STE WILLIAMS

Dropbox Drops the Security Ball

Storage and file-sharing vendor Dropbox made a huge cock-up during last weekend’s upgrade leaving all of its user accounts unlocked.

Encryption is not performed by the cloud provider’s client, meaning that all customer information was there for the taking on Sunday between 1.54pm and 5.46pm. Dropbox issued no official comment until yesterday, causing anger among users.

Founder and CTO Arash Ferdowsi confirmed a code update allowed a bug to enter the system to affect its authentication mechanism meaning users did not need passwords to log onto each other’s accounts.

“A very small number of users (much less than one per cent) logged in during that period, some of whom could have logged into an account without the correct password. As a precaution, we ended all logged in sessions.”

This is understood to equate to up to 250,000 users, among them some irate individuals who vented their spleen on the Dropbox forum at the weekend, threatening to move to a new provider and complaining about the vendor’s lack of communication.

Ferdowsi said the firm was investigating whether any accounts were accessed and tampered with and vowed to “immediately notify the account owner” if it unearthed any unusual activity.

“This should never have happened. We are scrutinising our controls and we will be implementing additional safeguards to prevent this from happening again… regardless of how many people were ultimately affected, any exposure at all is unacceptable to us.”

Linguists Use Sounds to Bypass Skype Crypto

Decryption is difficult and computationally expensive. So what if, instead of decrypting the content of a message, you found a correlation between the encrypted data and its meaning – without having to crack the code itself?

Such an approach has been demonstrated by a group of University of North Carolina linguists working with computer scientists on encrypted Skype calls. While their research paper only managed to partially recover conversations, an encryption scheme that leaks even some of the data it’s meant to protect is no longer secure.

It works like this: spoken English has a set of known – and quite settled – rules for its phonetic grammar.

For non-linguists, this means the order in which we can and cannot put different sounds together. The “ds” sound, or phoneme, at the end of sounds is fairly common at the end of English words, but doesn’t occur at the beginning.

Systems like speech-to-text converters use these rules to break strings of sounds into individual words; they match sounds against a dictionary of legal phoneme combinations and map these into words. What the researchers discovered is that encryption leaves a pattern that can be subjected to this kind of analysis – without decrypting the data.

When you encode spoken English for VoIP using (in the case of Skype) CELP (code excited linear projection), you will end up with patterns in the data that match the patterns in the sounds. In particular, those patterns end up being reflected in the size of the data frame: the more complex the sound that’s being encoded, the larger the frame, resulting in a correlation between frame size and the original sounds spoken.

When the data created by CELP is encrypted, it retains the original frame size – and that means that even encrypted Skype data will retain the correlation between the size of the data frame and the original phonemes.

The technique gets another helping hand: at least some of the time, boundaries between sounds correspond to sudden changes in frame size, hinting at the difference between “Han Solo” and “Hans Solo”.

The researchers mapped the size of encrypted data frames in the Skype stream back to likely patterns of phonemes, and used that mapping – which they called “Phonetic Reconstruction” – to reconstruct the call, without decrypting the data.

So how well does it work? Not so well that we should all abandon Skype tomorrow. However, the researchers noted that if an encryption scheme is to be considered secure, “no reconstruction, even a partial one, should be possible; indeed, any cryptographic system that leaked as much information as shown here would immediately be deemed insecure.”

Bigger phoneme-word dictionaries (covering more dialects and languages) and faster processing would improve the accuracy of this kind of analysis.

Source

BA Would-Be Bomber Relied on 2,000 Year Old Encryption

An IT worker from British Airways jailed for 30 years for terrorism offences used encryption techniques that pre-date the birth of Jesus.

Rajib Karim, 31, from Newcastle, was found guilty of attempting to use his job at BA to plot a terrorist attack at the behest of Yemen-based radical cleric Anwar al-Awlaki, a leader of al-Qaeda in the Arabian Peninsular.

Sentencing him at Woolwich Crown Court last week, Justice Calvert-Smith described Karim as a “committed jihadist” who responded “enthusiastically” towards plans to smuggle a bomb onto a plane or damage BA’s IT systems.

Justice Calvert-Smith praised police for being able to decipher incriminating documents under “five or more layers of protection”, the Daily Telegraph reports.

However, claims by the prosecution that the coding and encryption systems were the most sophisticated ever seen in use were overstated – by more than 2,000 years.

Woolwich Crown Court was told that Bangladeshi Islamic activists who were in touch with Karim had rejected the use of common modern systems such as PGP or TrueCrypt in favour of a system which used Excel transposition tables, which they had invented themselves.

But the underlying code system they used predated Excel by two millennia. The single-letter substitution cipher they used was invented by the ancient Greeks and had been used and described by Julius Caesar in 55BC.

Karim, an IT specialist, had used PGP, but for storage only.

Despite urging by the Yemen-based al Qaida leader Anwar Al Anlaki, Karim also rejected the use of a sophisticated code program called “Mujhaddin Secrets”, which implements all the AES candidate cyphers, “because ‘kaffirs’, or non-believers, know about it so it must be less secure”.

The majority of the communications that formed the basis of the case against Karim, which claimed to warn of a possible terrorist plot in the making, were exchanged using the Excel spreadsheet technique, according to the prosecution.

Writer Duncan Campbell, who acted as an expert witness for the defence during the trial, said: “Tough communication interception laws [RIPA] were passed in the UK 10 years ago on the basis that they were needed to fight terrorism. Ludicrous articles were published then about the alleged sophistication of their methods.

“The case just dealt with shows where we have got to in the real world. The level of cryptography they used was not even up to the standards of cryptology and cryptography in the Middle Ages, although they made it look pretty using Excel.

Sony tweets ‘secret’ key at heart of PS3 jailbreak case

An official Sony Twitter account has leaked the PlayStation 3 master signing key at the heart of the company’s legal offensive against a group of hackers being sued for showing how to jailbreak the popular game console.

Kevin Butler, a fictional PS3 vice president, retweeted the metldr key in what can only be assumed was a colossal mistake.

“Lemme guess… you sank my battleship?” he wrote in a post to the micro-blogging website that has been preserved for all the world to see. It goes on to include the key and the ironic words “Come at me.” The message was later removed from Butler’s tweet stream with no explanation why the key was leaked and then removed.

In a lawsuit filed in federal court in San Francisco last month, Sony accused well-known jailbreaker George Hotz, aka geohot, and more than 100 other hackers of violating US copyright law by disclosing the key, which is used to sign games and software that run on the PS3. Last week, Sony expanded its legal dragnet when it filed a series of motions seeking the identity of YouTube and Twitter users who did nothing more than discuss the issuance of the key or view videos showing how the latest hack worked.

Sony contends that videos and web postings disclosing the key violate provisions of the Digital Millennium Copyright Act that prohibit the circumvention of technology designed to prevent access to copyrighted material. Two weeks ago, the judge presiding over the case tentatively ruled Sony was likely to prevail on those claims and issued a temporary restraining order to prevent what she said would be “irreparable harm” if Hotz wasn’t required to surrender all his computer gear and remove all references to the hack that he posted online.

Sony’s gaffe shows just how futile Sony’s attempts are to prosecute people who discussed the key, said Stewart Kellar, the San Francisco attorney representing Hotz.

“It just demonstrates that the restraining order here will not prevent imminent irreparable harm to Sony because if there is harm it’s already occurred,” he told The Register. “The key is already out there. Restraining George will not stop the key from being distributed.”

A court hearing is scheduled for Thursday in the case so the judge can hear arguments that the temporary restraining order is overbroad and should be rescinded.

Sony, which says it’s sold about 44 million PS3s, has said its suit is necessary to prevent pirated games from running on the console. Hotz and members of the fail0verflow hacking collective, which in December published a PS3 jailbreak technique independent of Hotz, insist the hacks expand the functionality of the console so it can run custom, “homebrewed” applications that aren’t covered by copyright.

Last year, the US Copyright Office exempted iPhone jailbreaking from the DMCA so the handsets can run apps not officially sanctioned by Apple. Game consoles are unaffected by that act.

A email sent to Butler and a phone call left to Sony’s PR department weren’t returned?