Security Now 336
Recorded: January 18, 2012
Published: January 18, 2012
Duration: 96 mins.
- 1 Security Now 336: Your Questions, Steve's Answers #135
- 1.1 News & Errata
- 1.2 Spinrite Story - Sasha
- 1.3 Questions & Answers
- 1.3.1 Question: [ 01 ] - Robert Van Etta
- 1.3.2 Question: [ 02 ] - Robert Callaghan
- 1.3.3 Question: [ 03 ] - Brian
- 1.3.4 Question: [ 04 ] - Opher Banarie
- 1.3.5 Question: [ 05 ] - Paul Brown @brownmeister
- 1.3.6 Question: [ 06 ] - Isaac Hanna @issacrhanna
- 1.3.7 Question: [ 07 ] - Joseph
- 1.3.8 Question: [ 08 ] - Steven McDonald
- 1.3.9 Question: [ 09 ] - Andrew Mason
- 1.3.10 Question: [ 10 ] - Mark White
- 1.3.11 Question: [ 11 ] - John J. Jobst
- 1.3.12 Question: [ 12 ] - Dan
- 2 Sponsors
- 3 Production Information
Security Now 336: Your Questions, Steve's Answers #135
News & Errata
- Next week will go into better detail of the WPS problem, as well as how it attempts to use zero-knowledge proofs and mutual simultaneous authentication and why it still doesn't work.
- Microsoft second Tuesday patches fix BEAST problem
- Adobe patched issues in reader and flash
- Oracle released their quarterly update fixing 78 MySQL problems, including a vulnerability which could be exploited remotely without login credentials.
- Slow Motion Denial of Service Attacks, setting a very low buffer window when connecting to force servers to send data very slowly. Holding the connections open abuses the resources needed to have a connection on the server.
ARS Technica Article
- The Air Force which was running a drone system and was hacked because it was running Windows, is now moving to Linux.
- Zappos was hit by a major database breach, losing control of names, emails, password hashes, and in some cases the last 4 digits of their credit card.
Information Week Article
- More tools appearing with regard to the WPS problem, including Reaver Pro, WPScan, and WPSpy.
- Some routers are now moving to make WPS disabled by default.
- SOPA/PIPA trying to legislate DNS spoofing, that would lead to many security problems, also DNSSEC prevents exactly this from being possible.
Spinrite Story - Sasha
Greetings. I am super new to your show. Not new to your page, having used your ShieldsUP! service way, way, way back when you first made it. Loved your sci-fi podcast show. I started listening/watching actually your and Leo's show a few months ago and love it. It will take me forever to go through them all. My rant is about your SpinRite page. I hear all the cool stories and testimonials and want to use it so bad. But I can't get what it does, exactly.
Is it a disk backup tool? Can it be used for that? Is it a disk fix tool? Disk format tool? Disk defragmenting tool? What exactly does it do?
I have a complaint about your demo videos where you assume we all know it and simply talk about how good it is instead of actually showing one example, even, of what it can. So if you can talk more about this, possibly a few minutes on the show, I know people will think it is made up to increase your exposure time. But don't just assume we've all been listening to Security Now! forever. Thanks for this, and thanks for everything. You and Leo are awesome.
Love you guys. Sasha.
Questions & Answers
Question: [ 01 ] - Robert Van Etta
I just wanted to point out how seemingly small changes by commercial organizations have broken the Internet in the past. In 2003 VeriSign introduced something they called "Site Finder." Instead of simply returning a host-not-found type response, VeriSign used wildcards on the .com and .net TLDs to direct users to their own servers. Needless to say, this broke several services that relied on receiving proper DNS responses. And just like the response to the SOPA, there was significant public outcry. Rob.
Remember this? We talked about it. So if you entered, mistyped something, it would go back to a VeriSign server, and they of course would give you an ad, in effect. They'd give you search results and an ad. Yeah, they were trying to monetize your mistakes. And in fact VeriSign backed down. So they keep trying to do this kind of crap, for whatever reason.
Question: [ 02 ] - Robert Callaghan
My router has two modes for WPS, the PIN mode and the Push Button mode. The Push Button mode has a two-minute window before it shuts down. Is this second mode secure?
Okay. It's way more secure. Well, it's way more secure because it only - it is a different four-digit PIN every time. And I guess he didn't say that. He says a Push Button with a two-minute window before it shuts down. The Push Button mode is a four-digit PIN which is different every time it's used, and it only lasts for two minutes. So that mode is more secure. But as we know, the standard eight-digit PIN mode is not secure. Both in the mailbag that I encountered and also some of our topnotch cryptographic security guys who hang out over in the GRC newsgroup, they did some math. And it was interesting to see what happens just with anything that's four digits.
Four digits, as we know, gives you from 0000 to 9999. So that's 10,000 possibilities. Well, so a single guess, a single random guess has a one in 10,000 chance of succeeding. It is surprising how quickly the probability of guessing once right goes up as you get more guesses. Which is to say that, even in the eight-digit case, where you're trying to guess the first four digits and not guessing correctly, it's surprising, if you're able to guess at even a rate of a couple a minute, how quickly the chances of one right guess are. The takeaway from this is four digits is just not enough. One in 10,000 is not enough if someone is going to be allowed to guess for any length of time.
Question: [ 03 ] - Brian
I was enjoying the podcast on WPS, found the information very helpful, a bit scary. I admit I have always disliked the option of using WPS. I even tell our customers at our store to avoid using it, opting instead to promote a correctly secured network, even if that means going over to the house and setting it up for them. Your closing thoughts were on Apple AirPort and the question we had in our mind of whether it supports WPS. It does, and has since WPS first came out. Its implementation is a bit different, though, as the base station requires that you tell it to accept a new connection from the AirPort utility in Windows or on a Mac and not with just a button press. I prefer this idea as, no matter how much someone was to knock on the door of the network, only I can open it. Thanks for the great podcast! Brian.
So if your neighbor's trying to break into your AirPort, he's got to wait until you say to the AirPort, okay, let's do this thing. Which, if you've already set it up, you probably never will do. So here's how you do it. You go into the AirPort Utility. You pick the base station you'd like to have your device join. Then from the base station menu you pick "Add Wireless Clients."
Your next choice is to connect by PIN or First Attempt. If you choose a PIN, you enter the PIN of a device connecting, as the Apple base station does not have a printed PIN. When you choose First Attempt, you are then given a screen that shows you the description and MAC address of the device that's trying to connect, which means you can reject the connection if the bad guy was nearby just waiting for you to turn it on.
Lastly, for both options you can add a restriction of limiting the access to a 24-hour time limit. So this is actually kind of handy if a neighbor comes over, a friend comes over, wants to get on. You could set it up very quickly. But you can have it automatically turn off in 24 hours.
Apple just did it right. They really did. I mean, the other aspect of this that people have commented on is that, if someone came over, and you wanted to let them get on your network that time, and you had a static PIN on your router, well, they know your eight-digit PIN now, exactly, forever. So they could get on even if you didn't want them to get on at some point in the future.
Question: [ 04 ] - Opher Banarie
Hello Steve - I've enjoyed Security Now! since #1 and hope you and Leo go on for another 20 to 30 years.
You mentioned the flashing lights on the panels behind you and that reminded me of a planned corporate video about our data center. Since I was the system administrator, the HR (Human Resources) folks, who wanted the video to show new employees, sent me the script for review and comments. So here are some excerpts from the script... and my comments:
1: Zoom in on flashing lights.
Our system has one flashing light. It tells the operator the system crashed. We hope never to see it flashing.
2: Show spinning tape reels.
Our tape drive is behind opaque doors, so no reels are visible.
3: Show rapid motion of disk drive heads.
Our disk drives are sealed and no motion can be detected.
4: Show tracking high-speed printer.
Our high-speed laser printer doesn't have a print head. You could show the paper coming out, but it looks just like a photocopier.
5: Show punch card in action.
We haven't had a card punch for at least 20 years. Maybe 30, in fact.
Needless to say, the video was never produced. Oh, how computers have changed. Opher Banarie, Burbank, California, happy SpinRite owner.
So those blinking lights behind Steve go back to the punch, almost to the punch card era. Yeah, and today they're in black-and-white, even. Yeah, they look like they belong there. I got a kick out of his post and this script that HR said they wanted for their video because it reminded me, computers used to be physical. They took a lot of space. You were in their presence; and, like, stuff was happening. I mean, all of the classic sci-fi movies with the reels and spinning back and forth and banks of lights. And I love that he says, "Show the high-speed printer running." He says, well, it just kind of looks like a photocopier. And it's true. And I guess I feel a little bit the way people probably who are car enthusiasts used to feel because it's been taken away from us. Now it's just all in a black box. But it's just changed. Now we just don't have - you're not in the physical presence of a computer. It's like, eh, yeah, here's my phone. It's my iPad. It's my whatever.
Question: [ 05 ] - Paul Brown @brownmeister
In Security Now! you mentioned you have a four-disk RAID 6. Wouldn't it be better to use RAID 1/0 as it's three times faster at writes? Why do you use RAID 6, Steve? Answer:
Many people picked up on that, so I just wanted to comment. And others said, well, use RAID 10. RAID 10, as the digits look, is actually a combination of one and zero. Those, zero and one are the lowest level of RAID architecture. Zero is just striping, where you span two drives. And one is mirroring, where you record the same thing on two drives. So RAID 10, which is what a number of people suggested, and probably what Paul actually meant, is both. You're spanning drives for size and then mirroring that span onto another pair for redundancy. So you end up with twice the amount of storage of a size of a single drive.
What RAID 6 does is, given any number of drives, rather than you having a single parity drive, which is what RAID 5 gives you, you have two parity drives, which is RAID 6. And so what this means in practice is that any two drives could fail - or actually, more properly stated, the same spot on any two drives could be unreadable, and you still recover the data despite that. So the benefit of that, for example, over RAID 10 is that, if a particular two spots died on either of two drives, you're in trouble. So RAID 6 gives you the same amount of storage, that is, you end up - in my case, with a four-disk RAID 6, I end up with twice the storage of a single drive, but double redundancy, not just redundancy where any spot can be read, can be figured out from the remaining drives, but any two of the same area anywhere in all the drives could die, and I'd still get it.
So it's just more redundancy. There's a little more overhead, and people have commented that computing the parity takes time. I'm using a very fast physical hardware RAID controller, and it's got a big buffer that I'm using with battery backup, and it's a write-back cache, so I only have to write to the physical media. If the data in the cache is about to be overwritten, then it writes that back to the drive. So data which is changing often stays in the cache and never even gets written to the drive. So it's very fast because it's got a big cache, megabytes, I think it's maybe 8 or 16MB of cache. It's lots of cache, maybe even more, I've forgotten now. And so I don't see much write time. But a web server is doing much more reading than writing. And in fact my whole website lives in RAM because, remember. Yeah, it does. The actual - I looked the other day, after you and I talked about it, Leo. I have less than 10GB for the entire partition. I mean, the partition itself is 10GB. I'm using four for the data storage of the server, including the web server and the entire site. So that's how lean GRC is. GRC ends up loading up into RAM, and then it's just being served out of the cache during the day.
You don't have a lot of pictures on GRC.
Don't have a lot, no. And actually the media is on a separate - is on a sort of partition. And that's, for example, all of the 16Kb versions of the podcast are all on - are not in that same partition. So anyway, RAID 6 is just, for someone who really never ever ever wants to think about their system. I did an actual reboot of the server a week and a half ago because there was something funky going on with our eCommerce, and I wanted to make sure that it was them and not us. I hadn't rebooted for years. That thing is so stable I never reboot it. And I looked at the up time, and it's like, oh, okay, well, it'd probably be good to do it just to dust it off a little bit. So, yeah, very stable.
Question: [ 06 ] - Isaac Hanna @issacrhanna
Any chance you could offer more info on the problem with full-disk encryption and SSDs?
This is actually a great question that you and I emailed about some months ago because somebody asked about it. And we ended up getting Allyn Malventano on the line. It's very interesting. And also the issue of deleting stuff on SSDs. TrueCrypt points out that any device that implements wear leveling, which an SSD does, is vulnerable to attack. You could see that on the TrueCrypt site. So can we do full-disk encryption on SSDs?
Oh, absolutely. And there's no reason not to. The concern is, and this is what the TrueCrypt site mentions, is that if you add full-disk encryption after you have already recorded sensitive data, you cannot absolutely know that the sensitive data wasn't spared out due to wear leveling and not overwritten. So it's very much like the sector sparing I talked about a minute ago with SpinRite, where SpinRite sees a sector having problems, it'll take it out of use and swap in a different one. Well, that out-of-use sector is still physically there. The good news is it's probably hard to read, so that would slow the bad guys down, or the NSA, or the CIA or whatever IA.
So the problem is worse with SSDs because there they may be deliberately remapping on the fly, not just bad areas, but wear leveling deliberately tries not to write to the same spot over and over and over. So TrueCrypt will read a chunk of plain text which is not encrypted, run its encryption algorithm, and write it back to what is logically the place it just got it from. But wear leveling may intercept that so that it's written to physically a different location. So what you encrypted will be read back encrypted, except that it didn't overwrite the plain text of it.
So the lesson is, if you're really concerned about the safety of SSD-based TrueCrypt-style full-drive encryption, install TrueCrypt before first use. That is to say, as long as you have put TrueCrypt on a blank drive, then dump all your valuables on, you're fine. But adding it when you've already got sensitive data on the SSD, that's where the concern is.
You cannot know, wear leveling prevents you from knowing that you actually overwrote the sensitive data with its encrypted version.
Question: [ 07 ] - Joseph
I've finished listening to the WPS podcast. As usual, great job of exercising my brain while I exercise my butt at the gym. Of course my Linksys router has the WPS button and no way to disable it. But since I trust no one, I have configured the router to allow only whitelisted WiFi MAC addresses to access the router because I was concerned that WPA would be one day hacked.
Do you think that whitelisting MAC addresses is enough to make my WiFi router WPS hack-proof until the firmware is updated? I'd also be very curious whether the WPS spec automatically whitelists MAC addresses for convenience, as well. Thanks again, Joseph.
So the WPS spec does not address MAC addresses at all. And unfortunately, MAC address whitelisting is not safe, ever safe, actually. Well, the only thing it was useful for is if you wanted to prevent mistaken use of your access point.
Or casual snoops, people who didn't have any skills.
And for whatever reason you did not want to use encryption. So if you wanted to have a non-encrypted access point, but didn't want someone using your access point by mistake, then MAC address filtering would prevent the access point from using the traffic. It doesn't prevent bad guys because the MAC addresses are in the air. They are never encrypted. Even if you've got encryption on your network, the MAC address, it's the way the packets get from point A to point B because we're talking about wireless Ethernet.
And so MAC addresses are Ethernet addressing. They cannot be encrypted. They have to be - essentially they're the outer envelope. They're the addressing of the packet. The packet's contents, the envelope's contents, can be encrypted. The outside can't. Which means that a determined hacker could simply watch your wireless network traffic, see the MAC addresses which are being accepted by your access point, and then clone the MAC address for their own use; and it, too, would be accepted by your access point.
It's just amazing how this MAC address filtering will not die. There's still a guy in the chatroom says, well, it's a useful tool. It's not. It's not. It doesn't do anything. Not a useful tool. The only, yeah, it's useful in this weird situation Steve mentioned where, if you don't want somebody accidentally to use your unencrypted WiFi, I guess it might slow them down.
So I'll say it again. Because you said it, but I'm going to say it again because this doesn't sink in. Doesn't do nothin'. The MAC address is floating through the air all the time unencrypted, no matter what, easy to capture, easy to spoof. You can do it yourself in your own router. You'll have a setting that says, "What MAC address would you like to be using today?"
Question: [ 08 ] - Steven McDonald
Precisely. Precisely. So if you've got scripting disabled, you're probably already clued in to the fundamental problems that this day is dedicated to educating people about.
I would think so because you see it briefly, then the black page comes up. And they could certainly have done it differently. So to me it does seem like sort of a soft shutdown. They could have just done - just redirected anything to a page, and you would have never been able to go any further. And I'm thankful. I used it already this morning.
You know, it really is dramatic. I think of all the sites that could go dark, that is the most dramatically effective because we do, we use it. And by the way, I hope people donated when they were asking for money. It's not too late. You can always donate. I donate every year a considerable amount of money to Wikipedia because it is the single most useful thing on the Internet. If you had to pick one thing. Just fantastic. By the way, NoScript also works to remove the black-and-white and make this show in color. Just in case you want to try that.
Question: [ 09 ] - Andrew Mason
Steve, a few episodes ago someone asked a question about your assembly code being open source, and I was slightly disappointed in your response as it failed to mention open source isn't really about the visibility of the source code. It's about the license. Just because I can read your source code doesn't mean I'm allowed to do anything with it. Open source licenses list a set of rights that go along - and responsibilities that go along with that source code. Thanks for a great show. Andrew.
Most of my things it just sort of doesn't make sense. And there is a security side. I mean, I didn't open source, for example, the DNS benchmarking tool because it would make it really easy for bad guys to create evil versions of it that look just like mine and that could fool users into using it. So although it's weak protection, it just makes more sense to keep those things which are utilities, which are used on the surface, just as they are. I'm not an open source publisher, but I'm certainly an open concept publisher.
Question: [ 10 ] - Mark White
Steve, I recently had a discussion with a friend of mine regarding security and crypto services that are available. My assertion was that by using something like TrueCrypt with a 256-bit AES encryption to encrypt a hard drive or to create an encrypted container with a sufficiently long passphrase, using a combination of upper and lowercase letters, digits, punctuation, it would be impossible for anyone to open via brute force. Furthermore, the open nature of TrueCrypt and the AES encryption cipher ensures that there are no backdoors for anyone to surreptitiously get access.
My friend takes the view that governments simply would not have allowed TrueCrypt or other software to exist without ensuring that there's a way to break the cipher and access the encrypted data. His reasoning comes from his own military experience whereby he had firsthand experience with some very advanced technologies. While he wouldn't tell me what those technologies were, he did think that government departments like the NSA in the U.S., MI6 in the U.K., will easily be able to access encrypted data, as the alternative would represent too much of a security risk.
We came up with the following thought experiment: The NSA has a securely encrypted hard drive with a Priority 1 order to get access to the data it contains as a matter of worldwide security. Assuming there's no access to anyone who might have the encryption key, is there any way for the NSA to access the data? After listening to several years of Security Now! I simply do not think this is possible. Am I being too trusting of the software? Or is it a safe bet that governments around the world could break into our encrypted files?
I look forward to hearing your thoughts on this. Thank you for all your hard work on Security Now!, for a great tool in SpinRite, and all the great free services at GRC.com. Keep up the great work. Mark in London.
There's only one error in his thought experiment. He says that, if he uses a sufficiently secure password, it would be impossible for anyone to open it via brute force.
True. And so "impossible" is wrong. But the idea would be it would take an unfeasibly long time is the way to correct that one mistake. But there's something else. And so this is a great question. We have seen on this podcast that tools like 256-bit AES are almost certainly absolutely secure. That is, we know how they work. Everyone's been pounding on it. We understand, I mean, it's a simple bit scrambling that you do enough. We've seen reduced-round versions of it where we can sort of - we get a sense for how quickly it gets soft as we do fewer rounds, which tells us how much extra strength we have with the number of rounds we are doing.
So, I mean, it's just like that's just so clear. It seems absolutely verifiably secure. But the way it's used may not be. And that's the key lesson. As we will see next week, there is a problem that we know about with WPS. There's nothing wrong with the underlying crypto, with the hashes, with the secure key exchange mechanisms. It was the protocol which they built on top of those absolutely bulletproof crypto technologies, it clearly had a problem. And the implementation. We saw that routers are not going - they're not going dark, either at all or often for a long enough period to practically prevent brute-forcing. So there was an implementation error at one level. There was also apparently a protocol error that we'll be looking at next week, or protocol issues.
So in the case of TrueCrypt, just the fact that it is open and has been seen and looked at by a lot of people, even that doesn't mean a mistake hasn't been made. BEAST, that we talked about earlier, is another example. There is something that was a block encryption protocol in SSL where, if you could finesse some of the way it worked, you could leverage a weakness in the protocol. So again, nothing wrong with the underlying crypto. But you have to be so, so careful with the way you use it.
And the TrueCrypt guys I'm sure have been. And we know that law enforcement is being frustrated constantly now by TrueCrypt-encrypted drives. Certainly there is nothing out in common knowledge that allows someone to get into TrueCrypt. If there were, it would be fixed immediately. So could the NSA know something about TrueCrypt we don't? Could, I mean, anything's possible. But it's not the crypto that's being broken. So Mark's original question, wondering seriously whether government can break our crypto, I would have to say no. They're not happy. He says, "My friend takes the view that governments would have simply not allowed software such as TrueCrypt to exist." They don't have any control over that. They're not happy about that, either. The MPAA doesn't have any control over digital content once it gets out of their vault.
Question: [ 11 ] - John J. Jobst
Steve, thanks for a highly informative podcast on the latest cyber threat. There are a number of threads on the Cisco/Linksys community support forums talking about the WPS flaw, and naturally no official word from Cisco. Most of the advice falls into two camps: Don't worry, Don't panic. Your chances of someone wanting to hack your router are extremely slim. Or switch to an open source solution like Tomato or DD-WRT. One interesting workaround mentions, if you use WPA-2 Enterprise, which we tell everybody to use, you're safe. But good luck to the typical home network owner setting up a RADIUS server. I've been an enterprise network administrator for years, and I'm sure I could easily implement any of these solutions. But since there are only three houses near enough to me to be barely in range of my Wi-Fi router, I'm going to be just doing nothing. I will look at my logs periodically to see if there are any stray clients. If I find one, I'll mention the FBI and federal anti-hacking statutes to my neighbor, which should be enough to make it stop. Even if I were in an apartment complex with lots of Wi-Fi-enabled neighbors, I wonder how big the threat really is. Are there any statistics out there to say how often the WPS flaw is being exploited? Good question. P.S.: My wife is usually in the room or in the car when I listen to Security Now! Last week she asked me if I have "that Spin thing," and if I could fix her computer. I told her, hey, I bought SpinRite a long time ago, and it fixed your unbootable computer about three years ago. Unfortunately, her current problem is a defective wireless keyboard. SpinRite I don't think works on that. Keep up the good work!
No. Can't do anything about the keyboard. And yes, I liked this. I wanted to put it in just to sort of tell people - I think our listeners probably have a good sense. Or if you have something which at the moment is Linux-only, and it takes two to 10 hours in order to get onto someone's network. I wouldn't worry about it that much. The big problem is that it's in all routers made in the last few years. And it's enabled by default. And it's not going to go away. Routers, I have an interesting thought, Leo, that router firmware is not self-upgradeable the way virtually all of our other mainstream computer devices are now. Windows, and as we know Google Chrome, it updates itself constantly. Our phones, our pads, our tablets, I mean, everything, we're now in this sort of autonomous update mode. Conspicuously, routers don't.
So it's not possible for Netgear just to push out, or for all Netgear routers to be, like, checking in to see if there's any new firmware for them. And we're probably to the point where, as this demonstrates, it would sure be nice if it would be possible for our router manufacturers to essentially push out a fix by making something available, and have their routers checking in to see if there's an update, and make it trivial for users to do that. But routers are typically - they run without a UI most of the time. So it's not clear how that would work. But it would sure be nice. The problem is we're stuck with an industry full of established routers that have this vulnerability. And it's just not going to go away anytime soon.
Question: [ 12 ] - Dan
I love your site. I listen often. I was just wondering, how do you create the text transcript of the audio-based show? Do you use a free or commercial product to automatically type out a text form of your podcast? Or does someone hand-type it in? Thanks.
And her name is Elaine.
Yes. She is not a robot.
No, she's not.
Yup. She's very human. She's very good. I stumbled on her. I Googled something like "audio transcription" or something, and On-Site Media is her company, and it came up. And there may have been some others, but she had a little form you could fill in to, like, request a quote. And I thought, well, okay. And so I did, and I sort of liked that she was technically savvy enough to have a site like that. And, boy, what a win. I've recommended her when people asked for transcripts. She's not inexpensive. Apparently there are send your audio off to China or India or something places. But you get what you pay for. And I really care about quality. Elaine is actively using Wikipedia and Google and the 'Net as she's transcribing the podcast, tracking down the spelling and the location of things and making sure that she's got it exactly right. So, I mean, these are perfect transcriptions. So I just wanted to give her a little shout-out to let our listeners know that there is a terrific service that, if you've got an audio that you need transcribed, there's just none better.
- Ford Technology
- Ad Times: 1:02-1:12 and 38:00-42:10
- Edited by:
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|