Amazon has a new TLS implementation & the details look great, we’ll share them with you. The technology that powers the NSA’s XKEYSCORE you could have deployed yourself.

Some fantastic questions, a big round up & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

Amazon releases s2n, a new TLS implementation

• s2n (signal2noise) is a brand new implementation of the TLS protocol in only ~6000 lines of code
• It has been fully audited, and will be re-audited once per year, paid for by Amazon
• It does not replace OpenSSL, as it only implements the TLS protocol (libssl) not the crypto primitives and algorithms (libcrypto). s2n can be built against any of the various libcrypto implementations, including: OpenSSL, LibreSSL, BoringSSL, and the Apple Common Crypto framework
• The API appears to be very easy to use, and prevent many common errors
• The client side of the library is not ready for use yet
• Features:
  • “s2n encrypts or erases plaintext data as quickly as possible. For example, decrypted data buffers are erased as they are read by the application.”
  • “s2n uses operating system features to protect data from being swapped to disk or appearing in core dumps.”
  • “s2n avoids implementing rarely used options and extensions, as well as features with a history of triggering protocol-level vulnerabilities. For example there is no support for session renegotiation or DTLS.”
  • “s2n is written in C, but makes light use of standard C library functions and wraps all memory handling, string handling, and serialization in systematic boundary-enforcing checks.”
  • “The security of TLS and its associated encryption algorithms depends upon secure random number generation. s2n provides every thread with two separate random number generators. One for “public” randomly generated data that may appear in the clear, and one for “private” data that should remain secret. This approach lessens the risk of potential predictability weaknesses in random number generation algorithms from leaking information across contexts. “
• One of the main features is that, instead of having to specify which set of crypto algorithms you want to prefer, in what order, as we have discussed doing before for OpenSSL (in apache/nginx, etc), to can either use ‘default’, which will change with the times, or a specific snapshot date, that corresponds to what was the best practise at that time
• Github Page
• Additional Coverage – ThreatPost
• It will be interesting to see how this compares with the new TLS API offered by LibreSSL, and which direction various applications choose to go.

How the NSA’s XKEYSCORE works

• “The NSA’s XKEYSCORE program, first revealed by The Guardian, sweeps up countless people’s Internet searches, emails, documents, usernames and passwords, and other private communications. XKEYSCORE is fed a constant flow of Internet traffic from fiber optic cables that make up the backbone of the world’s communication network, among other sources, for processing. As of 2008, the surveillance system boasted approximately 150 field sites in the United States, Mexico, Brazil, United Kingdom, Spain, Russia, Nigeria, Somalia, Pakistan, Japan, Australia, as well as many other countries, consisting of over 700 servers.”
• “XKEYSCORE allows for incredibly broad surveillance of people based on perceived patterns of suspicious behavior. It is possible, for instance, to query the system to show the activities of people based on their location, nationality and websites visited. For instance, one slide displays the search “germansinpakistn,” showing an analyst querying XKEYSCORE for all individuals in Pakistan visiting specific German language message boards.”
• “The sheer quantity of communications that XKEYSCORE processes, filters and queries is stunning. Around the world, when a person gets online to do anything — write an email, post to a social network, browse the web or play a video game — there’s a decent chance that the Internet traffic her device sends and receives is getting collected and processed by one of XKEYSCORE’s hundreds of servers scattered across the globe.”
• “In order to make sense of such a massive and steady flow of information, analysts working for the National Security Agency, as well as partner spy agencies, have written thousands of snippets of code to detect different types of traffic and extract useful information from each type, according to documents dating up to 2013. For example, the system automatically detects if a given piece of traffic is an email. If it is, the system tags if it’s from Yahoo or Gmail, if it contains an airline itinerary, if it’s encrypted with PGP, or if the sender’s language is set to Arabic, along with myriad other details.”
• You might expect some kind of highly specialized system to be required to do all of this, but that is not the case:
• “XKEYSCORE is a piece of Linux software that is typically deployed on Red Hat servers. It uses the Apache web server and stores collected data in MySQL databases. File systems in a cluster are handled by the NFS distributed file system and the autofs service, and scheduled tasks are handled by the cron scheduling service. Systems administrators who maintain XKEYSCORE servers use SSH to connect to them, and they use tools such as rsync and vim, as well as a comprehensive command-line tool, to manage the software.”
• The security of the system is also not as good as than you might imagine:
• “Analysts connect to XKEYSCORE over HTTPS using standard web browsers such as Firefox. Internet Explorer is not supported. Analysts can log into the system with either a user ID and password or by using public key authentication.”
• “When systems administrators log into XKEYSCORE servers to configure them, they appear to use a shared account, under the name “oper.” Adams notes, “That means that changes made by an administrator cannot be logged.” If one administrator does something malicious on an XKEYSCORE server using the “oper” user, it’s possible that the digital trail of what was done wouldn’t lead back to the administrator, since multiple operators use the account.”
• “There appears to be another way an ill-intentioned systems administrator may be able to cover their tracks. Analysts wishing to query XKEYSCORE sign in via a web browser, and their searches are logged. This creates an audit trail, on which the system relies to assure that users aren’t doing overly broad searches that would pull up U.S. citizens’ web traffic. Systems administrators, however, are able to run MySQL queries. The documents indicate that administrators have the ability to directly query the MySQL databases, where the collected data is stored, apparently bypassing the audit trail.”
• The system is not well designed, and could likely have been done better with existing open source tools, or commercial software designed to classify web traffic
• “When data is collected at an XKEYSCORE field site, it is processed locally and ultimately stored in MySQL databases at that site. XKEYSCORE supports a federated query system, which means that an analyst can conduct a single query from the central XKEYSCORE website, and it will communicate over the Internet to all of the field sites, running the query everywhere at once.”
• Your traffic is analyzed and will probably match a number of classifiers. The most specific classifier is added as a tag to your traffic. Eventually (3-5 days), your actual traffic is deleted to make room for newer traffic, but the metadata (those tags) are kept for 30-45 days
• “This is done by using dictionaries of rules called appIDs, fingerprints and microplugins that are written in a custom programming language called GENESIS. Each of these can be identified by a unique name that resembles a directory tree, such as “mail/webmail/gmail,” “chat/yahoo,” or “botnet/blackenergybot/command/flood.””
• “One document detailing XKEYSCORE appIDs and fingerprints lists several revealing examples. Windows Update requests appear to fall under the “update_service/windows” appID, and normal web requests fall under the “http/get” appID. XKEYSCORE can automatically detect Airblue travel itineraries with the “travel/airblue” fingerprint, and iPhone web browser traffic with the “browser/cellphone/iphone” fingerprint.”
• “To tie it all together, when an Arabic speaker logs into a Yahoo email address, XKEYSCORE will store “mail/yahoo/login” as the associated appID. This stream of traffic will match the “mail/arabic” fingerprint (denoting language settings), as well as the “mail/yahoo/ymbm” fingerprint (which detects Yahoo browser cookies).”
• “Sometimes the GENESIS programming language, which largely relies on Boolean logic, regular expressions and a set of simple functions, isn’t powerful enough to do the complex pattern-matching required to detect certain types of traffic. In these cases, as one slide puts it, “Power users can drop in to C++ to express themselves.” AppIDs or fingerprints that are written in C++ are called microplugins.”
• All of this information is based on the Snowden leaks, and is from any years ago
• “If XKEYSCORE development has continued at a similar pace over the last six years, it’s likely considerably more powerful today.”
• Part 2 of Article

[SoHo Routers full of fail]

Home Routers that still support RIPv1 used in DDoS reflection attacks

• RIPv1 is a routing protocol released in 1988 that was deprecated in 1996
• It uses UDP and so an attacker can send a message to a home router with RIP enabled from a spoofed IP address, and that router will send the response to the victim, flooding their internet connection
• ““Since a majority of these sources sent packets predominantly of the 504-byte size, it’s pretty clear as to why they were leveraged for attack purposes. As attackers discover more sourc­es, it is possible that this vector has the potential to create much larger attacks than what we’ve observed thus far,” the advisory cautions, pointing out that the unused devices could be put to work in larger and more distributed attacks.”
• “Researchers at Akamai’s Prolexic Security Engineering and Research Team (PLXsert) today put out an advisory about an attack spotted May 16 that peaked at 12.9 Gbps. Akamai said that of the 53,693 devices that responded to RIPv1 queries in a scan it conducted, only 500 unique sources were identified in the DDoS attack. None of them use authentication, making them easy pickings.”
• Akamai identified Netopia 2000 and 3000 series routers as the biggest culprits still running the vulnerable and ancient RIPv1 protocol on devices. Close to 19,000 Netopia routers responded in scans conducted by Akamai, which also noted that more than 5,000 ZET ZXv10 and TP-Link TD-8000 series routers collectively responded as well. Most of the Netopia routers, Akamai said, are issued by AT&T to customers in the U.S. BellSouth and MegaPath also distribute the routers, but to a much lesser extent.

Home Routers used to host Malware

• Home routers were found to be hosting the Dyre malware
• Symantec Research Paper of Dyre
• Affected routers include MikroTik and Ubiquiti’s AirOS, which are higher end routers geared towards “power user” and small businesses
• “We have seen literally hundreds of wireless access points, and routers connected in relation to this botnet, usually AirOS,” said Bryan Campbell, lead threat intelligence analyst at Fujitsu. “The consistency in which the botnet is communicating with compromised routers in relation to both distribution and communication leads us to believe known vulnerabilities are being exploited in the firmware which allows this to occur.”
• “Campbell said it’s not clear why so many routers appear to be implicated in the botnet. Perhaps the attackers are merely exploiting routers with default credentials (e.g., “ubnt” for both username and password on most Ubiquiti AirOS routers). Fujitsu also found a disturbing number of the systems in the botnet had the port for telnet connections wide open.”

Feedback:

• ZFS with 4K drives?

• ZFS Replication Between FreeNAS and Linux

• Splitting a pool

• DNS Transfer Email Downtime Followup

• FreeBSD Mastery: ZFS — Not just about ZFS

Round Up:

• Hacked OPM and Background Check Contractors Lacked Logs, DHS Says
• How Facebook stores 900 million new photos per day, using Blu-Ray disks Video
• Software developers are failing to implement crypto correctly, data reveals
• Windows 10 will share all of your WiFi passwords with your Outlook (and optionally Facebook) Contacts. Access points can opt out by adding ‘_optout’ to the SSID
• Cisco to buy security firm OpenDNS for $635 million
• Your F5 BIG-IP load balancer is not affected by the Redhat 4.x/5.x bug that might make it reboot during the leap second We are sorry your BIG-IP rebooted during the leap second
• DYN reports possible routing hiccup caused by leap second Turns out it was just someone accidently routing all traffic to Amazon AWS via their AS
• Someone is cutting fiber optic cables in California
• IKEA presents how they patched 3500 RHEL servers for the shellshock vulnerability in only 2.5 hours
• Scaling the Address Resolution Protocol for Large Data Centers (SARP)
• SSLv3 now officially deprecated
• Cisco UCDM (Unified Communications Domain Manager) has a default static password for a root account