In general, Windows does a decent enough job with securing software keys in CAPI. Sure, you can open up Windows Explorer, browse to C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys, and take a look at your private key files. These bare files, of course, are not exactly plain text. The RSA Machine Keys (which include private keys corresponding to software certificates), are encrypted using the Data Protection API (DPAPI).

The DPAPI encryption method is based on the use of a Master Key – a 512 bit random blob that is created using PKCS #5 Password-Based Key Derivation. This process takes the user’s account password, applies the SHA-1 hash algorithm, sends the hash plus a salt to the key derivation algorithm, and then iteratively calls another PKCS #5 function at least 4000 times to make brute-forcing the secret key even harder. Et Voila! Master Key.

The Master Key is then used to create session keys by generating 16 bits of random data, hashing that with the Master Key, optionally appending the result with entropy data and the user’s password, and passing that blob into a few CryptoAPI calls to derive a session key. This session key is used to encrypt the actual data.

Whew!

This process actually does a very good job of securing key files such that, if you got a copy of the key files as they exist on disk, you’d have a difficult time brute-forcing your way into the software key data. They’re basically useless unless you have an utterly stupefying amount of disposable processing power. However, for as strong as the key protection is, it’s just software.

A well-known scientist (some say it was Bertrand Russell) once gave a public lecture on astronomy. He described how the earth orbits around the sun and how the sun, in turn, orbits around the center of a vast collection of stars called our galaxy. At the end of the lecture, a little old lady at the back of the room got up and said: “What you have told us is rubbish. The world is really a flat plate supported on the back of a giant tortoise.” The scientist gave a superior smile before replying, “What is the tortoise standing on?” “You’re very clever, young man, very clever”, said the old lady. “But it’s turtles all the way down!”
-Stephen Hawking, A Brief History of Time

That’s essentially what software keys are protected by – software, all the way down. Well, that’s not completely accurate. It’s software all the way down except for the mythical final turtle, which is our old friend, the password!

Now, I’m not suggesting that I know how to crack DPAPI, even if I do know a user’s password…that is, unless I have physical access to the device. Then all I’d need to do is log in, and Windows conveniently will take care of the rest, and allow me to use the keys however I see fit. (Un)fortunately, I don’t actually even need that to unlock a software key. All I need is a way of impersonating the user’s logon session, whether through remote desktop, exploiting Windows vulnerabilities, installing a rogue ActiveX control, or any number of countless ways to get a user to run some code.

So, how are we supposed to protect our private keys, then? Well, the simple and pretty inexpensive answer to that question, is Hardware Tokens. You can get a good FIPS-140 validated cryptography token for about $50-100, which will generate keys on the device, and the keys will never, ever be available to software (all cryptography operations are executed on the token). The tokens are tamper resistent (all memory is destroyed if the token is tampered with), and brute forcing won’t work, either (after a set number of failed logins, the token is locked and, optionally, all data is wiped). Now, this isn’t necessary for some applications, but if your encrypted data is worth more than $50 to you, why would you want to protect it with something as flimsy as a password?

We have recently taken a look at Internet Explorer 6 (IE6) to try and help convince a customer of ours to stop deploying it on workstations.IE6 still holds about 33% of the browser market share, but Microsoft stopped mainstream support for it in April of 2009.  IE6 runs ActiveX controls at the same privilege as the browser, which is the same privilege as the user – typically administrator level.  And according to Secunia there are 23 known unpatched vulnerabilities in IE6 – including one which has been around since 2003.

And in a timely post from Brian Krebs on his new site krebsonsecurity.com, there’s a very simple way to crash IE6.

If you’re curious and have IE6 lying around, type or cut and paste the following into the address bar (that last character is a zero):  ms-its:%F0:

So, what are we missing? Are there any other reasons I can throw at this customer to put IE6 out to pasture? Let me know in the comments.

Dan Kaminsky posted on twitter the following:

http://eprint.iacr.org/2010/006.pdf Is it time to deprecate 1024bit RSA for, say, 1276bit? (2048 has perf issues.)

The link Dan provided is a research paper which reports the successful factorization of the 768-bit number from the original 2001 RSA challenge. I responded to him that NIST had already deprecated the use of 1024-bit RSA in the government, and it was time for industry to follow suit. Since I posted that, I’ve been surprised that a number of people don’t understand the upcoming changes in key lengths and algorithm strengths that have been mandated by NIST. So, this post offers some information about why I can confidently say the U.S. government has deprecated certain algorithms and key lengths.

(more…)

Damn Vulnerable Web App (DVWA) has released an updated version (v1.04) of their PHP/mySQL web application that is intended to be attacked. It’s intended to be run on a local (closed) network as a learning tool for exploits and vulnerabilities. As it sits now, it pretty much contains a lot of the basics – brute force, command execution, file inclusion, SQL injection, and XSS.

(more…)

With Windows holding 89.6% of the global market share, it is a very large target. This is one of the reasons Windows is targeted so much by malicious attacks. Not very hard when you’re such a big target. So, what if you could change that and make your Windows machine/server appear as something else, even to the most notable of sniffing tools (Nmap, P0f, Ettercap, etc.)? Well, you can.

(more…)

Les Jordan from Microsoft recently wrote a blog post entitled Identity Management: a key to seamless CTMS and EDC. In it, he presents some of the solutions Microsoft is introducing in the identity management space, currently under the name of Microsoft Geneva including the Geneva Framework, and the Microsoft Identity Federation Gateway.

The idea is fairly simple. Many (most?) large enterprises already manage their users and systems using Active Directory.  Geneva allows publishing the components of your Active Directory required for doing identity federation on the Internet.  The publishing is performed in a standards-compliant way (using WS-* and SAML 2.0) and allows it to be used for claims between enterprises.

…the issue of Identity Management, Username and Password proliferation, and cross-company collaboration is an issue that has hindered true (and secure) data availability and collaboration in the Life Sciences industry.  Perhaps now we can get the Identity Management issue behind us and move on.

Whether or not Geneva becomes the one standard way to allow interoperable identity management across multiple enterprises in the life sciences space, it is clearly going to lower barriers between organizations and increase our trustworthiness in digital identities.

With the release of the new iPhone 3.0, I thought it would be worth visiting some useful security-related iPhone applications. These are 4 good security applications for the iPhone that will make you the coolest person at the next IT security conference.

1. 1Password (Cost: $4.99) – This application encrypts your iPhone data using AES, effectively features single sign-on to websites, and adds an extra unlock code layer to your device – using a single password. The power of this application is in the encryption, and has some other goodies like password generation and secure notes built in as well as a desktop version and syncing (for extra).
2. RSA SecurID Software Token (Cost: Free) – SecurID relies on 2-factor authentication, and your iPhone can act as one of those factors. This application will generate a rotating passcode to be used with some other hardware token. This application is only useful if your organization is already using RSA Authentication Manager.
3. Security for People and Computers eBook (Cost: Free) – Written by Neal Puff (CISSP), one of Computerworld’s Premier 100 IT Leaders with over 20 years of IT experience offers this eBook focused on general computer and networking security with some additional information on protecting your home. I haven’t read the eBook but it’s free and worth a look.
4. MobileMe (Comes with iPhone 3.0) – Ok, admittedly this isn’t an iPhone app in the traditional sense, but the new Find My Phone feature lets you know where your iPhone is if it’s lost or stolen. While a dramatic recovery isn’t likely, MobileMe’s other features like remote data wiping can help protect your data from thieves.

There are a couple of good security iPhone apps out there I’ve likely missed but there are also tons and tons of really bad iPhone security applications as well. Know of any to add to this list, good, bad, or even silly? As always, comments are welcome.

Each Thursday, Security Musings features a security-related technology or tool. Featured items do not imply a recommendation by Gemini Security Solutions. For more information about how Gemini Security Solutions can help you solve your security issues, contact us!

This builds off of Sniffing Networks Part 3- Understanding what you’re seeing.  This article introduces another tool to use for network sniffing and compares it to the previously mentioned Wireshark.

You’ve already been introduced to Wireshark and learned how to use it.  We now consider another tool, Colasoft Capsa Enterprise Edition, which can be used for network sniffing as well.  Colasoft Capsa offers many of the same features as Wireshark and introduces new features in analysis.  Similar to Wireshark, Colasoft Capsa captures and decodes packets, and supplies a hex view of each packet.  Below is a screenshot of the packet view in Colasoft Capsa.  Both programs automatically color code protocols.

Colasoft Capsa allows you to apply filters to view select types of packets or view all but the selected packets.  Filters can be applied by address, port, or protocol as well.  It is also possible to enable advanced filters which are similar to Wireshark’s filters.  In advanced filters, you can combine specific addresses, ports, protocols, and packets by size, value, or pattern in any combination using “and,” “or,” and “not” logic modifiers.

It is possible to view related packets in Colasoft Capsa by right-clicking a packet and choosing an option from “Select Related Packets.”  This action will highlight packets related in the specified manner.  Choosing “By Flow” from the related packets menu results in highlighting the packets that Wireshark glues together when selecting “Follow TCP Stream.”  While this shows the related packets, Colasoft Capsa does not show all packets of a stream in one window as Wireshark does.  Other relations for grouping packets in Colasoft Capsa include by source, destination, or protocol.

Colasoft Capsa offers many of the analysis features that are found in Wireshark.  For example, both programs can display endpoints and protocols from the captured packets along with statistics on the amount of information sent and received for each.  The difference is that Colasoft Capsa adds a visual interpretation to the statistics.

Colasoft Capsa offers other visual aids such as graphs and a matrix view in which all endpoints that communicate are connected.  Additional features include reports, logs, and diagnostic capabilities that can be used to discover network problems.  All of Colasoft Capsa’s features are discussed in more detail in the article Using Colasoft Capsa.

This article builds off of the Sniffing Networks series and introduces Colasoft Capsa Enterprise Edition, which can be used for network sniffing and analysis.

To get started capturing packets with Colasoft Capsa, click on the “Start Capture Now” button on the opening screen. Clicking this will open the project settings, which can be customized depending on the project. The project settings can also be modified later by the toolbar at the top of the window. Click OK to get started. This starts the capture which can be stopped at any time by clicking the stop button along the top toolbar.

After capturing packets there will be two additional docked windows to the left, and the main window now contains ten tabs. The top left window labeled Explorer can be used as a filter of sorts to change the data seen and analyzed in the tabs to the right. The Project Status window gives a general overview of the project and packets captured. The summary tab provides a more in-depth look at the packets collected.

The diagnosis tab can be helpful for monitoring and solving problems on the network. Each diagnosis event falls under one of four network layers: application, transport, network, or data link; each event is also given a severity level depending on the type of event. All diagnosis events are predefined by the software. Clicking on a diagnosis event brings up a references tab within the window, which gives a description of the event and possible causes and solutions. The endpoints tab gives statistics for each of the physical endpoints of the network, which illustrates the flow of traffic.

The protocols tab separates the information by protocol. As seen above, the bytes used for each are displayed as a bar. The protocols are listed as a hierarchy, so there is overlap within the total bytes. The conversation tab is divided into two windows. The top window shows all the connections made between different endpoints. The type of endpoint can be changed to represent either physical, IP, TCP, or UDP endpoints. All packages that relate to the conversation are displayed on the bottom window on the screen.

The matrix view, as seen below, visually shows all the endpoints and the connections they make with each other. Essentially, every conversation is shown as a line. The endpoints displayed can be sorted by physical or IP, as well as any combination of unicast, multicast, and broadcast traffic types.

The packets tab displays the packets as they are captured and provides information on source, destination, size, and protocol. The packets tab also has a window that decodes the selected packet. To help sort through the packets, you can right click on a packet and choose “Select Related Packets” to show packets related by source, destination, flow, or protocol.

The logs view keeps track of events such as HTTP requests, email messages, DNS queries, and instant messenger activities. All logs are enabled in the default project settings, but any or all can be excluded. The logs can also be set to be automatically saved to a file.

The graphs can be useful for presenting data because they give a visual interpretation of the numbers. There are many groupings of information for the graphs and many types of graphs, including line graphs, area graphs, bar graphs, pie charts, and 3-D options. It is also possible to compare two graphs. The last tab, reports, is similar to the summary tab but presents data by integrating numbers and graphics. This tab contains packet and protocol statistics, diagnosis events, and charts such as top ten IP protocols and top ten physical addresses.

As mentioned earlier, the explorer window is one way to limit the information analyzed, but it is also possible to apply filters. Filters can be formed by packet, address, port, and protocol type, as well as more advanced filtering options.

In addition, Colasoft Capsa comes with four extra tools. These consist of a MAC Scanner, Packet Builder, Packet Player, and Ping tool. For more information on Colasoft Capsa and these tools, visit the Colasoft website at http://www.colasoft.com/.

The digital world is moving online and taking our email with it. While most home users have abandoned desktop email clients, most corporate computers are loaded with some desktop email client (almost always Microsoft Outlook), which will keep it alive. Lifehacker posed the question, is Thunderbird and desktop email in general, going extinct?

Here are 3 reasons desktop email will continue to live and why corporate administrators won’t pull the plug.

1. Digital Signatures - Online email simply does not handle digital signatures natively.
2. Control - Carting your email out-of-house puts email in the control of another company completely and is a potential security risk. While I think that eventually you’ll begin to see larger and larger companies getting involved in cloud computing, it won’t kill desktop email.
3. Archiving and Organization - Companies can set up specific folders for critical or legal emails and organize how messages are archived to best fit their environment.

It will be interesting to see when the major web-based email providers will make a real push for the corporate world. Until then, desktop email will continue to live on, in the office at least.

picture: larskflem