d2808fad38d3d46e3f36936753248125.ppt
- Количество слайдов: 30
Man-in-the-Middle Attack […] But it's a real-life attack, too. Here's a story of a woman who posts an ad requesting a nanny. When a potential nanny responds, she asks for references for a background check. Then she places another ad, using the reference material as a fake identity. She gets a job with the good references -- they're real, although for another person -- and then robs the family who hires her. And then she repeats the process. CRYPTO-GRAM, April 15, 2004 http: //www. schneier. com/crypto-gram. html
Bluetooth Privacy Hack Seems that Bluetooth cell phones are vulnerable to snooping: not the conversations, the contents of the phones. […] The hack is called "Bluesnarfing, " and allows a hacker to remotely download the contacts list, diary, and stored pictures in Bluetooth-enabled telephones. [. . . ] It's unclear how many phones are affected -- whether this is a Bluetooth problem or an implementation problem with some Bluetooth phones -- or whether the problem is fixable. But it's a big problem. People treat cell phones like their wallets; they keep all kind of sensitive information in them. For someone else to have the ability, remotely, of downloading the contents of the phone is disturbing. CRYPTO-GRAM, April 15, 2004 http: //www. schneier. com/crypto-gram. html
Citing anonymous sources in the British intelligence community, the Sunday Times reported that an e-mail message intercepted by NSA spies precipitated a massive terrorism investigation. <http: //www. globetechnology. com/servlet/story/RTGAM. 2 0040406. gtterror 06/BNStory/Technology/> or <http: //tinyurl. com/2675 t> CRYPTO-GRAM, April 15, 2004 http: //www. schneier. com/crypto-gram. html
Virus Wars We're in the middle of a huge virus/worm epidemic. Dozens and dozens of different ones have been found in the past few weeks. Most of these are not new, but variants on others. There seems to be an ongoing war between the people who write the Bagle worm and the people who write the Netsky worm. Many variants of each are running around the Internet, and more seem to be found all the time. Embedded in the different versions are comments and taunts to the other. CRYPTO-GRAM, April 15, 2004 http: //www. schneier. com/crypto-gram. html
ISS PAM/ICQ 'Witty' Worm Analysis http: //techie. hopto. org/witty-analysis. html The Witty worm spreads via a buffer overflow vulnerability in the Protocol Analysis Module (PAM) of several Internet Security Systems products. The PAM code that is responsible for performing information gathering on ICQ's instant messaging protocol suffers from a stack-based buffer overflow due to an insecure sprintf call. The vulnerability itself is known to affect numerous ISS products, but those affected by the Witty worm are as follows : Black. ICE Agent for Server 3. 6 ebz, ecb, ecd, ece, ecf Black. ICE PC Protection 3. 6 cbz, ccb, ccd, ccf Black. ICE Server Protection 3. 6 cbz, ccb, ccd, ccf Real. Secure Network 7. 0, XPU 22. 4 and 22. 10 Real. Secure Desktop 7. 0 ebf, ebj, ebk, ebl Real. Secure Desktop 3. 6 ebz, ecb, ecd, ece, ecf Real. Secure Guard 3. 6 ebz, ecb, ecd, ece, ecf Real. Secure Sentry 3. 6 ebz, ecb, ecd, ece, ecf
ISS products lack state information on UDP packets due to the stateless nature of the protocol, so any packet originating from UDP port 4000 is treated as an ICQ server response. When a SRV_META_USER response is received, the IDS does not limit the size of the payload within. If certain preconditions have been satisfied before the packet is received, its data will be copied into a stack-based structure by the IDS. This buffer is of limited size, and statically allocated. The result is a simple stack-based buffer overflow.
[. . . ] We are writing this letter on behalf of Warner Bros. Entertainment Inc. ("Warner Bros. "). We have received information that an individual has utilized the above-referenced IP address at the noted date and time to offer downloads of copyrighted motion picture(s) through a "peer-to-peer" service, including such title(s) as: [. . . ] The distribution of unauthorized copies of copyrighted motion pictures constitutes copyright infringement under[. . . ] Since you own this IP address, we request that you immediately do the following: 1) Disable access to the individual who has engaged in the conduct described above; and 2) Take appropriate action against the account holder under your Abuse Policy/Terms of Service Agreement.
[. . . ] Infringement Detail: Infringing Work: NAMEOFWORK Filepath: NAMEOFWORK. torrent/ Filename: NAMEOFWORK. r 00 First Found: 6 Mar 2004 08: 49: 38 EST (GMT -0500) Last Found: 6 Mar 2004 08: 49: 38 EST (GMT -0500) Filesize: 14, 648 k IP Address: X. Y. Z. W IP Port: 6881 Network: BTPeers Protocol: Bit. Torrent
Subject: [Full-Disclosure] PLAXO: is that a cure or a disease? Date: Fri, 12 Mar 2004 17: 54: 15 -0000 From: "http-equiv@excite. com" <1@malware. com> To: <full-disclosure@lists. netsys. com> Friday, March 12, 2004 Having a firm belief in unnecessary gadgetry, we recently sent our most senior colleague Liu Die Yu a request to update his contact information via our plaxo device [http: //www. plaxo. com/]. Checking back several hours later in our plaxo web account we eagerly selected his "card" to see what that update might be. BANG ! [. . . ] <input type="hidden" name="Biz. Full. Name" value="fatcat"> <input type="hidden" name="Biz. Title" value=""><iframe src=http: //www. bloatedcorp. com>"> <input type="hidden" name="Biz. Email 1" value="fatcat@bloatedcorp. com"> <input type="hidden" name="Biz. Email 2" value=""> <input type="hidden" name="Biz. Email 3" value=""> <input type="hidden" name="Biz. IM" value=""> <input type="hidden" name="Biz. Web. Page" value="">
[. . . ] He had taken our entire contact list for a joyride supreme. Trivial arbitrary code injection into the plaxo user web account. While it does a good job of attempting to defeat this, simple input in the recipient request for update field of "JOB TITLE", gives a real jobbing: "><SCRIPT>alert('boop')</SCRIPT> "><iframe src=http: //www. bloatedcorp. com> Needless to say should you receive one of these irritating little requests, you'll now know what to do. End Call -http: //www. malware. com ________________________ Full-Disclosure - We believe in it. Charter: http: //lists. netsys. com/full-disclosure-charter. html
Subject: OT: reports of a Trojan horse in the Arrow project Date: Tue, 17 Feb 2004 04: 26: 46 +0200 From: Gadi Evron <ge@egotistical. reprehensible. net> To: bugtraq@securityfocus. com CC: full-disclosure@lists. netsys. com The Arrow is a counter-ballistic missiles project run by Israel. There have been reports the past couple of days about a Trojan horse in the code, inserted by Egypt. [. . . ] Here are some facts: Some MOTIF code that was done by IBM Israel was being debugged in the Cairo (Egypt) office. The IDF has not commented on this and IBM claims that no restricted code was shared. Some reports claim Egypt inserted a Trojan horse into that code, I've seen no facts that verify that, so I doubt it for now. I'll post more information as it becomes available. [. . . ] It is clearly a security fluke on Israel's side that such a relationship, on any level, existed, but no biggie. [. . . ] ________________________ Full-Disclosure - We believe in it. Charter: http: //lists. netsys. com/full-disclosure-charter. html 13
Win 2 K and NT source leak! • http: //www. microsoft. com/presspass/press/2004/Feb 04/ 02 -12 windowssource. asp • Last updated: Feb. 13, 2004, 6: 00 p. m. PST • REDMOND, Wash. , Updated Feb. 13, 2004 -- On Thursday, February 12, Microsoft became aware that portions of the Microsoft Windows 2000 and Windows NT 4. 0 source code were illegally made available on the Internet. Subsequent investigation has shown this was not the result of any breach of Microsoft’s corporate network or internal security, nor is it related to Microsoft’s Shared Source Initiative or its Government Security Program, which enable our customers, partners and governments to legally access Microsoft source code. 14
Microsoft ASN. 1 Library Length Overflow Heap Corruption http: //www. eeye. com/html/Research/Advisories/AD 20040210. html • e. Eye Digital Security has discovered a critical vulnerability in Microsoft's ASN. 1 library (MSASN 1. DLL) that would allow an attacker to: – overwrite heap memory on a susceptible machine and – cause the execution of arbitrary code. • […]this library is widely used by Windows security subsystems, the vulnerability is exposed through an array of avenues, including Kerberos, NTLMv 2 authentication, and applications that make use of certificates (SSL, digitally-signed email, signed Active. X controls, etc. ). 15
• ASN. 1 BER encoding – an encoding scheme for flexibly representing binary data – Each piece of data is encoded as a tag number (that describes how to interpret the data), then the length of the data, and finally, the data itself. – supplying a very large value (from 0 x. FFFFFFFD to 0 x. FFFF) can cause an integer overflow in a heap allocation routine 16
CRYPTO-GRAM, December 15, 2003 • Blaster and the August 14 th Blackout • Republican Senator Orrin Hatch suspended a member of his staff for hacking into the computers of two Democratic senators. 17
http: //www. cryptophone. de/html/faq_en. html
http: //www. cryptophone. de/html/faq_en. html
• Why is it so important to be able to review this 'source code'? • The 'source code' is the blueprint of how the crypto-phone operates, and computer programmers can read this code. Cryptography/security is a fine art, and one simple error can introduce a serious flaw into the product. Customers of communication security devices have always had to fear not only programming errors, but also so called "back doors". Such a back door would allow certain people to listen into encrypted calls at all times, for instance by revealing (part of) the cryptographic key during the call. • Introducing a back door into a crypto system does not even require active cooperation of the manufacturer of the equipment. All it takes is one bribed programmer to compromise an entire product. • […] 20
• Why are you the only vendor offering the source code for review to anybody? • We can only assume the other vendors have something to hide. They might be afraid of competition and want to protect so called "trade secrets". The nice thing about our product is that we have no (trade) secrets, and invite everyone to make interoperable products based on the published protocol. We believe in standards that are open for anybody to join - as long as they go and implement their own product and do not steal from our published source. […]
• How can I make sure that the firmware on my Crypto. Phone is compiled form the same source that you publish and have reviewed? We take a number of steps to ensure that you really get the correct firmware. The source code repository for the Crypto. Phone is held at a computer that only our trusted developers can make changes to, and that is secured against physical access. After the security review by outside experts, but before each version of the firmware is released and used in the production of Crypto. Phones, the source is compiled by a number of security experts who then publish the secure cryptographic SHA 256 -hash of the binary and of the source it is compiled from.
• Under what kind of license do you publish the source? Why is it not GPL? • The source is published strictly for the purpose of security review and verification. You are only allowed to compile it to verify the correctness of the Crypto. Phone firmware and you are required to delete the resulting binaries afterwards. The fact that we publish the source does not imply any right for partial or complete reuse of the source in free or commercial products. You can not further disseminate the source or port it to other platforms without our permission. If you think you discovered a security problem or other bug and want to submit a patch for it, please contact us at security@cryptophone. de. 23
• What are the security limitations of the Crypto. Phone? • The Crypto. Phone was designed to offer the highest level of security possible while still remaining affordable. Certain military-grade phones were designed to also protect against more exotic threats such as eavesdroppers that bring expensive equipment in close proximity to you to listen to very faint radio signals emitted by those parts of your phone that aren't supposed to be transmitting. The Crypto. Phone, like all other secure phones primarily designed for the civilian market, does not protect against such an attack. By basing our solution on a commercially available GSM phone, we can keep the price down, but can not provide military-grade tempest security. 24
• I want to buy a Crypto. Phone, but my business partners cannot afford one. What should I do? • To adress this problem we offer a solution not available with any other secure phone product on the marke: A freeware software version of the Crypto. Phone that will turn any standard Windows PC (desktop or notebook) into a Crypto. Phone GSM compatible secure phone! This software incorporates the same algorithms and protocols as the Crypto. Phone GSM and thus allows you to make secure calls between your Crypto. Phone GSM and anyone owning a windows computer and a modem. After a short and painless installation of the software, anyone can set up a secure voice connection in no time. • […] 25
• http: //cryptome. org/fake-prints. htm • The consequences of the work are even more devastating[…] : – the use of fingerprint recognition offers a lower security than the lowest level of security used nowadays: username and password combinations. – That while fingerprint recognition applications are used in high security environments and are extremely secure in the perception of the end users […] – The real consequences are twofold: • either someone uses one of the techniques to steal a fingerprint from someone (we leave over 25 almost perfect fingerprints laying around every day!) and break into a system, or • [insider attacks are easy] 26
Diffie-Hellman Key-Exchange Algorithm • Alice and Bob agree on a large prime, n and g, such that g is primitive mod n. • These two integers don’t have to be secret; Alice and Bob can agree to them over some insecure channel. • They can even be common among a group of users. Applied Cryptography, Second Edition: Protocols, Algorthms, 27 and Source Code in C (cloth), Bruce Schneier
• A primitive element in a group is an element whose powers exhaust the entire group. • Thus 3 is primitive in the group of units mod 7 as – 1=3^6, 2=3^2, 3=3^1, 4=3^4, 5=3^5, and 6=3^3, • but 2 is not primitive in this group as there is no exponent e such that 3=2^e (mod 7). More commonly we say that 3 is primitive mod 7 but 2 is not. 28 http: //www. math. umbc. edu/~campbell/Numb. Thy/Class/Glossary. html
• The protocol goes as follows: 1) Alice chooses a random large integer x and sends Bob X = g^x mod n 2) Bob chooses a random large integer y and sends Alice Y = g^y mod n 3) Alice computes k = Y^x mod n 4) Bob computes k´ = X^y mod n • • Both k and k´ are equal to g^xy mod n. No one listening on the channel can compute that value; they only know n, g, X, and Y. Unless they can compute the discrete logarithm and recover x or y, they do not solve the problem. k is the secret key that both Alice and Bob computed independently. Applied Cryptography, Second Edition: Protocols, Algorthms, 29 and Source Code in C, Bruce Schneier
Diffie-Hellman g Eve n ALICE x BOB y
d2808fad38d3d46e3f36936753248125.ppt