Recently, Vinay Deolalikar self-published a proof that P is not equal to NP. So what does that mean exactly?

P is short for Polynomial, and NP is short for Non-deterministic Polynomial. To understand the exact difference requires you to understand Turing machines (usually a senior level CS class). P is the class of problems that can be solved in polynomial time on a deterministic Turing machine in polynomial time, and NP is the class that can be solved on a non-deterministic Turing machine in polynomial time. Here’s the catch: so far, no non-deterministic Turing machines exist. There’s speculation that quantum computers are non-deterministic Turing machines, but not a proof that I know of.

Another way of thinking about P and NP problems is how long it takes for a computer to solve the problems – is it “easy” (P) or “hard” (NP). Most classic computer science problems are NP – the traveling salesman, factoring integers… The computer can verify the answer in P time, so the current approach is to make a best guess, verify it, then make another guess.

What does this mean for most people? Most people have never heard of P or NP – heck, a lot of computer/IT people probably haven’t unless they’ve studied theoretical computer science – and even most of us who’ve heard of it would rather forget it. But it really does matter for security. One of the NP problems is factoring integers – what public key cryptography is based on. There is an assumption – based on years of practice, but no proofs – that NP is not equal to P. If NP were ever shown to be equivalent to P, then our current asymmetric cryptography solutions would be blown out of the water and we’d all have to find new algorithms to use. If NP were proved to be not equal to P, we’ve got some more time

So far, the reviews I’ve heard of Deolalikar’s paper is that it’s a great start, but it has a few flaws, so we still don’t know if P is or is not equal to NP.

With a new version of Backtrack around, many people may be ready to take the plunge into learning it. This is a little late for those of you who decided to try it at Blackhat/Defcon, but ShmooCon will be coming up in a few months…

Apt is the debian packaging system. It’s found in all debian based Linux distros – like K/Ubuntu and Backtrack. If you’re going to be at a hacker conference, the least you can do is update your system before you go! Packages are generally GPG signed by the maintainer, and debian keeps a list of trusted GPG keys updated on your system (debian-keyring debian-archive-keyring are the debian specific packages). Apt checks these signatures to help ensure that you’re not downloading rogue signatures.

Apt has two configuration files. For the most part, you’ll only use one: /etc/apt/sources.list The other (/etc/apt/apt.conf) is used in specific instances – such as with a proxy server.

sources.list has a list of all of the sources (repositories) you’d like to look through for packages. The default list is generally OK for non-desktop (i.e. server) users. If you’d like to install various media players and other non-GPL licensed packages, you’ll have to add to this file. The general format is
type baseuri distribution [component comp2 ...]
Where type is *generally* deb – sometimes deb-src indicating that the repository contains .deb files that are either pre-complied (deb) or are source packages (deb-src).

Make sure you know what the repositories are before you add them! If you add a rogue repository, signatures are not going to help you – they’ll all verify!

Once your sources.list is updated, you can generally leave it alone unless you want to switch to a new version of debian/ubuntu/etc.

On a regular basis, you need to run “apt-get update” with root privileges. This will update the list of packages that have been updated on the repositories. “apt-get upgrade” will just go ahead and upgrade everything for you – which is the easiest option, but sometimes, not what you want. “apt-get upgrade -u -s” will tell you what’s going to be upgraded, but not actually do anything. If you want to upgrade some things, but not others, you’re kinda stuck using “apt-get install package-name” for each individual package. It’s not the best solution, but you can hold a package with dpkg: “echo package-name hold | dpkg –set-selections” and it will *never* be updated.

In general, “apt-get update” followed by an “apt-get upgrade” will get you updated to the latest packages and, hopefully, less vulnerable to attacks and exploits.

HOPE was this weekend at the Hotel Penn in New York City. Except for the choice of venues, it’s a pretty nice (and cheap) conference to get to. I went to several of the talks, although, not all of them would be interesting to purely security people – like cooking for geeks… The talks I did attend were interesting, if not ground breaking. HOPE isn’t generally where people release new code, tools or exploits – that’s Black Hat and Defcon in two weeks, but there tend to be more talks about hacker culture and privacy. The one talk I skipped that I would have liked to go to was the Social Engineering talk – at 9pm on a Saturday (I was already half asleep). I heard that they tried to social engineer a BP gas station, with some success.

I also hit up the talk on the American Bombe – yes, we had a few – a well researched and interesting discussion on how the US got started on that project and some of the stumbling blocks along the way. I also went to the HTTPS discussion, but it rehashed old SSL vulnerabilities and issues with the default CAs trusted in the browsers. One of the better talks I went to was the Locational Privacy and Wholesale Surveillance via Photo services talk by Ben Jackson. He discussed using the EXIF GPS data to stalk people. I promptly told my iPhone that the Camera app was not allowed to use location services.

For me, HOPE is more about the hallway track and meeting people and learning new things on the mezzanine level. This year, the lockpick village was so small that no one could fit in, so I didn’t stop by there – even if I did take my picks. There were more vendors on the M level as well, mostly books, with very little electronics as there have been in years past.

This year, I borrowed a friend’s ham radio and used my license for the first time in 10 years to get an N2H QSL card – along with my friend and several others. Just listening to the hams talk from N2H was interesting as well.

I don’t know if it’s PCI compliance fever season or what, but I’ve been asked a lot about “weak SSL ciphers” lately. Mostly, having to do with “what the heck are those anyway?” If you don’t have a decent grasp of SSL, start with my previous article on SSL. If you think you do, stay with me for a bit

Let’s start with what ciphers are. Ciphers are the algorithms used to do some kind of cryptography – either encryption or hashing. Well known ciphers you’ve probably heard of are RSA, 3DES, AES, Blowfish, and SHA1. SSL Ciphers are the set of ciphers that are used for all parts of the SSL negotiation – and remember there are several used in one SSL session: both asymmetric and symmetric, and hashing. If you have OpenSSL installed, you can see all of the Ciphers that OpenSSL supports by typing openssl ciphers -v (the -v gives you details that are helpful). You’ll get back a list that looks something like this (except a lot longer):
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1

What each of those lines tells you is what the name of the cipher is (according to OpenSSL), the SSL version that it exists in, the Key Exchange algorithm (Kx), the Authentication (Au) algorithm, the Encryption (Enc) algorithm, and the Hash (Mac) being used. You can see where the cipher naming scheme comes in…

You don’t want any of these ciphers to be “weak”. So you’re really looking at 4 ciphers at a time to determine if the cipher is “weak”. What makes a cipher “weak”? Any algorithm (or key length) that has been determined to be easily breakable through either a flaw or brute force. Examples of weak ciphers would be: EDH-RSA-DES-CBC-SHA which uses 56-bit DES for encryption. Some people claim that MD5 is now a weak cipher. Either way, your organization probably has a list of approved and non-approved algorithms, and you’ll want to compare that list to what SSL supports.

You can use openssl s_client to see what algorithms your server is supporting (rather than just what openssl supports).

In the future, how to configure various web servers to support only the ciphers you want.

Many people have used OpenVPN for a simple and effective VPN solution, but did you know that you can use it for real two-factor VPN authentication? How you do that depends on the two-factor solution you are using. There is support for PKCS11 token stores, and Windows CAPI, with patches submitted for OS X’s Keychain. In order to get the OS X patch into the testing/stable branch of OpenVPN, it needs more testers though (please help!). So, if your token supports one of the above, and most do, you can use OpenVPN as a (relatively) inexpensive two-factor VPN. The tokens are still rather expensive however

To use the CAPI functionality, add cryptoapicert “thumbprint” to the client’s command line or configuration file.

To use the KeyChain functionality, add keychaincert “thumbprint” to your configuration file or command line.

In both cases, thumbprint needs to be in quotes and is the MD5 or SHA1 hash of the certificate to use.
ex. “MD5: f8 72 98….”

To use the PKCS11 functionality, you use two options:
pkcs11-providers /usr/lib/pkcs11/ (or other path to the pkcs11 library)
and
pkcs11-id ‘serialized id‘
Where serialized id is a unique serial number that you can find by using the “openvpn –show-pkcs11-ids /usr/lib/pkcs11/” command

You’re now all set up to use two-factor authentication with OpenVPN on multiple operating systems. OpenVPN has more detailed information on the PKCS11 functionality at the HOWTO.

Have you ever looked into researching your family tree? Have you noticed what kind of information you can find out about people, especially older people who have been around since the 1930 census (and pretty soon, the 1940 census)? Upon death, social security numbers are published in the Social Security Death Index, and some of that information is still useful. For example, my father passed away in 2000, my mom still receives social security benefits based on his SSN – which is now public information. All of the joint accounts they had together are mostly still with his social. It would make it easy to steal the identity of a dead person. The SSDI is supposed to prevent that, but it doesn’t always work.

Additionally, genealogy searches turn up information about living people as well – things such as the US Public Records Index – which includes current address information and birthdate – all useful information if you’re searching for someone. By default, most web sites “hide” living relations in your family tree, but you have an option to make it public (and there are incentives to do so to find more about your family).

If you’re interested in genealogy, try using some of your skills to find information about someone not in your family tree (the older they are, the more likely you’ll find information), or if you know how to find information about people, there are genealogists waiting to talk to you to help them find long lost relatives.

With the release of OpenDLP, more and more people are hearing about DLP. What is it and how does it work?

Fundamentally, security is about protecting important data – whatever that data happens to be – a formula, a trade secret, social security numbers, etc. We have all kinds of tools and techniques to help us encrypt and protect our data from someone outside of the company, but what about from people inside the company, people who go against company policy and use gmail, rapidshare, or other convenient tools to let them work at home or on the road? While seemingly innocent, these users are the ones that can cause the most problems.

Read the rest of this entry »

A while ago, I covered clickjacking, and now, we have “Strokejacking”. So what is strokejacking (other than a badly named attack that makes my inner middle schooler giggle)?

Strokejacking was first discussed on Full Disclosure, but it’s not called that there. It is extremely similar to clickjacking, in that a malicious site has a user doing things they don’t want to do. Except, this time, it’s with the keyboard instead of the mouse – hence the “stroke”. The attacking site gets the user to type (or cut and paste), the information they’re looking for. This could lead to another attack (if the user types javascript), or just gathering a username and password. The user thinks they are logging into a site, but they’re really sending characters over to the attacker’s site.

What can prevent this?

Basically the same things that prevent clickjacking. At the same time, be cautious about cutting and pasting random text (like to get rid of feeds on facebook), and check the SSL certificate being used is issued to your bank before typing in your username and password. These tips aren’t perfect, but they’ll help you avoid a good majority of strokejacking attempts.

Each Tuesday, Security Musings features a topic to help educate our readers about security. For more information about Gemini Security Solutions’ security education capabilities, contact us!

This has been a debate among policy writers since personal e-mail started to become popular: Can your company monitor/sniff/access your personal e-mail?

Up until this week, it was commonly accepted that you didn’t use company resources to access/read/write your personal e-mail if you didn’t want it to be monitored. However, that seems to have changed – in one specific case. In New Jersey, a woman used her company laptop to exchange information with her lawyer over a web-based e-mail over an issue at work that later went to court. The company used her e-mail communications (presumably) cached on the laptop as evidence against her in court.

While this is (so far) the first case I’ve heard of like this, it doesn’t mean that all employees have personal e-mail privacy all the time. The first thing is that this was in NJ state supreme court, which only applies in that state – however, the case is likely to influence other courts. The second is that the e-mail was considered client-attorney communications – which are “sacred” in most cases. A defendant could tell his lawyer that he did murder someone and the lawyer can not disclose it except under very specific circumstances. Finally, the e-mail was “reasonably” protected – she used a web based service and did not store the password on the laptop.

While it seems to be a blow to companies’ abilities to monitor employee communications, it only applies in specific cases. Either way, as an employee, it’s a better idea to keep your personal e-mail/life separate from your work life.

Clickjacking is a relatively new term in the web hacking area. Although, the original paper by Robert Hansen and Jeremiah Grossman was published in September of 2008, clickjacking has become fairly “normal” and common. It’s a visual trick that gets users to click on something they weren’t intending to click on – like that “buy now” link or the “follow me” link that the marketer wants you to click on. Granted, it has limited use in the purchasing area, since most online stores require you to give them your credit card number before you can buy anything. However, an attacker can use it to get more “impressions” and click-throughs and fraudulent ad money for example – or increase their popularity.

How does it work?

Hansen and Grossman use nice pretty pictures to explain the process, and I can’t really do any better, but I can give a summary. The basic idea is that an attacker uses an i-frame to place a transparent page (or button) on top of the page you really intend to view. When you click on a “button” on the page you can see, you are really clicking the button on the page the attacker has made “invisible” to you.

What can you do to prevent it?

Microsoft, Apple and Google Chrome pay attention to the X-FRAME-OPTIONS header, but that depends on the server and application author to set those headers. Frame-busting scripts that are common in many web pages can be used to ensure that your application is not displayed in a frame, and helps to ensure that the clickjacking is at least visible. NoScript for Firefox can prevent you from clicking on an invisible page. However, expect the attackers to get more and more crafty now that there are ways around the attack.