Author Archives: wunderbarb

Open source and Kerckoffs law

Posted on by
Reply

In a recent post, at TechRepublic, Chad Perrin argued that open source is definitely a better security solution than proprietary solution because it complies with Kerckoffs Law.

Although, it is true most of the time, it is not an absolute truth in security (as usual). It depends on the trust model of the security system. I will take an example: OpenSSL. The trust model of SSL is that Alice and Bob trust each other and they want to avoid that Eve spies them or tampers their messages. Thus, OpenSSL uses cryptographic algorithms. The OpenSSL cryptographic toolbox is well studied and perfect. But only under the above mentioned trust model.

Let us now suppose that Alice wants to control the access of Bob to an information stored on Bob’s computer. She does not trust Bob. Thus, she will cipher the information with a secret key and gives a decryption program to Bob. Nevertheless, for obvious reasons, she wants to keep the secret key secret from Bob. She cannot use the cryptographic toolbox of OpenSSL (although it is good and has no flaws) because Bob, being a good hacker, will easily extract the secret key by knowing where and when it is used in OpenSSL.

This example is a simplified illustration of the problem of DRM. Therefore, it is impossible to design an open source DRM for B2C or B2B applications. The final user is not trusted. It may have sense in a C2C model (Consumer To Consumer).
Open source is perfect if the trust model of the system assumes that the “owner” or “operator” of the corresponding software is trusted. If it is not the case, then Open source is not the right answer. Then, we enter in the realm of secure coding and tamper resistant software which is another story.

Nevertheless, even for proprietary implementations, it is recommended to use well known and studied algorithms and protocols. Here, security by obscurity is bad. For implementation issues, it is another story (remember AACS hack)

TorrentSPy: one round for studios

Posted on by
Reply

On Friday 28th March, TorrentSpy, one of the main torrent tracker sites definitively closed. According to the site, the legal burden was becoming too heavy. Having the feeling that they could not preserve the interests of their users, they closed their site. Since 2006, MPAA was suing TorrentSpy for facilitating piracy.

Will it change something? Probably not much. Many tracker sites are available. TorrentSpy will disappear from toolbars and from filters of tools such as BitChe.

A theoretical interesting question: does the closing of a major site help or reduce piracy. On one hand, a wealth of torrent trackers have vanished. On the other hands, more people will connect on the currently available torrents thus making them more efficient in terms of sharing.

Extension of Copyright in Europe?

Posted on by
Reply

EU commissioner McGreevy proposes to extend the copyright lifetime for performers from 50 years to 95 years. Interestingly copyright lifetime for composers is of 70 years after his/her death. In most of the world, the default length of copyright is the life of the author plus either 50 or 70 years.
The current limit of 50 years means that many songs from still alive performers will soon enter in public domain. According to some estimations, this extension represents a gain of 3 to 10% for the European phonographic industry. Electronic Free Foundation (EFF) has launched an online petition against this initiative.

Copyright lifetime expiration is an interesting problem for DRM. What happens for a protected song when it enters the public domain? Normally, they should be no more protected. Extension of 45 years may delay this technical issue for several years?  :Wink:

Confidential data and P2P

Posted on by
Reply

Last year, Pfizer had a serious security breach. Personal records of 17,000 employees and previous employees were available on a peer-to-peer (P2P) network. The wife of a Pfizer employee installed a file sharing software on her husband’s company laptop. The configuration was badly set and confidential information leaked. This type of leakage is rather common. In Security Newsletter n°4, I reported a virus using P2P software to distribute random file of a hard disk. Japanese defense plans leaked!

The first-thought recommendations would be to ban P2P software from company’s computers. This recommendation has limits:

  • P2P software may be useful in some context (and probably will become more prevalent in the future)
  • There is no serious way to avoid user to install such software and use it outside the fire walled environment of the company. In fact, it is possible to block installation of software by users, but it becomes quickly a problem for the IT department (cost of installing new software, upgrades, patches, …). It is often not practical excepted in highly secure environment. In any case, in most case, IT aware users will bypass the control.

Thus, the best recommendation I would give is to encrypt all confidential files on the laptop. This answers this threat, because what is shared is encrypted data, i.e. useless, and answers many other threats such as theft of laptops. Obviously the choice of the encryption tool is important (We will report on the latest hack on encryption tools in next security newsletter to be published in a fortnight)

It is also important to remember that you are also at risk at home with your private data. If ever you, or your relatives, use P2P software on your personal computer, check carefully its configuration to strictly sandbox the sharing space. Hoping that there is no backdoor that allows changing it  :Wink:

In the referenced article, I found also interesting the data mining performed on queries on P2P network. Privacy is even leaking on P2P network usage :Amazed:

Social networks and privacy

Posted on by
Reply

Recently Facebook enhanced its privacy controls on the information. Users are supposed to be able to control who can access personal data for instance personal pictures. Nevertheless, a hole in security allowed to access personal pictures independently from their control rules. Journalist from Associated Press (AP) was able to browse among personal pictures (see AP news) Facebook quickly fixed the hole.

Once more, this news rises the question about privacy and social networks. Social networks are not different from traditional web sites. Data stored on their server are vulnerable and may be exposed. Social networks, due to their social role, increase the problem. Information posted on these networks are by nature personal thus potentially sensitive.

Data on social networks (or any other type of sites) have two characteristics:

  • They are vulnerable. They may leak or may be stolen
  • They are persistent. Internet has a huge memory. Ten years old data are still somewhere in the cyberspace, available to revealed.

The consequences are:

  • Information that you do not want to be public may become public
  • Information that were not important today may become embarrassing in the future. These information will be available and may ruin reputation.

Thus, a rule: Do never post a personal information that you do not want to become one day public It may become public.

Some thoughts about RFID and passports

Posted on by
Reply

Last week, I discussed with a well known cryptographer: JJQ. We were exchanging about RFID security, last mifare hack, and security of RFID-based passports. During the discussion, we went through a new threat.
Let us now assume that the RFID passport is largely used, and even that one country requires RFID-based passport for entering. We assume that forging a RFID-based passport is extremely difficult (it will never be impossible, law 1). We may assume that forging the paper part of the passport will be easier (else why replacing them with more expensive passports). But the forgery would be detected by mismatch between the information in the passport and the RFID.
The obvious attack would be to blast the RFID of the passport. Then the border guard would check only the paper part. Nevertheless, this may not be sufficient because we may assume that the border guard will be watchful because he faces an exceptional case.
Let us now assume that the attacker was able to build a gimmick that blasts all the RFID of every passports in a plane before leaving it. You will have several hundreds of exceptional cases. In other words, the border guards will be overwhelmed by the situation. Furthermore, if the attacker will present itself among the last ones, then his probability to go through with the forged passport will significantly raise.
Here it is a nice example of combined attacks: technique to blast the RFID and social engineering by creating an exceptional situation to stress the border guards.
Thus, for such type of applications, Denial of Services attacks should be carefully studied and prevented.

SlySoft announces that it broke BD+

Posted on by
Reply

Slysoft, the manufacturer of AnyDVD HD software announced that the new version allows to copy BD+ protected disks. See Press Release
AnyDVD was the first commercial package that allowed to rip AACS protected discs. Successive versions keep the pace with the changes in the revocation of players. For more information about the hacks read Security newsletter 5 and Security newsletter 6

BluRay consortium decided to launch its BD+ protection. BD+ is a layer of additional protections on top of AACS. One of the most interesting feature of BD+ is SPDC (Self Protecting Digital Content). SPDC was developed by CRI, the company of Paul Kocher. Paul Kocher is well known for his devastating side channel attacks on smart cards such ad Differential Power Attack or Differential Timing Attack. Recently, CRI sold the SPDC technology to Macrovision. SPDC allows to append to a BD title a small application that redefines the security mechanism of the player. In other words, it would be possible for reach title to have a different security protection. Renewability is one key element (Law 1).

What does the announcement of SlySoft mean?
Two scenarios are possible.
1- SlySoft has designed a class attack, i.e. an attack that definitively defeats any BD+ implementation for instance by finding a lethal weakness.
2- SlySoft has been able to defeat the current protection of new BD+ titles.
In view of the announcement, scenario 2 is more realistic. SlySoft acknowledges that BD+ is not yet using all the available features. In other words, the current version of anyDVD breaks the current titles. A new SPDC code would require SlySoft to design new circumventing code (Three months in the company Dungeon :Wink:)

BD+ has been designed for renewability. The concept of BD+ acknowledges that hackers will find their way. But BD+ also allows a new race to start.

Conclusion
The question is not too much to know if some BD+ titles could be ripped. It is more how long it will take to find a method to rip them. If the new protection remains secure for enough weeks to preserve the maximum sales, then BD+ will be successful.

I will be provocative. This first BD+ hack is the best justification of the existence of BD+. Dynamic defense is better than static defense. Security is never absolute. It is a compromise.

In any case, we will keep you informed of any news on the AACS front.