It’s weekend, time for some stuff besides IT and security. Therefore, I want to introduce to you Jamendo, a site kawazu found some time ago in the world wide web. Jamendo is some sort of portal, offering free music. This means, that this music is not only free of charge, but published under the creative commons license, or something similar, which gives everyone the right to obtain this music, work with this music, and redistribute it. I find this quite cool, especially because there is some really good work there. My you give it a try.

Bookmark to:

Adventskalender | Kein Kommentar »

There are a lot of discussions worldwide about the pro’s and con’s of RFID, what it brings, how safe it is, is it a blessing or a curse. Well, one can’t deny that it’s quite comfortable. You can move freely in your Company’s buildings, and doors you’re allowed to pass will be opened by a magic hand. You have not to wait at the checkout in the supermarket, and your microwave knows in which way your meal have to be prepared. On the other hand, there are also many disadvantages. If banknotes are equipped with RFID tags, every bad guy knows instantly if I’m a valuable target. My daily routine, my route of moving, can possibly become known by anybody, and so can my social status (the clothes I wear, the credit cards I own and so on). And at least, the dustman knows if packing of your microwave meal is in the right garbage can.
Well, we can in some way protect ourselves, by either limiting thees tags with some sort of Faraday shield or destroy them completely. But this is can be complex, or in the last case, even irreversible.
Andrew S. Tanenbaum is a guy who’s quite familiar with this topic, and he presented a quite interesting approach. The RFID Guardian was once created to warn the user if his RFID tags are getting read by someone else. By now, this device has been developed to be a ‘personal firewall’ (in the best sense of the word) for RFID, giving the user control about what information tho share, when and who is allowed to access.

I see this as a very interesting approach. Maybe this is able to keep the advantages and the comfort of RFID and reduces the dangers, and the potential of misuse. For further information, the main page of the project is very useful.

Bookmark to:

Thoughts, Adventskalender | 2 Kommentare »

Today it’s about Vistas group policy. While waiting for my own key, I surfed the net a little bit, and found a usefull paper dealing with the group policys. You may be aware of part two.

Bookmark to:

HowTo, Adventskalender | Kein Kommentar »

Today it’s again about server hardening, better to say RedHat hardening. Because I ‘ll have to deal with that system from time to time, this paper by Werner Puschitz is quite helpful, providing some very useful tricks and hints. For example how to enable scp without providing login prompts.

Bookmark to:

Security, Adventskalender | Kein Kommentar »

Only a short one today, but for some of you it’s maybe a usefull ressource spending some time with. At FreeTechBooks there are several interesting ebooks, waiting to be consumed. So the old problem remains: so much to read, with such a tiny amount of time

Bookmark to:

Adventskalender | 1 Kommentar »

A little Update for yesterday’s article.

After computing for about 11 hours (with only 900 Mhz) my own crafted binarys are ready. Same site, same md5 checksum, different behaviour. While the good reveals an English verse, the evil talks to you in the black speech of Mordor

Bookmark to:

Security | Kein Kommentar »

At the weekend, i found the time to have a closer look on md5 and the attacks released for this algorithm. One of these attacks, published by Xiaoyun Wang deals with the problem of finding collisions. This attack is about two so called initial vectors having the same md5 hash. Afterwards it is possible to append arbitrary data to these vectors without changing the fact that the md5 hashes remain identical. (this is an inherited problem of block based (hash-)algorithms. If one has two Blocks with the same hash, after appending the same arbitrary data to these Blocks, they still have the same hash.) In clear:
if md5(x)==md5(y) then md5(x+z)=md5(y+z)
The initial vectors differ in Wangs example only by 6 Bit, but appending more of these blocks results in some byte free for adding payload. A closer mathematical view would exceed the frame of this article, therefore I like to refer (beside the initial paper from the beginning) to the text by Peter Selinger, which deals with the problem in a more detailed way. Here, a small example should show what to do with two initial vectors, named vec1 and vec2. Both are having a identical md5 hash, but are different, as proven by the sha1 hash.

ftp:/md5coll# md5sum vec*; sha1sum vec*
da5c61e1edc0f18337e46418e48c1290 vec1
da5c61e1edc0f18337e46418e48c1290 vec2
8f42c29f6ac45423d2a7dd614d666a26e39f29ee vec1
dfce366c23c88044ad57a5eaa7d5420024a7fd14 vec2

Now lets append some data, and observe that the md5 hashes stay identical.

ftp:/md5coll# dd if=/dev/urandom of=foo bs=32460 count=1
1+0 Datensätze ein
1+0 Datensätze aus
32460 Bytes (32 kB) kopiert, 0,044771 Sekunden, 725 kB/s
ftp:/md5coll# cat foo >> vec1
ftp:/md5coll# cat foo >> vec2
ftp:/md5coll# md5sum vec*; sha1sum vec*
64dbc8e1f2cc1855f09f37528181484b vec1
64dbc8e1f2cc1855f09f37528181484b vec2
b73dde6a98b46c53fd32fb709330dad835a9d116 vec1
e60795346ab6041ff1a315e8ca745c854ffe6ae2 vec2

While the attack is not published completely yet (there are only initial vectors, while it should be possible to have these ‘doppelgangers’ at any point in the data) there are some nice things to do with this.

Fore example a binary that record it’s way through p2p file sharing networks like Kkazaa, collecting Information about the users sharing this binary. Kazaas hashes not the whole file, but does this with 32KB blocks. So you can use one Bit for every block for your own purposes. Talking about a binary of 60MB, this makes 1920 bit of payload, without changing the hash of the file (changing the hash would result in multiple appearance of the file in the p2p network, which would surely be noticed) Now its not necessary for the binary to phone home, its enough to download it from time to time via the p2p network an see what it has collected. (For example MAC addresses, email data or host names.)

Security Tools that check the md5’s of a systems files also have no chance to detect a replacement.

Peter Selinger has published a nice tool that’s able to create a pair of executables with identical Hash, but distinct behaviour. While my computer is still computing my own example, I’ll use Peter’s example files here.

mschmidt@ftp:~$ md5sum erase; md5sum hello; sha1sum erase; sha1sum hello
da5c61e1edc0f18337e46418e48c1290 erase
da5c61e1edc0f18337e46418e48c1290 hello
dfce366c23c88044ad57a5eaa7d5420024a7fd14 erase
8f42c29f6ac45423d2a7dd614d666a26e39f29ee hello
mschmidt@ftp:~$ ./erase This program is evil!!!
Erasing hard drive…1Gb…2Gb… just kidding! Nothing was erased.
(press enter to quit)
mschmidt@ftp:~$ ./hello
Hello, world! (press enter to quit)

It scares me a Bit, that
if md5(binA)==md5(binB) then behaviour(binA)==behaviour(binB)
is no longer supposed to be true. So is this the end of md5? Well, i don’t think so, because the usage of the published attack is rather limited. But it should be clear that the end of md5 has started, and moving to an alternative (sha1) should happen as fast as possible.

Who’s interested in more details shoul have a look at this book, especially chapter 3 and 11 are showing what’s possible with md5 collisions.

Update

Bookmark to:

Security, Adventskalender | Kein Kommentar »

Who’s daily routine is not dealing with algorithms and data structures, is quite often overwhelmed by the mass of terms used. While Quicksort, Bubblesort or recursion is quite common, and therefore quite well known, it looks different with cocktail shaker sort or postman’s sort. Therefore, the NIST runs a quite useful dictionary, which covers nearly every term in the field of algorithms and data structures.

Bookmark to:

Adventskalender | Kein Kommentar »

Today its about the security of the most popular web server around, Apache. The main things to secure a (not only web-) server are not new, and always the same. Disable unused modules/services, care about access privileges, use the latest patches and so on…
Pete Freitag has collected some important facts for the Apache in some kind of check list, wich has helped me quite a few times, especially when in a hurry, or check a foreign configuration.
Who likes to have a closer look at the topic should think about consuming this book, published by O’Reilly.

Bookmark to:

Security, HowTo, Adventskalender | 3 Kommentare »

While Christmas is approaching, there’s a good tradition in Germany called “Adventskalender”, what means that from December 1^st to Christmas eve there’s one piece of sweets for the children behind a small door. (Is there something like that in other parts of the world? Please let me know.) But it’s hard to deploy sweets through fibre channel, and therefore i want to share a nice digital present with my readers. I hope I can manage it to introduce to you something useful, funny or something worth noticing in any other way.

Let’s begin with a nice collection of Quick Reference Cards. I find these quite useful, because most of the stuff fits on one sheet of paper. While this seems kind of strange for something like UML, it’s totally enough for the vi, for example. I hope some of these sheets are useful to you.

Bookmark to:

Adventskalender | 4 Kommentare »