Security Now 295
Topic: Security breaches at Comodo and Epsilon top the news
Recorded: April 6, 2011
Published: April 6, 2011
Security Now 295: SSL Breach
RSA SecurID Break-in, YubiHSM, Epsilon security breach, DNT gets traction, and more.
Security Updates: Nada
The RSA SecurID Breakin:
- Simple spear-phishing attack:
- eMail sent to two small groups within RSA
- "2011 Recruitment Plan"
- Attached to the eMail was "2011 Recruitment Plan.XLS"
- It went into an employee's JUNK mail folder... but it was opened
- Embedded into the Excel spreadsheet was a FLASH movie.
- FLASH movie installed the well known "Poison Ivy" RAT - Remote Administration/Access Tool/Toolkit/ Torjan.
- Anything the user can do locally, the attacker can do remotely.
- http://arstechnica.com/science/news/2011/04/spearphishing-0-day-rsa-hack-not-extremely- sophisticated.ars
Yubico announces YubiHSM - Hardware Security Module
- $15K for typical HSM's
- Moves all sensitive cryptographic operations and keys OUT of the server into a USB- connected "cryptographic co-processor."
- The final device will retail for $500
- The YubiHSM is a small USB dongle which you plug into your authentication server, and acts as a:
- Cryptographically secure true random number generator,
- store for cryptographic keys,
- A cryptographic processor.
- Uses cases:
- You run an authentication service; secrets are stored on a computer that has to be accessible from the Internet and are concerned it one day will be hacked.
- You want to prevent system administrators and staff who have physical access to the server to copy the database and get access to sensitive data.
- You need an architecture that prevents a hacker from compromising your secrets, but allows you to run your service full speed.
- You have a smaller fleet of Yubikeys and want to do the authentication yourself without having to implement a complete authentication server with a database.
- You have rejected typical HSMs on cost grounds ($15k per unit or more + maintenance fees)
- """Yubico is inviting its developer’s community to refine the YubiHSM and define the functionality set of the final product. Developers who would like to contribute with applications and the further development of the open source client software can today apply to get a free beta YubiHSM from Yubico."""
Samsung NOT logging keystrokes
- "Slovenian language directory for Windows Live: C:\WINDOWS\SL
- "StarLogger" keystroke logger false positive
- GFI / Sunbelt / VIPRE was simply looking for: C:\WINDOWS\SL
- Alex Eckelberry: http://sunbeltblog.blogspot.com/2011/03/samsung-laptops-do-not-have-keylogger.html
- """The detection was based off of a rarely-used and aggressive VIPRE detection method, using folder paths as a heuristic. I want to emphasize “rarely”, as these types of detections are seldom used, and when they are, they are subject to an extensive peer review and QA process."""
Massive Malicious code injection
- The most successful SQL injection attack ever seen.
- At least hundreds of thousands of web sites infected by massive automated SQL injection attack.
- Typically small business, community groups, sports teams, and similar mid-tier organizations.
- Users initially redirected to "Lizamoon" site, but since 21 separate domains.
- "Windows Stability Center"
- A Google search for the attackers' domains shows more than three million weblinks are displaying them.
- The world's largest permission-based eMail marketing services company.
- "Approximately 2% of its eMail clients (50?) were affected."
- Epsilon sends over 40 billion eMails per year and has over 2500 clients, including 7 of the Fortune 10.
- http://consumerist.com/2011/04/e-mail-breach-hits-best-buy-tivo-walgreens-chase-kroger-many- more.html
- 1-800-Flowers, AbeBooks, Air Miles, Ameriprise Financial, Barclays Bank, Beachbody, bebe Stores, Best Buy, Brookstone, Capital One, City Market, Citi, Dillons, Disney Destinations, Eileen Fisher, Ethan Allen, Food 4 Less, Fred Meyer, Fry's, Hilton Honors Program, Home Shopping Network (HSN), Jay C, JPMorgan Chase, King Soopers, Kroger, Lacoste, LL Bean Visa Card, Marriott Rewards, McKinsey & Company, MoneyGram, New York & Company, QFC, Ralphs, Red Roof Inn, Ritz-Carlton Rewards, Robert Half, Target, The College Board, TD Ameritrade, TiVo, US Bank, Walgreens,
- Because Customer names and eMail addresses were exposed, be ESPECIALLY ALERT for spear phishing attacks now!!
DNT (do not track) gets traction:
- Giorgio: NoScript has been updated
- DNF (Do Not Fool)
- Microsoft offers $7.5M for 666,624 IPv4 addresses ($11.25 each)
- Deal to buy the addresses from Nortel a sign of the increasing value of IPv4 as they run out, some say. (Bankrupt Canadian telecom equipment maker.)
- Skype's SSL certificate expired on March 31st. Whoops.
- Run Android apps under Windows in a forthcoming VM:
- Still under wraps, follow on twitter: @bluestacksinc
- also: http://www.android-x86.org/
- iPad2 - It's lovely, but I'm less impressed
Topic: Comodo SSL Hack
- Comodo initially quietly sent a command to its certificate revocation servers designed to tell browsers to no longer accept 9 certificates signed using its private key.
- Major browsers went beyond this normal revocation process and added hard-coded "do not trust".
- Mozilla forced this in as the last change to their v4 Firefox source code.
- Jacob Appelbaum, a researcher at the University of Washington's Security and Privacy Research Lab independently uncovered the certificate theft by carefully watching Chromium source code updates notices some oddity....
- Chromium hard-codes some invalid certificate serial numbers
- A Mozilla update does the same.
- issuer=/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST
- EFF's SSL Observatory:
- As of August 2010, 85,440 public HTTPS certificates were signed directly by UTN-USERFirst- Hardware. In the event of a revocation, at least 85,440 websites would have to scramble to obtain new SSL certificates.
- Report of incident on 15-MAR-2011
- An RA suffered an attack that resulted in a breach of one user account of that specific RA.
- This RA account was then used fraudulently to issue 9 certificates (across 7 different domains).
- All of these certificates were revoked immediately on discovery.
- Monitoring of OCSP responder traffic has not detected any attempted use of these certificates after their revocation.
- mail.google.com, www.google.com, login.yahoo.com (3 certs), login.skype.com, addons.mozilla.org, login.live.com, and "global trustee".
- login.yahoo.com WAS SEEN LIVE on the Internet
- A web server in Iran was briefly using the fraudulent certificate.
- "an attacker obtained the username and password of a Comodo Trusted Partner in Southern Europe."
- Certificate Authorities:
- Issues "Certificates" attesting to the identity of web sites.
- Registration Authorities
- “Partners with certificate issuing autonomy”
- DCV - Domain Control Verification
- eMail sent to verify that requestor has control of requested domain
Comodo: (Robin Alden - CTO Comodo)
- "what we had not done was adequately consider the new (to us) threat model of the RA being the subject of a targeted attack and entirely compromised."
- "Two other (additional) RA accounts had since been compromised though no other erroneous certs had been issued."
- "High Value Target Check" -- we have such capability, but it had been disabled on several RA's. We're changing the structure to enforce this universally.
- EV certificates were never able to be issued by RA's.
- IP-based address restriction
- Hardware-based two-factor authentication for RA logon
- Criticized Comodo for allowing RA's to issue certs directly from the root and has asked that each RA issue from a sub-CA.
- To exploit the fake credentials?
- Host File
- Malicious DNS
- Anyone in the connection - MITM
CRL and OCSP
- Certs last only a few years but what if something bad happens before then?
- OCSP - Online Certificate Status Protocol (OCSP)
- CRL - Certificate Revocation List
- The FUNDAMENTAL problem:
- The underlying technical design is fragile. ANY CA can certify to ANY user that ANY server owns ANY domain name. Therefore the consequences of a misplaced trust decision are about as bad as they can be. It's tempting to write this off as bonehead design, but in truth the available design options are all unattractive.
- Stated another way: The real problem is a structural one: there are 1,500 CA certificates controlled by around 650 organizations, and every time you connect to an HTTPS webserver, or exchange email (POP/IMAP/SMTP) encrypted by TLS, you implicitly trust all of those certificate authorities!
- Steve Schultze @ Freedom To Tinker
- * Too many entities have CA powers: As the SSL Observatory project helped demonstrate, there are thousands of entities in the world that have the ability to issue certificates. Some of these are trusted directly by browsers, and others inherit their authority. We don't even know who many of them are, because such delegation of authority -- either via "subordinate certificates" or via "registration authorities" -- is not publicly disclosed. The more of these entities exist, the more vulnerabilities exist.
- * The current system does not limit damage: Any entity that can issue a certificate can issue a certificate for any domain in the world. That means that a vulnerability at one point is a vulnerability for all.
- * Governments are a threat: All the major web browsers currently trust many government agencies as Certificate Authorities. This often includes places like Tunisia, Turkey, UAE, and China, which some argue are jurisdictions hostile to free speech. Hardware products exist and are marketed explicitly for government surveillance via a "man in the middle" attack.
- * Comodo in particular has a bad track record with their RA program: The structure of "Registration Authorities" has led to poor or nonexistant validation in the past, but Mozilla and the other browsers have so far refused to take any action to remove Comodo or put them on probation.
- * We need to step up efforts on a fix: Obviously the current state of affairs is not ideal. As Appelbaum notes, efforts like DANE, CAA, HASTLS, and Monkeysphere deserve our attention.
https://bugzilla.mozilla.org/show_bug.cgi?id=643056#c0 http://erratasec.blogspot.com/2011/03/comodo-hacker-releases-his-manifesto.html http://erratasec.blogspot.com/2011/03/verifying-comodo-hackers-key.html
- ad times: :49-1:07 and 3:24-8:46
- fb 3
- ad times: 1:07-1:20 and 34:59-36:45
- Carbonite.com Offer code: SECURITYNOW
- carb 3
- ad times: 1:20-1:34 and 59:18-1:01:59
- Edited by: Jason
|This area is for use by TWiT staff only. Please do not add or edit any content within this section.|