1. Forum
  2. micronet
  3. COMP SUPPORT

  • CRYPTO-GRAM, March 15, 2022

    From TheCivvie@618:500/14.1 to All on Tuesday, March 15, 2022 14:11:34

    Crypto-Gram
    March 15, 2022

    by Bruce Schneier
    Fellow and Lecturer, Harvard Kennedy School
    schneier@schneier.com
    https://www.schneier.com

    A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and
    otherwise.

    For back issues, or to subscribe, visit Crypto-Gram's web page.

    Read this issue on the web

    These same essays and news items appear in the Schneier on Security blog, along with a lively and intelligent comment
    section. An RSS feed is available.

    ** *** ***** ******* *********** *************
    In this issue:

    If these links don't work in your email client, try reading this issue of Crypto-Gram on the web.

    Secret CIA Data Collection Program
    Vendors are Fixing Security Flaws Faster
    Possible Government Surveillance of the Otter.ai Transcription App
    Stealing Bicycles by Swapping QR Codes
    A New Cybersecurity "Social Contract"
    Bypassing Apples AirTag Security
    An Elaborate Employment Con in the Internet Age
    Privacy Violating COVID Tests
    Insurance Coverage for NotPetya Losses
    Decrypting Hive Ransomware Data
    Vulnerability in Stalkerware Apps
    Details of an NSA Hacking Operation
    Samsung Encryption Flaw
    Hacking Alexa through Alexas Speech
    Using Radar to Read Body Language
    Fraud on Zelle
    Wheres the Russia-Ukraine Cyberwar?
    Leak of Russian Censorship Data
    Upcoming Speaking Events

    ** *** ***** ******* *********** *************
    Secret CIA Data Collection Program

    [2022.02.15] Two US senators claim that the CIA has been running an unregulated -- and almost certainly illegal -- mass
    surveillance program on Americans.

    The senators statement. Some declassified information from the CIA.

    No real details yet.

    ** *** ***** ******* *********** *************
    Vendors are Fixing Security Flaws Faster

    [2022.02.16] Googles Project Zero is reporting that software vendors are patching their code faster.

    tl;dr

    In 2021, vendors took an average of 52 days to fix security vulnerabilities reported from Project Zero. This is
    a significant acceleration from an average of about 80 days 3 years ago.
    In addition to the average now being well below the 90-day deadline, we have also seen a dropoff in vendors
    missing the deadline (or the additional 14-day grace period). In 2021, only one bug exceeded its fix deadline, though
    14% of bugs required the grace period.
    Differences in the amount of time it takes a vendor/product to ship a fix to users reflects their product
    design, development practices, update cadence, and general processes towards security reports. We hope that this
    comparison can showcase best practices, and encourage vendors to experiment with new policies.
    This data aggregation and analysis is relatively new for Project Zero, but we hope to do it more in the future.
    We encourage all vendors to consider publishing aggregate data on their time-to-fix and time-to-patch for externally
    reported vulnerabilities, as well as more data sharing and transparency in general.

    ** *** ***** ******* *********** *************
    Possible Government Surveillance of the Otter.ai Transcription App

    [2022.02.17] A reporter interviews a Uyghur human-rights advocate, and uses the Otter.ai transcription app.

    The next day, I received an odd note from Otter.ai, the automated transcription app that I had used to record the
    interview. It read: Hey Phelim, to help us improve your Otters experience, what was the purpose of this particular
    recording with titled Mustafa Aksu created at 2021-11-08 11:02:41?

    Customer service or Chinese surveillance? Turns out its hard to tell.

    EDITED TO ADD (3/12): Another article.

    ** *** ***** ******* *********** *************
    Stealing Bicycles by Swapping QR Codes

    [2022.02.21] This is a clever hack against those bike-rental kiosks:

    Theyre stealing Citi Bikes by switching the QR scan codes on two bicycles near each other at a docking station,
    then waiting for an unsuspecting cyclist to try to unlock a bike with his or her smartphone app.

    The app doesnt work for the rider but does free up the nearby Citi Bike with the switched code, where a thief is
    waiting, jumps on the bicycle and rides off.

    Presumably theyre using camera, printers, and stickers to swap the codes on the bikes. And presumably the victim is
    charged for not returning the stolen bicycle.

    This story is from last year, but I hadnt seen it before. Theres a video of one theft at the link.

    ** *** ***** ******* *********** *************
    A New Cybersecurity "Social Contract"

    [2022.02.22] The US National Cyber Director Chris Inglis wrote an essay outlining a new social contract for the cyber
    age:

    The United States needs a new social contract for the digital age -- one that meaningfully alters the relationship
    between public and private sectors and proposes a new set of obligations for each. Such a shift is momentous but not
    without precedent. From the Pure Food and Drug Act of 1906 to the Clean Air Act of 1963 and the public-private
    revolution in airline safety in the 1990s, the United States has made important adjustments following profound changes
    in the economy and technology.

    A similarly innovative shift in the cyber-realm will likely require an intense process of development and
    iteration. Still, its contours are already clear: the private sector must prioritize long-term investments in a digital
    ecosystem that equitably distributes the burden of cyberdefense. Government, in turn, must provide more timely and
    comprehensive threat information while simultaneously treating industry as a vital partner. Finally, both the public
    and private sectors must commit to moving toward true collaboration -- contributing resources, attention, expertise,
    and people toward institutions designed to prevent, counter, and recover from cyber-incidents.

    The devil is in the details, of course, but hes 100% right when he writes that the market cannot solve this: that the
    incentives are all wrong. While he never actually uses the word regulation, the future he postulates wont be possible
    without it. Regulation is how society aligns market incentives with its own values. He also leaves out the NSA -- whose
    effectiveness rests on all of these global insecurities -- and the FBI, whose incessant push for encryption backdoors
    goes against his vision of increased cybersecurity. Im not sure how hes going to get them on board. Or the surveillance
    capitalists, for that matter. A lot of what he wants will require reining in that particular business model.

    Good essay -- worth reading in full.

    ** *** ***** ******* *********** *************
    Bypassing Apples AirTag Security

    [2022.02.23] A Berlin-based company has developed an AirTag clone that bypasses Apples anti-stalker security systems.
    Source code for these AirTag clones is available online.

    So now we have several problems with the system. Apples anti-stalker security only works with iPhones. (Apple wrote an
    Android app that can detect AirTags, but how many people are going to download it?) And now non-AirTags can piggyback
    on Apples system without triggering the alarms.

    Apple didnt think this through nearly as well as it claims to have. I think the general problem is one that I have
    written about before: designers just dont have intimate threats in mind when building these systems.

    ** *** ***** ******* *********** *************
    An Elaborate Employment Con in the Internet Age

    [2022.02.24] The story is an old one, but the tech gives it a bunch of new twists:

    Gemma Brett, a 27-year-old designer from west London, had only been working at Madbird for two weeks when she
    spotted something strange. Curious about what her commute would be like when the pandemic was over, she searched for
    the companys office address. The result looked nothing like the videos on Madbirds website of a sleek workspace buzzing
    with creative-types. Instead, Google Street View showed an upmarket block of flats in Londons Kensington.

    [...]

    Using online reverse image searches they dug deeper. They found that almost all the work Madbird claimed as its own
    had been stolen from elsewhere on the internet -- and that some of the colleagues theyd been messaging online didnt
    exist.

    [...]

    At least six of the most senior employees profiled by Madbird were fake. Their identities stitched together using
    photos stolen from random corners of the internet and made-up names. They included Madbirds co-founder, Dave Stanfield
    -- despite him having a LinkedIn profile and Ali referring to him constantly. Some of the duped staff had even received
    emails from him.

    Read the whole sad story. Whats amazing is how shallow all the fakery was, and how quickly it all unraveled once people
    started digging. But until theres suspicion enough to dig, we take all of these things at face value. And in COVID
    times, theres no face-to-face anything.

    ** *** ***** ******* *********** *************
    Privacy Violating COVID Tests

    [2022.02.25] A good lesson in reading the fine print:

    Cignpost Diagnostics, which trades as ExpressTest and offers L35 tests for holidaymakers, said it holds the right
    to analyse samples from seals to learn more about human health -- and sell information on to third parties.

    Individuals are required to give informed consent for their sensitive medical data to be used but customers consent
    for their DNA to be sold now as buried in Cignposts online documents.

    Of course, no one ever reads the fine print.

    EDITED TO ADD (3/12): The original story.

    ** *** ***** ******* *********** *************
    Insurance Coverage for NotPetya Losses

    [2022.02.28] Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not
    considered an act of war under the wording of Mercks insurance policy, and that the insurers must pay the $1B+ claim.
    Wheeler and Wolff argue that the judge did the right thing for the wrong reasons..

    ** *** ***** ******* *********** *************
    Decrypting Hive Ransomware Data

    [2022.03.01] Nice piece of research:

    Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and
    demands a ransom in exchange for decryption. As data recovery is impossible if the encryption key is not obtained, some
    companies suffer from considerable damage, such as the payment of huge amounts of money or the loss of important data.
    In this paper, we analyzed Hive ransomware, which appeared in June 2021. Hive ransomware has caused immense harm,
    leading the FBI to issue an alert about it. To minimize the damage caused by Hive Ransomware and to help victims
    recover their files, we analyzed Hive Ransomware and studied recovery methods. By analyzing the encryption process of
    Hive ransomware, we confirmed that vulnerabilities exist by using their own encryption algorithm. We have recovered the
    master key for generating the file encryption key partially, to enable the decryption of data encrypted by Hive
    ransomware. We recovered 95% of the master key without the attackers RSA private key and decrypted the actual infected
    data. To the best of our knowledge, this is the first successful attempt at decrypting Hive ransomware. It is expected
    that our method can be used to reduce the damage caused by Hive ransomware.

    Heres the flaw:

    The cryptographic vulnerability identified by the researchers concerns the mechanism by which the master keys are
    generated and stored, with the ransomware strain only encrypting select portions of the file as opposed to the entire
    contents using two keystreams derived from the master key.

    The encryption keystream, which is created from an XOR operation of the two keystreams, is then XORed with the data
    in alternate blocks to generate the encrypted file. But this technique also makes it possible to guess the keystreams
    and restore the master key, in turn enabling the decode of encrypted files sans the attackers private key.

    The researchers said that they were able to weaponize the flaw to devise a method to reliably recover more than 95%
    of the keys employed during encryption.

    ** *** ***** ******* *********** *************
    Vulnerability in Stalkerware Apps

    [2022.03.02] TechCrunch is reporting -- but not describing in detail -- a vulnerability in a series of stalkerware apps
    that exposes personal information of the victims. The vulnerability isnt in the apps installed on the victims phones,
    but in the website the stalker goes to view the information the app collects. The article is worth reading, less for
    the description of the vulnerability and more for the shadowy string of companies behind these stalkerware apps.

    ** *** ***** ******* *********** *************
    Details of an NSA Hacking Operation

    [2022.03.03] Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It
    noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some
    Russian group).

    ...the scope of victims exceeded 287 targets in 45 countries, including Russia, Japan, Spain, Germany, Italy, etc.
    The attack lasted for over 10 years. Moreover, one victim in Japan is used as a jump server for further attack.

    News article.

    ** *** ***** ******* *********** *************
    Samsung Encryption Flaw

    [2022.03.04] Researchers have found a major encryption flaw in 100 million Samsung Galaxy phones.

    From the abstract:

    In this work, we expose the cryptographic design and implementation of Androids Hardware-Backed Keystore in
    Samsungs Galaxy S8, S9, S10, S20, and S21 flagship devices. We reversed-engineered and provide a detailed description
    of the cryptographic design and code structure, and we unveil severe design flaws. We present an IV reuse attack on
    AES-GCM that allows an attacker to extract hardware-protected key material, and a downgrade attack that makes even the
    latest Samsung devices vulnerable to the IV reuse attack. We demonstrate working key extraction attacks on the latest
    devices. We also show the implications of our attacks on two higher-level cryptographic protocols between the TrustZone
    and a remote server: we demonstrate a working FIDO2 WebAuthn login bypass and a compromise of Googles Secure Key
    Import.

    Here are the details:

    As we discussed in Section 3, the wrapping key used to encrypt the key blobs (HDK) is derived using a salt value
    computed by the Keymaster TA. In v15 and v20-s9 blobs, the salt is a deterministic function that depends only on the
    application ID and application data (and constant strings), which the Normal World client fully controls. This means
    that for a given application, all key blobs will be encrypted using the same key. As the blobs are encrypted in AES-GCM
    mode-of-operation, the security of the resulting encryption scheme depends on its IV values never being reused.

    Gadzooks. Thats a really embarrassing mistake. GSM needs a new nonce for every encryption. Samsung took a secure cipher
    mode and implemented it insecurely.

    News article.

    ** *** ***** ******* *********** *************
    Hacking Alexa through Alexas Speech

    [2022.03.07] An Alexa can respond to voice commands it issues. This can be exploited:

    The attack works by using the devices speaker to issue voice commands. As long as the speech contains the device
    wake word (usually Alexa or Echo) followed by a permissible command, the Echo will carry it out, researchers from Royal
    Holloway University in London and Italys University of Catania found. Even when devices require verbal confirmation
    before executing sensitive commands, its trivial to bypass the measure by adding the word yes about six seconds after
    issuing the command. Attackers can also exploit what the researchers call the FVV, or full voice vulnerability, which
    allows Echos to make self-issued commands without temporarily reducing the device volume.

    It does require proximate access, though, at least to set the attack up:

    It requires only a few seconds of proximity to a vulnerable device while its turned on so an attacker can utter a
    voice command instructing it to pair with an attackers Bluetooth-enabled device. As long as the device remains within
    radio range of the Echo, the attacker will be able to issue commands.

    Research paper.

    ** *** ***** ******* *********** *************
    Using Radar to Read Body Language

    [2022.03.08] Yet another method of surveillance:

    Radar can detect you moving closer to a computer and entering its personal space. This might mean the computer can
    then choose to perform certain actions, like booting up the screen without requiring you to press a button. This kind
    of interaction already exists in current Google Nest smart displays, though instead of radar, Google employs ultrasonic
    sound waves to measure a persons distance from the device. When a Nest Hub notices youre moving closer, it highlights
    current reminders, calendar events, or other important notifications.

    Proximity alone isnt enough. What if you just ended up walking past the machine and looking in a different
    direction? To solve this, Soli can capture greater subtleties in movements and gestures, such as body orientation, the
    pathway you might be taking, and the direction your head is facing -- aided by machine learning algorithms that further
    refine the data. All this rich radar information helps it better guess if you are indeed about to start an interaction
    with the device, and what the type of engagement might be.

    [...]

    The ATAP team chose to use radar because its one of the more privacy-friendly methods of gathering rich spatial
    data. (It also has really low latency, works in the dark, and external factors like sound or temperature dont affect
    it.) Unlike a camera, radar doesnt capture and store distinguishable images of your body, your face, or other means of
    identification. Its more like an advanced motion sensor, Giusti says. Soli has a detectable range of around 9 feet --
    less than most cameras -- but multiple gadgets in your home with the Soli sensor could effectively blanket your space
    and create an effective mesh network for tracking your whereabouts in a home.

    Privacy-friendly is a relative term.

    These technologies are coming. Theyre going to be an essential part of the Internet of Things.

    ** *** ***** ******* *********** *************
    Fraud on Zelle

    [2022.03.09] Zelle is rife with fraud:

    Zelles immediacy has also made it a favorite of fraudsters. Other types of bank transfers or transactions involving
    payment cards typically take at least a day to clear. But once crooks scare or trick victims into handing over money
    via Zelle, they can siphon away thousands of dollars in seconds. Theres no way for customers -- and in many cases, the
    banks themselves -- to retrieve the money.

    [...]

    Its not clear who is legally liable for such losses. Banks say that returning money to defrauded customers is not
    their responsibility, since the federal law covering electronic transfers -- known in the industry as Regulation E --
    requires them to cover only unauthorized transactions, and the fairly common scam that Mr. Faunce fell prey to tricks
    people into making the transfers themselves. Victims say because they were duped into sending the money, the
    transaction is unauthorized. Regulatory guidance has so far been murky.

    When swindled customers, already upset to find themselves on the hook, search for other means of redress, many are
    enraged to find out that Zelle is owned and operated by banks.

    [...]

    The Zelle network is operated by Early Warning Services, a company created and owned by seven banks: Bank of
    America, Capital One, JPMorgan Chase, PNC, Truist, U.S. Bank and Wells Fargo. Early Warning, based in Scottsdale,
    Ariz., manages the systems technical infrastructure. But the 1,425 banks and credit unions that use Zelle can customize
    the app and add their own security settings.

    ** *** ***** ******* *********** *************
    Wheres the Russia-Ukraine Cyberwar?

    [2022.03.10] It has been interesting to notice how unimportant and ineffective cyber operations have been in the
    Russia-Ukraine war. Russia launched a wiper against Ukraine at the beginning, but it was found and neutered. Near as I
    can tell, the only thing that worked was the disabling of regional KA-SAT SATCOM terminals.

    Its probably too early to reach any conclusions, but people are starting to write about this, with varying theories.

    I want to write about this, too, but Im waiting for things to progress more.

    EDITED TO ADD (3/12): Two additional takes.

    ** *** ***** ******* *********** *************
    Leak of Russian Censorship Data

    [2022.03.14] The transparency organization Distributed Denial of Secrets has released 800GB of data from Roskomnadzor,
    the Russian government censorship organization.

    Specifically, Distributed Denial of Secrets says the data comes from the Roskomnadzor of the Republic of
    Bashkortostan. The Republic of Bashkortostan is in the west of the country.

    [...]

    The data is split into two main categories: a series of over 360,000 files totalling in at 526.9GB and which date
    up to as recently as March 5, and then two databases that are 290.6GB in size, according to Distributed Denial of
    Secrets website.

    ** *** ***** ******* *********** *************
    Upcoming Speaking Events

    [2022.03.14] This is a current list of where and when I am scheduled to speak:

    Im participating in an online panel discussion on Ukraine and Russia: The Online War, hosted by UMass Amherst, at
    5:00 PM Eastern on March 31, 2022.
    Im speaking at Future Summits in Antwerp, Belgium on May 18, 2022.
    Im speaking at IT-S Now 2022 in Vienna on June 2, 2022.
    Im speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn, Estonia on June 3,
    2022.
    Im speaking at the RSA Conference 2022 in San Francisco, June 6-9, 2022.
    Im speaking at the Dublin Tech Summit in Dublin, Ireland, June 15-16, 2022.

    The list is maintained on this page.

    ** *** ***** ******* *********** *************

    Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing summaries, analyses, insights, and commentaries on
    security technology. To subscribe, or to read back issues, see Crypto-Gram's web page.

    You can also read these articles on my blog, Schneier on Security.

    Please feel free to forward CRYPTO-GRAM, in whole or in part, to colleagues and friends who will find it valuable.
    Permission is also granted to reprint CRYPTO-GRAM, as long as it is reprinted in its entirety.

    Bruce Schneier is an internationally renowned security technologist, called a security guru by the Economist. He is the
    author of over one dozen books -- including his latest, We Have Root -- as well as hundreds of articles, essays, and
    academic papers. His newsletter and blog are read by over 250,000 people. Schneier is a fellow at the Berkman Klein
    Center for Internet & Society at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy School; a board
    member of the Electronic Frontier Foundation, AccessNow, and the Tor Project; and an Advisory Board Member of the
    Electronic Privacy Information Center and VerifiedVoting.org. He is the Chief of Security Architecture at Inrupt, Inc.

    Copyright 2022 by Bruce Schneier.

    ** *** ***** ******* *********** *************

    --- GoldED+/W64-MSVC 1.1.5-b20180707
    * Origin: TC on Micronet Daily (618:500/14.1)