Show Notes: coder.show/479

The post Apple's Mob Move | Coder Radio 479 first appeared on Jupiter Broadcasting.

Show Notes: linuxactionnews.com/130

The post Linux Action News 130 first appeared on Jupiter Broadcasting.

Red Hat highlights how leaky many open source RSA implementations are, Netflix releases Sleepy Puppy & the Mac is definitely under attack.

Plus some quick feedback, a rockin’ roundup & much, much more!

Thanks to:

• Get Paid to Write for DigitalOcean

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | YouTube | HD Torrent | Mobile Torrent

RSS Feeds:

HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feed | Torrent Feed

Become a supporter on Patreon:

— Show Notes: —

NetFlix releases new open source security tool, Sleepy Puppy

• Sleepy Puppy is a delayed XSS (Cross-Site Scripting) vulnerability scanner
• In a typical XSS scan, and attacker (or the scanner program) attempts to send a script as part of some user input (the comment on a blog or something like that, or via a URL variable). This content is then shown to that user, and often times, other users. If I can make a bit of my javascript run on your computer, when you visit someone else’s site, I have achieved XSS
• There are a number of scanners out there, and they “fuzz test” all of the inputs and variables they can find, and attempt to get some code they submit to be returned to them
• This new tool from NetFlix addresses second level vulnerabilities, and beyond
• What if an attacker injects the code on the website, and the website mitigates this, but some other application, internal or public facing, also uses the data from the database, and it then ends up being vulnerable to the XSS
• Sleepy Puppy is a “XSS payload management framework”, it generates unique code snippets for each injection, so that when a successful XSS happens, it can be tracked back to its source, even if that is outside of the application where the exploit took place
• “Delayed XSS testing is a variant of stored XSS testing that can be used to extend the scope of coverage beyond the immediate application being tested. With delayed XSS testing, security engineers inject an XSS payload on one application that may get reflected back in a separate application with a different origin.”
  • Show Diagram
• “Here we see a security engineer inject an XSS payload into the assessment target (App #1 Server) that does not result in an XSS vulnerability. However, that payload was stored in a database (DB) and reflected back in a second application not accessible to the tester. Even though the tester can’t access the vulnerable application, the vulnerability could still be used to take advantage of the user. In fact, these types of vulnerabilities can be even more dangerous than standard XSS since the potential victims are likely to be privileged types of users (employees, administrators, etc.)”
• SleepyPuppy ships with a default set of assessments includes, so is ready to use out of the box

Researchers announce new iOS vulnerability: brokenchain

• The vulnerability allows a piece of malware to access the keychain in iOS, and copy your saved passwords and other secret keys
• These keys can then be exfiltrated via SMS or HTTP etc
• When the malware attempts to access the keychain, iOS presents a dialog asking them user to allow or deny the action, but the malware can simulate a tap on the screen and accept the dialog
• Further, some malware seems to be able to cause the popup to appear off screen, so the user never even sees it
• “Special-crafted commands can be triggered by malware — or even an image or video — which causes OS X to display a prompt to click an Allow button. But rather than relying on users clicking on a button that appears unexpectedly, the button is displayed very briefly off the edge of the screen or behind the dock, and is automatically pressed using a further command. It is then possible to intercept a user’s password and send it to the attacker via SMS or any other means.”
• “Apple has been told about the vulnerability. The company has not only failed to issue a fix yet, but has not even responded to Jebara and Rahbani.”
• Ars Technica found that parts of the vulnerability have existed since 2011, and have been used actively
• “DevilRobber, the then new threat caught the attention of security researchers because it commandeered a Mac’s graphics card and CPU to perform the mathematical calculations necessary to mine Bitcoins, something that was novel at the time. Less obvious was the DevilRobber’s use of the AppleScript programming language to locate a window requesting permission to access the Keychain and then simulate a mouse click over the OK button.”
• “The same technique was being used by the Genieo adware installer to gain access to a Safari extensions list that’s protected inside the Mac Keychain.”
• The same day, another group of researchers independently found the same vulnerability
• Windows UAC has a bunch of defenses against apps users accidentally accepting or malware auto-clicking the authorization popups. Maybe we need the same in mobile OSes
• “Mac users should remember that the technique works only when invoked by an application already installed on their systems. There is no evidence the technique can be carried out through drive-by exploits or attacks that don’t require social engineering and end-user interaction. Still, the weakness is unsettling, because it allows the same app requesting access to the keychain to unilaterally approve it and to do so quickly enough for many users to have no idea what has happened. And by default, OS X will grant the access without requiring the user to enter a password. The Mac keychain is the protected place storing account passwords and cryptographic keys.”
• Maybe the solution is to require the unlock code or password in order to authorize access to sensitive areas like the keychain
• “I think that Apple needs to isolate that particular window,” Reed told Ars on Wednesday. “They need to pull that particular window out of the window list … in a way that an app can’t tell it’s on the screen and get its location.”

Factoring RSA keys with TLS Forward Secrecy

• “Back in 1996, Arjen Lenstra described an attack against an optimization (called the Chinese Remainder Theorem optimization, or RSA-CRT for short). If a fault happened during the computation of a signature (using the RSA-CRT optimization), an attacker might be able to recover the private key from the signature (an “RSA-CRT key leak”). At the time, use of cryptography on the Internet was uncommon, and even ten years later, most TLS (or HTTPS) connections were immune to this problem by design because they did not use RSA signatures.”
• “This changed gradually, when forward secrecy for TLS was recommended and introduced by many web sites.”
• “We evaluated the source code of several free software TLS implementations to see if they implement hardening against this particular side-channel attack, and discovered that it is missing in some of these implementations. In addition, we used a TLS crawler to perform TLS handshakes with servers on the Internet, and collected evidence that this kind of hardening is still needed, and missing in some of the server implementations: We saw several RSA-CRT key leaks, where we should not have observed any at all.”
• “An observer of the private key leak can use this information to cryptographically impersonate the server, after redirecting network traffic, conducting a man-in-the-middle attack. Either the client making the TLS handshake can see this leak, or a passive observer capturing network traffic. The key leak also enables decryption of connections which do not use forward secrecy, without the need for a man-in-the-middle attack. However, forward secrecy must be enabled in the server for this kind of key leak to happen in the first place, and with such a server configuration, most clients will use forward secrecy, so an active attack will be required for configurations which can theoretically lead to RSA-CRT key leaks.”
• “Does this break RSA? No. Lenstra’s attack is a so-called side-channel attack, which means that it does not attack RSA directly. Rather, it exploits unexpected implementation behavior. RSA, and the RSA-CRT optimization with appropriate hardening, is still considered secure.“
• While it appears that OpenSSL and NSS properly implement the hardening, some other products do not
• It seems RedHat discovered this issue some time ago, and reported it to a number of vendors
• Oracle patched OpenJDK back in April
• “None of the key leaks we observed in the wild could be attributed to these open-source projects, and no key leaks showed up in our lab testing, which is why this additional hardening, while certainly desirable to have, does not seem critical at this time.”
• “Once the necessary data is collected, the actual computation is marginally more complicated than a regular RSA signature verification. In short, it is quite cheap in terms of computing cost, particularly in comparison to other cryptographic attacks.”
• Then the most important question came up
• “Does this vulnerability have an name? We think that “RSA-CRT hardening” (for the countermeasure) and “RSA-CRT key leaks” (for a successful side-channel attack) is sufficiently short and descriptive, and no branding is appropriate. We expect that several CVE IDs will be assigned for the underlying vulnerabilities leading to RSA-CRT key leaks. Some vendors may also assign CVE IDs for RSA-CRT hardening, although no key leaks have been seen in practice so far.”
• Crypto Rundown, Hardened:
  • GnuPG
  • NSS
  • OpenSSL 1.0.1l
  • OpenJDK8 (after the April patch)
  • cryptlib (hardening disabled by default)
• Unhardened:
  • GNUTLS (via libgcrypt and Nettle)
  • Go 1.4.1
  • libgcrypt (1.6.2)
  • Nettle (3.0.0)
  • ocaml-nocrypto (0.5.1)
  • OpenSwan (2.6.44)
  • PolarSSL (1.3.9)
• Technical Record [PDF]

Feedback

• Reply to the pfSense question from episode 229
• Where to get news on vulnerabilities and urgent patches

Round Up:

• China and Russia cross-referencing OPM data, other hacks to out US spies
• The Zero Trust Initiative, making it possible to trust your vendors
• Hackers Stole the Biggest Number of Apple Accounts Ever with iOS Malware Researcher Post
• The police body camera business is not about camera, but overpriced cloud storage. 300 Cameras: $180,000. 5 year contract for storage: $889,000
• Pre-Installed Android Malware Raises Security Risks in Supply Chain
• AppLock, a popular Android app that claims to securely store photos, videos, and other content, turns out to just hide the files in a non-default location. It also has a weak pin reset feature, meaning it provides basically no security to its 100 million users
• Android ransomware uses XMPP chat to call home, claims it’s from NSA
• The Government should pay bug bounties and not attack security researchers
• Department of Justice being sued by Reuters for not fulfilling FoIA requests re: fake news stories with embedded malware used in 2007
• If documents are not for public release, try not posting them on the public Internet

The post Leaky RSA Keys | TechSNAP 231 first appeared on Jupiter Broadcasting.

We meta-cover the iPhone 6 reviews & discuss the pros and cons of large format mobiles. Then the updates coming to almost all Android phones, Microsoft’s bad news, Docker’s great news & hacking your Amazon account via an ebook exploit!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

iPhone 6 Plus review | The Verge

I can’t see myself ever using my iPad mini again after having the 6 Plus, and it’s getting harder and harder to justify pulling out my iPad Air. With the right software changes, I could basically use an iPhone 6 Plus all day long, for everything from sending messages to editing documents to watching videos. A do-everything phone like the 6 Plus would eventually allow Apple to push the iPad even further towards becoming the true laptop replacement it was always meant to be.

We’re going to need bigger hands.

• First iPhone 6 and 6 Plus Reviews: ‘Thin and Sexy’, ‘Bigger and Better’, Impressive Battery Life Up to 2 Days

• Daring Fireball: The iPhones 6

t I have no desire to use an iPhone 6 Plus as my personal phone. I ordered an iPhone 6 for my own use. And if the iPhone 6 Plus were the only new iPhone this year, I probably would have stuck with the iPhone 5S.

Google Play Services Updated for Testing Google Fit Apps

oogle has begun rolling out Google Play services 6.1 with a set of new APIs for developers. The new features include an Enhanced Ecommerce extension for analytics, improvements to Drive support, and testing capabilities for the upcoming Google Fit platform.

Enhanced Ecommerce provides “richer insights into pre-purchase shopping behavior and into product performance.”

Round two of Microsoft layoffs coming September 18: Sources | ZDNet

Microsoft cut 13,000 employees total in the first wave back in July. That wave included some, but not all, of the former Nokia employees, my contacts say. It also included employees in the Operating Systems Group and just about every other group across the company. Microsoft also is planning to reduce its dependency on “contingent” (non full-time) employees by 20 percent as part of its realignment.

I am not sure how many will be cut in this week’s round, which I’ve heard will be announced internally this Thursday, September 18. But I do hear that the second round of cuts will span across almost every group at the company. I’ve also heard there still will be more cuts happening as part of the original 18,000 total at further dates in the future.

Docker Raises $40M, Plans New Enterprise Tool for 2015

Docker Inc., the lead commercial sponsor behind the open-source Docker container technology, today announced that it has closed a $40 million Series C round of funding. The new round of funding comes on the heels of the Docker 1.0 release and the emergence of a commercial ecosystem around the container virtualization technology.

The Series C round of funding is the second funding event for Docker in 2014. In January, Docker announced a $15 million funding round.

The latest funding round brings Dockers’ total funding since its founding to $66 million, CEO Ben Golub said, adding that Docker has only now just begun spending the Series A funding money and is starting to tap into the Series B funds. “We closed the Series C pre-emptively, so we would have a full powder keg to go after the market opportunity,” G

Amazon Kindle vulnerability lets hackers take over your account – The Inquirer

AMAZON’S KINDLE has been found to be vulnerable to a type of malware that is triggered by downloading an ebook with a booby-trap.

Security researcher Benjamin Daniel Mussler has demonstrated a proof of concept attack the uses cross-site scripting (XSS) to infect a computer opening a sideloaded title containing code.

The post The Big Apple | Tech Talk Today 59 first appeared on Jupiter Broadcasting.

We’ve got the details about critical vulnerabilities in LastPass and other popular password managers, Russian hackers attack the NASDAQ, and how to pull off an SSH Man in Middle attack.

Plus a fantastic batch of your questions, our answers & much, much more!

Thanks to:

Become a supporter on Patreon:

— Show Notes: —

Critical vulnerabilities found in online password managers including LastPass, RoboForm, My1Login, PasswordBox and NeedMyPassword

• Four researchers from the University of California, Berkeley, did a manual analysis of some of the most popular online password managers
• Their findings are troubling, showing problems with all of the popular services
• “Widespread adoption of insecure password managers could make things worse: adding a new, untested single point of failure to the web authentication ecosystem. After all, a vulnerability in a password manager could allow an attacker to steal all passwords for a user in a single swoop”
• The researchers found problems with each of the services they investigated, including bookmarklet vulnerabilities, web vulnerabilities (CSRF and XSS), user interface vulnerabilities, and authorization vulnerabilities.
• The paper shows how an attacker might be able to steal a LastPass users’ dropbox password when the user visits the attackers site
• The paper also discusses a vulnerability in the LastPass OTP (One Time Password) feature, where an attacker specifically targeting you (requires knowing your lastpass username) could access the encrypted LastPass database. While the attacker would have to resort to an offline brute force attack to decrypt it and get the passwords, they would also have a list of all of the sites that the user has saved passwords for. In addition, the attack can delete saved credentials from the database, possibly allowing them to lock the user out of other sites.
• An authorization vulnerability in the password sharing system at My1login could allow an attack to share a web card (url/username/password) they do not own with another user, only needing to know the unique id#, which is a globally unique incrementing counter, so can be predicted. It also allows an attacker to modify another users’ web cards once they are shared
• “Since our analysis was manual, it is possible that other vulnerabilities lie undiscovered”
• “Of the five vendors whose products were tested, only the last one (NeedMyPassword) didn’t respond when they contacted them and responsibly shared their findings. The other four have fixed the vulnerabilities within days after disclosure.”
• Research Paper

How Russian Hackers stole the Nasdaq (2010)

• In October 2010, a Federal Bureau of Investigation system monitoring U.S. Internet traffic picked up an alert. The signal was coming from Nasdaq
• The October alert prompted the involvement of the National Security Agency, and just into 2011, the NSA concluded there was a significant danger.
• The Secret Service had notified NASDAQ of suspicious activity previously and suspected the new activity may be related, and requested to take the lead on the investigation, but was denied and shut out of the investigation.
• “We’ve seen a nation-state gain access to at least one of our stock exchanges, I’ll put it that way, and it’s not crystal clear what their final objective is”
• Bloomberg Businessweek spent several months interviewing more than two dozen people about the Nasdaq attack and its aftermath, which has never been fully reported. Nine of those people were directly involved in the investigation and national security deliberations; none were authorized to speak on the record. “The investigation into the Nasdaq intrusion is an ongoing matter,” says FBI New York Assistant Director.
• The hackers had used two zero-day vulnerabilities in combination to compromise machines on the NASDAQ network
• The NSA claimed they had seen very similar malware before, designed and built by the Federal Security Service of the Russian Federation (FSB), that country’s main spy agency.
• Later in the investigation, some U.S. officials questioned whether the NSA had pushed the evidence too far. Malware often changes hands—it’s sold, stolen, or shared. And the technical differences between attack code and something less destructive can be surprisingly small. At the time, NSA Director Keith Alexander and his agency were locked in a fight with government branches over how much power the NSA should have to protect private companies from this new form of aggression. Such a brazen attack would certainly bolster its case.
• “While the hack was successfully disrupted, it revealed how vulnerable financial exchanges—as well as banks, chemical refineries, water plants, and electric utilities—are to digital assault. One official who experienced the event firsthand says he thought the attack would change everything, that it would force the U.S. to get serious about preparing for a new era of conflict by computer. He was wrong.”
• What the investigators found inside Nasdaq shocked them, according to both law enforcement officials and private contractors hired by the company to aid in the investigation. Agents found the tracks of several different groups operating freely, some of which may have been in the exchange’s networks for years, including criminal hackers and Chinese cyberspies. Basic records of the daily activity occurring on the company’s servers, which would have helped investigators trace the hackers’ movements, were almost nonexistent. Investigators also discovered that the website run by One Liberty Plaza’s building management company had been laced with a Russian-made exploit kit known as Blackhole, infecting tenants who visited the page to pay bills or do other maintenance.
• an FBI team and market regulators analyzed thousands of trades using algorithms to determine if information in Director’s Desk could be traced to suspicious transactions. They found no evidence that had happened
• By mid-2011, investigators began to conclude that the Russians weren’t trying to sabotage Nasdaq. They wanted to clone it
• Without a clear picture of exactly what data was taken from Nasdaq and where it went—impossible given the lack of logs and other vital forensics information—not everyone in the government or even the FBI agreed with the finding

Tutorial: SSH MITM Downgrade Attack

• This is a tutorial on how to perform an SSH Man-In-The-Middle downgrade attack
• This attack involves tricking the user connecting to the SSH server you are intercepting into using the old version 1 of the SSH protocol
• SSH1 uses a separate SSH Fingerprint from SSH2, so the user will be prompted to accept the different key
• Many users will blindly accept this warning
• If the user can be tricked into dropping to SSH1, it may be possible to steal the username and password they use to login with
• Luckily, most modern SSH servers do not allow SSH1
• However, some clients, including PuTTY, allow both SSH1 and SSH2, with a preference for the latter
• Users are encouraged to change the setting on their server and in their client to only allow SSH2
• Many embedded devices still allow SSH1, including many older Cisco Security Appliances
• These devices are perfect targets for this type of downgrade attack

Feedback

• ZFS Transaction Log (ZIL)

• WWAD (What Would Allan Do?)
  • ZFS Stripe Width

• building a new PC

• How to Sysadmin?

• DNS Made Easy (Email backups), and tiny war story

Round-Up:

• US claims jurisdiction over all servers on the internet. “any company with operations in the United States must comply with valid warrants for data, even if the content is stored overseas”
• Only a few days old, OpenSSL fork LibreSSL is declared “unsafe for Linux”
• Canadian ISP Rogers updates privacy policy, promises to require a warrant to turn over data
• Microsoft tells users to stop using strong passwords everywhere
• Sony forgets to renew a domain name (SonyOnline.net) where all of the name servers are hosted, takes out all of SOE (Sony Online Entertainment), including forums and websites. Did not have a valid email address on the domain registration
• Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability
• Where do online services go when they die?
• fail2ban security update
• Robert Watson and SRI/Cambridge University open source the CHERI secure processor design

The post SSH1tty leakage | TechSNAP 171 first appeared on Jupiter Broadcasting.

In an ironic twist of fate, the Onion suffers an embarrassing compromising, that appears to match a new pattern of attack. We’ve got the details.

Plus picking the right open source load balancer, Google’s aggressive new disclosure policies, and big batch of your questions, and much much more!

Thanks to:

GoDaddy.com Use our code tech249 to score .COM for $2.49! 32% off your ENTIRE first order just use our code go32off3 until the end of the month!

Support the Show:

   

Support the Show: