Cryptome – Jupiter Broadcasting

Dukes of Cyber Hazard | TechSNAP 233

chris — Thu, 24 Sep 2015 07:17:04 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Let’s Encrypt hits a major milestone, F-Secure publishes their investigation into “The Dukes” & we dig into Tarsnap’s email confirmation bypass.

Plus a great batch of your questions, a rocking round up & much, much more!

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Let’s Encrypt goes live

“Let’s Encrypt, a movement to issue free and automated HTTPS certificates, today hit a major milestone when its first cert went live”
It is hoped that free, automatically generated SSL certificates will allow the web to move to HTTPS everywhere
“A coalition of technology companies, including Mozilla, Cisco, Akamai, Automattic and IdenTrust, joined the EFF and the University of Michigan late last year in getting Let’s Encrypt off the ground; the initiative is open source and overseen by a California non-profit called Internet Security Research Group (ISRG)”
Let’s Encrypt has done all of the setup, paperwork, and audits required to become a regular trusted Certificate Authority
The big difference is, they will give the certificates away for free
“IdenTrust is providing Let’s Encrypt with the cross-signature it needs in order to become a CA for existing browsers and software”
“Eventually, webmasters will merely have to run a client to authenticate their server. They’ll also be able to enable features on their site like HTTP Strict Transport Security (HSTS), OCSP stapling and making sure that visitors to the old HTTP version of their site are redirected to the new HTTPS version”
The cross signature is not yet in place, so Let’s Encrypt issued certificates are not trusted by existing browsers. This is expected to be in place in about a month

F-Secure publishes their investigation into “The Dukes”, a Russian APT team

“We believe that the Dukes are a well-resourced, highly dedicated, and organized cyber-espionage group that has been working for the Russian government since at least 2008 to collect intelligence in support of foreign and security policy decision-making”
The same group is also tracked by FireEye, where they are known as just APT29
By combining their new research, and that of other researchers like Kaspersky, FireEye and ICDS, then going back over historical research and data from as far back as 7 years, the F-Secure researchers were able to “connect the dots” and attribute 2 older malware campaigns to this same group, and better understand the objectives of that malware
The Dukes are known to employ a wide arsenal of malware toolsets including MiniDuke, CosmicDuke, OnionDuke, CozyDuke, SeaDuke, CloudDuke (aka MiniDionis), and HammerDuke (aka HAMMERTOSS).
“The Dukes rapidly react to research being published about their toolsets and operations. However, the group (or their sponsors) value their operations so highly that though they will attempt to modify their tools to evade detection and regain stealth, they will not cease operations to do so, but will instead incrementally modify their tools while continuing apparently as previously planned.”
These campaigns utilize a smash-and-grab approach involving a fast but noisy breakin
followed by the rapid collection and exfiltration of as much data as possible. If the
compromised target is discovered to be of value, the Dukes will quickly switch the
toolset used and move to using stealthier tactics focused on persistent compromise
and long-term intelligence gathering.
In some of the most extreme cases, the Dukes have been known to engage in
campaigns with unaltered versions of tools that only days earlier have been brought
to the public’s attention by security companies and actively mentioned in the
media. In doing so, the Dukes show unusual confidence in their ability to continue
successfully compromising their targets even when their tools have been publicly
exposed.
This suggests they do not fear getting caught. They may have been promised protection by the Russian government
The story of the Dukes, as it is currently known, begins with a malware toolset that F-Secure call PinchDuke.
This toolset consists of multiple loaders and an information-stealer trojan. Importantly, PinchDuke trojan samples always contain a notable text string, which we believe is used as a campaign identifier by the Dukes group to distinguish between multiple attack campaigns that are run in parallel.
Their first campaign appears to have in 2008, against Chechnya
The first time the group targeted a Western government was 2009
In 2013 the group shifted targets to the Ukraine, and also started working against drug dealers inside Russia
On the 12th of February 2013, FireEye published a blogpost alerting readers to a combination of new Adobe Reader 0-day vulnerabilities, CVE-2013-0640 and CVE-2013-0641, that were being actively exploited in the wild. 8 days after FireEye’s initial alert, Kaspersky spotted the same exploit being used to spread an entirely different malware family from the one mentioned in the original report.
On the 23rd of October 2014, Leviathan Security Group published a blog post describing a malicious Tor exit node they had found. They noted that this node appeared to be maliciously modifying any executables that were downloaded through it over a HTTP connection. Executing the modified applications obtained this way would result in the victim being infected with unidentified malware. On the 14th of November, F-Secure published a blog post naming the malware OnionDuke and associating it with MiniDuke and CosmicDuke, the other Duke toolsets known at the time.
Based on the presented evidence and analysis, F-Secure believe, with a high level of confidence, that the Duke toolsets are the product of a single, large, well-resourced organization (which F-Secure identify as the Dukes) that provides the Russian government with intelligence on foreign and security policy matters in exchange for support and protection.
The evidence seem to be pretty compelling, but it is hard to know anything for certain
FireEye PDF — Hammertoss
F-Secure PDF — The Dukes

Tarsnap email confirmation bypass

Colin Percival of Tarsnap has posted a blog entry describing a flaw in the Tarsnap signup process that he recently fixed
This provides some interesting insight into how easy it is to make a small mistake when building an application, that ends up having real world repercussions
Because of the Tarsnap bug bounty program, a lot of fake signups are attempted against Tarsnap, to try to ‘fuzz test’ the forms on the site
For this, and other reasons, Tarsnap requires an email verification before creating an account
“so I wasn’t concerned when I received an email last week telling me that someone was trying to create an account as admin@tarsnap.com”
“Five minutes later, I was very concerned upon receiving an email telling me that the registration for admin@tarsnap.com had been confirmed and the account created.”
“This should not have happened, so I immediately started running down a list of possibilities. Was it a forged email? No, the headers showed it being delivered from the CGI script to the tarsnap web server’s qmail to the tarsnap mail server’s qmail to my inbox. Was a copy of the confirmation email — which should never have gotten past the mail server — being misdelivered somehow? No, the mail logs showed that the email to admin@tarsnap.com went from CGI script to the web server’s qmail to the mail server’s qmail and then was dropped. Was one of the CGI scripts on the tarsnap web server compromised? There was nothing in the logs to suggest a malformed request of the sort which might have been used to exploit a bug; nor, for that matter, anything to suggest that someone had been probing for bugs, so if a CGI script had been exploited, it was done completely blindly. Nevertheless, I disabled the CGI scripts just in case.”
“Had someone managed to compromise the web server or mail server? unlikely”
“The mystery was solved a few minutes later when an email arrived from Elamaran Venkatraman: He hadn’t compromised any servers or exploited any bugs in my C code; rather, he had found a dumb mistake in tarsnap’s account-creation process.”
“For most people to create a Tarsnap account, only a few things are required: An email address, a password, and checkbox confirming that you agree to the Tarsnap legal boilerplate. You submit those to the Tarsnap server; it generates a registration cookie; it sends that cookie to you as part of a URL in the confirmation email; and when you click through that link and re-enter your password your account is created. So far so good — but some people need a bit more than that. Tarsnap is a Canadian company, and as such is required to remit sales tax for its Canadian-resident customers. Moreover, Tarsnap is required to issue invoices to its Canadian-resident customers — invoices which show the customers’ physical mailing addresses — so if a registrant identifies themself as being a Canadian resident, they are taken to a second page to provide their name and mailing address.”
“But what of that confirmation email? Well, I didn’t want someone who self-identified as a Canadian resident to create an account without providing the legally-mandated information, so I couldn’t send out that email until they submitted the second page. On the other hand, they having provided their email address and password once already, I didn’t want to ask for those again. And so, when I finally got all the paperwork sorted and started accepting Canadian customers in July 2012, I took the option which was simple, obvious and completely wrong: I passed the registration cookie as a hidden variable in the second-page form, to be echoed back to the server.”
“This of course is what Elamaran had found. To be clear, the registration cookie didn’t reveal any server internals; the only thing it could be used for was to confirm an email address. But because it was being sent in the HTML response, anyone could “confirm” any email address, simply by claiming to be a Canadian resident and viewing the page source. Oops. The fix for this was easy: Use two cookies, one for email confirmation and one for the Canadian-address-obtaining continuation. More importantly, I’ve moved the cookie-generation to where it belongs — within the routine which generates and sends the confirmation email — and I’ve added a comment to remind myself that the cookie must never be exposed via any channel other than an email destined for the address being confirmed.”
“That last part is ultimately the most important lesson from this: Comments matter! I don’t know what I was thinking three years ago when I reused that cookie; but unless my memory was much better then than it is now, I almost certainly wasn’t thinking about my original design from four years prior. While this was hardly a fatal bug — while I’ll never know for certain, I doubt anyone exploited this email confirmation bypass, and the impact would not be severe even if someone did — it’s a reminder of the importance of writing useful comments. I often see solo developers excuse a lack of comments in their code on the basis that they understand their code and nobody else will be touching it; this misses an essential point: I am not the same person as I was three years ago, nor do I understand everything I understood three years ago. People make mistakes, and people edit code without fully understanding how and why it works. Leave breadcrumbs behind, even if you don’t intend for anyone to follow you: When you try to retrace your steps, you might get lost without them.”

Feedback

Apple Keychain
FreeBSD Network Troubles
ZFS snapshots instead on the FreeNAS server?
Can’t get enough Allan? Was recently interviewed by the BSDTalk Podcast, episode 256

Round Up:

The post Dukes of Cyber Hazard | TechSNAP 233 first appeared on Jupiter Broadcasting.

First Day Fail | TechSNAP 45

chris — Thu, 16 Feb 2012 18:03:18 +0000

A first day on tech job war story, that’s as rough as they get! Plus details on recent doubt researchers have cast around the fundamental security technology behind SSL.

Plus: Microsoft was caught storing customer passwords in clear text, we’ve got the story, and some questions!

All that and more, on this week’s TechSNAP!

Thanks to:

GOG.com – the digital game distributor with a difference.

Get 10% off if you buy 2 or more games like Wing Commander 3 and Syndicate

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Super special savings for TechSNAP viewers only. Get a .co domain for only $7.99 (regular $29.99, previously $17.99). Use the GoDaddy Promo Code cofeb8 before February 29, 2012 to secure your own .co domain name for the same price as a .com.

Pick your code and save:
cofeb8: .co domain for $7.99
techsnap7: $7.99 .com
techsnap10: 10% off
techsnap20: 20% off 1, 2, 3 year hosting plans
techsnap40: $10 off $40
techsnap25: 25% off new Virtual DataCenter plans
Deluxe Hosting for the Price of Economy (12+ mo plans)
Code: hostfeb8
Dates: Feb 1-29

Direct Download Links:

Subscribe via RSS and iTunes:

Show Notes:

Only 99.8% of the worlds PKI uses secure randomness

PKI (Public Key Infrastructure) is a type of encryption system known as asymmetric cryptography
This means there is one key used to encrypt data, and then a different key is used to decrypt the data
In the RSA algorithm, a public/private key pair are generated by selecting two large prime numbers and multiplying them together. This value serves as the modulus (n) for both the public and private keys
Then a public exponent (e) is selected, typically 65537 because it was found to provide more efficient encryption
The private exponent (d) is then calculated as: (d*e)mod φ(n) = 1 Euler’s totient function
An encrypted message (c), is calculated by turning the plaintext message (m) in to an integer, using a padding algorithm: c = m^e (mod n)
To decrypt the message: m = c^d (mod n)
This all seems relatively simple, one just has to remember the scale of the numbers being computed, in a 2048bit RSA key like the one used by your bank or amazon.com, each of the prime numbers has over 300 digits, and then you multiply them together.
Researchers have found that some RSA keys in use on the internet had the same modulus (meaning they were using the same secret prime numbers). This means that the two parties that happen to end up using the same key, could compromise each other
The researchers also found some public keys where it was possible to compromise the private key
Overall, many of the compromisable keys appear to belong to expired certificates and old PGP keypairs, and the danger to modern properly generated RSA keys is much lower
Rebuttal by Dan Kaminsky
New York Times Coverage
Research Paper

Cryptome hit by blackhole exploit kit

Cryptome is a popular and long standing document repository for whistle blowers and others interested in secret information
From the site: “Cryptome welcomes documents for publication that are prohibited by governments worldwide, in particular material on freedom of expression, privacy, cryptology, dual-use technologies, national security, intelligence, and secret governance – open, secret and classified documents – but not limited to those. Documents are removed from this site only by order served directly by a US court having jurisdiction. No court order has ever been served; any order served will be published here – or elsewhere if gagged by order. Bluffs will be published if comical but otherwise ignored.”
On February 8, an attacker managed to upload some PHP code to serve an some malicious javascript that inserted an iframe and loads an attack site that exploits a vulnerability in Internet Explorer. The PHP code specifically avoids serving the exploit when the requesting IP comes from google or a number of other web scanners designed to detect malware, to avoid getting the infected sites blacklisted
By February 14, 16:30 UTC, all files had been restored from backup
Symantec has offered to help investigate the attack
The malware is very common and accounts for a large portion of all infected websites found on the internet
The exact vector that was used to infect the site is not yet known
Details Analysis
Additional Coverage
Official Announcement with extensive details

War Story:

This week we have another in the series of war story sent in by Irish_Darkshadow (the other other Alan)

I joined IBM in February 1999 as a tech support agent for US Thinkpad (laptop) support. The training regime in those days was 7 weeks long with the final 5 weeks each being dedicated to hands on experience with a different product family / line. The call center had two support sections – Aptiva (IBM desktops for home users) and Thinkpad (IBM laptops for business & home users). The most technical staff from Aptiva were usually moved onto Thinkpad support before too long as that was the flagship brand.

Major emphasis during the training for Thinkpad support was placed on never resorting to a reload to solve an issue. We had solid problem solving technique driven into us constantly for the 7 weeks. The only caveat was that if the support call exceeded 1 hour then we should ask a team leader for permission to escalate the case to 2nd level support. I got the distinct impression that to do so was an admission of defeat and the only exception with passing your case over to 2nd level was if there was some procedure or fix that required advanced skills or registry changes.

My first shft was coming in at 16:30 until 01:30 from Monday to Friday which was typical for supporting US based users. For my first few hours on the floor I simply call shadowed an existing agent to get a feel for the type of calls and how they were handled. Immediately prior to joining IBM I had been running my own computer shop but my partner swindled funds from the company and I shut it down and made my money doing freelance work until I got the “I’m pregnant” revelation from my girlfriend and decided a steady paycheck was a smarter option. This gave me a major ego when it came to these mere tech support calls compared to my level of experience and that bit me in the ass on my first time out of the gate.

I finished up my call shadowing and went to my own desk, set up my applications for creating the tickets. My workstation was a P166 running OS/2 Warp 4.0…awesome eh? So once I was settled in I hit the Avail button on my phone and awaiting my first US user encounter. It only took a minute or so for a call to come in then I dished out the scripted greeting “Thank you for calling the IBM PC Help Center. My name is Alan with Thinkpad support. How may I help you?”. Then you let the user give the opening details, capture anything that might be relevant….ask for computer type and serial number to assess warranty status and from there it’s just problem determination.

The user had just picked up a 3Com PCMCIA network card and the thinkpad wouldn’t detect it properly. It was a Win95 preload and the user seemed savvy enough to have installed the drivers properly but nonetheless, I made him go through the entire process again with me listening in. Nothing seemed to be at fault. I got the user to go into Device Manager (making sure the other agents around me could hear what an absolute BOSS I was being in handling this call). Once there I asked if he could see an entry for the card and he did, as suspected it had an exclamation mark beside it. In my head I started to jump forward to possible causes like memory address space conflicts, IRQ conflicts, corrupted drivers or even operating system updates that might be needed to support such a high tech card (yep, I said it…1999…it WAS high tech damn it!). I reckoned that the IRQ conflict was the most likely starting point and asked the user to check the IRQ view in Device Manager and tell me what he saw. As he described the device tree to me I got that sinking feeling. The one were you know that the next thing you are going to do is going to make you look like a complete and total tit in front of the colleagues that you have just been showboating for. The user had explained to me that every single hardware entry in the IRQ list showed the status of “In Use By Unknown Device”. There is only 1 explanation for that – corrupted registry. I had two choices….#1 was to do a user.da0 and system.da0 restore from DOS mode and #2 was admit defeat and reload the machine. #1 was not something that IBM wanted agents doing so I bit the bullet and called 2nd level support to explain. It turned out that the 2nd level support guy was floor walking near my seat and had heard EVERYTHING. He swaggered over with an evil smirk and told me to reload the system. My first call turned into the one solution that we were absolutely NOT supposed to resort to. To cap it all off the 2nd level guy finished with “I’ll be keepin’ an eye on you Elliott. A close eye.” and at that point the only phrase going through my head was “bollocks drink feck arse girls diddy wank!”. And so began my tech support career.

Round-Up:

The post First Day Fail | TechSNAP 45 first appeared on Jupiter Broadcasting.