Forgot your password?
typodupeerror

Please create an account to participate in the Slashdot moderation system

Encryption

Snowden Used the Linux Distro Designed For Internet Anonymity 145

Posted by Soulskill
from the NSA-can't-make-heads-or-something-of-it dept.
Hugh Pickens DOT Com writes: "When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System (Tails) to keep his communications out of the NSA's prying eyes. Tails is a kind of computer-in-a-box using a version of the Linux operating system optimized for anonymity that you install on a DVD or USB drive, boot your computer from and you're pretty close to anonymous on the internet. 'Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"
Encryption

First Phase of TrueCrypt Audit Turns Up No Backdoors 168

Posted by Unknown Lamer
from the only-slightly-insecure dept.
msm1267 (2804139) writes "A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase. A report on the first phase of the audit was released today (PDF) by iSEC Partners, which was contracted by the Open Crypto Audit Project (OCAP), a grassroots effort that not only conducted a successful fundraising effort to initiate the audit, but raised important questions about the integrity of the software.

The first phase of the audit focused on the TrueCrypt bootloader and Windows kernel driver; architecture and code reviews were performed, as well as penetration tests including fuzzing interfaces, said Kenneth White, senior security engineer at Social & Scientific Systems. The second phase of the audit will look at whether the various encryption cipher suites, random number generators and critical key algorithms have been implemented correctly."
Encryption

Obama Says He May Or May Not Let the NSA Exploit the Next Heartbleed 134

Posted by Soulskill
from the thanks-for-providing-zero-clarity dept.
An anonymous reader writes "The White House has joined the public debate about Heartbleed. The administration denied any prior knowledge of Heartbleed, and said the NSA should reveal such flaws once discovered. Unfortunately, this statement was hedged. The NSA should reveal these flaws unless 'a clear national security or law enforcement need' exists. Since that can be construed to apply to virtually any situation, we're left with the same dilemma as before: do we take them at their word or not? The use of such an exploit is certainly not without precedent: 'The NSA made use of four "zero day" vulnerabilities in its attack on Iran's nuclear enrichment sites. That operation, code-named "Olympic Games," managed to damage roughly 1,000 Iranian centrifuges, and by some accounts helped drive the country to the negotiating table.' A senior White House official is quoted saying, 'I can't imagine the president — any president — entirely giving up a technology that might enable him some day to take a covert action that could avoid a shooting war.'" Side note: CloudFlare has named several winners in its challenge to prove it was possible to steal private keys using the Heartbleed exploit.
Security

NSA Allegedly Exploited Heartbleed 149

Posted by Soulskill
from the according-to-somebody-who-may-or-may-not-be-a-person dept.
squiggleslash writes: "One question arose almost immediately upon the exposure of Heartbleed, the now-infamous OpenSSL exploit that can leak confidential information and even private keys to the Internet: Did the NSA know about it, and did they exploit if so? The answer, according to Bloomberg, is 'Yes.' 'The agency found the Heartbeat glitch shortly after its introduction, according to one of the people familiar with the matter, and it became a basic part of the agency's toolkit for stealing account passwords and other common tasks.'" The NSA has denied this report. Nobody will believe them, but it's still a good idea to take it with a grain of salt until actual evidence is provided. CloudFlare did some testing and found it extremely difficult to extract private SSL keys. In fact, they weren't able to do it, though they stop short of claiming it's impossible. Dan Kaminsky has a post explaining the circumstances that led to Heartbleed, and today's xkcd has the "for dummies" depiction of how it works. Reader Goonie argues that the whole situation was a failure of risk analysis by the OpenSSL developers.
Crime

Stung By File-Encrypting Malware, Researchers Fight Back 84

Posted by timothy
from the picked-the-wrong-guys dept.
itwbennett (1594911) writes "When Jose Vildoza's father became the victim of ransomware, he launched his own investigation. Diving into CryptoDefense's code, he found its developers had made a crucial mistake: CryptoDefense used Microsoft's Data Protection API (application programming interface), a tool in the Windows operating system to encrypt a user's data, which stored a copy of the encryption keys on the affected computer. Vildoza and researcher Fabian Wosar of the Austrian security company Emsisoft collaborated on a utility called the Emsisoft Decrypter that could recover the encrypted keys. In mid-March Vildoza had launched a blog chronicling his investigation, purposely not revealing the mistake CryptoDefense's authors had made. But Symantec then published a blog post on March 31 detailing the error."
Encryption

Theo De Raadt's Small Rant On OpenSSL 301

Posted by timothy
from the heartbleed-of-the-matter dept.
New submitter raides (881987) writes "Theo De Raadt has been on a better roll as of late. Since his rant about FreeBSD playing catch up, he has something to say about OpenSSL. It is worth the 5 second read because it is how a few thousand of us feel about the whole thing and the stupidity that caused this panic." Update: 04/10 15:20 GMT by U L : Reader badger.foo pointed out Ted Unangst (the Ted in the mailing list post) wrote two posts on the issue: "heartbleed vs malloc.conf and "analysis of openssl freelist reuse" for those seeking more detail.
Encryption

Snowden: NSA Spied On Human Rights Workers 230

Posted by Soulskill
from the also-on-non-human-rights-workers dept.
Hugh Pickens DOT Com writes: "The Guardian reports that according to Edward Snowden, the NSA has spied on the staff of prominent human rights organizations like Amnesty International and Human Rights Watch. 'The NSA has specifically targeted either leaders or staff members in a number of civil and non-governmental organizations including domestically within the borders of the United States.' Snowden, addressing the Council of Europe in Strasbourg, said he did not believe the NSA was engaged in 'nightmare scenarios,' such as the active compilation of a list of homosexuals 'to round them up and send them into camps.' But he did say that the infrastructure allowing this to happen had been built.

Snowden made clear that he believed in legitimate intelligence operations but said the NSA should abandon its electronic surveillance of entire civilian populations. Instead, Snowden said, it should go back to the traditional model of eavesdropping against specific targets, such as 'North Korea, terrorists, cyber-actors, or anyone else.' Snowden also urged members of the Council of Europe to encrypt their personal communications and said that encryption, used properly, could still withstand 'brute force attacks' from powerful spy agencies and others. 'Properly implemented algorithms backed up by truly random keys of significant length all require more energy to decrypt than exists in the universe.'"
Encryption

"Nearly Unbreakable" Encryption Scheme Inspired By Human Biology 179

Posted by timothy
from the just-ask-the-creator dept.
rjmarvin (3001897) writes "Researchers at the U.K.'s Lancaster University have reimagined the fundamental logic behind encryption, stumbling across a radically new way to encrypt data while creating software models to simulate how the human heart and lungs coordinate rhythms. The encryption method published in the American Physical Society journal and filed as a patent entitled 'Encoding Data Using Dynamic System Coupling,' transmits and receive multiple encrypted signals simultaneously, creating an unlimited number of possibilities for the shared encryption key and making it virtually impossible to decrypt using traditional methods. One of the researchers, Peter McClintock, called the encryption scheme 'nearly unbreakable.'
Encryption

CryptoPhone Sales Jump To 100,000+, Even at $3500 68

Posted by timothy
from the when-envelopes-are-outlawed dept.
An anonymous reader writes "Since Edward Snowden started making NSA files public last year, GSMK has seen a jump in sales. There are more than 100,000 CryptoPhones in use today. How secure they really are will be determined in the future. But I'm sure that some government agencies, not just in the U.S., are very interested in getting a list of users." For the price the company's charging for a modified Galaxy S3, it had better be as secure as they claim; otherwise, the free and open source RedPhone from Moxie Marlinspike's Whisper Systems seems like something to think about first.
Security

TCP/IP Might Have Been Secure From the Start If Not For the NSA 149

Posted by Soulskill
from the another-lash-for-the-whipping-boy dept.
chicksdaddy writes: "The pervasiveness of the NSA's spying operation has turned it into a kind of bugaboo — the monster lurking behind every locked networking closet and the invisible hand behind every flawed crypto implementation. Those inclined to don the tinfoil cap won't be reassured by Vint Cerf's offhand observation in a Google Hangout on Wednesday that, back in the mid 1970s, the world's favorite intelligence agency may have also stood in the way of stronger network layer security being a part of the original specification for TCP/IP. (Video with time code.) Researchers at the time were working on just such a lightweight cryptosystem. On Stanford's campus, Cerf noted that Whit Diffie and Martin Hellman had researched and published a paper that described the functioning of a public key cryptography system. But they didn't yet have the algorithms to make it practical. (Ron Rivest, Adi Shamir and Leonard Adleman published the RSA algorithm in 1977). As it turns out, however, Cerf did have access to some really bleeding edge cryptographic technology back then that might have been used to implement strong, protocol-level security into the earliest specifications of TCP/IP. Why weren't they used? The crypto tools were part of a classified NSA project he was working on at Stanford in the mid 1970s to build a secure, classified Internet. 'At the time I couldn't share that with my friends,' Cerf said."
Encryption

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible 277

Posted by timothy
from the impossible-is-difficult dept.
An anonymous reader writes "Researchers at New York University have devised a new scheme called PolyPassHash for storing password hash data so that passwords cannot be individually cracked by an attacker. Instead of a password hash being stored directly in the database, the information is used to encode a share in a Shamir Secret Store (technical details PDF). This means that a password cannot be validated without recovering a threshold of shares, thus an attacker must crack groups of passwords together. The solution is fast, easy to implement (with C and Python implementations available), requires no changes to clients, and makes a huge difference in practice. To put the security difference into perspective, three random 6 character passwords that are stored using standard salted secure hashes can be cracked by a laptop in an hour. With a PolyPassHash store, it would take every computer on the planet longer to crack these passwords than the universe is estimated to exist. With this new technique, HoneyWords, and hardware solutions all available, does an organization have any excuse if their password database is disclosed and user passwords are cracked?."
United States

NSA Infiltrated RSA Deeper Than Imagined 168

Posted by samzenpus
from the bad-to-worse dept.
Rambo Tribble (1273454) writes "Reuters is reporting that the U.S. National Security Agency managed to have security firm RSA adopt not just one, but two security tools, further facilitating NSA eavesdropping on Internet communications. The newly discovered software is dubbed 'Extended Random', and is intended to facilitate the use of the already known 'Dual Elliptic Curve' encryption software's back door. Researchers from several U.S. universities discovered Extended Random and assert it could help crack Dual Elliptic Curve encrypted communications 'tens of thousands of times faster'."
Android

Russian Officials Dump iPads For Samsung Tablets Over Spy Fears 198

Posted by timothy
from the putin-actually-invented-it dept.
wiredmikey writes: "Russian government officials have swapped their iPads for Samsung tablets to ensure tighter security, the telecoms minister told news agencies on Wednesday. Journalists spotted that ministers at a cabinet meeting were no longer using Apple tablets, and minister Nikolai Nikiforov confirmed the changeover "took place not so long ago." He said the ministers' new Samsungs were "specially protected devices that can be used to work with confidential information." This isn't the first time Russian powers have had concerns over mobile. In August 2012, Russia unveiled a prototype tablet with its own "almost Android" mobile OS that has the remarkably familiar feel of an Android but with bolstered encryption. In an even more paranoid move, this past July a Russian state service in charge of safeguarding Kremlin communications was looking to purchase an array of old-fashioned typewriters to prevent leaks from computer hardware."
Encryption

MIT Researchers Create Platform To Build Secure Web Apps That Never Leak Data 90

Posted by Soulskill
from the what-about-when-leak-exists-between-keyboard-and-chair dept.
rjmarvin writes: "Researchers in the MIT Computer Science and Artificial Intelligence Laboratory have developed a platform for building secure web applications and services that never decrypt or leak data. MIT researcher Raluca Ada Popa, who previously worked on the Google and SAP-adopted CryptoDB, and her team, have put a longstanding philosophy into practice: to never store unencrypted data on servers. They've redesigned the entire approach to securing online data by creating Mylar, which builds and updates applications to keep data secure from server breaches with constant encryption during storage, only decrypting the data in the user's browser. Integrated with the open-source Meteor framework, a Mylar prototype has already secured six applications by changing only 35 lines of code."
Encryption

Fake PGP Keys For Crypto Developers Found 110

Posted by timothy
from the who-you-say-you-are dept.
IamTheRealMike (537420) writes "In recent months fake PGP keys have been found for at least two developers on well known crypto projects: Erinn Clark, a Tor developer and Gavin Andresen, the maintainer of Bitcoin. In both cases, these PGP keys are used to sign the downloads for popular pieces of crypto software. PGP keys are supposed to be verified through the web of trust, but in practice it's very hard to find a trust path between two strangers on the internet: one reply to Erinn's mail stated that despite there being 30 signatures [attached to] her key, [the respondent] couldn't find any trust paths to her. It's also very unclear whether anyone would notice a key substitution attack like this. This leaves three questions: who is doing this, why, and what can be done about it? An obvious candidate would be intelligence agencies, who may be trying to serve certain people with backdoored binaries via their QUANTUMTHEORY man-in-the-middle system. As to what can be done about it, switching from PGP to X.509 code signing would be an obvious candidate. Both Mac and Windows support it, obtaining a forged certificate is much harder than simply uploading a fake PGP key, and whilst X.509 certs can be issued in secret until Google's Certificate Transparency system is fully deployed, finding one would be strong evidence that an issuing CA had been compromised: something that seems plausible but for which we currently lack any evidence. Additionally, bad certificates can be revoked when found whereas beyond making blog posts, not much can be done about the fake PGP keys."
Wireless Networking

WPA2 Wireless Security Crackable WIth "Relative Ease" 150

Posted by timothy
from the relatively-absolute dept.
An anonymous reader writes "Achilleas Tsitroulis of Brunel University, UK, Dimitris Lampoudis of the University of Macedonia, Greece and Emmanuel Tsekleves of Lancaster University, UK, have investigated the vulnerabilities in WPA2 and present its weakness. They say that this wireless security system might now be breached with relative ease [original, paywalled paper] by a malicious attack on a network. They suggest that it is now a matter of urgency that security experts and programmers work together to remove the vulnerabilities in WPA2 in order to bolster its security or to develop alternative protocols to keep our wireless networks safe from hackers and malware."
Google

Gmail Goes HTTPS Only For All Connections 141

Posted by Unknown Lamer
from the nsa-already-has-the-private-key dept.
Trailrunner7 (1100399) writes "Perhaps no company has been as vocal with its feelings about the revelations about the NSA's collection methods as Google has, and the company has been making a series of changes to its infrastructure in recent months to make it more difficult for adversaries to snoop on users' sessions. The biggest of those changes landed Thursday when the company switched its Gmail service to HTTPS only, enforcing SSL encryption on all Gmail connections. The change is a significant one, especially given the fact that Google also has encrypted all of the links between its data centers. Those two modifications mean that Gmail messages are encrypted from the time they leave a user's machine to the time they leave Google's infrastructure. This makes life much more difficult for anyone—including the NSA–who is trying to snoop on those Gmail sessions." GMail also does TLS for SMTP, but regrettably Talk (what's left of it) does not do TLS for XMPP server-to-server connections, effectively forcing XMPP server admins to lower their security if they want to federate with Google.
Encryption

Aussie Attorney General's War On Encrypted Web Services 151

Posted by samzenpus
from the no-code-for-you dept.
Bismillah writes "If Attorney-General Brandis gets his way in the process of revising Australia's Telecommunications Interception Act, users and providers of VPNs and other encrypted services will by law be required to decrypt government intercepted data. Because, 'sophisticated criminals and terrorists.' New Zealand already has a similar law, the Telecommunications Interception and Computer Security Act. Apparently, large Internet service providers such as Microsoft and Facebook won't be exempt from the TICSA and must facilitate interception of traffic."
Encryption

Weak Apple PRNG Threatens iOS Exploit Mitigations 143

Posted by Soulskill
from the also-makes-you-lose-at-poker dept.
Trailrunner7 writes "A revamped early random number generator in iOS 7 is weaker than its vulnerable predecessor and generates predictable outcomes. A researcher today at CanSecWest said an attacker could brute force the Early Random PRNG used by Apple in its mobile operating system to bypass a number of kernel exploit mitigations native to iOS. 'The Early Random PRNG in iOS 7 is surprisingly weak,' said Tarjei Mandt senior security researcher at Azimuth Security. 'The one in iOS 6 is better because this one is deterministic and trivial to brute force.' The Early Random PRNG is important to securing the mitigations used by the iOS kernel. 'All the mitigations deployed by the iOS kernel essentially depend on the robustness of the Early Random PRNG,' Mandt said. 'It must provide sufficient entropy and non-predictable output.'"
Security

TrustyCon was the 'Rebel Conference' Across the Street From RSA 2014 (Video) 20

Posted by Roblimo
from the the-most-interesting-people-are-often-in-the-rebel-groups dept.
RSA holds big-time annual security conferences. The 2014 U.S. edition had 25,000 attendees, Stephen Colbert as the closing keynote speaker, and a major controversy (and some anger) from potential speakers and attendees over RSA's reputed $10 million contract with NSA to make sure the company's encryption software had back doors the secretive agency could use to spy on people and companies that use RSA software. This is part of a story that might be called The Snowden Revelations if it is made into a movie, but right now it's still controversial, and enough of a bombshell in the IT security industry that F-Secure's Mikko Hyppönen decided not to speak at this year's U.S. RSA conference, followed by Bruce Schneier, DEFCON founder Jeff Moss, Princeton professor Ed Felten, and other security luminaries.

And so, TrustyCon -- the Trustworthy Technology Conference -- was born. It was a sellout, with 400 people attending at $50 a head, and another 300 on a waiting list who couldn't get in. Slashdot's Tim Lord managed to get in, and got to speak briefly with several people there, including one of the TrustyCon organizers, Joel Wallenstrom. These were crude interviews, done on a "catch as catch can" basis, and the sound in them is poor. (Google sent a camera crew and shot over seven hours of the conference speakers, which you can watch on YouTube if you want to view TrustyCon presentations in good HD with great sound.). Will there be another TrustyCon next year? According to The Register, "The conference organizers said that, at this point, the plan is to hold another get-together next year, but that a final decision will be made closer to the time."

No hardware designer should be allowed to produce any piece of hardware until three software guys have signed off for it. -- Andy Tanenbaum

Working...