Schneier on Security

Clive Robinson • January 20, 2024 5:22 PM

@ Anonymous, ALL,

Re : Comms chanals, data serialization, EM fault injection, etc.

” I found a Canadian vulnerability iOS Researcher who found in a Proof of Concept that by modulating and oscillating various freq he could causes buffer overflow on the A-10 and later chipsets”

What you give in upper case after that is a real mess. The kind of mess you sometimes see after automated translation of language.

But trying to piece it together is difficult as there are several things conflated in there.

First off the 1.5GHz / 19cm L Band of microwave frequences is quite susceptable to QRN (natural) and QRM (man made) interferance especially with the very low signal levels used by the US GNSS as one of a number of “Global Positioning/Navigation Systems”(GPNS). There are also the Russian GLONASS and European Galileo systems that are available for civilian use and have been for some time. China is a more recent entrant in the game with BeiDou and also India has NavIC that is currently called a regional system, Japan with QZSS which from memory is the most accurate position at under 10cm for civilian use. As well there are several other satellite navigation systems upgrades and enhancments in progress some of which are NGO systems for commercial systems (think drone package delivery, you don’t want your little delivery bot that’s replaced a human to go off the walkway into the road and become a traffic hazzard or get crushed).

The systems I’ve mentioned have or plan to have similar characteristics so in theory all could be used on the same device with appropriate hardware / firmware[1] / software. For instance NavIC chips since 2020 have been made by Qualcomm and are in some phones for the Broader Asian area bounded vy East Africa to Pacific West. The Indian Government have indicated upgrades to make it more compatible with existing systems.

Thus there is considerable complexity for mobile phones, cameras and many other GPS added systems to deal with, thus the potential for vulnerabilities is rated as “high” and some are already known to exist.

I’ve independently shown that nearly all GPS systems are very vulnerable to replay attacks which also means they are susceptible to “Code synthesis” attacks where you generate false signals with the correct time delays (there is even “test equipment” available). It’s been claimed that both Russia and Noeth Korea have attacked the US system experimentaly from time to time. It’s one of the reasons the US Mil Version is having it’s code generation now being done by cryptographically in very secure Key Generation (KeyGen) Hardware Securiry Moduals (HSM) with built in destructive protection that get “built into” equipment following high security Key Managment and use life / Audit (KeyMan / KeyLog) proceadures.

So yes there is vulnerabiliries in both the software and firmware involved with GPS that can be exploited. But does that have “further security reach?”. In some circumstances “Yes” but mostly it should be “No”. That is anything critically dependent on position such as Geo-Fenced security systems for the likes of Key Destruction etc will obviously be vulnerable to DoS / Bricking. Other systems such as those used to automatically point physical systems like antennas will fail to aim correctly and as sometimes already happens with Solar storms, guidence systems will fail and physical systems like vehicles go the wrong way such as “into the drink” of rivers, canals and even larger bodies of water.

The increased use of GPS without due consideration by system designers is going to cause some other significant problems[2]. Some of which will effect “Smart Weapons” and Geo-Fencing security systems[3] and more prosaicaly “advertising and marketing” and automated systems for drones and bots used increasingly in civilian systems.

But these attacks so far given are on the GPS system and will work against any GPS enabled device.

An iOS or iPhone specific attack has to involve an attack specific to iOS that escapes the GPS subsystem security sandbox. Which it might be but from what you quote appears unlikely.

Which leaves us something called,

“An Active EM Fault Injection Attack”[4].

In essence point a high level of EM radiation at Radio Frequencies at the tracks going into or out of a CPU chip and you can control it’s execution such that security features fail.

Worse the use of RF sub-systems makes getting such EM radiation or the attacking signals modulated on them way way easier.

I suspect that this type of EM fault injection attack that is now well into it’s fourth decade from my certain knowledge and research might have been “re-discovered” by somebody who has potentially worked it into exploiting one of many such vulnarabilities in all consumer devices into a viable attack.

Such attacks are also called “Active EmSec” or “Active TEMPEST”.

The two problems with using them are,

1, Synchronising to the device under attack.
2, Comming up with a suitably reliable attack signal.

If you have a look back there was not long ago an academic paper that showed how you could fake touch screen finger pressing by having an EM radiating coil in very close proximity. In effect it was “self synchronising” and the attack signal very simple.

But as a “Public Proof of Concept”(P-Poc) it spoke volumes about what is to come, even though nearly every one found an excuse to ignore the implications…

I hope that helps.

[1] Firmware used to have a specific meaning, but as “Programmable Array Logic”(PAL) devices went beyond the 22V10 in the 90’s and “Gate Array Logic”(GAL) became reprogramable “Field Programable Gate Array”(FPGA) the meaning got broadened to include the “Register Transfer Language”(RTL) and other “net lists” that in more modern devices are produced and compiled exactly the same way as software is and loaded into not just Flash ROM but registered memory (as mutable and as if not faster than SRAM and can often be treated like bit wide RAM) the difference between the net-list and high level “micro code” RTL is now effectively non existant from that envisaged in the 1940’s into 50’s with Maurice Willks dual diode array microprograming that gave us microcode and a very rapid increase in computer capability. This is especially true now with FPGAs being used in CPU’s to speed up algorithms much like the Math Co-Processors did just before the turn of the century. In nearly all cases you will find arrays used as “Look Up Tables”(LUTs) as this is aside from the addressing circuits the simplest and fastest way to give a measure of customizable programability.

[2] One significant aspect of GPS systems which will become a real issue when it is nolonger being “kept under the rug” will be it’s “evidentiary use”. Currently I know of no forensics based on GPS systems that actually tests for GPS soft or transitory failures and vulnerabilities, which makes all GPS Evidence decidedly questionable if not suspect currently. Especially as in many places “The Court” has a “Duty of Care” to ensure evidence meets not just certain standards but the required “burden of proof”. Amongst which is the forensic methods which is supposed to be enforced on the prosecution to reveal to the defence as part of evidence. At some point it will get argued especially as we are heading into sun spot maxima with vastly increased GPS effecting adverse solar weather, and the decreasing cost and increasing availability of GPS effecting technology (not just 1.5G / 19cm L band jammers).

[3] Back some multiple decades ago I demonstrated a relay attack against GPS. The simple form was simply mounting the GPS antenna with broadband amplifer on the end of 300m of coax connected to the GPS signal processing unit. The unit was kept in a fixed position but the antenna was moved. The processing unit displayed not the position of the unit, but the position of the antenna. So move the antenna around and it appeared as though the unit was moving. The coax can be replaced with say a 10Ghz X-Band link that can be built with less than $100 of readily available sub-assemblies (I designed with a friend and sold such links for outside broadcasts and such decades ago). Now flip things on their head… Geo-Fencing around airports and other facilities work on an invalid assumption that the GPS antenna is on the drone thus a ROM holds places the drone is not supposed to go. But when the effective antenna is not on the drone the drones geo-fence data will not relate to it’s actual position. Put the drone into a GPS position held hover and you can the fly it around by moving the effective antenna. Thus fly the drone right into any part of the geo-fenced area you want… But it gets worse, most anti-drone systems are simply GPS and control frequency jammers. If you build your own counter-jammer you can blast the signal from your effective antenna way above that of nearly all the anti-drone systems in what becomes a battle of the beams or if you want a visual pop-culture analog a StarWars fight with light sabers…

[4] Back in the 1980’s when CPUs were mostly 8bit and NMOS devices as CMOS was not upto speed. During research testing of a “Remote Telemetry Unit”(RTU) for use in the petro-chem industry I independently discovered that the use of a 1 watt hand held two way radio on VHF or UHF could make the CPU “soft-fail” which is very very bad news in a safety critical system whic RTUs mostly are. I went on to further the research finding that by modulation of the EM signal not only could I get around many shielding systems I could control the way the CPU “soft failed” such that it would cause the likes of branches in code to fail or go the wrong way. Thus for example a failure to authenticate could be flipped into a successful authentication without having to guess usernames or passwords. Of particular interest I later demonstrated this against “pocket financial” systems such as casino devices, electronic wallets and telephone payment systems.

Clive Robinson • January 21, 2024 11:36 PM

@ JonKnowsNothing, @lurker, All,

Re : Workstation credentials.

“I may have misread some of the article…”

Lets just say you are probably not the only one 😉

Because of the way the article was written, I get the feeling the journalist had to little information and was stretching it not just thin, but to cover a lot of potential bases that might or might not be actual involved.

That said I probably did not make myself clear as I’m still cautious of the automod.

That said, you get the same basic factoid I spotted,

“This software-bomb was sitting in the archives for 2years.”

What I was questioning was why after two years the credentials still worked…

Enforced Policy on CAs for PKcerts used for access authentication is max life of just over a year.

Enforced Policy by audit for “Payment Card Industry”(PCI) accreditation etc for Passwords during that two year period which M$ actually built into their systems was “Revoke and replace” maximum of 90days to revoke maximum 30days thereafter to replace.

Thus if the otherwise enforced standard policy rules were being followed… then even though the credebtials became known to the enemy, they most definately should have been invalid thus not worked after two years…

Which begs the question,

“What is the business case for having the authentication credentials working long after standard and automatically enforced security policy said they should not?”

I can make some guesses based on assumptions, such as,

1, Automated test/install tools.
2, Disjoint authentication process.

The first almost always involves the distinct “No No” of embeding the credentials in multiple scripts.

The second is sometimes called a “Browse-Up Process and is like people inventing their own crypto algorithms… In essence they are trying to emulate a “sudo” like process for authentication across the network for siloed, disjoint, or disparate systems.

That is the user uses their “unprivileged account” authentication credentials to access a sudo like network process that uses an entirely different set of “privileged account” authentication credentials to auto-login the user with system/administrator rights on another entirely seperate system on a network they have no account etc on such as a server that gets managed by multiple people.

Developing such a network process is functionally not hard, but to also make it secure is frought with difficulties thus potential vulnerabilities and is realy best avoided.

Because if an attacker knows or suspects there is such an ad hoc system on the network it would almost certainly be a way an attacker would look to exploit as it would probably give network wide privilege escalation (which might be what happened here).

Thus both are realy not at all smart things to do from a security perspective but from a managment and work flow perspective,

“They are a convenient convenience”

Saving resources, reducing work load, increasing flexibility, and numerous other “this looks good” effects (Shades of SolarWinds). Thus in the less knowledgeable a sense of “What’s not to like?” and from managment that knee jerk “Make it so” nonsense follows almost automatically on such proposals…

It’s the same nonsense that connects systems to the Internet without good cause, lets “full stack” developers punch holes in firewals for dangerous if not vulnerable kitchen sink “serialisation” code in libraries and FOSS etc, and all manner of other “Security Anti-Patterns”,

https://www.ncsc.gov.uk/whitepaper/security-architecture-anti-patterns

Clive Robinson • January 22, 2024 2:07 AM

@ lurker, JonKnowsNothing, ALL,

Re : Then there were three[1].

Is possibly a little enigmatic for some…

It actually goes back to a childrens nursery rhyme that was used as part of the plot in the Agatha Christie’s novel “Then there were none” which is the final line of the rhyme…

Even back then the original name of the rhyme had become “socially unacceptable” and it got changed eventually becoming “Ten little Soldier Boys”.

The two verses where “three appears” are both relevant,

“Four little Soldier Boys going out to sea; A red herring swallowed one and then there were three.

Three little Soldier Boys walking in the zoo; A big bear hugged one and then there were two.”

So to misquote Lewis Carol’s childrens poem on the absurdity of life,

‘”The time has come,’ the walrus said, “to talk of many things: Of cozy bears that hug – and stealing soldier boys so lax – of savages and red-hearings.”‘

P.S. Blaim the lack of lemon tea 😉

[1] Also used as the name of a film and an album. The 1961 Italian film can be traced back via the unknown killer theme to the book. Of the 78 Genesis Album it’s hard to say, who came up with the name, or ifvit traced back to the rhym… Knowing such things was once important as there was “The chain game” where you were given catagories that you had to link as cleverly or obscurely or both as possible.

Clive Robinson • January 22, 2024 10:44 AM

@ PaulBart,

Re : History.

“What a privileged statement.”

Nope, just historically factual and not deliberately short term a failing of many neo-cons. But if you go back you will see I already explained not just the Who but the Why such corrupt people were still in post.

So the real question to ask you is,

Are you,
1, As dumb as a stump
2, Being a troll
3, Failing at being a disseminator of far right propaganda by faux-whataboutism protestations?

Yes I know it’s a “multi-choice” question, but hey is anything more than one too cognitively taxing for you?

Or perhaps the concept of non exclusive OR answering where it could be say “the first and second” choices or all three that gets you to look the way you do so often…

Clive Robinson • January 23, 2024 5:00 AM

@ &ers, ALL,

Re : Ukrain $110 “secure” radio.

The EuroMaiden article starts off with an assumption of,

“… effectively, creating a nearly undetectable communication system.”

The handset is apparently “Frequency Hopping Spread Spectrum”(FH-SS) which back last century was known to have issues even though called “Low Probability of Intercept”(LPI).

I suspect what they have done is taken a standard low cost HT motherboard design and replaced the keyboard interface with a microcontroler device such as those like the Adruino.

The fact it’s only got 2^16 hop channels means it’s probably got a less than 100MHz operating bandwidth in the UHF band. Which means you can see it on a “Spectrum Analyser”(SA) with a “Log Periodic Dipole Array”(LPDA) or “Biconical” or “Discone” broad band antennas that are all “Standard Test Kit”. Thus the Discone being omnidirectional will let you know a handset is transmitting and the LPDA will give you basic directional information.

You can buy low cost “Software Defined Radios” with network interfaces where you can “sync them together” such that you can easily make a “phased cardiod” synthetic antenna or similar such as an “Adcock antenna”(from WWI) that at UHF would hang easily under a DJI drone (as I’ve found out[1]). Such phased antennas can have a very narrow directional “notch” getting down to just a degree or two (see “Elephant Cage” for one of greater accuracy).

You can get the price of the RF front end right down using the likes of a couple of $15 RTL-SDR and a small “Single Board Computer”(SBC) or strip down a low cost “mobile Phone” (which makes it effectively unlimited control range with “mobile broadband”). Hang this off of a helium weather ballon and you get a very interesting EW capability. The equivalent the US used to buy for “tens of millions” was the forerunner of Boeing’s RC-135 Rivet Joint, the latest of which come in for something over $300million each for the base model…

For the Ukraine the prevailing wind direction from the west favours them not Russia. And the advantage of splitting the sensor head from the intelligence processing body means that it’s quite expendable and does not reveal anything of consequence if “captured”…

The problem with FH-SS is not the complexity or unpredictability of the “hopping sequence”, but how long it takes the “Variable Frequency Oscillator”(VFO) to “come on frequency” and the RF TX circuit to stabilize[2]. Also there are synchronisation and modulation issues. But… You can get it “All in a SoC” these days with WiFi and LoRa chip sets[3].

Solving the “sync” problem in SS systems traditionally is done in one of three ways,

1, High precision clocks.
2, Sync / heartbeat Transmissions
3, Preamble transmissions.

The first is expensive, and the other two can make a handset “more visable” to EW as well as more susceptable to jamming.

Anyway this post though of interest to quite a few people is now way to long 😉

[1] The Adcock Antenna,

‘https://en.m.wikipedia.org/wiki/Adcock_antenna

Is made from four vertical dipoles. That on ground stations are often quaterwaves over a couterpoise mat, or halfwave verticles fed in the center mounted on a mast (you can see pictures of them on uptodate “field EW Units”. Both of these are mechanically problematical for hanging under a drone. The solution I’ve designed and done a little playing with is a variation of the halfwave dipole made from “semi-rigid coax” where you use the striped center to make one half of the dipole, and the outer of the coax as the other, and you “choke it off” with a ferrite bead and a bend at 90degrees in the coax. The “tails” then get soldered to a PCB in the center with diodes used to provide the electronically adjustable “phasing”. It’s a variation on a Datong “Direction Finding”(DF) design going back nearly a half century the design of which has been published a few times and I’ve mentioned it on this blog before so it’s nothing “secret”. If you see a Police Car with four antennas on the roof in a square it’s almost certainly a phased antenna of this sort, used to direction find high end stolen cars and security trucks and similar.

When used with SDR’s in I/Q mode and software processed, the likes of Adcock and similar antenna based systems can get a direction in less than 1/10,000/Sec and for multiple signals even with consumer priced equipment. The bulk of the cost not being in the sensor head but in the “Intelligence Processing Unit” which can be on the ground in a bunker or armoured vehicle hundreds of meters away. The “radio horizon” to which you could DF to with even a low cost drone would be upto ~100kM…

Using say one of the more high end “Lime SDR” boards and modifing “Open Source Software” a little you can make a networked EW recever of more than sufficient quality for well under $1000. using an “Adcock Antenna” all suspended from a bigger commercial drone using amplified WiFi and a directional antenna you have a very powerfull EW system that even a few years ago would have been near impossible or up well over the $100,000/unit price range.

[2] One solution to the long time in “Phase Locked Loop”(PLL) VFO issue is to use a “Numeracally Controled Oscillator”(NCO). NCOs can come in one of two forms, one has a Digital(D-NCO) output the other analog(A-NCO). The D-NCO is slower to change frequency as it’s output waveform is generated by the “accumulator” carry overflow, however it can run at a “clocked rate”(fclk) well up in the GHz range thus can generate VHF/UHF output (and spurs up into the microwave bands). The A-NCO can change frequency as fast as the accumulate value can be changed, however it’s upper frequency is limited by the performance of the “Digital to Analog Converter”(DAC) which are still comparatively slow compared to digital counters. Both however are not sufficiently “spectrally clean” to use directly as the TX frequency source so additional circuitry is required that will effect the frequency hopping rate in an FH-SS system. However both D-NCO’s and A-NCO’s can be made in software for low frequencies and can easily have very very low frequency steps of fclk/(2^48) or effectively “to small to measure in 3million life times”. I was doing software NCO’s back in the 1980’s in seismology test equipment, RF Modems, and later in very inexpensive cordless phones. These days you can get chips in the $1 range with three NCO’s in some Analog output some Digital with I/Q outputs. They are even built into very low cost microcontroler chips,

‘https://m.youtube.com/watch?v=bWHe_PBEPdU

[3] LoRa chipsets,

‘https://en.m.wikipedia.org/wiki/LoRa

Are realy inexpensive which is why you can tell “Hellium Mining” is a variation of the now burst blockchain crypto-coin mining bubble/scam. That said the chips can be used with a mixer and an NCO chip in a down converting hetrodyne system to give an easy low cost Combined/hybrid Spread Spectrum system with a high degree of AES encryption and very much increased difficulty for EW surveillance. I’ve got a “test board” I designed to work in the 144Mhz Ham Band that is both low power and fits easily into a CubeSat 10cm cube along with power supply in orbit stabalisation and some other “research” instruments. It makes an interesting “technology demonstrator” for potential CubeSat constalation systems using Ad Hoc Mesh communications,

‘https://en.m.wikipedia.org/wiki/Wireless_ad_hoc_network

Clive Robinson • January 23, 2024 7:36 AM

@ ResearcherZero, ALL,

Re : SigInt arguments against hybrids.

I’m long known to be infavour of not jusu hybrids but systems where you use the strong parts of different crypto systems to produce new types of crypto system.

Bit I know of only one practical and only one theoretical argument against hybrids.

On the theoretical side, the two algorithms might just work in contradiction to each other.

That is in theory the first algorithm encrypts and the second algorithm then partially decrypts it.

You can see that with XOR doing it twice in a row with the same secret value unmasks the data byte. Likewise with ADD MOD X if the values effectively and up to zero the data byte gets unmasked.

These sorts of theoretical issues can be designed out.

The practical issue, happens already and it’s a version of “man in the middle fall back attack”.

Consider what happens when the two ends of communications do not have the same “strongest algorithm” they fall back to the next strongest algorithm untill they find they have an algorithm in common.

Well what happens if they don’t have an algorithm in common?

Well you could end up using “no algorithm” or “not communicating”.

Normally the “no algorithm” case can not happen because if there is no common algorithm it’s easy to see.

In hybrid systems it’s a little more complex as you have two algorithms in series.

We know that with embedded systems such as utility meters, they may only have a single “Traditional”(T) algorithm and not a “Quantum”(Q) algorithm. The aim is that over a period of time applications will nolonger suppprt T but only Q algorithms. That is not going to happen in my lifetime and probably not in the working liftime of all this blogs current readers.

Now… You connect and go into the protocol negotion phase. There are four possibilities,

1, T,Q
2, -,Q
3, T,-
4, -,-

You don’t want the fourth “neither” to happend and you’ld rather the third “Traditional only” did not happen. The SigInt agencies want the second which is as I said unlikely to happen any time soon.

Which means the first option od hybrid is what is realy wanted.

But the logic can get muddled and third could in the future slide through when only the first or second is considered acceptable.

It’s even possible for the fourth to slide through as well if the logic is not properly stiched together.

But… If you are aware of this then it should not happen.

Unless someone leaves in a null algorithm. That is where during testing the least secure algorithm gets made “plaintext”. This can and does currently happen when people are trying to test for faults…

Similarly if you use the same algorithm twice and somehow end up with one as encrypt and the second as decrypt and the key the same, or have a weak / trivial key difference.

So yes there is a danger, with hybrids but should it be OMG?

Clive Robinson • January 25, 2024 4:31 PM

@ lurker,

Re : Leaks with BT headsets.

“I would not recommend a BT headset (earphones + mic) for professional applications, for the reasons demonstrated in the article linked by @&ers: the protocol is just too leaky.”

My fear from experience is not a security leak but one of a different kind.

A friend had a HiFi headset that ran of WiFi not bluetooth, and he was listening to some quite clasical music with the volume turned up. When something caused it to go on the fritz and in his words “a chainsaw went off in his head”.

It nescesitated a visit to an audiologist to physically check his ears and a perforated ear drum was found. Apparently the audiologist thought the perf was probably down to physical illness but wryly noted that the headset behaving as described “would not have helped”…

Our ears like our eyes are rather more precious to us than we would care to realise. Having already got tinitus from to much time on the range when younger, the last thing I’d want is red stuff leaking out because bluetooth decided to run the equivalent of an audio drill press into my head…