My personal blog is about stuff I do, like and dislike. If you have any questions, feel free to contact. My views and opinions are naturally my own personal thoughts and do not represent my employer or any other organizations.

[ Full list of blog posts ]

32c3 comments, random ramblings, thoughts, notes, dump part IV

posted by Sami Lehtinen   [ updated ]

No reinvention of wheel. ;), Private data center, crowdfunding, data and system ownership. Lol what kind of fails with presentation material, can't open or find it. Breaking RSA with SDR. openage. Internet governance, technical alternatives, geeks. Cyberpunk, Cypherpunk. OMEMO. OTR (Off-The-Record). TextSecure. Infinite Garble Extension (IGE). Using multiple encryption keys to encrypt the payload key. So same message can be delivered to different users and they can decrypt it without sending the message several times or using shared private key. Just like Pretty Good Privacy (PGP) has done for ages. IDABuddy. PinMagic for RaspberryPi. Universal Basic Income. (This is interesting, because Finland is going to try it (?)). Solving Sybil attack problem. Money Creation, Credit Rating System. Distance vector with cost. Delay based routing metric. Universal Payment Channels, Scalable, Anonymous, Cross-Currency Payments. Escrow, Blockchain. Signed notes. Smart Conditions using Turing-complete code. Sounds familiar, I've been checking out multiple solutions like that. ISO8583. libusb.   "Amazon is reported to have some very close ties to spy agencies." Surprised? Nope. Writing secure, reusable and testable software. Attacker can create tarball of all world-readable data under /. Yep, that's just what I did. No reference, but it's somewhere in my blog. Turning systems into a botnet node. Easily doable. Reusability and testability. Web Server configuration and Security Testing. CloudABI, nuxi. Implants with remote exploitable issues, the unpatchable devices. Hardcoded credentials, Honeypots. Medical Device Hacking Made Legal via DMCA exception for researches. Nice!  Firmware update for pacemaker, nice... Debugging software inside your body. Many medical devices are legacy technology, no software updates. Devices are often back boxes with complex and un-secure proprietary software. Lack of regulations, wireless connectivity, potential cloud connectivity, large attack surface.  Building a secure web service. Using read and append-only file descriptors. POSIX. CloudABI. Advanced Persistent Threats (APT) and OPSEC Evolution. How it can significantly disrupt operations. OPSEC in 60 seconds. Assure success, Prevent Detection, Prevent Attribution. You need to know your enemy. The Hacking Team. Resurecting Spy Network. Many APT reports are aimed to generating PR for security companies. Also the malware and attacker guys of course do read the APT attack and threat reports. "Turla Satellite Traffic Hijacking" and "Stuxnet / Duqu / Flame / Duqu2", "Iron Tiger: Chinese, Careto: Spanish? Intentional false flag, maybe not, because the targets were such that only Spain would be interested about that information. Duqu2: Multiple false flags". This is just what the CIA espionage and counter intelligence documents said. It could be all too obvious and totally wrong. It's extremely hard to tell when it's true and when it isn't. Intelligence Gathering. Target prestudy and target report. Attack Plan and Execution. Planting falsified evidence and traces. Studying target defences and creating a map. Examining Security Vendor Backend capabilities: IDS, IPS, antivirus, signatures, logging. Looking for other players, has the system already been owned by other actors. Really, really try to hide your identity. Think about forensic analysis, compilers can leave lot of information in the compiled binary. Cyber Engagement, Cycle Evolution. Whenever possible, use OS-included tools, so you don't need to create custom code or install it into system. This could allow RAM only operations, yet allowing reinfecting the system when necessary. When it's time to fold or retreat. Compose Intelligence Requirements. It's hard to get enough information on attacker objectives. It's like having a stalker, you know you're being watched, but you might not know what they're actually after. PlugX RAT, C2 and DNS tunneling modes. Threat actors gain entry and act on objective. Stealing data is just one of the multiple options. Required action is to perform a meaningful, periodical Risk Assessment. Compiling target list. I there's no time-sensitive information, it's impossible to form attack pattern. Yet if you're having similar data or using similar platforms as other compromised organization. You're on the target list. POS credit card information theft, happened in waves and the targets didn't react before it happened for them. Everybody thought that they're not on the target list. So it's also important to perform a relevant Threat Assessment. Threat = Intent + Capability. (This is also why I think it's important to maintain capability, so it can be used when there's intent, motivation or a reason to use it.) Using decoys and social engineering. Pre-Engagement Stage. Publicly available sensitive data, lax security awareness allows probing the target (automatic / human). This means that the attacker can gain a lot of information before reaching your network. It's important to limit public information, also act outside your own perimeter and periodically refresh your and staff awareness. Engagement Stage. As we've seen, everyone has been hacked or compromised, everyone will be hacked, and everyone is hacked right now? It's not matter if, it's matter of when. Security is on going process. Unfortunately Lateral Movements aren't reported. With many obstacles on way in (Layered Security) there's many opportunities for the defender to intervene. Keeping and securing log authenticity as forensic evidence. It's not all about endless monitoring and alerts. Having enough data for post event analysis is vital. Backup & snapshot log files. (Actually one person (SWIM) is administering some systems which were compromised, unsurprisingly the attacker also took care of the log files when gaining root access to the system.) Having great logs and copies of thsoe can potentially save the day. It's important to have Backup Response Plan (BURP). It's like video surveillance, it doesn't make things secure, but helps enormously in after event analysis. Target Engagement Process list: Compose Intelligence Requirements, Compile Target List, Intelligence Gathering, Target Report, Attack Plan and Execution, Fold. Nation State Actors don't want attribution and exposure. Yet many other groups just don't care if they're caught. It's also very dangerous if defense publishes analysis too fast, because the attacker / actor can sill be in systems and just adjust their strategy in real-time based on the feedback they gained from defense blog. It's like playing poker with exposed cards. Getting earlier breach reports and information sharing and collaboration. Attribution based on IP address alone, with all these false flags, it's ridiculous. Using compromised systems as proxies and relays is trivial. Anything you can do to increase cost and risk of the attack, is always beneficial, do it. Of course the defense measures need to be risk accessed and protection measures need to be adjusted proportionally to the risk.

Lot of typos? Sure, I haven't proof read this obviously. It's just quick jotted notes.

Whonix, Privacy, AIP, IPv6, PayPal, DHT Kademlia, Security by Obscurity

posted Feb 5, 2016, 9:17 PM by Sami Lehtinen   [ updated Feb 5, 2016, 9:18 PM ]

  • Checked out excellent privacy: Whonix - DoNot! - Most of people DoNot know these things. Even if I didn't find any surprises from the list. They didn't warn that end-to-end encryption could potentially be a bad thing, because OpenPGP and others usually use persistent public / private keys. If you use those, it's extremely easy to track you down. Reminder about not mixing modes of anonymity is very good reminder. Point of using clearnet and Tor at the same time is very important. It's actually preferable to have separate physical workstations and locations so it's easier to disassociate identity. At this location, I'm doing this, and rest is done at the other location. Just like separating work & home. As they say "This page highly risks to state obvious things", that's right. Any of the things mentioned weren't new at all. - As we've all experienced: It's extremely difficult to get any normal user to follow any kind of sane OpSec protocol. They didn't say it directly but avoiding a certain browsing pattern is also very bad. Let's say you visit 5 sites always in pretty much same order. Then your session is pretty much identifiable already.
  • It's classic dilemma, use same services as everyone else and try to hide in crowd. Or use something else and hope they don't notice. But actually you're standing out of crowd in red jumpsuit. It's just like my personal OpenPGP key, which uses custom cipher preferences. Which means that I guess I'm in the less than 1% of all OpenPGP users which makes it always immediately identifiable. Don't change settings, applies to this very much. Yes, nothing new. But it's good to remind you about that using niche services or 'better settings' than others, will just make you very visible. It isn't hiding in plain sight at all. Or doing something like modifying browser language or cipher preferences. Which I've done on my normal desktop. So it doesn't matter whatever IP address I use. Screening app can immediately pick up my workstation, wherever it is in the world. Or my mobile, it connects my personal mail server. Even if connection is encrypted, if the login is successful it's almost 100% guaranteed it's me, or hacker who has gained access to my email. Ha, probably the hacker wouldn't be using IMAP4 anyway.
  • Reminded my self about Air-independent propulsion (AIP). - Also checked out the A26 Submarine for Sweden by SAAB Kockums. Some acronyms are just so funny "GHOST (Genuine HOlistic STealth)" - Type 612.
  • Yay! Global IPv6 adoption is over 10% according Google IPv6 Adoption Measurements.
  • Got the news that Microsoft Windows 10 leaks encryption keys to Microsoft. Just for security purposes, and doesn't even notify the user about the leak. - Thank yo so much! What was the point of encryption in the very first place? Was it to make all data accessible? Or was it meant more like to be access control, I'm not quite sure right now.
  • It's highly confusing that PayPal is providing at least three different user interfaces when paying. That easily leads to confusion. I would prefer PayPal looking like PayPal whenever I use it. PayPal confusing user experience.
  • Implemented a DHT network Crawler for a friend. It took a while to remind my self about all the details of DHT (Kademlia) network. But it wasn't that hard after all. I think it took just a few hours to get it to work. The exact algorithm being used to crawl the network hasn't been yet implemented. But the routines to fetch required data are there. As well as the compressed data storage where the data will be stored after collection. Some friends suggested using random lookups. But I think I'll prefer more like binary tree approach where network is split into half until the lookups start to overlap. We also maintain list of known nodes, so there's pretty good idea how many nodes should be expected based on previous crawls. Random is random, binary approach provides systematic complete network scan results.
  • Do you think security by obscurity applies only to computer software? Nope, it's also very much present in physical world. We had a minor issue because we needed to enter one place and we didn't happen to have a key for the place. What was needed? A screwdriver. It took about five minutes to get the idea and get it completed which allowed us trivially entering the third floor premises. I can't really imagine who designed the locking / security solution, but it was just stupidly easy to buy pass. Nothing was broken, just a few access panels opened with screwdriver and wires connected with the screwdriver. So much lulz! Oh boy, did we laugh. But also this is very worrying. We really don't imagine we could be the only people in the world figuring out something as ridiculous as this was. Break in and entry? Hmm, nope. Just entry. When we left, we closed the access panel. I thought this is the stuff they do in the movies, and nobody's really actually silly enough to implement things it so badly.

Data Security, Donations, Bug Bounty, Trees, CyberBunker, Panopticlick, Bitmessage, Privacy

posted Feb 4, 2016, 7:46 AM by Sami Lehtinen   [ updated Feb 4, 2016, 7:46 AM ]

  • The Finnish Communications Regulatory Authority recommends a few new years promises to make. (In Finnish) I checked every recommended entry, let's see if I got 'clean pass' if there's something to improve. - Actually there are a few items where I know I could improve things. Some of those tasks just simply require too much resources. If the aim would be security alone,it would be ok. But some of use got other things to do than only worrying about security and making everything possible to improve it. I mean, I do a lot to make things secure, but some of those requirements are just simply too tight for especially information which doesn't actually require that level of protection. So I know I'll flunk those entries. It's just doing things on need to do basis. Yet estimating properly when things need to be done and on what level is often hard to say without doing proper security assessment which in turn requires lot of resources.
  • Made yearly donations to (in alphabetical order): 7-zip, GnuPG, LibreOffice, Soma.Fm, Ubuntu, VLC, Wikipedia. It's a good thing to support excellent projects.
  • I just talked with some colleagues a lot about different options and how to run a Bug Bounty Program. Also remembered that Tor project is going to launch a bug bounty program too. There are so many legendary reports about different bug bounty program cases where they refuse to pay and start threatening everybody instead. Wouldn't it be just easier to pay, of course unless if it's going to be very expensive.
  • Checked out RKB and BSP trees. Reminded myself about good old R-tree and GiST.
  • Checked out CyberBunker hosting for a friend, SWIM SWIM!
  • Panopticlick 2.0 by EFF - Yep, as expected my setup is unique as usual.
  • Had a humiliating fail with one integration. Luckily it's just just ~50 hours of server time wasted. And a customer waiting for results. Well, good thing is that I caught the problem my self and nobody else got it. That's life. Now the process just took exceptionally long. It takes fails to learn. Yet the fail was such that I should have caught it earlier. So shamed about that. I was just sad about the task failing, and when walking to home. I got the feeling, bleep, bleep, bleep. I know what caused the issue bleep! Gotta get to the office early in the morning and fix the issue and get the batch task running again. Luckily during Xmas / New Year vacations, nobody seems to care too much if the systems are bit laggy. It's only important that everything running smooth, correctly and well when they arrive at work after vacations. Yes. I'm makign sure that will happen.
  • Really nice article about USB Flash storage internals. - Yep, I knew it all. Nothing new, but it's good to remind yourself about this stuff. I've been actually having some issues with USB Flash drives and some of those seem to be especially slow with NTFS or ext4 and perform much better with FAT32, just as the article says.
  • Bitmessage (and many others) use mesh style networking, with flood casting. Which allows graph shaping operations to modify the graph so that it's easier to locate the network message initiators aka posters of public or senders of private messages. Things like private key queries can be used to secretly ping the nodes via the network and figuring out where those are, even if there wouldn't be any other visible traffic.
  • China signs a law which requires companies to hand over encryption keys? I wonder what's the real story behind this and how it will be actually applied and if that's the right form of it. What about ephemeral keys which are created on the fly, how you can hand over those except leaking the private key? Or is such construction forbidden by law?
  • Had interesting talk with friends about Eddystones and location aware services. Yep, nothing new. Yet we covered some special and quite interesting use cases, which I unfortunately can't mention here. How international multi level marketing distribution could be automated and made more efficient providing superior service levels for customers and better deal terms for service providers. Very interesting topic and potentially disruptive market changer. Similar stuff has been discussed in different Bitcoin forums for a long time.
  • Checked out new Telegram Inline Bots. - Yes, that's very useful and easy way to access those in groups.

32c3 comments, random ramblings, thoughts, notes, dump part III

posted Feb 4, 2016, 7:40 AM by Sami Lehtinen   [ updated ]

UEFI reverse engineering, task how to turn 64 characters into 32 bytes. Challenges: no debugger, no system calls, no dynamic symbols. UEFI uses modules. Efiperun, scan codes, sha256, serial number, model number. Talk by Jethro Beekman. Insecurity of embedded devices firmware. Hah, no surprises, that's why it's going to be called Internet of Targets. Billions of devices to hijack trivially and user for attacks. Static Firmware Analysis, Password Hash Cracker, Fuzzy Hashing, Misconfiguration, Credentials, Correlation and clustering, Weak / Default / Hard-coded passwords. Emulation, Complexity, Speed with Dynamic Firmware Analysis. Chroot, Kernel, Userland, architectural, application, generic, original, hosted. Vulnerabilities, challenges, beneficial, conclusions. Sanitizing PCAPs properly for outsourced analysis without leaking confidential information or traffic payloads. Tor onion services: more useful than you think, Hidden Services (HS), Security Conserns, Exit Node Attacks, Reporting Corruption, Deep Dark Web, Facebook uses EV SSL Certificate for their Tor onion service. .onion is special-use top level domain. OnionShare. Pond @ Imperialviolet - - Don't collect data you don't need, limit the granularity of data, describe benefits and risks, and explain why benefits out weight risks, consider auxiliary data when accessing risk. Use test network whenever possible. Only collect data that is acceptable / safe to make public. HSDir flags. CMU attacked Tor for FBI? Tor ethics review board? Onion identity keys are too short. Using chosen relay identity to target particular onion service. Using relays to harvest onion addresses. using Sybil attacks to take control of parts of the network. Use Guard node discovery attack. Fingerprinting web sites / pages / content based on traffic patterns. Which is proven to work very well with HTTPS as example. Introduction points, public key, cloud, circuit, one-time secret, rendezvous point. HSDir predictability, Shared Randomness, daily renewed new random shared key. Better cryptography, sha1 -> sha256, ed25519 public key base32. Rendezvous Single Onion Services (RSOS) for faster access and shorter Onion hop path (Proposal 260). Single Onion Services (SOS) according Proposal 252 without using introduction or rendezvous points. OnionBalance TSoP load balancing for Onion Services. Safe and Secure Python Web Server. Using bitcoin blockchain to generate randomness? Internet needs diversity. Internet Cube. Open Hardware. Configuration management tools, Chef, use-case, config, custom, filesystem conflict, detection, manual changes, script, scripting, definition file,  provisioning, version control and management, holocm. Patenting innovations, balancing interests, broad scope of making activities, information sharing, patented exlusive inventions. QtPass password manager - -. NFC Primer, Smart Card and NFC Chips. Android ISO 14443-3 for HCE. Multiple proprietary and incompatible protocols, nfc card emulation using software (libnfc). No support for MiFare Classic. Host Card Emulation (HCE). No Card UID emulation in stock Android NFC. Lol, does your NFC identification system use more than just the UID, right? Right? Hah hah... Yeah, right...  NFC is dangerous, it's just like Internet of Targets! Talker actually said: "Fix your shitty security or someone is going to break your stuff". sixfw, thinking ipv6 first. Fun hacking. RobustIRC without net splits using multiple parallel paths and mesh networking. Fail never ends. ;) Absolutely great talk about TLS security auditing and post quantum cryptography. Quantum Computers will break ECC. Quantum Computation Discrete Logarithms and Factoring (Peter W. Shor). D-Wave "Quantum Computer", running Shor's algorithm. RSA, DSA, ECDSA are dead. Grover's algorithm brute-force search for AES. Easy to screw up, easy to backdoor, hard to audit. Quantum resistant algorithm suite. Did you remember that ECC crypto is not new. It's from 80s. Signatured, hashing, public key cryptography, hash-based signature, Lamport one-time signatures. Merkle signatures. 'Good / secure hash function'. binascii.hexlify, lol. Singing and verification. Do not use one secret key to sign two messages, always prevent replay attacks. Winternitz signatures. Merkle hash tree. XMSS: Extended Hash-Based Signatures, WOTS+. Stateless hash-based signatures Goldreich. SPHINCS signature optimization. Hamming code. Coding theory. Code-based encryption. Goppa, McEliece, Bernstein-Lange-Peters, Niederreiter. Very fast constant-time decryption. Security analysis. Bernstein-Jeffery-Lange-Meurer (post-quantum) - May-Ozerov. QC-MDPC. NTRU (lattice). Multivariate-quadratic systems. Isogeny-based cryptography. "Technology is neither good nor bad; nor it is neutral.". Tokenization, Ranking. Comparing Mental Models on Cyber Security, Cyber Security Dashboard, National CERT. Operation, Analysis, Management, Users. Alice, Bob, Mallory, application system, malicious system. Phishing. Cyber attack countermeasures. Missing important technical details. Management doesn't understand cyber attacks and threats.

32c3 comments, random ramblings, thoughts, notes, dump part II

posted Feb 4, 2016, 7:38 AM by Sami Lehtinen   [ updated ]

Running own 3G / 3.5G UMTS network - luh protocol stack and osmo-iuh implementing HNBAP, RUA and RANAP in Free Software OSMOCOM. Node B, BTS, lu RNC - MSC. M3UA, SCCP. SGSN, GGSN, RANAP, 3GPP, LTE-U, requires Protocol Archaeology (lol). Such a mess, well that wasn't surprise. I personally love KISS design, as long as there's no very good reason to introduce additional complexity. All Our Shared Spectrum Are Belong to Us. Neat things about resource allocation, cognestion control, routing, link scheduling, rate control, carrier sense control, power control and other layers of the required stack. Distributed Coordination Function (DCF, Listen Before Talk, collision avoidance). Consumer brain-computer interfaces. EEG / BCI / neuro feedback. DIY / OpenSource. 32c3 Data Protection Talk by Max Schrems (maxschrems). Adequate Protection, Personal Identifying Information (PII),  general data protection law, self-certification, 2000/520/EC, TRUSTe, PRISM, Facebook, public / private surveillance, CFR, ECHR, EU, data retention, content data, meta data, data storage, blanket surveillance, bill of rights only apply to US citizens. No news there. FISA procedure, RTE, Data Protection Commissioner, mass surveillance, all that paperwork was ridiculous, also the court process was a big joke. No disrespect, but that's what it is. This is a very good talk and presentation. Effective detection and supervision mechanisms, legal redress, EU law, consent, informed, unambiguous, specific, regulations, orders, data localization, encryption, data trustees, technical knowledge, legal enforcement. SIGINT data interception global network. Certified cloudless solutions, cryptologic defense platform. Stylometry and machine learning, identifying code author from binary and de-anonymizing programmers using statistical methods. Computational Meta-Psychology and real AI, not machine learning (which is not AI, it's just statistics at least in most of cases). Mental simulations, linguistic protocols, percepts, motivationally connected systems, cortical columns, Blue Brain project, state machine, message passing, reward, motivation. Primary computational transition function. Quite interesting talk, ha. Nerds. Intelexit talk and the Intelexit video, especially the campaign video "The Backdoor to democracy" was quite amusing. Be smart, exit intelligence now. Well well, it isn't that simple. Isn't it old saying that you'll sing the songs of whoever pays you. Of course respecting earlier agreements and good morale and manners (whatever that might mean). The drone flyer drop flight was quite daring. Anyway check out Fluxus cannot save the world. Architecture of street level panopticon. Panopticon is The Perfect Prison. There people won't do anything forbidden, because they know they're being watched all the time. This means that the guards don't even need to do basically anything. Automated street level surveillance, tracking mobile devices, facial recognition, surveillance cameras, which is mass surveillance. Automated License Plate Readers (ALPR), Metadata, centralized data storage. Cell-site Simulators (Stingray, IMSI-catcher), aggregate analysis. Prevent, Expose, Empower, GPS Spoofing. Gibberish Detection, Vector Graphics Displays, Malware Obfuscation, C&C and hidden data relays. Pseudorandom Generator, Incident Responce, DNS servers, domain takedowns, gram / bigram frequency. Whole Gibberish Legitimacy test was stupid afaik. It's as trivial to generate words instead of other random strings. So the test is utterly useless. Measure minimum distance of domain name from concatenation of dictionary words, won't help at all afaik. Dictionary distance analysis, Greedy Algorithm, Symmetric Search, Edit Distance, normalized lexical deviancy, domain name collusion, Undetectable Gibberish, Domain Generation Algorithm (DGA). Clearly academic work? They're marvellous at producing very cool and complex stuff, lot of formulas, analysis and research papers, yet usually not doing anything useful at all. How about doing something preferably very simple which actually solves the problem? Card-based payment relies on two protocols, ZVT or OPI and ISO 8583 / Poseidon protocol, ARP spoofing, attack, ARP MITM, magstripe and chip details, authorization_req. Afaik, situation is better for Payment Terminals (Credit Card Terminals) in Finland. HSM, PIN, MAC, JTAG, RCE. Refund isn't tied to earlier payment, so you can refund money without charging it first. I've found out this earlier a few times. How? Actually it seems that sales transactions expire by default after 14 days, but refund transactions expire after 90 days or something. So if I do charge and refund, and then just keep the payment terminal unconnected for a month and connect it, the refund will get processed but the charge will be ignored. Been there, done that. A long time ago already. Shop shifting  (Shopshifting) puts merchants at significant fraud risk. Cloning ETF EMV payment terminals. Missing authentication and authentication with symmetric system-wide shared keys. Fixing suggestions weren't hard to guess. Disable unused features, add manual confirmation, don't allow any (random) configuration to be done remotely. Use encryption, don't use shared keys. Simple as that.

32c3 comments, random ramblings, thoughts, notes, dump part I

posted Feb 4, 2016, 7:37 AM by Sami Lehtinen   [ updated ]

32c3 videos - Watched, in no particular order: Windows drivers attack surface, What does Big Brother see, while he is watching, Towards (reasonably) trustworthy x86 laptops, Thunderstrike 2, The Great Train Cyber Robbery, Shopshifting, Shooting lasers into space – for science, New memory corruption attacks: why can't we have nice things, My Robot Will Crush You With Its Soft Delicate Hands, Lifting the Fog on Red Star OS, Internet Landscapes, How the Great Firewall discovers hidden circumvention servers, Household, Totalitarianism and Cyberspace, Hardware-Trojaner in Security-Chips, Datahavens from HavenCo to Today, Console Hacking, Avoiding kernel panic: Europe’s biggest fails in digital policy-making, APT Reports and OPSEC Evolution, or: These are not the APT reports you are looking for, Beyond your cable modem, Plunge into Proxy Politics, One year of securitarian drift in France, Logjam: Diffie-Hellman, discrete logs, the NSA, and you, Let's Encrypt - What launching a free CA looks like, Ecuador: how an authoritarian government is fooling the entire world, Evolution of Brain-Computer Interfaces, Verified Firewall Ruleset Verification, Rowhammer.js: Root privileges for web apps, Quantum Cryptography, All Our Shared Spectrum Are Belong to Us, Iridium Update.
Short random thoughts about 32c3 talks: Red Star OS stuff made me lol a few times, especially the file tagging feature. Great Train Cyber Robbery was quite awesome talk too. Beyond your cable modem was also really fun, just so typical fails you can see everyday everywhere. Beyond your cable modem was awesome. I wonder how bad the security guys telcos are. Hah hah. If I said some talk weren't technically impressive, at least the "New memory corruption attacks" was very detailed, and absolutely awesome talk. How the Great Firewall discovers hidden circumvention servers. The talk didn't contain anything new for me, except Alkasir, which I haven't used so far.  Trolling GFW suggestions weren't really effective afaik, fighting those attacks they presented is trivial. Only total prototype / n00b code would suffer from the attacks they presented. Hacking consoles talk was also nice, so many fails and nice low level technical details. Loved it. Also the parts about cipher cracking were absolutely amazing. Now it's not some random light talk, it's hardcore talk with facts! One of the insightful comments about privacy and anonymity was that don't try to do online banking over Tor or shady anonymous VPN service providers, because you'll account will very likely end up being locked down. When hardware must just work talk was awesome including testing schemes, emulation, simulation, etc. Lovely! Fixing and working around silicon issues. Not my field, so I really enjoyed the talk, even I guess the stuff is pretty obvious for people working in the field. rad1o++ - HackRF, looked like a really nice device. Nokia 6100 display lol. Unfortunately I don't have time to play with one. The Iridium update visualizations were just simply beautiful. Data with IMEI only, hmm.  This is good stuff, this is awesome talk. I love it! The packet details etc. Packet analysis was truly awesome. <3 Yep. Uncrypted, etc, very old tech from 1990s.This talk is pure love. Satellite Interception System (ISI). Wormholing & Time Traveling was also awesome. Cool NFC attacks! Concept of Friendly Jamming was also nice. Seeing with Wi-Fi 2.4GHz Radar, Covert Channels, Information Hiding, Confidentiality, Transmitter Fingerprinting, nothing new. Antenna wars. Firewall Ruleset Verification was nice too. Spoofing protection. Talk about fake Mega Corps was really nice. I didn't know that sites like that are hunted down. Isn't that evil? Electronic Emergency Brake Light as Vechile2Vechicle Communication based on IEEE 802.11p. Message Routing, Awareness based communication,  Ha. Just so basic stuff, all these considerations need to be done whenever building whatever P2P network. ETSI + SAE & ISO/IEC. The proposed Security & Privacy solution with all certificates and cert chaining & cross validation does look really vulnerable. I just wonder what kind of fun hackers can have with V2V comms. GeoNetworking, BTP, CAM, DENM. Car 2 Car communication consortium. Collective Perception. Rowhammer talk was nice, memory bit flip modification using row hammering, cache attacks. LRU cache eviction, bitflip, Graphs, Drones, Phones, Tagging, Tracking and Locating (TTL). Strategic Big Data Meets Social. Target Development and Discovery utilizing network graph analysis. After this social analysis, it's able to profile these potential suspects. Counterinsurgency manual and insurgents strategy manual, graph density shift based on actions taken aka shaping operations. Starting point for the analysis is known targets and contacts. All of this stuff actually does also directly apply to any mesh style P2P network. Goal is to implement fragility into the network structure. Palantir, Scale, Speed, Agility. Many military drones carry electronic eavesdropping equipment collecting and targeting different sources. Highly targeted weapons WID (Weapons of Individual Destruction). This is also awesome direction, when we're going to see smaller attack hunter-killer drones, which strike selectively on listed individuals. Nothing new, if you have watched Ghost in the Shell The New movie. Anti-radiation missiles (HARM, AARGM), Encryption keys, entropy, random, random number generation, unpredictable numbers, CSPRNG, cryptographically secure pseudo-random number generator. Just telling here that a Threefish cipher is based on tweakable Skein hash. Entropy pool. Uh, long talk about /dev/random and /dev/urandom difference, shouldn't be that hard. Hardware True Random Number Generators, TRNG or HWRNG. Or like Intel RDRAND.

32C3, GDPR, OpSec, Data Compression, CLTV, Identifi, Brotli, NTFS-3g, fsck

posted Jan 30, 2016, 2:15 AM by Sami Lehtinen   [ updated Jan 30, 2016, 2:20 AM ]

  • Listened several 32C3 presentations CCC. Great questions like value of anonymous communication. Aren't 100% of anonymous users just jerks and trolls? Lot of content about underground... Forums, Security, Privacy, Tor, Wikipedia, Trolling, Doxing, Threats, Vandalism, De-anonymization, Surveillance, Loss of Privacy, Harassment, Intimidation, Safety, Reputation, Contextual Cues. No surprises on that list, all of those are real threats and actually cause chilling effects and participation moderation. Which only means that threats and intimidation do work. One of most interesting points was what I've brought up several times. Most of de.anomyization was done using contextual queues. Which means that even if technology would be untraceable and perfectly anonymous, the content will still reveal your identity, unless exceptionally good OpSec hygiene is being maintained. What does Big Brother see while he is watching was also pretty nice, yet nothing surprising there. The Thunderstrike video made the old facts clear, there's no such thing as secure system, there are just tons of different ways in, even if the system is air gapped.
  • Checked out New EU General Data Protection Regulation (GDPR)
  • Read a few quite long OpSec & Tradecraft articles. "Cryptography is only as good as it’s user in many cases." most of people can be easily tricked to fail even if the crypto itself would be solid. Here's excellent basic checklist about secure communications. As said, in many cases cryptography only solves the first issue on the list, indirectly solving the case 2. But most of people completely forget points 3. and 4. Btw. This isn't anything new Internet hype stuff. This is the basic stuff spies and agents have had to deal for centuries. Yep, nothing new.
  • Some people claim that zipping a zip doesn't improve compression. Well well, that depends. Actually zipping a zip is beneficial in certain circumstances. Standard zip does not use solid compression. So compression dictionary is created separately for each file. Which means that if you're compressing a large number of files which have quite similar content and are somewhat small, using double zip construction can save a lot of space. As example source code, HTML, JSON and such quite similar ad often pretty small text files are a great example for that. As well as filenames and similar control stuff (metadata) is in uncompressed format, which can also be compressed when compressing again. It's so easy to demonstrate that I had to do it just for fun. 10000 x 4096 byte files compressed using zip into one zip file results as 1637802 bytes. And then re-compressing that zip again with zip leads to zip file only with 79992 bytes. 95% compression improvement on next iteration. I've observed this so many times when compressing web sites, logs, source code, mail dirs, file based queues and almost anything which comes in multiple smallish files. This is also one of the reasons why .tar.gz might end up being compressed much better than .zip file. With the sample case above .tar.gz results as 171578 bytes, using only one compression round.
  • Talked with fiends about Bitcoin and what kind of benefits CLTV is bringing and if it's any better than PoB and in what kind of circumstances.
  • Listened: Tim Pastoor: Rethinking Identity As A Decentralized Web Of Trust With Identifi.
  • Played a little with Brotli compression. Browsers are going to support it soon, and some already do (Firefox). So I know where and when to use it, when required. Brotli offers better compression than zlib, faster decoding, but uses more cpu time when compressing and potentially a lot more memory up to 16 megabytes unless limited otherwise. Here's also a comparison Brotli against other alternatives.
  • Something different: Reread article about Falcon Heavy.
  • Had NTFS corruption issue on Linux when using NTFS-3g. I used ntfsfix and after that some files got cross-linked content. Ouch! I thought that only happens with FAT volumes. Very serious issue. Now I can't trust the volume content anymore. This is especially annoying if you're not just transporting data, but you've got a master on a system which is partially corrupted. It's so easy to miss hidden corruption and it might take quite a while to notice it and then it's often easily way too late. I also got some of my git repos messed up with that same mess. Luckily it way just to delete stuff and clone it back. git fsck also showed that stuff was seriously messed up on that volume. Somebody dared to ask if I did run ntfsfix on mounted volume, well of course I didn't. But it's good think to check, eh. Now I'm using ext4 instead of NTFS to avoid future incidents.
Here's a dump from chkdsk finally using Windows:

The type of the file system is NTFS.
Volume label is ...

Stage 1: Examining basic file system structure ...
  7824 file records processed.
File verification completed.
  45 large file records processed.
  0 bad file records processed.

Stage 2: Examining file name linkage ...
Deleting index entry defff51aa0c0f7e3a639b30983192a8a1d4fd2 in index $I30 of file 460.
  11358 index entries processed.
Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
Recovering orphaned file 4ee2f09061fe8e15783d656d706d8a6ef96026 (461) into directory file 460.
Recovering orphaned file bb8e9f0d2ed843254f2c1f6e214652622bf97c (463) into directory file 460.
  3 unindexed files scanned.
Recovering orphaned file 840d840e78b4225ebac85e6a2db04b80831318 (4161) into directory file 460.
  3 unindexed files recovered to original directory.
  0 unindexed files recovered to lost and found.

Stage 3: Examining security descriptors ...
Security descriptor verification completed.
  1767 data files processed.
Correcting errors in the Volume Bitmap.

Windows has made corrections to the file system.
No further action is required.

   7823056 KB total disk space.
    836460 KB in 5114 files.
      2252 KB in 1769 indexes.
         0 KB in bad sectors.
     22144 KB in use by the system.
     13376 KB occupied by the log file.
   6962200 KB available on disk.

      4096 bytes in each allocation unit.
   1955764 total allocation units on disk.
   1740550 allocation units available on disk.

Integration, Trust, Cypherpunks, Entropy, Confidential, DHT, Reputation, Identities, Monitoring, Signatures

posted Jan 29, 2016, 8:08 AM by Sami Lehtinen   [ updated Jan 29, 2016, 8:09 AM ]

  • The usual integration stuff, table renames, missing access rights, constant tuning of message structures. Such a joy, but we'll get the job done. References to data which is actually missing.
  • I've considered these reputation and trust issues many times when doing some some deals. My personal risk rating was directly what I'm worth as a partner to the counter party. If I know I'm a valuable contact, they've got a less interest to screw me. That also means that if I start from zero trust it means that I'm going to have several iterations with growing trade amount, just like TCP window scaling works. ;) If there's any problem, then I'll just step down the deal and retry. I'm always ready to accept risk of packet loss.
  • So much discussion about intelligence agencies, OpSec, corporate and enterprise security as well as small underground groups, secure / dead drops, and so on. We're living interesting times. Does NSA know who Satoshi is? Are underground cypherpunks everywhere?
  • Does revealing your password length make password less secure? Of course it does, but just a very little. If I tell that I prefer to use 32 character random password, will it make you able to crack it? Well, you can always try it. Just good luck figuring out: C+MRVubmZ^_p#rYZAcNb55LDdPd@W字Zb - Yeah, does that make you think I'll prefer Chinese with Unicode point words? Maybe, maybe not. Unicode is huge space, what I'm I'm using a random code point? Just think about it. Actually battery correct stable horse can be presented in much more compact format. 電池正確穩定的馬 - Yep, that's only 8 characters long, but got at least the same amount of entropy in it.
  • You know, even if I post a lot of stuff. I've never leaked anything which is considered to be confidential. I've also reminding people and colleagues about OpSec and privacy all the time. As well as many of my posts are intentionally very vagues or ambiguous on purpose. Even if my stuff seems pretty random at times, I'm still maintaining high professional ethics. Confidential is confidential and trues secrets I really don't know anything about, I guess I've forgotten. Usually I'll decide right at the time, I've never heard about it. I just seems that I can't really recall any of such occasions. I'm loyal to contracts that I've made, as well as I'll also highly value any agreements I'm agreed to even if not documented, I like to be respected. Does that make a person a threat or asset? That's a great question? I really really don't know answer to that. Maybe someone does?
  • Long discussions about what is DHT and what it requires? Does DHT require a 'network support'? AFAIK it doesn't. I think it's enough that the network NODES do support DHT, there's not requirement for the network, except as it being able to 'address the nodes and route traffic'.
  • I've considered these reputation and trust issues many times when doing some untrusted deals with more or less anonymous counter parties. My personal risk rating was directly comparable to what I'm worth as a partner to the counter party. If I know I'm a valuable contact, they've got a less interest to screw me. If I start from zero trust, then I'm going just to have a several iterations with growing trade value, just like TCP window scaling works. If there's any problem, then I'll just step down the trade value and retry. I'm always ready to accept the risk of packet loss.
  • It's a good idea to rotate pseudonymous identities. Even if it leads to loss of earned reputation. That's worth of it, if you want to maintain reasonable privacy.
  • NSA's bulk data collection is the key here. They might not know now which data will be important in year. If you collect all data, you'll be able to dig through it later.
  • I also think that intelligence agencies got a secondary problem. They're very eager to keep their capability secret. Which means a lot of data which they collect can't be actually used. Actually it's quite funny to see targeted raids / checks to fail. Because it seems that they might not had enough data after all. I've been in that kind of situation a few times personally. Where it has been clear that they've got some data on me, but then they've done targeted check (attack) and found nothing. They've known that if they would have had enough (all) data. But what about double construction?
  • During wars it was quite common that they could have had information about coming devastating attack, but if they would have acted on it, it could have endangered the intelligence resources / capability / contacts / sources, which meant that the couldn't make any warning about the incoming attack.
  • Finland is trying to pass legalization for 'pervasive Internet monitoring' of course based on the current EU security crisis. Well, the sad thing is that it probably would not work on a certain group of threats, where the people are extremely intelligence and forensics aware.
  • When rotating identities I'm making sure that I can't reuse the old identity even if I wanted to. Why? Well, in that case I can't be tricked to reveal my-self. It's gone and gone for good. Whatever might be lost with it, is acceptable. If required, I could maybe generate new key pair and send the new key signed with the old key. But that's only with very rare cases. When communicating about certain things I always maintain strong pseudonymous identity or identities / contact. I can at any point prove it's me, if I just want to. But I prefer staying pseudonymous. Some people claimed it's stupid to post signed messages. But the reason for posting signed messages is not that they can verify the signature. The point is that I can easily prove that I posted the messages, if I just want to do so.

pyodbc, backdoors, RESTful, SaaS, Hexadecimal, Hackers, TinyDB, Buzhug

posted Jan 28, 2016, 8:31 AM by Sami Lehtinen   [ updated Jan 28, 2016, 8:32 AM ]

  • I've noticed multiple scenarios with pyodbc where something really nasty happens. It's possible to crash the database engine and or the application calling pyodbc. I just wonder if any of those could be escalated into security problems and exploits? Anyway potential DoS is alone bad enough.
  • Backdoored backdoor - Really nice analysis. That clearly shows how hard security is.
  • I'm still very negatively impressed by so many sales persons. I wonder how they manage to be so full of .... It's amazing. What I want, I want a good product, good price and fast delivery. No matter what it is about. Somehow it reminds me from the pitching talks and start-ups. This is so awesome, cool and does everything you want, now give us 10 millions. What it is about? Well, this is amazing, you'll be surprised, but it's kind of secretive business so... Yawn.
  • What RESTful actually means? - Excellent post. I've been also wondering this hype several times. Especially I didn't like that leetness about post, get, put, delete usage. Does it really matter? I've been doing usually as versatile and simple code as possible and I find that separation just restricting. Basically you could get all that easily done with post alone. But we all already know that. Link to this page will clarify this out or maybe not.
  • Once again more discussion about software testing, and how often testing lacks proper load testing etc. It's just tested with minimal data set which it seems to work with. But in that case you're probably expecting issues in production. Unless you know your tools very well.
  • Analysis of 205 SaaS businesses - Awesome reading. Yet nothing surprising as far as I figured out.
  • Why did the guy in Martian movie use hexadecimal? I would surely have implemented more efficient encoding method. Hex for text is utter waste of code space. As well as it requires at least two code points / letter, which is horrible. In most of cases also separating between capital and lowercase letters is huge waste of comm resources if that's not useful for the use case. It's also nice that they'll get near real-time chat over the links, where single letters are being transmitted. That's also huge waste of resources. Haven't they really ever used packet radio? Even most of IM apps do not transmit in real-time because it uses up resources. Yet when chatting with ridiculously slow writers it would be awesome. Because I could reply before they even finish their messages. Ha. That's why I loved HS/Link real-time chat as well as split screen chats with BBS admins / SYSOPs. Limited code space makes also memorization easy. Who doesn't remember something like telephone keypad? It's not perfect, but as T9 has shown, it's reasonably easy to decode with natural language. Yet if hex is being used it's good to remember 0x41 or 65 so you can create the most important mapping table from memory or even do without it. Remembering also basic ciphers and creating required tools for those like Playfair cipher and creating The Vigenère square can be very useful in some case. Yet it might be better in some situations not to get caught using tools like that and preferring in memory mapping. As well as using steganography as primary tool to hide the cipher text. Also having a fixed codebook can be highly beneficial, it helps a little with hiding the content, but even more compressing it working as shared dictionary compression. One important thing is also being able to make a light encryption or which could be called nowadays classic encryption and in modern terms more like obfuscation. Which is trival to crack with right tools and for right people, but it still will easily keep the content for huge majority of population.
  • Hackers relaxing during vacations? Nope. As far as I've seen, attack just get much worse during vacations? Why? Well, they know that nobody bothers to fix their systems during vacations. So they might much better peace working with systems, just like any other burglarian would do.
  • Checked out and played a little with TinyDB and Buzhug. Yet TinyDB is useful, it's not for me. My basic requirements are indexing and transaction safety. Even if I'm usually dealing with small databases, in range of a few gigabytes and only tens of millions of rows, I still can't accept lack of those two absolutely vital things. It's also likely that if there isn't proper transaction support, data integrity could be also at very real risk. And I'm not just now meaning transaction safety alone, I mean it could get corrupted because the ordered execution of stores might not be throughly thought out. For small data sets which are processed in batches, I still prefer the very old fashioned style, where I read the stuff into memory, process it, and then safely write back to disk and rename back to replace the original data. That's atomic and safe. If it fails, so what, it can be retried later. When the saving is done with proper synchronization then it's pretty safe. I might also save a number of previous verified to be correct data sets if data is so important that it's worth of it.

I2P, Tor, ScreenOS, Tablets, DB, lenc, Blockchain, Duplicati, Backups

posted Jan 23, 2016, 9:12 PM by Sami Lehtinen   [ updated Jan 23, 2016, 9:12 PM ]

  • Had very long discussion with a group about routing traffic over I2P and or Tor when required. As well as what kind of requirements using I2P or Tor sets for the application utilizing that anonymization layer. Running apps which aren't designed for anonymity over anonymizing layer is usually a very bad idea, because many protocols leak more or less information.
  • Helped a friend to setup a dedicated server in central Europe for one of his projects. Actually it was quite a swift thing. Order, quick delivery, and all the standard configuration stuff took less than 4 hours. That's the way to do it. With some service providers it takes 4 weeks to get an offer about a server. Lulz. I'm still eagerly waiting Hetzner's Finland DC. Some customers require server in Finland.
  • This Juniper ScreenOS backdoor doesn't surprise me at all. I've earlier written that it's really strange that WatchGuard requires detailed information about the 'target' where their firewalls are being used. Isn't it awesome. I want a list where firewalls are protecting nuclear facilities, I want a list of firewalls used in chemical weapons production or other military manufacturing, development, planning and testing. That's a dream or a nightmare, depending who we are asking and if they have access to that database and if they are 'our' allies. I was immediately alarmed when I did see that questionnaire first time. International high tech & military espionage, business as usual (?), yeah, I guess it is. It can be for sure even more profitable than selling the products alone? Maybe they'll be giving free devices for strategic targets in future? (Note, those entries aren't directly from WatchGuard list, but it did list especially important environments. I could check the exact list one day, if I just would care enough).
  • Checked out few rugged heavy duty tablets which can be used for business use in stores and warehouses. In many cases rugged models are so much heavier and more expensive, that it's just better to use consumer models and have a few extra ones immediately available if the device in use breaks down.
  • Now one project supports directly three different storage engines. You can use MongoDB, PostgreSQL and SQLite3 with it. It's just up to you which option you prefer in your environment. For testing and development SQLite3 is just awesome. For serious production other alternatives options are naturally better.
  • More discussion about on-line anonymity and how incredibly it is. There are just so many ways which can get you busted, even if the tool used for anonymization itself would be airtight. Some people (not me), seem to be very worried about bitcoin and online trade anonymity and security. As well as think differently what kind of measures should be used to form totally anonymous and untrackable but yet reputable identity. We know that this ID XXX can be trusted, but we don't know who's the person or group behind that identity. As well as can be trusted to what degree is awesome question.
  • OVH sponsors Let's Encrypt. This is something which every service provider should provide as default nowadays. Free by default on SSL for everyone. I see very little reason to disable that. But many service providers make it pretty expensive now if you want to use SSL, which isn't of course optimal. This is also the reason why there are tons of sites without SSL which really should use SSL.
  • I'm at times baffled by all this Blockchain talk. Blockchain isn't anything new, it has been official documented in 1981 by FIPS. With all this hype, there are also people who clearly misunderstand it. Technically it's very simple and nothing special at all. I personally find Merkle Tree more interesting than Blockchain, even if it's almost the same thing. Even old projects like Freenet use Merkle Tree as inodes to store data in blocks, etc. All very basic computer science stuff.
  • Duplicati - I'm still annoyed, why it has been designed so badly. There are only two bad options. 1. Command-Line version offers absolutely horrible experience for most of admins, which do not understand it's complexity at all. 2. GUI version doesn't notify at all when it's ready. It just needs to be killed using timer. Both options really suck. 3. I'll make my own code which accesses Duplicati database directly to figure out when it's done and then kills the process. Yeah, really moronic approach, but works. I hate this stuff. - After all I got so annoyed I wrote my own code which check the Duplicati database for running tasks and when it's completed tasks I've given, kills the process. How about just allowing --exit-when-done or something? No? Ok, then let's do it my way. - Let's just hope that the Duplicati 2.0 get's production ready. It's block store is also much improved, yet not generational, like I've posted earlier. I also don't like it's using the .NET but doesn't really matter, if I need it, then I'll use it.
  • First set database in backup mode, read last log id, then launch Duplicati, then check if the Duplicati has finished (from it's database task queue) when finished, unset the database backup mode, kill the Duplicati process and then dump new Duplicati log from it's database to the backup system log. - Works, Awesome. It took about two hours to get this done. But I just wish it wouldn't be this complex. But I got it done anyway.
Example Backup process log with very small test database.
Libs used: os, sys, sqlite3, traceback, configparser, logging, subprocess, ctypes, time
Example from actual logging, a few parts are redacted.

2015-12-23 08:53:41,734: *** Process started ***
2015-12-23 08:53:41,734: Reading configuration from config.ini
2015-12-23 08:53:41,750: Decrypting the database, if required
2015-12-23 08:53:56,766: Initiating database backup mode
2015-12-23 08:54:01,860: Success database backup mode active
2015-12-23 08:54:01,860: Getting last log id from DB
2015-12-23 08:54:01,860: Launching Duplicati
2015-12-23 08:54:01,860: Waiting for a while
2015-12-23 08:54:16,862: Starting Duplicati status checks
2015-12-23 08:54:33,825: Checking Duplicati status
2015-12-23 08:55:01,862: Duplicati Backup process finished
2015-12-23 08:55:01,862: Shutting down Duplicati
2015-12-23 08:55:01,862: Terminating database backup mode
2015-12-23 08:55:01,878: Duplicati log entries:
BackupType      : Incremental
[rest of log redacted]
2015-12-23 08:55:01,894: Everything done, Clean exit

Added notes: Actually from those time stamps you can see how much my blog is lagging with huge backlog. Well well. I'll try to catch up and post 1-2 posts / week.

1-10 of 319