Category Archives: Security

Cryptography, Security, Hacks, etc..

Are you sure you want to take a laptop to the USA ? (Updated)

Posted on by

From the Washington Post:

Federal agents may take a traveler’s laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption, or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, US Customs and Border Protection and US Immigration and Customs Enforcement.

The full policy is available and it says that they have to destroy the information retained unless there is “probable cause“, except..

Copies may be retained by an assisting Federal agency or entity only if and to the extent that it has the independent legal authority to do so – for example, when the information is of national security or intelligence value.

So if you’re working for a company that competes with a US one you should probably be careful..

(Via)

Update: Steve Bellovin points out that this applies when you leave America, too..

Applying Graphics Cards to Password Cracking

Posted on by

On the Beowulf list there has been a long thread on GPGPU and especially nVidia’s CUDA language. As part of it Prentice Bisbal posted about a friend of his, Mario Juric, who decided to write a proof of concept MD5 password hashing program to take advantage of CUDA.

In his message to the Beowulf list Prentice quoted Mario saying:

If you attempt to compute a single hash on an entire card, you won’t get any improvement. Same as you wouldn’t if you tried it on a single vs. quad core CPU. But if you compute four hashes, than single vs. quad makes a huge difference. And the GPU cards are effectively 128 core CPUs, so when you need to compute millions of hashes…

Now Mario Juric (who organised the AstroGPU workshop) has put up a web page on the program, which gives details of the sort of performance he got with a quick hack.

One way of visualizing this is noting that a single 8800 Ultra could brute-force break an MD5 hashed password of eight or less characters+numbers (A-Z, a-z, 0-9) in about ~16 days.

But this really is just a quick hack:

The MD5 code used here was written in less than 2 days, as a proof-of-concept, and with only a single one-liner GPU-specific optimization.

Of course if people do want to try playing with it the program is available, though at the moment there isn’t a software license included with it. I’ve emailed Mario about the license to see if he can clarify what the rules are.

Exploiting Network Cards

Posted on by

Now this is a scary (and pretty cool) potential abuse of network card firmware and PCI bus architecture to bypass firewalls described by Arrigo Triulzi (quoted on Ben Laurie’s blog):

3) from 1 & 2 above, after about two years, I’ve reached my goal of writing a totally transparent firewall bypass engine for those firewalls which are PC-based: you simply overwrite the firmware in both NICs and then perform PCI-to-PCI transfers between the two cards for suitably formatted IP packets (modern NICs have IP “offload engines” in hardware and therefore can trigger on incoming and outgoing packets). The resulting “Jedi Packet Trick” (sorry, couldn’t resist) fools, amongst others, CheckPoint FW-1, Linux-based Strongwall, etc. This is of course obvious as none of them check PCI-to-PCI transfers,

Ben reckons it’s possible to do even more:

IMO: because of the nature of the PCI bus, you can use the same technique on any machine with a vulnerable NIC to read all of RAM.

Of course the attacker would need to compromise the card first, either by cracking the box or supplying malicious hardware.

Response to PayPal on EV Certificates

Posted on by

Over on the PayPal blog Michael Barrett (their chief security officer) mentions a paper he and Dan Levy wrote extolling the virtues of Extended Validation certificates.

I’ve left a comment there (yet to escape from moderation) questioning the merits of EV and I thought I’d reproduce it here, especially in light of the recent cross-site scripting attack against PayPal through a page protected by such a certificate.
Continue reading

Re: Glen Turner: Key generation

Posted on by

In his blog Glen writes on the Debian OpenSSL stuffup:

Hopefully this fiasco will re-energise hardware manufacturers into providing hardware-based randomn number generation. The current scavenging across the operating system for any source of entropy isn’t acceptable and is one of the root causes of this current flaw.

But this wouldn’t have helped in this situation as OpenSSL already supported those sources but the patch ((which was posted to the openssl-dev list for comments prior to being applied, well worth a read as it’s a short thread )) effectively removed the call to add those (and all other) sources of entropy into the pool, leaving just the PID – hence 32,768 possible keys.. 🙁

If you’re an LWN subscriber (and if you’re not, you should be!) this article is well worth a read (it’ll become accessible to non-subscribers on Thursday, Australian time)..

Debian OpenSSL stuffup – SSH keys and SSL certs not random enough (updated)

Posted on by

Update: Debian has a good summary page on their wiki.

This is pretty serious – a packaging stuff-up for OpenSSL by Debian (and hence Ubuntu) has resulted in not-very-random randomness being used in various packages such as OpenSSH for key generation. The Ubuntu report says:

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates.

This is a Bad Thing(tm), Debian have told their own developers:

Since the nature of the crypto used in ssh cannot ensure confidentiality if either side uses weak random numbers we have also randomized all user passwords in LDAP.

It’s also been around for almost 2 years now according to the Debian security notice:

The first vulnerable version, 0.9.8c-1, was uploaded to the unstable distribution on 2006-09-17, and has since propagated to the testing and current stable (etch) distributions. The old stable distribution (sarge) is not affected.

So now would be a good time to change your passwords, unless you can be certain you’ve never logged into a Debian or Debian derived system..

Microsoft demonstrates why DRM is a Bad Idea ™

Posted on by

From Techdirt:

Playsforsure was so bad that Microsoft didn’t even use it for its own Zune digital media device. Along with that, Microsoft shut down its failed online music store, and now for the kicker, it’s telling anyone who was suckered into buying that DRM’d content that it’s about to nuke the DRM approval servers that let you transfer the music to new machines. That means you need to authorize any songs you have on whatever machine you want — and that’s the only place they’ll be able to reside forever. And, of course, any upgrade to your operating system (say from XP to Vista) and you lose access to your music as well.

So now you find out that with DRM you don’t really own the music you bought, it can get taken away from you very easily, but you won’t get your money back I bet!

Ross Anderson’s “Security Engineering”

Posted on by

Back in 2006 Ross Anderson (Professor of Security Engineering at the Cambridge Computer Laboratory) announced on his blog that he had published the full contents of the first edition of his book “Security Engineering” in PDF format. The book covers a whole range of security issues from creating, managing, accrediting & breaking the mechanisms themselves through security politics and into topics like DRM.

Now the second edition of Security Engineering is about to arrive (published April 14th in the US, Amazon say stock expected in 1-4 weeks) and mine is on order already (along with a copy of Linus Torvalds Just for Fun).. 🙂

Melbourne school uses KDE and Kubuntu for library kiosks

Posted on by

Westall Secondary School in Clayton South, Melbourne, has started using KDE under KUbuntu Linux to allow them to replace the 3.0GHz Intel PC’s they were using with older 2.1GHz PC’s, extending their lives and avoiding landfill. The systems use KDE’s Kiosk framework to let the staff lock down the systems for their library system. The 3.0GHz machines released from this role will be going back into the main school for teaching duties there.

In explaining why the school went for Kubuntu, Stefyn said the students responded well to CDs put out by the Ubuntu project. Many had tried Ubuntu at home, which led to a decision to provide a familiar working environment at the school as well.

They got help both directly from Peter Lieverdink and also from the Linux Users of Victoria. They are also encouraging students to experiment with Linux, with old PC’s as a prize:

During our last hardware cleanout, we challenged the students to create the best Linux install and customization, and the winners would get to keep the hardware once it was decommissioned.

and all that apparently unnecessary desktop bling helps to get attention, according to the schools IT manager and teacher:

The kids were rapt with Compiz Fusion and this scored magic brownie points, because even the magical Vista couldn’t compete with the graphics. This was a great step into having them explore the other functionalities of Linux

Great stuff!