Surveillance Cameras Security Reviews

Posted on January 11, 2008 by felixctc

Surveillance cameras, or closed circuit television, is the technology I am evaluating. For example, you generally see these camera at a bank, gas stations, malls, and etc. They are different than broadcast television because the signal is not openly transmitted, although some systems might communicate through wireless links.
Some assets that the surveillance cameras are protecting are people safety, confidential informations, and any other valuables. With the surveillance cameras in place. If people get attack in the view of the surveillance cameras, the event will be recorded so that the adversaries can be punished. For confidential informations and other valuables, the goal for the surveillance camera is to prevent information from being stolen without gaining any information about the adversaries to catch them. In addition to this goal, just having the camera in place will make the adversaries think twice before doing anything illegal. Continue reading

Posted in Security Reviews | Comments Off on Surveillance Cameras Security Reviews

Anti-Piracy Security Mechanisms in PC Games

Posted on January 11, 2008 by esoteric

Piracy has long been a prominent issue in the software industry. Software developers and publishers earn their livelihood selling their programs, but since the products they create are digital in nature, they can often easily (and illegally) be copied and redistributed with minimal effort. This problem applies to all digital media, but one interesting case study in computer security specifically pertains to the PC videogame industry. In response to the rampant PC game software piracy on the internet and in foreign countries, many developers have opted to place security mechanisms in their software or on the game discs themselves in an attempt to thwart would-be pirates. These security features are often effective, but can have unintended consequences which end up hurting legitimate customers. In this review, I examine the set of anti-piracy mechanisms on PC games and single out a few examples when necessary. Continue reading

Posted in Security Reviews | Tagged , , , , , | 8 Comments

Access Control on King County Metro Transit

Posted on January 11, 2008 by alpers

Buses are vital for college students looking to get out of the university district and explore the greater Seattle area. The King County Metro transit service is partially funded by local and federal government but depends on riders’ tolls to break even. Fares are either collected when the rider boards a bus if the route is inter-city or heading toward downtown, while routes heading out from downtown collect fares when the passenger disembark. Fares can be in one of four forms, with a fifth (RFID) currently being developed. Continue reading

Posted in Physical Security, Security Reviews | Tagged , , | 5 Comments

(un)-Safe Deposit Box Security Review

Posted on January 11, 2008 by chrislim

My review was on safety deposit boxes based on my experience using them. I was surprised at how stunningly insecure they are (although there may be additional controls I did not know about that banks implement), and am further surprised by the fact that the system is still largely operational. Beyond that, I was surprised at how interesting something as mundane as a safety deposit box could turn out to be.

Continue reading

Posted in Physical Security, Security Reviews | 7 Comments

Ink Tags: My Security Review from HW1

Posted on January 11, 2008 by robertm2

For my security review, I have chosen to cover the anti-theft devices that are commonly used at retail clothing stores, which I believe are called “ink tags”.  I am basing this information from personal experience (I briefly worked for a clothing store a while back) and also from this entry on wikipedia: http://en.wikipedia.org/wiki/Retail_loss_prevention.

 

Summary: 

Ink tags are used very commonly at clothing stores in an attempt to prevent theft.  It’s a somewhat sizable piece of beige-colored plastic that’s pinned onto every single article of clothing at the store.  The removal of this plastic is relatively hard to do so with force.  And, more specifically, if it’s not taken off with the provided special device (which the stores stock), the glass vials inside the tags break and spill ink onto the clothing, presumably ruining it.

 

Assets/Security Goals:

 

  • The obvious assets are the clothes that the stores stock.  They want to prevent people from taking it without paying money since their businesses rely on this.
  • The ability for shoppers to shop effectively and safely.  This is more subtle, but the stores need to ensure that, for example, the tags wouldn’t falsely trigger and spill ink onto valuable customers.

 

Potential Adversaries/Threats:

 

  • A typical shoplifter.  The thief could still just take the clothing and wear it with the tag still on there, or, if it was later taken off incorrectly, with the ink stains.  Wikipedia also describes a method in which people try to cover the holes the ink spills out from with duct tape, thereby reducing or eliminating the amount of ink that spills onto the clothing.
  • An employee or ex-employee.  An employee with access to the device could take the tag off safely and steal the piece of clothing.

 

Weaknesses:

 

  • Though the mechanism will likely deter potential thief’s from otherwise stealing, it does very little (perhaps even absolutely nothing) to prevent them from actually taking the merchandise.  However, the motives to want to do such thing seems illogical (steal clothing but not wear it, or, wear clothing with an ink tag still on or with ink stains).
  • As I already mentioned, the ink can perhaps be blocked from spilling onto the clothing by covering up the holes.

 

Potential Defenses:

 

  • In a way, the defense is that the affected clothing will be of no use to the thief.  Also, stores should pair this device with other security measures like sensors that sound an alarm or security cameras.
  • Make the holes small enough and plentiful enough so that they cannot be seen, making it impossible to block the ink.  This is apparently already being implemented in the newer (?) devices.

 

Risk Analysis:

To begin, I would say that the monetary value of the asset is relatively small.  The costs of producing and shipping for most clothing is cheap.  And since we’re dealing with just clothes, there’s no confidential data or the like that we’re losing (the clothes aren’t exclusively designed to be unique products to exist as one, but instead designed once and then massively reproduced cheaply).  The probabilities of the threats and vulnerabilities seem low as well.  Given the state of our society’s  ethics and enforced laws, most people wouldn’t even consider shoplifting.  and the small percentage of people that would will be deterred from doing so since, from their perspective, the likeliness of successfully benefiting from stealing to the risks are bad.  I would say the only exception is maybe for the employees who would have an easier time removing the ink tags.  This is why I believe other security measures should also be in place like having security cameras.

 

Conclusions:

More recently, the retail industry’s goal has been not necessarily to prosecute thief’s but instead to simply prevent it from happening in the first place.  This is due to many companies being sued for falsely accusing people of theft (as an example, I heard of a story about how one employee ran after a thought-to-be thief and tackled them to the ground).  I believe that the retail industry has successfully been able to do this with the use of ink tags (along with other devices) by making the potential reward for the thief very small as compared to the risks involved.

Posted in Security Reviews | 1 Comment

Watching an Exploit Unfold: Sex Offenders and the ESRB

Posted on January 11, 2008 by Trip Volpe

This post documents an actual vulnerability exploit I recently witnessed. Details have been changed to protect the stupid.

I happened to be loafing around on IRC yesterday, when an unusual opportunity to observe some pointless cybercrime in action presented itself. One user on a channel I occasionally visit brought the channel’s attention to the website of a state government agency. Because this blog is open to the public and this post concerns a currently extant vulnerability in a public website, I will not identify the particular agency, but I will say that it is an Internet crime database for an entire state, including information about missing children, parole and probation supervision, and a sex offender registry. Continue reading

Posted in Ethics, Miscellaneous, Privacy | Tagged , | 1 Comment

Boeing 787 Dreamliner Wireless Enabled

Posted on January 10, 2008 by Fabian

Summary

FAA imposed a “special conditions” to let Boeing installed an in-flight internet access for the study/test purposes for the next 787 Dreamliner aircraft. But the new system will not be available on the next release of Dreamliner until it is passed this flight worthiness test. Boeing is confident on the new system will not interfere with the critical flight system as many people might have thought. On the other hand, FAA is not entirely convinced, but willing to see the prospect of the technology for future commercial aircraft feature. FAA and Boeing assure that the internet system and flight system will be on separate from each other and passengers should not be worry of this new improvement. However, further studies need to be conducted, especially in terms of the overall system vulnerabilities against malicious passengers and people on the ground.

Discussion
The in-flight internet access system has been envisioned by many of us since the internet wireless revolution. For some people, it is important to remain connected to the world by any means necessary. They can use the internet for entertainment or even for business depending on the purpose of their trip. The new system can definitely make do similar activity as if you are in front of the computer connected to the internet.

People are so accustomed with wireless technology since it is more convenient without the mess of the cable. It is also a solution to give connectivity to passenger on board without drilling any holes on the aircraft’s wall.

As all of us might remember, Boeing has been announcing delays on the delivery of Dreamliner last year. However, under the Pat Shanahan direction, the Dreamliner is back on track on this January. We can speculate that Boeing is trying to add this internet access feature in the Dreamliner. Interesting fact is that we haven’t quite solved the security for on-the-ground wireless in public places like in the coffee shop. While in the coffee shop, customers are directly connected to the router. In the aircraft, passengers will be not connected to a router which is part of a bigger system, some of which are critical to survival of the aircraft.

Reflection
If the aircraft maker decided to install connectivity to the internet as the feature of the aircraft, then perhaps it will start by making it available via wires. Passengers will user their Ethernet cable to hook up to the internet. Boeing tried to push this idea, but it seems the market and the general population already been bought by the convenience of wireless connectivity idea. The only hindrance back then was the effect of electronic equipment to the flight navigation system; even cell phones need to be turned off before and after a flight.

If the demand for in-flight internet system was so high before the wireless revolution, aircraft maker might develop a completely new system that is independent from the flight system. Thus, it is possible that it will be using different protocol and different frequency that will not interfere with flight communication or navigation. However, this means that current wireless technology will be different and suitable for cabin environment of an aircraft.

Broader Issue
The issue that might arise once the internet system is fully tested and approved of public use is probably the same as the one we have here on the ground. For example security issues, like confidentiality, integrity, and availability of the internet connection in the aircraft. What will prevent a malicious user to attack other user in an aircraft? Who are responsible to protect the user if such incident occurs? If this malicious user is hypothetically caught in mid-air, what will the crew’s action?

Passengers will not hesitant to bring laptop and take advantage the internet for entertainment and business purposes. If more passengers are using laptops, then they will need to recharge the laptop as soon as the battery runs out. This means that aircraft has to be prepared for its battery to supply such energy. It might increase the service cost and make the aircraft fare a slightly higher.

Possible Reaction
Due to the current economy, people lean towards choosing air travel that can give them more savings. The cheapest fare might not be the one with internet access. Thus, people must weigh the benefit of having an internet access or not. In addition, the issue of security still exists and your computer might be exposed to the same danger as if you are connecting through an internet at a coffee shop.

More and more internet security company will market their products and label them to be “in-flight safe”. On the other side, the hackers/crackers will become more creative to hack them. Not to mention the skeptical people who think that in-flight internet is like given a small bit of the aircraft control or a small bit of the puzzle to control the aircraft.

Posted in Current Events | 2 Comments

Storm Update…holiday edition…

Posted on January 10, 2008 by patriw

Summary:
The popular Storm botnet (also known as Peacomm and a bevy of other names…one for each AV company!) has just released yet another round of its malware in spam send out over the christmas / new years holiday period. While the disassembly of the current version is not yet available, older versions have employed a wide array of techniques to ensure the privacy of their code, and the current version is likely to employ these, and more. The network, while once operating on the Overnet p2p network, has now gone private, obfescating their udp packets. A few of the software issues will be discussed, and hopefully, a similar analysis of the most recent variety will be coming soon. However, it is simply an arms race. It takes time to dissect new pieces of malware, and in this time, computers are infected. Once a solution is found, another technique will be created to defeat it.

Assets:

  • While the malware authors want the software distributed as widely as possible, its important to protect the details of the protocol and the command and control portions of the malware. The privacy here is protecting several assets. Without completely dissecting the code, AV signatures are hard to develop, making it easier to successfully infect potential hosts. In addition, the obfuscation of the code protects the protocol used by the bots to communicate. While Storm as recently as September used the popular overnet p2p network to communicate, it has since moved to a private network. This network is the authors biggest asset, as massive ddos attacks are possible with so many infected machines, as well as the ability to send massive amounts of spam.
  • Small footprint. Sending spam, or even being part of a ddos attack doesn’t generate so much traffic that the infected machines are crippled. The spread of high speed internet connections has made hiding in the background much easier.
  • What appears to be a group of very talented minds.
  • Instead of taking advantage of exploits, the malware is spread via social engineering…as people are by default dumb, this method of distribution works great!

Potential Adversaries/Threats:

  • Wide spread adoption of a more secure email protocol than SMTP. Storm currently abuses the fact that smtp does not authenticate the sender of email messages. The authors of the malware seem to be driven by financial gains, and without the ability to send spam, they would be unable to participate in pump and dump scams, nor product advertisement.
  • Honest ISPs. There are currently ISPs that still do not validate the sender’s ip address of UDP packets. There have been reports of these in Russia and China. These provide lovely avenues in which DHT (Older versions utilized the dht used by overnet…I’m assuming there is still a dht in place, despite the change in protocol) values can be inserted without the source being obvious. This doesn’t have to be the case! Just try sending a message from your computer with a forged src ip. It will be blocked! In addition, ISPs could block all Storm traffic (might be illegal…not that Comcast seems to mind dropping customers packets).
  • OpenDNS and other dns servers that are null routing ip’s seen hosting malware. This is rather difficult as storm utilizes fast-flux domain changing, however as Storm is being hosted by many of the already infected machines, blocking all ips seen communicated with infected boxes would potentially reduce the number of hosts.
  • VMWare/VirtualPC and debuggers…These can be used to run the code, dissect the method that the udp packets are being created, and identify bootstrap lists (Hopefully leading to these IPs being notified and cleaned…but apparently this isn’t happening). Widespread use of VMs would also pose a threat to malware in general, as simply resetting the machine to a previous snapshot would clean the machine.
  • Researchers…we’re so curious!
  • Law enforcement…nothing angers the man more than someone getting rich easy.
  • Script kiddies…can you imagine a 15 year old kid in north dakota with the ability to ddos anyone, anytime? Remember Estonia?

Weaknesses:

  • The fact that this piece of software must actually run means that the code cannot be completely hidden. It must be unpacked to run. So running in a debugger will reveal un-obfuscated code.
  • A large volume of udp packets must be sent, both to enter the Storm network, as well as to simply maintain itself in the network. This creates a large amount of traffic to be analyzed.
  • The size of the storm network, while a strength, has also generated a huge amount of interest from both the AV, research and law enforcement fields.
  • To avoid running in a VM, the malware utilizes default settings in the software that can be easily changed to avoid detection.
  • Hard-coded bootstrapping list. A list of several hundred IPs are hard coded into the malware. Without these the program cannot run. There is no evidence of a IRC C&C backup.
Posted in Current Events, Security Reviews | Comments Off on Storm Update…holiday edition…

Keeping an Open Wireless Network?

Posted on January 10, 2008 by Kris Plunkett

I’d like to briefly share with you an interesting article by famed computer security scientist Bruce Schneier that he recently wrote for Wired. In it he argues against securing your wireless network and for having open networks that others can use. To the obvious arguments against having open networks, such as people stealing your bandwidth, using your connection to perform illegal actions, or breaking into your computers, he replies: “…I don’t think it’s much of a risk.” He claims that virtually all potential negative consequences are either highly unlikely or of no significant consequence after all. It’s very interesting to see such a radically different viewpoint on such a seemingly obvious topic from a prominent computer security expert like Mr. Schneier. I encourage you all to check it out. It’s a quick and fun read.

As for myself, I secure my wireless networks for the same reason I lock my doors. Yeah, I’d like to think that I would be doing the good Samaritan thing by keeping my house open to passer-byers urgently needing to use a bathroom, but the risk that they might take something valuable on the way out just seems too real. On that same note, although Mr. Schneier might be right in saying that the risk of legal prosecution due to me keeping my network open is small, any risk to my life and freedom is too much. So that some “people…[be] rescued from connectivity emergencies by open wireless networks in the neighborhood” is not worth life in jail. If someone needs an open network that bad, they can drive the extra half-mile down the street to the coffee shop. Scary enough is the idea that it only takes one malicious user to make your network a conduit for crime. Also, Mr. Schneier argues that one should not rely on a secure network for computer security in general, because as soon as you take your mobile computing devices to a public place, they are no longer under the umbrella of a secure network and are therefore vulnerable. I say that both the network and the computer should be made as secure as possible. This follows the basic computer security principle of overlapping controls. Or perhaps I’m just too paranoid…

Posted in Ethics, Miscellaneous, Policy | Tagged , , , , , , , | 10 Comments

Example Security Review #5

Posted on January 7, 2008 by Tadayoshi Kohno

Michael Levine provided this example CSE 490K Security Review.

Continue reading

Posted in Announcements, Security Reviews | Comments Off on Example Security Review #5