-   Tales From the Crypt(o) (
-   -   'All Your Data ❝Я❞ Belong To Us' Thread (

ewmayer 2015-11-30 03:05

'All Your Data ❝Я❞ Belong To Us' Thread
I think a thread documenting the numerous egregious failures by governments, big business and online sites to use even the most basic crypto/security tools to properly protect their customer/user data would be useful. As breaches dating back at least to the WW2 Enigma cracking program show, most of the time "it's not the crypto, it's the misuse or un-use thereof which is the problem."


[]Troy Hunt: When children are breached -- inside the massive VTech hack[/url]

lavalamp 2016-01-21 16:32

Well this certainly seems like a government failure.

[URL=",31035.html"]UK’s 'Government-Grade Encryption' For VoIP Calls Backdoored By Default[/URL]

retina 2016-01-21 16:59

[QUOTE=lavalamp;423393]Well this certainly seems like a government failure.

[URL=",31035.html"]UK’s 'Government-Grade Encryption' For VoIP Calls Backdoored By Default[/URL][/QUOTE]More likely a government success. That was no accident. It was deliberate. And they successfully deployed it.

[size=1]Unless by "failure" you mean they failed to keep it a secret. In which case then I agree, a failure, but to be expected that eventually people would discover it. Makes one wonder what will be the next trick they are using that is yet to be discovered.[/size]

lavalamp 2016-01-21 17:09

I think it's perfectly possible to fail even if you get exactly what you want.

ewmayer 2016-09-02 22:50

[]New cloud attack takes full control of virtual machines with little effort[/url] | Ars Technica
[quote]The world has seen the most unsettling attack yet resulting from the so-called Rowhammer exploit, which flips individual bits in computer memory. It's a technique that's so surgical and controlled that it allows one machine to effectively steal the cryptographic keys of another machine hosted in the same cloud environment.[/quote]
Haven't delved deeply into the mathematical details here, but e.g. with respect to an RSA-style key the attack scheme appears to rely on the high odds that flipping a random bit in the (known) product of 2 similar-sized primes will produce a new composite which is much easier to factor. But far more than RSA-style schemes are vulnerable:
[quote]The world has seen the most unsettling attack yet resulting from the so-called Rowhammer exploit, which flips individual bits in computer memory. It's a technique that's so surgical and controlled that it allows one machine to effectively steal the cryptographic keys of another machine hosted in the same cloud environment.[/quote]
p.s.: I was composing the above as I was reading the Ars piece - see a pair of promoted comments at the end confirming my quick take - this is a quote from the research paper described in the article:
Public-key cryptography relies on the assumption that it is computationally infeasible to derive the private key from the public key. For RSA, computing the private exponent d from the public exponent e is believed to require the factorization of the modulus n. If n is the product of two large primes of approximately the same size, factorizing n is not feasible. Common sizes for n today are 1024 to 2048 bits. In this paper we implement a fault attack on the modulus n of the victim: we corrupt a single bit of n, resulting in n'. We show that with high probability n' will be easy to factorize. We can then compute from e the corresponding value of d', the private key, that allows us to forge signatures or to decrypt. We provide a detailed analysis of the expected computational complexity of factorizing n...[/i]

Nick 2016-09-03 07:17

The VU paper is available here:

It's a good fault injection attack. Yet again, optimization destroys security.

GP2 2016-09-03 07:20

[QUOTE=ewmayer;441425][]New cloud attack takes full control of virtual machines with little effort[/url] | Ars Technica[/QUOTE]

The article notes that ECC memory is one factor that helps mitigate the attack, though not completely. Usually cloud hardware uses ECC memory; [URL=""]Amazon's FAQ[/URL] mentions that they have it, and undoubtedly Google and Microsoft Azure do too.

jasonp 2016-09-03 20:30

[url=""]Paper reference for the Rowhammer attack[/url]

Edit: actually there is no exploit described in the paper, it characterizes what the errors induced in the DRAM look like. Really scary stuff.

ewmayer 2016-09-20 08:09

[]Welcome to the Dark Net, a Wilderness Where Invisible World Wars Are Fought[/url] | Vanity Fair

ewmayer 2016-10-24 22:03

[url=]Cyber attacks disrupt PayPal, Twitter, other sites[/url] | Reuters

Widely reported last week, but much of (at least the early) reporting missed a crucial aspect: This was the latest Internet-of-Things-mega-botnet attack. Nice description of just how bad the problem is - and this is by design on the part of the manufacturers! - from Brian Krebs, who was victimized by a similar but smaller-scale such attack last month:

[url=]Hacked Cameras, DVRs Powered Today's Massive Internet Outage[/url] | Krebs on Security
[quote]At first, it was unclear who or what was behind the attack on Dyn. But over the past few hours, at least one computer security firm has come out saying the attack involved Mirai, the same malware strain that was used in the record 620 Gpbs attack on my site last month. At the end September 2016, the hacker responsible for creating the Mirai malware released the source code for it, effectively letting anyone build their own attack army using Mirai.

Mirai scours the Web for IoT devices protected by little more than factory-default usernames and passwords, and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.

According to researchers at security firm Flashpoint, today’s attack was launched at least in part by a Mirai-based botnet. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices — mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products.

“It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States,” Nixon said, noting that Flashpoint hasn’t ruled out the possibility of multiple botnets being involved in the attack on Dyn.

“At least one Mirai [control server] issued an attack command to hit Dyn,” Nixon said. “Some people are theorizing that there were multiple botnets involved here. What we can say is that we’ve seen a Mirai botnet participating in the attack.”

As I noted earlier this month in Europe to Push New Security Rules Amid IoT Mess, many of these products from XiongMai and other makers of inexpensive, mass-produced IoT devices are essentially unfixable, and will remain a danger to others unless and until they are completely unplugged from the Internet.

That’s because while many of these devices allow users to change the default usernames and passwords on a Web-based administration panel that ships with the products, those machines can still be reached via more obscure, less user-friendly communications services called “Telnet” and “SSH.”

Telnet and SSH are command-line, text-based interfaces that are typically accessed via a command prompt (e.g., in Microsoft Windows, a user could click Start, and in the search box type “cmd.exe” to launch a command prompt, and then type “telnet” to reach a username and password prompt at the target host).

“The issue with these particular devices is that a user cannot feasibly change this password,” Flashpoint’s Zach Wikholm told KrebsOnSecurity. [b]“The password is hardcoded into the firmware, and the tools necessary to disable it are not present. Even worse, the web interface is not aware that these credentials even exist.”[/b][/quote]
[emphasis mine.] Hardcoded firmware rootkits protected only by a shared factory-default password ... what could go wrong? And the fact that the visible UI allows owners to "secure their device via custom password" provides a suitably false sense of security. Nice.

But hey, time to indulge in that wildly popular fad among U.S. officialdom (including, alas, experts with a big soapbox like Bruce Schneier): let's blame the Russians! How about something along the lines of 'Officials refused to comment on several eyewitness reports claiming to have seen a shadowy figure resembling The Putin lurking around Dyn headquarters in the days prior to the attacks'.

ewmayer 2017-01-01 02:24

Here in the US, the MSM-driven "Russians are coming!" hysteria continues apace - first the Rooskies allegedly hacked the US elections leading lame-duck Obama to "impose sanctions", now they allegedly hacked the NE US power grid.
Mike Shedlock has a good collection of propaganda-narrative-debunking links in [url=]More Bullsh*t Fake News from Washington Post[/url].

Most interesting to me about this manufactured hysteria is to compare it to the non-response to a genuinely damaging hack of an actual US government agency (note the Democratic National Committee is a private political party, not an organ of the government) which was credibly traced to a nation-state actor. To maximize the irony, here is a link to the WaPo story on it (but note the particulars were confirmed by multiple news outlets as well as skeptical-of-officialdom blogs, i.e. I didn't just take WaPo's word for it then, either):

[url=]Chinese hack of federal personnel files included security-clearance database | 12 Jun 2015[/url]

Remember all the saber-rattling, tough sanctions and other punitive actions against China which that led to? Neither do I.

Unlike Mish, I don't believe the folks [url=]setting the narrative[/url] at WaPo, NYT etc. are stupid at all - they appear to have a very clear set of objectives with their ongoing agitprop-disguised-as-news campaign, including but not limited to:

o Maintain their own longstanding quasi-monopoly on 'news' (much of which is government propaganda) by smearing independent information sources as Commie-sympathizing peddlers of "fake news";
o Keep the populace in fear about "dark outside forces";
o Make excuses for the Dems blowing the election (and deflect from their blatant rigging of their own primary to install the designated NatSec/establishment/Wall-Street stooge as the party's nominee);
o Delegitimize the incoming administration and pressure it to knuckle under to the Deep State.

[b]Edit:[/b] Here is an Ars piece on the weakness of the 'evidence' provided so far:

[]White House fails to make case that Russian hackers tampered with election[/url] | Ars Technica

All times are UTC. The time now is 07:03.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.