2010 08 22

From TheCommandLineWiki

Jump to: navigation, search

Contents

News Cast for 2010-08-22

(00:17) Intro

  • U-Cubed, from Jon the Nice Guy

(03:08) Security alerts

(03:27) New Firefox iFrame bug bypasses URL protections

  • http://tech.slashdot.org/story/10/08/17/138251/New-Firefox-iFrame-Bug-Bypasses-URL-Protections
  • Slashdot links to a threatpost article explaining the problem
  • When you click on a link going to an obfuscated URL
    • Firefox warns you before navigating to the linked site
  • In this case, an obfuscated URL is one that appears on casual examination
    • To be a legitimate site but actually points to another site altogether
  • Using this trick in attacks relies on some of the less common features of URLs
  • You can include a username, for instance, followed by an at sign
    • Then the actual site at the other end of the link
  • It is up to that linked site to do anything with the username portion
    • Including just ignoring it
  • An example would be something like http://www.google.com@evil.com
  • It preys on the fact that most people scan for that first .com
    • And are trained to ignore stuff after that as gobblety gook
  • Usually that is safe, as true trailing information is just server specific info
  • The security firm, Armorize, pointed out this past week
    • That while Firefox warns about such URLs in links
    • It doesn't issue a warning when they are the source of an embedded iFrame
  • Mozilla responded by explaining that warning for an iFrame serves less of a purpose
  • The warning for a link is meant to draw attention to the URL in question
  • Users can hover over a link and see the URL in their status bar
  • The idea of the warning is savvy users would then look again and see the trick for what it is
  • There isn't any easy way to see an obfuscated URL as the source of an iFrame
  • I would add that a malicious iFrame is more likely to be part of a malicious site
    • As it requires being able to at least partially control the outer page around the iFrame
  • There are other, better defenses for this cases
    • Such as registries of infected sites
    • Or using an extension that blocks loading of iFrames, like NoScript

(06:50) Root privileges through Linux kernel bug

  • http://www.h-online.com/open/news/item/Root-privileges-through-Linux-kernel-bug-Update-1061563.html
  • For possible as long as five years
    • The Linux kernel has been vulnerable to a theoretical exploit
    • Described most recently by security researcher, Rafal Wojtczuk
  • The problem is inadequate protection between different memory regions
  • Rafal described a theoretical attack using the X server
    • That's the part of Linux responsible for providing a graphical interface
  • Through getting a couple of programs to run and write out memory just so
    • An attacker could trigger a call by the X server
      • Which runs with root privilege, thus conferring those rights to injected code
  • It isn't remotely exploitable, it would require something like a trojan
    • To get some local code onto a system to exploit the flaw
  • Developer Brad Spengler wrote a proof of concept attack exploiting the flaw
  • The fix Rafal recommends has been implemented in recent kernel updates
  • The H article mentions specific versions that have the fix
    • As well as a few distributions and versions thereof that include the fix
  • The vulnerability is getting some good coverage
    • I expect fixes to roll out from most distributions soon
  • As I write this, the update manager on my system just received a security update
    • And it appears to be a patched kernel with this specific fix
  • If you are concerned, you can use the articles details
    • To download a known good version of the kernel sources and compile yourself
  • Given the necessary steps before this can be exploited
    • I suspect you can wait for an update from your distro
    • Unless you are running critical production systems
      • Where the cost of being attacked are just too great to wait

(09:21) News

(09:35) The end of online privacy

  • http://citizenlab.org/2010/08/the-end-of-online-privacy/
  • If you've been struggling to keep up with the recent spate of privacy issues
    • I found an excellent, accessible article that breaks them down
  • It's a Globe and Mail piece that The Citizen Lab re-posted
  • The Citizen Lab, based at the University of Toronto
    • Works on online censorship and issues of security
  • The title is the End of Privacy but differs from statements to that effect
    • Made infamously by the likes of Facebook's Zuckerberg and Google's Schmidt
  • There isn't a single, strong intent to the idea as explained in the article
    • Not as implied when the concept is advanced by executives
  • Rather the idea is that producing more data is an inevitable consequence of using the net
  • There is an excellent explanation of de-anonymization
    • The process of taking data that by itself isn't personally identifying
    • And correlating it to produce an eerily accurate profile
  • To be fair to privacy advocates, the article includes an good explanation of business pressures
  • It has probably the most coherent explanation of why companies
    • Feel driven to collect more data
    • Even if they admit to not wanting to actually identify individuals
  • Left hanging is an observation that even stopping before naming a person's data
    • There isn't anything stopping sites from collecting more than they need
  • There is also a good discussion of the challenges in legislation
  • Beyond the difficulty for an average person to read and parse privacy policies
    • There is an awful lot of data that can be collected without explicit consent
  • How do you craft a law that makes it possible to scrub out
    • The unique browser footprint that EFF's research identified last year?
  • The act of visiting a site could be enough to identify you
    • Even without you giving up any information explicitly
  • It may not be possible for those tracking this way to name you
    • But it is pretty scary how specific their profile can be
  • Even if you share information you don't think is identifiable like a postal code
    • There is a chilling example of his such coarse information
      • Can lead to some fairly specific observations
  • It doesn't take much imagination to see how inaccuracies in an initial profile
    • Could be refined and corrected as you surf around
      • Exposing more data about yourself inadvertently
  • Ron Diebert and Nart Villeneuve who are quoted throughout
    • Also work on security investigations, often on the opposite side of their anti-censorship work
  • The article ties on how law enforcers end up on the side of advertisers
    • Seeking to collect and retain more information
      • Despite efforts, like Tor, that aim at re-anonymizing user's activity online
  • Worse, the use of privacy preserving tools by bad actors
    • Makes it harder to sustain arguments for their development and use by ordinary people
  • It is easy to see why every week sees more posts and discussions of online privacy
  • It isn't a simple unalloyed good and as much effort needs to be spent
    • On understanding its complexity
    • As in determining the best ways of defending and preserving privacy

(13:30) Probabilistic processor design

  • Working with certain classes of numerical calculation on a binary computer
    • Is inherently complex and error prone
  • Statistics and other mathematics dealing with probabilities are especially difficult
  • The chips we use currently build everything up from binary values, either 0 or 1
  • This works pretty well for whole numbers from 0 up to 2 to the number of bits available
  • Binary has been in use because at the component level
    • The difference between the voltage of 0 and 1 is pretty wide
  • There are any number of techniques that can be applied
    • To correct for errors and ensure consistent reads of binary values
      • Encoded as high or low currents
  • http://www.technologyreview.com/computing/26055/?ref=rss&a=f
  • http://www.theregister.co.uk/2010/08/17/lyric_probability_processor/
  • http://arstechnica.com/hardware/news/2010/08/probabilistic-processors-possibly-potent.ars
  • Several of my favorite sources had overlapping and complementary coverage
    • Of a new class of chip being developed by a recently de-stealthed startup
  • Lyric Semiconductor was founded on the thesis work of Ben Vigoda
  • He revisited the idea of using the full range of voltage available
    • To encode information in an analog fashion
      • Rather than just divvying up that range for robust encoding
  • The implication is his research has found a way
    • To encode values in an analog fashion
      • So that fluctuations in voltage and other errors that might creep in
      • Can be taken into account and values can be written, read reliably
  • Lyric has been work with DARPA funding for four years already
  • What they've announced is their first, modest application
  • It is a chip that can be used to improve the error correction work
    • For flash storage where the nature of the chips
      • Means that some significant statistical number crunching is needed
      • To fix any flipped bits that creep in because of the nature of the physical system
  • More general purpose probabilistic chips are three years off by Lyric's roadmap
  • Such processors will first appear on add on cards, like other earlier co-processors
  • Early personal computers often lacked the dedicated circuitry
    • To run efficient floating point math
  • Floating point, or fractional numbers, being approximated on binary computers
  • You could think of Lyric's ships as doing floating point math
    • But without having to approximate the fractions
      • So not being susceptible to the kinds of rounding errors
      • That creep into doing this kind of math with binary components
  • Also, taking out the additional steps needed to represent and compute approximates
    • Yields significant savings in terms of power and faster processing time
  • One article cites the Flash error correction circuitry
    • As using 1/12th the power of traditional components
    • As well as only taking up 1/30th the space on the die
  • The one detail we do know about these chips which are otherwise shroud in trade secrets
    • Is that they use a new kind of logical gate
  • A traditional computer combines the voltage of two input lines using a not/and or NAND gate
  • This is the simplest logical circuit from which all other gates can be constructed
  • Lyric using a probabilistic NAND which can compare to analog encoded probabilities at once
    • The output being an indicator if the inputs match
  • Building more complex elements from these gates also yields inherently more parallel processing
  • The overall approach sounds very similar to the way quantum computers are simulated
    • On classical systems, where superpositions of qbits are represented as probabilities
  • It isn't surprising, then, that Lyric is claiming similar advantages
    • To those attributed to quantum computers
  • With chips shipping soon, it should be possible to confirm or invalidate the claims
  • Assuming that usable tools can be built along with Lyric's co-processors
    • Many functions of today's CPUs could be offloaded
    • Being Moore's Law a further stay of execution

(18:16) 30 year old crypto resists quantum attack

  • http://www.technologyreview.com/blog/arxiv/25629/?ref=rss
  • This news is the first practical response to quantum cryptanalysis I think I've ever read
  • The Technology Review article has a good bit of background on the concerns
  • Factorization of large numbers is a mathematical computation
    • That is hard in the direction of discovering original factors
    • But easy in producing the mathematical product of those factors
  • A large quantity of common encryption systems use asymmetric crypto based on factorization
  • They are called asymmetric because the inputs used to drive encryption and decryption differ
  • The article glosses over symmetric encryption
    • Stating that they are more resistant to possible speed ups in attack
      • Fueled by quantum computers
  • Making them harder to crack is as simple as increasing the key length
  • Factorization based asymmetric crypto is more costly to compute, though, than symmetric
  • Both are often used in tandem, asymmetric encryption protects negotations
    • To drive limited use symmetric keys
  • This is how SSL, the encryption common to web browsers fundamentally works
  • Cracking that key negotiation effectively foils the symmetric encryption
  • All the same, the articles explanation of how the work of Peter Shor
    • Threatens crypto based on factorization is worth the read
  • If quantum computers can be scaled up, odds are very good
    • That the quantum fourier analysis Shor developed
      • Could make factorization practical in a short amount of time
  • Otherwise, factorization is possible but would take lifetimes to compute
  • Moore's Law has already forced some crypto systems to increase key lengths
    • And otherwise shore themselves up
  • It isn't that quantum computers open up some new exploit
    • Rather that for one class of crypto, it may change the cost of a brute force attack
  • Hang Dinh at the University of Connecticut have now demonstrated
    • How a thirty year old crypto system is effectively immune to Shor's algorithm
  • It isn't surprising given that the underlying math is so different
  • The analysis Shor developed simply doesn't apply to the kind of system
    • That Robert McEliese came up with back in 1978
  • McEliese's work at CalTech was based on a different area of mathematics
    • Something called the hidden subgroup problem
  • There are implementations of this approach
    • But they aren't popular because the keys involved are quite large
  • They are matrixes, an unwieldy data type in programming
    • Requiring no less than half a million bits to describe
  • A large key with factorization is in the range of thousands of bits
  • I am glad to see that the article is very clear
    • To explain that all this work does is provide a system
      • Resistant to the only currently known quantum cryptanalysis
  • This doesn't preclude the development of techniques to get past McEliese's crypto
  • The conclusion is pretty consistent with traditional cryptography and cryptanalysis
  • The arms race will continue to find new defenses and new attacks
    • Regardless of changes in the fundamental architecture of computing

(22:31) Privacy concerns over Facebook's new location feature

  • Facebook launched a new service this past week, Places
  • It competes with the likes of 4Square and Whrrl
  • You can check in but only using the iPhone app for now
  • http://bits.blogs.nytimes.com/2010/08/18/new-facebook-location-feature-sparks-privacy-concerns/
  • The NYT Bits blog reports on privacy advocates already attacking the new feature
  • The ACLU of California immediately criticized the new feature
  • They claim it repeats privacy mistakes that Facebook has made in the past
  • Specifically that the defaults are too permissive
    • And that Places data can be shared more widely than is immediately obvious
  • The ACLU is also concerned about the ability of users to check in their friends
  • Facebook is claiming that friend check-in cannot be done without explicit permission
  • Given their history, it might have been wiser for Facebook
    • To leave out that part for a later enhancement
  • http://www.eff.org/deeplinks/2010/08/how-protect-your-privacy-facebook-places
  • If you are concerned, EFF has a detailed guide to disabling the feature
    • Including the fraught options that might lead to no-obvious sharing
  • I don't necessarily agree with some of the alarmism around location data
  • A site, pleaserobme.com, popped up a while ago sensationalizing the issue
  • I think it is more of an incremental increase in the risk
  • The problem comes in that location is so much newer
    • Than other kinds of information sharing we've been doing consciously and othewise
  • My sense is that there may be consequences we haven't yet anticipated
    • Especially as location online can so easily be combined with other data
  • We've been sharing location signals offline
    • That's the more rational response to fear of increased risks
  • Just like filling in a response card in a magazine
    • Or giving some other bit of personal info offline
    • Didn't use to lead to the kind of correlation that happens today
    • Location data in a pre-network world was relatively siloed
  • I personally don't use location services
    • Though I will conversationally, in context, refer to where I am
      • To drive the same sort of discovery that makes location services attractive
  • Given the end of privacy article I discussed
    • It makes sense that being able to tailor ads and offers not just to behavior
      • But situationally depending on your location
      • Is a huge business opportunity
  • It is futile to expect that Facebook and others wouldn't enter this space
    • And sooner rather than later
  • Expecting them to do so with the precautionary principle much more in mind
    • Also runs counter to the trend of their past behavior
  • As much of a pain as it may be, at least it is possible to dial this sharing back
  • http://www.readwriteweb.com/archives/details_details_facebook_responds_to_our_questions.php
  • Adrianne Jeffries points out some other problems with the services
    • Not entirely relating to privacy
  • While Facebool's system is harder to game
    • Constraining check-ins much more closely to your actual location
    • They apparently have a poor validation system in place for adding new locations
  • I think that dovetails with my concerns over unanticipated risks
  • It isn't clear how people will abuse this gap
    • But it is beyond doubt that they will do so

(27:17) Following Up

(27:35) EFF files appeal in warrantless wiretapping case

  • http://www.eff.org/deeplinks/2010/08/eff-files-appeal-warrantless-wiretapping-case
  • EFF's Cindy Cohn has a good recap on the state of the Jewel v. NSA case to date
  • This is one of several cases the EFF is still pushing
    • Challenging the surveillance of American citizens without proper warrants
  • The district court previously dismissed this case
    • Basic its argument on the sheer number of Americans who were surveilled
  • It was an odd twist on the logic of normative or common behavior
    • That overlooked that such mass surveillance took place in a very short span
    • Not as the logical end of a slow, gradual shift in behavior
      • Which is usually how such norms change and filter into case law
  • The appeal is more important now to overturn this troubling precedent
  • The appeal was filed in the Ninth Circuit just over a week ago
  • Hopefully the appeals court will be receptive to the EFF's arguments
    • That the quantity of people harmed isn't relevant to the case
    • And that the district court's ruling runs counter to settled law
  • It is worth mentioning that I support the EFF as a donor
    • On part because they keep working on cases like this
      • Even when attention even from the tech press has moved on

(29:03) ACTA negotiators confirm the agreement isn't about counterfeiting

  • http://arstechnica.com/tech-policy/news/2010/08/negotiators-confirm-acta-not-really-a-counterfeiting-treaty.ars
  • Nate Anderson at Ars Technica shares remarkes made by the EU top negotiatior, Luc Devigne
  • These were reported via an attendee at an informal luncheon held this past week
  • Devine made it quite clear that the EU wants patents included in the agreement
  • He dismissed the suggestion that ACTA is solely about counterfeiting
  • Ars' source, AU's Mike Palmedo, also shared some concerning remarks from S. Korean negotiators
  • Public interest groups in that country are apparently pushing for moral concerns
  • There is apparently concern in that country over several celebrity suicides
    • Where internet slander and gossip sites are seen as having been contributory
  • It is unlikely these views will be seriously addressed by negotiators
  • Anderson paints it as part of the trend to broaden the agreement
  • He sees this solely as a cause for concern, which I believe it is
  • I also see a silver lining
  • The more views it tries to encompass, the less likely it is to achieve consensus
  • He mentions the Australian negotiators opposition to patents, in direct opposition of the EU
  • The final note is that negotiators seem more likely to release an official draft for this round
    • Though their reasoning is sad, conceding the document will be leaked anyway
    • Rather than taking positive ownership of transparency

(31:18) Outro

Retrieved from "http://www.thecommandline.net/wiki/2010_08_22"
Personal tools