Category Archives: Hack

VC2 and AMEX

Posted on by
Reply

The Visual Cryptogram 2 (VC2) was created by VISA in 2005 to protect against online fraud. The VC2 code is the three-digit number printed at the back of your credit card. The rationale of VC2 is that to access this code, you need to have the card insight. I always thought that the rationales to print it at the back was to avoid camera capture used with card skimmers (see for instance http://www.darknet.o … ut-atm-hacking-tips/).

It seems I was wrong, or at least that AMEX does not fear this type of skimmers. AMEX uses also a visual cryptogram. But AMEX’s VC is four-digit long and printed on the front side of credit card. I do not understand the rationale for using a different scheme (Different size, different location). In fact, I learned it the hard way. When using the first time my AMEX online, I used the three digit at the back of the card. There was one! And of course, it did not work. :Sad:

Has somebody a clue?

Understanding Scam Victims

Posted on by
Reply

BBC has broadcast a set of TV documentaries “The Real Hustle“. In this documentaries, Paul Wilson, a con-artist, scams real people with real scams. When you look them, you are upset because they are sometimes extremely simple but devastating. For instance:

Frank Stajano from Cambridge Computer Laboratory has co-authored with Paul Wilson a paper that analyses these scams. The analysis extracts seven principles that may drive human behavior:

  •   The Distraction Principle
  •   The Social Compliance Principle
  •   The Herd Principle
  •   The Dishonesty Principle
  •   The Deception Principle (Dear to Mitnik :Happy: )
  •   The Need and Greed Principle
  •   The Time Principle

Frank explains how these principles may infer with security systems. We all know that human is the weakest link. Knowing that human behavior is driven by these principles, it may be possible to build systems that mitigate the importance of the human weak link.

Most of these principles are not new. Some have already been disclosed in books like “Beyond Fear” or “The science of fear”. Nevertheless, the paper is worth to read, even if it is just to better discover the world of scam (and may be increase our awareness and saving us in the future) Good summer reading.

Is SSL still secure?

Posted on by
Reply

I know that the title is somewhat provocative. Nevertheless, the current system of certificates and more precisely the way the browsers handle them presents some weaknesses.

In security newsletter N°12, Mohamed Karroumi explained the latest attacks using forged MD5 certificates for mounting a man in the middle attack. The designers of the attack were Alexander SOTIROV and Mike ZUSMAN. At that time, the countermeasure seemed simple: do not use anymore MD5 certificates.

At last Black Hat 2009, the same researchers have disclosed a new attack that bypassed this protection. The Extended Validation (EV)certificates standard has been designed to have more secure certificate attribution (no simple online application…) and also banned RSA1024 and MD5. Thus, we could believe that a site using EV certificate should be safe against the MD5 based man in the middle. They demonstrated that it was wrong. In fact most browsers accept to start a session with an EV certificate and continue with a non EV certificate. Game over. SOTIROV and ZUSMAN showed the actual attack at the conference.

The countermeasure seems not simple if a smooth deployment is expected unless it is possible to ban ALL MD5 certificates. May be some news in our next newsletter.

Retrieving lost passwords through social interaction

Posted on by
Reply

What happens when you forget your password? Often there is an automatic back up procedure that allows to get it back. Sometimes, it is just an authentication through mail address, i.e. the password or a new one is sent to the address you registered. More often, it uses secret questions that should authenticate you. For instance the name of your pet, your birth town… Obviously, these secret questions have two problems:

  • They are easy to guess because too simple. You may harden it by cheating with the answer, but you need to remember your cheating.
  • If they are too complex, then you may have forgotten the answer.

In other words, they are inadequate, although largely deployed.

SCHECHTER S., EGELMAN S. and REEDER R. from Microsoft describe an interesting solution to this problem in “It’s not what you know, but who you know“. Each user defines a list of trustees. Each trustee will receive a recovery code. To retrieve the password, the user must obtain form his/her trustees their recovery code.

The experiment highlighted two issues:

  • After a while, the user often forgets his/her trustees. Thus, you need a procedure to retrieve the trustees’ identity.
  • Many trustees would provide the recovery code to someone close to the user.

I would also add one major one. It takes a lot of times. One subject took 5 days to get three recovery codes. Often, you want immediate access.

Nevertheless, an interesting paper to read. I recommend the section that describes how the trustee gets the recovery code. It was designed to highlight many risks of social engineering. Nice work.

Wardriving RFID passports?

Posted on by
Reply

Wardriving is the game to wander in a location and build the cartography of the wireless networks. Of course, the most interesting ones are the ones which are not protected or WEP protected (The equivalent of not being protected. It is too easy to break WEP).

Chris Paget, a well known white hacker who plays with RFID, has demonstrated a new type of wardriving: collecting information from the new US passport or driving license using RFID. In a video, he shows how he retrieved data needed to clone these cards.

In US passport and RFID, I presented the risks associated to these new cards. Paget shows how to do it with not much cost. The range of reading depends on the emitting power of the antenna. Even without cloning, with this type of attack, it would be possible to spot a person, once you sniffed his/her RFID identification code.

It should be noted that this type of RFID is not the one used in the e-passport (the booklet passport). The e-passport is more secure.

Nevertheless, it is worrying to see administrations deploying such weak systems.

Is MD5 certificate attack a lethal hit to SSL?

Posted on by
Reply

MD5 is known to be a weak hashing algorithms for many years. Thus, it was vanishing from the scope. The scope was more on attacking SHA family. Nevertheless, researchers (Alex Sotirov, Marc Stevens, Jake Appelbaum, Arjen Lenstra, Benne de Weger, and David Molnar) have brightly combined three weaknesses: MD5 collision, the fact the some certification Authorities (CA) still use MD5 to sign SSL certificates, and that browsers poorly manage root certificates. They presented their attack at Chaos Computer Club conference.

The researchers asked a legitimate CA to sign with MD5 a legitimate SSL certificate. Then they forged a root key using the same signature. Bingo! They could now generate and sign “legitimate” SSL certificates.

Is it dangerous? Not really. First of all, the majority CAs are not anymore using MD5. The attack does not work on certificates that were already issued. In other words, when receiving new certificates signed with MD5 (normally very few) be cautious with the issuing date. You can still trust SSL. :Wink:

The cure is extremely simple. No CA should anymore use MD5 to sign certificates. The CA that signed the certificate used for the demonstration announced that it will soon get rid of MD5 :Happy:

Although not lethal attack, the work of the researchers is a an extremely nice and smart attack. The attack will be detailed in Security newsletter #12

US passport and RFID

Posted on by
Reply

Once more, the use of RFID with ID cards raises many concerns. This time it is for the new US passport cards. These cards are only valid for sea and land travel. It seems that the design was only driven by cost consideration. There are two main characteristics

  • It uses off the shelf standard EPC chips (i.e., low cost tags as used for inventory tracking)
  •   The reading distance is 50 meters!

Being a standard EPC, the card just delivers a unique ID. This unique ID can be eavesdropped and reprogrammed in a blank EPC. Of course, the security relies on the guard who should check that the corresponding record points to the right owner. But we all know that vigilance decreases with time.
The long range of reading is an obvious privacy issue. With such a distance, it is easy to trace somebody. The solution proposed by the Administration is a privacy sleeve! This would never work with me. I would sooner or later forget it or loose it.
But the nicest is the “Kill” command. For privacy issue, EPC have a kill command that mutes definitively the chip. EPC are used for inventory tracking. Once the item sold, it must be possible to desactivate the chip. This command is legitimate for its initial use but not for this one. In a March post, I described a Denial Of Service attack to pass a border. With this type of card, it is extremely easy to mount it.
As usually, Administration downgrades the risks. According to them, the risks are improbable! When security design is driven by money, the result is often a catastrophe.