Edited Twitter Weekly Updates for 2012-03-25

I’m continuing to tweak in the hopes of balancing useful & overwhelming. This week I’m not only cutting down the chaos a bit, but adding the emergent categories. Also, my tweets precede the Re-Tweets. Comments welcome.

  • Where can I send people new to infosec for security mentoring, confident that they'll get broad, data-centered advice? (#newschool) #
  • Just got entranced by http://t.co/tjGKyYj8 (by @infobeautiful?) #
  • RT @alexhutton I wonder how much ISACA spends in SEO. Because unless @adamshostack is spending something, this is funny http://t.co/yp3SmIbk #
  • RT @bittman Yeh, exactly, by @tlaskawy. ‘Pink slime’ is the tip of the iceberg: http://t.co/7fPrAsaT #
  • RT @OSVDB 3 new IBM CTSS vulns from 1962 (x2) and 1965 added. http://t.co/FS5kn3xi << I forgot to ask, do you have working PoC code? #
  • RT @bobblakley Moving on: after 5 great years at Burton & Gartner, I'm moving to Citigroup to become Head of Info Sec Innovation < Congrats! #
  • Hey, Verizon’s DBIR 2012 is now out and available!:

  • RT @wadebaker We're happy to announce that the 2012 #DBIR is out. Hope you enjoy it and find it useful. http://t.co/6xcILGom #
  • "RT" @rmogull "Here's my guide to how to read the Verizon DBIR" https://t.co/0DTyJ19d #
  • Security and People:

  • The New York Times encourages readers to submit the answers to their password recovery questions. http://t.co/TKSah0sO #
  • Fascinating SE technique http://t.co/wxe41Qn3 Where does the dialog get the "Software Update" name? (cc IntegoSecurity) #
  • RT @Beaker Seriously. It's 2012 & banks are STILL using full SSN as USERNAMES!? WTF. Looking @ you, BofA << you'd prefer it as password? 😉 #
  • RT @arstechnica Facebook says it may sue employers who demand job applicants' passwords: http://t.co/bIeqSwOg by @JBrodkin #
  • RT @sambowne: 2-factor auth via cell phone is bad b/c SMS often takes 6 hours to arrive –Facebook Security #hnpworkshops2012 < Details pls? #
  • TSA:

  • RT @mtyka Congress Wants Your TSA Stories @slashdot http://t.co/lNQOpdQP #
  • RT @GreatDismal Above the head of every TSA line, beyond the scanners: the ghostly, smug, perpetually gratified eyes of OBL. #
  • Other jerks: Sqoot.com special edition:

  • Women as a "perk" for a programming event is super-lame. https://t.co/NJi52LUZ #
  • RT @window RT @shanley Copy for @sqoot hackathon: "Women: Need another beer? Let one of our friendly (female) event staff get that for you." #
  • Powered by Twitter Tools

Does 1Password Store Passwords Securely?

In ““Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh, Really?” Andrey Belenko and Dmitry Sklyarov write quite a bit about a lot of password management tools. This is admirable work, and I’m glad BlackHat provided a forum for it. However, as a user of 1Password, I was concerned to read the following about that program:

However, because PKCS7 padding is used when encrypting database encryption key, it is possible to verify password just by computing KEK (using MD5 hash function), decrypting last block of encrypted database key, and checking if it equals to 16 bytes with value 0x10 (this will be the PKCS7-compliant padding when encrypting data whose length is exactly N blocks of underlying cipher). Thus, very fast password recovery attack is possible, requiring one MD5 computation and one AES trial decryption per password.

As a result of this design issue, password guessing against passwords [stored by 1Password for iPhone] is estimated (by Belenko and Sklyarov) as 15 Million per second. This is the 3rd worst performance out of a group of 11, and 3,000-fold worse than the best performer in the table (Strip Lite Password Manager, at 5,000 per second).

The folks at Agile Bits, makers of 1Password took the time to blog about the paper, and accept the implications of the work in “Strong Security Requires Strong Passwords.”

However, I think they misunderstand the paper and the issue when they write:

The main reason the password can be determined so quickly is because 6 characters provide relatively few possible password combinations.

I believe the main reason for the issue is because of the way in which 1Password has chosen to store passwords. They alude to this further down in the post when they write:

With that said, as Dmitry and Andrey point out, 1Password could do more to slow the password discovery process, thereby making it take even longer. For example, on the desktop (both Windows and Mac), 1Password uses PBKDF2 to significantly slow down attackers. Currently this is not available on iOS as we needed to support older devices. The next major release of 1Password will only support iOS 5 and at that time we will be incorporating these additional defences.

I still don’t think that’s an adequate response. Several of their competitors on iOS use their own implementation of PBKDF2. Now that’s a risky thing to do, and I’m aware that it might be expensive to implement and test, and the impact of a bug in such code might reasonably be pretty high. So it’s not a slam dunk to do so, in the general case. But in this case, it appears that Apple ships an open source version of PBKDF2: http://opensource.apple.com/source/CommonCrypto/CommonCrypto-55010/Source/API/CommonKeyDerivation.c. So the risk is far lower than creating a new implementation. Therefore, I think Agile Bits should change the way it validates passwords, and incorporate PBKDF2 into all versions of 1Password soon.

They also state:

1Password for iPhone will no longer allow items to be protected by just the PIN code. The PIN code was meant for less sensitive items and we always expected the Master Password protection to be enabled on important items. To simplify things, all items will be protected with the Master Password, just like on iPad, Mac, and Windows.

I understand the choice to do this, and move to stronger protection for all items. At the same time, I like the PIN-only protection for my low-value password. Entering passwords on a phone is a pain. It’s not an easy trade-off, and a 4-digit PIN is always going to be easy to brute force with modern CPUs, however much salting and stretching is applied. I’m capable of making a risk management decisions, but I also understand that many people may feel that Agile Bits wouldn’t offer the choice if it wasn’t secure. I respect the choice that Agile Bits is making to force stronger protection on all their customers.

In summary, 1Password is not storing passwords as securely as they could, and if your phone is stolen, or your phone backups are accessed, those choices leave your passwords at more risk than competing products. I don’t think the fixes to this require iOS5. I think the right thing for Agile Bits to do is to ship an update with better protection against brute force attacks for all their customers, and to do so soon.

[Update 3 (April 10) Agile Bits has released an update which implements 10K PBKDF2 iterations.]

[Update 2: 1Password has now stated that they will do this, adding PBKDF2 to all versions for iOS, which had been the only platform impacted by these issues. They have a hard balance of speed versus security to make, and I encourage them to think it through and test appropriately, rather than rushing a bad fix. ]

[Updated to clarify that this applies only to the iPhone version of 1Password.]

Edited Tweets for 2012-03-18

  • RT @curphey amazing how many serial entrepreneurs, visionaries & thought leaders in security are wanting to contract @ $75/hour #
  • MT @GammaCounter Chinese spies impersonated US Navy admiral on Facebook, friended NATO officials: http://t.co/FFnpdJ9p via @adam_orbit #
  • I really want @robinsage to RT this: Chinese spies impersonated US Navy admiral on Facebook, friended NATO officials: http://t.co/FFnpdJ9p #
  • Britannica to cease publishing physical edition after 244 years: http://t.co/QtHZDNRG #
  • Writing your paper with absolute & % valuations: about .5 €. Not having every story say privacy is worth 50 cents: priceless. #
  • RT @spacerog "Why Aren't There More Women in Tech? I'll Tell You Why I'm Not http://t.co/tTbSRP0u <- the tragedy of most formal education" #
  • RT @alexhutton Measuring the OODA loop of security thinking: Can you say firewalls & SSL? http://t.co/siThqbbZ < Not a loop without feedback #
  • There's a stack of things I'm looking at today where I have exactly the same reaction: "Evidence? Alternate hypotheses?" #
  • An old co-worker of mine is competing to get his product "Zoo Poo" in retail channels. It's entertaining, please vote http://t.co/5MlXNUSK #
  • And they say kids today don't care about privacy: http://t.co/kN8AryXy #
  • RT @RSAConference @neiljrubenking discusses why it’s time to reevaluate your phone’s password manager http://t.co/g5TtvSb8 < cc @1password #
  • RT @teacup Survey Foreign travelers were more afraid of United States immigration officials than of terrorism or crime http://t.co/oaD8b8Ya #
  • RT @blowdart Honestly I am always worried every time I land, visa or not. << I wish the way we treated visitors got more attention #
  • RT @jmason @adamshostack @teacup "2/3rds feared being detained for 'minor mistakes or misstatements'." +1, it's happened to me #
  • RT @dlitchfield This is the St Paddy Day Irish Twitter worm: I need your help to spread so please re-tweet 🙂 #
  • I think @dlitchfield just 0day'd my twitter client. #
  • If a picture is worth 1000 words, does that mean I'm 2376 words into this chapter? #

Powered by Twitter Tools

Kind of Copyrighted

This Week in Law is a fascinating podcast on technology law issues, although I’m way behind on listening. Recently, I was listening to Episode #124, and they had a discussion of Kind of Bloop, “An 8-Bit Tribute to Miles Davis’ Kind of Blue.” There was a lawsuit against artist Andy Baio, which he discusses in “Kind of Screwed.” There’s been a lot of discussion of the fair use elements of the case (for example, see “Kind of Bamboozled: Why ‘Kind of Bloop’ is Not a Fair Use“). But what I’d really like to talk about is (what I understand to be) a clear element of copyright law that is fundamental to this case, and that is compulsory mechanical licensing.

In TWIL podcast, there’s a great deal of discussion of should Baio have approached the photographer for a license or not. He did approach the copyright holders for Kind of Blue, who were “kind” enough to give him a license. They gave him a license for the music, but he didn’t need to approach them. Copyright law gives anyone the right to record a cover, and as a result, there is a flourishing and vibrant world of cover music, including great podcasts like Coverville, and arists like Nouvelle Vague, who do amazing bossa-nova style covers of punk. (Don’t miss their cover of Too Drunk to Fuck.) And you can listen to that because they don’t have to approach the copyright holder for permission. Maybe they would get it, maybe not. But their ability to borrow from other artists and build on their work is a matter of settled law.

I’m surprised this difference didn’t come up in the discussion, because it seems to me to be kind of important.

It’s kind of important because it’s a great example of how apparently minor variations in a law can dramatically change what we see in the world. It’s also a great example of how constraining rules like mechanical licensing can encourage creativity by moving a discussion from “allow/deny” to “under what circumstances can a copyright holder use the courts to forbid a copy.” If we had mechanical licensing for all copyrighted materials, Napster might still be around and successful.

Twitter Weekly Updates for 2012-03-11

Powered by Twitter Tools

Browser Privacy & Fingerprinting

Ivan Szekely writes in email:

A team of young researchers – my colleagues – at the Budapest University of Technology and Economics developed a cross-browser fingerprinting system in order to demonstrate the weaknesses of the most popular browsers. Taking Panopticlick’s idea as a starting point, they developed a new, browser-independent fingerprinting algorithm and started to build a system-fingerprint database for further analysis. The description of the method and the analysis of the fingerprints can be read at http://pet-portal.eu/articles/view/37/2012-02-20-User-Tracking-on-the-Web-via-Cross-Browser-Fingerprinting.php (thesite is tri-lingual, if other language articles appear on your screen, click on the English flag)

By now the team has developed a new version of the fingerprinting system and is working on an effective method to prevent fingerprinting. In order to fine-tune the defense against fingerprinting, my colleagues need your feedback. Please click on http://fingerprint.pet-portal.eu, make a few tests and share your comments and suggestions with the developers.

Please take a second to visit http://fingerprint.pet-portal.eu and help them and us understand browser fingerprinting.

Twitter Weekly Updates for 2012-03-04

  • RT @tedfrank If you're having trouble getting Sudafed, here's how to make it with more readily available crystal meth. http://t.co/THaQZzov #
  • RT @digiphile "Privacy breaches keep getting worse. Facebook admits reading txt msgs of users who installed phone app" http://t.co/v8CMM222 #
  • RT @threatpost #Microsoft partners w/ Good Technology to bring encrypted email to Windows Phone. http://t.co/bE9QC9dN << "better than bad!" #
  • RT @f5networks @WhiteHatSec says 23% of breaches occurred via a backdoor/control channel #rsac << I want a @wadebaker/@jeremiahg panel #
  • RT @attractr REcon 2012 CFP is out: http://t.co/lP9P3bvY #recon2012 #
  • It occurs to me that what @sushidude needs is a Bayesian belief engine with belief updates from CVE, DBIR? #
  • RT @MSFTsdl Stop by at the #RSAC #Microsoft SDL station and get a threat modeling card game! http://t.co/qwekmdGA #MSFTsdl #
  • RT @MikeIsaac TED 2012: New Browser Add-On Visualizes Who is Tracking You Online http://t.co/8O1ZIZsR #
  • Ron Gula remembers Dom Brezinski asking about NT4 remote at the first @blackhat. #
  • "I don't see anything private about IOC or indicators of fraud." – Roland Cloutier, CSO ADP #
  • Good points from @rongula about automation in data sharing. #
  • RT @DennisF Good talk on incident response and metrics at #bsidessf Turns out measuring stuff works. Who knew? << (me!) #
  • RT @Beaker Marcus (Ranum) just came by with some awesome Guy Fawkes mask balloons. Brilliant. #
  • RT @rsingel Former FBI counter-terrorism officer rips into TSA for being useless: http://t.co/lClWev1L #
  • RT @chriseng Who has the best #rsac booth swag? < Microsoft. You all need to raise your game by shipping some games. 🙂 #
  • I'm saved in part because the @chriseng "Thought Leader" ribbons are not booth swag. #
  • RT @veracode "Tower defense" video game promotes our new reporting capabilities that deliver positive, reports. Play: http://t.co/MHwaXGjg #
  • RT @moxie I'm happy to announce that @GetAbine will be taking over the #GoogleSharing project: http://t.co/BrooMkKk #
  • Maybe "Do Not Disturb" doesn't mean the same thing to me & the Westin Market St San Francisco. Is it under new management? #
  • RT @jnabryant @adamshostack you still need to get your RSA junk mail regardless << Hey, I'm the customer, not the product! 🙂 #
  • RT @ebellis agree w/ @jeremiahg on this, one of the best articles … #RSAC http://t.co/mF0iCbwx << how to test? Will failures know? Admit? #
  • RT @curphey Break kitten auth knowing dogs are normally photographed on green grass while cats indoors. Genius! http://t.co/umhVTl39 #
  • MT @jenvalentino Should gov be able to block cellphone services for "ensuring public safety"? FCC, Egypt want to know. http://t.co/kLrpbrlS #
  • RT @maxinux @adamshostack And #BART .. << true. Damn it's hard to snark in 140! 😉 #

Powered by Twitter Tools