Researches have uncovered a weakness in almost all Internet encryption. We’ll explain what LogJam is, how to protect yourself & what the cause is.
Plus Linux gets bit by a filesystem corruption bug, passport id thieves, a great batch of questions & much, much more!
Thanks to:
Direct Download:
HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent
RSS Feeds:
HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed
Become a supporter on Patreon:
— Show Notes: —
LogJam: How Diffie-Hellman Fails in Practice
- Researches have uncovered several weaknesses in how the Diffie-Hellman key exchange has been deployed.
- Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.
- The vulnerability affects an estimated 8.4 percent of the top one million websites and a slightly bigger percentage of mail servers populating the IPv4 address space, the researchers said.
- The weakness is the result of export restrictions the US government mandated in the 1990s on US developers who wanted their software to be used abroad.
- The regime was established by the Clinton administration so the FBI and other agencies could break the encryption used by foreign entities.
- Attackers with the ability to monitor the connection between an end user and a Diffie-Hellman-enabled server that supports the export cipher can inject a special payload into the traffic that downgrades encrypted connections to use extremely weak 512-bit key material.
- Using precomputed data prepared ahead of time, the attackers can then deduce the encryption key negotiated between the two parties.
- Ironically, Diffie-Hellman is supposed to provide an additional layer of protection because it allows the two connected parties to constantly refresh the cryptographic key securing Web or e-mail sessions.
- The so-called perfect forward secrecy that Diffie-Hellman makes possible significantly increases the work of eavesdropping because attackers must obtain the key anew each time it changes, as opposed to only once with other encryption schemes, such as those based on RSA keys.
- Logjam is significant because it shows that ephemeral Diffie-Hellman—or DHE—can be fatal to TLS when the export-grade ciphers are supported. Logjam is reminiscent of the FREAK attack that also allowed attackers to downgrade HTTPS connections to 512-bit cryptography.
- If you have a web or mail server, you should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. We have published a Guide to Deploying Diffie-Hellman for TLS with step-by-step instructions. If you use SSH, you should upgrade both your server and client installations to the most recent version of OpenSSH, which prefers Elliptic-Curve Diffie-Hellman Key Exchange.
- Make sure you have the most recent version of your browser installed, and check for updates frequently. Google Chrome (including Android Browser), Mozilla Firefox, Microsoft Internet Explorer, and Apple Safari are all deploying fixes for the Logjam attack.
- Make sure any TLS libraries you use are up-to-date and that you reject Diffie-Hellman Groups smaller than 1024-bit.
- PDF Report: Imperfect Forward Secrecy:
How Diffie-Hellman Fails in Practice - Additional Coverage: ArsTechnica
- Logjam Attack Proof of Concept Demonstrations
- How 1990s Encryption Backdoors Put Today’s Internet In Jeopardy
- You can disable all short DH key lengths in Firefox’s about:config
US Passport Agency contractor stole applicants’ data to steal their identities
- Three women from Houston, Texas, stand accused of engaging in an identity theft scheme in which one of them, a contract employee of the Department of State Passport Agency, was in charge of stealing personally identifiable information of persons applying for a passport.
- The information was then used to create counterfeit identification documents, which the other two women would use to successfully impersonate the affected individuals in order to fraudulently obtain commercial lines of credit and to purchase iPhones, iPads and other goods online.
- This scheme went on for over five years.
- No direct details on how the contractors captured the data in question. But we can make a reasonable guess based on recent IT security policy changes.
- According to The Washington Post, the US Passport Agency has decided last month to ban both federal employees and private contractors from bringing devices equipped with a camera into the offices where they review and process requests for passports.
- Apparently, this decision was influenced by the Houston incident, indicating that McClendon likely took pictures of private information on passports.
- Jim Gogolinski, Senior Threats Researcher at Trend Micro, wrote a helpful overview of the malicious insider problem, and offered some advice on how to prevent and mitigate the insider threat:
- Jim’s basic premises is, the insider threat can be broken down into three issues: why do people within become threats, what damage can they do, and how these can be prevented.
- Insider threats 101: The threat within
New Linux kernel corrupting file systems
- It appears that the current Linux 4.0.x kernel is plagued by an EXT4 file-system corruption issue. If there’s any positive note out of the situation, it seems to mostly affect EXT4 Linux RAID users.
- There have been several reports of people affected by an ext4 data corruption bug in Linux 4.0.2.
- All EXT4 RAID0 users on the Linux 4.0.x kernel or current Linux 4.1 Git code are advised to downgrade until the next 4.1 release candidate or 4.0.x stable release otherwise you stand good chances of hosing your file-system.
- It also looks like if dropping the discard mount option you will also avoid being hit by this serious issue. This isn’t a problem for Linux users on distributions like RHEL, Ubuntu, and other fixed-release distributions that don’t tend to update major versions of their kernel post-release.
- The issue was caused by an MD commit late into the Linux 4.0 kernel cycle, a.k.a. a commit that was “md/raid0: fix bug with chunksize not a power of 2..”
- The commit was by SUSE’s Neil Brown.
- Eric Work has devised a small fix to address the corruption problem, but for now it’s only present within the MD Git tree.
- kernel/git/torvalds/linux.git – Linux kernel source tree
- #785672 – Critical ext4 data corruption bug – Debian Bug report logs
Feedback:
Round-Up:
- U.S. aims to limit exports of undisclosed software flaws – Said another way: US to prohibit the export of penetration testing tools without a license
- CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization
- NSA Planned to Hijack Google App Store to Hack Smartphones
- US Navy Abandons Cloud and Data Center Plans In Favor of New Strategy
- NetUSB Driver Flaw Exposes Millions of Routers to Hacking
- Telstra Says Newly Acquired Pacnet Hacked, Customer Data Exposed
- FBI: researcher admitted to hacking plane in-flight, causing it to “climb”
- Trident whistleblower says nuclear subs are insecure, unsafe and ‘a disaster waiting to happen’
- Simple Flaw Exposed Data On Millions of Charter Internet Customers