STE WILLIAMS

Fresh cryptographic weaknesses have been found in the technology used by Google and other internet giants to encrypt online shopping, banking and web browsing.

The attack, developed by security researchers at Royal Holloway, University of London and University of Illinois at Chicago, targets weaknesses in the ageing but popular RC4 stream cipher. RC4 is quick and simple, and is used in the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols of HTTPS to protect sensitive web traffic from prying eyes.

But data encrypted by the algorithm can be carefully analysed to silently extract the original information, such as an authentication cookie used to log into a victim’s Gmail account. Cracking the encryption on a punter’s web traffic is difficult to pull off, though, for the moment.

The boffins explained:

We have found a new attack against TLS that allows an attacker to recover a limited amount of plaintext from a TLS connection when RC4 encryption is used. The attacks arise from statistical flaws in the keystream generated by the RC4 algorithm which become apparent in TLS cyphertexts when the same plaintext is repeatedly encrypted at a fixed location across many TLS sessions.

An attack using the researchers’ findings could work like this: a victim opens a web page containing malicious JavaScript code that tries to log into Google Gmail on behalf of the user via HTTPS; doing so sends the victim’s RC4-encrypted authentication cookie (created the last time the punter logged in) using a new session key. Someone eavesdropping on the network then records the encrypted data sent and the JavaScript terminates the connection; it repeats this continually, forcing new keys to be used each time, and thus allows someone snooping on the connections to build up a treasure trove of encoded messages.

Ideally, this data should appear to be random, but RC4 suffers from statistical biases that will reveal parts of the encrypted sensitive information over time – provided the attacker can gather millions of samples to process. In this way, it is similar to the earlier BEAST attack on SSL connections.

The Royal Holloway and Chicago team argue that the most effective countermeasure against the attack is to stop using RC4 in TLS.

“There are other, less-effective countermeasures against our attacks and we are working with a number of TLS software developers to prepare patches and security advisories,” the computer scientists revealed in an advisory on their research.

RC4 is used by many websites to provide HTTPS encryption – including Google

Dan Bernstein, one of the researchers, unveiled the attack at the Fast Software Encryption conference in Singapore this week.

“Unfortunately, if your connection is encrypted using RC4, as is the case with Gmail, then each time you make a fresh connection to the Gmail site, you’re sending a new encrypted copy of the same cookie,” explained Matthew Green, a cryptographer and research professor at Johns Hopkins University in Maryland, US.

“If the session is renegotiated (ie, uses a different key) between those connections, then the attacker can build up the list of ciphertexts he needs.

“To make this happen quickly, an attacker can send you a piece of JavaScript that your browser will run – possibly on a non-HTTPS tab. This JavaScript can then send many HTTPS requests to Google, ensuring that an eavesdropper will quickly build up thousands, or millions, of requests to analyse.”

Other security experts say there’s no need to panic.

“It’s not a very practical attack in general, requiring at least 16,777,216 captured sessions, but as mentioned, attacks will only improve in time,” said Arnold Yau, lead developer at mobile security firm Hoverkey. “I think it’d be wise for TLS deployments to migrate away from RC4 as advised.”

RC4 was invented by Ron Rivest in 1987. Various attacks have been developed against RC4, which is used in Wi-Fi WEP protection, but the technology is still widely used. About 50 per cent of all TLS traffic is protected using RC4, and its use is, if anything, growing after another encryption algorithm in TLS, Cipher-block Chaining (CBC), was broken by experts.

TLS in CBC-mode was cracked by the BEAST and Lucky 13 techniques, which use so-called padding oracle attacks to defeat HTTPS encryption. Cryptographers at Royal Holloway, University of London developed the Lucky 13 breakthrough; BEAST was unleashed by Juliano Rizzo and Thai Duong – who also designed the CRIME attack on HTTPS that exploits the use of data compression in TLS rather than abusing ciphers.

“I will say, it’s funny seeing the RC4 breakers recommend CBC, and vice versa,” said noted security researcher Dan Kaminsky.

Marsh Ray, of PhoneFactor, a recent Microsoft acquisition, offered a different take: “Until I see three practical ways Duong and Rizzo can decrypt a cookie as a stage trick over RC4 think I’ll continue to recommend it over CBC.”

Separately, another team of crypto-researchers took the wraps off a refinement of the CRIME attack: the TIME (Timing Info-leak Made Easy) technique could be used to decrypt browser cookies to hijack online accounts in the process. Tal Be’ery and Amichai Shulman of Imperva unveiled their research at the Black Hat conference in Amsterdam, the Netherlands. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/tls_broken/

Two professors from MIT have won the Turing Award for their pioneering cryptography work.

Shafi Goldwasser, the RSA Professor of Electrical Engineering and Computer Science at MIT and a professor at Israel’s Weizmann Institute of Science, and Silvio Micali, the MIT Ford Professor of Engineering, secured the award for “transformative work that laid the complexity-theoretic foundations for the science of cryptography, and in the process pioneered new methods for efficient verification of mathematical proofs in complexity theory,” as a citation for the 2012 ACM A.M. Turing Award explains.

A statement by the Association for Computing Machinery (ACM) adds:

By formalizing the concept that cryptographic security had to be computational rather than absolute, they created mathematical structures that turned cryptography from an art into a science.

Their work addresses important practical problems such as the protection of data from being viewed or modified, providing a secure means of communications and transactions over the internet. Their advances led to the notion of interactive and probabilistic proofs and had a profound impact on computational complexity, an area that focuses on classifying computational problems according to their inherent difficulty.

The pair are responsible for zero-knowledge proof systems, which allow one party to prove the validity of a statement to a second party without revealing any information beyond the validity of the statement. This means that the second party could not go on to prove the validity of a statement to a third party.

Goldwasser and Micali laid the groundwork for technologies such as SSL encryption and digital signatures, according to ACM President Vint Cerf, who won the award himself in 2004.

“The encryption schemes running in today’s browsers meet their notions of security,” Cerf said. “The method of encrypting credit card numbers when shopping on the internet also meets their test. We are indebted to these recipients for their innovative approaches to ensuring security in the digital age.”

Limor Fix, director of the University Collaborative Research Group at Intel Labs, added:

The work of Goldwasser and Micali has expanded the cryptography field beyond confidentiality concerns.

Their innovations also led to techniques for message integrity checking and sender/receiver identity authentication as well as digital signatures used for software distribution, financial transactions, and other cases where it is important to detect forgery or tampering. They have added immeasurably to our ability to conduct communication and commerce over the internet.

Goldwasser and Micali were joint authors of an influential paper, Probabilistic Encryption as graduate students in 1983. Their definition of the security of encryption as a “game” involving adversaries has become a trademark of modern cryptography. An adversary (third party) should not be able to gain even partial information about a cryptographic secret, they argued.

The two cryptographers will split a $250,000 prize that accompanies the award, which is due to be presented by the Association for Computing Machinery on 15 June in San Francisco. The prize in sponsored by Intel and Google.

A full list of Turing Award winners can be found here. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/turing_award/

A sophisticated scheme to use a casino’s own security systems against it has netted scammers $33m in a high-stakes poker game after they were able to gain a crucial advantage by seeing the opposition’s cards.

The team used a high-rolling accomplice from overseas who was known to spend large amounts while gambling at Australia’s biggest casino, the Crown in Melbourne, according to the Herald Sun. He and his family checked into the Crown and were accommodated in one of its $30,000-a-night villas.

The player then joined a private high-stakes poker game in a private suite. At the same time, an unnamed person got access to the casino’s CCTV systems in the poker room and fed the information he gleaned back to the player via a wireless link. Over the course of eight hands the team fleeced the opposition to the tune of $33m.

According to a 2010 Victorian Law Reform Commission report, the Crown has one of the most sophisticated security systems in the industry. Cameras and microphones are studded throughout the casino complex and the feeds are monitored 24/7 by both the casino and staff at the Victorian Commission for Gambling Regulation.

Access to the casino’s private high-stakes poker rooms is restricted to the holders of special keycards, and this is augmented by physical security on the door. These rooms also have extra surveillance, with multiple pan, tilt, and zoom cameras watching the players.

Cameras both obvious and otherwise. Credit: David Caird

“Crown’s surveillance department recently reported concerns over a sophisticated betting scam. A Crown investigation is under way and is ongoing,” said a Crown spokesman. The company is “in a good position to recover a significant portion of the amount involved in the scam.”

“Crown has been liaising with both the police and the Victorian Commission for Gambling and Liquor Regulation regarding these matters,” he said.

There may be very little the police can do. Once the scam was uncovered the high-roller was ejected from his suite in the middle of the night and banned from any future visits. He is believed to have returned to his overseas home. The VIP handler assigned to look after him on his visit has also been fired.

It’s been an expensive few days for the casino, but the Crown’s hardly in financial problems. The casino gets around 30,000 visitors a day and is a top spot for high-spending Chinese gamblers. Last year it reported profits of $181m. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/cctv_hack_casino_poker/

Apple may be more interested in phones and watches these days than the 20th century legacy product that is the PC, but has nonetheless issued a new update for the operating system it still offers for the antediluvian machines.

OS X Mountain Lion v10.8.3, to give the update its full name, slipped down the skids today promising, among other things, “the ability to redeem iTunes gift cards in the Mac App Store using your Mac’s built-in camera”.

That sound you just heard was sysadmins plagued by user requests for camera-enabled card redemption cheering. The two of them can make quite a lot of noise.

More serious and useful features of the upgrade include:

• Boot Camp support for installing Windows 8
• Boot Camp support for Macs with a 3 TB hard drive
• A fix for an issue that could cause a File:/// URL to slay apps unexpectedly
• A fix for an issue that may cause Logic Pro to become unresponsive when using certain plug-ins
• A fix for an issue that may cause audio to stutter on 2011 iMacs
• A fix for an issue in Contacts that may cause cards to print out of order
• A fix for an issue that may cause the desktop picture to change after logging out or restarting
• A fix for an issue in Messages that may cause messages to appear out of order after waking from sleep
• A fix for an issue that may cause the screen to display incorrectly after waking from sleep
• Improves compatibility with IMAP servers in the Notes app
• Allows the Slideshow screen saver to display photos located in a subfolder
• A fix for an issue in Contacts that may cause addresses to print in the wrong location
• Reliability improvements when using a Microsoft Exchange account in Mail
• Xsan reliability improvements
• A fix for an issue that could cause Active Directory accounts to be locked out after accessing the Security

The update also addresses a number of security problems, including a Java mess, a QuickTime flaw that could see attackers terminate applications, a problem that could mean “A remote attacker may be able to cause arbitrary code execution if a Rails application is running” and a fix to stop Apple’s Software Update tool falling victim to man in the middle attacks.

All the fixes are listed here.

Your upgrade may not be swift, if the Tweet below from NetApp employee Val Bercovici is any guide.

Heads-up: Those upgrading to OS X 10.8.3 should prepare for a very long awkward pause on 1st of several reboots. At least on my MBA…

— valb00 (@valb00) March 15, 2013

®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/os_x_mountain_lion_v10_8_3/

Nearly nine out of ten security vulnerabilities in Windows computers last year were the fault of popular third-party applications, as opposed to Microsoft’s own software.

That’s according to security biz Secunia, which analysed flaws found in the most-used 50 Windows programs – 29 from Microsoft (including its operating system family) and 21 from third-party developers.

In 2012, 86 per cent of 2,755 vulnerabilities identified by Secunia’s study were found in code developed outside of Microsoft; that’s up 8 percentage points on 2011’s 78 per cent, we’re told. In 2007, the figure was just 57 per cent.

Secunia credited Microsoft for its continued focus on shoring up security measures in its products, and reducing its share of the software vulnerabilities on its Windows platform. The Danish biz added that sysadmins must not forget to roll out updates for all installed code rather than just Microsoft’s and the few “usual suspects from other vendors”.

Last year, according to Secunia, 5.5 per cent of the vulnerabilities found were present in Windows XP, Vista and Windows 7 operating systems and 8.5 per cent were in Microsoft’s user-land programs. In 2011, the numbers were 78 per cent in non-Microsoft code, 10 per cent in Windows OSes and 12 per cent in Microsoft applications.

The number of vulnerabilities tracked by Secunia continues to increase, almost doubling over the last five years. Adobe Flash Player, Adobe Reader and Oracle’s Java runtime engine are among the third-party applications included in Secunia’s study.

“Companies cannot continue to ignore or underestimate non-Microsoft programs as the major source of vulnerabilities that threaten their IT infrastructure and overall IT-security level. The number of vulnerabilities is on the increase, but many organisations continue to turn a blind eye, thereby jeopardising their entire IT infrastructure: It only takes one vulnerability to expose a company,” said Morten R. Stengaard, Secunia’s director of product management.

The total number of vulnerabilities in the top-50 most popular Windows programs was 1,137 in 2012. Most of these were rated by Secunia as either highly critical (78.8 per cent) or extremely critical (5.3 per cent). Despite the hype about zero-day exploits, 84 per cent of vulnerabilities had a patch available on the day they were disclosed, up from 72 per cent in 2011.

More details on all these figures and more than be found in Secunia’s Vulnerability Review 2013 report. The biz collected the figures from anonymised data gathered from system scans by the millions of users of Secunia’s patch management software, Personal Software Inspector. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/secunia_vulnerability_research/

A range of HP LaserJet printers suffer a security flaw that can leak data and passwords, the US Computer Emergency Response Team (CERT) warns. Users have been told to apply the firmware patches issued by HP that resolve the issue.

HP says the security risk arose after it was discovered that several models of HP LaserJets feature a “telnet debug shell which could allow a remote attacker to gain unauthorized access to data”. Essentially, this means the printers can be accessed through a telnet session without requiring a password – allowing unauthenticated remote attackers to gain access to unencrypted data using this telnet daemon.

Security bods have suggested that HP’s developers mistakenly left the debugging aid in the firmware of the affected printers.

“Debugging code is an all-but-unavoidable part of any development project, aimed at helping you to understand more precisely how your code behaves internally,” explained Paul Ducklin, Sophos’s head of technology for Asia Pacific, in a blog post.

“This often means that debugging code is a security nightmare, since it may allow software behaviour which is unsuitable for a shipping product, such as introspection (a fancy word for peeking inside data structures that are usually off limits to other users), and authentication bypasses. So, debug code is typically compiled out altogether in a release build.”

Ducklin added that Telnet is “unencrypted, insecure and out of place in 2013”.

HP has patched the afflicted firmware for the affected printers. Users of a wide range of HP printers are advised to apply the update. It listed the vulnerable kit as: HP LaserJet Pro P1102w, HP LaserJet Pro P1606dn, HP LaserJet Pro M1213nf MFP, HP LaserJet Pro M1214nfh MFP, HP LaserJet Pro M1216nfh MFP, HP LaserJet Pro M1217nfw MFP. HP HotSpot LaserJet Pro M1218nfs MFP, HP LaserJet Pro M1219nf MFP, HP LaserJet Pro CP1025nw and HP LaserJet Pro CP1025nw.

HP’s advisory (support document) is here. German security researcher Christoph von Wittich of Hentschke Bau gets the hat tip for finding the vulnerabilities. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/hp_printers_security_hole/

UK ministers have discovered that computer hacking is no longer the preserve of awkward teens tapping away in their bedrooms – and will wage war on gangs buying software tools to raid Brits’ online accounts.

The government has formed a new Cyber Crime Reduction Partnership to bring together top cops, security experts and boffins to come up with strategies to fight online crime rings. The brain bank will aid the National Cyber Crime Unit, Blighty’s other crack anti-hacker team.

“For too long the public’s perception of cyber crime has been a lone bedroom hacker stealing money from a bank account,” security minister James Brokenshire said yesterday.

“But the reality is that cyber criminals are organised and global, with a new breed of criminals selling ‘off-the-shelf’ software to aid gangs in exploiting the public.

“This government is committed to tackling this threat and we have already had great success. But we want to go further and through the creation of the National Cyber Crime Unit within the National Crime Agency (NCA) and innovations such as the new Cyber Crime Reduction Partnership, I am confident we can bring these criminals to justice.”

The NCA was established by law in May 2012 and is expected to be fully operational by December this year. The agency will take on the roles of the Serious Organised Crime Agency and the Child Exploitation and Online Protection Centre. Its mission is tackling organised crime, fighting electronic fraud and protecting kids from abuse.

Brokenshire launched the cyber-crime partnership during a speech at the British Computer Society, a chartered institute, on Thursday. The minister added that members of the public can play their part by reporting online crimes to Action Fraud, the UK’s national crime reporting centre, and by taking basic security precautions when going online, such as using strong passwords and antivirus tools.

Simon Leech, director for HP’s enterprise security arm in EMEA, welcome the move.

“The UK’s new-cyber crime unit is definitely a step in the right direction when it comes to tackling increasingly complex security threats to business and governments alike,” Leech said.

“Our HP 2012 Top Cyber Security Risks Report recently revealed that total vulnerabilities are on the rise, particularly those for mobile, and so it’s more important than ever that companies take proactive steps to safe guard themselves, using actionable security intelligence from their information and security events to better identify, understand as well as address risk.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/cyber_crime_policing_strategy/

Apple may be more interested in phones and watches these days than the 20th century legacy product that is the PC, but has nonetheless issued a new update for the operating system it still offers for the antediluvian machines.

OS X Mountain Lion v10.8.3, to give the update its full name, slipped down the skids today promising, among other things, “The ability to redeem iTunes gift cards in the Mac App Store using your Mac’s built-in camera.”

That sound you just heard was sysadmins plagued by user requests for camera-enabled card redemption cheering. The two of them can make quite a lot of noise.

More serious and useful features of the upgrade include:

• Boot Camp support for installing Windows 8
• Boot Camp support for Macs with a 3 TB hard drive
• A fix for an issue that could cause a file URL to quit apps unexpectedly
• A fix for an issue that may cause Logic Pro to become unresponsive when using certain plug-ins
• A fix for an issue that may cause audio to stutter on 2011 iMacs
• A fix for an issue in Contacts that may cause cards to print out of order
• A fix for an issue that may cause the desktop picture to change after logging out or restarting
• A fix for an issue in Messages that may cause messages to appear out of order after waking from sleep
• A fix for an issue that may cause the screen to display incorrectly after waking from sleep
• Improves compatibility with IMAP servers in the Notes app
• Allows the Slideshow screen saver to display photos located in a subfolder
• A fix for an issue in Contacts that may cause addresses to print in the wrong location
• Reliability improvements when using a Microsoft Exchange account in Mail
• Xsan reliability improvements
• A fix for an issue that could cause Active Directory accounts to be locked out after accessing the Security

The update also addresses a number of security problems, including a Java mess, a QuickTime flaw that could see attackers terminate applications, a problem that could mean “A remote attacker may be able to cause arbitrary code execution if a Rails application is running” and a fix to stop Apple’s Software Update tool falling victim to man in the middle attacks.

All the fixes are listed here.

Your upgrade may not be swift, if the Tweet below from NetApp employee Val Bercovici is any guide.

Heads-up: Those upgrading to OS X 10.8.3 should prepare for a very long awkward pause on 1st of several reboots. At least on my MBA…

— valb00 (@valb00) March 15, 2013

®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/os_x_mountain_lion_v10_8_3/

North Korea is warning that the US and its allies “should be held wholly accountable” after claiming that a massive cyber attack has taken the country offline over the past two days, despite virtually no one in the secretive state being allowed on the interwebs.

The axis of evil state’s Korean Central News Agency blamed the US, in typically understated fashion, for “very disturbing developments” and “despicable and base acts” upon its internet infrastructure, for which its enemies will suffer “ensuing consequences”, according to the North Korea Tech blog.

It added the following:

Intensive and persistent virus attacks are being made every day on internet servers operated by the DPRK… The DPRK will never remain a passive onlooker to the enemies’ cyber attacks that have reached a very grave phase as part of their moves to stifle it. It is ridiculous, indeed, for the hostile forces to mount such virus attacks on the DPRK’s internet servers, much upset by the all-out action of its army and people to defend the sovereignty of the country and the nation.

Ironically enough, the majority of the nation’s citizens aren’t even allowed to access the world wide web, so even if a widespread cyber attack has taken the country offline, only “elite” members of society, as well as a select group of academics and scientists, would be affected.

A swipe at a few web servers is not, therefore, a major disruption to the life of most North Koreans.

The country has had a restricted 3G network since 2008, run by Egyptian/North Korean JV Koryolink, wireless data connectivity was only switched on last month, for foreigners, tourists and presumably former NBA stars.

This has led to some interesting tweets and Instagram snaps from the handful of foreigners in the reclusive state, but such connectivity options are beyond the wildest dreams of most proles there.

Still, there is hope that supreme leader Kim Jong-un may be more tech-savvy than his presidential predecessors, and therefore perhaps more inclined to relax internet restrictions. He was snapped last month, for example, with what appeared to be an HTC smartphone at his side. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/15/north_korea_cyber_attack_internet/

Adobe’s ColdFusion web development software is to blame for the downtime of the US Government’s National Vulnerability Database.

The malware infected two servers, and caused the National Institute for Standards and Technology to take the NVD database and other US government sites offline on Friday.

The servers were compromised for at least two months before a firewall detected mysterious outbound traffic. The malware used vulnerabilities in Adobe ColdFusion, for which a patch is now available.

Adobe issued a security advisory for ColdFusion on January 4, and a patch for it on January 15.

It gave the patch a priority-one rating, and said it was aware the vulnerabilities were being used in the wild.

“The servers were compromised before the software vulnerability was known to the software vendor,” director of NIST’s public affairs office Gail Porter, told The Register.

NIST first learned that its server had been compromised through firewall alerts that were detected on Friday.

The four vulnerabilities that the patch dealt with could allow hackers to gain administrative access to the server, along with access to restricted directories.

Two servers were taken offline – one hosted NIST’s NVD database, while the other hosted a variety of government websites, including manufacturing.gov, e3.gov, greensuppliers.gov, emtoolbox.nist.gov, nsreserve.gov, and stonewall.nist.gov.

“Manufacturing.gov has been restored on a different server,” Porter said. “NIST is working to restore the other websites as quickly as possible.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/03/14/adobe_coldfusion_vulns_compromise_us_malware_catalog/