CRYPTO-GRAM, 15 June 2015 Last month, I blogged about security researcher Chris Roberts being detained by the FBI after tweeting about avionics security while on a United flight: But to me, the fascinating part of this story is that a computer was monitoring the Twitter feed and understood the obscure references, alerted a person who figured out who wrote them, researched what flight he was on, and sent an FBI team to the Syracuse airport within a couple of hours. There's some serious surveillance going on. We know a lot more of the back story from the FBI's warrant application. He had been interviewed by the FBI multiple times previously, and was able to take control of at least some of the planes' controls during flight. During two interviews with F.B.I. agents in February and March of this year, Roberts said he hacked the in-flight entertainment systems of Boeing and Airbus aircraft, during flights, about 15 to 20 times between 2011 and 2014. In one instance, Roberts told the federal agents he hacked into an airplane's thrust management computer and momentarily took control of an engine, according to an affidavit attached to the application for a search warrant. "He stated that he successfully commanded the system he had accessed to issue the 'CLB' or climb command. He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights," said the affidavit, signed by F.B.I. agent Mike Hurley. Roberts also told the agents he hacked into airplane networks and was able "to monitor traffic from the cockpit system." According to the search warrant application, Roberts said he hacked into the systems by accessing the in-flight entertainment system using his laptop and an Ethernet cable. This makes the FBI's behavior much more reasonable. They weren't scanning the Twitter feed for random keywords; they were watching his account. We don't know if the FBI's statements are true, though. But if Roberts was hacking an airplane while sitting in the passenger seat...wow, is that a stupid thing to do. *Christian Science Monitor*: But Roberts' statements and the FBI's actions raise as many questions as they answer. For Roberts, the question is why the FBI is suddenly focused on years-old research that has long been part of the public record. "This has been a known issue for four or five years, where a bunch of us have been stood up and pounding our chest and saying, 'This has to be fixed,'" Roberts noted. "Is there a credible threat? Is something happening? If so, they're not going to tell us," he said. Roberts isn't the only one confused by the series of events surrounding his detention in April and the revelations about his interviews with federal agents. "I would like to see a transcript (of the interviews)," said one former federal computer crimes prosecutor, speaking on condition of anonymity. "If he did what he said he did, why is he not in jail? And if he didn't do it, why is the FBI saying he did?" The real issue is that the avionics and the entertainment system are on the same network. That's an even stupider thing to do. Also last month, I wrote about the risks of hacking airplanes, and said that I wasn't all that worried about it. Now I'm more worried. Previous blog entry: https://www.schneier.com/blog/archives/2015/04/hacker_detained.html [Lots of relevant URLS omitted ... We had the item on Roberts by Kin Zetter exactly a month ago, in RISKS-28.64. Various folks complained to me out of band that what Roberts claimed was impossible, because the regs say there must be SEPARATION between the avionics and the entertainment systems. This reminds me of folks who claimed early on that Snowden could not have done what he claimed. RISKS readers should know by now that when something is presumed to be impossible, it probably is not impossible. PGN]
About 20 years ago, there was a heated debate in the U.S. about giving the government mandatory access to encrypted content via mandatory key escrow. The FBI and other government officials predicted all sorts of gloom and doom if it didn't happen, including that it would prevent them from fighting crime, especially terrorists, child pornographers, and drug dealers. That didn't happen. Once again the FBI and law enforcement agencies are clamoring for restrictions on encryption, with predictions of grave consequences. See the referenced item for discussion of this topic, with some historical and technical perspective, and a touch of unofficial USACM thinking: https://ceri.as/usacm-encrypt
*WiReD* via NNSquad http://www.wired.com/2015/06/opm-breach-security-privacy-debacle/ It turns out the hackers, who are believed to be from China, also accessed so-called SF-86 forms, documents used for conducting background checks for worker security clearances. The forms can contain a wealth of sensitive data not only about workers seeking security clearance, but also about their friends, spouses and other family members. They can also include potentially sensitive information about the applicant's interactions with foreign nationals--information that could be used against those nationals in their own country ... The OPM had no IT security staff until 2013, and it showed. The agency was harshly criticized for its lax security in an inspector general's report released last November that cited its lack of encryption and the agency's failure to track its equipment. Investigators found that the OPM failed to maintain an inventory list of all of its servers and databases and didn't even know all the systems that were connected to its networks. The agency also failed to use multi-factor authentication for workers accessing the systems remotely from home or on the road. In many states, a corporation that operated this way could be facing criminal charges and enormous penalties.
http://lauren.vortex.com/archive/001106.html I've been waiting for this, much the way one waits for a violent case of food poisoning. France is now officially demanding that Google expand the hideous EU "Right To Be Forgotten" (RTBF) to Google.com worldwide, instead of just applying it to the appropriate localized (e.g. France) version of Google. http://www.wsj.com/articles/french-privacy-watchdog-orders-google-to-expand-right-to-be-forgotten-1434098033 And here's my official response as a concerned individual: To hell with this. That's nowhere near as strong a comment as I'd really like to make, but this is a general readership blog and I choose to avoid the use of the really appropriate invectives here. But man, I could justifiably pile on enough epithets here to melt your screens before your eyes. A key reason why I've been warning all along about the disastrous nature of RTBF is precisely this "camel's nose under the tent" situation. Giving in to localized censorship demands from the EU and/or member countries was bound to have this result. What's worse, if France or other EU countries get away with this attempt to impose their own censorship standards onto the entire planet, we can be sure that government leaders around the world will quickly follow suit, demanding that Google globally remove search results that are politically "inconvenient"—or religiously "blasphemous"—or, well, you get the idea. It's a virtually bottomless cesspool of evil censorship opportunities. It's bad enough when the ever more censorship and surveillance loving Western leaders have this kind of power. But how about Vladimir Putin, or China's rulers, or Iran's Supreme Leader as GLOBAL censors? It wouldn't be long before it would seem that every search on any controversial topic might as well be replaced with a "404 Not found" page -- a rush to lowest common denominator mediocrity, purged of any and all information that government leaders, politicians, or bureaucrats would prefer people not be able to find and see. I've written and said so much about RTBF for years that it feels like an endless case of "Groundhog Day" at this point—e.g. early on in "The 'Right to Be Forgotten': A Threat We Dare Not Forget" (2/2012) ( http://lauren.vortex.com/archive/000938.html ) and most recently in a one hour live RTBF hangout video discussion (about a month ago). ( https://www.youtube.com/watch?v=ZSdhMfsxWOs ) And I'm certainly not alone in these concerns. Yet we continue to be sucked down this rathole, now with governments using overblown security concerns as an excuse to try justify even broader search engine censorship across a vast range of topics. So far, Google has resisted the concept of RTBF being applied globally. I not only applaud their stance on this, but I strongly urge them to stand utterly firm on this issue. RTBF even in localized forms is bad, but if countries had the ability to impose their individual censorship regimes onto the entire globe's population, we'd be—with absolutely no exaggeration—talking about an existential threat not just to "free speech" but to fundamental communications and information rights as well. This cannot be tolerated. Just say NO! Non! Nein! Nahin! Nyet!
FYI: Subsidizing this type of hacking is not going to end well, just as the British govt subsidizing privateers didn't end well. The *Navy*—of all the services—should be aware of this history! Also, why on Earth would a truly qualified vendor sell these services -- exclusively (!)—to the US govt, which is the lowest bidder ? My only conclusion is that this solicitation is a phishing scam, intended to uncover targets stupid enough for FBI prosecution. "please include only relevant past performance on the same/similar work within the last 3 years" <-- presumably this means hacking subject to prosecution within the statute of limitations? "identify qualified and *experienced* sources" "seeking a qualified vendor capable of producing operational exploit products" "a minimum of 10 unique reports with corresponding exploit binaries" "Products developed under these conditions will not be available to any other customer" "[Technical support] services must be available Monday through Friday during normal working hours (0730 EST through 1630 EST)" <-- This will be a problem for hackers far outside the U.S. Simon Sharwood, US Navy wants 0-day intelligence to develop weaponware, *The Register*, 12 Jun 2015 [long item truncated for RISKS. PGN] http://www.theregister.co.uk/2015/06/12/us_navy_wants_0day_intelligence_to_develop_weaponware/
Michael D. Shear and Scott Shane, *The New York Times*, 12 Jun 2015 WASHINGTON—The White House on Friday revealed that hackers had breached a second computer system at the Office of Personnel Management, and said that President Obama was considering financial sanctions against the attackers who gained access to the files of millions of federal workers. Investigators had already said that Chinese hackers appeared to have obtained personal data from more than four million current and former federal employees in one of the boldest invasions into a government network. But on Friday, officials said they believed that a separate computer system at the agency was breached by the same hackers, putting at risk not only data about the federal employees, but also information about friends, family members and associates that could number millions more. Officials said that the second system contained files related to intelligence officials working for the F.B.I., defense contractors and other government agencies. http://www.nytimes.com/2015/06/13/us/white-house-weighs-sanctions-after-second-breach-of-a-computer-system.html
Nicole Perlroth, *The New York Times*, 12 Jun 2015 SAN FRANCISCO—Chinese hackers have found a way around widely used privacy technology to target the creators and readers of web content that state censors have deemed hostile, according to new research. The hackers were able to circumvent two of the most trusted privacy tools on the Internet: virtual private networks, or VPNs, and Tor, the anonymity software that masks a computer's true whereabouts by routing its Internet connection through various points around the globe, according to findings by Jaime Blasco, a security researcher at AlienVault, a Silicon Valley security company. Both tools are used by Chinese businesses and by millions of citizens to bypass China's censorship technology, often called the Great Firewall, and to make their web activities unreadable to state snoopers. http://www.nytimes.com/2015/06/13/technology/chinese-hackers-circumvent-popular-web-privacy-tools.html
"We recommend that everyone use Google Earth Pro, as it has a few extra features and is now free. If it asks you for a licence key, just use your email address and the key: GEPFREE." http://www.gearthblog.com/blog/archives/2015/06/google-earth-installation-issues.html One would think that if Google was really serious about Google Earth Pro now being free they would type their license key in for us and perhaps even be kind enough to press return.
Bruce Schneier, CRYPTO-GRAM, 15 June 2015 CTO, Resilient Systems, Inc., https://www.schneier.com Logjam is a new attack against the Diffie-Hellman key-exchange protocol used in TLS. Basically: The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection. The attack is reminiscent of the FREAK attack, but is due to a flaw in the TLS protocol rather than an implementation vulnerability, and attacks a Diffie-Hellman key exchange rather than an RSA key exchange. The attack affects any server that supports DHE_EXPORT ciphers, and affects all modern web browsers. 8.4% of the Top 1 Million domains were initially vulnerable. One of the problems with patching the vulnerability is that it breaks things: On the plus side, the vulnerability has largely been patched thanks to consultation with tech companies like Google, and updates are available now or coming soon for Chrome, Firefox and other browsers. The bad news is that the fix rendered many sites unreachable, including the main website at the University of Michigan, which is home to many of the researchers that *found* the security hole. This is a common problem with version downgrade attacks; patching them makes you incompatible with anyone who hasn't patched. And it's the vulnerability the media is focusing on. Much more interesting is the other vulnerability that the researchers found: Millions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange. Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve—the most efficient algorithm for breaking a Diffie-Hellman connection—is dependent only on this prime. After this first step, an attacker can quickly break individual connections. The researchers believe the NSA has been using this attack: We carried out this computation against the most common 512-bit prime used for TLS and demonstrate that the Logjam attack can be used to downgrade connections to 80% of TLS servers supporting DHE_EXPORT. We further estimate that an academic team can break a 768-bit prime and that a nation-state can break a 1024-bit prime. Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers. A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break. The DH precomputation easily lends itself to custom ASIC design, and is something that pipelines easily. Using Bitcoin mining hardware as a rough comparison, this means a couple orders of magnitude speedup. Remember James Bamford's 2012 comment about the NSA's cryptanalytic capabilities: According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: "Everybody's a target; everybody with communication is a target." [...] The breakthrough was enormous, says the former official, and soon afterward the agency pulled the shade down tight on the project, even within the intelligence community and Congress. "Only the chairman and vice chairman and the two staff directors of each intelligence committee were told about it," he says. The reason? "They were thinking that this computing breakthrough was going to give them the ability to crack current public encryption." And remember Director of National Intelligence James Clapper's introduction to the 2013 "Black Budget": Also, we are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic. It's a reasonable guess that this is what both Bamford's source and Clapper are talking about. It's an attack that requires a lot of precomputation -- just the sort of thing a national intelligence agency would go for. But that requirement also speaks to its limitations. The NSA isn't going to put this capability at collection points like Room 641A at AT&T's San Francisco office: the precomputation table is too big, and the sensitivity of the capability is too high. More likely, an analyst identifies a target through some other means, and then looks for data by that target in databases like XKEYSCORE. Then he sends whatever ciphertext he finds to the Cryptanalysis and Exploitation Services (CES) group, which decrypts it if it can using this and other techniques. Ross Anderson wrote about this earlier this month, almost certainly quoting Snowden: As for crypto capabilities, a lot of stuff is decrypted automatically on ingest (e.g. using a "stolen cert", presumably a private key obtained through hacking). Else the analyst sends the ciphertext to CES and they either decrypt it or say they can't. The analysts are instructed not to think about how this all works. This quote also applied to NSA employees: Strict guidelines were laid down at the GCHQ complex in Cheltenham, Gloucestershire, on how to discuss projects relating to decryption. Analysts were instructed: "Do not ask about or speculate on sources or methods underpinning Bullrun." I remember the same instructions in documents I saw about the NSA's CES. Again, the NSA has put surveillance ahead of security. It never bothered to tell us that many of the "secure" encryption systems we were using were not secure. And we don't know what other national intelligence agencies independently discovered and used this attack. The good news is now that we know reusing prime numbers is a bad idea, we can stop doing it. https://weakdh.org/ https://weakdh.org/imperfect-forward-secrecy.pdf [MORE URLs...] Good explanation of the attack by Matthew Green: http://blog.cryptographyengineering.com/2015/05/attack-of-week-logjam.html or http://tinyurl.com/kyvxhho
This is why I keep a cheap $5 car window smasher/seatbelt cutting tool in my glove box. That way even if all the doors are physically jammed somehow (and the windows aren't broken?!?) I can still get out.
I have to wonder how much we should educate the general public AND the SYSTEM INTEGRATORS who hire new graduates without much experience in security matters. This year, I retired from a 50+ year career in IT, which included system integration, programming, network operations, forensic analysis, and much more. Before I had any job in IT, I attended classes in multiple topics I considered relevant to this career, and over the years have gone back for additional training as there is an evolution in business needs, software sophistication, applications new to me, but I have noted that many of my peers skip this entirely. There are various IT certifications available, but very few employers seem interested in factoring them into their hiring process. When I was first hired, in IT, in the 1960's, computer security topics were considered an advanced topic, denied to relatively entry level workers such as myself. In the 1970s & 1980s, I attended conferences of IT workers involved in the same kind of computer systems, hardware and software, which I had been working in. I managed to get into classes for security topics, and made multiple realizations. The work which I had been doing, should have been preceded by computer security education, because a lot of what I had been creating and managing, was vulnerable to all sorts of security risks. Furthermore, the educational establishment, which taught me various programming languages, and related topics, had been omitting this security awareness, not just for me, but for tens of thousands of my peers. I went and asked the teachers of entry level IT skills, what training they had had in computer security issues, as they apply to the systems we design, and learned that none of the ones, I spoke with, had any such training or awareness. I would like to see surveys of contemporary computer educators, and the people who hire them, do they believe that security issues play any role in the training of entry level IT workers, and have they themselves received any formal education in such topics? The next time one of my employers put me into the design of a major package, I requested that between design stage, and initial programming, we have the company auditors review the design, to see if they needed any additional audit trails or checks & balances. Request denied. There is a chain of command in any organization. If the top executives of an organization are security illiterates, then their beliefs can be used to over-rule what employees with specialized training believe is prudent. I believe that an organization's links to Internet services, such as e-mail, should never be on the same computer system, PC WAN, NC, Server, whatever, as one which accesses, or processes confidential data. Some operations need to be stand-alone. The computer engaged in e-banking should do that and nothing else. I realize that top executives want everything connected to everything, because convenience is more important than security, in their eyes. So long as that is the rule, there will be little funding to figure out practical alternatives. A related issue—some government agencies mandate that confidential information be transmitted to them by means which some of us consider to be somewhat insecure. Security awareness training needs to be everyone. We had an incident at one employer, which illustrates the need for this. Our manager of Quality Assurance picked up something on the Internet, which he thought was really cool, and got it onto the PC supplied to him by the company, without asking anyone approval. Turned out, it supplied serious malware. At the time, I managed ERP systems, and another guy handled PC support. He was not able to fix the QC Mgr PC in one day, had other duties, and needed to research some topics related to fixing the QC Mgr PC, so he put a note on door to QC manager office, requesting that everyone stay off this PC until he is done with his repairs, and he also went around to every staffer office to verbally repeat the request. Well, each employee's personal job requirements take precedence in their eyes, over other people requests, except that of some bosses. The lady, who does HR, had a problem with her printer. So she transferred some data and software to a diskette, and walked around the office, trying out other people's PC printers, until she could get one to do what she needed. In this way, the malware traveled from QC Mgr PC to that of the lady who does payroll, a couple other important locations, and of course her own PC. The company had not supplied PC printers with all the same features to all our workers. Other people needed special functions, so were doing things similar to what the HR lady had been doing. The guy who's job it was to fix PCs infected with malware, could not keep up, but could not get any top management support, until a top executive's PC joined the collection infected.
Please report problems with the web pages to the maintainer