible US taxes violations.
You can search for “FATCA” and see what is involved. If you refuse to answer your bank questions, and you are an old time customer with them (before checking nationality was a requirement) your bank may not know if you are a US person or not, thus by the agreement between your country and the US IRS they can freeze your account.
Jacob • July 17, 2015 6:35 PM
@ Martin
Sf is in maintenance mode:
“The sourceforge.net website is temporarily in static offline mode.Only a very limited set of project pages are available until the main website returns to service.”
And it is PasswordSafe, not Save..
name.withheld.for.obvious.reasons • July 17, 2015 7:32 PM
@ TO ALL
A colleague and friend, former CIA, asked me to work on his system and what I discovered is disturbing. Seeing that malware was having its way with his system and before I could suggest that he isolate or remove some of his network gear, the underlying culprit riding atop his system gave pause. A little research, it was the two words (so common as to be found in a 800-word dictionary) posited to search engine indicating a serious problem.
My research into the issue is halted, further digging could prove an unwise choice. I might have to go to a Starbucks and ask someone with a phone/tablet to look something up for me really quick so I can buy the medicine that will keep my grandmother alive for another day.
My first concern is for my friend, the smell/taste of this “thing” indicates a very targeted effort–I asked him if he’d pissed anyone off. Believe me, he has upset a lot of government hacks–spent his fortune and five years at the 9th circuit court for being a good citizen–a whistle-blower. But that was 40 years ago…
As we talked, I realized that we needed to go out-of-band. We used pencil and paper to discuss the problem while we talked about how crappy some hardware/software is/was. This is one of those “Your in the cross-hairs” moments, he is aware of proper OPSEC but it has been some time since last applied or having to work trade craft.
I recognize the signature mark, had one myself a few years back. It was more “messaging” than any kind of subversion/surveillance/theft effort. His experience is a bit more consequential (stopping large contractor program/project deliveries, and payments, due to failures they actively tried to hide from program/division managers).
My first thought is to make a Honey-Netter (a programmatic avatar that responds and tests the active system) after I do some hardware insertions around his environment.
@name.withheld.for.obvious.reasons
Firstly, I hope you realize you might be targeted while attempting to help your good friend as well ? To put it more explicitly, what I meant is you have to take good care of yourself now since you are likely inside a Warhawk Govt’s crosshair this time round as well.
The second thing is hopefully you have put on sufficient protective gears while doing forensic dissection of your friend’s system. It can turn nasty if those stuff turn on you while you are digging around.
Will the imaging of the entire hard disk and even a Cold Boot Attack on the RAM chips help you to get enough information ? If you have another shot at it, boot the system up, quickly dig out the RAM chip and do a Cold Boot Attack and image whatever is sitting inside there.
If the malware lives inside some firmware, it will be nice if you could trace it down to it’s hiding place and dump it’s content.
It would be nice if you can arrange a couple of marks for your friend and public.
If things turn more edgy, setup a TEMPEST resistant environment as well.
questionmark • July 17, 2015 9:15 PM
“8-year-old electrocuted by biometric machine at club”
“A malfunctioning biometric machine, installed to screen members entering the swimming pool of a health club in northwest Delhi, claimed a life on Monday when an eight-year-old boy was electrocuted on touching the gadget. ”
From the Times of India.
Is this the first time that a biometrics device has killed someone?
Also, if the manufacturer of the device was so careless with the wiring, were they careless with the security as well?
Nick P • July 17, 2015 9:32 PM
@ name.withheld
Just tell your friend not to use the computers for anything critical: do face-to-face in random locations instead. Far as your concerns, they’ll guess that your friend discovered malware and had someone fix it. So, image the machine, collect your data for private analysis, and just build him a clean, more-secure one. One replaced by a better one. That’s expected during an infiltration. Maybe get him to use one of the more user-friendly Linux distro’s with your own enhancements on apps, backups, and update security. That some computer security professional recommended Linux to avoid malware is also deniable.
He can say both if asked. Further, he might want to avoid pissing off those groups further and assume that they’ll be monitoring him due to the resources they can put into that. He should just ignore them, do anything that pertains to them off the PC, and ensure he has a reliable source of income that’s not government.
J on the river Lethe • July 17, 2015 9:46 PM
Et al. Would Bruce and you consider this snake oil? I am cautious. Redo O/S, VPN, etc. android is the secure OS. Preorder but no final product to test. Some are saying this is being billed as unhackable. Really?
Nick P • July 17, 2015 9:47 PM
@ All
Found some fun stuff looking up progress on open-source FPGA’s. Here they are.
Archipelago – An open source FPGA with toolflow support (2014)
That’s a start on what’s needed. Their tests show their architecture to be comparable to commercial ones. To be truly comparable, it will need to be implemented with hard blocks for I/O and probably some MAC’s. Yet, it’s a nice start.
Open-source bitstream generation [for Xilinx Virtex5] (2013)
Just read the abstract. Especially how they do bitstream generation without reverse engineering or violating EULA’s. Clever stuff. This combined with open, synthesis tools might be a nice start at using existing FPGA’s more securely.
Away from the bleeding edge life is good
Article points out that the costs of older processes have come down with the combination of cheaper masks and multi-project wafers. Most of what fabs are producing are closer to 180nm and 350nm than the fancy stuff that makes the news regularly. Author argues that, with right tools (eg Tanner EDA), custom chips on those nodes can be built inexpensively enough that Structured ASIC’s and similar tech aren’t necessary. However, in another discussion, a pro told me that eASIC’s 90nm S-ASIC’s can be made quite cheap through their maskless technology and are comparable to a 65nm FPGA in performance. So, there’s that.
Finally, there’s this way off topic article claiming that the United States probably has a consciousness if materialism is correct. Fun read. Discussion is here.
MrC • July 17, 2015 10:54 PM
@ J on the river Lethe:
It’s pretty obvious from the focus on stylishness.
Nick P • July 17, 2015 11:21 PM
@ J
re Turing Phone’s Security
” an older Snapdragon processor”
Standard SOC and Android 5.x. Not secure with chance of easy 0-days. Jeez, that was quick!
name.withheld.for.obvious.reasons • July 18, 2015 1:01 AM
@ Nick P and Thoth
Thanks for your feedback–my first gut level response is to walk away from this…quickly. That doesn’t help my friend and as a research/design engineer the cat in me won’t let me walk away from it. As a seasoned (retired) infosec professional (had a moderately active start-up with three grad students years ago) with decades of experience, my approach will be systematic and include the appropriate hygiene (can even perform clean-room level analysis).
On the system I did a basic assessment as to the state of the OS and application space and became concerned. To give you a sense of it, identified references reveals a large supplier of a particular technology, several post-doctoral research white papers plus several native Russian references (formal material, not references or link farm matter and not readily translated. Nonetheless, spouting off is problematic and notification to the/a manufacturer(s) is necessary.
Postmortem analysis provides the best approach given the circumstances. Replicating the drive controller interface, separating the original PCB of the SATA/PATA subsystem and using a known hardware revision board replacement will improve the chances of success (photographs taken down to board serial/revision numbers, capturing most if not all of the physically available information).
Typically I duplicate the drive (even if I have to do drive geometry and sector mapping translations) to hardware, support on the host drive includes physical write locking (continuity and integrity of the copy). I take the drive off-line and write lock if possible, proceed to duplicate, then secure the original drive (store in a safe sealed, labeled, and cataloged including picture(s)). The whole process, as if from a field service manual, is documented and photographed.
Years ago I worked with the FBI on a rootkit that was born in the Sub-seven era and was unusually effective on Solaris platforms–when the FBI scientist (Agent Smith) looked at what I was doing he said “We should be doing this.” As soon as he said it my confidence was shaken–was bringing in the FBI such a good idea?
Thoth, I am glad you brought up the “check thyself” issue, reviewing my communications over the last two months makes me wonder how close I am to this. His reaction has been mostly surprise but not alarm (this guy is honestly fearless, or fool-less). He’d tell you that I would be excited, this coming from a top-gun pro that once said to me “You are the most paranoid person I know.” In a funny way he means it as a complement. My question is whether to pursue this problem, and as Thoth has indicated, the public can be served so it is my duty to do so…
THANK YOU NICK AND THOTH
@name.withheld.for.obvious.reasons
Don’t forget to observe the RAM chip activities if you have not.
Clive Robinson • July 18, 2015 7:02 AM
@ name.witheld…,
My advice is for your friend to “carry on as normal” and let people know he’s going fishing or hiking or some such holiday activity, where not having a phone let alone a computer would not raise suspicions. Prior to you doing any active investigation of the devices. Thus if anything does go wrong then someone can chuck a brick through his back door window etc for him to find he’s been burgled and the laptop etc stolen whilst he was away… That provides him with cover to go get a new laptop if the old one can not be properly fixed. Something that I suspect is very likely to be the case.
In the unlikely event there is stuff on it your friend needs to keep I would pull it off file by file and do statistical checking for “embeded code” and format violations. If possible convert file content to “ASCII plain text” to strip off all formating, then copy onto a new platform and manually rebuild the formating if required [1].
Another way if the stuff is archival is “print off and scan as an image on a new machine”, yes it makes very large image files and uses up half a forest, but unless there are barcode / QR code or similar in them then malware is not likely to get transmitted that way [2]
As I’ve indicated in the past “I lead a terminal life” and whilst old fashioned kit and the command line is not quite the “Moscow State typewriter revival” that’s been in the security news, it does give a very small and easier to audit compiler independent code base. Importantly it makes the use of “air gapping” much easier and (outside of TEMPEST considerations) more reliable.
Using two machines seperated by a decent “guard” is the way to go, with the “off line” machine being an old PC with DVD drives and no hard drives or other mutable storage. ASCII plaintext File transfer across serial lines via Xmodem or similar is simple to do. Further making a “Serial line Guard” is something that can be done using low cost SoC development kits. The cheapest way to do this used to be the Microchip Pickit16 development board, which allowed the high end SoC to be easily removed and “locked in a safe” and importantly had a “board extender bus” and peripherals you could buy to do all sorts of stuff. You also had the choice of doing assembler or C code development quite easily with plenty of code libraries you could download and use. I developed a number of “Serial Guards” etc on it.
As a general note, there are also several other things people should consider doing as standard –irrespective of what they do or have done for a living or hobby– that will in the long term make their lives easier,
Much though I hate it the original FAT12&16 disk formating are unencumbered by patents etc, are widely recognised and consequently turn up in all sorts of places as standard. Especialy in places where SD memory cards are found like embedded systems for camera’s, smart phones, your car satnav, digital instruments such as test kit, musical instruments, medical and industrial systems. Many of these systems have the ability to use a “command line” or atleast display ASCII plain text files. Thus using such a file system format especialy for archiving, backups etc is applying a sensible level of future proofing, that other file systems just don’t have.
[1] Storing all user created files in an “ASCII plain text” format such as RTF, CSV, HTML, etc, is likewsis a good working habit to develop. Not just because the files are a lot smaller, have less oportunities for nasties to hide and are consequently easier to check and transfer from one system to another. But because it acts as future proofing alowing easy migration to other apps and platforms in the future, and should files get corupted it’s usually easier to recover / rebuild them in part if not whole.
[2] As I frequently tell people that get hit with certain problems “Paper Paper, Never Data”, you see exactly what you are giving to people, and there are no nasty meta-data suprises waiting to be discovered. As well as sanitizing meta-data it should also sanitize most malware etc that might be hidden in a file in various ways like MS’s ill thought out “Object Linking and Embedding”, macros and other “productivity” nasties. Further a little adept use of a scalpel / craft knife makes redacting a “whole” lot more reliable. You can then put the pages in a file cabinate for long term archiving or scan them back in as bitmap image files that you can then later OCR if you require.
Also much as many people hate it, writing “plain text” programs for interpreters like early BASIC’s are another way to future proof code. Compilers come and go and each one has “productivity features” that stop code migration deader than a “dodo kebab”. Even javascript if “written to be readable” in a subset of it’s common features is more future proof than most production C or other code. Likewise if you want to future proof code, don’t use assembler or non published (as international standards in paper form) code libraries etc. And remember just as with surgery “a quick hack, usually gives longterm pain or loss of function and frequently both”.
For my sins I still have amongst many others an Xmodem program I wrote in AppleBasic for the Apple ][ and it’s serial card. I later rewrote it in BBC “B” BASIC and several othe 8 and 16 bit computers that ran BASIC natively. The only real changes were “fluff code” for fancy screen handeling and the low and dirty code for the serial hardware. And like a dog with a favourite bone I still use it some thirty five years later (even rewriting a BASIC interpreter I have in K&R C in ANSI for a SoC microcontroller, to use it on that a couple of years ago…). The nice thing about having a BASIC or similar interpreter in C or other compiled language, is that making specialised additions to an interpreter are much much easier than to a compiler. The Tool Control Language (TCL) is a “higher level” idea in the same vein and can easily be added to other compiled programs.
Clive Robinson • July 18, 2015 7:09 AM
@ Bruce / Moderator,
If you look in the link in the name of the above post,
https://www.schneier.com/blog/archives/2015/07/friday_squid_bl_487.html#c6701101
You will see it’s to a quite unsavoury cheating site, and is thus spam.
Curious • July 18, 2015 7:39 AM
Somewhat off topic (UK “Freedom Of Information”):
According to “The Independent” online in UK:
“The Government’s decision to launch a review of the Freedom of Information Act was widely condemned last night as (…)”
“The unexpected move to set up a review of the law emerged just hours after a FoI request revealed how British pilots were involved in Syrian air strikes – a fact ministers had kept from the public.”
“The Act, passed 15 years ago, gives people the right to access information held by the Government and other public bodies.”
@Nick P, Clive Robinson
Are there any recommended programmable and easily commercially available development boards currently in market for security development like Guards, Data Diodes and that sort of stuff ?
I assume the boards would have serial ports for use or at least easily outfitted with one (e.g. USB to Serial adapters) ?
Are there any Open Source schematics for data guards which we could use and especially for @name.withheld.for.obvious.reasons’s case, I doubt he have the time to sit down and do the codes (considering his meddling might have triggered something higher up already).
I know we have our one example we usually mentioned here which is the TFC device which can be configured for File Server with additional modifications.
Clive Robinson • July 18, 2015 8:24 AM
@ ALL
Although the hacking of “The hacking Team” has caused much amusment it has also caused harm to others as well.
Though most computer security personnel quite rightly say that Adobe Flash should have been put out of everybodies missery some years ago, it is still in major use by very many people. Thus the release of atleast three “zero-days” from the hack, which have now been quickly added to several other RATs and attack tools is activly hurting people today.
But it gets worse, as some know the US is activly trying to get new export rules under the Wassenaar Agrement where amongst other technology cyber defense tools will get classified like nuclear technology and thus require licences to even talk about them in companies to other “foreign born” staff, students and even expert researchers…
Basicaly as always with such lawmaking, the basic premise is wrong, thd scope overly broad, and wording and meaning ill defined so that just about anything could be argued by a smart mouthed prosecutor as being covered. And thus will bring considerable harm not benift, and in the process weaken everybodies computer security.
The big problem is that the rules as written take no account that technology is agnostic to use and in the case of safety/security often urgently. Thus in trying to prevent “bad use” they “ban the technology” and thus “all use” outside what they consider “trusted people” and thus stop the rather more important “good use” by far the majority of people that need to use it often quite urgently. Because to become a “trusted person” takes considerable time and has to be done anew each time a slight variation or improvment is required.
The new rules are not yet cast in stone, but the recent hack makes a much stronger political case for them, or making them even more draconian. Thus people need to not just give voice but actually do so in the correct method to cause these rules to be changed.
You can read more about this at,
http://www.wired.com/2015/07/moussouris-wassenaar-open-comment-period/
Curious • July 18, 2015 8:31 AM
Something off twitter: (Java script related)
Not really sure what this is. Something about spying on a user’s all other open tabs in a browser if I understood it correctly. Privacy and maybe security related. shrugs
https://twitter.com/lavados/status/620918560861327360
The link on the top there links to the following pdf document: https://online.tugraz.at/tug_online/voe_main2.getvolltext?pCurrPk=85826
Bob S. • July 18, 2015 8:35 AM
@Martin
Re:Here is a link for Password Safe Download.
Source Forge isn’t as good as it used to be. I will just leave it at that.
Clive Robinson • July 18, 2015 9:10 AM
@ Thoth,
There are a couple of problems the first being the obvious cost and availability, the second is the more subtal case of the trade off in power / capability.
There are 32 bit ARM based micro controllers with large amounts of RAM Flash ROM and I/O, but not only do they suffer from NDA issues, they are because they have been designed for Smart Computing not control, obvious targets for any agency wishing to add “back door implants”.
Low end microcontrolers that are 8, 16 or 24 bit whilst having lots of decent inbuilt I/O are not realy upto the high end requirments of smart phones, pads, netbooks, laptops etc that by far the majority of “persons of interest” would use to do their multi-tasking megabyte application work on, thus are not obvious or even likely targets for backdoor implants.
However a little history shows how limited the PDP 11 was and just how much could be achieved with it, many 16bit microcontrolers are considerably more powerfull than the PDP 11 and come in at 1USD pricing via retail outlets. The two most popular familes that are very cheaply available with cheap development systems and tool chains are MicroChips PIC range and Atmel AVR mega range.
The Atmel chips are what are found in the Arduino boards, you can by almost anywhere and are well documented. Importantly the boards have a standardised, stackable expansion bus known as the “Sheild”, for which very many interfaces are available including GSM phones. You can also get “development shields” that alow you to “bread board” your own. These range from those with the solderless spring contact boards through to the likes of “matrixboard” systems which you can solder in components and hookup wires to form circuits. Some of these development boards are as little as 6USD via mail order.
Whilst I went down the PIC route because it was around long befor the Arduino was thought of, if you were starting today as a “home brewer / Maker” probably go down the Arduino route and then migrate over to other development systems when you need more connectivity, in which cas the MicroChip PIC systems still have the edge, and now include the MIPS 32bit core for higher end embeded activities.
Of the MicroChip and Atmel chips the Arduino has made the latter very much “childs play” with even 8year old kids taking their first steps in hardware hacking for fun, for robots etc.
The spooks love their data diodes. They made plenty of diagrams for inspiration… They also like 3.5″ floppies too! How crusty does the disk controller need to be? — mid to late ’80s might be OK. Don’t be tempted to use USB for your serial/floppy interfacing needs, or for any interfacing, actually. Dead tech is your friend.
I should point out their floppy usage is one-way (trusted -> untrusted).. Though with a good magnet they can likely be reused, if you’re the thrifty type, unlike SD cards…
Gerard van Vooren • July 18, 2015 10:12 AM
Bruce mentioned in the Using Secure Chat threat the following:
“FBI Director James Comey, UK Prime Minister David Cameron, and totalitarian governments around the world all don’t want you to be able to do this.”
The following is way too off topic so I write it here.
This is about looking at the bigger picture.
It has been roughly a year ago that Obama started his air war against ISIS [1]. In 2003 the US army wiped away the Iraqi army in a couple of weeks. The Iraqi army was AFAIK the 4th biggest army in the world, a significant force. The US army was able to wipe away that army this quickly because of a lot of things, including the fact that desert warfare is usually very fast and devastating. The desert terrain plays a great factor in this.
Now it’s 2015. ISIS plays its game in that same desert. The news is full of heads being cut off and other brutality. But ISIS is a relatively small army of roughly 50,000 men. That is three army divisions. It is not the Red Army. One F-16 can do serious damage, but an air force can be devastating. So how come it is possible that ISIS is still around after one year of US air force at war against it?
The only answer I can come up with is that the US wants ISIS to be there. Why? Because the US needs a bogeyman around (but far away). Why does the US want a bogeyman constantly around? To justify military spendings. And that includes the (very costly) mass surveillance programs. It is obvious to technical people that the ban of encryption is bogus. It is absurd actually. The “ordinary” man of the street [2] who isn’t this much informed but who watches the news and see the lying politicians making their popular statements and right after that they see ISIS cutting peoples heads off could get an entirely different view [3].
Politicians most of the time are not telling the entire truth, so it remains guessing what they really want, but they don’t fool me when they say they want to ban encryption because of the four horsemen. It has got to be more. Maybe it’s plain corruption, IP stealing, military budgets, voters or whatever. But it is not about the four horsemen. It is too big for that.
[1] It wasn’t an official war of course, just a sneaky one as usual.
[2] Don’t get me wrong, I don’t mean to be generalizing.
[3] This is propaganda btw.
K.S. • July 18, 2015 10:15 AM
@name.withheld.for.obvious.reasons
I would never assume that I am smarter than people that are after me and could recover the system once its been compromised. If you even have an inclination that your system is compromised, commercially shred the system and everything that touched it, including networking equipment, then do what drug dealers do to buy burner phones – pay in cash someone with no obvious connection to you to order you replacement stuff.
Also, if you don’t already do this, get a commercial IDS system that implements anomaly tracking. These systems got a lot better in the last couple years.
Jacob • July 18, 2015 10:40 AM
It is offtopic, but beautifully written:
The reason for Sourceforge outage.
Read the comment by storagewhisperer.
Nick P • July 18, 2015 11:00 AM
@ Gerard van Vooren
I think you answered your own question: we wholesale invaded Iraq the first time and are doing limited strikes on ISIS. The first war’s consequences kept the President from launching another. A small amount of troops, air strikes, or some drones isn’t going to hurt him politically. The politicos just have to wait for ISIS to do something in America that enrages the county and to them justifies war. Then, the whole military rolls in to smash ISIS.
Meanwhile, the President is using the smaller response he said he would.
Note: I think they benefit from ISIS and similar organizations, too. The difference between Iraq invasion and ISIS’s run isn’t explained by that, though.
Nick P • July 18, 2015 11:14 AM
@ Jacob
Wow, that was well-written and sad. So, a combination of corruption in management along with not valuing employees led to a disaster. Assuming the post is correct. That they did it by user and group ID’s was foolish: even then many of us knew that might not scale or work reliably at the app level. I mainly used it as an extra security and management tool rather than app-level identification or permissions. Better to use a fast, datastore for that. Can even regularly optimize it with perfect hashing in some cases.
Bob S. • July 18, 2015 11:23 AM
Here a sysadmin wonders about internal MS Exchange traffic: “It would seem like a good majority of our corporations emails are being run through the DINSA/Ministry of Defense UK subnet. “
The official MS support answer was, “Please don’t worry about the security of the emails.”
The reason I mention it is, I too am recently seeing a great deal of outbound traffic, ports 80 and 443, to MS addresses on my USA system that can be traced through Germany, France and England then back to the USA with many connections routed through the 25.0.0.0-25.255.255.255 range which is UK MOD [Ministry of Defense]. I can’t find anything to suggest that is erroneous data. Indeed traceroutes do seem to bounce traffic back and forth accross the pond a lot. It seems to be related to server traffic.
I work very hard to block any contact with AZURE or whatever they call it now, and have disabled as many MS apps as possible and don’t use MS Office anymore.
I am wondering if the MS response, “don’t worry”, is adequate?
Nick P • July 18, 2015 11:27 AM
@ Bob S
As I always tell people, Microsoft has proven consistently to be one of the most scheming and unreliable companies in tech. Their stacks are better off avoided purely on basis of organizational character.
@ All
Apps and websites are known to leak information about their users. This example shows what readers of Teach Yourself C++ in 10 Minutes do with the other 50 minutes.
Justin • July 18, 2015 11:32 AM
@ Nick P July 18, 2015 11:14 AM
So, a combination of corruption in management along with not valuing employees led to a disaster.
I don’t think that “not valuing” employees is necessarily a personal thing. Management are employees too, and it’s up to them to take pride in their own work. Management in fact ends up being responsible for the work that the other employees do, and insubordinate employees do not make for pride in management. It’s part of management’s job to inspire and cultivate values.
So let’s not make this a management-vs.-underlings dispute, like so much labor unrest. If people had pride in their own work, and just did their jobs, (management included,) a lot of projects would be a lot more successful.
Nick P • July 18, 2015 1:11 PM
@ Justin
“But then your entire team gets forced out of their job and all the knowledge about how to handle this moody piece of hardware is lost”
I believe this quote shows a management attitude of critical team being disposable things to be eliminated or replaced with lower-paid, less knowledgeable workers. The situation also began with management ignoring their staff’s recommendations in a way that continued to cause problems for the organization. So, the two combine to show there was very much a management vs underlings issue along with mismanagement. The same issues we’ve seen in a number of other companies where they went from innovative to dying thanks to same types of management issues.
@Gerard van Vooren
The war against “ISIS”(IS) appears to be related (in multiple ways, including players) to cybersecurity policy and action ongoing in the govt (and thus public-private) cybersecurity realm, and imo not at all offtopic, as will eventually come to light. As for the whys, #1 – note we are essentially doing the heavy lifting for the most well-organized global islamist movement (and allies), the Muslim Brotherhood, (obvious b/c of who initially pushed for the action and for who benefits and for who is now the spox for Sawab Center, Rashad Hussain, etc), #2 – AQ would have taken care of then ISIL, but once we declared action it obliged all Muslims everywhere to enter against us, thus exacerbating and growing the threat, which again helps the faux (temporarily nonviolent) MB. #3 – IS is still there until the reconciliation between parties occur and a new entity is revealed.
faulty fibre • July 18, 2015 2:10 PM
@name.withheld.for.obvious.reasons
If you have the skill and experience to analyze and expose the malware for the benefit of the community, you’d be mad not to!
Figureitout • July 18, 2015 2:28 PM
Clive Robinson RE: https://www.schneier.com/blog/archives/2015/07/more_about_the_.html#c6701012
–I personally wouldn’t set up a computing system like that for storage due to noise injection concerns, prefer wires for storing data. While my RF authenticator would use a chip and start out w/ one of the big modes (PSK, FSK, FHSS, DSSS, etc.) I’ll need to see some attacks on it, in particular ones that inject data into buffers (would be boring if just copying the device, which is an easy attack) or cause it to leak in the protocol somehow (which I hope to harden, 1st idea is a user-changable 32 (or 8 if required) bit number as the “preamble”) manually inputed on each device, not set remotely.
For now a RasPi is good enough and much more useful even though it’s spread spectrum clock signals can be FM transmitted via a GPIO pin into UHF/VHF bands (I forget the little module hams already made for it in QST, they embrace this rather than think EMSEC concerns lol, just a little EMSEC concern there…christ…), “it’s a feechurrr”.
name.withheld.for.obvious.reasons
–Sometimes it sounds like you want to get on the target list, it’s really more annoying than scary. What’s your friend’s requirements? Does he really need Windows for development/engineering software or some huge program? A TAILS liveCD in a laptop w/ a BIOS, not UEFI (take out wifi card) can get a lot done.
I would set up traps wasting time but that’s just me, b/c I want to put a face to an attacker and “switch the tables” so they know how it feels. I didn’t find my malware until it was way too late and already encrypted and spread everywhere. I don’t know every way it spreads so I just keep memory sticks of it for when I can afford a researcher. So yeah tell us what it is or give it to Kaspersky or similarly skilled reversers and have them do another tear-down.
Thoth RE: guards/data diodes
–None that I see that are really hobbyist friendly besides some made using RasPi. Likely they’re going to be using straight RS-232, some UART out, you can cut wires to the actual parser/guard which then interfaces w/ another device via UART, this is the hard part I’m not sure how to securely do. Doing a pretty small serial driver of sorts is what it probably looks like, just won’t be able to transfer many types of files. So some kind of converter back-and-forth b/w these file types will be tricky too as that’s where the malware will hit, it’s where I’d hit.
Nick P RE: what you may be interested in
–Been hanging around Wael too much eh? Lol, that was also showing up in the Amazon Prime sale which was a mega-fail. Like uBlock? I think I may switch over from ABP for so long (I really owe the guy a few bucks lol, just get my credit card stolen again though trying to donate…).
name.withheld.for.obvious.reasons • July 18, 2015 2:38 PM
@ Thoth, Clive, Nick, et al,
Thoth:
I am not going to pursue insitu analysis at present, my first activity is along the lines that Clive suggested–looks like my friend is going on holiday. I like your data diode idea, may I offer a product opportunity:
A as a piece of hardware that could sit between the SATA/IO controller interface and the drive electronics that can analyze drive protocols (my fundamental philosophy is to use hardware-based write protection) and trap/suppress write commands to the drive. If I can locate on-board controller pins/jumpers/etc that can bring the write pin to ground then I solder it.
Clive:
Great follow-up, there is so much that I identify within your statements. Not unlike you, been there, done that. As an old-school hobbyist (cannot self-label as hacker–especially within the context of FM-36) it is unbelievable how valuable those skills remain to be, it is also frustrating that so much of the lessons from the past are ignored or lost. And, as for your love of the forest, I share this with–why do think I am so interested in the trove of books in your collection. I have tons of TI/NS/Linear data books and application notes going back to the early 80’s.
I will update over the weekend…
name.withheld.for.obvious.reasons • July 18, 2015 2:51 PM
Just to name the entry miscreant, MYOSProtect was the payload for the initial host compromise and then was accompanied by four other malicious code pieces (codpiece). More to follow.
Nick P • July 18, 2015 3:10 PM
@ name.withheld
To be clear, I was recommending quite the opposite of publicizing the event further and attracting negative attention to yourself. Take care of your friend, end the issue carefully, and continue security engineering work. Neither he nor you will change the status quo without Americans backing you. However, your system and security engineering knowledge is very valuable in the battle against surveillance and police states. Focus on using it to get income for yourself (especially non-defense) and otherwise developing methods to protect systems that others can learn from.
For instance, many of the young crowd are struggling with embedded stuff, many are trying to design PCB’s, and non-government EMSEC is in its infancy. Problems like these don’t have enough professional attention outside vendors cashing out on it. One could improve things by creating good guides and demo solutions for these. The same can be said for software, algorithms, protocols.
Just keep working on stuff that benefits the situation that the amateurs aren’t that good at. Remember how Zimmerman’s PGP tricks? The real leverage was that something practical existed and couldn’t be contained. We need such things in many areas with some even lacking a baseline (eg commercial EMSEC). Empowering more people to build trustworthy systems is probably the best kind of protest a security engineer can do.
@ Figureitout
I use ABP + NoScript + HTTPSeverywhere + Linux. It’s a nice baseline against the Internet’s “background radiation.” Nation-states probably already rooted it. I just operate with that assumption and use one of my other computers on a different connection where that matters.
Wael • July 18, 2015 3:38 PM
@Nick P,
Apps and websites are known to leak information about their users.
Why would I care if someone browsing for a C++ book also searched for (or purchased) a 55-gallon water-based lubricant? I would find a related search more helpful. An example would be a better text book, a related HW kit or such. It’s puzzles me how they justify publishing such useless and meaningless statistics. From a marketing perspective, I guess it may be useful?
@Figureitout,
Been hanging around Wael too much eh? Lol
You see a frieght train speeding on the tracks, and you decide to stand in its path? Get your pumpkin butt off the tracks before I shred it 😉 lol
Figureitout • July 18, 2015 4:00 PM
Nick P
–Similar here, except my dev PC’s are way too vulnerable b/c toolchains and need for admin (Atmel site may’ve had a malware on it). uBlock from what I’ve read seems better though, less memory. Nation-states probably use it too like they use a linux-laptop in ANT-catalog and MySQL.
Wael
–I’m dying.
Sergiy • July 18, 2015 4:04 PM
@Clive Robinson – use multiple inexpensive MSP430, PIC micros, etc. True multi-thread with HW handshaking. Any individual device cannot beforehand predicted which role it will play.
Use one for, say, memory, another for comm, etc. Synergistic performance exceptional.
BoppingAround • July 18, 2015 4:48 PM
Figureitout,
uBlock (uBlock Origin, to be precise) is okay. Mainly because it has that fancy 3rd party filters page with a lot of useful subscriptions (‘social’ buttons kill lists for example) available prepackaged. I have not measured its memory consumption [A] but it seems to be performing at least as good as ABP.
[A] There is one exception being Firefox with uBlock and gorhill’s another extension, uMatrix. I didn’t open many tabs there — 5 max — the memory load was between 110 and 150 MB.
tyr • July 18, 2015 5:30 PM
Management has it’s problems and being near-sighted in
the tech departments is the worst of them. One possible
future solution is to crossload into archive.org they
have a software depository section. By placing useful
things there you can work against the mad rush to discard
everything as part of the golden plan for the future.
You can also emulate Clive, try passing your knowledge
on. I’d like to see how much onward and upward in the
corps is caused by dumping the knowledgable and causing
disasters that can only be solved by buying new hardware.
That Reddit is the same kind of thing that crippled
the 8086 in the original IBM PC. No one will ever need
more than 640K of memory so building a comp that used
the full Meg of 8086 addressing was decided against.
They also ditched the 8087 math co-processor because
computers didn’t need to do mathematics unless they
were mainframes.
Apparently most humans do not really believe that a
future is going to happen even after watching it occur
over and over again.
I also noticed the Luddites have moved into government
and developed a new vocabulary while trying to stop
the chances of improving anything.
jacob • July 18, 2015 6:38 PM
Idiots. The Federal Government, that is.
You all know about the proposed inclusion of netwrok surveillance and intrusion programs and detection systems under the Wassenaar agreement.
But I now suspect that even a firewall software / box may fall under such this agreement, thus requiring licensing for each export.
“BIS proposes a license requirement for the export, reexport, or transfer (in-country) of these cybersecurity items to all destinations, except Canada…. Internet Protocol (IP) network communications surveillance systems or equipment and test, inspection, production equipment, specially designed components therefor, and development and production software and technology therefor… upon request from BIS, the applicant must include a copy of the sections of source code and other software (e.g., libraries and header files) that implement or invoke the controlled cybersecurity functionality….Any “information security” functionality incorporated in the cybersecurity item will also receive a focused case-by-case review for reasons of Encryption Items (EI) control…all encryption registration and review requirements must be separately completed with BIS and the ENC Encryption Request Coordinator, Ft. Meade, MD, before license applications for a cybersecurity item will be considered”.
Any SW or HW that will attempt to avoid detection by monitoring tools,' or to defeatprotective countermeasures,’ of a computer or network-capable device, and performing any of the following will fall under the proposed BIS licensing requirements:
(a) The extraction of data or information, from a computer or network-capable device, or the modification of system or user data; or
(b) The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions.
Technical Notes: 1. `Monitoring tools’: “software” or hardware devices, that monitor system behaviors or processes running on a device. This includes antivirus (AV) products, end point security products, Personal Security Products (PSP), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) or firewalls.
j. IP network communications surveillance “systems” or “equipment”, and “specially designed” components therefor, having all of the following:
j.1. Performing all of the following on a carrier class IP network (e.g., national grade IP backbone):
j.1.a. Analysis at the application layer (e.g., Layer 7 of Open Systems Interconnection (OSI) model (ISO/IEC 7498-1));
j.1.b. Extraction of selected metadata and application content (e.g., voice, video, messages, attachments); and
j.1.c. Indexing of extracted data; and
j.2. Being “specially designed” to carry out all of the following:
j.2.a. Execution of searches on the basis of `hard selectors’; and
An editorial on the subject can be fount here:
http://www.csoonline.com/article/2948924/data-protection/regulators-seek-to-limit-security-software-exports.html
Clive Robinson • July 18, 2015 7:27 PM
@ Jacob, Bruce,
Idiots. The Federal Government, that is.
Yes trying to put software that is mainly used defensively (firewalls, AV, etc) under the Wassenaar Agreement, strikes me as remarkably stupid… unless certain people are trying to extend the life of their “zero-days”.
As I noted above, unfortunatly the doxing of The Hacking Team, is more ammunition for the Government’s argument.
People in the US need to write as a matter of urgency to the appropriate representatives pointing out that the current proposed rules are actually going to be considerably more detrimental to security if implemented than if not.
Hopefully it will be something Bruce can lend an expert voice / opinion about to the aforementioned representatives.
@Nick P, Bob S
It’s about time companies stop using M$-based Email products or Server products including Sharepoint and Exchange.
My company whom I worked for (as a cheap grunt), recently moved from personal (probably Apache) Email Servers to M$ Suite in the Cloud (Outlook, Lynx/Skype for Business… and all that stuff). I have consistently cautioned the use of Mi$ suites especially for the company which I worked for is a local Security firm and we do service the local Defense side with products but none of them ever get the message. Talk about $ecurity 😀 .
I personally veer off-course from policy and use Thunderbird and also allow my clients to use PGP to contact me if they so request but so far no one have actively asked for PGP comms and also the most paranoid amongst them. I was told to install Android’s M$ Office and Skype for Business on my mobile phone but I refused (despite the higher ups being upset). Just a note, if you install these suite, you can’t go Invisible mode and it tracks you so that’s the reason I don’t install. I prefer to install Open Source codes that I can vet personally which I have done before in the past.
I wouldn’t be surprise sensitive business emails between us and our clients are exposed to 5Eyes sniffing long before the switch to M$ Suite.
@name.withheld.for.obvious.reasons
Regarding hardware write disabling, it’s a good idea.
@jacob
DIY your own boxes for security. Honestly, most security boxes are simply HP Servers or Dell Servers from what I have dugged around in my client environment. They just re-label the stuff and call it their brand. Any digging around in Checkpoint or Forescout, it’s just modified Linux (root + SSH), Web GUI, logic codes, additional Ethernet ports and so on.
You could make your own firewall box or DNS server with a good amount of Linux distros supporting them and if bare Linux ain’t comfortable, you can strip it down or even do higher assurance stuff with it by shrinking the codebase to whatever you need (small TCB).
If you need IDS tools, you can install Snort on your Linux RaspberryPi box and then put it in between your network and there you go.
Most commercial boxes owe a lot to Open Source efforts and they simply package around these good Open Source projects in nice looking server boxes.
Even the HSM boxes would likely be running some version of UNIX system on their SOC chip and I heard Thales uses PowerPC chips (I suspect it’s FreeScale’s PowerPC variant) with security design and a little magic power here and there and a customized UNIX embedded OS to run the SOC chip and done. The Thales chips don’t have a lot of EEPROM key store space though. What if I use a smartcard chip (widely available), modify it to operate only with it’s Secure RAM backed by a button battery and hooked to a constant power source like a USB of a host computer (that’s probably the Thales nCipher pocket HSM type but it uses ARM SOC chip for pocket HSM) and pot the entire package in a very tiny and compact tamper evident epoxy package, I would pretty much have a HSM of sorts.
@all
We need more practical DIY tutorials as Nick P have mentioned. @Markus Ottela have started the ball rolling with his TFC and I have been digging into customizing a more assured microkernel OS stack.
More the better 🙂 .
@all
Maybe a slap in these Warhawk Govts face (and yes it must insult their pride) is to sell/provide them corporate versions with no security and assurance (as though the codes and layouts are done by 4 year olds) and then provide the community with good stuff and quote whatever arbitrary regulations in their faces.
While the West are struggling with internal and external conflicts and hindering their own and others capabilities of technology, the East has been catching up in terms of capabilities of technology.
Samsung itself have a CC EAL 7 smartcard chip in 2013 (http://www.samsung.com/global/business/semiconductor/news-events/press-releases/detail?newsId=12762) and the West would only have EAL 6+ (e.g. SLE78 from Infineon). The Chinese, Japanese, Koreans and Southeast Asians are on a technological thirst whereas the West is sitting down and too contended and their best excuse and methods to prevent their friends and rivals from improving is simply to dump trade embargoes, weird treaties or the use of covert or overt force.
Skeptical • July 18, 2015 8:03 PM
@Gerard: You make the following argument (quoting from your comment):
It has been roughly a year ago that Obama started his air war against ISIS [1]. In 2003 the US army wiped away the Iraqi army in a couple of weeks. …
Now it’s 2015. ISIS plays its game in that same desert. … So how come it is possible that ISIS is still around after one year of US air force at war against it?
The only answer I can come up with is that the US wants ISIS to be there. Why? Because the US needs a bogeyman around (but far away). Why does the US want a bogeyman constantly around? To justify military spendings.
As Nick points out, your premises are incorrect. The US hasn’t employed the same amount of resources it did to invade Iraq in 2003. So ISIS has not played the role you ascribe to it (justifying a significant increase in military spending).
Outside of legitimate drivers of military spending (i.e. genuine national security concerns – though people differ over what those should be), the primary “illegitimate” driver is Congressional members who want a particular military program in the budget because the program results in jobs in their district.
For instance, if you represent an otherwise poor district in which a company that manufactures components for a given system provides many jobs, then you’re going to want that system purchased by the defense budget, even if the Defense Department is telling you that they don’t want or need that system.
And because Congress – not the Department of Defense – ultimately decides on spending, the result is that the military gets some of what they actually want/need, and some of what they don’t want. And of course, they also won’t get some of the things they do want.
But for the most part US defense policy is decided by actual policy considerations. For example, the US “surge” in 2007 wasn’t the result of a desire to spend more money on operations in Iraq, but rather the result of the efforts of a group of individuals who believed they had a strategy that could achieve stability in Iraq and a second-term President who was persuaded to try that strategy. The success of that strategy, of course, was the result of the efforts, and sacrifices of varying magnitude, of millions.
ISIS is a despicable, evil organization, which the US and most of the world would quite happily see destroyed. And the US is doing a lot to help contain it and ultimately enable its destruction. But it also doesn’t pose sufficient threat to the US to justify a massive commitment of US resources to kill it quickly. The US does not have unlimited resources, and it operates with many global commitments. It must be selective in where it undertakes massive commitments.
You can, however, be sure that many more atrocities would have been committed by ISIS had not the US intervened, even to the limited extent it has thus far.
Moreover, you must understand that the problem here isn’t really just destroying ISIS. The problem is achieving a stable and progressive state of affairs in Iraq and Syria. The US can lend support to certain groups who seek to achieve those ends, and it can weaken groups who oppose it, but absent an absolutely massive expenditure of resources the US cannot simply solve that problem outright. This is a long game, and though the US has an important role to play, the resolution will ultimately derive from players on the ground.
Now – all that said – should a 9/11 type event occur, much of that goes out the window. Two 9/11 events in less than two decades will likely result in an extremely strong display of US force. I would expect to see hundreds of thousands of troops on the ground, massive air resources, enormous support from US allies, and a rather dramatic political solution: the division of Iraq, and perhaps the division of Syria. This would all be done, moreover, by a military with many years experience of recent fighting in that region, and heavily populated by veterans of that fighting. It’s easy to underestimate the importance of that type of experience and operational know-how.
In other words, you would not see a replay of Iraq 2003-2011. You’d see a campaign that began with all the lessons learned from the mistakes made in that war.
Leaving aside the horrific humanitarian results from the precipitating event (the second 9/11) and from the conflict that would follow, it would also be a strategic setback for the United States and much of the world, as the primary strategic challenge on the horizon is the question of China: will China, and all concerned parties, achieve peaceful integration, or will China turn war-like challenger of the status quo, with potentially catastrophic consequences.
Figureitout • July 18, 2015 9:02 PM
BoppingAround
–Thanks for more perspective and a couple data points. Memory is a consideration for live systems (for some reason it wouldn’t show in add-on manager before in iceweasel).
Thoth RE: more tutorials
–Yep more. M. Ottela definitely started the ball rolling w/ a full on chat system w/ file transfer capabilities (but doesn’t include a “guard”). Also while he put a bunch of pieces together for one of the hardest open setups documented today, it was built on work from Mr. Vazzana in Italy, Douglas Jones in Iowa, crypto from various cipher creators, and python.
And glad to see more eastern movement in tech, perhaps we’ll be copying some of your guy’s designs (then reselling for pennies and corrupting entire supply chain) for a change and building it here? :p I believe I went past a TI fab lab the other day, wish I could’ve stopped.
Buck • July 18, 2015 9:32 PM
@Skeptical
the primary strategic challenge on the horizon is the question of China: will China, and all concerned parties, achieve peaceful integration, or will China turn war-like challenger of the status quo, with potentially catastrophic consequences.
Precisely to the point here! I like it 😀
While the relative lack of historical evidence of Chinese global wars of aggression does provide me with some modicum of hope for our world, geopolitics still remains as a complicated subject.
Surely, the parallels between China’s current status as the world’s industrial power-base and that of the U.S. in the lead up to WWII do not ellude you… The sheer difference in populational counts could possibly make this period of time different though, I think.
The possibility of a 21st century version of the Manhattan Project to turn the tables is also not lost on me…
I just wish that a peaceful resolve is realized, rather than the usual mass-murder followed by a slower era of reconstruction.
@Skeptical
“the primary strategic challenge on the horizon is the question of China: will China, and all concerned parties, achieve peaceful integration, or will China turn war-like challenger of the status quo, with potentially catastrophic consequences.”
With the mirror turning backwards, what have the US/UK been doing ? The acts of War that US/UK have inflicted on the surface of Earth and the covert and overt efforts to meddle with the World itself been beneficial ?
…or just twiddle our MIRVed DF-41 HGVs and SCO BrahMos platforms and watch as you bleed yourselves white and sicken with corruption.
Curious • July 19, 2015 2:21 AM
Does the RC4 code only consist of 9 lines of code?
@Curious
Where did you get the codes ?
Curious • July 19, 2015 6:00 AM
@Thoth
I am not a programmer. It was from some recent article on the internet somewhere about RC4. I eh totally forgot where. I guess I misunderstood the context if 9 lines of code perhaps seem way off to you guys.
Gerard van Vooren • July 19, 2015 6:08 AM
@ Skeptical
“As Nick points out, your premises are incorrect.”
I think not.
“The US hasn’t employed the same amount of resources it did to invade Iraq in 2003. So ISIS has not played the role you ascribe to it (justifying a significant increase in military spending).”
This is what I said: “Why does the US want a bogeyman constantly around? To justify military spendings.” Note that I didn’t say “a significant increase in military spending”. It is continuity they want, like every establishment. That is also why they want a long lasting bogeyman.
“The US hasn’t employed the same amount of resources it did to invade Iraq in 2003.”
ISIS is a three division military strength organization. You don’t need a full army strength to destroy them. What the US air force is doing instead is constantly provoking ISIS with their air strike killings. A sneaky move if you ask me with unpredictable consequences.
Clive Robinson • July 19, 2015 6:16 AM
@ Thoth, Sergiy,
You might find this of interest,
http://chipkit.net/unix-on-chipkit-fubarino-sd/
Aside from runing BSD on a microcontroler, the hardware used can do other interesting stuff as well…
The PIC32 unlike the earlier PIC24 has a software interupt that makes context switching to kernel code much easier. This is because the PIC32 is not a traditional PIC architecture but a MIPs.
As you will see “ChipKit” make a number of boards, and importantly some have Arduino stackable “shield” extension buses.
So… you could say “yah boo sucks” to Google and Acorn Risc Machines (ARM) and have your own BSD Phone 😉
@ Sergiy,
… use multiple inexpensive MSP430, PIC micros, etc. True multi-thread with HW handshaking. Any individual device cannot beforehand predicted which role it will play. Use one for, say, memory, another for comm, etc. Synergistic performance exceptional.
It’s funny you should mention using microcontrolers in the way you did, I’m sure @Wael will have gone “Agh ha CvP”. I used PICs to form the MMU’s and bus arbiters for the shared memory that put other PICs in “prisons” when researching the idea.
As for the 430 it is an interesting second generation 16bit chip, but they missed a trick in it’s design that made me pass it over some years ago. As you probably know it has an inbuilt DMA controler that works very well “in chip”, however a lack of external strobe means it sucks with shared external memory and has no real advantage over CPU controled access to external memory, which is a shame. Also compared to the similar priced 32bit chips around it lacks RAM. Where it does score over the PIC is it’s easer to learn/use assembler level programing.
There is however a 430 part that might interest a number of people (including @Figureitout) which has the C1011 Sub-Ghz radio transponder chip built in, it would be ideal for RF-Meshnet experiments… and I’m told the cheapest way to develop with it is to go out and buy “a childrens toy” that has a little PCB with one on.
@ Nick P,
The newer versions of the PIC32 have on chip CAN / ethernet and hardware AES and TRNG. You can get development boards for around 120USD and chips mounted on converter boards for MicroChips Explorer 16 board for around 25USD.
http://www.microchip.com/pagehandler/en-us/press-release/microchips-pic32mz-32-bit-mcus.html
The CAN bus or ethernet hardware could be used to for the “pinch point” arbitered interface between chips for a “seperation” design. Thus building a hardware “voice encrypter” whilst not trivial would be an achievable “home brew” project.
Oh and with your liking of Pascal, the traditional PIC family also have a Pascal Compiler available from Serbian company Mikroelektronika. Who have made quite a name for themselves in the European embedded marketplace.
Gerard van Vooren • July 19, 2015 6:41 AM
@ Skeptical
Adding to my previous post I agree (kind of) with the rest of what you said. I still haven’t, and probably never will, the enigma with the name China. I do know they are very clever and most of the time they are ‘in’ for the long term.
Gerard van Vooren • July 19, 2015 6:50 AM
I should check my comments before posting them…
@ Skeptical
Adding to my previous post I agree (kind of) with the rest of what you said. I still haven’t, and probably never will, figured out the enigma with the name China. I do know they are very clever and most of the time they are ‘in’ for the long term.
Purple Dibble • July 19, 2015 6:59 AM
@name.withheld.for.obvious.reasons:
Have you considered comparing the BIOS firmware in your infected box with the stock firmware provided by the manufacturers, looking for evidence of persistent malware? There are a few neat pointers in this presentation from DefCon 2014:
Please let us know how you get on with it.
BoppingAround • July 19, 2015 9:19 AM
Figureitout,
A little more on the addon: there is also a built-in element picker to ease the process of killing the unwanted — something that wasn’t included into ABP and required the installation of another addon.
Another minor feature I’ve reminded myself of is that it shows the number of blocked elements on the page. Nice, if you wish to know how much rubbish it kills.
Bruce Schneier • July 19, 2015 9:51 AM
“Does the RC4 code only consist of 9 lines of code?”
That sounds about right.
Bruce Schneier • July 19, 2015 9:53 AM
Re PasswordSafe: “Source Forge isn’t as good as it used to be. I will just leave it at that.”
We’re considering moving, but if we do we become an abandoned project on SourceForge, which has its own problems.
Nick P • July 19, 2015 10:59 AM
@ Clive Robinson
Yeah, they look nice. I considered using them for either I/O mediators or the I/O chips themselves where host had no DMA. The problem for anti-subversion use: PIC’s ubiquity makes them best target. More so for one with onboard crypto. They’re also a U.S. company. With all that, we might as well use one of the awesome SOC’s from Freescale. I know iMX is around $4 in quantities of 100. Or just a U.S. FPGA where I/O mediation is more believable and custom.
Nah, what we need to look into are PIC-style microcontrollers or SOC’s made by obscure outfits with lower subversion probability. They need Ethernet, IDE/SATA, and PCI. SuperH v2 is on my list as that shifts subversion to Japs or French, although I doubt they’re doing that for v2 chips. What else?
Note: Mikroelektronika is an interesting company. Might source some boards from them. Bookmarked.
Jacob • July 19, 2015 11:39 AM
@ Nick P
You need to tradeoff wealth of design support for obscure chips.
Another good candidate with very good design support is the well known ST micro (HQ in Geneva).
Look for example at their STM32 line.
The open source HSM group Cryptech is using that chip (STM32F4) in conjunction with Xilinx FPGA to do their stuff.
If you don’t have endless time to spend on chip-level implementation, I would suggest to look at the Novena notebook (open SW/HW, designed and produced by the amazing chinese hacker Bunnie).
That notebook is just fresh out of the oven, and is geared toward people who like to hack and extend their HW. Needless to say, the BIOS is GNU licensed, open and modifiable
Wael • July 19, 2015 12:15 PM
@Clive Robinson, @Nick P, @all,
It’s funny you should mention using microcontrolers in the way you did, I’m sure @Wael will have gone “Agh ha CvP”.
You’re right, I really did. But I didn’t know what else to add that hasn’t been said in the past discussions.
Clive Robinson • July 19, 2015 12:28 PM
@ Nick P,
You will probably smile at this…
As you know North Korea is “building it’s own” “OS for the people” that appears to be a modified version of Linux made to look like Mac OS and given the moniker “RedStar”.
Well it appears they can not resist adding a few goodies to the system, in the form of user file “watermarking”…
http://www.insinuator.net/2015/07/redstar-os-watermarking/
By the looks of it the watermarking is actually not very good and thus various questions can be asked of it.
The recent debacle that has started over idiotic comments by the likes of Comey, Cameron and Obama has caused not just the renaming of the Clinton era “Clipper Chip” debacle into “Crypto War I”, it’s also caused one of the past idiots on the Executive side to try to make milage on attacking on of the researchers of the time…
Thus Matt Blaze’s work on how you could avoid the Key Escrow indicator in the Law Enforcment Access Field (LEAF) is brought back to mind.
And thus the idea of mangaling the RedStar Watermark system.
The system obviously checks files not just for type but if they have a watermark. But does it also check a present watermark to see if it’s valid or not? And if so to what level?
That is could a user make a phoney watermark that passes the verification process?
I suspect you can make a phoney that passes for a couple of reasons.
Firstly the only way the OS could have a sufficiently unique watermark is by fingerprinting the hardware. In effect the fingerprint is a one way process, thus you can not from the watermark check backwards to see if the combination of fingerprints is valid or not.
Secondly and more importantly you have to think why the LEAF had the hole it did. Those bods at the NSA are, when it comes to certain kinds of technology, some of the brightest kids on the block. The “bug” should have been spoted, or perhaps as some now think it was a deliberate feature… but why? Well as I pointed out a few days ago you have to remember the Olly North issue. He only got caught and prosecuted because he did not use encryption and his emails had got copied to backup tapes on various servers. Part of the “Clipper Promise” was that all US Govt personell would use it and thus be subject to law enforcment where required. Thus the “spooks” would want very much a way to get around the LEAF… As has been pointed out excercising the “bug” is not easy, but it can be done, and as with all these things there may be a trapdoor init that alows it to be done reliably. Such a “feature” is irresistible to those who wish to remain above the reaches of the law or other enquirers, thus I suspect RedStar’s watermarking has a “bug” that can be a very useful “feature” to the NK hierarchy who wish to remain “unobserved and unatributed”.
Comment • July 19, 2015 1:00 PM
@Martin
@Bob S.
Password Safe seems to have had its day.
KeePass Professional is also open source, well reviewed and more fully featured than Password Safe. It uses AES-256, gives you the option to set transformations and has obfuscation if you choose to use the auto-fill feature.
Have a look for yourself at the features and perhaps give it a try.
Nick P • July 19, 2015 1:06 PM
@ Jacob
That is a good possibility. There’s three countries involved in that effort along with plenty of security engineering. Also, I like Novena enough that I plan to crowdfund next iteration. Not for its security: probably has little. It’s a nice start, though, in direction of a laptop that’s more open, that’s controlled by owner, and… has an onboard FPGA. Let’s not have me pretend I didn’t want one in everything I own. Shit, I want one in my smartphone and Microsemi makes some that use milliwatts despite being quite capable accelerators.
@ Jacob, Clive
The Gemalto hack and Netherlands being less on the offensive suggests they should be on the list. If spooks had access, they wouldn’t have their people trying to do that, eh? Well, there were other motivations that might have led to it.
@ Clive
Well, at least they improved the user interface and the boot image looks pretty cool. The watermarking feature is clearly there to ID and punish dissidents. The mechanism should be easy to bypass once it’s R.E.’d. However, I’d figure that North Koreans already suspect the system to spy on them. They probably just rely on face-to-face communication with people they trust and letters passed through the same types of people. Sometimes the old methods are the best.
@ Comment
I agree. Password Safe served us well back in the day. KeePass has long surpassed it and it’s portability is by itself a strong argument for using it.
Jacob • July 19, 2015 1:17 PM
@ Comment
Assuming that the design of each program is well done, my own personal opinion is that PWSafe is more robust than KeePass: The code is simpler and tighter, and is not dependent on .NET. The attack surface is much lower, and this is what I value in a sensitive program like that.
OTOH, KeePass has many more features, some of them are really nice.
name.withheld.for.obvious.reasons • July 19, 2015 2:10 PM
@ Nick P, Clive Robinson, Thoth, Wael, Figureitout, et al
Let me summarize what I “suspect” is the operative behavior of the issue(s) I am dealing with; this will be the basis for scenario development.
This is the basis for scenario development, as I am certain the current level of scrutiny within, or to, my operational environment is currently low. I am proceeding with the analysis (post-mortem) and escalating the logging levels of the multi-layer audit infrastructure (from the external interface(s) to their interfaces, internal interfaces and their inter-connects, and host level logging. Changing the syslog and traps to warning…up from error. No need to go to debug at this point for any of the network(s).
Ideally I’d drop my internal net(s) and not as a DMZ net, insert a honey net as a replacement to my first layer network. Just don’t have the time or the additional WAN that I’d use to bring in the existing network(s). For the heck of it I am putting a dedicated sniffer into the first layer just for insurance.
Next week I will acquire the data (ignoring the hardware for the time being) as part of an initial forensic analysis. Using the results, the decision to work backwards (i.e. forensic analysis of the host platform) will be understood. Once there is sufficient problem determination, I can prepare reports detailing the analysis.
zerofifty • July 19, 2015 2:17 PM
@Comment
KeePass Professional is also open source, well reviewed
…
Have a look for yourself at the features and perhaps give it a try.
Seems like one of those “open source” programs where you have to really search to actually find the source code.
name.withheld.for.obvious.reasons • July 19, 2015 2:23 PM
@ Skeptical
In other words, you would not see a replay of Iraq 2003-2011. You’d see a campaign that began with all the lessons learned from the mistakes made in that war.
Your bias is apparent, the use of the word “campaign” suggests a specific strategic approach…and here lies the problem. There has yet to be a strategic analysis which by the way would be premature as there is no significant/sufficient problem analysis.
Every time the U.S. sees a problem it reaches for its universal “Leatherman” pliers, the DoD, and attempts to affect repairs. I don’t know about you, but when one of my tires goes flat I don’t shot the other three to resolve the issue.
For me the problem space, from the context of the problem, has yet to be enumerated.
“Seems my hypocrisy knows no bounds.” Val Kilmner, as Doc Holiday, Tombstone
or
“Who are you that are so wise in the ways of science.” — attribute the quote (allows me to ascertain your level of consciousness)
Comment • July 19, 2015 2:36 PM
@Jacob
KeePass do two versions, one of which is not reliant on Microsoft .NET.
My concern with ‘Password Safe’ is that, unlike KeePass, it is no longer updated.
@zerofifty
You don’t have to search the source code… it’s on the same code as the download page!
http://keepass.info/download.html
Scroll to the end
Skeptical • July 19, 2015 3:00 PM
@Gerard: This is what I said: “Why does the US want a bogeyman constantly around? To justify military spendings.” Note that I didn’t say “a significant increase in military spending”. It is continuity they want, like every establishment. That is also why they want a long lasting bogeyman.
ISIS isn’t necessary to justify military spending, and military spending wouldn’t be substantially affected whether ISIS existed or not. The US spends a lot on its military because it has a large number of security commitments, and because it believes that maintaining an overwhelming lead in military capability is the best way to encourage stability in key regions.
The US would prefer to spend less, not more, on operations in the Middle East. Frankly the ideal outcome would be for populations in the ME to accept Israel as a legitimate nation, to tolerate religious diversity, and to stop hating one another to the point of continually threatening violence. Some of the ME is already there. Unfortunately some key players and groups are not.
Let me take an extreme example: ISIS. It has adopted a twisted ideology which it uses to forge a group identity, attract new recruits, and enable an organization that seeks to establish control over certain territories and populations while killing, enslaving, or driving out any groups who do not fully adhere to their ideology.
Their ideology is barbaric, their actions more so – they’re in essence a giant black hole for human flourishing, growth, and stability. You think the US wants that kind of group running around the Middle East while trying to radicalize anyone they can talk to in other countries? I think not. The US would rather be building factories, drawing up trade agreements, selling farming equipment, etc. ISIS is a burden. There’s nothing positive about it.
ISIS is a three division military strength organization. You don’t need a full army strength to destroy them. What the US air force is doing instead is constantly provoking ISIS with their air strike killings. A sneaky move if you ask me with unpredictable consequences.
ISIS isn’t a conventional military organization, and the problems it poses aren’t conventional military problems. You speak as though ISIS are infantry divisions in well defined camps, and all that needs to be done is drop the right amount of ordnance on those camps. Poof, no more ISIS. But in fact ISIS is embedded in the cities and towns it controls. Removing ISIS means using ground forces to take and secure those cities and towns; keeping ISIS from returning means enabling those cities and towns to have a secure, stable, and legitimate government. That’s a very hard problem, and it’s not something that the application of air power can solve.
As to the idea that the US is deliberately simply “provoking” ISIS with air strikes, in some “sneaky” fashion, rather than destroying ISIS, I think this idea of yours flows from the misunderstanding of what kind of problem ISIS poses. Air power alone cannot resolve the problem. The US, and other nations, selectively hit targets in support of certain ground operations, or to prevent significant operations from being conducted by ISIS.
Moreover US support does come with certain conditions. Part of what enabled ISIS to make such gains in Iraq is the fact that the Sunni population has been subjected to predatory behavior by a Shi’ite dominated Iraqi Government, a Shi’ite dominated Iraqi military, and various Shi’ite militias (all supported, overtly, by Iran). The US sees no point in merely enabling such a state of affairs to continue.
albert • July 19, 2015 3:25 PM
@Skeptical, @Gerard,
You guys are looking at one tree. The forest is the big picture. If you read Kissinger and Brzezinski, you see that they have been promoting the same ideology for decades, and that is US total economic and political hegemony, world-wide. This long term goal has been published for years. It’s not a secret. Regardless of what you may think of these men, pay attention to what they say, because you can see ‘their’ policies continually implemented everywhere.
I know I’m always talking about following the money, and the US defense establishment (“military-industrial complex”) is making plenty, but that’s only a benefit, a side effect, a necessary expense. Military action is but one aspect, a logical progression, if you will, of US geopolitical thinking.
Oversimplified, it is a carrot and stick approach. The ‘stick’ part is military threat or direct action, and the carrot part is economic. The military aspect is obviously used against small countries that have little military capability. The ‘carrot’ part appeals to the local oligarchs in the target country. They believe that they will become rich by establishing local banking systems that move in lockstep with the US-dominated world banking system. If they keep ‘approved’ politicians in power, often with US help, they will.
Obviously, the US hegemons and the vassal state politicos and oligarchs don’t give a rats sorry ass(RSA) about anything or anyone that doesn’t assist in effecting their goals, so trying to use logic in these cases will always fail.
‘Eurasia’ (Eastern Europe, the Middle East, Russia, China, and SE Asia) is the Target. It has been since Nixon. That the present day situation was foreseen decades ago is remarkable. That Eurasia doesn’t want to play nice leads to creation of bogeymen like Russia and China. They are the ‘existential’ enemies of US hegemony.
Easy to understand, hard (for some) to accept.
.
…
Jacob • July 19, 2015 3:44 PM
@ Comment
KeePass V.1.x, without the DOTNET, has much less “goodies” than the DOTNET version 2.x, and my impression is that “the best and the latest” go into V.2.x.
PWSafe is actively maintained, with about twice-a-year updates. The last version, 3.36, came out last month.
BoppingAround • July 19, 2015 4:20 PM
re: KeePass
There is also KeePassX. It used to be a port of KeePass to Linux but now it’s a cross-platform application.
Skeptical • July 19, 2015 4:27 PM
@Thoth: With the mirror turning backwards, what have the US/UK been doing ? The acts of War that US/UK have inflicted on the surface of Earth and the covert and overt efforts to meddle with the World itself been beneficial ?
Those nations whose people enjoy the most freedom, where diverse religions and cultures are most protected, where individual rights and liberties are most secure, are also those nations which have been under the aegis of US and allied military protection for decades. That’s not to excuse some of the gross mistakes in judgment and action that the US has made at various points, but it’s important to understand those mistakes with the full picture in mind.
@name.withheld: Every time the U.S. sees a problem it reaches for its universal “Leatherman” pliers, the DoD, and attempts to affect repairs. I don’t know about you, but when one of my tires goes flat I don’t shot the other three to resolve the issue.
“Sometimes” the US does so, but “every time” is rather obviously false. The Marshall Plan, for example, was an attempt to achieve an objective by non-military means. Economic sanctions are another tool that has been frequently used. Diplomacy, cultural exchange programs, military exchange programs, trade programs, and treaties, are a few other tools frequently used. Providing uncensored access to the internet and to a variety of sources of information is another. To give an example, at one point the CIA covertly financed the publication of a rather classic work in the Soviet Union.
@Buck: Surely, the parallels between China’s current status as the world’s industrial power-base and that of the U.S. in the lead up to WWII do not ellude you… The sheer difference in populational counts could possibly make this period of time different though, I think.
I think the analogy that worries everyone is that of Germany rising to power pre WW1 or pre WW2. The animosity and distrust between nations in East Asia is significant, and there are serious territorial and political disputes that remain unresolved.
Hopefully China opts for peaceful integration, which benefits everyone, China especially, but human beings are imperfect and it’s not difficult to envision a scenario in which China miscalculates the effect of a military move and finds itself in a war with the United States – and by extension, since the US has military alliances with a large number of other countries, at war with half the world.
You can imagine an over-confident PLA, a faltering Chinese economy, and a CCP that believes it can score major points with the populace and protect its position in power by using the military to accomplish some feat connected with Chinese national pride, such as the involuntary unification with Taiwan. The PLA may believe that if it can take Taiwan before the US can intervene, then the US will not have sufficient political will to attempt to force the PLA out of Taiwan (hence PLA investment in what is often called anti-access/area denial capabilities). Preventing the US from intervening successfully, however, will probably involve anti-satellite operations, anti-submarine operations, certainly cyber and electronic warfare, and possibly strikes against US surface naval groups and some US aircraft – all while destroying Taiwan’s defenses and successfully staging an amphibious assault and rapid occupation of the entire island.
Personally, I’d say that such an operation would be a horrendous idea – but with the right amount of overconfidence (all our operations will go according to plan, we know everything there is to know about American capabilities, strategy, and tactics, etc.) and incompetence, it’s a scenario that starts to look like one of many great miscalculations we find in history.
And now let me make this a few orders of magnitude worse. Suppose that the US had very little in the way of intelligence as to what Chinese intentions actually were. That lack of intelligence might lead the US to assume the worst, which might lead to a military response far exceeding in magnitude what the Chinese had planned upon – and on it escalates.
Of course, the best case here is that the US becomes aware of the operation BEFORE it happens, enabling measures short of violence to be taken that avert the disaster.
For that to happen, though, the US would require very good intelligence. The kind you might get from being inside another government’s systems and communications, and from a few courageous men and women who want what is best for their country and not simply what is best for the rich party elite. The kind you might be monumentally stupid to put at risk by leaking it, or by placing it in the hands of those too irresponsible or too lacking in knowledge to properly protect.
Clive Robinson • July 19, 2015 4:40 PM
@ Comment,
Password Safe, might not have the features of other password managers, but it works more than adequately at the User Interface for it’s intended purpose.
Now I have no reason currently to think “Two Fish” is broken, it might be it might not, however it is getting to the point where there are more uptodate and even standard algorithms available.
So adding new algorithms might be sensible from one view point but not from some others. The reason for this is whilst algorithms may be considered secure their practical implementations often are not (the classic case being the AES winner). Thus time based side channels amongst many other things now need to be considered in the design of any practical password manager.
Personaly I would prefer to see several algorithms included such as all the AES competition finalists and a configuration method included that allowed a user to select their choice of one or more algorithms in a chain (think about how 3DES improved DES).
It would also be nice to do one or two other things from the command line, to take further advantage of the work involved in providing updated algorithms. However care would have to be taken to prevent any increase in functionality making information leakage more likely.
You can learn a lot from that post up there. That is how a bignose thinks about China, threat threat threat threat and OMIGOD what if we have no INTEL. Even though they always get the INTEL wrong. This one couldn’t find China on a map, much less get the jokes if he ever blunders in. A hopeless provincial, even for the USA.
Despite your fears, we are not your enemy. We understand you, your big skeptical nose and your skepticism about everything except whatever your government tells you. The USA has only been in existence for a couple of centuries. It’s still struggling to negotiate the transition from black slavery to forced-labor penal camps for blacks. Your arms merchants are crooks who we would execute for graft and failure. Also you suffer from that non-racial genetic/environmental IQ gap with us, you know, The Bell Curve. Embarrassing, we know, but there it is.
You can’t touch us. We don’t need anything from you. We’re just going to wait while your dynasty expires into chaos, and in the meantime entertain ourselves with the humorous perversions you confess to in your ineptly-protected vetting files. Here is what we’re going to do to you. Don’t be afraid, you’ll get used to it.
Comment • July 19, 2015 6:21 PM
@Clive Robinson
I agree in part with you.
I’ve come to rely on KeePass because of its convenience (auto-type, expiry dates, password generator etc.) and security (ability to control iterations, password entry on secure desktop, obfuscation etc.)
I do not trust online services such as LastPass; I’d much rather control the database myself. You can back it up to the cloud if necessary and, if you’re paranoid, upload it within an encrypted archive (KeePass is already encrypted anyway). There are mobile apps for KeePass if you need on-the-go access.
My concern with cloud-based password managers is that they’re: a centralised target, in the control of another party and I would not feel comfortable accessing such an important database on an untrusted computer thereby negating the main selling point – ‘use me anywhere’.
I didn’t realise that Password Safe was still being maintained until ‘Jacob’ confirmed it does receive updates. Last time I looked at the source code there were a couple of features I noticed that weren’t documented; nothing malicious but perhaps Bruce would care to comment?
It’d be nice to see AES implemented (128, 192, 256) along with sufficient key stretching of course. But on its own it lacks the functionality that I need. I have no reason to distrust it, the security seems fine, it just doesn’t fit my needs.
John Galt III • July 19, 2015 6:36 PM
As always, I appreciate the high level of discourse.
@Bruce – I was slow to realize that most or all of the talent needed to write a “best practices” compendium is available in your blog audience. It’s not a bad idea for a future book to have your closest 12 to 20 friends each write a chapter.
John Mauldin did it:
Just One Thing: Twelve of the World’s Best Investors Reveal the One Strategy You Can’t Overlook
http://www.addall.com/New/compare.cgi?dispCurr=USD&id=82401&isbn=9780471738732&location=10000&thetime=20150719163346&author=&title=&state=NH
BTW, John’s father was Bill Mauldin, the famous WWII cartoonist.
rgaff • July 19, 2015 7:16 PM
@ Skeptical
The best case is that the US becomes truly omniscient and stops every war and terrorist act and major or petty crime, worldwide, before it happens. What could possibly go wrong with such power.
If not, then where do you draw the line? We’ve had this conversation before, there are no lines that can’t be crossed. The end justifies any means, right?
Is smaller better? • July 19, 2015 7:27 PM
@Nick P
Also, I like Novena enough that I plan to crowdfund next iteration. Not for its security: probably has little.
Why do you say it probably has little?
Is this because of the EM security of the system?
Which raises another question that I’ve been wondering about lately.
In general, is a small mobile device with an 4″ LCD screen more secure from TEMPEST type attacks than a desktop system with a 21″ LCD monitor?
Wael • July 19, 2015 7:28 PM
@John Galt III,
It’s not a bad idea for a future book to have your closest 12 to 20 friends each write a chapter.
Unless you expand that list to 12 – 20 Million, I don’t stand a chance. I do however volunteer (id est nominate my unselfish self) to write the epigraph for each chapter. It’s going to be in the form of a limerick 🙂
Buck • July 19, 2015 7:38 PM
@Skeptical
Suppose that the US had very little in the way of intelligence as to what Chinese intentions actually were. That lack of intelligence might lead the US to assume the worst, which might lead to a military response far exceeding in magnitude what the Chinese had planned upon – and on it escalates.
Of course, the best case here is that the US becomes aware of the operation BEFORE it happens, enabling measures short of violence to be taken that avert the disaster.
For that to happen, though, the US would require very good intelligence. The kind you might get from being inside another government’s systems and communications, and from a few courageous men and women who want what is best for their country and not simply what is best for the rich party elite. The kind you might be monumentally stupid to put at risk by leaking it, or by placing it in the hands of those too irresponsible or too lacking in knowledge to properly protect.
This actually makes a lot of sense to me!
Though, that really makes me wonder why this high level of quality discourse seems to be boiled down to “China bad” or “Russia bad” or “U.S. bad” by the time it gets filtered through to the popular press…
I mean, I’m pretty sure that the major world powers are already well aware of what spying actually is and how it works. Plus, political witch-hunting has been a thing for quite some time now – would any public honesty about it now really lead to any more undesirable actions?
For sure, don’t let me know who those brave men and women are, because I’m liable to blab about it to anyone who’d listen. Yet, you’ve effectively explained your real position here and done so without putting anyone in an unnecessarily risky situation.
When all we hear is radio bullshit, some of us will naturally start to wonder what it really is that we’re working towards…
@Nick P, Clive Robinson
I doubt a mediator chip requires crypto capabilities baked in ? If there is crypto, there is higher chances of subversion as well. Might need to take that into consideration ?
The mediator can either do software crypto from ROM codes or EEPROM and that’s fine and it could link itself to a crypto co-processor on another chip so the risk moves out of the mediator chip since the mediator chip is like a hinging point of trust in the design.
Re: N.K Watermark
Should just be using text/hex editors instead of fanciful documents 🙂 . Another reason plaintext/hex is so much better than DOCX and all that. Of course for the few savy N.K. they would have figured out and usually those are the top echelon.
@all
Re: Password storage algorithm
Ideally, it should have a strong algorithm like all file encryption since the password file is afterall a sensitive file database.
What can be done is to simplify the options. A paranoidode using 256 bit keyed cascades of Serpent-Twpfish-Rijndael which is slow but more secure or a fast but weak version with a 256 bit keyed AES top 3 finalist algos as standalone.
This would give a decent offering of security and not to forget software security are less viable these days as they offer so little assurance.
Offerings like hardware smartcard or USB token holding a split share of keymats while the user password is the other keymat would be mpre useful.
Anura • July 19, 2015 8:49 PM
@Thoth
A personal password database is too small to really worry about the cipher itself. Your primary focus should be on the key derivation function. Even the best attack against DES requires 2^43 known plaintexts – although the key itself is weak enough to be brute forcible (56-bits), even then your weak point is much more likely to be the passphrase. A four word diceware passphrase still only provides ~51.7 bits of security. Use AES, Salsa-20/ChaCha-20, Serpent, or Twofish, and the cipher is not going to be the weak point in your system. I would recommend you use scrypt configured so it consumes all of your L1 data cache and takes a second to derive the key, and then with a strong enough passphrase it will be too expensive to be worth it to break. For bonus points, store an additional static key on a USB thumb drive (but always combine with a strong passphrase).
@Anura
What I really meant was to use a robust file encryption technique to handle databases of password files since both password files and normal files are still files.
In the same way, a password manager is a file encryption with a database logic for structured data. The dual use of doubling the database encryption and using it as a file encryption is rather useful.
If it is software-based, I would combo scrypt and bcrypt for the best of both worlds. If it is hardware-based, you need secure GUI or at least secure PIN entry with hosting the software in the secure boundary of the token with PIN try limits.
Nick P • July 19, 2015 10:45 PM
@ Is smaller better?
Easy: everything is insecure until proven otherwise. It’s definitely insecure if its security relies on any components that are known insecure or require extra effort to bake in security. There’s no published evidence for its security. It also depends on SOC’s and peripherals of the sort people hack along with a reconfigurable chip with DMA access. Definitely insecure. 😉
@ Thoth
It doesn’t require crypto baked in. One commenter here suggested DSP’s a while back as subversion odds were low and they accelerate things such as crypto. Then there’s graphics chips (i.e. simpler ones). Truth told, though, crypto is so fast that you can get by with a slightly beefier chip. Or you can use onboard crypto with some monitoring of it or jumping between it and your crypto. Avoid exclusively using onboard RNG, though.
tjallen • July 20, 2015 12:01 AM
Do you see Diane Feinstein blaming encryption for our lack of knowledge about the Tennessee terrorist’s motives? This was from an interview on Face The Nation, so check your favorite news site for more quotes.
From an article at CBS News website,
http://www.cbsnews.com/news/feinstein-chattanooga-shooting-likely-a-lone-wolf-terrorist-attack/
She said an “extraordinarily dangerous” environment has been created by the fact that people can communicate between Syria, an ISIS stronghold, and the United States with an encrypted application that cannot be decrypted by the government without a court order.
From an article at Raw Story,
http://www.rawstory.com/2015/07/congress-to-examine-fbi-handling-of-tennessee-shooter/
Senator Dianne Feinstein, the top Democrat on the Senate Intelligence Committee, said the gunman appeared to be a “classic lone wolf,” but said it was difficult to know for sure given new encryption applications available to terrorists.
Feinstein said legal counsels at big Internet companies were unwilling to bar those apps and remove other explicit postings about bomb-making techniques unless mandated by law to do so.
There’s more, so check it out at your favorite news site.
Skeptical • July 20, 2015 1:11 AM
@too-sophisticated-for-pinyin: You can learn a lot from that post up there. That is how a bignose thinks about China, threat threat threat threat and OMIGOD what if we have no INTEL. Even though they always get the INTEL wrong. This one couldn’t find China on a map, much less get the jokes if he ever blunders in. A hopeless provincial, even for the USA.
Wow, you know a derogatory term for Westerners used by certain individuals in China – clearly you have a sophisticated grasp of East Asian international politics and inside knowledge of Chinese culture beyond the grasp of anyone who hasn’t visited, who hasn’t lived in a country nearby, or who hasn’t seen certain movies.
I’d be very impressed if the substance of your geopolitical views weren’t so devoid of fact, logic, or any substantive sign of engagement with reality. There’s nothing more amusing to me than someone who doesn’t bother with any actual research and presumes the rest of the world to be less enlightened than he is. Narcissism like that can trip you up – but I suspect you’ve already found that out, eh old boy? How irritating that the world hasn’t properly recognized your genius.
For those genuinely interested in policy questions vis-a-vis China, here is a link to a paper by Ashton Carter, currently US Secretary of Defense, written back in 2007 while he was at the Belfer Center: http://belfercenter.hks.harvard.edu/files/Americas%20Strategic%20Response.pdf
Here’s one of the key points:
China’s military future is not a secret it keeps from
the world—it is a mystery even to those inside the country.
Not even top leaders know whether China will become
the United States’ friend or foe in the decades
ahead. China’s military destiny will ultimately be determined
by its next generation of leaders, other internal
developments, and the future of cross-Strait relations, yet
America’s strategic response will also shape the future of
the U.S.-China relationship.
Given this strategic uncertainty, the United States has
no choice but to pursue a two-pronged policy toward
China. One prong is to engage China and encourage it to
become a “responsible stakeholder” in the international
community. The second is to engage in “prudent hedging”
against competitive or aggressive behavior by China,
pursuing continued engagement rather than treating the
country as an enemy.
The paper is brief, but worth reading in its entirety, as it sketches the landscape quite well that lies before the United States, its allies in East Asia and other nearby regions, and other concerned nations.
And take note of how far the position of the paper is from the absurd caricature of actual policy offered by our resident expert.
Jacob • July 20, 2015 1:59 AM
@ Comment
You said
“I’ve come to rely on KeePass because of its convenience (auto-type, expiry dates, password generator etc.) and security (ability to control iterations, password entry on secure desktop, obfuscation etc.)”
PWSafe has:
1. Auto-Type
2. Expiry Dates
3. PW Generator
4. Ability to control iterations (Manage/Options/Security)
PW Entry on secure desktop is indeed unique to KeePass and it is a good feature.
I am not familiar with the obfuscation.
Jacob • July 20, 2015 2:25 AM
Interesting tidbit:
After the Tennessee attack, the chairman of the House homeland security committee, Michael McCaul, referred to attacks on US soil by terrorists who follow directives sent over the internet and said:
“But this is, again, the new threat that’s out there over the internet that’s very hard to stop,” he added. “We have 200,000 Isis tweets per day that hit the United States. The chatter is so loud and the volume is so high that it’s a problem.”
So it appears that encryption should be his lesser problem.
@Nick P, Clive Robinson
Old computers looks like a good way for security centric application which I believe @Clive Robinson would have at least created an encryptor on one of these old computers before ?
Link: http://arstechnica.com/information-technology/2015/07/back-to-the-future-the-trs-80-model-100/
Most chips these days have Bluetooth LTE baked into the chip and it’s frustrating to secure as we don’t know when they could be used as coordination points for entry or exflitration.
I noticed that the PIC32 Microchip chips you recommended does not seem to have Bluetooth or some on-board Wireless technology on the SOC chip (unless I am missing something) which is a good thing.
uair01 • July 20, 2015 2:54 AM
NSA/NSF funding youth summer camps. A funny summary here:
http://www.math.columbia.edu/~woit/wordpress/?p=7867
Teaching thousands of kids how to crack password files? What could go wrong with that?
“We’re not trying to make these camps something to make people pro-N.S.A. or to try to make ourselves look good,” he said. “I think we’ll look good naturally just because we’re doing something that I think will benefit a lot of students and eventually the country as a whole.”
Curious • July 20, 2015 3:46 AM
I am thinking: if NSA (via IRATEMONK) and/or others are tampering with people’s firmware on their harddrives and SSD’s, I would like to learn if there is a way to detect that and have that stuff removed. How hard can it be?
This then had me me wondering if there might perhaps be “layered” firmware in hardware. The notion of “firmware” is sort of idealized for me as a consumer anyway not knowing the intricacies of it all, as if there was one monolithic firmware on hardware, or one thing on the hardware to be overwritten with firmware code. I would like to know if there are hardware that has has compartmentalized firmware, that might require additional flashing.
Me writing this had me thinking of something I read about what others have said about updating to the latest bios on my particular mainboard, supposedly the bios had to be flashed twice because of how how extensive the new bios changes were.
In addition to all that, I guess it would make sense to also consider doing a visual inspection of ones hardware, to check to see if the hardware itself has been tampered with physically.
Clive Robinson • July 20, 2015 5:14 AM
@ Is Small Better,
In general, is a small mobile device with an 4″ LCD screen more secure from TEMPEST type attacks than a desktop system with a 21″ LCD monitor?
Firstlty TEMPEST is to do with generalised “Emission Security” not a whole bunch of other things you also have to worry about as well.
There are several things required for a “useful” signal to be emmitted. Firstly, the signal must have sufficient bandwidth for the information and the carrier it is impressed upon. Secondly their must be a physical medium by which the carrier can leave the device. Thirdly the carrier must have sufficient energy to be detectable above the natural and other noise floor at the distance the receiver is from the emitting device.
If you look at Nyquist and the later Hartly-Shannon theorms you will get the base physics on this.
At a more fundemental level we have matter and energy being equivalent (E=MC^2) and subject to forces by which they interact with each other. However they are both “conserved” and due to the various mechanisms such as “radiation transport” the energy becomes disapated and drops to a background level which is why we can detect microwave energy from the time of the big bang some 14 billion years ago. Such cosmic signals cover the entire electromagnetic spectrum and give the ultimate noise floor.
However even when a carrier of information has sufficient energy it needs to be coupled into and back from the channel medium. You can look the physics up but the lower the frequency of a carrier the larger the matter of the coupling mechanism needs to be. The basic idea is an “isotropic radiator” pushes signals out in all directions equally and thus it can be seen that the signal energy drops by the square of the distance when considered as a wavefront and by the cube of the distance when considered against the volume of space it occupies, which thus effects the shape of the coupling device . However as we know from optics when considered as a wave energy can be focused, but the amount of focusing is dependent on the “effective area” of the coupling mechanism divided by the wavelength of the frequency involved.
Thus the higher the frequency the easier it is for any given effective area to radiate in a given direction.
So the smaller any device the smaller any “effective area” can be, but the higher the frequency the more effective a given area will be.
Oh and the greater the frequency of any given carrier the wider the bandwidth of information that can realisticaly be impressed upon it.
So the bigger the device, the more energy it uses and the higher it’s operational frequency, the more likely it is to emitt “compromising eminations”.
Unless of course you take precautions during the design to reduce the bandwidth, energy, frequency and area, then of course keep the energy “bottled up” by sheilding, which has it’s own problems unless you take care to manage it with absorbers that convert it to heat and transport it away by a very low bandwidth channel…
Clive Robinson • July 20, 2015 5:58 AM
@ Thoth,
I doubt a mediator chip requires crypto capabilities baked in ? If there is crypto, there is higher chances of subversion as well Might need to take that into consideration ?
If the overall design is “single chip” then yes the risk of a backdoor being there and importantly getting a channel to the outside world is significantly increased.
However, in something like a guard, checking for “extra data” it may have to deal with checking traffic that is “transport” layer encrypted link to link (which is what the Mil do as standard).
The issue with a potentialy backdoored chip is to put it very firmly in a world of it’s own. That is bottle it up and then clock it’s inputs and outputs through a pipeline such that time based side channels either cannot exist, or have an unusable bandwidth.
The physical side of “botteling it up” is to imprison it in a “padded cell” you can do this by using unetched PCB material to form an electrical field shield, inside of which you have a ferrite magnetic field shield / absorber, inside of which you have “100 ohm foam” carbon loaded foam which acts as an absorber to electrical and acoustic wave energy, with some kind of insulator between that and the electronics, which history suggests “bees wax” is good at because it also acts as mechanical damping as well. History also likes mumetal for magnetic fields…
It boils down to “cost” and producability. Thus the use of a SIM / Smart Card chip at a suitably high EAL carefully bottled up as a module could be made with a footprint about the same size as a 100 pin QFP chip.
Clive Robinson • July 20, 2015 6:15 AM
@ Anura,
Even the best attack against DES requires 2^43 known plaintexts – although the key itself is weak enough to be brute forcible (56-bits), even then your weak point is much more likely to be the passphrase.
True but those are not the attack vectors I want the crypto to deal with. Algorithmic / certification and brut force attacks whilst possible are low on my list. What I’m concerned about are algorithm implementation attacks, such as time based side channels which are relativly trivial to use in comparison.
There are ways you can split algorithms up and randomize their execution order to make power signiture attacks as dificult as certification or brut force attacks. The more crypto algorithms you chain the harder an attackers problem becomes, and within reason the easier the randomization. That is it in effect exhibits similar properties to a one way function.
Anura • July 20, 2015 6:44 AM
@Clive Robinson
Side channels are a whole other can of worms, but I am not aware of any attacks on ciphers that use purely constant-time arithmetic operations without data-dependent memory lookups, such as Salsa-20 or Serpent (which is eloquently designed so that the s-boxes can be implemented as bitwise operations). Do you have any particular reason to be concerned that that’s a problem with those algorithms? Side channels have also been identified as a (potential) problem with Scrypt (to the best of my knowledge, no attack has been demonstrated), and is possibly also applicable to BCrypt, in which an attacker might be able to perform timing attacks. I am sitting on an uncompleted paper reviewing all the attacks against key derivation functions I know of (I bring nothing new in that regard) and proposing my own alternative to avoid all of them, where I am unaware of any other algorithm that does (most attacks are purely theoretical, of course).
You haven’t developed a culture yet, it’s just pigs rooting around and lots of violence. Instead of ethics and philosophy you got genocidal religion so you run around looking for Amalekites to wipe out. Never had a cultivated mandarinate so you cannot comprehend diplomacy or comity. Your country had a brief period of making itself useful from about 1900 to the early 20s but then relapsed into barbarism.
So you don’t believe we can possibly mean it when we say what we said in 97. Or when the CIS fell apart, as your horde will, and instead of trying to take over the world we said it again and again.
Carter, good example. His liberal arts was from medievalists, which was handy because you’re essentially a pre-modern society. From his science training he got the bright idea that you should commit the crime of aggression against little North Korea. Fraidy cat, afraid of the Taepodong. Mostly though, he got US statist indoctrination: What should we blow up next? That’s all you understand. He wants more troops for ISIS because you were such an inspiring success there before.
So, old China hand, how long you lived in China? Or you learn it all at Epcot world showcase?
albert • July 20, 2015 10:22 AM
@Sun Tzu,
Skeptical is a firm supporter of Kissinger-Brzezinski geopolitics. He quotes Ashton Carter. That’s his goto guy. The man that supports “a preemptive nuclear strike against Russia”. That should tell you something.
.
The actions of the US are no indication of it’s intelligence base. The goal of hegemony trumps any inconvenient facts. Witness the CIAs brilliant prediction of the breakup of the USSR. The US IC doesn’t need accurate intelligence estimates, because the military juggernaut can and will proceed, unrestricted.
.
We’ve got our very own State Dept shill, right here.
.
…
Is smaller better? • July 20, 2015 10:42 AM
@Nick P and @Clive Thank you for answering my questions!
Something else to think about…
Beyond design for limiting radiation, there’s also the possibility of radar being used to track finger motions on the keyboard and translate those into text.
Google recently demonstrated something similar in concept for a new user input technology:
https://www.youtube.com/watch?v=0QNiZfSsPc0
“Project Soli is developing a new interaction sensor using radar technology. The sensor can track sub-millimeter motions at high speed and accuracy. It fits onto a chip, can be produced at scale and built into small devices and everyday objects.”
Neural nets are trained to identify patterns in the radar signal that correlate with target behavior.
If it works for user input, then the same principle could be used for surviellance.
Scared • July 20, 2015 10:56 AM
Amazon Echo getting a great review at Yahoo Tech:
“The big idea: Create a voice-activated smartphone assistant like Siri or Google Now — but take it off the phone. Make it a smart, always-listening machine in your house. Engineer it to understand you from across the room, hands free, as you’re cooking, reading, doing homework, discussing, living. Make it good enough to be just like the conversational, environmental computers on Star Trek or in the Iron Man movies.
That’s what the Amazon Echo attempts to be. And you know what? I’ve never been so excited about something that did so little.”
https://www.yahoo.com/tech/amazons-echo-brings-the-star-trek-computer-to-124102850474.html
And it’s only $180!
R. Joseph • July 20, 2015 11:18 AM
AshleyMadison and Established Men, two hookup sites that facilitate infidelity, have been breached by hackers.
(or so these hackers claim)
Anyway the hackers are demanding that AshleyMadison takes down the site or otherwise they will release full details — names, addresses, sexual fantasies — of AshleyMadison’s 37 million users.
Hackers Threaten to Expose 37 Million Cheating AshleyMadison Users
http://gizmodo.com/hackers-threaten-to-expose-40-million-cheating-ashleyma-1718965334
ruddy mercury • July 20, 2015 11:41 AM
You’ve got to ask yourself, what kind of retard goes “it sits in my home, listens to every word my family and I say 24-7, sends the data backs to a huge US-based corporation, and only costs $180… bargain!” People get what they deserve.
Curious • July 20, 2015 12:25 PM
Something on the internet today about a supposed upcoming patch from Microsoft, and then some hours later, they released a patch:
“KB3079904, Vulnerability in Microsoft font driver could allow remote code execution: July 16, 2015”
Curious • July 20, 2015 12:29 PM
With regard to my comment above: “16 July” (a thursday) seem a little late, maybe this is normal?
Dave • July 20, 2015 12:33 PM
The SourceForge repository is still down at the time of writing this.
I’ve found alternative links to Bruce’s Password Safe program and downloaded a copy, but, for whatever reason the software hasn’t been digitally signed. I can’t find a PGP signature for it either 🙁
I’ve checked the MD5 against most anti-virus databases and it appears that I’ve downloaded the genuine file. Can anybody who has downloaded the genuine file from SourceForge confirm any or all of the following:
MD5: 88B0195BEC0D7A301490685382830C68
SHA1: CD4BBFADBF5A61AA28DE6769A172FD5D9C0CB457
SHA512:
8B59CF058FF97603B23FC45C2EE05F569BB0B6AF669C6924D3CD6D1BB08F9F8DA26CF25D716DF152C9FC1141B69CBDA7B7F78F3AF89C1C9220EF1D39F42A553B
Dave • July 20, 2015 12:40 PM
I’ve managed to find a SourceForge repository that is actually working and it’s got the .SIG files there too:
http://sourceforge.net/projects/passwordsafe/files/passwordsafe/
Nick P • July 20, 2015 2:02 PM
@ Thoth
The list I gave you had this post with plenty options to choose from. Happy Googling. 🙂
@ is smaller better?
Good thinking. There’s potential there. The others are the passive leaks of keyboard, active radar hitting keyboard, same for cable, different keys using different amounts of power with power line monitoring, and acoustic analysis of sound of keys relative to a fixed point. So far, they’re all easier than the new concept so they’ll probably still be main attacks.
Examples of TEMPEST products with a keyboard in accessories. The shielding has gotten to the point that many look about the same as a unshielded product. The desktops still look different to say the least.
@albert, quite true that the peoples of the North American land mass are incomparably smarter than the brainwashed apparatchiki that rule them. While the latter are the greatest threat to peace in the world public’s view, the overwhelming majority of the US public wants what China and the rest of the world want, accession to the ICC and support for the UN. They want a government restrained by rule of law. The US public wants to cut defense, foreign military sales, and military aid. The swine in power are going to ignore them until they are dislodged and their institutions are dismantled.
Far be it from me to take that patriotic obsessive for a typical example of the US subject population. His glassy-eyed perseveration of statist slogans is just like the Juche fanatics. There’s no ratiocination there, just a creed, repeated as though insistence will make it so. No well-regarded nation takes them seriously, and to the great powers they’re a temporary nuisance, a monkey with a hand grenade, as Rogozin put it.
Pradeep • July 20, 2015 3:28 PM
@孙子
…the apparatchiki ruling the North American populace might not be so smart but they have ways to get themselves to that position of authority…
At least that could be the take-away from this article, depending on the readers level of paranoia…
Mathematician says Kansas voting machines need to be audited
http://hosted.ap.org/dynamic/stories/K/KS_VOTING_MACHINES_AUDITS_KSOL-?
WICHITA, Kan. (AP) — A mathematician at Wichita State University who wanted to check the accuracy of some Kansas voting machines after finding odd patterns in election returns is finding out how difficult it can be to get government officials to turn over public documents.
Beth Clarkson, a certified quality engineer with a doctorate in statistics, said her calculations from the November election showed enough patterns to suspect that “some voting systems were being sabotaged,” The Lawrence Journal-World ( http://bit.ly/1GvPqSV ) reported.
Sedgwick County election officials refused to allow the computer records to be part of a recount and told her that to get paper recordings of votes, she would have to go to court and fight for them
@Pradeep, indeed, it’s not widely known domestically but the previous US defense minister, Chuck Hagel, got his start as beneficial owner and former CEO of the ES&S election fraud concern. His own machines counted his winning votes. He was installed at the Pentagon to repeat the trick in Afghanistan and protect the procurement-fraud and narcotics concessions, but was thwarted by the sorry state of the electronic election-theft infrastructure. That’s the USA, rotten to the core! That’s why Security Sector Reform pursuant to UNSC Res. 2151 is an existential threat to the USA regime.
l33t • July 20, 2015 6:46 PM
Wesley Clark Calls for Internment Camps for “Radicalized” Americans
MarkH • July 20, 2015 6:50 PM
@Nick P et al:
Nick suggested that widely-used microcontrollers (e.g. PIC) are at some risk for having been subverted in some way. I’ve certainly thought about this in connection with applying microcontrollers to anti-subversion technology …
… but here is my big question:
Can anyone propose feasible design tampering (specifically NOT including electrical / EMI signal leakage) that could be made to small microcontroller chips, that would compromise their use in anti-subversion systems?
For the purposes of this question, I assume that the microcontroller either has no crypto modules (RNG, modexp, AES etc.), or that if it has such, they are sensibly not used in any anti-subversion applications.
I’d like to get beyond “the bogey man might have touched this!” to “OK, suppose they have billions of dollars to spend and free access to all the silicon — what can they actually DO?”
@Is smaller better?, @Nick P, @Clive Robinson
I think your concerns are legit. That kind of microchip radar technology is very dangerous (just like all technologies) when misused.
Before we get down to tracking and surveillance, how do we authenticate the actions that a radar sense is from the correct user. What if an unauthenticated user were to try to put his hands near the virtualized switches to do some gestures ? Let’s say a medical equipment has the radar sensors installed, how do they know the commands are from an authenticated doctor not under coercion or not from a suicidal patient or malicious party ?
Next thing would be the concerns of surveillance. How can the radar technology be used to not just monitor the user of the equipment but also to spy on the surrounding ?
This technology is cool and neat but brings with it a whole ton of problems. If you have old PCs and phones, keep them and don’t throw them away. We might never know when these invasive technology appear and we need to use the older stuff to keep ourselves safe.
Nick P • July 20, 2015 7:56 PM
@ MarkH
Two methods: a trap door activating with specific data input (eg instructions or register contents); deliberate flaws in the processor that disable security-critical functionality. Myers writes on the former in his seminal work on subversion. Anderson demonstrates a good example here taking 11 lines of code. Apply that sort of thing to hardware for risk one. Risk two was originally demonstrated on, IIRC, MULTIC’s security evaluation. They ran unauthorized, access routine repeatedly hoping the hardware would just fail on its own eventually and give them a window. It did. Kris Kaspersky goes into more detail on processor errata and their effect on security in these slides.
“”OK, suppose they have billions of dollars to spend and free access to all the silicon — what can they actually DO?””
The last presentation implies the situation might be the same as with software security: attackers just finding and exploiting processor errata. They should have fewer with more difficulty exploiting them. Yet, they’re there for the taking in increasingly complex designs. No boogeyman or billion required. Just one smart geek with some tools, optionally the design, and a lot of time on their hands.
@Nick P, Clive Robinson
Re: Chipsets for development and fun
“POWER/PPC, SPARC, Alpha, PA-RISC, ARM (naturally), and MIPS”
We can rule out ARM and PowerPC these days. We know that ARM have grown to a point the likelihood of subversion is pretty high. It is like the next Intel chip. PowerPCs are commonly used in Defense ? I can’t say for sure unless @Clive Robinson with his many years of industry experience could hint us if PowerPC is a widely used for Defense. I know that HSMs like Thales uses PowerPC chips (I heard rumours it uses Freescale PowerPC types) and so for the Freescale brand of PowerPC chips, that’s a huge NO due to the risk of subversion.
MIPS seems to be rivaling or even out-doing ARM in terms of TEE environments with MIPS’s Omnishield (http://imgtec.com/platforms/omnishield/). ARM’s TrustZone only has a concept of a Secure and Normal World whereas Omnishield has a concept of a Normal World and a whole bunch of Secure Worlds at your disposal which is neat. I still prefer the GlobalPlatform Smartcard specification for only 1 Admin World (ISD domain) and all the other worlds are considered neutral and wholly segregated so the root of trust simply hinges on 1 administrative ISD domain to provision an applet and all the other applets are treated securely and confined within their own little boxes without sacrificing security as though the concept of Secure/Normal world which sacrifice security in the Normal world.
There is the OpenRISC being mentioned and that’s a good option. PIC32 chips like @Clive Robinson’s mentioned Fubarino seems to be a nice choice for development. Xilinx chips require some care due to it’s relations with NSA and not sure where to buy the rest of the boards and also not leave a heavy footprint behind especially for those like Curtis-Wright (not even sure if you can buy chips from them).
So the options:
– ARM : A whole ton in the market and possibly tinkered with by the powers that be ?
– RISC : OpenRISC (http://opencores.org/or1k/Main_Page)
– MIPS/PIC32 : Olimex (https://www.olimex.com/Products/Duino/PIC32/), Fubarino (http://chipkit.net/wpcproduct/fubarino-sd/), MikroElektronika (http://www.mikroe.com/pic32/)
What else can we still add to the above shopping cart 😀 ?
Clive Robinson • July 20, 2015 8:08 PM
@ ALL,
Not all of you will know who Stewart Baker is, however he wrote an oped piece that is about what is now “Crypto Wars II” or the current round of idiocy by the likes of the FBI’s Mr Comely insisting that crypto can be safely backdoored to prevent “going dark”.
Mr Baker is I believe now retired but once did “Government Service” on the Clipper chip initiative that died the death after the researcher Matt Blaze showed it had a significant failing with the Law Enforcment Access Field (LEAF) and it’s checksum.
Anyway another perhaps currently better known crypto researcher Prof. Matthew Green has some comments not just on the Cliper fiasco but other US Gov “backdoors” that also failed miserably…
http://blog.cryptographyengineering.com/2015/07/a-history-of-backdoors.html
MarkH • July 20, 2015 8:59 PM
@Nick:
Can you make it more concrete for me? In my old age, I find broad generalizations completely unconvincing.
What is the “security-critical functionality” in a little micro-controller? It doesn’t have hardware rings, memory page locking, or any other built-in access control mechanism. The kinds of simple processors Clive talked about can’t really run a proper OS, precisely because they lack this kind of capability.
So what does the NSA sabotage?
Either a RETURN instruction always takes control back to the instruction after the call (on the simplest architectures where the stack is inaccessible), or the processor is too broken to perform any useful purpose.
Can anyone offer a constructive example — a hypothetical uC hack leading to a specific exploit that could be useful in the Real World (TM) ?
Nick P • July 20, 2015 9:29 PM
@ MarkH
I just gave you two, very-specific examples: a tiny modification of hardware that executes incoming data matching an indentifier or pattern (subversion); processor errata that caused security failures (Kaspersky’s Intel bug & slides). The main trick would be a trap door at an I/O interface the attacker might hit. For instance, you might get it to recognize certain ethernet or wireless packets being received where it just executes what comes after that. That might be a command to dump a key memory location to I/O or code inject on the machine. Happens so fast that there’s nothing to notice. I don’t have any examples of those on-hand for MCU’s and wouldn’t given how easy they are to conceal even in small space. It’s just a potential risk area as nation-states look to backdoor more things (like that FPGA backdoor).
However, errata making security-critical functionality fail at a key time is a real thing. Fail-safe mechanisms & triple, diverse, redundancy with voting logic are about all you can do there. More common is the bit-flip issue by cosmic rays. There was an attack on DNS that recognized the domain names would change on bitflips. They just registered domains a few bitflips away from sites such as Microsoft’s until the system thought it was valid (upon a bitflip). High-end server processors & rad-hard MCU’s have techniques to counter this but many MCU’s & regular processors don’t. I just try not to overoptimize where one or two bits failing will do anything. Add redundancy and voters where possible. Knocks out a lot of passive failures.
Many of the errata in a given I.P. block are often known and published on manufacturer’s web site. You can try to work around issues for your hardware. Voters and redundancy help for the passive ones. Subversion you can’t work around or even see without reverse engineering. Not cheap in sub-micron given what ChipWorks charges and the fact that you must do it for each batch. If we haven’t seen them, that’s why.
Note: Software attacks on today’s barely protected systems are so easy that they might not have gone through the trouble to backdoor a microcontroller.
Second note: People used to tell us that NSA gobbling up everything or nation-states attacking firmware was an unconvincing, general risk. They did it for almost a decade straight in stealth. Just didn’t tell anyone. (Imagine that.) My method is to spot where the attacks can happen, assume someone is doing it (or will), and counter it before it’s a problem rather than after the disaster.
rgaff • July 20, 2015 9:37 PM
@ 孙子
OMG YES! we “little people” here in the USA all want to return to rule of law, instead of rule by our emperors…. but… ahh… how do you know all this from over there, where you’ve had rule by emperors for millennia and still do and generally most don’t know any different? Also I’ve never seen “US defense minister” on any ballot…
Figureitout • July 20, 2015 9:44 PM
MarkH RE: what nsa sabotage
–The toolchain (or where the toolchain exists, on a PC w/ a big HDD probably) to program them. Once programmed, if cleanly flashed, you’re mostly good depending on what you’re trying to do and what kinds of I/O happen after. Recent BIOS/UEFI malware teardown of hacked team show that they generally needed physical access to flash an infected image and could only reflash when system wasn’t configured to prevent writes. On a chip you’re limited to EMSEC (whoops sorry cover your ears!), pre-infection (say something tricky like resetting compiler optimizations for the build then resetting back, so any image is NOT the source you’re staring at), or infection (really incredible attack we’re talking here) from I/O infection (USB or SD card being most probable threats).
http://www.intelsecurity.com/advanced-threat-research/blog.html
Read /r/lowlevel and some other popular reversers for actual exploits, many many require internet (BIOS on big PC’s). I may have caused some funky behavior (overwriting flash between writes to EEPROM, which should be impossible) one time b/w an EEPROM and flash chip but I doubt it, more likely pointer madness and compiled undefined behavior; can’t be sure sometimes (or remember what you did) and couldn’t recreate again…
USO’s, potential time-keeping component for secure PC’s
While reading on the comms system for the New Horizons Pluto mission, came across a component that caught my eye: USO (ultra stable oscillator). They’re just quartz crystals (but lots of complex manufacturing, read below).
The USO is a sophisticated precision assembly consisting of over 200 electronic components and many mechanical parts[..] Its architecture builds on proven heritage designs developed at APL over the last 30 years, and flown recently on such missions as Mars Observer, Cassini, GRACE, and Gravity Probe B. Fundamentally, it is a pristine version of an ovenized crystal oscillator (OCXO). We use carefully selected, 3rd overtone, SC-cut crystal resonators and maintain them at constant temperature to yield excellent frequency stability[..] and low noise performance.
http://www.boulder.swri.edu/~tcase/NH%20RF%20Telecom%20Sys%20ID1369%20FINAL_Deboy.pdf
Mention strong resistance to “drifting”, I hope this includes some kinds of “injection locking” resistance but doubt it (unless shielded nicely, should have strong radiation shielding).
Another interesting paper on them: http://tycho.usno.navy.mil/ptti/2004papers/paper35.pdf
@Clive Robinson, all
NSA’s Stewart Baker seems to be eager to make Matt Blaze ass some kind of villain for breaking the Clipper Chip by saying:
“The Clipper chip and its key escrow mechanism were heavily scrutinized by hostile technologists”
Hostile technologists ? Maybe I am too sensitive but I wouldn’t like the tone he used. That’s very polarizing and an attempt to attack Matt Blaze personally in my opinion ?
Very nice article by Matthew Green. It directly shows how bad Stewart Baker et. al. statements of Warhawk Govt efforts to “tame the Liberty beast” fails miserably. It was suppose to be a work from “geniuses” within NSA as we know. We shouldn’t underestimate them anyway.
Nick P • July 20, 2015 9:52 PM
@ Thoth
re ARM and PowerPC
Remember that there are many different implementations of these in different countries as well. There’s also academic and open implementations of ARM. So, the most common or reference implementation might be a juicy subversion target but others not so. ARM has a tendency to try to sue copycats for patent infringement. That’s why there’s less open cores. There’s still the Amber core which uses v2, non-patented ISA.
” PowerPCs are commonly used in Defense ?”
Freescale’s chips are used in defense, networking, and many more applications. It’s a complex, useful ISA that’s not as heavyweight as Intel. Plus, Freescale has a DOD-certified fab. Plus, PPC vendors try to cater to those markets a bit more as a differentiator. Many rugged boards from likes of Curtis-Wright or AMC target PPC. So did INTEGRITY-178B and VxWorks MILS separation kernels. Heavy presence.
So, there’s actually two possibilities here: no subversion due to their heavy dependence on it; high risk due to their heavy influence on it. Who knows. I can understand if people dodge them.
“MIPS seems to be rivaling or even out-doing ARM in terms of TEE environments with MIPS’s Omnishield (http://imgtec.com/platforms/omnishield/). ”
Didn’t know about it. You’re right about them leaving ARM behind. I like it. Also many MIPS implementations to choose from. They don’t have Omnishield, etc but can be enhanced with that. CHERI is MIPS-based and built on open-source BERI core. There’s also the Plasma core on Opencores that’s good enough to run their web site.
“There is the OpenRISC being mentioned and that’s a good option.”
For embedded, yes. It appears weak for other things. Don’t forget Rocket: a 1.3Ghz SOI CPU that outperformed comparable ARM cores. They build on it here at RISC-V. Also, don’t count out SPARC in form of Gaisler’s I.P.. His company has open-source CPU’s and I.P.; easily-customizable, proprietary one’s that many academics customized and fabbed as prototypes; boards with pre-fabbed stuff for embedded or development use. I rate him low probability of subversion (by him) given the nature of his work and its intended use case, along with opening up stuff. Fabs at Israel’s TowerJazz: who knows about them. Gaisler is a nice start, though, for having something real until RISC-V, etc are done.
“What else can we still add to the above shopping cart 😀 ?”
I’d say dig up some more fabless, semi-conductor companies that make microprocessors and microcontroller SOC’s that might not be backdooring them. The Russian and Chinese ones are on the table if you’re going to share the I.P. with them anyway. 😉 The smart card companies come to mind along with anyone servicing automotive, medical, etc.
Skeptical • July 21, 2015 12:50 AM
@albert: If you read Kissinger and Brzezinski, you see that they have been promoting the same ideology for decades, and that is US total economic and political hegemony, world-wide. This long term goal has been published for years. It’s not a secret. Regardless of what you may think of these men, pay attention to what they say, because you can see ‘their’ policies continually implemented everywhere.
Unfortunately albert, you’re writing to someone who actually has read them. You obviously haven’t. Kissinger was a proponent of balance of power politics in the 1960s and 1970s; and he’s a proponent of it today.
Skeptical is a firm supporter of Kissinger-Brzezinski geopolitics.
For a moment I considered googling to see what half-wit conspiracy site that type of nonsense is found on, but then I realized I’m already wasting enough time responding to this crap here.
He quotes Ashton Carter. That’s his goto guy. The man that supports “a preemptive nuclear strike against Russia”. That should tell you something.
It tells me you don’t read anyone very well. I cited a paper by Carter to illustrate actual US policy vis-a-vis China, in the hope of adding actual information to a discussion otherwise dominated by some of the most painfully stupid material I’ve ever read – and I say that as someone who has the misfortune to sometimes stumble upon newspaper editorial pages.
@Unpragmatic-Pseudo-Pseudonyms: You haven’t developed a culture yet, it’s just pigs rooting around and lots of violence. Instead of ethics and philosophy you got genocidal religion so you run around looking for Amalekites to wipe out. Never had a cultivated mandarinate so you cannot comprehend diplomacy or comity. Your country had a brief period of making itself useful from about 1900 to the early 20s but then relapsed into barbarism.
Anyone embittered enough to call an entire country “just pigs rooting around” lacks the experience and the judgment to understand much about other people, much less other countries. His frustration and unhappiness blinds and isolates him. I pity someone encrusted in such a narrow perspective, who robs himself of the opportunity to appreciate the richness and beauty of the world.
The US is the most diverse nation in the world, and the oldest continuous democracy in existence. Its culture derives from hundreds of cultures, and from the unique aspects of its own history, as in the latter respect do the cultures of all nations. Its businesses and enterprises extend to every part of the planet; its universities draw students from every nation in existence and some that no longer are. It negotiates and concludes alliances in regions ranging from Oceania to East Africa to Eastern Europe. Instead of exacting punishment on vanquished foes, as did the Russians, it helped them rebuild, it enabled them to govern themselves, and it put its own blood on the line to defend them.
Other nations speak of self-determination when it suits their purposes; the US has underwritten the independence of much of the world with the commitment of its own blood and treasure. That’s a fact that most intelligent and informed people know, unfortunately for fools who peddle silly propaganda and paper-thin alternative ideologies that are little more than rationalizations for undemocratic elites to veil a selfish and illegitimate grasping of power.
So you keep extolling the virtues of authoritarian regimes that, due in no small measure to the propaganda and restrictions on information produced by those regimes, are among the most insular – and in the case of Russia – homophobic and unenlightened on the planet.
But here’s your real problem. You don’t really have a positive vision or ideology to offer. You have a merely negative ideology – anti-American, full stop. It’s cramped, distorted, detached from actual human concerns, and the kind of dysfunctional thought that ends in the ashbin of history.
So you don’t believe we can possibly mean it when we say what we said in 97. Or when the CIS fell apart, as your horde will, and instead of trying to take over the world we said it again and again.
“your horde”. You don’t get it. What draws the US close to its closest allies – to Britain, to Germany, to France, to Norway, to Japan, to New Zealand and to Australia, to Poland, to Estonia, to Lithuania, to Latvia, and to more – is not the kind of imperial domination and corruption that Russia still seeks to practice, but rather a shared sense of democratic values and a shared commitment to the improvement of the human existence via trade, via joint endeavors, via free travel and free speech.
The SCO can issue all the silly communiques – and they make for truly ridiculous reading – it wishes. In the meantime, the reality of bonds and alliances between nations – something that the US has excelled at since its earliest existence – and the progress of economic and democratic progress continues apace.
And other organizations can attempt to time their leaks, and target their leaks to certain audiences, all they wish. The naivete revealed by such attempts is as worthy of pity as their efforts are worthy of contempt.
Personally, I am a pragmatist. Global progress proceeds by slow degrees, and war is rarely the best means of achieving it. What I seek is a peace conducive to progress, a world safe for trade, a world that protects its environment, that values its workers, that permits each nation to find its way forward according to the demands, and within the constraints, of its own history, culture, and circumstances.
And as for you, perhaps try a little less hatred and venom, and a little more faith in the common humanity that binds us all.
MarkH • July 21, 2015 1:36 AM
@Nick P, Figureitout:
I wonder whether you guys have designed systems using small microcontrollers? I suggest that their sheer simplicity poses a challenge to subversion.
From Nick’s referenced examples:
• “trap door” on an I/O interface, where some data sequence triggers execution of subsequent data — the kind of uCs I’m talking about are physically incapable of executing code from RAM. If the “trap door” actually re-wrote the code flash (a problematic procedure), this would leave detectable footprints, even if it didn’t simply disable the processor
• silicon bug enabling unauthorized code to execute at a higher privilege level — the kind of uCs I’m talking about don’t have rings (or, if you prefer, all code is at ring 0)
• cache-conflict silicon bugs on multi-core processors — the kind of uCs I’m talking about are single core, and have no cache.
Seriously, guys, these little uCs are stupid-simple. They are NOT PC-equivalent processors capable of running standard operating systems.
Clive, help me out here? You know (for example) PIC16/18, which perhaps these guys don’t — and you are an avid collector of vulnerabilities. Leaving to one side electrical/EM leakage (these chips leak like crazy anyway) … any REALISTIC concepts on how to subvert their computations in the silicon?
Curious • July 21, 2015 1:39 AM
@l33t (re Wesley Clark, off topic)
I guess it makes sense that someone like Wesley Clark (2004 pres. candidate) would opine for having internment camps in US, as Clark is known for claiming that US previously planned internally to attack and destroy the governments of 7 countries (him listing Iraq, Syria, Lebanon, Libya, Somalia, Sudan and Iran), maybe worried that a lot people will become upset. Something about having a “floating coalition”.
https://www.youtube.com/watch?v=nUCwCgthp_E (from fora.tv, 7:36min)
And here as well apparently:
https://www.youtube.com/watch?v=9RC1Mepk_Sw (from Democracy now, 2:12min)
I only ever saw these two videos without a context, however these clips doesn’t appear to be a joke.
I personally think that norway signed up for attacking Libya (2011) as if knowing very well they were doing USA a favor, and had the press state that the attacks were “not for regime change” even though RNAF bombing M.Gaddafi’s house(s) (it probably couldn’t be stated otherwise because of certain countries in UN security council deciding on attacking Libya). Because of this attack/invasion in particular I ended up considering norway to be a sponsor and enabler of terrorism, despite the involvement of ‘UN security council’. Btw, there is even a professor in norway that in january 2012 opined for literally having Nato threatening to terror bomb Iran as I remember it, formulated in some other way ofc, no reaction from the press afaik (a text titled “Forced diplomacy”, rough translation).
@all
Detecting Android Device Driver vulnerabilities. Most of the device targeted for the studies were Samsung’s.
Link: http://www.cs.indiana.edu/~zhou/files/sp14_zhou.pdf
It seems that the weaknesses detected were not found in the latest Samsung Galaxy S6 series which is a good thing (especially with it’s a DoD and CESG approved clearance otherwise shame on DoD, CESG and Samsung). I doubt the paper targets the Samsung KNOX or any TEE environment setup.
TCB is one of the more assured ways to do things.
Open Source and Closed Source crypto and security in the sniping scope of International Warhawk Agencies.
Link: http://www.theregister.co.uk/2015/07/08/oz_defence_dept_not_punitive_in_export_controls_laws/
Although these stuff of restricting crypto and security are unlikely to hold ground other than exist in some debate (without trying to underestimate), it is best that something in the likes of TweetSalt (NaCL library in tweet format) should be created in a form that is simple and easily distributed to prevent a single point of failure in the mass adoption of security and cryptography. Our current environment with TLS, PGP, SSH … and so much more protocols are confusing and most implementations are highly complex which breeds lots of insecure implementation of these protocols and standards.
“Defence is focused on building “appropriate” licences and “clear and concise guidance” for businesses and open source contributors, and will hold its next meeting 27 August.”
So, now the Australian Warhawk Govt wants to control Open Source projects, what they can put online and their licenses ?
I guess the only assured way to do things is to have all the TLS, PGP, SSH and other security protocols and cipher suites have a very tiny, assured and well implemented (and documented) codebase core that can be easily disseminated in the even a crackdown were to occur. If it can be done on pencil and paper, it would be even better.
Hosting codes and projects on security and crypto in neutral grounds like Iceland, South American countries and Switzerland (has export control albeit being more lenient) is the better way to avoid trouble unless the 5Eyes decides to takeover Switzerland and/or Iceland or make them comply by the 5Eyes demands.
GregW • July 21, 2015 4:24 AM
Insider hacks the lottery, gets caught due to audio feed and license plate logging:
http://www.dailymail.co.uk/news/article-3168452/Ex-lottery-worker-convicted-rigging-win-14M.html
Wearing a Jawa cloak when buying your ticket and trying to use a lawyer as a cutout is not sufficient I suppose.
Doing a web search for “lottery scandal” turns up other interesting stories, but not ones as related to computer hacking as this one appears to be.
The curious thing to me about this story is considering whether the insider’s decision to not have a co-conspirator was fundamentally flawed or very rational. Hindsight biases us of course in this case but there is a general class of related risks in other forms of more widespread fraud and crime (insider trading, fencing stolen goods, etc). Choosing allies or going it alone is a very fundamental security decision and as an amateur I’m not sure I’ve seen a treatment of when it makes sense and when it doesn’t.
Curious • July 21, 2015 5:19 AM
I saw a reference to the following on Twitter. A study that, as I understand it correlate high average use of using the mobile phone with depression.
I don’t like this kind of “science” or journalism, but anyway here is the headline: “Time spent on smartphone and GPS location sensor data detect depression”
http://www.northwestern.edu/newscenter/stories/2015/07/your-phone-knows-if-youre-depressed.html
“In addition to studies that use mobile phone sensor data to better understand depression, Mohr’s team also is running clinical trials to treat depression and anxiety using evidence-based interventions.”
The title of the paper linked to at the end of the article is: “DC Mobile Phone Sensor Correlates of Depressive Symptom Severity in Daily-Life Behavior: An Exploratory Study.”
http://www.jmir.org/2015/7/e175/ (‘Center for Behavioral Intervention Technologies’)
The article I read in some other language suggest there is a motivation for wanting to monitor people’s time using their phone and for monitoring their location. I guess if one was deemed to not move around enough, that would be flagged as bad.
Figureitout • July 21, 2015 5:24 AM
MarkH
wonder whether you guys have designed systems using small microcontrollers
–Small SoC’s, so more advanced but pretty close. I may soon though, have you? I’ve got enough small chips to be a small “chip dealer” too, just prefer having all my peripherals easily accessible instead of connecting and worrying about bad connections.
Physically incapable of executing from RAM, well they must be really slow. You’d be hardpressed these days to find a chip w/o at least a little RAM I’d think (PIC16CXX small OTP samples even had 192 bytes of RAM), one chip I’m working on in an application note they lay out how one can execute some or all code in RAM (playing w/ linker file).
Silicon bugs are hard to find, and even if you do you’ll probably think software issue first and that you’re doing something wrong, certainly not a buggy chip.
One of the hardware designers would have to chime in for a “realistic” attack you want (even though you know they’ve already happened and get “fixed”). Attacking the toolchain is realistic, it’s the weakest spot where you can then influence code on system (which could be wiped if not ROM and evidence zapped out). Everyone would rely on manufacturers for flashing procedure if trying to make own toolchain.
Probably most likely attack will involve SPI, especially in SoC’s communicating b/w the different parts of chip.
Curious • July 21, 2015 5:53 AM
I’m not the best to present this, but I found this on twitter: (Article dated 9. July, unsure if it had already been mentioned on this blog by others):
“IEEE study group recommends improvements in Wi-Fi security” (MAC address related)
“An IEEE study group is suggesting that the Wi-Fi protocol be updated to use randomly generated addresses to improve security and privacy.”
I don’t know much about this, but I am thinking that, if a MAC address is to be random, it perhaps ought to be random as an ideal, and not being random locally, as if a MAC address somehow simply were permutated into some seemingly random MAC address.
Curious • July 21, 2015 8:13 AM
Apparently, today’s cars can be hacked remotely, over the internet.
http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
MarkH • July 21, 2015 8:18 AM
@Figureitout:
All of the PICs I’ve used have RAM — they couldn’t do anything useful without it 🙂
But their RAM is in an address space orthogonal to the address space for code execution, which is physically mapped to the code flash (or in the older devices, code ROM, which was either OTP or UV erasable depending whether the chip had a UV windows).
[Those devices equipped with EEPROM access that via a third orthogonal address space.]
You can put whatever data you want into the RAM or EEPROM, but you can’t execute it. This may not be obvious when programming via compiler, but I’ve written reams of assembly for resource-critical applications, making frequent reference to the datasheets.
Of course, one could posit a mechanism with special hidden RAM and the ability to remap part of the code address space to this RAM etc. yada yada yada, but this would be a drastic re-engineering of these radically simple processors. And even then, exploiting such a Frankenstein-uC would seem to require application code knowledge; I don’t see how it would be possible to make a generic exploit.
I can’t prove, and don’t believe, that it’s impossible to insert a backdoor in such a chip. My skepticism, is whether it is feasible to construct a backdoor on stupid-simple microcontrollers that is sufficiently:
• simple that it doesn’t substantially increase the manufacturing cost (or else the NSA permanently pays the difference to the manufacturer)
• generic that it can be applied broadly enough to cover attractive target applications: Microchip has many hundreds of different uCs; other manufacturers have large numbers as well; large percentages lack the specific modules that might be used for backdoor insertion
• robust and obscure that its risk of breaking canonical behavior is negligible
• reliable that it can be exploited in the wild, even though it cannot be covered by any publicly acknowledged testing
• simple and cryptic/obscure that every one of the design, verification, QA and test engineers without any special security clearance can do their jobs without detecting something weird in the design
• accessible in real-world applications that there is a non-negligible probability of its becoming available for exploitation
• likely to result in an intelligence edge that would repay the considerable allocation of resources to its creation
Have any of you folks out there contemplated what it would take to meet all of these criteria?
Bear in mind, once a single backdoor is disclosed in a single chip, the manufacturer would suffer a devastating blow to its reputation that could not be recovered for years (if ever). And a silly backdoor of the type I described above as “Frankenstein” can’t possibly be made without the risk that large numbers of technical staff at the manufacturer would discover it.
That’s why I keep coming back to:
Stipulating that it is possible, can it ever be practicable?
Oldest continuous democracy! Yes the US of Switzerland is a marvelous place.
It negotiates alliances! Yes lots and lots, to undercut universal-jurisdiction law and permit war crimes, and to end-run the UN Charter, and to neuter your courts with ISDS.
It helped them rebuild, it enabled them to govern themselves! Bless you, 35 million Iraqis have had their first good laugh in 24 years.
Underwritten the independence of much of the world! Goodness, now the grateful multitudes of Greece, Italy, Iran, Guatemala, North Vietnam, Hungary, Laos, Haiti, Cuba, the Dominican Republic, Ecuador, Congo, Brazil, Indonesia, Bolivia, Uruguay, Cambodia, Chile, Australia, Angola, Afghanistan, El Salvador, Nicaragua, Honduras, and Panama are also rolling on the floor in gales of cathartic laughter.
Anti-American. You are right. Human rights and rule of law are virulently anti-American. They never fail to drive you fanatics up the wall.
Please make more heartfelt speeches. You are very entertainingly insane.
@MarkH, Figureitout, Nick P, Clive Robinson
I have thought about what it takes to put a backdoor into a chip and it has to fulfill the following conditions.
1.) Should not be detectable (which is obvious).
2.) Should look rather accidental (shrug off responsibilities for manufacturer and agencies).
3.) Should not substantially modify blueprint and intended function (again to avoid detection).
4.) NOBUS (NObody But US for exceptional access).
5.) Should be cost efficient per modification.
6.) Target specific (Cost efficiency and background noise filtering).
Maybe some of you can add to the list as well. My list and I guess everyone’s list of what a backdoor should look like may have overlapping points because there’s simply not a lot a backdoor can do in a dumb chip.
Let me have a stab at what can we backdoor assuming a single chip with a single processor ?
1.) RNG – Causes it to be predictable to adversaries unless the seed or mask is known.
2.) Cipher circuits – Too obvious backdoor and can be easily compared and detected by putting in a test environment with measurable data and observation over time.
3.) DSP logic circuits – Watermarking and some side channel in the data outputs ?
4.) On-chip networking logic circuits – Covert usage of on-board network capabilities. Bluetooth, NFC, RFID and WiFi antennas in chips (smartcard chips especially) can emit data quietly.
5.) I/O pins – Attempted side channel data exflitration or corruption. Can be detected by putting in a test environment with measurable data and observation over time.
Looking at the possible backdoor mechanism, I would say that the highest chance of a successful backdoor would be side channel leaks. RNGs are the most popular subversion technique even in the text books and history books. The next would be followed by on-chip network antennas that can be lighted up when unprotected.
To protect against RNG problems, use a mixture of different RNG mechanisms and some from human inputs. Whether the final RNG result is to be mixed in the chip via software userland codes or not is a debate. I would guess it is still safe to have a userland implemented CSPRNG algorithm considering the cost of making a “smart” chip that is able to predict when a likely CSPRNG algorithm is being used can be very costly and unlikely to occur.
Implementing ciphering logic in software codes on the chips or simply using a ciphering circuit offered by the chip (once you assert under test environment it is not backdoored) is not the biggest offender as a chip would be assumed not to be smart enough to know when a software ciphering algorithm is in use.
The next biggest monster in the black box are antennas. Smartcards with “Coil on Module” function meant that the chips themselves have antennas for wireless capabilities. You could constantly measure chip emission during test over time to detect leaks but the trouble needed to take such precaution can be somewhat troublesome. One method is to isolate the chip in a EMSEC container that has contact points for the chip’s pins to force it to only use contact pins to reduce it’s surface of leakage.
I guess the more secure way for single chip with single processor is to either use a “Castle, Roads and Prison” approach or to simply just implement software algorithms with software CSPRNG that are carefully designed (code obfuscation would be a plus) and hope for the best (maybe isolate the chip in EMSEC if it has antennas for NFC/RFID/WiFi).
Curious • July 21, 2015 11:00 AM
Complimentary article to the one mentioned earlier, about car hacking:
“Senate Bill Seeks Standards For Cars’ Defenses From Hackers”
http://www.wired.com/2015/07/senate-bill-seeks-standards-cars-defenses-hackers/
Nick P • July 21, 2015 11:10 AM
@ MarkH
” “trap door” on an I/O interface, where some data sequence triggers execution of subsequent data — the kind of uCs I’m talking about are physically incapable of executing code from RAM. If the “trap door” actually re-wrote the code flash (a problematic procedure), this would leave detectable footprints, even if it didn’t simply disable the processor”
I’ve been clear in the past I don’t work with microcontrollers often: only 32-bit and up for me for various reasons. The discussion started with Clive’s mention of PIC32. The discussion also concerns guards for 32-bit systems. You typically won’t find me using a PIC16 or PIC18 for that: too much work on the functionality itself much less the security.
So, as you’re more familiar, are there no commands or instructions at all that could be executed in a micro-controller system to leak a key, perform an unintended function, and so on? You use a popular crypto lib for PIC’s, it stores key in a particular spot, and no instruction executed on the PIC can move that key to I/O? You do access control with dynamic properties, the access reduces to bits for identifiers/permissions, and those bits can’t be changed by a MCU instruction? I’m just trying to see how, without the most static setup ever made, that a microcontroller’s security functions can’t be compromised by forced execution of one or more instructions.
“silicon bug enabling unauthorized code to execute at a higher privilege level — the kind of uCs I’m talking about don’t have rings (or, if you prefer, all code is at ring 0)”
Plenty of microcontroller SOC’s have memory protection, albeit simpler (i.e. MPU’s). If they do, that applies. If they don’t, it doesn’t.
“They are NOT PC-equivalent processors capable of running standard operating systems.”
Didn’t say they were. I was thinking along the lines of simple processors that load a piece of software from ROM, execute that software with small amounts of RAM, and interact with 3rd party devices via I/O. This was the case for all the firmwares (esp NIC’s & HD’s) cracked at DEFCON, etc with effects ranging from confidentiality breaches to full attacks on host machines. So, given how well traditional attacks work, we have to wonder how subversion attacks map to them.
Really good approaches were published by our hardware guru a while back. Low end involved simply adding circuits that users didn’t see. He did it himself for I.P. protection and said it was pervasive in industry for I.P. protection, I.P. theft, and sometimes malice. He pointed out many chips start with all kinds of functions but most are turned off/on at factory to make it look like a specific chip for certain price-point. Depending on method, they might be turned back on. One instance he gave included 3G circuits in a non-telecom chip. Additionally, many fabs include analog and RF capabilities that can leak secrets but are invisible to digital designers’ tools. He used their invisibility to his advantage regularly. The most advanced form of it, theoretical to be clear, is to put the subversion on a mask with an advanced, low-power, process node and mix it with target’s SOC which uses older nodes. Those investigating the SOC won’t see a difference in power, performance, or appearance despite it running two SOC’s worth of stuff with one not so limited.
So, there’s plenty potential for subverting a microcontroller in ways that don’t show up until attacker wants them to. The microcontroller manufacturers already use one of these techniques to create a whole product line from one set of fabbed I.P.. Your 8-bit MCU might have all the capabilities of the whole family with some switch making it emulate a single chip. Or they might be fabbed in truly independent fashion. Given the cost-sensitivity, I have doubts about that for chips fabbed on the newer nodes. It’s possible on older ones due to lower, mask costs.
But, yeah, I’d like to hear Clive’s opinion on most likely aspects of microcontroller subversion for the 8- and 16-bit chips I have little experience with. Just programming them a lot should give him ideas for how programs would be compromised a priori, live, and so on.
ianf • July 21, 2015 12:08 PM
@GregW:
The curious thing… whether the insider’s decision to not have a co-conspirator was fundamentally flawed or very rational.
Given that, near the time of the advance purchase of the winning Lotto ticket, the (alleged) perp’s car was CCTV-recorded in a parking lot close by, I don’t think that his OPSEC went quite that far… That said, you raise an interesting point:
Choosing allies or going it alone is a very fundamental security decision and as an amateur I’m not sure I’ve seen a treatment of when it makes sense and when it doesn’t.
I know of no scientific (incl. junk-science) studies specifically about this pre-deed aspect of crime, but there are plenty on the rationality of the unlawful mindset. See the sociologist Sudhir Venkatesh’s 2008 book “Gang Leader for a Day” + other writings; also this about gangster MBAs that predate his work.
As for criminals pairing-up, the only instances of such in popular culture that I recall are that of Elmore Leonard’s 1976 “SWAG novel; and Gina Gershon’s lesbian ex-con Corky thinking aloud about it in “Bound” by the Wachowskis. I don’t doubt there were others, but Bruce doesn’t pay me to think!
Nick P • July 21, 2015 12:38 PM
@ ianf
Let’s remember that crime does not equal common, criminal gangs. That’s one subset of crime where psychology or sociology seems to play more role than economics. There’s many groups, especially individuals, where economics are quite favorable in that they spend a little time and plenty risk on quite the reward. High value robbery, the big carding schemes, exploit development, independent drug dealers succeeding on reputation, chop shops, and so on. Plenty of money to be made in crime if one focuses on specifics with high ROI and/or little effect of competition.
Wally Hilliard • July 21, 2015 1:15 PM
No need to take much risk when you can just become an SOE.
Clive Robinson • July 21, 2015 7:02 PM
@ Figureitout, MarkH, Nick P, Thoth, Wael, and interested others,
There are numesous ways to back door all computer chips, many are very simple at the MCU but very complex at the attackers receiver.
The ALU in all CPUs in all chips irrespective of if they are 4bit “bit slices”, 4/8/16/24/32 bit micros or 64bit RISC or CISC top of the line server chips have three logic lines in common,
1, Clock.
2, Carry flag.
3, Zero flag.
If you take a frequency multiple of the clock signal and XOR it with either the Carry or Zero flag lines and run them out of the chip, you effectivly have a PRK transmitter.
From this Phase Reverse Keyed signal you can fairly easily extract the original flag signal.
You can then cross correlate it with a synthetic stream derived from the code and thus get to know much of what goes on in the chip.
The hard part is obviously building the synthetic stream, but that can be done even without getting a copy of the actual code, as long as you are familiar with how the “product” functions and have one to play with for even a relativly short space in time.
With regards PIC ROM & RAM seperation. The low end PIC design is a Harvard architecture thus you can not get the data in RAM to execute like Code in ROM, unless…
If the Code in ROM can be used as an interpreter that reads in data from RAM and uses it as P-Code to jump around the M-Code in the ROM.
Most non DSP code actually “acts on data” which means it is to a greater or lesser extent acting like an interpreter…
So whilst the Harvard architecture is more secure when used properly, it’s easy to unknowingly create a sufficient interpreter for a clever attacker to exploit “for profit and fun”.
@Clive Robinson
How hard is it to detect the PRK attack vector you mentioned if the chip is placed ina test environment and observed over time ?
How to go about detecting it ?
Skeptical • July 22, 2015 12:17 AM
@… Oldest continuous democracy! Yes the US of Switzerland is a marvelous place.
🙂 Look how determined you are to refute any possible positive aspect to the United States. In this case you’ve forgotten about a significant period in Switzerland’s history during the 19th century.
It negotiates alliances! Yes lots and lots, to undercut universal-jurisdiction law and permit war crimes, and to end-run the UN Charter, and to neuter your courts with ISDS.
Yes, it builds alliances and trade networks, and it stands against the most powerful anti-democratic forces in the world today, as it did in the last century. It defies Soviet blockades to fly supplies to West Berlin, it drops troops and tons of supplies into Iraq to save those Yazidis who survived the assault of ISIS, it lost some of its best and its bravest to bring food and order to Somalia, and it risks more men and women to pursue similar missions even as I write this morning – and that’s just a partial list.
Now I can list an equal number of egregious mistakes by the United States. I can note the – internally highly contested – support for insurgent groups and repressive governments that stood for everything contrary to the values and aspirations of the United States during the Cold War. I can go back further, to the despicable evils perpetrated against Native Americans, to the institution of slavery that at last required a Civil War to resolve.
Yet overall, the clear balance and broader picture is hidden from you, veiled by this sophomoric and faddish anti-Americanism, the stuff of cheap Hollywood films and masturbatory pseudo-moral indignation.
What you seem unable to see is that the extraordinary progress of the last 100 years has been driven by a US commitment not to withdraw from the world, not to attempt to rule the world, but to create a framework, in concert with other nations, in which democracy, in which enterprising trade and constructive growth, in which shared prosperity and closer cultural bonds, in which peace and progress, in which the individual rights so long denied to so many were at last granted, and granted securely, to those so long deprived. And all this under the specter of nuclear war, in the confusion and fog of an unprecedented geopolitical struggle, in a time of domestic upheaval and a sometimes unsteady march forward.
We can debate the wisdom of certain NSA programs; we can discuss the merits of different cyber security policies. But you forget the actual friends of freedom at your peril; and you fetishize some of the most corrupt and repressive governments on earth, those in every realistic future scenario pose the greatest dangers to this world.
You can remain in the darkness if you wish, lost in an ignorant fantasy-land of mythical rebellion and all the silly plumes of learning you occasionally flourish in an effort to impress us.
Or you can confront the reality of the world. Every nation has warts; every nation has dark pasts and grave imperfections; and even worse, it will ever be thus. But as I said, that part of the world that is most free, most prosperous, most tolerant of diversity, and most loving of both humanity in the large and the individual in specific, is that part of the world governed by Western governments.
There will be courageous individuals in oppressive nations who will work tirelessly to move their nations in that direction. They will continue to choose their people over the unelected or quasi-elected oligarchs and elites who build their riches and play their games at the expense of the millions – billions – they purport to serve and defend.
Debate and discussion about information security, about the proper limits of signals intelligence, is healthy and it’s needed.
But do not forget who the actual enemies of the values of liberty and privacy, of autonomy and self-determination, are. Those who think they do best by doing their worst to undermine the West are at best useful idiots.
Here ends the friendly advice, neighbour. Good luck. Our conversation is at an end.
MarkH • July 22, 2015 2:49 AM
@Thoth:
The attack Clive proposes has the advantage of comparative simplicity*, and the limitation that an exploit requires monitoring of EM emissions during sensitive computations.
As I mentioned previously, these types of devices (and in fact almost all computing hardware) leak internal state like crazy via emitted EM and current fluctuations at the power/ground pins.
If the threat model for an application includes the ability of an attacker to monitor emitted EM and/or current consumption during sensitive computations, then the overall design MUST incorporate shielding and filtering to limit these side-channel signals. In most cases this is strictly necessary, even if one is sure that the chips don’t have any deliberately implanted “transmitter” as Clive described.
For that reason, I expressly excluded this type of implant when asking how the design of such chips can be tampered with in order to extract secrets from them.
If you don’t have comprehensive shielding and filtering, and an attacker can position a receiver close enough, that attacker can infer your secrets without any need for specially fiddled silicon.
And Franz Liebkind turns back to his little faithful friends the pigeons.
Clive Robinson • July 22, 2015 9:35 AM
@ MarkH and others,
The point I was making was the “trade off” between the complexity of the backdoor and the complexity of the attackers receiver.
Whilst not a zero sum game, simplisticaly there is a level of complexity that needs to be achieved to “passively” get meaningful data from a CPU. Interestingly is that the more complexity you put in the CPU the tighter it’s scope or focus and the less use it is to wn attacker.
For instance assume a new CPU in the upper end of an existing CPU family gets the addition of a fast hardware multiplier and other DSP related stuff. You might decide instead of backdooring the ALU, you would get better results if you backdoor the multiplier (in a similar way). On the theory that all “real world” analog signals and PubKey crypto will get “off loaded” onto the fast multiplier. However the code writer might not be that interested in cutting new code for the fast multiplier when they already have adequate PubKey code they know works in a library from an earlier CPU, and use that rather than going through the grief of trying to get it working in an interleaved way with DSP functions processing audio.
Likewise backdooring an AES functional block is not going to help if some other crypto algorithm is used as well or instead of AES (just another reason I like cipher chaining).
Thus the more complex a processor chip, the more difficult it is to make passive backdoors. That is you can not backdoor all parts because the process by which you get the signal out would end up interfering with each other.
Further shielding alone is insufficient to stop backdoors being effective. You could for instance “phase modulate” the edges of data signals, to superimpose a Spread Spectrum like signal either as a “watermark” or lower bandwidth communications channel. As long as the data sent was relativly short and did not change it could be sent over and over again such that even the slowest changes of edges on a data output signal would eventually get the data out. This is one of the important reasons why you must always “re-clock” data outputs with a known to be good clock signal and fail hard and long on any error.
However the backdoors that worry the military are not those that emit signals but those susceptable to external signals aimed at the CPU.
Again a simple example would be a digital matched filter of two hundred or more bits. When the correct digital sequence is received the matched filter outputs a pulse, that could be used to do all manner of things, one of which could be to invert the meaning of the carry, zero or sign flags for the next operation. Or more subtly change a shift from logical to arithmetic, or add with carry to one without.
If the matched filter accidently got triggered it would be put down to meta-stability, gama radiation, or other very infrequent soft fault, or even a software bug, not a backdoor.
Thus it would only be under times of attack that such a backdoor would become visable, but with care by the attacker not obvious.
The thing about matched filters, is you can invert them and turn them into matchea correlators fairly easily, thus all inputs to the chip can be used for such an attack. The enemy simply broadcasts the corelation code repeatedly untill a match happens. Certain linear codes work if if they are subsampled etc.
Clive Robinson • July 22, 2015 2:31 PM
Some legal types working in the Internet Entertainment Industry need to check their work / knowledge / sanity,
https://www.chillingeffects.org/notices/10969223
Is a “Takedown Notice” sent to Google, look at claim 2 alleged offending IP address 3 of 127.0.0.1…
tyr • July 22, 2015 3:39 PM
@Clive
That means hackers are everywhere…!!!!
? Has anyone used multiple clock sources to defeat
the EM passive attacks ? With a single clock source
internally I can see how you get correlations to
decode. Would having non correlated clocks help or
is that just extra fluffery.
Bystander • July 22, 2015 4:09 PM
@tyr
Did you ever considere using asynchronous CPUs coupled with static RAM?
You might consider using different code snippets for the same task executed in a quasi-random order to confuse the listener a little more.
Without clock, the execution time of the instructions (which is temperature-dependent) is the only pattern that remains.
Asynchronous ARM:
http://www.computer.org/csdl/mags/mi/2007/02/m2058-abs.html
Do you like forth?
http://www.greenarraychips.com/
Architecture:
http://www.greenarraychips.com/home/documents/greg/PB003-110412-F18A.pdf
Nick P • July 22, 2015 4:53 PM
@ Bystander
Or check out AMULET from the team that’s been doing asynchronous, ARM chips since 1993. 😉
They also have a nice page on asynchronous logic.
Clive Robinson • July 22, 2015 5:32 PM
@ Bystander, Tyr,
GreenArray comes with an inherent problem, it’s Chairman “Chuck Moore” has quite a bit of history behind him. Quite a few people will not have anything to do with him on the “once bitten, twice shy” principle. Others have blaimed him for the fact that Forth, once popular is now a very definatly not main stream.
That said Forth has quite a few advantages, one being it’s use of stacks can with very little effort make it memory position independent so an MMU is not required for multitasking. By far the majority of other languages assume a fixed memory map which requires very complex task switching for multitasking, with much of the “heavy lift” done in an MMU.
Few microcontrolers come with either a MMU or it’s “poor man’s” equivalent of segments.
Forth being a thread based language benifits from the fact threaded code can be made to have a very small footprint, especialy with a shared base library.
The main downside is programers, who in the main find geting their heads around using Forth efficiently, an effort to far… I unfortunatly find myself in the camp of having being ruined by both assembler and standard compiled language programing oh and forever cursed to damnation by early contact with BASIC 😉
@ Tyr,
The use of multiple and free running clocks for security enhancment was looked at in the early days of smart cards… Ross J. Anderson spent quite a bit of time with it. Without going into the history of why, it’s easiest to say the ideas are not used.
If you want to know more on the issues of free running clocks you need to have knowledge of pendulum’s and why they always tend to become synchronised in some way. Then there is “injection locking” and parametric amplificarmtion to consider, befor the consideration of “active fault injection attacks by EM carrier and Modulated EM carrier. Which I have discussed previously on this blog.
tyr • July 22, 2015 6:58 PM
I expect Benni to weigh in on this one.
As far as the asynch, thanks for the answers. I’m now
looking at another round of study. FORTH is a fun
way to get a headache, someone said it works by
using the programmer as a pre-processor. It is hard to
beat its footprint but for specific hardware control
it is quite useful.
Thanks to Nick P I also am being partially educated
about FPGA open source.
Dirk Praet • July 22, 2015 7:25 PM
@ Clive
Is a “Takedown Notice” sent to Google, look at claim 2 alleged offending IP address 3 of 127.0.0.1…
The sort of prank every engineering team dreams of pulling off on legal.
Dirk Praet • July 22, 2015 7:31 PM
@ tyr
I expect Benni to weigh in on this one.
Hardly a surprise. I guess a growing number of German officials are getting nervous and are now opting for a more offensive approach to shut people up.
@tyr
It seems like Germany have now exposed it’s nature, it’s hypocritical side.
Pretty sure some very powerful hands managed to interrupt and coerce German Govt to make sure a decision (we should be able to guess the UKUSA had a hand) to ensure the cherished image of privacy that Germans like to be proud off is over and to get Germans to swap sides to the UKUSA party.
Figureitout • July 22, 2015 8:48 PM
MarkH
–Well PICs “lock” bits had a shield over them that was supposed to block all light but bunnie was able to clear them by simply angling UV light (something that strikes me more of arrogance in the engineers to not try something simple to break code protection). And it looks like it’s not really a “feechurr” in PICs but in Atmel (granted this is a more advanced 32-bit chip w/ all kinds of weird feechurrs, but not in the grander scheme of what I call “big embedded”) looks like you can “emulate EEPROM” in flash probably w/ some sorcery like “virtual memory” and as I said run some or all code in RAM by changing the linker file, enabling you to shutdown a couple more clocks maybe. Granted some things Atmel promises don’t exactly work lol…It should be easy(er) to write programs to annihilate RAM in smaller chips in the off-chance this is a legitimate threat of attacking toolchain (who builds these 500+MB binaries…) and the linker to squirt a virus in RAM that’ll just do annoying sh*t (simple simple is just reset chip a million times or spewing interrupts blocking my program).
They may be simple processors but you can concede they aren’t made simply anymore? I don’t like the trend towards surface mount everything b/c I can’t even get a multimeter on the pins…
All that said, agreed, someone will find it eventually (maybe keep it a secret too and use it, never seen that eh?). As a paranoid, I’d rather go a bit overkill and buy some time from future attacks than cross fingers.
Thoth RE: more emsec problems
–Well we can see now (I wrote about it in one of Bruce’s movie plot writing contests, simple prediction, hacking cars, it’s here and it’s thru the goddamn entertainment system) in newer cars. In general cars are secure (around 2001/2002 cars had better EMSEC assurance (standards and tests) than space shuttles…at least for radar, which a threat that needed to be eliminated is an enemy blasting radar at the backside of a spaceship after launch; somehow we (in US, not sure Singapore space program) got lucky in that it seemed to be good enough) and have high quality embedded code.
Clive Robinson RE: injection locking
–Came across it again surprisingly in my ARRL book lol (sometimes I skip ahead to “the good parts” even though I’m forcing myself to read it all, to try to get a strong grip on basics), I lost it when they just said and I quote, “This situation is very bad.” They gave a scenario where a VFO driving a power amplifier for a CW transmitter could, even w/ shielding, still leak back and injection lock itself lol (like a dog chasing its tail, or maybe a better analogy is eating itself).
The more interesting countermeasures listed were:
–Use feedthrough capacitors on power and control lines that pass in and out of the VFO enclosure and transceiver enclosure.
–Use buffer amplifier circuitry that amplifies signal by desired amount and provides sufficient attenuation of signal energy flowing in reverse direction (aka “reverse isolation).
–Use a mixing-based frequency-generating scheme instead of one that operates straight thru or by means of multiplication. These oscillator stages could operate on frequencies w/ no direct relationship to its output frequency, essentially eliminating the possibility of injection locking the VFO.
I don’t really get 2nd one and mixing stuff still is a bit ahead of me. Does this sound like good advice?
Nick P • July 22, 2015 9:15 PM
@ Clive Robinson, Bystander, Tyr
This article is the best I read on Forth. It gets you deep into the mindset and experience of it by a guy that tried to implement it. He ended up being amazed by it but also won’t use it again professionally. I think the author and the comments get to the bottom nicely. Also, there’s a few quotes and a linked comment at the end that indicate why you should steer clear of GreenArray. You’ll be surprised why you’ll be forcing things into 18 bit values.
The better one to emulate if you want to keep things simple is Niklaus Wirth. His Pascal + P-Code or Modula-2 + M-Code combo achieves much of the efficiency with code you can actually read, easy compatibility with standard machines, and whose experiences carry over to other languages. You’ll have a clear idea of what assembly your code produces. If you don’t care so much, then turn full optimizations on and enjoy faster assembly. Step up further in Oberon family to get more safety in form of GC and language features with less memory or CPU efficiency. Compilers and OS’s are well-documented to the point that you might implement them yourself as students did on many architectures.
Of course, you can cheat by using a ML-language or a LISP with simple, verified implementation to implement the tools for Modula/Oberon. That’s if you think stuff like compilers are harder to do in an imperative language. Racket Scheme particularly has excellent metaprogramming features. You can always implement it later by implementing the primitive constructs in 3GL’s, expanding the macro’s to most primitive forms, implementing the modules with the primitive constructs, and auto-generating Modula/Oberon from them with templates. Compile and you’re bootstrapped while barely understanding crap about the original language.
So many ways. Just avoid Forth unless you plan to code one of these open firmware projects which often stubbornly stick with it.
Note: Moore’s philosophy seems like what would’ve happen if Wirth took his simplicity mantra from practical desire to near-psychotic obsession.
Nick P • July 22, 2015 9:19 PM
@ Figureitout
What book is that again? I could always beef up the EMSEC part of my link farm. It’s a small patch of withered crops that look like they were planted in the 90’s and watered on occasion by winds blowing on the neighbor’s sprinkler system.
Figureitout • July 22, 2015 11:30 PM
Nick P
–ARRL Handbook for radio communications 2014 (hardback cover). Just give me an address and I can send you a CD w/ entire book (for a fee, of course), you just need Windows/Mac w/ Adobe to read it :p. Will only go into intricate detail of pure radio topics, but covers a lot of stuff. It’s not purely EMSEC at all, but electronics in general (which you need anyway for way more problems than just EMSEC). Ward Silver is editor and is my fave. writer in QST (generally always good technical articles).
Think your lawn just needs some of that water-based lube you were looking at, of course only after having been spread around on Wael’s you-know-what.
Nick P • July 23, 2015 12:56 AM
@ Figureitout
Appreciate it. No need to send it: I own a copy that’s stored on highly-advanced, magnetic platter technology. No ancient CD’s required. 🙂
“Think your lawn just needs some of that water-based lube you were looking at, of course only after having been spread around on Wael’s you-know-what.”
I’ve used petrol on lawns for artistic effect. Not water-based lubricants. And not spread around Wael’s lawn or car to give them the shine they’ve always deserved. That would be too much work on my part. Weird, too. 😛
Curious • July 23, 2015 1:09 AM
Something found on slashdot today (re. OpenSSH & FreeBSD):
“OpenSSH keyboard-interactive authentication brute force vulnerability (MaxAuthTries bypass)” (16. July 2015)
“The attack has been tested against a new FreeBSD 10.1 system and older FreeBSD versions such as version 6.2.”
Bystander • July 23, 2015 1:22 AM
@Nick P
Thanks for the AMULET reference. I considered posting something about AMULET as well but changed to the ARM IP. The asynchronous logic page is bookmarked.
Thanks for the forth article.
@Clive Robinson
I never considered forth as a language that would become mainstream. It is quite suitable for tasks like firmware and systems with small footprint.
The personal history behind this – thanks, I did not know.
My brief contact with forth is from the times when I worked with SPARC processors and Open Boot.
Same situation concerning BASIC for me, but the prolonged use of Pascal helped a litte…
@tyr, All
I also read netzpolitik.org on a regular base and they are basically making a good job of investigative journalism in their field of work, something I hope that more would do.
Their sources are the main focus of the investigation, but the team of netzpolitik.org is also concerned.
My take is that if the same would have happened through a larger newspaper, the reaction might be different…
MarkH • July 23, 2015 1:34 AM
@Figureitout:
I very well remember bunnie’s UV code-protect bypass. As it happened, I was developing an application on the exact same part he fiddled at the time. It was from bunnie’s post that I learned how cheap and easy it is to get a chip de-capped. From my perspective, that type of hack is of no security interest because:
• other code-protect hacks were already well known (Microchip datasheets have hilarious language to the effect that “if you bypass our code protection you are truly naughty”)
• a security application that depends on the secrecy of source and/or executable code is already sunk before it sets sail
I stipulate that “advanced” microcontrollers with MMUs, rings, or crypto hardware offer realistic potential for silicon back-dooring — so I don’t endorse them for critical anti-subversion systems. That’s why I’m interested in the primitive chips, which seem much less practical to hack.
While Clive’s “back channel” concepts are certainly possible, they don’t lend themselves well to practical attacks. And in order to make them more useful to an attacker, it would be necessary (I think) to make them much more complex, in a way that magnifies the heavy risk of disclosure.
To the extent that the Snowden material is representative of NSA programs, I interpret it as indicating rational policies. NSA apparently focused efforts on techniques and systems that can give a solid intelligence yield, have contained costs and complexity, and that can be limited, controlled, and focused. The Snowden material does NOT suggest a mindset of “throw the spaghetti and sauce at every possible wall, in the hope that some messy fragment or other might stick” — at least, not to my mind. The NSA exploits are designed to work with good probability of success in real-world conditions, not some ivory tower laboratory.
As for surface mount, well it’s what we have. As far as is practical, I use parts that are available in DIP packages for breadboarding, though production is strictly surface mount.
I’ve worked a lot with SO packages (0.05″ pitch), and have no real problem hand soldering or getting probes on. Finer pitches than that are beyond my old tools and skills.
MarkH • July 23, 2015 1:44 AM
@Clive:
“being ruined by both assembler and standard compiled language programming oh and forever cursed to damnation by early contact with BASIC”
We are nearly contemporaries, you and I. I started out with line-numbered languages, of which GE BASIC was the hideous worst. (An April fool’s ad once bragged about a new language’s COMEFROM statement, for those not satisfied with GOTO. The horrifying thing is that in BASIC, you really could add a COMEFROM statement …)
Years went by before I even knew that such a thing existed as a programming language whose grammar supports block structure. When I finally got to use one, I was delighted!
Yes, we had the opportunity to punch machine code into boot cards, or enter it into magnetic cores via front-panel toggle switches … thank God those days are over!!!
Wael • July 23, 2015 2:33 AM
@Figureitout, @Nick P,
lawn or car to give them the shine they’ve always deserved
I wish that was the case instead of the soul shattering experience I had recently (to borrow an expression I borrowed in the past.) You’d think people with a sense of humor are happy, eh? Some are hiding behind “tears of a clown”. I came here to get my mind off some things, and I disliked to ignore you. I think I’ll be out for some time …
Oh, and during my absence, you’d better not talk bad about me @Figureitout! I will check what you said and if I don’t like it, I’ll f###k you dead 😉
@Clive Robinson,
I don’t have the desire to comment on PICs and micro controllers at this time. Perhaps another day …
[1] Keeping that particular word to “a minimum” as the mod once requested 🙂
Curious • July 23, 2015 2:35 AM
Somewhat off topic: (e-sim cards for phones)
“Apple, Samsung in talks with telecom groups to launch e-Sim card”
http://www.ft.com/cms/s/0%2Ffc78a3ea-294b-11e5-acfb-cbd2e1c81cca.html#axzz3ghHHxxZL
I am reading in a related article, that with e-sim (SIM:Subscriber Identity Module), an IMSI (International Mobile Subscriber Identity) number is stored/programmed onto each phone (no exchangable sim card), and instead a phone service provider store your IMSI number with them, and when if between service providers, a new service provider simply store/register the IMSI number with them again. The article speculates that one would be registered with perhaps multiple service providers at the same time, switching between them.
Wesley Parish • July 23, 2015 4:01 AM
@Clive Robinson
Is a “Takedown Notice” sent to Google, look at claim 2 alleged offending IP address 3 of 127.0.0.1…
ROTFLMAO!!!!! What geniuses!!! That reminds me of the time Our Dear Friend @S[k]eptical attempted to persuade us that adding complexity did not add vulnerability! You remember? ROTFLMAOA!!!
Speaking of Our Good Friend @S[k]eptical, your bald statement,
Frankly the ideal outcome would be for populations in the ME to accept Israel as a legitimate nation, to tolerate religious diversity, and to stop hating one another to the point of continually threatening violence.
needs some qualification – quite some qualification. How do you correlate äccept[ing] Israel as a legitimate nation with tolerat[ing] religious diversity? If tolerating religious diversity correlates with being a legitimate nation, then what are we to make of Israel’s permitting fanatical religious settlers beyond the Green Line to desecrate mosques?
Yes, Israel permitting – and aiding and abetting it on more than the odd occasion – this behaviour – exacting a price from the local Palestinian population – is hardly consistent with stop[ing] hating one another to the point of continually threatening violence. Particularly when it’s our “side” that’s guilty of aiding and abetting “our side’s religious fanatics’ violence. That sort of behaviour falls under the FBI’s definition of terrorism, but since when has the US ever taken the Israelis to task over it? Makes the US a terrorist- and terrorism-supporting nation, doesn’t it?
After reading your statements for several years, @S[k]eptical, your modus operandi becomes rather painfully clear. You’re not so much a debater as a filibuster.
Wesley Parish • July 23, 2015 4:20 AM
@S[k]eptical
I really should add that anti-Americanism is the sort of accusation that got kinda old back in the 1980s, when every man and his dog in the US establishment accused New Zealand of it during the ANZUS crisis. I suppose I should be grateful for this foot-in-the-mouth behaviour of the US establishment, since it made me think more deeply about the actual issues at stake.
But really, I have relatives in the States. Like them, I disagree at times with US policies – at times, I’ve even disagreed with the policies of various states, since I can’t see how they are consistent with universal human values. How do you lump in these disagreements with specific state policies together with an overarching hatred of everything and everyone in the United States of America? And what sort of result do you get when you do so lump the two positions together? What do you expect? When everything tastes like chicken, what does chicken itself taste like?
Do you need a doctor’s certificate to do serious thinking in your line of work? Maybe I should contact my distant relatives and try to find you a good doctor.
Curious • July 23, 2015 6:35 AM
I am reading that HP (Hewlett Packard?) supposedly has a zero day initiative website named zerodayinitiative.com (unsure if this is true), and more importantly, that there is now apparently four new zero day vulnerabilities for MS ‘Internet Explorer’ (sic) (dated 20. July).
The article I read claims that this affects Win 10. I am a little confused as I assumed that Microsoft had simply switched out “IE” (some version) for the new MS “Edge” browser.
Not sure if the websites I looked at were legit, and the articles seemed a little unclear to me, so I don’t want to link to the articles.
“Internet Explorer is also available in Windows 10, which launches next week, so expect another out-of-band patch released by Microsoft in the coming days.”
Curious • July 23, 2015 9:49 AM
I found another article today that seem to nicely explain (to me anyway) the problems of the OpenSSH keyboard login vulnerability I mentioned here earlier. Afaik, the article doesn’t mention if this vulnerabiliy is there as a generic flaw, or only for people using certain implementations of OpenSSH (if there is, I wouldn’t know).
Curious • July 23, 2015 9:52 AM
Found another article about the four zero days vulnerabilities for Microsoft’s Internet Explorer:
https://threatpost.com/four-zero-days-disclosed-in-internet-explorer/113911
Nick P • July 23, 2015 11:12 AM
@ Wael
“I wish that was the case instead of the soul shattering experience I had recently (to borrow an expression I borrowed in the past.) ”
Uh, can’t say anything other than hope things get better for you.
Winter • July 24, 2015 8:49 AM
I saw this:
Boffins sting spooks with ‘HORNET’ onion router
http://www.theregister.co.uk/2015/07/24/hornet_highspeed_onion_routing_at_the_network_layer/
I have not yet read the academic paper (link in journal paper), but would not be qualified to judge it anyway.
Is this any good? It is a lot of hype (high-throughput, low latency, high security)
Umberto • July 24, 2015 12:20 PM
House Committee Puts NSA on Notice Over Encryption Standards
http://www.propublica.org/article/house-committee-nsa-nist-encryption-standards
Amendment would remove requirement that NIST consults with NSA on encryption standards
Figureitout • July 30, 2015 10:02 PM
MarkH
As it happened, I was developing an application on the exact same part he fiddled at the time.
–Well that sucks, I’d be freaking out. Yeah the code protection kind of sucks if all you have to do is connect the chip to the IDE and can simply reset the mutable lock bits lol….Contrary to what a lot of people say who probably haven’t tried attacking much stuff, I’m a believer in obscurity (when it really matters for the worst attackers), for instance it’d be a pain in the ass to have precisely “legal” code flashed but looks completely unreadable, and also to buff out the chip stamps on ALL IC’s on the board (even discrete components). Thus one would have to manually reverse engineer it (I imagine they’d go for physical chip measurements but still it’s a guessing game initially, also for final revisions remove all the via’s and obfuscate connections via 3+ layer boards) IF they can get their hands on it, likely just use easy inevitable side channels designing it or placing orders since telling the CM to STFU talking about it and make discretely and send a code word to random phone number when done for pickup (b/c using custom radio solutions is too much for most people).
Clive’s “back channel” concepts are certainly possible, they don’t lend themselves well to practical attacks
–Only practical in the sense if no one knows about it then you won’t defend against it…
primitive chips, which seem much less practical to hack
–Yeah, signals will be more unfiltered and more easily discernible. And you have to write all the drivers and final solutions will be tailored to customer (so I guess, what I would want and customer should too, except time and reliability) and how to securely connect it to guaranteed insecure hardware (transfer files/keys etc.). Also sucks when you hit a bug you can’t figure out (maybe all the senior engineers can’t either, b/c it’s mostly new territory and there isn’t much research…then you’re stuck and question whether it’s really worth it to delve down and try to fix it).
Wael
–Hope your clown tears are dry now, most of us here don’t have souls anymore so…welcome to the club. :p
if I don’t like it, I’ll f###k you dead 😉
–Hmm, you make it sound like a punishment…in that case punish me good baby! ( ͡~ ͜ʖ ͡°)
Clive Robinson • July 31, 2015 5:22 AM
@ Figureitout,
Contrary to what a lot of people say who probably haven’t tried attacking much stuff, I’m a believer in obscurity (when it really matters for the worst attackers)…
Obscurity only works when the attacker is working in a vacuum and the possible options are practicaly –not mathmatically– infinite.
Have a look at the history of breaking the Enigma, how each step forward was based on known information on the system. Starting from nothing would never have worked but each only just climbable mountain you conquer makes that next impossible mountain just climbable, so on and so on till Everest becomes peoples two week holiday or boy scout trip.
The thing is that knowledge of what a target has done before, tells you what they have invested in and that makes the moutain climbable.
Have a look at the history of satellite TV and stopping “free loaders” obscurity failed. One example was Sky, the made a new box, not only did they have unidetifiable info printed on the chip they also got the chip manufacturer to change the pins around and swap chip level functionality around by changing the metal layers. A lot of obscurity… It failed miserably one cracker took three weeks to break it. Because he knew they could not have re-designed the actuall system due to legacy boxes, he knew they would not write the code from scratch, therefore the internal CPU would be the same, getting at the code was a game of probing the pins for electrical differences (program line having a higher voltage than Vcc did not have substrate diode so could be found with a multimeter). Likewise other lines had give away charecteristics, each pin solved reduced the problem greatly to the point a little experimentation gave forth the internal code, it was simply a case of match sections of code and find the differences, once found then disassemble and reverse engineer, and make a work around then sell it… Three weeks work of “no pay” to be the kid on the block that everybody wants to give money to.
Also study how the Xbox got broken despite Micro$haft obsfication and cryptography.
If there is money behind striping the obsfication it will be done in less time than it took for you to do it in the first place.
The lesson is you have to develop in a vacuum, everything has to be new, no history and the bar has to be so high that no existing technology can get people up close let alone over it.
The problem is there is never going to be a sufficient technology gap, the market does not alow it as all the profit is in that gap.
Thus obscurity only works for one off or very limited effectivly obscure products with only tiny markets with little profit in them.
I know the serial guards I use to reduce the chances of malware attacks on “air gap crossing” work by what is effectivly obscurity, but then all guards do, and I also know they have software or design bugs that could be exploited, but again they all do.
The advantage I have over the $10,000 and up comercial models is mine are obscure very obscure, they are not available to others except by a black bag job. This makes the job of a potential attacker much much harder as they don’t have one on their test bench. Thus they have to probe, and they don’t know what I’m scanning for and how, thus I have a reasonable chance of seeing them coming and change things to protect the node systems.
I’m not overly worried about a black bag job, if they mount one it probably won’t be against the guards but the node information stores, and they will leave traces which ever they go for any way, which is why black bag jobs are hardly used these days, when supply chain poisoning or insider attacks are so much easier.
And before you mention the $5 wrench, nobody knows what the crypto keys are and no one person knows what the other shares are. It’s not compleatly invulnerable but sufficient for the value of the information / task that any attacks will be made at a different point in the overal system not this node of it. The information is short lived and does not stay in the node stores very long, once it’s moved on it’s not the node’s or my problem any more. However even if they did get into the node stores the information is always at rest in an encrypted form any way, it comes in that way and goes out that way it’s not decrypted by this node in the system. the only direct information the would get is when it came in and it’s size and a service identifier by which it gets pulled out by other nodes. All of which an attacker would have got by watching the wire into the node any way. By infrence of it not being in store they could see it had moved on but not by who or when it was pulled out.
When the number of users is limited pull systems are easier to secure than push systems, a nugget of information you might find usefull one day.
Figureitout • July 31, 2015 9:48 PM
Clive Robinson
–You know as much as I like doing math w/ mathematicians on a whiteboard, I’m an applied practical guy b/c otherwise we’re just flipping book pages and not having protection! We needed it yesterday…Turns out the enigma wasn’t really a strong system eh? The same analysis techniques won’t work for chips or systems today. And how many frozen dead bodies litter Mt. Everest (also read that book about the guy w/ frostbite; also, naturally, it’s becoming more and more polluted). People basically just use sherpas, trying to climb the mountain on their own accord w/o external info basically most everyone would die (except the macho wo?/man climbing w/ no air lol). And you can google earth it, and they need real-time and life-dependently-accurate weather forecasts or they die.
But a human could make an obstacle course out of thin air so absurd no one could do it.
Have a look at the history of satellite TV
–There’s money there, profit motive pushes humans to extraordinary lengths, hence banks can’t even spend enough money to not repeatedly get owned. Yeah I know of it kinda, as a kid I used to get it free b/c my dad worked on the early receivers. All we hear about is the one success but how many failures were there? Never hear that eh? Unless you hear screaming and a hammer smash in your neighbor’s garage lol. They eventually got a lot of the freeloaders and crackers via updates (someone would have to hack the internal system for either a pattern or intel on the codes to be used or have an insider selling out info) and my dad remembers them bringing in some proprietary crypto from Israel (likely much stronger now). Still haven’t solved rain issue and you know how many good engineers have thought on that problem…a lot. The solutions aren’t workable (mega amounts of power).
Now we can epoxy tamper chips and they’re surface mount pads so there’s no easy pins for a big clumbsy multimeter and I’m not sure at the moment to screw up “ohming it out”, there’s pads under the chip. People w/ equipment that lets you see those pads underneath (some grad student researchers do), pfft, well f*ck they’ll get at that then.
I haven’t read entirely how the Xbox was hacked but I think the chips did have labels on them, there was a lot of online “intel gathering” and I imagine it’d be a lot harder now since these boards are getting out of hobbyist budgets to hack at. What about some of the code signing we’ll be seeing in some intel chips? That’ll work for a while. I don’t want everything like that at all, but not everything so easily broken. You better know what you’re doing or if you’re resoldering stuff too many times, bust the board, then buy another product lol. And yeah, consumer products, “Thus obscurity only works for one off or very limited effectivly obscure products with only tiny markets with little profit in them.“–They’ll be everywhere, can’t protect those.
And so moving on to black bag attacks, they’d have to have pinhole cameras setup watching you work on the system w/ high resolution; otherwise they’re either going to have to come up w/ a fake replacement or they’ll probably screw up a custom board when the usual plug-n-play exploits don’t work (they’ll just read your internet searches and attack machines you download toolchains on, so if you can make your own toolchain, that’s what it takes, from first principles, frickin’ hard and it’ll be rigid), especially if under time pressure and can’t make noticeable cuts or indentations anywhere. And if your personal security system isn’t known or advertised they’ll probably slip up on initial approach (the hardest unknown part of attacking an unknown system) and they probably won’t be “smiling for the camera” or the trap they triggered…
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Jakub Narębski • July 17, 2015 4:35 PM
Nice article on the value of privacy, and a counter to “nothing to hide” mindset:
“If You’ve Got Nothing to Hide…” by Jacques Mattheij
http://jacquesmattheij.com/if-you-have-nothing-to-hide