|
Wiggly Wayne DDS posted:Great so what does this have to do with infosec? Your privacy is a different subject entirely and you can go yell about it in D&D. It goes over the heads of people like ItBurns that these companies have profit incentives and aren't charities. It also doesn't help that he cannot the difference between information security and privacy. When I made the remark about pr0zac, I was talking about the encryption aspect of WhatsApp, not whether or not Facebook is going to integrate WhatsApp into its product ecosystem. But ItBurns wasn't able to elaborate much more than just taking stuff out of context because he doesn't really understand anything to begin with.
|
# ? Aug 25, 2016 18:35 |
|
|
# ? May 27, 2024 04:10 |
|
This was a pretty good read on iPhone exploits that has to do with infosec: https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/ And here's a detailed tech analysis of that attack: https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf Looks like this was the cause of the 9.3.5 update. Mustache Ride fucked around with this message at 20:20 on Aug 25, 2016 |
# ? Aug 25, 2016 20:14 |
|
ItBurns posted:Don't be obtuse. It's a relevant development and a significant reversal of their position (and a few poster's own positions) with regard to sharing identifying info with FB and by proxy advertisers and law enforcement where the (now) encrypted messages can be stored until/if an attack on the encryption is found. this was the assumed threat model all along - it is precisely because you don't trust all third parties not to do this that you're using e2e in the first place whatsapp and other third parties not having access to metadata etc was never in scope unfortunately
|
# ? Aug 26, 2016 00:36 |
|
angry armadillo posted:Does anyone here work in Australia particularly in anything Government related? Have a few potential questions Anyone who does probably wouldn't discuss it here. I know people who do though.
|
# ? Aug 26, 2016 01:41 |
|
Rufus Ping posted:this was the assumed threat model all along - it is precisely because you don't trust all third parties not to do this that you're using e2e in the first place Now be careful there or you'll end up with a new custom title that will be very mean. The problem with a lot of individuals is that they quickly conflate privacy and security and assume that they're one in the same. They're two complete separate topics and those who work in the field are able to recognize that. From a security perspective, WhatsApp is doing it right and is making it so you cannot snoop in on messages in transit; from a privacy perspective, WhatsApp is revealing who your contacts are and other meta data to the rest of the Facebook infrastructure, which includes potential advertisers, meaning that the messaging service is not exactly ideal. If you're concerned about WhatsApp--a privately-run service intended to somehow make money--making use of the data that exists within your account, perhaps WhatsApp was never meant for you to begin with? Like really while I recommend Signal instead (which uses the same cryptography framework as WhatsApp), the idea that you can entrust Moxie Marlinspike to always be on the side that we all would prefer is really asinine and that any concern you have over meta data leaking needs to be addressed in a completely different threat model. Like use Signal over WhatsApp but if you're looking for complete privacy over who you converse with online, that is a whole different kettle of fish and realistically you cannot completely rely on third parties to provide adequate privacy. But be aware of when you're conflating things because it makes you look dumb.
|
# ? Aug 26, 2016 02:01 |
|
OSI bean dip posted:Now be careful there or you'll end up with a new custom title that will be very mean. I didn't buy your av. I was going to swap mine with yours until I saw that someone had beaten me to the punch. You know this though. I'll make good on it, I promise. OSI bean dip posted:The problem with a lot of individuals is that they quickly conflate privacy and security and assume that they're one in the same. They're two complete separate topics and those who work in the field are able to recognize that. Privacy and security are inextricably linked. People who reset Outlook passwords for a living are able to reconcile the two but only as a flaw. OSI bean dip posted:From a security perspective, WhatsApp is doing it right and is making it so you cannot snoop in on messages in transit; from a privacy perspective, WhatsApp is revealing who your contacts are and other meta data to the rest of the Facebook infrastructure, which includes potential advertisers, meaning that the messaging service is not exactly ideal. Revealing metadata is a clear reversal of what was stated by the lauded and accepted and unquestionable expert of all things whatsapp. Facebook now has potentially uniquely identifiable hardware fingerprints, contacts, archives of encrypted messages for the last X years, and complete control over the entire protocol and ownership over all data transmitted through whatsapp regardles of mode or privilege. OSI bean dip posted:If you're concerned about WhatsApp--a privately-run service intended to somehow make money--making use of the data that exists within your account, perhaps WhatsApp was never meant for you to begin with? Like really while I recommend Signal instead (which uses the same cryptography framework as WhatsApp), the idea that you can entrust Moxie Marlinspike to always be on the side that we all would prefer is really asinine and that any concern you have over meta data leaking needs to be addressed in a completely different threat model. This was my original argument. You are months late to the proverbial party.
|
# ? Aug 26, 2016 02:26 |
|
ItBurns posted:I didn't buy your av. I was going to swap mine with yours until I saw that someone had beaten me to the punch. You know this though. I'll make good on it, I promise. quote:Revealing metadata is a clear reversal of what was stated by the lauded and accepted and unquestionable expert of all things whatsapp. Facebook now has potentially uniquely identifiable hardware fingerprints, contacts, archives of encrypted messages for the last X years, and complete control over the entire protocol and ownership over all data transmitted through whatsapp regardles of mode or privilege. You need to at some level trust Whatsapp (and Facebook) not to gently caress you or your encryption. They could easily push an update tomorrow that exfils cleartext or keys if they were so inclined.
|
# ? Aug 26, 2016 02:58 |
|
apseudonym posted:You need to at some level trust Whatsapp (and Facebook) not to gently caress you or your encryption. They could easily push an update tomorrow that exfils cleartext or keys if they were so inclined. This was proven to be verifiably false within five minutes. pr0zac posted:You guys know It takes all of 5 minutes to decompile an iOS app and/or mitm the traffic to check claims of backdooring or logging right? Objective-C doesn't even obfuscate symbols, any idiot can do it. I apologize for shortening this, but the relevant follow-ups are below. pr0zac posted:Watching the traffic will also let you confirm WhatsApp isn't some how sending something out of band. Whatsapp is run almost completely separately from Facebook, they aren't on the same infrastructure or even the same campus (frankly they kinda hate FB and do everything in their power to remain separate). It should be pretty obvious to see if something is going to a Facebook server directly. If you're worried about them sending stuff to whatsapp servers then forwarding to FB, watch for any weird other traffic that doesn't make it to the other client. If it's encrypted it should be pretty easy to diagnose if it's message info (is it bigger when you send a bigger message?)
|
# ? Aug 26, 2016 03:31 |
|
ItBurns posted:This was proven to be verifiably false within five minutes. There's nothing stoping the poisoned version from going to just you, if you want to get all tinfoil hat, so lots of other people doesn't help. You're not actually going to reverse engineer it every time you get an update, nor will you probably notice everytime you do. Anything that requires constant vigilance by the user is hosed by design. Besides, even if you did just looking at the network output is not sufficient to be certain. How do you know you're more clever than the person trying to do bad things to you?
|
# ? Aug 26, 2016 03:45 |
|
cheese-cube posted:Anyone who does probably wouldn't discuss it here. I know people who do though. True. I'm heading out there for some work and wondered if the Government IT security people have as high standards as they do in the UK or will my life be easier over there
|
# ? Aug 26, 2016 10:27 |
|
angry armadillo posted:True. I'm heading out there for some work and wondered if the Government IT security people have as high standards as they do in the UK or will my life be easier over there It really depends what you're doing and which department you're doing it for. Obviously the AFP, ASD, ASIO/ASIS and anything else defence related have extremely strict standards however other outfits like the AGD and DFAT have standards which are equally strict. Others like the ABS (lol) and the ATO aren't as strict overall but some of their functions are held to much higher standards (e.g. ABS and ATO sometimes exchange data on encrypted USB drives which are taken between the offices via armed escort). I guess a good way to tell how strict things will be is whether S/TS clearance is mandatory for the position (Of course this doesn't always hold true). If you're working for state government then it differs wildly but is terrible more often than not (e.g. Parliament of Western Australia, holy hell are they terrible). All of this is really moot as you'll encounter the same issues working for government as you would anywhere else (Management that doesn't care and deliberately obstructs any attempts to increase security, ancient infrastructure supporting ancient software which is almost possible to protect, third-party developers and MSPs which keep doing dumb poo poo, etc.). Have fun and enjoy Australia!
|
# ? Aug 26, 2016 12:26 |
|
Don't forget their internet is poo poo. But the rest of it is nice.
|
# ? Aug 26, 2016 12:46 |
|
angry armadillo posted:True. I'm heading out there for some work and wondered if the Government IT security people have as high standards as they do in the UK or will my life be easier over there The Risky Business podcast is hosted by an Australian guy, and he seems pretty knowledgeable and on the ball when it comes to security. Take a listen to the latest ep and the first five minutes should give you an idea: http://risky.biz/
|
# ? Aug 26, 2016 22:13 |
|
DeaconBlues posted:The Risky Business podcast is hosted by an Australian guy, and he seems pretty knowledgeable and on the ball when it comes to security. Take a listen to the latest ep and the first five minutes should give you an idea: Back when I was doing information security at an international bank, some of our best guys on the malware analysis team were Aussie ex-pats.
|
# ? Aug 27, 2016 00:56 |
|
ItBurns posted:Don't be obtuse. It's a relevant development and a significant reversal of their position (and a few poster's own positions) with regard to sharing identifying info with FB and by proxy advertisers and law enforcement where the (now) encrypted messages can be stored until/if an attack on the encryption is found. just buy Threema assuming you can afford 2.99
|
# ? Aug 27, 2016 01:26 |
|
Shumagorath posted:just buy Threema assuming you can afford 2.99 or use Signal, which uses exactly the same protocol as WhatsApp (and Google Allo's and Facebook Messenger's e2e modes), and is free, and is open source, and whose users aren't almost exclusively German
|
# ? Aug 27, 2016 02:52 |
|
Rufus Ping posted:or use Signal, which uses exactly the same protocol as WhatsApp (and Google Allo's and Facebook Messenger's e2e modes), and is free, and is open source, and whose users aren't almost exclusively German And as long as you build from source, you know that you're getting the right thing.
|
# ? Aug 27, 2016 03:20 |
|
Subjunctive posted:And as long as you build from source, you know that you're getting the right thing. Oh, I don't know about that. Did you build your build environment from source? Did you get your boostrapping framework audited? Did you get your auditor audited?
|
# ? Aug 27, 2016 03:33 |
|
Absurd Alhazred posted:Oh, I don't know about that. Did you build your build environment from source? Did you get your boostrapping framework audited? Did you get your auditor audited? For real though, the Apple build env has trojaned versions out there because people who live far away from Cali and Apple servers sometimes like to torrent it: http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/
|
# ? Aug 27, 2016 04:57 |
|
Anyone have any experience with GIAC certs? I'm looking around and IBM has some postings with GIAC and GCIH preferred but I've never heard of them. Anyone have a rough idea on what kind of difficulty level (S+, CEH, OSCP, etc) they are comparable to?
FlyingCowOfDoom fucked around with this message at 19:30 on Aug 31, 2016 |
# ? Aug 31, 2016 19:26 |
|
FlyingCowOfDoom posted:Anyone have any experience with GIAC certs? I'm looking around and IBM has some postings with GIAC and GCIH preferred but I've never heard of them. Anyone have a rough idea on what kind of difficulty level (S+, CEH, OSCP, etc) they are comparable to? I do. They're difficult, a lot of work, and very expensive. They're also a pretty awesome gold standard in terms of infosec certs. GIAC is the certification program, GCIH is a specific cert from the Incident Handling course. I would highly recommend the certs, but your company will definitely be the one paying for it. I have my GSEC, and am taking GCWN in the next month or two. PM me if you wanna chat about them, there's some pretty extensive NDAs around the GIAC exams and stuff so I may not be able to answer some things.
|
# ? Aug 31, 2016 19:38 |
|
FlyingCowOfDoom posted:Anyone have any experience with GIAC certs? I'm looking around and IBM has some postings with GIAC and GCIH preferred but I've never heard of them. Anyone have a rough idea on what kind of difficulty level (S+, CEH, OSCP, etc) they are comparable to? The GCIH is not terribly difficult as long as you have some experience in that area. GAWN the same. GPEN can be a little more difficult, but it's mostly "can you use netcat and metasploit" and basics of exploitation. I'd say of them all, I found the Forensics module the most challenging. I'd put them *roughly* in the area of the Offense Security stuff, but I think the course-work gives you a better foundational knowledge and the tests are much more challenging. Be warned the first time certification is pretty drat expensive (on the order of $3000-$3500) if you're shouldering the load. The certification is valid for 4 years. Renewing is not so bad, since you can take a challenge where they send you the course books and you take the test (no audio or course included) for $350. You can PM me as well. I've had the GCIH, GPEN, GCFA since around 2005 and GAWN since 2010. I did let the GPEN and GCFA bunch lapse recently (I've only kept the GAWN), but I'm going to be doing some challenges next year and take some of their newer courses as well. EDIT: Oops. Take my prices and double them. My work has uses the voucher system with SANS, so I've never had to worry about the costs. Proteus Jones fucked around with this message at 22:07 on Aug 31, 2016 |
# ? Aug 31, 2016 21:43 |
|
Has anyone looked into the Rowhammer attacks in detail? http://arstechnica.com/security/2016/08/new-attack-steals-private-crypto-keys-by-corrupting-data-in-computer-memory I get how modifying the public key can allow a weaker key to be brute forced, but how exactly do they get to flip particular bits in the memory? It seems that if the attacker can write to any memory on the machine you're pretty much screwed no matter what.
|
# ? Sep 1, 2016 17:34 |
|
mobby_6kl posted:Has anyone looked into the Rowhammer attacks in detail? http://arstechnica.com/security/2016/08/new-attack-steals-private-crypto-keys-by-corrupting-data-in-computer-memory This: VMs must have deduplication enabled so that physical pages are shared between customers. and this: VMs need to be hosted on the same hardware. Are crucial to this working. They're attacking to memory space that's shared due to de-duping. So, they load the known public key into their memory space, knowing their target will likely have it as well. Thanks to de-duping there's only one copy in physical memory, so by flipping bits they're affecting the key in both VMs. They can flip enough bits so they have a valid private key for the new public key. This is key (heh) so any communication that relies on key pairs can be done, for instance. They can present that to ssh, for instance, and get access because the loaded pub-key value for the server has now been flipped to a value. They can use that to negotiate a session key like normal and they're in. EDIT: Just to clarify. They flip it to a known value that they can calculate the new private key. They aren't figuring out the legit key pair as the article implies. They are basically making the target VM think the new key pair is the legit one. Proteus Jones fucked around with this message at 17:55 on Sep 1, 2016 |
# ? Sep 1, 2016 17:45 |
|
mobby_6kl posted:I get how modifying the public key can allow a weaker key to be brute forced, but how exactly do they get to flip particular bits in the memory? It seems that if the attacker can write to any memory on the machine you're pretty much screwed no matter what. This problem is, in fact, the rowhammer bug. It's a bug in how computer RAM is built. Essentially, a DRAM chip like you'd find in your computer is an enormous grid of capacitors - you store state via either the presence or absence of charge in each capacitor. The issue is that repeated access to nearby capacitors can cause leakage that ends up changng the value of unrelated memory cells. It's called "rowhammer" because you repeatedly hammer on the same memory rows in order to deliberately induce a flip. The exact flip that happens is not exactly something you can choose - it's based on the unpredictable internal characteristics of the particular chip you're attacking. But it is often repeatable - for a particular chip, performing the attack at the same location will usually induce the exact same flip. So the typical structure for a real-world rowhammer attack involves trying it out at various locations until you find a useful flip, and then structuring things so that something important ends up at the right spot in memory so you can flip it. In the particular case of attacking vm deduplication, you're exploiting the fact that you're able to "write" to your own vm's memory without anything realising that your memory has changed. There are some other (theoretical?) attacks you can do in things like javascript sandboxes where memory you can read or write at will ends up right next to the sandbox's bookkeeping information that you should absolutely not be allowed to change. Jabor fucked around with this message at 17:53 on Sep 1, 2016 |
# ? Sep 1, 2016 17:50 |
|
flosofl posted:This: VMs must have deduplication enabled so that physical pages are shared between customers. They're really glossing over that they're doing this on non-ECC DIMMs. I don't think they've managed anything beyond crashing the hypervisor on ECC memory, even DDR3.
|
# ? Sep 1, 2016 23:26 |
|
BangersInMyKnickers posted:They're really glossing over that they're doing this on non-ECC DIMMs. I don't think they've managed anything beyond crashing the hypervisor on ECC memory, even DDR3. Yeah, this is still in the "interesting, but not super concerned" category right now. The other big hurdle is how an external actor manages to determine a VM they've compromised lives on the same physical host as their ultimate target *and* de-duping is active.
|
# ? Sep 2, 2016 02:03 |
|
flosofl posted:Yeah, this is still in the "interesting, but not super concerned" category right now. My limited understanding of it is: Copy-On-Write writes against deduped memory are (sometimes, potentially) slightly slower than writes against non-deduped memory. If you can measure that difference successfully on memory entirely inside your VM, you can privately deduce that it's enabled on the host. You can then load up the public key you're interested in and check if it ever hits the same slowdown, implying that some other VM has the same key loaded and deduped with yours. Since the key is much bigger than a single dedupe block, you can test against one chunk of the key and establish a high degree of confidence that the remainder of the key is aligned with and has been deduped against yours. Since you're allowed to read that deduped block, you can see exactly what bits were flipped, attempt a connection to the victim and see if its public key now matches your flip. A big thing to keep in mind is that the code checking and trying to exploit this doesn't have to get it right on the first shot. If it checks a hundred times and fails 99 times, it still got a successful alignment and exploit on that hundredth time and up until the very end there is no sign on the victim that anything is happening. If attacking SSH, your victim's public keys would suddenly change to unrecognized values which could be detected by the victim's monitoring tools, but this has most of the typical benefits of an offline attack and is really only relying on a more surreptitious final attack and improvements to its probability of success.
|
# ? Sep 2, 2016 03:19 |
|
Rowhammer is cool as hell and a lot of fun to play with if you have hardware it'll work on. It's also going to remain irrelevant for anyone in this thread that's not protecting nation state level secrets as long as most people still have terrible passwords and use SMS for 2fa.
|
# ? Sep 3, 2016 03:21 |
|
pr0zac posted:Rowhammer is cool as hell and a lot of fun to play with if you have hardware it'll work on. It's also going to remain irrelevant for anyone in this thread that's not protecting nation state level secrets as long as most people still have terrible passwords and use SMS for 2fa. Let them dream man.
|
# ? Sep 3, 2016 04:34 |
|
pr0zac posted:Rowhammer is cool as hell and a lot of fun to play with if you have hardware it'll work on. It's also going to remain irrelevant for anyone in this thread that's not protecting nation state level secrets as long as most people still have terrible passwords and use SMS for 2fa. You can rowhammer from javascript, which is enough to keep it in mind as a threat. Mostly I look at it as one more reason to hope it stops being such a pain to get ECC memory on desktops/laptops.
|
# ? Sep 3, 2016 10:27 |
|
Doesn't rowhammer from js take crazy amounts of time?
|
# ? Sep 3, 2016 12:23 |
|
pr0zac posted:Rowhammer is cool as hell and a lot of fun to play with if you have hardware it'll work on. It's also going to remain irrelevant for anyone in this thread that's not protecting nation state level secrets as long as most people still have terrible passwords and use SMS for 2fa. apseudonym posted:Let them dream man. No but, for real, is there a reason every endpoint shouldn't be implementing in-memory heuristics to catch this kind of behavior? If it affects VMs, should we be worried about our Mac users running MS Office images?
|
# ? Sep 3, 2016 12:35 |
|
Dylan16807 posted:You can rowhammer from javascript, which is enough to keep it in mind as a threat. ultramiraculous posted:No but, for real, is there a reason every endpoint shouldn't be implementing in-memory heuristics to catch this kind of behavior? If it affects VMs, should we be worried about our Mac users running MS Office images? This is working from my memory of the issue, and undoubtedly more has come to light since then. One thing to keep in mind is that the kernel/sandbox fixes aren't necessarily comprehensive - it's not difficult to break a PoC, but the underlying issue is another story. BangersInMyKnickers posted:They're really glossing over that they're doing this on non-ECC DIMMs. I don't think they've managed anything beyond crashing the hypervisor on ECC memory, even DDR3.
|
# ? Sep 3, 2016 13:42 |
|
On the topic of password managers, I rolled my own crypto! Basically for people who don't trust LastPass etc. It runs entirely in the browser, no local storage, randomized per instance (unless choices have been made by the user). I'd love to hear about problems it has, I haven't really put it out in the world.
|
# ? Sep 4, 2016 06:56 |
|
FeloniousDrunk posted:On the topic of password managers, I rolled my own crypto! Basically for people who don't trust LastPass etc. It runs entirely in the browser, no local storage, randomized per instance (unless choices have been made by the user). A password generator I have to inspect the source code for everytime I open it seems kinda pointless. Also your randomness is garbage
|
# ? Sep 4, 2016 07:16 |
|
FeloniousDrunk posted:On the topic of password managers, I rolled my own crypto! Basically for people who don't trust LastPass etc. It runs entirely in the browser, no local storage, randomized per instance (unless choices have been made by the user). JavaScript is garbage. Math.Random is ultra garbage. https://stackoverflow.com/questions/578700/how-trustworthy-is-javascripts-random-implementation-in-various-browsers Don't write crap like this when you don't even know what you're working with.
|
# ? Sep 4, 2016 07:19 |
|
apseudonym posted:A password generator I have to inspect the source code for everytime I open it seems kinda pointless. Also your randomness is garbage OSI bean dip posted:
Respectfully, read the text. The page itself doesn't generate the password; it generates the code that goes into a bookmark which then generates the password. The point of it all is, it runs in the client browser without external dependencies or communication. But yes, the randomness can be improved.
|
# ? Sep 4, 2016 07:36 |
|
FeloniousDrunk posted:Respectfully, read the text. The page itself doesn't generate the password; it generates the code that goes into a bookmark which then generates the password. The point of it all is, it runs in the client browser without external dependencies or communication. You don't even comprehend apseudonym's post. How do I know your generator hasn't been modified before it reaches my browser?
|
# ? Sep 4, 2016 07:39 |
|
|
# ? May 27, 2024 04:10 |
|
FeloniousDrunk posted:Respectfully, read the text. The page itself doesn't generate the password; it generates the code that goes into a bookmark which then generates the password. The point of it all is, it runs in the client browser without external dependencies or communication. hey bro i read some site and pro-tip ssl is free now
|
# ? Sep 4, 2016 07:41 |