Security Now 280
Topic: Bluetooth Security
Recorded: 22 Dec 2010
Published: 22 Dec 2010
Security Now 280: Bluetooth Security
01:35 - 3:20
- Skype is down today so Steve is calling in via phone
4:43 - 5:40
- Steve wants to thank everyone who sends him stories via Twitter
8:45 - 8:59
- No Security updates
9:00 - 10:44
- New IE 6/7/8 "Use After Free" remote code execution vulnerability in IE's CSS parsing
- Exploit proof-of-concept code published and widely available
10:45 - 12:00
- Twitter has now gone down
- Steve and Leo discuss how fragile most sites are
12:01 - 15:28
- FCC Voted to Enact the "Open Internet Order" - a Weak Net Neutrality Bill
- What IS net neutrality?
- Adding any sort of traffic discrimination to connectivity
- Prevent providers from blocking competitive content
- Prevent charging for faster access to specific sites or types of traffic
- The new FCC legislation
- Doesn't cover mobile broadband at all
- Uses VERY weak and unclear language throughout.
- Bars wireline-based broadband providers from "unreasonable discrimination" against Web traffic.
- Does NOT clearly prevent charging more for some content
15:29 - 19:08
- OpenBSD's immediately discredited FBI backdoor
- NETSEC had a hardware accelerator, long since obsolete
- Perhaps part of an internal code fork, never in any public builds
- The code was looked at again though and improved
19:09 - 22:02
- Document Metadata - Not So Anonymous:
- Metadata contained within documents released by the WikiLeaks activist group "Anonymous"
- Your Name, your initials, your company or organization name, the name of your computer, names of the network server or hard disk where the document was saved, the names of previous document authors, document revisions and versions, comments, and more.
22:03 - 24:14
- Secunia PSI at v2.0 (via Tim Raymond, Twitter)
- Two days ago, on December 20th
- Scans for vulnerable and outdated programs
- v2.0 offers to handle the updating for the user.
24:15 - 26:10
- Google adds "This site may be compromised" to its existing "This site may harm your computer" warnings
- Sense when a site might not be under the full control of the site's owner
- In the past, sites have complained about sluggish "delisting" after cleanup.
26:11 - 27:22
- Google refuses Connecticut's request for Wi-Fi data
- Connecticut's Attorney General Richard Blumenthal had given Google until 5:00 pm on Friday, December 17 to turn over the data it collected from unprotected Wi-Fi networks while gathering information for Google Street View.
27:23 - 31:29
- An ISP in Okinawa, Japan was given a chunk of the 49/8 block IP addresses which previously wasnt being used
- However due to the fact that the all the routing tables haven't been updated yet the ISP's users can't access certain sites such as
- XBox Live / ESPN Player / LiveStrong / Meebo / NFL Gamepass / Nova Southeastern University / Washington Heights Church
31:30 - 39:12
- Bogus defragmentation software the next annoyance
- HDDRepair, HDDRescue, HDDPlus, UltraDefragger, ScanDisk, DefragExpress and WinHDD.
- Claims that the user's HD is riddled with problems and requires >= $20 to fix.
Steve's recommendations for defragmentation software:
- Vopt v9.2 - Golden Bow (loved by Chaos Manor's Jerry Pournelle) $40
- PerfectDisk - RaxCo (can defragment system files on boot) $30
- JK Defrag now "My Defrag" (open source) http://www.mydefrag.com/
39:13 - 40:06
- Skype comes back to life
40:07 - 49:32
- Little Black Box database of private SSL keys in embedded devices
- Any SSL embedded device, like a router, will need to have a private private SSL key.
- The private/public key pair COULD be built on the fly, but they aren't.
- Maps public to private keys or device, model, vendor, firmware bersion
- You can:
- You may give it the path to a public certificate file.
- You may give it the SHA1 hash of a public certificate.
- Given a host, it will retrieve the host's public SSL certificate.
- Given a pcap file, it will parse the file looking for public certificate exchanges.
- Given a live network interface, it will listen for public certificate exchanges.
- LittleBlackBox has over 2,000 unique private SSL keys for routers, VPNs, and other devices.
- DD-WRT, Cisco, Linksys, D-Link, NetGear, etc.
49:33 - 51:55
- Steve has looked at "ShopShield"
- It's not cheap:
- Unlimited: $100/year or $10/month
- $2 per CC usage
- $1 per site registration
51:56 - 52:44
- Side Tabs for Chrome - Windows only! (Not Mac)
52:45 - 53:43 John Newcomb (Unknown)
SpinRite fixed a broken hard drive
56:09 - 01:36:42
- Bluetooth came from Ericsson and shows its age
- They wanted a new technology to allow them to link there phones to peripherals
- They understood the need for security
- It was released in 1994
- In 1998 Nokia, IBM, Toshiba and Intel joined Ericsson to form the Bluetooth SIG
- The idea is devices could find each other and interoperate
- You can 'pair' devices so they can communicate and not all devices will have screens or input devices (e.g. speakers)
- A major security problem has been with people leaving Bluetooth devices in discoverable mode
- Steve recommends turning off Bluetooth completely when not using it, not just turning off discoverability
- Bluetooth is very power lean
- Bluetooth operates on the 2.4 GHz band and this gives a range of about 10 m but this can be extended with a more powerful receiver
- Every Bluetooth device has the equivalent of a MAC address
- There is a 48-bit unique ID for every device
- During the pairing process the devices:
- Exchange their 48-bit ID
- Agree upon a 128-bit key which is stored in a database
- A 248 character name can also be assigned
- This is then stored in a database
- There is a range of pairing authentication based on a pin
- Some devices offer no security with a weak pin and others strong security with a strong pin
- This pin provides a way of authenticating the devices that a man in the middle can't spoof
- Some devices like speakers have no way of entering a pin but the risk of a man in the middle attacking your speakers is low
- Other devices like keyboards that are paired to computers require you to enter a pin displayed on the computer via the keyboard
- The standard password length for things like this is 6 characters which gives 1 million possible passwords, and due to the short time frame in which it is entered makes brute force infeasible
- Once devices are paired they use an interference avoidance technology called frequency hoping
- Up to 8 devices can be connected together, 1 master and 7 slaves
- The masters MAC address provides the pseudo random sequence for frequency hoping
- This is done not to avoid bad guys but to avoid interference on a frequently used frequency
- Newer devices used adaptive frequency hoping where they note any frequencies with a lot of interference and avoid hoping to them
- The nominal data rate for Bluetooth is 1.0 Mbit/s but due to overhead you only get about 721 kbit/s
- Later on enhanced data rate technology was added, using phase modulation they send 2-3 signals at once and can run at 3 Mbit/s and so you get about 2.1 Mbit/s
- When this was created AES didn't exist and RC4 was patent encumbered
- So Ericsson made up their own encryption
- It's bad and although it hasn't been broken yet it's because no one tried very hard
- They used a pseudo random sequence generator which is good
- They used shift register (linear feedback shift registers)
- A shift register is a string of bits which shift in one direction on a clock pulse
- You take multiple taps (clock pulses) on the shift register and XOR those to the output which is fed back to the input
- It does this 4 times giving 128 bits
- This is a bad way to do it as assume the input is all 0's and you tap it three times
- You XOR this and the output is still all 0's
- The cryptographic key is derived from the secret key originally shared, random numbers, a shared random number, 48 bit masters device address and 26 bits of the master devices clock
- So every single packet has a different key due to the bits from the clock
- This is then loaded into the 4 shift registers and finite state machine and run forward 200 clocks and the last 128 bits are used as the key
- You then XOR this key with the plain text to get the cipher text
- This complicated mess makes it hard for devices to interoperate
- More Bluetooth hacking in a few weeks!
- Sync 9
- Ad times: 0:45-0:59 and 5:45-8:31
- Edited by: Tony
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|