Crypto-Gram

November 15, 2015

by Bruce Schneier
CTO, Resilient Systems, Inc.
schneier@schneier.com
https://www.schneier.com

A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and otherwise.

For back issues, or to subscribe, visit <https://www.schneier.com/crypto-gram.html>.

You can read this issue on the web at <https://www.schneier.com/crypto-gram/archives/2015/...>. These same essays and news items appear in the "Schneier on Security" blog at <http://www.schneier.com/blog>, along with a lively and intelligent comment section. An RSS feed is available.


In this issue:


The Doxing Trend

If the director of the CIA can't keep his e-mail secure, what hope do the rest of us have -- for our e-mail or any of our digital information?

None, and that's why the companies that we entrust with our digital lives need to be required to secure it for us, and held accountable when they fail. It's not just a personal or business issue; it's a matter of public safety.

The details of the story are worth repeating. Someone, reportedly a teenager, hacked into CIA Director John O. Brennan's AOL account. He says he did so by posing as a Verizon employee to Verizon to get personal information about Brennan's account, as well as his bank card number and his AOL e-mail address. Then he called AOL and pretended to be Brennan. Armed with the information he got from Verizon, he convinced AOL customer service to reset his password.

The CIA director did nothing wrong. He didn't choose a lousy password. He didn't leave a copy of it lying around. He didn't even send it in e-mail to the wrong person. The security failure, according to this account, was entirely with Verizon and AOL. Yet still Brennan's e-mail was leaked to the press and posted on WikiLeaks.

This kind of attack is not new. In 2012, the Gmail and Twitter accounts of Wired writer Mat Honan were taken over by a hacker who first persuaded Amazon to give him Honan's credit card details, then used that information to hack into his Apple ID account, and finally used that information to get into his Gmail account.

For most of us, our primary e-mail account is the "master key" to every one of our other accounts. If we click on a site's "forgot your password?" link, that site will helpfully e-mail us a special URL that allows us to reset our password. That's how Honan's hacker got into his Twitter account, and presumably Brennan's hacker could have done the same thing to any of Brennan's accounts.

Internet e-mail providers are trying to beef up their authentication systems. Yahoo recently announced it would do away with passwords, instead sending a one-time authentication code to the user's smartphone. Google has long had an optional two-step authentication system that involves sending a one-time code to the user via phone call or SMS.

You might think cell phone authentication would thwart these attacks. Even if a hacker persuaded your e-mail provider to change your password, he wouldn't have your phone and couldn't obtain the one-time code. But there's a way to beat this, too. Indie developer Grant Blakeman's Gmail account was hacked last year, even though he had that extra-secure two-step system turned on. The hackers persuaded his cell phone company to forward his calls to another number, one controlled by the hackers, so they were able to get the necessary one-time code. And from Google, they were able to reset his Instagram password.

Brennan was lucky. He didn't have anything classified on his AOL account. There were no personal scandals exposed in his email. Yes, his 47-page top-secret clearance form was sensitive, but not embarrassing. Honan was less lucky, and lost irreplaceable photographs of his daughter.

Neither of them should have been put through this. None of us should have to worry about this.

The problem is a system that makes this possible, and companies that don't care because they don't suffer the losses. It's a classic market failure, and government intervention is how we have to fix the problem.

It's only when the costs of insecurity exceed the costs of doing it right that companies will invest properly in our security. Companies need to be responsible for the personal information they store about us. They need to secure it better, and they need to suffer penalties if they improperly release it. This means regulatory security standards.

The government should not mandate how a company secures our data; that will move the responsibility to the government and stifle innovation. Instead, government should establish minimum standards for results, and let the market figure out how to do it most effectively. It should allow individuals whose information has been exposed sue for damages. This is a model that has worked in all other aspects of public safety, and it needs to be applied here as well.

We have a role to play in this, too. One of the reasons security measures are so easy to bypass is that we as consumers demand they be easy to use, and easy for us to bypass if we lose or forget our passwords. We need to recognize that good security will be less convenient. Again, regulations mandating this will make it more common, and eventually more acceptable.

Information security is complicated, and hard to get right. I'm an expert in the field, and it's hard for me. It's hard for the director of the CIA. And it's hard for you. Security settings on websites are complicated and confusing. Security products are no different. As long as it's solely the user's responsibility to get right, and solely the user's loss if it goes wrong, we're never going to solve it.

It doesn't have to be this way. We should demand better and more usable security from the companies we do business with and whose services we use online. But because we don't have any real visibility into those companies' security, we should demand our government start regulating the security of these companies as a matter of public safety.

Brennan's hacker:
http://www.wired.com/2015/10/...
http://nypost.com/2015/10/18/...

Matt Honan's story:
http://www.wired.com/2012/08/...

Yahoo and Google securing login:
http://www.latimes.com/business/technology/...
https://www.google.com/landing/2step/

How two-factor authentication was defeated:
http://gizmodo.com/...

Brennan's clearance form:
https://wikileaks.org/cia-emails/...

This essay previously appeared on CNN.com.
http://www.cnn.com/2015/10/23/opinions/...


The Rise of Political Doxing

Recently, CIA director John O. Brennan became the latest victim of what's become a popular way to embarrass and harass people on the Internet. A hacker allegedly broke into his AOL account and published e-mails and documents found inside, many of them personal and sensitive.

It's called doxing -- sometimes doxxing -- from the word "documents." It emerged in the 1990s as a hacker revenge tactic, and has since been as a tool to harass and intimidate people, primarily women, on the Internet. Someone would threaten a woman with physical harm, or try to incite others to harm her, and publish her personal information as a way of saying "I know a lot about you -- like where you live and work." Victims of doxing talk about the fear that this tactic instills. It's very effective, by which I mean that it's horrible.

Brennan's doxing was slightly different. Here, the attacker had a more political motive. He wasn't out to intimidate Brennan; he simply wanted to embarrass him. His personal papers were dumped indiscriminately, fodder for an eager press. This doxing was a political act, and we're seeing this kind of thing more and more.

Last year, the government of North Korea did this to Sony. Hackers the FBI believes were working for North Korea broke into the company's networks, stole a huge amount of corporate data, and published it. This included unreleased movies, financial information, company plans, and personal e-mails. The reputational damage to the company was enormous; the company estimated the cost at $41 million.

In July, hackers stole and published sensitive documents from the cyberweapons arms manufacturer Hacking Team. That same month, different hackers did the same thing to the infidelity website Ashley Madison. In 2014, hackers broke into the iCloud accounts of over 100 celebrities and published personal photographs, most containing some nudity. In 2013, Edward Snowden doxed the NSA.

These aren't the first instances of politically motivated doxing, but there's a clear trend. As people realize what an effective attack this can be, and how an individual can use the tactic to do considerable damage to powerful people and institutions, we're going to see a lot more of it.

On the Internet, attack is easier than defense. We're living in a world where a sufficiently skilled and motivated attacker will circumvent network security. Even worse, most Internet security assumes it needs to defend against an opportunistic attacker who will attack the weakest network in order to get -- for example -- a pile of credit card numbers. The notion of a targeted attacker, who wants Sony or Ashley Madison or John Brennan because of what they stand for, is still new. And it's even harder to defend against.

What this means is that we're going to see more political doxing in the future, against both people and institutions. It's going to be a factor in elections. It's going to be a factor in anti-corporate activism. More people will find their personal information exposed to the world: politicians, corporate executives, celebrities, divisive and outspoken individuals.

Of course they won't all be doxed, but some of them will. Some of them will be doxed directly, like Brennan. Some of them will be inadvertent victims of a doxing attack aimed at a company where their information is stored, like those celebrities with iPhone accounts and every customer of Ashley Madison. Regardless of the method, lots of people will have to face the publication of personal correspondence, documents, and information they would rather be private.

In the end, doxing is a tactic that the powerless can effectively use against the powerful. It can be used for whistleblowing. It can be used as a vehicle for social change. And it can be used to embarrass, harass, and intimidate. Its popularity will rise and fall on this effectiveness, especially in a world where prosecuting the doxers is so difficult.

There's no good solution for this right now. We all have the right to privacy, and we should be free from doxing. But we're not, and those of us who are in the public eye have no choice but to rethink our online data shadows.

Brennan's hacking:
http://motherboard.vice.com/read/...

History of doxing:
https://www.washingtonpost.com/news/the-intersect/...

A victim's story:
http://www.dailydot.com/geek/...

Doxing of Sony:
http://motherboard.vice.com/read/...
http://www.usatoday.com/story/tech/2015/04/30/...

Doxing of Hacking Team:
http://motherboard.vice.com/read/...

Doxing of Ashley Madison:
http://motherboard.vice.com/read/...

Doxing of celebrity photos on iCloud:
http://thenextweb.com/apple/2014/09/01/...
http://www.theverge.com/2014/9/2/6099307/...

Snowden doxing the NSA:
http://www.theguardian.com/us-news/the-nsa-files

Me on institutional doxing:
https://www.schneier.com/blog/archives/2015/07/...

Slashdot thread:
http://politics.slashdot.org/story/15/11/02/1351206/...

This essay previously appeared on Vice Motherboard.
http://motherboard.vice.com/read/...


News

Lots more on the fallibility of DNA evidence:
https://www.newscientist.com/article/...
http://stories.frontline.org/dna
http://www.scienceandjusticejournal.com/article/...
http://www.post-gazette.com/local/city/2015/10/10/...

Citizen Lab continues to do excellent work exposing the world's cyber-weapons arms manufacturers. Its latest report attempts to track users of Gamma International's FinFisher.
https://citizenlab.org/2015/10/...
Here's the map of suspected FinFisher users, including some pretty reprehensible governments.
https://citizenlab.org/wp-content/uploads/2015/10/...
Two news articles.
http://motherboard.vice.com/read/...
http://bigstory.ap.org/article/...

If you call the proper phone extension, you have complete control over the public address system at a Target store.
http://www.bbc.co.uk/news/technology-34556644
This goes way back:
http://www.phonelosers.org/zine/pla025/
https://www.youtube.com/watch?v=8CTK64F2sbM#t=11m25s

A lot has been written about the security vulnerability resulting from outdated and unpatched Android software. The basic problem is that while Google regularly updates the Android software, phone manufacturers don't regularly push updates out to Android users. New research tries to quantify the risk.
https://www.lightbluetouchpaper.org/2015/10/08/...
https://www.cl.cam.ac.uk/%7Edrt24/papers/...

Funny monologue on forgotten passwords.
https://www.youtube.com/watch?v=2tJ-NSPES9Y

Both the FBI and local law enforcement are trying to get the genetic data stored at companies like 23andMe. No surprise, really.
http://fusion.net/story/215204/...

New Orleans Advocate:
http://www.theneworleansadvocate.com/news/...

This is an impressive Fitbit hack.
http://www.theregister.co.uk/2015/10/21/fitbit_hack/
Some of the details are missing from the story. The researcher has cleared things up. Basically, it is possible to place data onto a Fitbit and to retrieve that data, but not to cause automatic code execution or malware propagation.
https://twitter.com/cryptax/status/656950863676743680
https://twitter.com/cryptax/status/656951098050260992
https://twitter.com/cryptax/status/656951545205030912

This paper describes what is almost certainly the most sophisticated chip-and-pin credit card fraud to date.
http://eprint.iacr.org/2015/963.pdf
http://arstechnica.com/tech-policy/2015/10/...
https://boingboing.net/2015/10/20/...

Microsoft's president, Brad Smith, has a blog post discussing what to do now that the US-EU safe-harbor agreement has collapsed.
https://blogs.microsoft.com/on-the-issues/2015/10/...
http://arstechnica.com/tech-policy/2015/10/...
http://www.tomshardware.com/news/...
http://www.winbeta.org/news/...

Ravens have been shown to identify and remember cheaters among their unkindness.
http://www.iflscience.com/plants-and-animals/...

In Data and Goliath, I talk about the need for transparency, oversight, and accountability as the mechanism to allow surveillance when it is necessary, while preserving our security against excessive surveillance and surveillance abuse. James Losey has a new paper that discusses the need for transparency in surveillance.
http://ijoc.org/index.php/ijoc/article/view/3329/1495

In August, I wrote about the NSA's plans to move to quantum-resistant algorithms for its own cryptographic needs. Cryptographers Neal Koblitz and Alfred Menezes just published a long paper speculating as to the government's real motives for doing this. They range from some new cryptanalysis of ECC to a political need after the DUAL_EC_PRNG disaster -- to the stated reason of quantum computing fears. Read the whole paper. (Feel free to skip over the math if it gets too hard, but keep going until the end.)
https://eprint.iacr.org/2015/1018.pdf
My previous writing:
https://www.schneier.com/blog/archives/2015/08/...
Matt Green's take on the question:
http://blog.cryptographyengineering.com/2015/10/...

Researchers have shown that it is both easy and cheap to surveil connected vehicles.
http://spectrum.ieee.org/cars-that-think/...
This article talks about various anonymization techniques, none of which I am optimistic about.
http://www.wired.com/2015/10/...

This device is clever: it's a three-digit combination lock that prevents a USB drive from being read. It's not going to keep out anyone serious, but is a great solution for the sort of casual security that most people need.
http://usb.brando.com/...
http://www.apricorn.com/products/...

In 2009, the Australian government released the Protocol for Lightweight Authentication of Identity (PLAID) protocol. It was recently analyzed (original paper is from 2014, but was just updated), and it's a security disaster. Matt Green wrote a good blog post back in 2014 that explains the problems.
http://www.humanservices.gov.au/corporate/...
https://eprint.iacr.org/2014/728
http://blog.cryptographyengineering.com/2014/10/...
http://it.slashdot.org/story/15/10/28/1537207/...- conspiracies-and-german-tanks
https://www.reddit.com/r/australia/comments/3qo8c2/...

Parody: "China Unable To Recruit Hackers Fast Enough To Keep Up With Vulnerabilities In U.S. Security Systems." It's only funny because it's true.
http://www.theonion.com/article/...

I don't know whether to believe this story. Supposedly the startup Zerodium paid someone $1M for an iOS 9.1 and 9.2b hack. I know startups like publicity, but certainly an exploit like this is more valuable if it's not talked about. So this might be real, or it might be a PR stunt. But companies selling exploits to governments is certainly real.
http://motherboard.vice.com/read/...
http://www.wired.com/2015/11/...

Interesting paper: "Drops for Stuff: An Analysis of Reshipping Mule Scams"
http://www0.cs.ucl.ac.uk/staff/G.Stringhini/papers/...
https://www.benthamsgaze.org/2015/10/27/...

Julia Angwin's daughter is selling diceware passwords by mail.
http://www.dicewarepasswords.com/

The Economist published a really good article on the blockchain.
http://www.economist.com/news/leaders/...

Interesting interview with Linus Torvalds on Linux security.
http://www.washingtonpost.com/sf/business/2015/11/...
http://linux.slashdot.org/story/15/11/06/132209/...

IT security is still a great career path. Jobs are plentiful and salaries are booming.
http://www.itworld.com/article/2999370/careers/...
I know from personal experience that demand far exceeds supply.

Some of the tricks that ransomware is using to get victims to pay up.
http://arstechnica.com/security/2015/11/...

Bypassing the iPhone activation lock with a clever man-in-the-middle attack.
http://www.cultofmac.com/280450/...

This is an interesting story. Someone posts a photograph of herself holding a winning horse-race betting ticket, and someone else uses the data from the photograph to forge the ticket and claim the winnings.
http://www.tripwire.com/state-of-security/...

"Why Johnny Still, Still Can't Encrypt: Evaluating the Usability of a Modern PGP Client," by Scott Ruoti, Jeff Andersen, Daniel Zappala, and Kent Seamons. I have recently come to the conclusion that e-mail is fundamentally unsecurable. The things we want out of e-mail, and an e-mail system, are not readily compatible with encryption. I advise people who want communications security to not use e-mail, but instead use an encrypted message client like OTR or Signal.
http://arxiv.org/pdf/1510.08555.pdf

Interesting research: "Who Knows What About Me? A Survey of Behind the Scenes Personal Data Sharing to Third Parties by Mobile Apps," by Jinyan Zang, Krysta Dummit, James Graves, Paul Lisker, and Latanya Sweeney.
http://techscience.org/a/2015103001/


Breaking Diffie-Hellman with Massive Precomputation (Again)

The Internet is abuzz with a new blog post and paper, speculating that the NSA is breaking the Diffie-Hellman key-exchange protocol in the wild through massive precomputation.

I wrote about this at length in May when this paper was first made public. (The reason it's news again is that the paper was just presented at the ACM Computer and Communications Security conference.)

What's newly being talked about his how this works inside the NSA surveillance architecture. Nicholas Weaver explains:

To decrypt IPsec, a large number of wiretaps monitor for IKE (Internet Key Exchange) handshakes, the protocol that sets up a new IPsec encrypted connection. The handshakes are forwarded to a decryption oracle, a black box system that performs the magic. While this happens, the wiretaps also record all traffic in the associated IPsec connections.
After a period of time, this oracle either returns the private keys or says "i give up". If the oracle provides the keys, the wiretap decrypts all the stored traffic and continues to decrypt the connection going forward.
[...]
This would also better match the security implications: just the fact that the NSA can decrypt a particular flow is a critical secret. Forwarding a small number of potentially-crackable flows to a central point better matches what is needed to maintain such secrecy.
Thus by performing the decryption in bulk at the wiretaps, complete with hardware acceleration to keep up with the number of encrypted streams, this architecture directly implies that the NSA can break a massive amount of IPsec traffic, a degree of success which implies a cryptanalysis breakthrough.

That last paragraph is Weaver explaining how this attack matches the NSA rhetoric about capabilities in some of their secret documents.

Now that this is out, I'm sure there are a lot of really upset people inside the NSA.

https://freedom-to-tinker.com/blog/...
https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf

My previous writing:
https://www.schneier.com/blog/archives/2015/05/...

Nicholas Weaver:
https://www.lawfareblog.com/nsa-and-weak-dh

How to protect yourself:
https://www.eff.org/deeplinks/2015/10/...


Schneier News

I'm speaking at the 4th Annual Cloud Security Congress EMEA in Berlin on November 17, 2015.
https://cloudsecurityalliance.org/events/...

I'm speaking at a daylong symposium on consumer protection at Indiana Tech School of Law, on November 18, 2015.
http://law.indianatech.edu/calendar-page-attributes/...

I'm speaking at University of Michigan Law School on November 20, 2015.
https://www.law.umich.edu/events/Pages/...

I'm speaking at NASA's Goddard Space Flight Center as part of their Information Science and Technology Colloquium Series, on December 16, 2015.
https://istcolloq.gsfc.nasa.gov/Fall2015/speaker/...

I gave the closing keynote at The Second Annual Cato Surveillance Conference. Audio and video versions are available.
http://www.podtrac.com/pts/redirect.mp4/...
http://www.podtrac.com/pts/redirect.mp3/...

I spoke at CyberSeed 2015: Emerging Cybersecurity Trends in Cloud, IoT and Mobility.
https://youtu.be/spH6RFcrBgk


Australia Is Testing Virtual Passports

Australia is going to be the first country to have virtual passports. Presumably, the passport data will be in the cloud somewhere, and you'll access it with an app or a URL or maybe just the passport number.

On the one hand, all a passport needs to be is a pointer into a government database with all the relevant information and biometrics. On the other hand, not all countries have access into all databases. When I enter the US with my US passport, I'm sure no one really needs the paper document -- it's all on the officers' computers. But when I enter a random country, they don't have access to the US government database; they need the physical object.

Australia is trialing this with New Zealand. Presumably both countries will have access into each other's databases.

http://www.theage.com.au/federal-politics/...


Resilient Systems News

We've just released version 24 of our incident-response platform. It includes a bunch of new features, including integrations with IBM X-Force Exchange threat intelligence sharing platform and HP ArcSight.
https://www.resilientsystems.com/news/news-releases/...
http://betanews.com/2015/11/09/...

Resilient is hiring. We have a bunch of open positions in engineering, sales, and marketing.
https://www.resilientsystems.com/company/careers


The Effects of Surveillance on the Victims

Last month, the Cato Institute held its Second Annual Cato Surveillance Conference. It was an excellent event, with many interesting talks and panels. But there was one standout: a panel by victims of surveillance. Titled "The Feeling of Being Watched," it consisted of Assia Boundaoui, Faisal Gill, and Jumana Musa. It was very powerful and moving to hear them talk about what it's like to live under the constant threat of surveillance.

Video and audio:
http://www.podtrac.com/pts/redirect.mp4/...
http://www.podtrac.com/pts/redirect.mp3/...

Second Annual Cato Surveillance Conference:
http://www.cato.org/events/...

Panel participants:
https://www.kickstarter.com/projects/beingwatched/...
https://theintercept.com/2014/07/09/under-surveillance/
https://www.nacdl.org/champion.aspx?id=35780


Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and otherwise. You can subscribe, unsubscribe, or change your address on the Web at <https://www.schneier.com/crypto-gram.html>. Back issues are also available at that URL.

Please feel free to forward CRYPTO-GRAM, in whole or in part, to colleagues and friends who will find it valuable. Permission is also granted to reprint CRYPTO-GRAM, as long as it is reprinted in its entirety.

CRYPTO-GRAM is written by Bruce Schneier. Bruce Schneier is an internationally renowned security technologist, called a "security guru" by The Economist. He is the author of 12 books -- including "Liars and Outliers: Enabling the Trust Society Needs to Survive" -- as well as hundreds of articles, essays, and academic papers. His influential newsletter "Crypto-Gram" and his blog "Schneier on Security" are read by over 250,000 people. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, a program fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the Chief Technology Officer at Resilient Systems, Inc. See <https://www.schneier.com>.

Crypto-Gram is a personal newsletter. Opinions expressed are not necessarily those of Resilient Systems, Inc.

Copyright (c) 2015 by Bruce Schneier.

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.