New Vulnerability in Bash Named ShellShock - More Severe than HeartBleed

It is a tough week to work in network security.

A new critical vulnerability in a widely used OS component has a perfect score for threat level. It is widely used (pretty much all non-Windows systems), it is easy to find, and it allows full control of a target with no authentication.

This gives ShellShock a perfect score across the board for the NIST's Threat Vulnerability Database. A worst-case scenario.

The attack is so simple that it could be automated into a Worm that will scour the internet, infect systems, and turn those systems into zombies looking for additional victims. A botnet of vulnerable servers is already being built according to Robert Graham of Errata Security.

The problem lies at the heart of the bash command. It executes arbitrary code that is placed after code that defines boundaries for a software environment. To put the example in plain english, bash expects environment variables to be defined in a normal command. Such as:

> read more

Major Security Vulnerability Revealed in Android's Default Browser

A major security flaw in Google Android's built-in AOSP browser has been found by the Metasploit team.

The vulnerability is described in detail here:

There's no sugarcoating it, this one is bad. The vulnerability allows an attacked to use a crafted website to scrape data from all other open tabs, and even allows interactivity between the open tabs, so an attacker could not only read all data on neighboring tabs, but they could manipulate data and even send messages and emails impersonating that person.

Google has dropped "official support" for the AOSP browser, so the reaction to exploit and information as to whether anything will be done to fix it is sparse.

The exploit impacts all Android products prior to 4.3 (this means Cupcake, Donut, Eclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, and most of Jelly Bean are impacted. Kit Kat is not impacted by the vulnerability.

> read more

A Free Video Game Has Better Security than iCloud

While starlets scramble to deny which pictures are real and teens around the world rejoice, a fundamental flaw in Apple's security procedures has shown it's ugly head once again.

It took a series of very amateur-level mistakes to lead up to this leak.

iCloud's password requirements are too lax.

We all know that we need to have long and complicated passwords, but times have changed even recently. Intelligent password crackers using massive dictionaries now exist that can help crack some pretty complicated passwords, regardless of length, if it is made up of just words. Password crackers also know how humans think, and new crackers are adapted heuristically to help crack passwords via predicting how humans act. People usually lead off with words followed by a number at the end. PorscheCarrera111 would be cracked in seconds despite being a pretty long password.

> read more

Visualizing Weak Encryption - Experiments with AES

In the encryption world, there is a substantial amount of debate over what entails good encryption, and what doesn't. You'll hear a lot of IT professionals claim that "any AES suite is fine" or "avoid 3DES" but outside of the people that actually work in security there isn't a lot of discussion about padding or which AES modes are best. I wanted to design an experiment where I could give visual evidence for what is a good cipher mode and what isn't.

Enter this simple bitmap experiment. You take a simple image, encrypt it, and then reapply the headers to make it a valid bitmap image again and look at what the encrypted data looks like visually. When doing this, you are applying no mathematical attacks or simplifications and no cryptanalysis. You're just looking at the raw encryption with your eyes and seeing if you can see any of the original bitmap in the encrypted code.

> read more

Researchers Find Critical Flaw in USB Firmware

Researchers at SR Labs have uncovered a flaw in USB firmware that impacts virtually all devices that contain USB connectivity. The flaw allows surveillance type access and injection of malware into PCs without administrative access or any authentication at all. It also allows the attacker to gain full control of the device and even reroute internet traffic for interception. It is also very hard to detect, and even harder to get rid of, as it deals with firmware and would persist through formats and not be picked up by any virus scanner.

The team is expected to do a talk featuring the vulnerability, and their exploit of it known as BadUSB, at the Black Hat security conference in Las Vegas this week.

Some security researchers have guessed that this is the firmware level flaw that is exploited by the NSA's Cottonmouth device. Which is a chip that is covertly implanted into the cables/plugs of USB devices in order to enable the type of functionality described by the vulnerability. This would be another interesting case of the state intentionally weakening the security of the public in order to exploit vulnerabilities on its enemies.

> read more

An Introduction to Cipher Suites

I've had a lot of questions lately about encryption. Specifically, people have been asking me about what the various cipher suites mean in terms of encryption, and what all of the different parameters in suites like ECDHE-AES-128-GCM-SHA256 actually mean with regard to what is going on.

This article is to explain as plainly as possible what cipher suites are, how they are defined, and the agreed upon strength of the various components in the security community.

First: We need to understand the components of cipher suites.

There are typically three components to a cipher suite in OpenSSL and PolarSSL (the most common free encryption libraries, outside of the ones built into Windows). You have the handshake, which is typically handled by asymmetric encryption. The handshake is required because it is needed to mask the handoff of the secret key for the next stage. This is called the Initial Value (IV).

> read more

New Flaw Discovered in GNUPG Creates Denial of Service Vulnerability

A new flaw discovered in GNUPG allows an unauthenticated user to create a denial of service attack by send carefully crafted data to the victim with compressed data that will use up all of the server's resources, causing it to crash.

It impacts all versions of GNUPG and the attack is easy to exploit, meaning that a rash of these DOS attacks is likely to become the norm over the next few days as tools are built to allow low-skill attackers to trivially use the exploit.

A fix has been issued by the GNUPG developers. You have to be sure to update both gnupg and gpgv as both packages are vulnerable to the attack.

More information about the vulnerability can be pulled from the CVE here:

> read more

The Strongest Evidence that Encryption Works - Subpoenas

There is a lot of debate around the internet about what types of encryption are safe, and if any level of encryption is safe from an advanced persistent threat like the National Security Agency. With some of the most talented staff in the world, including the worlds largest army of mathematicians and security researchers, and near-limitless budgets for supercomputers, interception equipment, subversion programs, and bribes, people question the integrity of any tools to fight back.

The answer lies in what action the agencies take against their targets. If they have a way into systems with a low risk of being detected, it is being used. This is where programs like foxacid, hammerchant, and turbine come in. If they do not have an easy way into your systems, that is when they deploy the subpoena to try to use the long legal arm of the government to break into your systems.

> read more

Another Week, Another OpenSSL Bug - All About CCS Injection

It seems to be almost a weekly occurrence these days that OpenSSL has a new critical bug that is going to take the web by storm if everyone doesn't update their servers immediately.

This weeks culprit is CCS Injection.

OpenSSL's "changecipherspec" has a vulnerability where if an attacker interrupts the cipher negotiation process with a vulnerable server intentionally, it can recover some sensitive information by forcing the clients to use weaker key strengths and ciphers.

This vulnerability primarily affects web servers that have to go through cipher negotiation.

Under normal conditions, the process of cipher negotiation is the first step of establishing an encrypted session with a server. Your client has a set of ciphers that it supports, and the server has a different set of ciphers that it supports. The negotiation process is designed to make sure that the strongest mutual match is used.

> read more

Something is Wrong With TrueCrypt

Something is happening over at the TrueCrypt website, and for now, speculation abounds.

The TrueCrypt website, located at (warning site might be compromised) has been updated to state in multiple places throughout the site that TrueCrypt is insecure, and gives instructions on how to migrate to Microsoft's BitLocker drive encryption.

The change is very sudden, and highly suspect as the creators of TrueCrypt in the past have expressed a lot of passion about security and an emphasis on open-source security tools. BitLocker is closed-source and having them select a Microsoft published piece of closed source software is even more suspicious because Microsoft has very close ties with the NSA, and there are some serious problems with some configurations of BitLocker.

The new version of TrueCrypt that was posted has curious additions in the source code. It removes a lot of critical TrueCrypt functionality and adds the line "INSECURE_APP" in multiple places throughout the code.

> read more