Tor (http://www.torproject.org/) is a service and application to enable anonymous access to the Internet. It works by relaying network requests through a number of peers before ultimately accessing the resources requested. In this way, those listening on your connection will find it extremely difficult to follow the sites you visit or your physical location. Continue reading
Anti-Virus Vendor Hacked
I just read an article about an Indian security company AvSoft whose website got hacked and distributed malicious code rather than their own when users tried to download software. The attack used was iFrame injection on the vulnerable site. From what I’ve read about iFrame injections, hex code (with real meaning when translated to javascript) is somehow uploaded onto the site. Then when users try to click on some link or button, what they are really clicking on is an “invisible frame” over that link/button which redirects them to some other site or attempts to install malicious software.
Posted in Security Reviews
3 Comments
Diebold/Premier Voting Machine Key Copied
Adding to the current furor of news surrounding the issue of electronic voting machines, an egregious mistake by American voting machine producer Diebold (now known as Premier Election Systems) has lead to heightened doubts concerning the integrity of electronic voting.
Diebold has a history of security mishaps dating back to 2003, when they posted the source code for their voting software on a public FTP site. The availability of this code led to the discovery of an exploit in 2004 that would allow for the manipulation of votes as they are tabulated at a central location.
In the company’s most recent debacle, the first major issue of note is that the same physical key can be used to open the locks on all of the touch-screen voting machines that Diebold produces. Secondly, Diebold unwittingly posted a picture of this key on their website on a page that described how replacement keys can be ordered by official account holders. Ross Kinard of sploitcast.com was able to construct several keys based on this image that proved to successfully unlock a test voting machine.
The implication of this security breach is that it is now much easier for an adversary to gain physical access to the innards of a voting machine and attack it by modifying the software via a flash drive or by altering the hardware. This could result in misappropriated votes or denial of service attacks where people’s votes are rendered useless.
Many policy makers are lobbying to make a return to paper ballots, which arguably have fewer undetectable vulnerabilities, but are more tedious to deal with. It is unclear whether electronic voting machines will continue to be used in future or not, but serious changes need to be made before they become even remotely secure. In addition, companies like Diebold/Premier rely on their reputations, and they must earn and maintain the trust of the public in order to be successful.
Youtube video of a homemade key opening the lock on a Diebold electronic voting machine:
Posted in Current Events, Integrity, Physical Security
Tagged Diebold, electronic voting machine, machine, Premier, voting
3 Comments
Just for fun
I came across this on xkcd.com. Thought you all might enjoy it!
For more fun, check out http://xkcd.com/341/ and read through http://xkcd.com/345/.
New York’s Total Snoop Grid Moving Forward
http://www.prisonplanet.com/articles/december2007/241207_snoop.htm
The article describes the “mission creep” going on in our war on terrorism. While the purported reason for installing thousands of cameras in Manhattan is to protect us from terrorism, Manhattan seems an odd place to be spending to prevent terrorism. The cameras and license-plate readers will inevitably be used by government agencies on our own citizens, as has already been proven with the misuse of powers granted to federal agencies under the Patriot Act (the Pentagon snooped on peaceful protesters, students, and Quakers in the antiwar movement). This basically sums it up: “the electronic panopticon is not about terrorists or car thieves, it is about fine granularity surveillance of the population at large.”
Another facet of this mission creep is the Threat and Local Observation Notice (TALON) database, currently being used to disperse information between federal agencies. Though TALON’s stated goal is to fuse data regarding domestic terrorism, the criteria for what may be included are overly broad, namely “non-specific threats” and “suspicious activity”.
As if you didn’t already know, we’re on our way to becoming a police state…
Posted in Current Events, Privacy
2 Comments
Google Privacy Policy: 2007 in Review
Google has posted a video recap of 2007’s privacy policies. In the heart of “don’t be evil”, Google Global Privacy Counsel member Peter Fleischer covers Google’s position on some of the toughest privacy topics of our time.
Posted in Miscellaneous
1 Comment
Our Nation’s Borders
The security of our nation’s borders is a topic of great importance. The importance of border security, like most forms of security, can only be truly appreciated when it fails. Some forms of border security failure can have devastating consequences (9/11, though I don’t presume to say that border security was alone at fault for this tragedy), while other failures can have less obvious consequence, such as the draining of tax dollars to support illegal aliens receiving free health-care and education. The problem comes down to foreigners wanting to illegally enter our country for two contrasting reasons: to either benefit from a superior quality of life or to inflict damage on our nation. Defending against illegal immigration is no easy feat, as we have to consider the vast Southern border, the even bigger (though much less troublesome) Northern border, the coasts, and all international airports. Furthermore, distinguishing via identification and authentication between a foreigner who is legally residing within our borders and one that is doing so illegally is also a very hard problem. Continue reading
Posted in Miscellaneous, Physical Security, Policy, Security Reviews
Comments Off on Our Nation’s Borders
Security Review: Automated Teller Machine
Summary:
Automated Teller Machines (ATMs) have been around since the late 1930s. Nowadays they can be found all over the place. The common and accepted use of these machines is to draw money from your bank account in a convenient and accurate manner. To do this, we typically insert a bank card into the machine with a magnetic strip encoded with our account information such as our name, our account number, a special PIN, and maybe another number or two for security depending on the card. Once we input our card, we must communicate with the machine through the display and keyboard interfaces. These are the only means of communication for normal transactions.
However, what are some of the other aspects of ATMs? The money is typically held in armored, metal drums these days with only one entry-exit point. Video footage of ATM use is recorded also these days in the event something does happen, so authorities will have more information at their disposable to react. Messages to and from Data Bank Centers are relayed via a network in order to confirm account details. The machine’s innards are encapsulated with layers of physical security such as an outer casing, the armored drum mentioned for the money, locks, and a series of sensors such as magnetic, seismic, and thermal.
Assets:
- The cash every ATM holds. I would have to venture to say this is the most common asset sought after by thieves of ATMs.
- ATM components such as card reader, CPU, sensors, etc. These could be valuable to study in order to better mount an attack on an ATM.
Potential Adversaries/Threats:
- The common thief. Anyone who robs banks, gas stations, etc would seem likely to be the type to try to attack an ATM. Every once in a while you hear about a thief tethering their truck to an ATM in hopes they can carry it away with the truck. This is just one example of my “common thief.”
- The manufacturers of ATMs and/or the persons who restock the ATMs. These individuals have an inside edge over others when it comes to having information about the ATM’s design and access to the innards of the machine. Though, the person restocking the machine probably wouldn’t stock the machine and then try to steal from it. They might, however, sell information about how to get inside the machine.
Weaknesses:
- Stolen or duplicated bank cards. If a thief can obtain a real or duped bank card, they are one step away from your withdrawing money from your account. They would also need your PIN, and this might be discovered through observing you punch it in, or through the banks records somehow.
- The owners manual gives away default passwords and methods for putting the machine into certain modes of operation. For example, this actually happened and can be read about at http://blog.wired.com/27bstroke6/2006/09/atm_hack_uncove.html?entry_id=1560245
- The network communication lines could be tapped and signals might be altered. A confirmation message from the Data Bank Center might be altered to up the amount withdrawn from the ATM, but not recorded on your account.
- The ATM is only metal and machinery. It can be destroyed and/or carted off with enough force. Then at a later time, it can be dismantled without worry of time if it were successfully carted off. This is known as Ram-raiding: http://en.wikipedia.org/wiki/Ram-raiding
Potential Defenses:
- As another physical layer of security, the ATM could sit on top of a vault in the ground where the money would be held. This way, if someone stole the ATM, they would not steal the money, and it would just be harder to get to overall.
- Sensors could be put into place to detect if someone is tampering with the innards of the machine in an unauthorized manner, and if so, a self-destruct mechanism of the core parts could be initiated (fry the parts?).
- Instead of a bank card to initiate a transaction, the ATM could require a fingerprint also or retinal scan.
Risks and other issues:
Out of the two assets above, I would say the money in the ATM is the item at most risk. This is due to the value of the asset compared to anything else the ATM is composed of. Cash is the most liquid of all forms of payment, and it cannot be traced easily. These properties make the asset highly attractive. Next, considering the threats and adversaries, I believe the employees who restock the machine have the least risk of being caught. This is because they have access to the machine at certain times. It would be obvious if they stole the money before restocking the machine, but accessing the machine afterwards might be feasible to make it appear as if someone else did the bad deed. Next, I would think the manufacturers of the machines would have the next least risk. They have knowledge of the system, and from the article above, it can be seen if you have only the owners manual, you can steal from someATMs . It would make sense then that people unaffiliated with the machines like criminals would have the most risk. They must break the security of the machine from scratch which is more difficult than if they had inside information. Finally, from the weaknesses above, I would think the last weakness, ram-raiding, is the approach to be most taken. This is because it seems quick with numbers of people on your side, it can be done without revealing your identity, and you have an escape vehicle on hand. The bank card approach seems tricky since once you have stolensomeone’s card, they can just cancel it, and in the interval of time when they haven’t canceled, you need to get to an ATM with knowledge of their PIN to draw money.
By exploiting any of these vulnerabilities above, an individual is definitely participating in an unethical act. Taking the money in an ATM is a classic example of stealing. As a society, we have agreed that stealing is wrong, so this does not need anymore explanation.
Conclusion:
Ever since ATMs were first introduced, criminals have sought to rob them. It is a serious deal, and the level of protection on ATMs these days shows just how serious organizations are to protect the assets inside. Nowadays, the security systems are probably “good enough”, and we should be more worried about user and design error. After a system is at a certain level of security, it might be too costly to go much further, and perhaps responding to acts against the ATM is a better course of action at that point. Design error should be a major cause for concern though. As the article linked above shows, if default passwords and operation modes are left available to anyone with the ATM manual, then things can go very wrong.
Posted in Ethics, Physical Security, Security Reviews
Comments Off on Security Review: Automated Teller Machine
Bank teller arrested for $3.2M theft
A Romanian bank teller was arrested for illegally transferring $3.2M into two bank accounts by using his director’s password. There is no detail in the article to describe how the teller acquired the director’s password but this could have been done in a myriad of different ways including shoulder surfing, brute force guessing, or social engineering. In this case, the adversary was a trusted employee and may not have been considered a threat.
http://www.msnbc.msn.com/id/23027131/
This is a great example of how adversaries can be anywhere and even the most secure systems are only as secure as the people who administer them. All the technology we use to secure communications, systems, and data is virtually worthless when someone can acquire the necessary credentials to bypass all that.
It is important to remember that there is more to security than just encryption and buffer overflows. Policy and user education is an equally important aspect.
Posted in Current Events, Ethics
3 Comments
Four Undersea Cables Cut In Middle East In Less Than a Week
As many of you may have heard, two undersea cables were cut on January 31st severing internet to millions of users in the middle east. At first it was reported that these cables were severed by a ship’s anchor, but it is now being confirmed that this is false. The map of undersea cables and those affected can be found here.
However, in the last few days, two more cables have been cut. An illuminating internet traffic report is here.
The probability of all of these events being random accidents seems vanishingly small. Could this be a new sort of attack intended to black out an entire region? If so – what could the motivations be and who could be behind this? Could this be done for commercial reasons? Could this be a government or terrorist organization about to mount an attack?
Some other enlightening posts can be found here: part I, part II, part III