Crypto-Gram
May 15, 2022
by Bruce Schneier
Fellow and Lecturer, Harvard Kennedy School
schneier@schneier.com
https://www.schneier.com
A free monthly newsletter providing summaries, analyses, insights, and commentaries on security: computer and
otherwise.
For back issues, or to subscribe, visit Crypto-Gram's web page.
Read this issue on the web
These same essays and news items appear in the Schneier on Security blog, along with a lively and intelligent comment
section. An RSS feed is available.
** *** ***** ******* *********** *************
In this issue:
If these links don't work in your email client, try reading this issue of Crypto-Gram on the web.
Undetectable Backdoors in Machine-Learning Models
Clever Cryptocurrency Theft
Long Article on NSO Group
Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries
SMS Phishing Attacks are on the Rise
Zero-Day Vulnerabilities Are on the Rise
Microsoft Issues Report of Russian Cyberattacks against Ukraine
Video Conferencing Apps Sometimes Ignore the Mute Button
Using Pupil Reflection in Smartphone Camera Selfies
New Sophisticated Malware
15.3 Million Request-Per-Second DDoS Attack
Corporate Involvement in International Cybersecurity Treaties
Apple Mail Now Blocks Email Trackers
ICE Is a Domestic Surveillance Agency
Surveillance by Driverless Car
Upcoming Speaking Engagements
** *** ***** ******* *********** *************
Undetectable Backdoors in Machine-Learning Models
[2022.04.19] New paper: Planting Undetectable Backdoors in Machine Learning Models:
Abstract: Given the computational cost and technical expertise required to train machine learning models, users may
delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor
into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains
a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the
appropriate backdoor key, the mechanism is hidden and cannot be detected by any computationally-bounded observer. We
demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees.
First, we show how to plant a backdoor in any model, using digital signature schemes. The construction guarantees
that given black-box access to the original model and the backdoored version, it is computationally infeasible to find
even a single input where they differ. This property implies that the backdoored model has generalization error
comparable with the original model. Second, we demonstrate how to insert undetectable backdoors in models trained using
the Random Fourier Features (RFF) learning paradigm or in Random ReLU networks. In this construction, undetectability
holds against powerful white-box distinguishers: given a complete description of the network and the training data, no
efficient distinguisher can guess whether the model is clean or contains a backdoor.
Our construction of undetectable backdoors also sheds light on the related issue of robustness to adversarial
examples. In particular, our construction can produce a classifier that is indistinguishable from an adversarially
robust classifier, but where every input has an adversarial example! In summary, the existence of undetectable
backdoors represent a significant theoretical roadblock to certifying adversarial robustness.
EDITED TO ADD (4/20): Cory Doctorow wrote about this as well.
** *** ***** ******* *********** *************
Clever Cryptocurrency Theft
[2022.04.20] Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically
people have proportional votes based on the amount of currency they own. A clever hacker used a flash loan feature of
another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then
approved a $182 million transfer to his own wallet.
It is insane to me that cryptocurrencies are still a thing.
** *** ***** ******* *********** *************
Long Article on NSO Group
[2022.04.21] Ronan Farrow has a long article in the New Yorker on NSO Group, which includes the news that someone --
probably Spain -- used the software to spy on domestic Catalonian separatists.
** *** ***** ******* *********** *************
Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries
[2022.04.22] Interesting implementation mistake:
The vulnerability, which Oracle patched on Tuesday, affects the companys implementation of the Elliptic Curve
Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic
curve cryptography to authenticate messages digitally.
[...]
ECDSA signatures rely on a pseudo-random number, typically notated as K, thats used to derive two additional
numbers, R and S. To verify a signature as valid, a party must check the equation involving R and S, the signers public
key, and a cryptographic hash of the message. When both sides of the equation are equal, the signature is valid.
[...]
For the process to work correctly, neither R nor S can ever be a zero. Thats because one side of the equation is R,
and the other is multiplied by R and a value from S. If the values are both 0, the verification check translates to 0 =
0 X (other values from the private key and hash), which will be true regardless of the additional values. That means an
adversary only needs to submit a blank signature to pass the verification check successfully.
Madden wrote:
Guess which check Java forgot?
Thats right. Javas implementation of ECDSA signature verification didnt check if R or S were zero, so you could
produce a signature value in which they are both 0 (appropriately encoded) and Java would accept it as a valid
signature for any message and for any public key. The digital equivalent of a blank ID card.
More details.
** *** ***** ******* *********** *************
SMS Phishing Attacks are on the Rise
[2022.04.25] SMS phishing attacks -- annoyingly called smishing -- are becoming more common.
I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the Fedex
package delivered messages the article talks about. Mine are usually of the form: Thank you for paying your bill, heres
a free gift for you.
** *** ***** ******* *********** *************
Zero-Day Vulnerabilities Are on the Rise
[2022.04.27] Both Google and Mandiant are reporting a significant increase in the number of zero-day vulnerabilities
reported in 2021.
Google:
2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero
began tracking in mid-2014. Thats more than double the previous maximum of 28 detected in 2015 and especially stark
when you consider that there were only 25 detected in 2020. Weve tracked publicly known in-the-wild 0-day exploits in
this spreadsheet since mid-2014.
While we often talk about the number of 0-day exploits used in-the-wild, what were actually discussing is the
number of 0-day exploits detected and disclosed as in-the-wild. And that leads into our first conclusion: we believe
the large uptick in in-the-wild 0-days in 2021 is due to increased detection and disclosure of these 0-days, rather
than simply increased usage of 0-day exploits.
Mandiant:
In 2021, Mandiant Threat Intelligence identified 80 zero-days exploited in the wild, which is more than double the
previous record volume in 2019. State-sponsored groups continue to be the primary actors exploiting zero-day
vulnerabilities, led by Chinese groups. The proportion of financially motivated actors -- particularly ransomware
groups -- deploying zero-day exploits also grew significantly, and nearly 1 in 3 identified actors exploiting zero-days
in 2021 was financially motivated. Threat actors exploited zero-days in Microsoft, Apple, and Google products most
frequently, likely reflecting the popularity of these vendors. The vast increase in zero-day exploitation in 2021, as
well as the diversification of actors using them, expands the risk portfolio for organizations in nearly every industry
sector and geography, particularly those that rely on these popular systems.
News article.
** *** ***** ******* *********** *************
Microsoft Issues Report of Russian Cyberattacks against Ukraine
[2022.04.28] Microsoft has a comprehensive report on the dozens of cyberattacks -- and even more espionage operations
-- Russia has conducted against Ukraine as part of this war:
At least six Russian Advanced Persistent Threat (APT) actors and other unattributed threats, have conducted
destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and
sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set
of priorities or actively coordinating. However, collectively, the cyber and kinetic actions work to disrupt or degrade
Ukrainian government and military functions and undermine the publics trust in those same institutions.
[...]
Threat groups with known or suspected ties to the GRU have continuously developed and used destructive wiper
malware or similarly destructive tools on targeted Ukrainian networks at a pace of two to three incidents a week since
the eve of invasion. From February 23 to April 8, we saw evidence of nearly 40 discrete destructive attacks that
permanently destroyed files in hundreds of systems across dozens of organizations in Ukraine.
** *** ***** ******* *********** *************
Video Conferencing Apps Sometimes Ignore the Mute Button
[2022.04.29] New research: Are You Really Muted?: A Privacy Analysis of Mute Buttons in Video Conferencing Apps:
Abstract: In the post-pandemic era, video conferencing apps (VCAs) have converted previously private spaces --
bedrooms, living rooms, and kitchens -- into semi-public extensions of the office. And for the most part, users have
accepted these apps in their personal space, without much thought about the permission models that govern the use of
their personal data during meetings. While access to a devices video camera is carefully controlled, little has been
done to ensure the same level of privacy for accessing the microphone. In this work, we ask the question: what happens
to the microphone data when a user clicks the mute button in a VCA? We first conduct a user study to analyze users
understanding of the permission model of the mute button. Then, using runtime binary analysis tools, we trace raw audio
in many popular VCAs as it traverses the app from the audio driver to the network. We find fragmented policies for
dealing with microphone data among VCAs -- some continuously monitor the microphone input during mute, and others do so
periodically. One app transmits statistics of the audio to its telemetry servers while the app is muted. Using network
traffic that we intercept en route to the telemetry server, we implement a proof-of-concept background activity
classifier and demonstrate the feasibility of inferring the ongoing background activity during a meeting -- cooking,
cleaning, typing, etc. We achieved 81.9% macro accuracy on identifying six common background activities using
intercepted outgoing telemetry packets when a user is muted.
The paper will be presented at PETS this year.
News article.
** *** ***** ******* *********** *************
Using Pupil Reflection in Smartphone Camera Selfies
[2022.05.03] Researchers are using the reflection of the smartphone in the pupils of faces taken as selfies to infer
information about how the phone is being used:
For now, the research is focusing on six different ways a user can hold a device like a smartphone: with both
hands, just the left, or just the right in portrait mode, and the same options in horizontal mode.
Its not a lot of information, but its a start. (Itll be a while before we can reproduce these results from Blade
Runner.)
Research paper.
** *** ***** ******* *********** *************
New Sophisticated Malware
[2022.05.04] Mandiant is reporting on a new botnet.
The group, which security firm Mandiant is calling UNC3524, has spent the past 18 months burrowing into victims
networks with unusual stealth. In cases where the group is ejected, it wastes no time reinfecting the victim
environment and picking up where things left off. There are many keys to its stealth, including:
The use of a unique backdoor Mandiant calls Quietexit, which runs on load balancers, wireless access point
controllers, and other types of IoT devices that dont support antivirus or endpoint detection. This makes detection
through traditional means difficult.
Customized versions of the backdoor that use file names and creation dates that are similar to legitimate files
used on a specific infected device.
A live-off-the-land approach that favors common Windows programming interfaces and tools over custom code with
the goal of leaving as light a footprint as possible.
An unusual way a second-stage backdoor connects to attacker-controlled infrastructure by, in essence, acting as
a TLS-encrypted server that proxies data through the SOCKS protocol.
[...]
Unpacking this threat group is difficult. From outward appearances, their focus on corporate transactions suggests
a financial interest. But UNC3524s high-caliber tradecraft, proficiency with sophisticated IoT botnets, and ability to
remain undetected for so long suggests something more.
From Mandiant:
Throughout their operations, the threat actor demonstrated sophisticated operational security that we see only a
small number of threat actors demonstrate. The threat actor evaded detection by operating from devices in the victim
environments blind spots, including servers running uncommon versions of Linux and network appliances running opaque
OSes. These devices and appliances were running versions of operating systems that were unsupported by agent-based
security tools, and often had an expected level of network traffic that allowed the attackers to blend in. The threat
actors use of the QUIETEXIT tunneler allowed them to largely live off the land, without the need to bring in additional
tools, further reducing the opportunity for detection. This allowed UNC3524 to remain undetected in victim environments
for, in some cases, upwards of 18 months.
** *** ***** ******* *********** *************
15.3 Million Request-Per-Second DDoS Attack
[2022.05.05] Cloudflare is reporting a large DDoS attack against an unnamed company operating a crypto launchpad.
While this isnt the largest application-layer attack weve seen, it is the largest weve seen over HTTPS. HTTPS DDoS
attacks are more expensive in terms of required computational resources because of the higher cost of establishing a
secure TLS encrypted connection. Therefore it costs the attacker more to launch the attack, and for the victim to
mitigate it. Weve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of
the resources it required at its scale.
The attack only lasted 15 seconds. No word on motive. Was this a test? Or was that 15-second delay critical for some
other fraud?
News article.
** *** ***** ******* *********** *************
Corporate Involvement in International Cybersecurity Treaties
[2022.05.06] The Paris Call for Trust and Stability in Cyberspace is an initiative launched by French President
Emmanuel Macron during the 2018 UNESCOs Internet Governance Forum. Its an attempt by the worlds governments to come
together and create a set of international norms and standards for a reliable, trustworthy, safe, and secure Internet.
Its not an international treaty, but it does impose obligations on the signatories. Its a major milestone for global
Internet security and safety.
Corporate interests are all over this initiative, sponsoring and managing different parts of the process. As part of
the Call, the French company Cigref and the Russian company Kaspersky chaired a working group on cybersecurity
processes, along with French research center GEODE. Another working group on international norms was chaired by US
company Microsoft and Finnish company F-Secure, along with a University of Florence research center. A third working
groups participant list includes more corporations than any other group.
As a result, this process has become very different than previous international negotiations. Instead of governments
coming together to create standards, it is being drive by the very corporations that the new international regulatory
climate is supposed to govern. This is wrong.
The companies making the tools and equipment being regulated shouldnt be the ones negotiating the international
regulatory climate, and their executives shouldnt be named to key negotiation roles without appointment and
confirmation. Its an abdication of responsibility by the US government for something that is too important to be
treated this cavalierly.
On the one hand, this is no surprise. The notions of trust and stability in cyberspace are about much more than
international safety and security. Theyre about market share and corporate profits. And corporations have long led
policymakers in the fast-moving and highly technological battleground that is cyberspace.
The international Internet has always relied on what is known as a multistakeholder model, where those who show up and
do the work can be more influential than those in charge of governments. The Internet Engineering Task Force, the group
that agrees on the technical protocols that make the Internet work, is largely run by volunteer individuals. This
worked best during the Internets era of benign neglect, where no one but the technologists cared. Today, its different.
Corporate and government interests dominate, even if the individuals involved use the polite fiction of their own names
and personal identities.
However, we are a far cry from decades past, where the Internet was something that governments didnt understand and
largely ignored. Today, the Internet is an essential infrastructure that underpins much of society, and its governance
structure is something that nations care about deeply. Having for-profit tech companies run the Paris Call process on
regulating tech is analogous to putting the defense contractors Northrop Grumman or Boeing in charge of the 1970s SALT
nuclear agreements between the US and the Soviet Union.
This also isnt the first time that US corporations have led what should be an international relations process regarding
the Internet. Since he first gave a speech on the topic in 2017, Microsoft President Brad Smith has become almost
synonymous with the term Digital Geneva Convention. Its not just that corporations in the US and elsewhere are taking a
lead on international diplomacy, theyre framing the debate down to the words and the concepts.
Why is this happening? Different countries have their own problems, but we can point to three that currently plague the
US.
First and foremost, cyber still isnt taken seriously by much of the government, specifically the State Department. Its
not real to the older military veterans, or to the even older politicians who confuse Facebook with TikTok and use the
same password for everything. Its not even a topic area for negotiations for the US Trade Representative. Nuclear
disarmament is real geopolitics, while the Internet is still, even now, seen as vaguely magical, and something that can
be fixed by having the nerds yank plugs out of a wall.
Second, the State Department was gutted during the Trump years. It lost many of the up-and-coming public servants who
understood the way the world was changing. The work of previous diplomats to increase the visibility of the State
Departments cyber efforts was abandoned. There are few left on staff to do this work, and even fewer to decide if
theyre any good. Its hard to hire senior information security professionals in the best of circumstances; its why
charlatans so easily flourish in the cybersecurity field. The built-up skill set of the people who poured their effort
and time into this work during the Obama years is gone.
Third, theres a power struggle at the heart of the US government involving cyber issues, between the White House, the
Department of Homeland Security (represented by CISA), and the military (represented by US Cyber Command). Trying to
create another cyber center of power within the State Department threatens those existing powers. Its easier to leave
it in the hands of private industry, which does not affect those government organizations budgets or turf.
We dont want to go back to the era when only governments set technological standards. The governance model from the
days of the telephone is another lesson in how not to do things. The International Telecommunications Union is an
agency run out of the United Nations. It is moribund and ponderous precisely because it is run by national governments,
with civil society and corporations largely alienated from the decision-making processes.
Today, the Internet is fundamental to global society. Its part of everything. It affects national security and will be
a theater in any future war. How individuals, corporations, and governments act in cyberspace is critical to our
future. The Internet is critical infrastructure. It provides and controls access to healthcare, space, the military,
water, energy, education, and nuclear weaponry. How it is regulated isnt just something that will affect the future. It
is the future.
Since the Paris Call was finalized in 2018, it has been signed by 81 countries -- including the US in 2021 -- 36 local
governments and public authorities, 706 companies and private organizations, and 390 civil society groups. The Paris
Call isnt the first international agreement that puts companies on an equal signatory footing as governments. The
Global Internet Forum to Combat Terrorism and the Christchurch Call to eliminate extremist content online do the same
thing. But the Paris Call is different. Its bigger. Its more important. Its something that should be the purview of
governments and not a vehicle for corporate power and profit.
When something as important as the Paris Call comes along again, perhaps in UN negotiations for a cybercrime treaty, we
call for actual State Department officials with technical expertise to be sitting at the table with the interests of
the entire US in their pocket...not people with equity shares to protect.
This essay was written with Tarah Wheeler, and previously published on The Cipher Brief.
** *** ***** ******* *********** *************
Apple Mail Now Blocks Email Trackers
[2022.05.09] Apple Mail now blocks email trackers by default.
Most email newsletters you get include an invisible image, typically a single white pixel, with a unique file name.
The server keeps track of every time this image is opened and by which IP address. This quirk of internet history means
that marketers can track exactly when you open an email and your IP address, which can be used to roughly work out your
location.
So, how does Apple Mail stop this? By caching. Apple Mail downloads all images for all emails before you open them.
Practically speaking, that means every message downloaded to Apple Mail is marked read, regardless of whether you open
it. Apples also routes the download through two different proxies, meaning your precise location also cant be tracked.
Crypto-Gram uses Mailchimp, which has these tracking pixels turned on by default. I turn them off. Normally, Mailchimp
requires them to be left on for the first few mailings, presumably to prevent abuse. The company waived that
requirement for me.
** *** ***** ******* *********** *************
ICE Is a Domestic Surveillance Agency
[2022.05.11] Georgetown has a new report on the highly secretive bulk surveillance activities of ICE in the US:
When you think about government surveillance in the United States, you likely think of the National Security Agency
or the FBI. You might even think of a powerful police agency, such as the New York Police Department. But unless you or
someone you love has been targeted for deportation, you probably dont immediately think of Immigration and Customs
Enforcement (ICE).
This report argues that you should. Our two-year investigation, including hundreds of Freedom of Information Act
requests and a comprehensive review of ICEs contracting and procurement records, reveals that ICE now operates as a
domestic surveillance agency. Since its founding in 2003, ICE has not only been building its own capacity to use
surveillance to carry out deportations but has also played a key role in the federal governments larger push to amass
as much information as possible about all of our lives. By reaching into the digital records of state and local
governments and buying databases with billions of data points from private companies, ICE has created a surveillance
infrastructure that enables it to pull detailed dossiers on nearly anyone, seemingly at any time. In its efforts to
arrest and deport, ICE has -- without any judicial, legislative or public oversight -- reached into datasets containing
personal information about the vast majority of people living in the U.S., whose records can end up in the hands of
immigration enforcement simply because they apply for drivers licenses; drive on the roads; or sign up with their local
utilities to get access to heat, water and electricity.
ICE has built its dragnet surveillance system by crossing legal and ethical lines, leveraging the trust that people
place in state agencies and essential service providers, and exploiting the vulnerability of people who volunteer their
information to reunite with their families. Despite the incredible scope and evident civil rights implications of ICEs
surveillance practices, the agency has managed to shroud those practices in near-total secrecy, evading enforcement of
even the handful of laws and policies that could be invoked to impose limitations. Federal and state lawmakers, for the
most part, have yet to confront this reality.
EDITED TO ADD (5/13): A news article.
** *** ***** ******* *********** *************
Surveillance by Driverless Car
[2022.05.12] San Francisco police are using autonomous vehicles as mobile surveillance cameras.
Privacy advocates say the revelation that police are actively using AV footage is cause for alarm.
This is very concerning, Electronic Frontier Foundation (EFF) senior staff attorney Adam Schwartz told Motherboard.
He said cars in general are troves of personal consumer data, but autonomous vehicles will have even more of that data
from capturing the details of the world around them. So when we see any police department identify AVs as a new source
of evidence, thats very concerning.
** *** ***** ******* *********** *************
Upcoming Speaking Engagements
[2022.05.14] This is a current list of where and when I am scheduled to speak:
Im speaking on Securing a World of Physically Capable Computers at OWASP Belgiums chapter meeting in Antwerp,
Belgium, on May 17, 2022.
Im speaking at Future Summits in Antwerp, Belgium, on May 18, 2022.
Im speaking at IT-S Now 2022 in Vienna, Austria, on June 2, 2022.
Im speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn, Estonia, on June 3,
2022.
Im speaking at the RSA Conference 2022 in San Francisco, June 6-9, 2022.
Im speaking at the Dublin Tech Summit in Dublin, Ireland, June 15-16, 2022.
The list is maintained on this page.
** *** ***** ******* *********** *************
Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing summaries, analyses, insights, and commentaries on
security technology. To subscribe, or to read back issues, see Crypto-Gram's web page.
You can also read these articles on my blog, Schneier on Security.
Please feel free to forward CRYPTO-GRAM, in whole or in part, to colleagues and friends who will find it valuable.
Permission is also granted to reprint CRYPTO-GRAM, as long as it is reprinted in its entirety.
Bruce Schneier is an internationally renowned security technologist, called a security guru by the Economist. He is the
author of over one dozen books -- including his latest, We Have Root -- as well as hundreds of articles, essays, and
academic papers. His newsletter and blog are read by over 250,000 people. Schneier is a fellow at the Berkman Klein
Center for Internet & Society at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy School; a board
member of the Electronic Frontier Foundation, AccessNow, and the Tor Project; and an Advisory Board Member of the
Electronic Privacy Information Center and VerifiedVoting.org. He is the Chief of Security Architecture at Inrupt, Inc.
Copyright 2022 by Bruce Schneier.
** *** ***** ******* *********** *************
Mailing list hosting graciously provided by MailChimp. Sent without web bugs or link tracking.
You are receiving this email because you subscribed to the Crypto-Gram newsletter.
Bruce Schneier Harvard Kennedy School 1 Brattle Square Cambridge, MA 02138 USA
--- GoldED+/W64-MSVC 1.1.5-b20180707
* Origin: TC on Micronet Daily (618:500/14.1)