Search the Community

Executabilul de la Petya Ransomware Rescris de la 0 in C (pentru scop educational). Totul este explicat concret si clar. SC: https://github.com/reservedcloud/Petya2 Codul sursa este licentiat cu GPL 3.0, deci orice schimbare sau publicare a sursei fara credite poate fi data jos printr-un DMCA.

Decrypting the Encryption Debate: A Framework for Decision Makers, un punct de vedere critic , New National Academy of Sciences Report on Encryption Asks the Wrong Questions , The report collapses the question of whether the government should mandate “exceptional access” to the contents of encrypted communications with how the government could accomplish this mandate. We wish the report gave as much weight to the benefits of encryption and risks that exceptional access poses to everyone’s civil liberties as it does to the needs—real and professed—of law enforcement and the intelligence community. si ...We described what we saw as “three truths” about the encryption debate: First, there is no substitute for “strong” encryption, i.e. encryption without any intentionally included method for any party (other than the intended recipient/device holder) to access plaintext to allow decryption on demand by the government. Second, an exceptional access mandate will help law enforcement and intelligence investigations in certain cases. Third, “strong” encryption cannot be successfully fully outlawed, given its proliferation, the fact that a large proportion of encryption systems are open-source, and the fact that U.S. law has limited reach on the global stage. We wish the report had made a concerted attempt to grapple with that first truth, instead of confining its analysis to the second and third. Lets not accidentally endorse escrowed encryption. caci ce poate sa mearga rau ?

Hi guys, i know the title must sound obsolete for ya, but i've seen in the past romanian managed to "hack" a previous version of this game. https://world.triviador.net the security has changed since then, i'm wondering if there's anyone that can still make an xml grabber for it. from what i know, if you search "sharedkey" or "rsapublickey" with a memory viewer through firefox for ex, you can see a huge key. i believe that rsa key is used to encrypt the key used for decrypting the xml. anyway, i have managed to write the actual decryption algorithm for decoding the xml, and maybe for decoding the key too, but i can't get the encrypted key out from the memory of any browser. i'm curious if anyone could do that. =] ~ Cheers ~

CyberSafe Top Secret Ultimate is a powerful encryption program that allows you to encrypt pretty much anything and everything: whole computer, entire disks/partitions (both internal and external drives, including USB flash), individual files, network shares, cloud storage (e.g. Google Drive or Dropbox), email, etc. Other features include support for compression, industry-standard encryption algorithms, two-factor authentication, ability to hide folders and files, and more. Get it now! Read more at Free CyberSafe Top Secret Ultimate (100% discount) - SharewareOnSale

The nation’s first ever criminal case involving a hijacked wireless Internet connection came to light this month, prompting online security experts to warn that home Wi-Fi routers may be open to attack if not properly protected. Users need to set a password and switch on encryption, or their network can be hacked within minutes by someone close enough to eavesdrop on the wireless signal, such as a user in an adjacent apartment, said Yuichi Nozawa, a consultant with the government-affiliated Information-technology Promotion Agency (IPA), a body that advises on digital security. Cracking the security itself is relatively simple for one common form of encryption and can be done using free software. The IPA delivered the warning last Friday, a day after the rearrest of a man suspected of tapping into a nearby Wi-Fi network in Matsuyama, Ehime Prefecture. Hirofumi Fujita, 30, is separately on trial for allegedly stealing ¥16 million by obtaining online banking IDs and passwords as well as sending computer viruses to gain unauthorized remote access to other people’s computers. Moreover, the agency warned that hackers can use hijacked wireless networks to hide their identities, leading “even ordinary people with no criminal intention” to become the main suspects in cybercrimes, Nozawa said Monday. He said police sometimes identify suspects by the Internet access point used. A further problem lies in the fact that it is not easy for ordinary users to detect if their network has been hacked, he said. Many users remain unaware of the risks. In 2014, the IPA reported that more than 50 percent of households either had not set password protection on their home wireless network or were unsure whether it was active. But even if a wireless network is password-protected, it needs to use a newer form of encryption, as older ones can be cracked fairly easily. Older routers may offer Wired Equivalent Privacy (WEP) encryption as the default setting, which Nozawa said can be hacked. The alleged Ehime hacker is suspected of using this technique, deploying software that came as a free gift with an IT security magazine. Instead, Nozawa recommends using Wi-Fi Protected Access II, better known as WPA2, a higher form of encryption and one usually offered by newer network devices. The IPA recommends contacting manufacturers’ support teams to find out how to configure the security settings, as the procedure varies from device to device. Source

Now No Government Can Spy On Its Citizens! Taking a cue from Google and Apple, Facebook for the first time is giving its users more encryption options to keep their information private, infuriating agencies like FBI and NSA who believe that “law enforcement and national security investigators need to be able to access communications and information to obtain the evidence necessary to prevent crime and bring criminals to justice in a court of law” and that locking user data places lives in danger by limiting government surveillance. The US government who recently said they will stop spying on Americans is up in arms because this new encryption won’t let them spy on Americans. In a blogpost, Facebook explained how the feature will work: “It’s very important to us that the people who use Facebook feel safe and can trust that their connection to Facebook is secure…Whilst Facebook seeks to secure connections to your email provider with TLS, the stored content of those messages may be accessible as plaintext (with attachments) to anyone who accesses your email provider or email account. To enhance the privacy of this email content, today we are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to “end-to-end” encrypt notification emails sent from Facebook to your preferred email accounts. People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications.” Created as PGP (which stands for “pretty good privacy”), nearly 25 years ago by Phil Zimmermann, OpenPGP is one of the most popular available standards for protecting email with public key encryption. You will be able to update your own public key, using a desktop browser, at: https://www.facebook.com/me/about?section=contact-info The new move will allow users to encrypt notifications sent from the social networking website to their email addresses, protecting potentially sensitive emails, such as a request for a new password, from hackers, spies or anybody who does not have the user’s private key. “It also means that people who activate the email encryption and then lose their private key cannot turn to Facebook for help. The social network would have a copy of the public key uploaded to a user’s Facebook profile, but encrypted chats or emails off the site would still require the users’ private key to unlock. Other account recovery methods like SMS and Trusted Contacts can still work without relying upon email recovery,” explains Jay Nancarrow, a communications manager with Facebook. ??????????????The Committee to Protect Journalists has praised Facebook’s encryption decision. “Facebook has taken an important step to help protect users’ private communications by default, and make the risky environment, in which journalists work, a little bit safer,” said CPJ Internet Advocacy Coordinator Geoffrey King.

In this era of Global surveillance, we all are worried about the privacy of our communication and sensitive data. There is no guarantee that our data is not being snooped on, but there is a solution — PGP (Pretty Good Privacy). PGP (Pretty Good Privacy) is more than 20 years old technology but is yet not widely adopted. PGP is an open source end-to-end encryption standard to encrypt e-mails, protecting you against companies, governments, or criminals spying on your Internet connection. But... ...the tool is too complicated for most of the people to implement and use. However, Facebook is now encouraging its users to use PGP and communicate by sending encrypted emails, adding the popular OpenPGP email encryption standard as an extra layer of security for the cautious. According to the latest announcement, you can now upload your Public PGP key to your Facebook profile so that anyone with your public key can send you encrypted emails. By giving such option to users, Facebook could really help rapid adoption of PGP encryption standard worldwide. The Social Networking Giant has plans to encrypt all its notification emails to users who use PGP or GPG (GNU Privacy Guard), as Facebook currently sends you emails alerts for private messages, password changes, and other account notifications that may be sensitive. All the emails you receive from Facebook will be protected with encryption, ensuring that no one — even NSA or any other spy agency — can read the content of the messages without the access to your private key. Articolul complet aici: New Facebook feature Encourages users to use PGP for Encrypted Communications Anuntul Facebook: https://www.facebook.com/notes/protect-the-graph/securing-email-communications-from-facebook/1611941762379302

The recently discovered Logjam encryption flaw proves that governments need to aid, not hinder, businesses' efforts to encrypt data, according to experts in the white hat community. Logjam is an encryption flaw that was uncovered on Wednesday by researchers at Inria Nancy-Grand Est, Inria Paris-Rocquencourt, Microsoft Research and the Johns Hopkins, Michigan and Pennsylvania universities. Its discovery sent ripples through the security community as in theory it leaves tens of thousands of web and mail servers open to man-in-the-middle attacks. CipherCloud chief trust officer Bob West said that Logjam should act as a cautionary tale to legislators considering weakening companies' ability to encrypt data. "Logjam is a cautionary tale for our lawmakers and leaders who are under pressure by government groups to weaken encryption," he said. "Diluting the strength of encryption for one group creates a vulnerability that can be exploited by any group. Human rights, privacy and the resilience of our economy will be the casualties if back doors are created in encryption solutions." Venafi vice president of security strategy Kevin Bocek agreed, arguing that Logjam proves that weakening encryption will aid cyber criminals. "With more sites using SSL/TLS keys and certificates, the target is getting bigger for the bad guys," he said. "The [bad guys'] interest in intercepting encrypted traffic, spoofing trusted sites, or hiding in encryption is only growing, and many out there predict that a crypto-apocalypse is on the horizon." Logjam's discovery follows widespread concerns about the UK government's intentions concerning encryption. The government indicated plans to force firms to make encrypted data accessible to law enforcement in its election manifesto. At a technical level, Logjam is a flaw in the Diffie-Hellman key exchange cryptographic algorithm used while creating encrypted HTTPS, SSH, IPsec, SMTPS and TLS connections. "We have uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed," read the researchers' threat advisory. "The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection." The researchers added that the vulnerability is similar to the Freak and Poodle flaws and "affects any server that supports DHE_EXPORT ciphers and all modern web browsers". The advisory said that Logjam renders 8.4 percent of the top one million web domains open to exploitation, but warned that the flaw's reach is significantly higher. Freak is a cross-platform flaw in SSL/TLS protocols that could be exploited to intercept and decrypt HTTPS connections between vulnerable clients and servers. It was uncovered in March. Poodle is a flaw in SSL version 3.0 which could leave users' web data open to attack. It was uncovered by researchers at Google in October 2014. The researchers said that the flaw could be used to intercept data passing between VPN servers, and is consistent with the NSA-led attacks described in leaked PRISM documents. "We carried out this computation against the most common 512-bit prime used for TLS and demonstrated that the Logjam attack can be used to downgrade connections to 80 percent of TLS servers supporting DHE_EXPORT," read the paper. "We further estimate that an academic team can break a 768-bit prime, and that a nation-state can break a 1,024-bit prime. Breaking the most common 1,024-bit prime used by web servers would allow passive eavesdropping on connections to 18 percent of the top one million HTTPS domains. "A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break," the researchers said. News that the NSA's specialist Office of Target Pursuit maintains a team of engineers dedicated to cracking the encrypted traffic of VPNs broke in December 2014. However, despite the seriousness of the Logjam flaw, experts have pointed out Logjam is more significant as a cautionary tale than game changing vulnerability. Rapid7 engineering manager Tod Beardsley explained that the high degree of sophistication required to mount a Logjam attack makes it unlikely that it will be widely targeted. "The only two groups really in a position to take advantage of this vulnerability are criminals on coffee shop WiFi networks, and state actors who already control a huge chunk of the local internet," he said. LogRhythm vice president Ross Brewer agreed, pointing out that patches for the flaw are already being rolled out. "The fact that Logjam can only be exploited when hackers and targets are on the same network, as well as patches being imminent, means that hype around it is likely to be a bit of a storm in a teacup," he said. "Organisations should, however, use flaws like this as an excuse to give themselves a security health check." The white hat community is one of many calling for an end to governments rethink their surveillance strategies. Over 140 big name companies sent a letter to US president Barack Obama on Tuesday urging him to cease the government's war on encryption. Source

Keeping personal information secure and protected remains a top priority for computer users who now rely heavily on information systems to manage a large part of their personal and business lives. One of the ways to make sure only authorized users have access to information is the use of encryption, a process that transforms data from “cleartext to ciphertext” and back as a means to keep it secret from others. This is done through a combination of hardware- and software-based encryption. The scope is always the prevention of unintended data leakage. The wide variety of types of encryption available (e.g., symmetric- and asymmetric encryption, hardware-based or software-based) can make a person uncertain on which one is best to suit their needs. Each of the cryptographic systems addresses specific aspects of keeping systems secure, so it is important to identify which one is the most appropriate for the situation. This article surveys how to gain cryptographic data protection with a variety of methods and mechanisms for the sake of digital privacy as well as solutions for data-at rest and data-in-motion. It also discusses new encryption techniques. The Need of Encryption for Data Protection Encryption is a necessity for organizations and users that handle sensitive data. Data ought to be secured for the entire duration of their lifecycle (at-rest, in-transit and in-use). Whether they are at rest in storage and databases on site or backed up in a cloud, whether they are sent to end users within organizations or remotely accessed through mobile devices, all data need proper protection and ad-hoc solutions. The growing use of mobile devices to access sensitive data and corporate applications along with the use of cloud solutions for software, storage, hardware and services has opened a new world of security problems. Data loss prevention, security practices and strategies employed (firewalls, IDS, coupled with authentication and access controls) in addition to encryption tools are more important than ever as information are no longer being stored and processed in the safety of companies’ on-site servers and behind firewalls, but are actually being manipulated and transferred through a variety of communication channels. Data protection is nothing new, but it remains a significant challenge for organizations and businesses needing to find better ways to protect user data from unauthorized use. Be it corporate-, personal-, customer- or transaction-data, the risk of theft or loss throughout the lifecycle is massive. With data theft caused by employees and external parties on the rise, businesses risk their reputation, lack of regulatory compliance, and, ultimately, loss of clients. Lack of Encryption Why encrypting? Since a complex password by itself is no longer good enough as a means to protect corporate or personal data, by encrypting the data exchanged between the client and server, any sensitive information can be sent over a network, such as the Internet, with less risk of being intercepted during transit. Plaintext can be easily intercepted by prying eyes and eavesdroppers when transiting in data streams; information can be stolen or altered. Encryption is an effective way of making sure data remain secure. Data, however, is not just vulnerable when in transit. Some of the worst data security breaches noted in the 21st century and pertaining to lack of encryption go far back as 2005 when CardSystems Solutions’ system was hacked and was victim of an SQL Trojan attack; hackers gained access to names and accounts numbers of more than 40 million card holders. Security reports noted that the company never encrypted the data, thus exposing personal info on all its clients. Another noteworthy incident occurred in 2006 with a group of hackers taking advantage of a weak data encryption system at TJX Companies Inc. Poor security on the company’s wireless networks had resulted in massive data theft, and 94 million credit cards were exposed. Another instance that shows the human element being the weakest link in the security chain is the case of the U.S. Department of Veterans Affairs’ unencrypted national database theft. Names, social security numbers and other sensible information were found on a laptop and external hard drive that were both stolen. This episode, also in 2006, affected some 26.5 million veterans, whose personal data was taken in a burglary from a VA analyst’s Maryland home. A more recent event involved Sony’s PlayStation Network that had 12 million unencrypted credit card numbers hacked. In 2012, a NASA laptop was stolen; it contained records of sensitive personal identifiable information of employees and contractors. Lately, news has reported of an unencrypted, password-protected laptop that was stolen at the Community Technology Alliance containing social security numbers and names of 1,177 people. Another device containing data for 2,800 patients was stolen from Northwestern Memorial Health Care. Encryption Solutions As the need for encryption is clear to attempt ensuring the integrity and confidentiality of data, the first decision security professionals need to make is between software-based or hardware-based encryption. Both have pros and cons to be considered and can definitely be applied in a combination of ways to ensure maximum protection according to the users’ needs. Software-based encryption can be extended to all data, devices, and users in an organization. It works well to secure e-mails, instant messaging, data in transit and web sites. These solutions are normally cheaper and easy to customize and update. Common drawbacks are performance degradation and vulnerabilities linked to those of the operating systems in which they operate. Risks are linked also to the ease of being turned off by users. Hardware-based solutions are specific to the device they protect. Full drive encryption (FDE) or solutions like self-encrypted drives (SEDs) are an effective approach that simplifies the deployment of security for data at rest and makes it easier for organizations to manage security of data when stored. The advantage of hardware-based solutions is that they bypass many of the typical drawbacks of software-based solutions like performance degradation or vulnerability to attacks aimed at the encryption key stored in memory. Being encryption available at drive-level, this hardware solution also is perfectly independent by any software or operating system used, and usually cannot be turned off by users. Drawbacks are obvious. Hardware solutions are specific to the devices they protect, and updates can normally be performed only by substituting the device. The Encryption Process & Protecting Data Today One of the basic concepts of encryption is the need for keys to encrypt and decrypt the message. The process of encryption is done with two individual keys – a private key and a public key; this is referred to as asymmetric encryption, while symmetric encryption requires using one key for both steps. Encryption simply acts as a form of digital lock that prevents unauthorized users from accessing data. In addition, by adding a signature with a private key, a person can prove his or her own identity and make tampering with the message more difficult. Just like sensitive messages, the key must also be adequately protected, secured and kept hidden from unauthorized users. A number of encryption methods can be employed to secure data especially when in transit, since that is when they are more vulnerable. The content can be intercepted through some effort of wiretapping or eavesdropping by an intruder. In link-to-link encryption, for example, the message is decrypted at each host as it travels so it is vulnerable if any of the hosts is not secure. This method works well within an organization, for internal use, where all communication nodes security is well known, but might not be the safest method when the message is out in the open. Lately, much attention has been given to end-to-end encryption. This system allows safety of data by ensuring that only the people that are communicating are able to read the message. No one except the sender and the receiver is able to decrypt the message (not even the Internet provider) which is passed from host to host still encrypted. A renowned German e-mail provider, for example, has implemented the use of this methodology for all its users in an attempt to secure their communication from eavesdropping and intrusion. As securing information in a datacenter that requires protection for a multi-vendor infrastructure or the cloud is becoming a widespread need, new solutions and techniques had to be developed to render the transmission of data more secure. In most cases, solutions are needed to be deployed simultaneously on network shares, file services, application and web servers as well as database servers. Techniques like tokenization have been deployed to make sure that data exchanged from different servers and sent to onsite, cloud and mobile end users are still safely handled. In the case of tokenization, for example, data are safely stored and replaced by tokens that are used within an organization to process the information, trigger action and perform tasks. The data never leave their safe storage place and cannot be compromised even if the token is intercepted. This method is extremely helpful when dealing with credit card numbers and financial info in general. Honey encryption, instead, is a technique that can provide additional security when passwords are used as keys. This is particularly effective against conventional brute-force attacks. The concept is simple; in normal circumstances, when intruders intercept a message and attempt to guess the key that encrypts it, all they can get is a manifestly non-usable response. The result is that the malicious hacker continues to attempt until successful. Honey encryption, devised by Juels and Ristenpart, produces a ciphertext that when decrypted with a number of wrong keys gives a “honey message”, a fake plaintext that satisfies the attacker but does not relinquish any real data. Although effective, honey encryption, obviously, is not helpful when the attacker already has a few of the puzzle pieces (for example the public key associated with the private key) and therefore is useless in the protection of HTTPS certificate keys. The method is, however, effective when protecting, for example, password vaults, collections of passwords protected by one master key. An interesting technique for the handling of sensitive data in a cloud environment has been designed by Craig Gentry, a researcher from IBM: Homomorphic encryption. This form of encryption allows users to store data in a cloud encrypted while still being able to analyze and mine data. In fact, computations can be performed on the encrypted data in the cloud server, and only the results are decrypted by the end user. This can be used for any data, including, for example, entire collections of e-mails and messages that could be securely worked on without exposing the messages contained within. Although homomorphic encryption has been explored for 30 years, it is thanks to the work of Gentry (since 2008) that finally the system is being perfected and getting close to having practical applications. Although still too slow and requiring a larger-than-practical number of computations, this type of encryption could soon be applied. DNA Cryptography is another method being explored; it can be defined as hiding data as a DNA Sequence. This technique is based on DNA computing designed by the work of Leonard Max Adleman (the A in RSA) beginning in the year 1994. This modus operandi is still in the initial phases of development, but results are promising. One more is for Quantum Cryptographic tasks and, in particular, QKD (Quantum Key Distribution). Secure communication is ensured by a random key shared by sender and receiver. The advantage of this method is that, as for all quantum systems, a third party that enters it creates a disturbance that can be noted by the sender and receiver. An eavesdropper would cause the communication to be aborted, as the key would not be shared. Conclusion According to data collected by BreachLevelIndex, more than 2 million records per day were breached in the year 2014. It is clear that more and more attention needs to be given to the security of data both at rest and in transit. Coupled with users’ access control, encryption is an effective means of securing sensitive information. Multiple techniques of cryptography are important to ensure data integrity in the three components of the CIA (Confidentiality, Integrity, Availability). Encryption is not just for companies and organizations. Individual users also should consider protecting their own data. With mobile devices now allowing users’ access to all their sensitive information (personal, financial, even medical) and with the growing use of cloud solutions, it is paramount that encryption is adopted and new techniques developed. Currently, many encryption products are available on the market, some are free, and can suit everyone’s needs. With today’s encryption technologies constantly being developed to deliver enhanced security across a range of channels for private communication and storage, there is no reason why this protective measure should not be applied to safeguard data from hackers who continue to develop sophisticated techniques in the attempt to steal information. Whatever the data are and wherever they reside, they ought to be safeguarded: password protected and encrypted. Business data needs to be safe and placed in a secure environment. Failure to apply authentication and end-to-end encryption for limited access to data could lead to possible exposure by intruders. Whatever protection may be necessary depends on the assets that are being protected. Often, businesses requirements and regulatory considerations will dictate what approach is best. Users need to analyze their needs and apply the right products to prevent unauthorized access to information and opt to utilize software and hardware technologies to facilitate the encryption of computer, mobile devices and media. References Allen, L. (2012, August 3). Securing Data on a Moving Target: Self-Encrypting Drives Deliver Top Security, Performance and Manageability. Retrieved from Securing Data on a Moving Target: Self-Encrypting Drives Deliver Top Security, Performance and Manageability | StorageReview.com - Storage Reviews Juels, A. (2014, January 29). Honey Encryption: Security Beyond the Brute-force Bound. Retrieved from http://pages.cs.wisc.edu/~rist/papers/HoneyEncryptionpre.pdf Naone, E. (2011, May/June). Homomorphic Encryption – Making cloud computing more secure. Retrieved from Homomorphic Encryption - MIT Technology Review Olzak, T. (2010, May 7). Choose Encryption Wisely. Retrieved from What is Encryption and When Should You Use it to Protect Data and Computers Paganini, P. (2015, February 20). The Future of Data Security: DNA Cryptography and Cryptosystems. Retrieved from The Future of Data Security: DNA CryptographySecurity Affairs Schneier, B. (2010, June 30). Data at Rest vs. Data in Motion. Retrieved from https://www.schneier.com/blog/archives/2010/06/data_at_rest_vs.html Simonite, T. (2014, January 29). “Honey Encryption” Will Bamboozle Attackers with Fake Secrets. Retrieved from http://www.technologyreview.com/news/523746/honey-encryption-will-bamboozle-attackers-with-fake-secrets/ Source

When mega-retailer Target was the victim of a data breach during the 2013 holiday season, more than 70 million customers earned that their personal information, including email addresses and credit card numbers, had possibly been compromised. However, there was one small bright spot in the torrent of bad news: Target reported that the PIN numbers for compromised debit cards were encrypted, and therefore useless to the criminals who now had access to them. While that might have been little consolation to those customers who had to spend time locking down their accounts, to Target, it was a major victory in an otherwise bleak situation. Because the retailer did employ encryption to protect certain vital data, they were granted “Safe Harbor” from certain reporting requirements and more importantly, major fines, as a result of the breach. The Target data beach, and the others that have occurred since at retailers like Nordstrom and Home Depot, only serve to underscore the importance of encryption as part of a data protection strategy. While prior to these breaches, businesses that collect customer payment information, including credit and debit card numbers, were required by the Payment Card Industry Data Security Standards (PCI DSS) to encrypt data, many other businesses that store and transmit data via networks had less defined rules regarding encryption. However, that’s all changing. Encryption, once viewed as “extra” protection by many, has become a priority in the ongoing quest to secure data. 3 Top Trends in Data Encryption The fact that encryption has become a bigger priority in the last year is not the only change in the data security universe. In fact, the new emphasis on encryption itself has led to some significant trends. Among them: 1. Key Management Has Become More Complex One of the leading causes of data breaches is the inappropriate management of credentials, and encryption key management falls squarely under the umbrella of credential management. As more enterprises adopt encryption as part of their security protocol, the number of keys that need to be managed has also increased. Vendors that offer encryption as a service are growing more reluctant to be responsible for customer keys, while businesses employing encryption are also finding challenges in maintaining separation between the keys and the encrypted data. 2. Compliance Standards Are Changing While certain regulations, including the PCI DSS and HIPPA already required encryption as a minimum security standard, those regulations are expanding and becoming more stringent. The definition of “sensitive data” is expanding all the time, and organizations that fail to comply with the regulatory standards of their industry could face serious consequences. Many are choosing to err on the side of caution, and employing advanced encryption ahead of regulatory changes. 3. Expectations for Encryption Are Evolving One of the primary reasons that many businesses have resisted encryption — especially small businesses — is that encryption has often been viewed as complex and cumbersome function. Some older (read: a decade or more) encryption solutions did present some hurdles to users, but today’s virtualization security solutions present a seamless alternative. In short, modern encryption technology protects data without any effect on application functionality. Developers are also working toward homomorphic encryption to make the analysis of Big Data more thorough. Currently, most cloud based data analysis tools are not able to work with encrypted data. Businesses must either take the risk of working with unencrypted data in the cloud, or develop their own analytical applications, which increases expense. Homomorphic encryption, however, allows encrypted data to be analyzed just as it would if it were unencrypted. This allows businesses to not only tap into the power of Big Data more securely, it also presents opportunities to analyze data from multiple sources at once, without exposing potentially sensitive information. Even just a few short years ago, encryption was often viewed as a “bonus” security measure, something that enterprises could choose to employ. Believed to be the realm of government agencies and hackers, it was often reserved for the most sensitive data only, and considered unnecessary for the average user. With so much data being shared online, and with the explosive growth of cloud computing, though, encryption has become as commonplace as antivirus protection and firewalls. As adoption grows, expect to see more changes in encryption standards and security management going forward. Source

In a House Appropriations subcommittee hearing this morning on the FBI budget for the upcoming fiscal year, FBI Director James Comey was again critical of new encryption features from Apple and Google that he claims would make it impossible for law enforcement to access the contents of mobile device communications. This is not the first time the U.S. law enforcement and intelligence-gathering community has aired this complaint. Last month, NSA director Mike Rogers hit similar talking points at a New America Foundation event in D.C., calling on Congress to draft legislation providing a legal framework accessing encrypted communications. Comey claimed encryption was leading us to “a very, very dark place” in October of last year. The concerns follow announcements from Apple and Google that they deployed encryption for which not even they had the keys back in October. Today though, Congress got involved. “The new iPhone 6’s have an encryption in it that you can’t get in to and there is no backdoor key,” said Rep. Robert Aderholt (R-AL) as he reached into his pocket and pulled out his iPhone. “This is different from their predecessors. Their other phones you were able to get into. What is the FBI’s position on Google and Apple’s decision to encrypt these smart phones?” Comey replied that this reality was a huge problem for law enforcement because these new encryption implementations would make it impossible for law enforcement to execute court ordered warrants where phones were locked and communications data encrypted. “We’re drifting toward a place where a whole lot of people are going to be looking at us with tears in their eyes,” Comey argued, “and say ‘What do you mean you can’t? My daughter is missing. You have her phone. What do you mean you can’t tell me who she was texting with before she disappeared?” Comey went on to assure the attending members of Congress that he wasn’t seeking backdoors. He said he wants a way to access the content and communications data belonging to the subjects of criminal investigations after obtaining a warrant. Comey claims that local law enforcement officials around the country are very concerned, because, they claim, mobile communications content play an integral various investigations. While Comey was unable to quantify the effect of encryption technologies on FBI investigatory work, he did claim that it has become an obstacle in a massive amount of cases, saying it would only become more of a problem moving forward. “I’ve heard tech executives say privacy should be the paramount virtue,” Comey said. “When I hear that, I close my eyes and say, ‘Try to imagine what that world looks like where pedophiles can’t be seen, kidnappers can’t be seen, drug dealers can’t be seen.'” Rep. Aderholt then asked Comey what he needs from Congress in order to address the problem. Comey acknowledged that the issue is a complex one, but ultimately that the only reasonable fix would be a legislative one and not a financial one. “If you want to do business in this country,” Comey warned, “then you’re not going to be allowed to create spaces that are beyond the reach of the law.” Rep. John Carter (R-TX) wondered how companies are able to encrypt phones in such a way that their contents cannot be accessed while also getting compromised by attacks. “Cyber is just pounding me from every direction, and every time I hear something or something pops into my head, because I don’t know anything about this stuff, [but] if they can do that to a cell phone then why can’t they do that to a computer so no one can get into it,” Carter reasoned. “If that’s the case, then isn’t that a solution to the invaders from around the world trying to get in here?” Somehow Carter reigned in his stream of thought and brought it back to the point at hand, suggesting to his colleagues that encrypted smartphones were the perfect tool for lawlessness and in fact a violation of the Fourth Amendment, which allows for lawful search and seizure under warrant. In an attempt to make sense of the issue, the Representatives explained to one another that no safe in the world is unbreakable, so how is it legal that there could be encryption that is not accessible. They seemed to agree that the analogy was a valid one, though it some would argue that a safe and a cell phone are in reality nothing alike. On that note, Rep. Michael Honda (D-CA) suggested that potential legislation seeking access to phone data may be more akin to laws governing access to the content of a suspect’s own mind than to laws dealing with physical access. He contended that some sort of force of law compelling suspects to testify or disclose the information to access their phone under threat of contempt could be another way to work around encryption. Source

Following up on a promise it made during last summer’s Black Hat, Yahoo on Sunday said it’s on track to deliver end-to-end encryption for its email users this year. And to that end, it released the early source code for the Yahoo encryption browser extension to GitHub. Chief information security officer Alex Stamos made the announcement at the South by Southwest Festival, where he said he hopes the security community will pore over the code and submit any vulnerabilities to Yahoo’s Bug Bounty program. He also said that he hopes other email providers will build compatible solutions. “Just a few years ago, e2e encryption was not widely discussed, nor widely understood. Today, our users are much more conscious of the need to stay secure online,” Stamos wrote on Yahoo’s Tumblr. He said that Yahoo’s extension will satisfy users’ needs to share sensitive information securely. “Wherever you land on the spectrum, we’ve heard you loud and clear: We’re building the best products to ensure a more secure user experience and overall digital ecosystem.” Yahoo also released a video, below, demonstrating the ease with which its encryption is deployed compared to GPG, a free and open source encryption implementation. Stamos hopes the solution, which he called “intuitive” would be available by the end of the year. “Anybody who has the ability to write an email should have no problem using our email encryption,” he said to AFP. Yahoo has made huge strides with its efforts to encrypt its web-based services beyond email, turning on HTTPS by default in January 2014 and four months later, encrypting traffic sent between its data centers. This was a weak spot known to be exploited by the National Security Agency, which was copying data from Yahoo and Google’s fiber-optic cables outside the United States. Last August during Black Hat, Stamos announced that Yahoo had partnered with Google on its efforts to encrypt email end to end in a fashion that would be transparent to users. Stamos said Yahoo would use the browser extension Google released in June that enables end-to-end encryption of all data leaving the browser. Stamos said at the time that Yahoo was working to ensure that its system works well with Google’s so that encrypted communications between Yahoo Mail and Gmail users will be simple. “I think anybody who uses email in the center of our life needs encryption,” Stamos said to AFP. “If you send emails to your spouse or your lawyer or family members, you want to have these messages be confidential.” Yahoo is also carrying over that same type of simplicity and intuitiveness to authentication. In addition on Sunday, it also announced a plan to ease the pain associated with passwords with the introduction of on-demand passwords. Director of product management Chris Stoner said in making the announcement that Yahoo users would no longer need to remember complex passwords to access their Yahoo accounts. Instead, once a user opts in to the on-demand password service, a verification code will be sent to the user’s mobile device that can be used to access their account. “It’s important for our products to be safe as used by normal people,” said Stamos. “Our users face a very diverse set of threats. The biggest threat is probably someone stealing their password, and their account taken over.” This article was corrected, correcting references of a plug-in to a browser extension. Source

Security researchers at the Central Intelligence Agency (CIA) have worked for almost decade to target security keys used to encrypt data stored on Apple devices in order to break the system. Citing the top-secret documents obtained from NSA whistleblower Edward Snowden, The Intercept blog reported that among an attempt to crack encryption keys implanted into Apple's mobile processor, the researchers working for CIA had created a dummy version of Xcode. CIA’s WEAPON TO HACK APPLE DEVICES Xcode is an Apple’s application development tool used by the company to create the vast majority of iOS apps. However using the compromised development software, CIA, NSA or other spies agencies were potentially allowed to inject surveillance backdoor into programs distributed on Apple's App Store. In addition, the custom version of Xcode could also be used to spy on users, steal passwords, account information, intercept communications, and disable core security features of Apple devices. The latest documents from the National Security Agency’s internal systems revealed that the researchers’ work was presented at its 2012 annual gathering called the "Jamboree" -- CIA sponsored secretive event which has run for nearly a decade -- at a Lockheed Martin facility in northern Virginia. KEYLOGGER FOR MAC COMPUTERS According to the report, "essential security keys" used to encrypt data stored on Apple’s devices have become a major target of the research team. Overall, the U.S. government-sponsored researchers are seeking ways to decrypt this data, as well as penetrate Apple's firmware, using both "physical" and "non-invasive" techniques. In addition to this, the security researchers also presented that how they successfully modified the OS X updater -- a program used to deliver updates to laptop and desktop computers -- in an attempt to install a "keylogger" on Mac computers. HACKING ENCRYPTION KEYS Another presentation from 2011 showed different techniques that could be used to hack Apple's Group ID (GID) -- one of the two encryption keys that Apple places on its iPhones. One of the techniques involved studying the electromagnetic emissions of the GID and the amount of power used by the iPhone’s processor in order to extract the encryption key, while a separate method focused on a "method to physically extract the [Apple's] GID key." Although the documents do not specify how successful or not these surveillance operations have been against Apple, it once again provoke the ongoing battle between spy agencies and tech companies, as well as the dishonesty of the US government. 'SPIES GONNA SPY' On one hand, where President Barack Obama criticized China for forcing tech companies to install security backdoors for the purpose of government surveillance. On the other hand, The Intercept notes that China is just following America's lead, that’s it. "Spies gonna spy," said Steven Bellovin, a computer science professor at Columbia University and former chief technologist for the FTC. "I’m never surprised by what intelligence agencies do to get information. They’re going to go where the info is, and as it moves, they’ll adjust their tactics. Their attitude is basically amoral: whatever works is OK." We have already reported about NSA and GCHQ’s various surveillance programs including PRISM, XkeyScore, DROPOUTJEEP, and many more. Source

In the first part of this series, we covered the Top 5 OWASP ProActive Controls and learned how they can prove to be of great use in securing applications. In this part, we will look at the last 5 OWASP ProActive Controls and learn more about them. Protect Data and Privacy It helps to protect our data inside a database. Sensitive data like passwords, credit card details and bank account details etc. should be stored in encrypted or hashed format inside a database or chosen data storage. One should not use encryption and hashing interchangeably, as encryption and hashing are entirely different from each other. Encryption is used to convert readable text or plain text into unreadable text or cipher text. Encryption is a two way data conversion technique, meaning data which is encrypted can also be decrypted (if you have the decryption key). Encryption can be done in two main ways: Symmetric method Asymmetric method Symmetric encryption or Secret Key Cryptography (SKC) uses a secret key for encryption and decryption. It means the receiver uses same key that was used for encryption to decrypt. Asymmetric method or Public Key Cryptography (PKC) uses two sets of keys to perform encryption and decryption. One is a public key and another is a private key. Public Key is used for data encryption and Private Key is used for data decryption. Depending upon your application requirement, developers can choose between the two encryption methods. Hashing is different from encryption; unlike encryption, it is a one way process. It means data that’s converted into hashed format can never be converted into plain text. An application cannot choose hashing or encryption just like that. A ecure storage technique is chosen depending upon the data that has to be stored securely. At some time in the future, if the sensitive data is to be shown to the user in plaintext, then encryption is the best option (plaintext <->ciphertext). If the sensitive data is to be stored for some validation or authentication or verification, then hashing should be stored (Plaintext -> Hash). For example: Sensitive information between the client and server should also be in encrypted form. Hyper Text Transfer Protocol Secure (HTTPS) should be used instead of Hyper Text Transfer Protocol (HTTP) whenever any sensitive information is to be transmitted. When HTTPS is used, client server communication is encrypted using supported technology like SSLv2, SSLv3, TLS1.0, and TLS1.2. It is especially used to protect highly confidential data like online banking. The port number for HTTP is 80 and for HTTPS is 443. Implement Logging and intrusion Detection In an application, most requests are received using GET, POST, PUT, and DELETE methods. A request sent can be either a malicious request or a clean request. Malicious requests are those requests which contain attack vectors like SQL Injection, XSS, Unauthorized Data Access, etc. When there is public user activity or Intranet employee access, then the application should always keep track of all the activities taking place. Logging is very important in every application and one of the areas which is most neglected during development and deployment. Logging means storing log data about every request that is sent and received, such time, IP address, requested page, GET data, and POST data of a request. If a user is authenticated, then who is the user, when he logged in, when he logged out, etc. Since all user activity is being logged, it should also be noted that user sensitive data like password and financial details should NEVER be logged. Intrusion Detection means a malicious request with an attack vector has been detected and received by the application or not. If such a request has been received, then suitable actions like logging and request drop should be performed. For example, if a SQL Injection vulnerability exists on a login page, the application should have a feature to detect when SQL Injection is performed and should log time and from which IP address the attack originated, and then perform a suitable action on it. ModSecurity and OWASP ModSecurity Core Rule Set Project can prove to be of great use when you want to detect and/or prevent any malicious activity. Logging and intrusion detection is necessary to keep a record of every activity that takes place on an application. Intrusion detection is implemented along with logging to keep a check on when an attack or malicious data is received, so that it can be handled properly. Leverage Security Features of Frameworks and Security Libraries When developers start developing any application, either they don’t implement secure coding practices or use third party libraries for implementing security features. But most programming languages or development framework have built-in security functions and libraries which can be leveraged to implement security features in applications. Developers should use those built-in features instead of third party libraries. Recall OWASP Top 10 Vulnerabilities “A-9 Using Components with Known Vulnerabilities”. If third party components or libraries are used and any vulnerability is discovered in those components, then our application will automatically become vulnerable. It is recommended that developers should use security features provided by the programming language like escapeHtml() of httputils provided by Apache Commons Lang in Java and htmlentities() in PHP, which can be used to mitigate Cross-Site Scripting (XSS) vulnerability. But it is a known fact that industry tested security features are not readily available in programming languages. In such a case where useful and required security features or libraries are not available in the programming language you are using, then industry trusted and tested security libraries should be used. One of the well-known OWASP projects for this purpose is the OWASP ESAPI Project, which helps developers to implement security controls in their applications. For example: In Java we have security functions like escapeHtml() which can be used to mitigate XSS. String name = StringEscapeUtils.escapeHtml(request.getParameter(“name”)); PreparedStatement is used to mitigate SQL Injection. PreparedStatement ps=(PreparedStatement) con.prepareStatement(“select * from users where username=? and password=? limit 0,1?); Using built-in security features ensures that you don’t have to use unnecessary libraries you are not confident in or have security tested. Include Security-Specific Requirements When a software or web application development is to be started, then software requirements are laid out, which takes place in the early stage of an SDLC. As software requirements are mentioned initially in any project, security requirements should also be mentioned. Security requirements, if being made part of an SDLC, can help in implementing security inside the application and also identifying the key areas which can be exploited. According to OWASP Proactive Controls, three security requirements are important: Security features and functions; Business logic abuse cases; And data classification and privacy requirements. Security features and function\ All security details, such as application features, modules, database details, modules functioning and security implementation in modules should be mentioned in an application. It should be defined that all secure coding practices in any application should be implemented at the time of development. Business logic abuse cases When any application is designed, there is a way to access data and to perform operations. For example, when a user is performing an online banking transaction, some details are required within a well-defined process: Login to bank account. Choose your account to transfer from. Choose amount and destination account to transfer to. Enter profile password. Enter OTP password received on registered phone number. Confirm transaction. Wait for success message. All these steps define a data flow diagram or business logic. Now these details can have some weaknesses, which can make them vulnerable. When the business logic has been listed, key areas of weakness can be identified, and areas where security can be beefed up can be identified too. For example: User should not be able to choose someone else’s bank account as source account of transfer. User should not be able to bypass profile password requirement. OTP should be valid only once and for that account only. Data classification and privacy requirement Data classification and requirement should be decided at the time of development. When any application interacts with the user, then user data is received and stored. The answers to these questions should be decided in advance: Which data is to be accepted from the user? Is that data sensitive or not? Is that data to be stored? If data is sensitive, then should the application decide if it will be stored in encrypted or hashed format? If bank details are stored, then those details should be verified and validated by the application. Data authorization should also be decided at an initial stage, like who can access, delete and modify data. Since the application will be dealing with users and operations on user data. It is critical to maintain logs for all activities. Logging of activity was discussed above in the “Implement Logging and Intrusion Detection” section. Security Design and Architecture In the last one to nine OWASP ProActive Controls, we saw how to implement security in our code, which areas to secure, how to secure and what components can be used to help you implement better security in your application. In the last ProActive Control, we discuss the other areas of application security which can prove to be of great use and should not be neglected. OWASP has defined three key areas to take care of when developing any application: Know Your Tools Tiering, Trust and Dependencies Manage the Attack Surface Know Your Tools Every application is built using some server side language, client side language, database or no database, etc. Each component used could be the source of opening a security vulnerability in your application and server. For example, using an outdated version of Struts Framework can lead to a user exploiting remote code execution on it, or an older version of PHP leading to the same consequence. Similar is the case for databases and every other component which is used to build an application. So before starting any application development, it should be made clear what components can or may lead to a vulnerable application in the present or near future. Tiering, Trust and Dependencies Each layer of the whole application is called a tier. With each tier there is an associated level of risk and vulnerabilities that can crop in. For every tier — be it client side, server side, database, or anything — the risk associated with it should be calculated, and necessary mitigations should be implemented. When an application is interacting with user input and user data, trust is the only factor which decides which operation should be performed, when to perform, and on what to perform. An authentication page not implemented properly will have a poor trust level and will allow malicious users to access others’ data. In the worst case, it will result in a user transferring funds or accessing confidential company data without proper authorization. Application development involves using several components all together and making sure that each component will work with others. This is the case of dependency, where X component depends upon Y component for its proper functioning. It is very common to use older components to maintain reliability and proper functioning. But each dependency should be thoroughly checked, or else it can create an unwanted weakness inside the application. Manage Attack Surface The attack surface is the whole combined application including software, hardware, logic, client controls, server controls. Everything from physical, digital, to logical makes the attack surface. Any part of a setup if and when found to be vulnerable can act as an open entry gate for a malicious user to perform an action. Developers are usually not concerned about the web server software version the application will be deployed on. But older web server software like Apache or Struts can lead to an attacker successfully exploiting it and managing his/her way into the application and user data. Conclusion From OWASP ProActive Controls we learned how an application can be secured and how to identify the key areas of every application that can all together help in strengthening our application and stored data. OWASP ProActive Controls are a good place to start training developers to implement secure coding practices and beef up the security of key areas of an application like authentication, authorization, user data access and storage. But ProActive Controls should not be looked upon as the only set of controls for application security. It is a good place to start developing skills and knowledge leading to continuous learning and habitual secure coding practices. Reference https://www.owasp.org/index.php/OWASP_Proactive_Controls Source

Introduction In this mini-course, we will learn about various aspects of cryptography. We’ll start with cryptography objectives, the need for it, various types of cryptography, PKI, and we’ll look at some practical usage in our daily digital communication. In this mini-course, I will explain every detail with an example which end users can perform on their machines. What is cryptography and why it is required? Today, digital communication has become far more important than what it was a decade ago. We use internet banking, social networking sites, online shopping, and online business activities. Everything is online these days, but the internet is not the most secure means to conduct all those activities. Nobody would want to do an online transaction with communication from their machine to their bank through an open channel. With cryptography, the channel secured between different entities which helps to do business activity in a more secure fashion. Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read it. Cryptography is a broad term which includes sub disciplines and very important concepts such as encryption. Let’s get into the main objectives of cryptography. Cryptography Objectives C-Confidentiality: Ensuring the information exchanged between two parties is confidential between them and is not visible to anyone else. I-Integrity: Ensuring that message integrity is not changed while in transit. A-Availability: Ensuring systems are available to fulfill requests all the time. Here are some additional concepts: Authentication: To confirm someone’s identity with the supplied parameters, such as usernames, passwords, and biometrics. Authorization: The process to grant access to a resource to the confirmed identity based on their permissions. Non-Repudiation: To make sure that only the intended endpoints have sent the message and later cannot deny it. Cryptography key definitions Here’s some cryptographic key terminology: Plaintext: The original raw text document onto which encryption needs to be applied. Ciphertext: When we apply encryption to a plaintext document, the output is ciphertext. Encryption: Encryption is the process of converting plaintext to ciphertext using an encryption algorithm. We have different types of encryption available today like symmetric, asymmetric and hybrid encryption. We will discuss them in depth later in the course. Encryption algorithm: An encryption algorithm is a mathematical procedure for converting plaintext into ciphertext with a key. Various examples of encryption algorithms include RSA, AES, DES, and 3DES. Key-length: Choosing an encryption algorithm with an appropriate keysize is an important decision to make. The strength of the key is usually determined by keysize, or the number of bits. Thus, the larger the bit size of a key, the more difficult it is to break the key. For example, with a key which has a bit length of 5, the key will have only 2^5 or 32 combinations. That’s pretty easy to break considering today’s computation methods. That’s why older algorithms like WEP (40 bits) & DES (56 bits) are considered obsolete and now much more powerful algorithms with larger key sizes, such as AES (128 bits), are now used. Hash: A hash value, also called a message digest, is a number generated from a string of text. As per the hash definition, no two different texts should produce the same hash value. If an algorithm can produce the same hash for a different string of text, then that algorithm is not collision free and can be cracked. Various examples of hash algorithm are MD2, MD5 and SHA-1 etc. Digital signature: Digital signature is the process of making sure that the two entities talking with each other can establish a trust relationship among them. We will take a look at its practical demonstration later in this document. Source Part2 Part3 Part4 Part5

Ever felt let down by someone who you made a promise, and then broke it? That’s what millions of Android users must be feeling right now when it comes to Google and Android. Last September, Google announced that mobile devices running the new version of Android (5.0, also known as Lollipop) would have full-disk encryption enabled by default. Here is how Google announced the news to the media in a statement: And each of every one of us who cares about security and privacy said, “This is a good thing. Well done Google.” The news of the “encryption-by-default” was reaffirmed in a blog post from Google’s Android team in October last year: It all sounds good, right? Wrong. Because we were a little hasty in breaking open the champagne last year, as Ars Technica has discovered that Google has quietly gone back on its promise and not all new Lollipop devices are going to have encryption by default. It turns out that while Google’s own Nexus 6 and Nexus 9 devices do indeed have encryption enabled by default, other older devices upgraded to Lollipop are not so lucky. Furthermore, brand new third-party Android devices (such as the second-generation Moto E and Galaxy S6 demonstrated at Mobile World Congress in Barcelona) are also not encrypted by default. The discrepancy between what Google said last year and what is now being seen on third-party Android Lollipop devices is explained by the OEM guidelines that manufacturers must follow to have their Lollipop devices approved by Google: In other words, the manufacturer still has a choice whether they currently enable full-disk encryption or not. And performance issues may mean that some third-party Lollipop devices will not yet have encryption by default. Ultimately there was a battle between security and performance. The full-disk encryption may have had too much of a hit on some devices, and so Google – fearing resistance from both customers and manufacturers – made the requirement optional. For now at least. So, if you want your Android to be fully encrypted you will still have to enable the option for yourself. Let’s hope not too many people have been lulled into a false sense of security by Google’s statements of last year. -> Source: Google does a U-turn over Android Lollipop full disk encryption | HOTforSecurity

A new SSL/TLS vulnerability has been discovered that makes it possible to decrypt the HTTPS encryption protocols used between websites and browsers on Apple and Android devices. The flaw has been dubbed Freak (Factoring attack on RSA-Export Keys) and information on the specifically created freakattack.com website explains that it works by forcing a mobile device browser to use an older, breakable encryption standard. “The vulnerability allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use ‘export-grade’ cryptography, which can then be decrypted or altered,” it said. “Vulnerable clients include many Google and Apple devices (which use unpatched OpenSSL), a large number of embedded systems, and many other software products that use TLS behind the scenes without disabling the vulnerable cryptographic suites.” The flaw was uncovered by a team of researchers at SmackTLS.com, who explained that the problem exists because of former US government policy concerning encryption technologies. “This attack targets a class of deliberately weak export cipher suites. As the name implies, this class of algorithms has been introduced under the pressure of US governments agencies to ensure that the National Security Agency would be able to decrypt all foreign encrypted communication, while stronger algorithms were banned from export as they were classified as weapons of war.” This means that attackers can force a server into deliberately using an encryption key that can be broken in about 12 hours. “Thus, if a server is willing to negotiate an export cipher suite, a man-in-the-middle [attack] may trick a browser (which normally doesn't allow it) to use a weak export key,” the team explained. Numerous high-profile websites are affected by the flaw, such as americanexpress.com, groupon.com and whitehouse.gov. Overall, almost 10 percent of the Alexa top million websites could be affected. V3 contacted Apple and Google for comment on the flaw but had received no reply at the time of publication. F-Secure researcher Sean Sullivan told V3 that the discovery underlined the risks of trying to control technology like encryption, something that David Cameron has recently made noises about in the UK. “In the 1990s there was this idea that they could control encryption and code as if it was a tangible thing and ban its export. Here we are 20 years later and you can see how that ideal has backfired,” he said. “Cameron is making this same point today, but our reliance on encryption is only increasing and, if you try to introduce some ‘weaker’ standards that you want to control, it will come back to haunt you.” Sullivan added that the risk to web users from the Freak flaw is more theoretical than anything else, as an attacker would need to compromise a website's server and then force a device to accept the older standard. Nevertheless, the incident demonstrates the risks posed by web browsers and the unintended consequences of trying to create two-tier technology systems. Source

After rolling out free SSL for its users last fall, CloudFlare has deployed a new level of encryption on its service that hardens and speeds up the user experience, especially when accessing domains via mobile browsers. The form of encryption, a relatively new transport layer cipher suite known as ChaCha20-Poly1305, has largely been used by Google until now. But as of yesterday, it is being used on 10 percent of CloudFlare’s HTTPS connections with more to follow. CloudFlare’s Nick Sullivan, who described the move on the company’s blog yesterday, called the cipher fast, useful and its security level “more than sufficient” for HTTPS. The algorithm is based on a combination of two other ciphers, ChaCha20 and Poly1305 MAC, both crafted by cryptographer Daniel Bernstein in 2008 and 2005 respectively. After being batted around for a bit, it surfaced in Chrome 31 in November 2013. Sullivan points out that the cipher, when paired with TLS, should excel at bridging the gap between having secure encryption on mobile browsers and APIs. While the cipher will fill that void, it also improves upon two other alternatives, RC4, which of course has its many foibles, and AES-GCM, which can cost a fortune depending on the way its implemented. It also helps that ChaCha20-Poly1305 is three times faster than AES-128-GCM on mobile services – the cipher provides 256 bits of security over GCM’s 128 – something that should reduce the strain of batteries on mobile devices. “Spending less time on decryption means faster page rendering and better battery life,” Sullivan wrote. The content delivery network explains that the change is partly fueled by the rest of the web’s fervent push towards HTTPS but that the move could also be seen as a foreshadowing of the cipher’s future widespread adoption. Sullivan acknowledges that Mozilla is planning on adding support for it in Firefox and that at the very least, using the cipher is a good fallback in case someone digs up a bug in AES-GCM, the algorithm primarily being used right now, in the near future. Source

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named “nls_933w.dll”, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered. It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. This lets spies like the Equation Group bypass disk encryption by secreting documents they want to seize in areas that don’t get encrypted. Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems. The flasher module is likely reserved for significant systems that present special surveillance challenges. Costin Raiu, director of Kaspersky’s Global Research and Analysis Team, believes these are high-value computers that are not connected to the internet and are protected with disk encryption. Here’s what we know about the firmware-flashing module. How It Works Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides. When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one. The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquatinoDrug and one with a 2013 compilation date that is used with GrayFish. The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computer’s operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system. Even if the firmware itself is updated with a new vendor release, the malicious firmware code may still persist because some firmware updates replace only parts of the firmware, meaning the malicious portions may not get overwritten with the update. The only solution for victims is to trash their hard drive and start over with a new one. The attack works because firmware was never designed with security in mind. Hard disk makers don’t cryptographically sign the firmware they install on drives the way software vendors do. Nor do hard drive disk designs have authentication built in to check for signed firmware. This makes it possible for someone to change the firmware. And firmware is the perfect place to conceal malware because antivirus scanners don’t examine it. There’s also no easy way for users to read the firmware and manually check if it’s been altered. The firmware flasher module can reprogram the firmware of more than a dozen different hard drive brands, including IBM, Seagate, Western Digital, and Toshiba. “You know how much effort it takes to land just one firmware for a hard drive? You need to know specifications, the CPU, the architecture of the firmware, how it works,” Raiu says. The Kaspersky researchers have called it “an astonishing technical accomplishment and is testament to the group’s abilities.” Once the firmware is replaced with the Trojanized version, the flasher module creates an API that can communicate with other malicious modules on the system and also access hidden sectors of the disk where the attackers want to conceal data they intend to steal. They hide this data in the so-called service area of the hard drive disk where the hard disk stores data needed for its internal operation. Hidden Storage Is the Holy Grail The revelation that the firmware hack helps store data the attackers want to steal didn’t get much play when the story broke last week, but it’s the most significant part of the hack. It also raises a number of questions about how exactly the attackers are pulling this off. Without an actual copy of the firmware payload that gets flashed to infected systems, there’s still a lot that’s unknown about the attack, but some of it can be surmised. The ROM chip that contains the firmware includes a small amount of storage that goes unused. If the ROM chip is 2 megabytes, the firmware might take up just 1.5 megabytes, leaving half a megabyte of unused space that can be employed for hiding data the attackers want to steal. This is particularly useful if the the computer has disk encryption enabled. Because the EquationDrug and GrayFish malware run in Windows, they can grab a copy of documents while they’re unencrypted and save them to this hidden area on the machine that doesn’t get encrypted. There isn’t much space on the chip for a lot of data or documents, however, so the attackers can also just store something equally as valuable to bypass encryption. “Taking into account the fact that their GrayFish implant is active from the very boot of the system, they have the ability to capture the encryption password and save it into this hidden area,” Raiu says. Authorities could later grab the computer, perhaps through border interdiction or something the NSA calls “"customs opportunities,” and extract the password from this hidden area to unlock the encrypted disk. Raiu thinks the intended targets of such a scheme are limited to machines that are not connected to the internet and have encrypted hard drives. One of the five machines they found hit with the firmware flasher module had no internet connection and was used for special secure communications. “[The owners] only use it in some very specific cases where there is no other way around it,” Raiu says. “Think about Bin Laden who lived in the desert in an isolated compound—doesn’t have internet and no electronic footprint. So if you want information from his computer how do you get it? You get documents into the hidden area and you wait, and then after one or two years you come back and steal it. The benefits [of using this] are very specific.” Raiu thinks, however, that the attackers have a grander scheme in mind. “In the future probably they want to take it to the next level where they just copy all the documents [into the hidden area] instead of the password. [Then] at some point, when they have an opportunity to have physical access to the system, they can then access that hidden area and get the unencrypted docs.” They wouldn’t need the password if they could copy an entire directory from the operating system to the hidden sector for accessing later. But the flash chip where the firmware resides is too small for large amounts of data. So the attackers would need a bigger hidden space for storage. Luckily for them, it exists. There are large sectors in the service area of the hard drive disk that are also unused and could be commandeered to store a large cache of documents, even ones that might have been deleted from other parts of the computer. This service area, also called the reserved are or system area, stores the firmware and other data needed to operate drives, but it also contains large portions of unused space. An interesting paper (.pdf) published in February 2013 by Ariel Berkman, a data recovery specialist at the Israeli firm Recover, noted “not only that these areas can’t be sanitized (via standard tools), they cannot be accessed via anti-virus software [or] computer forensics tools.” Berkman points out that one particular model of Western Digital drives has 141 MB reserved for the service area, but only uses 12 MB of this, leaving the rest free for stealth storage. To write or copy data to service area requires special commands that are specific to each vendor and are not publicly documented, so an attacker would need to uncover what these are. But once they do, “y sending Vendor Specific Commands (VSCs) directly to the hard-drive, one can manipulate these [service] areas to read and write data that are otherwise inaccessible,” Berkman writes. It is also possible, though not trivial, to write a program to automatically copy documents to this area. Berkman himself wrote a proof-of-concept program to read and write a file of up to 94 MB to the service area, but the program was a bit unstable and he noted that it could cause some data loss or cause the hard drive to fail. One problem with hiding large amounts of data like this, however, is that its presence might be detected by examining the size of the used space in the service area. If there should be 129 MB of unused space in this sector but there’s only 80 MB, it’s a dead giveaway that something is there that shouldn’t be. But a leaked NSA document that was written in 2006 but was published by Der Spiegel last month suggests the spy agency might have resolved this particular problem. NSA Interns to the Rescue The document (.pdf) is essentially a wish list of future spy capabilities the NSA hoped to develop for its so-called Persistence Division, a division that has an attack team within it that focuses on establishing and maintaining persistence on compromised machines by subverting their firmware, BIOS, BUS or drivers. The document lists a number of projects the NSA put together for interns to tackle on behalf of this attack team. Among them is the “Covert Storage” project for developing a hard drive firmware implant that can prevent covert storage on disks from being detected. To do this, the implant prevents the system from disclosing the true amount of free space available on the disk. “The idea would be to modify the firmware of a particular hard drive so that it normally only recognizes, say, half of its available space,” the document reads. “It would report this size back to the operating system and not provide any way to access the additional space.” Only one partition of the drive would be visible on the partition table, leaving the other partitions—where the hidden data was stored—invisible and inaccessible. The modified firmware would have a special hook embedded in it that would unlock this hidden storage space only after a custom command was sent to the drive and the computer was rebooted. The hidden partition would then be available on the partition table and accessible until the secret storage was locked again with another custom command. How exactly the spy agency planned to retrieve the hidden data was unclear from the eight-year-old document. Also unclear is whether the interns ever produced a firmware implant that accomplished what the NSA sought. But given that the document includes a note that interns would be expected to produce a solution for their project within six months after assignment, and considering the proven ingenuity of the NSA in other matters, they no doubt figured it out. Sursa:How the NSA's Firmware Hacking Works and Why It's So Unsettling | WIRED

+Vid US President Barack Obama has come out forcefully in favour of strong encryption despite the opposition of his intelligence establishment. Encryption has been a hot topic over recent weeks with Western law enforcement and intelligence agencies complaining about encryption-by-default in modern communication tools such as smartphones. Prime Minister David Cameron recently began pushing the idea of banning crypto products that UK spies are unable to access, an idea he first floated in a recent speech before lobbying US President Barack Obama on the issue, seemingly unsuccessfully. In an interview with Re/code, Obama said that he’s a ”strong believer in strong encryption," adding, "I lean probably further on side of strong encryption than some in law enforcement”. “Ultimately everybody, and certainly this is true for me and my family, we all want to know that if we’re using a smartphone for transactions, sending messages, having private conversations, that we don’t have a bunch of people compromising that process,” Obama explained. “There’s no scenario in which we don’t want really strong encryption.” The president went on to claim that public concern about stymieing terrorism investigations is behind legislators' concerns about encryption. “Where there is a situation in which we’re trying to get a specific case of a possible national security threat — is there a way of accessing it? If it turns out it’s not, then we’re really gonna have to have a public debate,” Obama said. “And, you know, I think some in Silicon Valley would make the argument that the harms done by having any kind of compromised encryption are far greater.” Obama also conceded that the ongoing Snowden disclosures have affected relations between Silicon Valley and the US government. “The Snowden disclosures were really harmful in terms of the trust between the government and many of these companies, in part because it had an impact on their bottom lines. A transcript of the full interview, which also covered cyber warfare and a variety of other hi-tech topics, can be found here. A video clip of a segment of the interview where Obama talks about encryption can be found at the top of this story. Despite the furore over the recent megahack on Sony, which the US government blames on North Korea, Obama dismissed the NORKs as no great shakes when it came to offensive cyber warfare, while stating that “China and Russia are very good [and] Iran is good.” Source

Crypto pioneer Phil Zimmermann has labelled UK Prime Minister David Cameron’s anti-encryption plans as "absurd". Zimmermann, creator of the PGP email privacy package, countered Cameron's argument that encryption is creating a means for terrorists and child abusers to communicate in private, arguing instead that intelligence agencies such as GCHQ and the NSA have "never had it so good". Strong encryption technology is one of the few success stories in online security, according to the co-founder of secure communications firm Silent Circle. Cameron is pushing the idea of banning crypto products that UK spies are unable to access, an idea he first floated in a recent speech before lobbying US President Barack Obama on the issue. Unsurprisingly, Zimmermann is unimpressed with an anti-encryption policy the Conservative Party plans to write into its manifesto for the forthcoming UK general election. "It’s absurd," Zimmermann told The Guardian. "We fought the crypto wars in the 1990s, and that matter has been settled. End-to-end encryption is everywhere now: in browsers, online banking. If you have strong encryption between your web browser and your bank, you can’t have a man in the middle from the government wiretapping that." The FBI and intel agencies such as MI5 have been vocal in complaining that strong encryption technologies are paving the path toward a dark web where they will no longer be able to intercept terrorists' communications. Zimmermann said ubiquitous CCTV cameras and other technologies mean that spy agencies are enjoying a "golden age of surveillance" comparable with the world as depicted by TV show Person of Interest. "They can see everything: they’ve got face recognition algorithms looking through cameras on the streets, optical recognition cameras at bridges, tunnels and traffic lights," Zimmermann said. "They can track movements, transactions, who’s having lunch with whom, who’s sleeping with whom. They can see everything!" "To complain that end-to-end encryption is crippling them, well, it's like having a couple of missing pixels in a large display. They have the rest of the display! They’ve never had it so good. They didn’t have this stuff 20 years ago," he added. Cameron's anti-encryption policies would reduce the UK to the level of Colombia 10 years ago, when not even banks were allowed to use encryption, said Zimmermann, who addressed Colombian lawmakers debating the introduction of encryption at the time. "Not even banks! And the banks were getting robbed by hackers (accounts were getting cleaned out) because people like David Cameron who don’t like encryption said nobody could use it," he added. Rather than being fearful of encryption the government should be encouraging enterprises to adopt it in order to safeguard privacy in cases where corporate system are breached. Zimmermann hopes that more enterprises will take lessons from the Sony Pictures megahack and use it as a spur to kick ahead with encryption projects, an idea he explores in greater depth in a post on Silent Circle's blog. Source

Vantage Point Security Advisory 2014-007 ======================================== Title: Symantec Encryption Management Server - Remote Command Injection ID: VP-2014-007 Vendor: Symantec Affected Product: Symantec Encryption Gateway Affected Versions: < 3.2.0 MP6 Product Website: http://www.symantec.com/en/sg/gateway-email-encryption/ Author: Paul Craig <paul[at]vantagepoint[dot]sg Summary: --------- Symantec Gateway Email Encryption provides centrally managed email encryption to secure email communications with customers and partners regardless of whether or not recipients have their own email encryption software. With Gateway Email Encryption, organizations can minimize the risk of a data breach while complying with regulatory mandates for information security and privacy. Details: --------- Remote Command Injection vulnerabilities occur when user supplied input is used directly as a command line argument to a fork(), execv() or a CreateProcessA() function. It was found that the binary /usr/bin/pgpsysconf calls the binary /usr/bin/pgpbackup with unfiltered user supplied input when restoring a Database Backup from the Symantec Encryption Management Web Interface . The user supplied 'filename' value is used directly as a command argument, and can be concatenated to include additional commands with the use of the pipe character. This can allow a lower privileged Administrator to compromise the Encryption Management Server. This is demonstrated below in a snippet from pgpsysconf; .text:08058FEA mov dword ptr [ebx], offset aUsrBinPgpbacku ; "/usr/bin/pgpbackup" .text:08058FF0 cmp [ebp+var_1D], 0 .text:08058FF4 jnz short loc_8059049 .text:08058FF6 mov ecx, 4 .text:08058FFB mov edx, 8 .text:08059000 mov eax, 0Ch .text:08059005 mov dword ptr [ebx+ecx], offset unk_807AE50 .text:0805900C mov [ebx+edx], esi .text:0805900F mov dword ptr [ebx+eax], 0 .text:08059016 call _fork ; Bingo.. An example to exploit this vulnerability and run the ping command can be seen below. POST /omc/uploadBackup.event .... .... Content-Disposition: form-data; name="file"; filename="test123|`ping`|-whatever.tar.gz.pgp" This vulnerability can be further exploited to gain local root access by calling the setuid binary pgpsysconf to install a local package file. Fix Information: --------- Upgrade to Symantec Encryption Management Server 3.3.2 MP7. See http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150129_00 for more information Timeline: --------- 2014/11/26: Issue Reported. 2015/01/30: Patch Released. About Vantage Point Security: --------- Vantage Point Security is the leading provider for penetration testing and security advisory services in Singapore. Clients in the Financial, Banking and Telecommunications industries select Vantage Point Security based on technical competency and a proven track record to deliver significant and measurable improvements in their security posture. Web: https://www.vantagepoint.sg/ Contact: office[at]vantagepoint[dot]sg Source

AxCrypt is the leading open source Windows file encryption software. It integrates seamlessly with Windows to compress, encrypt, decrypt, store, send and work with individual files. Personal Privacy and Security with AES-128 File Encryption and Compression for Windows 2000/2003/XP/Vista/2008/7. Double-click to automatically decrypt and open documents. Store strong keys on removable USB-devices.Axantum Software AB | AxCrypt | File Encryption Software Features Password Protect any number of files using strong encryption. Right-click integration with Windows Explorer makes AxCrypt the easiest way to encrypt individual files in Windows. Double-click integration makes it as easy to open, edit and save protected files as it is to work with unprotected files. Many additional features, but no configuration required. Just install it and use it. AxCrypt encrypts files that are safely and easily sent to other users via e-mail or any other means. Self-decrypting files are also supported, removing the need to install AxCrypt to decrypt. AxCrypt is translated into English, Danish, Dutch, French, German, Hungarian, Italian, Norwegian, Russian, Polish, Spanish and Swedish so chances are it speaks your preferred language. AxCrypt is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation. You can download AxCrypt here: AxCrypt-1.7.2976.0-Setup.exe Axantum Software AB | AxCrypt | File Encryption Software

Google Chrome password protected Rohos