samedi 28 février 2015

Why first kerberos message is not ciphered

When analysing Kerberos exchange (and other similars as Needham, Denning, etc.) I wonder why the first message where the identities of the client and remote are not encrypted.

In case not encrypted I give a possible attacker the knowledge of who I want to communicate with. As the Client and KDC shares the key we can encrypt it and therefore not provide that information which can be used as a basics to bruteforce attack using for the return and encrypted message (I know 2 of the parameters).

Maybe it is a silly question, but ...

Edit: I don't mean to have IDa ciphered but the rest of the information in the KRB_AS_REQ, as for instance the IDtgs. If you keep that open an attacker knows at least who do you want to talk and therefore the KRB_AS_REP can be exploit.

PHP strpos() and strlen() Bypass

Is it possible to bypass the code below, and if so, how?


$a = $_GET["pl"];
if(isset($a)) {
    if(strpos($a,"answer") !== false  && strlen($a) < 2) {

VA Scan for Linux server Running with Apache and SQL

I want to do VA for Ubuntu server installed with Apache and SQL.

Which open source tool you recommend?

complete vulnerability analysis and then carry out Penetration Testing

I am an CEH V8 certified ethical hacker 2014.

The candidate will be provided with a target IP Address / Application. The objective is to do complete vulnerability analysis of the target system & then carry out Penetration Testing, within the alloted time.

We recommend you should be familiar with: Metasploit Social Engineering Tool-kit Vulnerability scanners Debuggers/Disassemblers Use of Web-Shells / Backdoors

This is a question for clearing an information security exam at national level they are giving marks even for approach even if we are not successfully exploiting the target. I would be grateful if someone helps me in this regard.

Is it possible to dump an exe from ram and create a distributable exe from it?

Is it possible to dump the ram and get an exe and use that ram dump to distribute an app? If so, is this something that is a practical concern and if so how best should a developer protect against it?

Protecting the root ca bundle

Applications (e.g. Firefox) often include a root ca bundle file containing trusted certificates.

How can I protect those files from malicious agents trying to modify them? I think signing is not an option because they could also replace the public key used for verification.

Is access control the only protection against fraudulent certificate injection in Firefox and similar applications, or is there some other mechanism in place?

Why are buffer overflows executed in the direction they are?

I'm following The Security Tube's video here: http://ift.tt/1zt0RY9

He overviews buffer overflows, and mentions how memory is executed from highest to lowest in the stack (at least with his implementation I assume). So we pass the memory address of a function that's not called in the program, into a 3 word buffer. We overflow that buffer with a 12 character string, and then the memory address backwards. So it looks something like this:

printf "123456789abc\x32\x07\x45\xb4" | ./demo

The actual address was (b4074532)

Why is it that we display the memory address backwards, but at the end of the stack? If memory is read from high to low, shouldn't it be backwards, but at the end of the stack? Obviously, this is not the case -- since he showed it working. However; it seems to me that the stack would not be "overflown" and the values "\23x\cba987654321" would be executed.

Vega Scanner Took Website offline?

I used the Subgraph Vega scanner to scan a website, I wanted to get any linked social media pages from their site. Anyway soon into the scan the page went offline with a 404. I checked with different connections from different IPs, my phone and another WIFI, but the website was definitely down. Was this a fault of the scans? The site is back up now.

Thanks for any help,

PHP and other files on the server, their visibility and access

Let's say I would like to protect my PHP files that are on the public server and are used as a part of the website. Does anyone can easily access these files just like HTML/JS/CSS files through developers tool in the browsers or extensions such as FireBug?

I am guessing that it is not possible through these tools, but what about if someone's trolling the URL and just randomly tries to guess the name of the php files, which would be easy for something like results.php or similar. Is the file displayed just like that if they guess it? (read/write rights are required for the user to actually make the php work, or is it fine to take user's r/w access to the php files and the website will behave the same accessing the php when user sorts of request it using the website?)

What if someone's gonna write a script to troll the URL?

reusing old bank issued security device

i have several security devices issued by banks and wondering if there is any way to reuse, reprogram or repurpose to use with more contemporary services such as lastpass and / or google authenticate? specifically digipass go 3 - case study and other documents are available here - http://goo.gl/80WaAu

Downloading and updating the software via Playstore

I'm using android play store to download and update software for my phone. And some times its automatically updated as by settings.The play store is linked to one of my Gmail account. Here my question is that how can trust that I'm securely communicating to download and upgrade the software of my phone and also assure that the software downloaded using my account is 100% trusted and safety ?

AndroidPIT at MWC 2015: bringing you all the coverage

AndroidPIT has assembled a world-class team of editors to bring you coverage of MWC 2015. We'll have news on the Samsung Galaxy S6, HTC One M9 and much more.

(This is a preview - click here to read the entire entry.)

how to decode this license file

I need to decode a license file so I can make mi own license for other users.

The string look like this:


oAZNM3RSIFR4TUaPRhoYL+1bcAvd8vS5xIWFrZF4omtI2EDMWfLCrmN/ldwvzI9HLU6KGN98rlnpn/
ZPEKD67CsB5u4eDziC3G9xE71piaaqrd0Ynj2w5fFGgs4f94N3/RCzBXMhYNpfP1jKo6e3LVXjKC82
F7nqDRX2Pt5GmBeHvQaeO7gtVSltzL/XV2hqDQ+AwmdpgezQgPNG1fV+3BTAQPhKAwedcf6/rD/I4t
9cW10m5gBDtHiph/SiK/HCt4Kxlhq66D036jIZiSR29/RmeJwI/G3XzzeFg1UZC63aty9uLGb5ExKR
5+D7BTIFSrSPCiY9PBVrXUOniTdcrZELQr1pW44yIua4Ux5e+WuveZ1+R0WEHXhhXAY2GFTum9v2tl
Am4hQukjZ9U6fYykauaDw3mIYAvzCStX+4xdUzK1dqee4bmUWa1JxCL4e1DWCHcljZARbazE9EsCjs
SzvFNQDsZgmDuxkKUq4/VKk=7QZd/e59pWNDIbBiF71wwlNEiiXy/UeiwvTmm+Ybl0SgeMk0V1SzUD
i7FHxTD+K+tbIP51vh0fC/ujr6lgl9KIpswp/zPGr/kTrtNujKTrMRKOY0DK/ovqbZdZ0ZubkuPuzy
50xDynlHD1Yh9JsH9GyG6G4jSBvahAP4GcfM5diAvvf82Gdmzl1t7PxZxsoL0oAxk9BLC/XQF2NJSr
Gxeyl9oDajChsEHxoQtlwegb057UZGm1IINbMCLMEEHYOsu3HT2yWTaMhkLHO2OlWZsZWlD11qa9/X
dWuCoN5aAAKXZPrqS6WYpYR+4W/fUftdaHorXg0lQU+S/Ga6EMfqCitwHtZarmbvDGrY7Ilv9yNvJT
hjLqH1cSKqWE8/3pS9k9dDbzIkA7kUPFKiTVXGIgRDSuuOhtyKe620r1YWsC7VGliyLIjwSyF+T/JP
UiTM5DZL+5OoLg36ufOFcFNj/YsjzTL9E/Z8Uv/JEDbqOyiI58ogy7SaLOxKuHOUa9rNG1FmK4Xyz9
E/z6mU3x7WEH3K/IiJQzLWiKBGsluD5+Yk/PTkgw+jlhj54PwLBk3NdKf1yW5SRNcfkKLkrB11vOfC
b+Iq8YxuJ2Zvj2I2y4JSeD2zjR140rccxfJsv+n7hCMUSJZqo4IahqIH4rV16MUgkTPfwS7JSp0rDS
yaAWd9dAs/IoLs6NW7mAd7cPACp9wsTC21HML1Sv75P5ZWgIU6im2qNcZDNKleIygnTtmsKWVPbbU6
x1dISdeE8qg/ZBiBQOaCWHEW6RiEV/iazfwkTBYwBxPPAMMVYezvvkEAH74QpQ3zKdD0OYOctXBerX
zaX6aSDl0FskAibPaFJivXgzc6iSfvMSJFPM6PM0pTtrNvFV6abRBhC/PN0LzabhJYxTI4JCRU6y6D
TdKPdX/1zrVCFRHMPBUn2X40ImBla827N20YG5KPGyowFyA+0ZZ01wIGl1gBi4kcEUulH8jOHeIE0z
0R3bMjs/rnmyT16AfowEpeXtN1uqvj+wpG6vthYvk9Of5YYvlO4+ReGfBkJyhEvF99b78OjxiSLeKp
3cj/hjkrt68JkF1REHvvF6G7f9ThAi2b4/I6L6rlxTQXpAYbXpO2OG95OiwCLF9DH3d31q4Ox9qbY6
JH8YgEI8ooOWt107gNBUZkaMcBmbaS9g8ybe+GCdwrgPvxb0fndBdi2fP0zky/atFnql8TmsnstPp4
0rbboS+OSVK8HJb/fPSwnsDDnijDcwMdH199GOYxBLpNb6JhhjfDZYT5Ak07aC1rY/sJKBbRtF6yvo
LQETFsihfbsQxRTxiI/zikynC14bcxEbXrKNyje7pDrsi081NSjHc2X7YhGRPigCk=

how can I resolve this?

Full key space coverage when generating a rainbow table

For example, say we want a rainbow table that supports MD5 for all lowercase alphanumeric of length 1-8.

For such a table, does the generator stop creating new chains when it knows for sure that all a-z0-9 possibilities are encoded in the chains? Perhaps there's some special choice of reduction function(s) and chain seeds that can be proven to cover the desired key space.

Or maybe the generator takes some probabilistic approach and stops when it is fairly certain that the entire desired key space is covered?

How do rainbow table generators make this decision in practice?

Which is best secure public DNS server for free

Which is best secure public DNS server for free.

How to get silent mode on Galaxy Note 4, Note 3 and S4 with Lollipop

The Galaxy S5 got mute mode back, but we'll show you how to enable silent mode on the Galaxy Note 4, Note 3 and S4.

(This is a preview - click here to read the entire entry.)

Looking for credit card data and other PII in files

I'm looking for ways to check for the presence of credit-card data and other personally identifiable information in files on a network I'm testing.

Currently i'm doing this manually with the usual tools like grep and some terrible reg-ex but a nice stand-alone application would be ideal. Especially something i can use the output of and drop in a report. If i query the files from a terminal looking for card-numbers, it spits them back out, which also means i have to redact them. Ideally I need a count and a list of 'anonymized card numbers' as well as which files they were in.

Any suggestions on alternate ways of finding this data or tools that can be used to achieve this would be most welcome.

How to identify the script that's sending spam from my server?

So, this is what I wanna know. How do I identify the script that is sending spam from my server?. Server is using exim. Maldet scanning did not help much. Any advises ?

Difference/Relationship between data leakage analysis and vulnerability analysis?

What is the difference/relationship between data leakage analysis and vulnerability analysis? How much and what kind of vulnerability testing is required for data leakage analysis?

I have to give data leakage analysis report for some mobile applications. According to what I know, data leakage is happening when an app itself is sending important data to outside environment e.g. to remote server or a log file(which is accessible to other apps on mobile OS) or keeping it in some unsafe and vulnerable place.

According to my understanding, I only have to check how is app communicating and saving important data.

As for vulnerabilities and exploitation, so it is possible that some malicious party can use sophisticated and clever ways to hack an app, and steal its data. I.e. they neither hacked the victim's data communication method nor the possible storage locations(e.g. log), but some other component of application. E.g. call a function with a different remote server to send data to....

I understand that some vulnerability analysis will be required, e.g. data posted to server should not be un-encrypted....but how much deep vulnerability analysis is required usually? E.g. the scenario that I mentioned in above paragraph, are such testings required?

Should a password ever be presented in plain text to a user (On a website)? Is this illegal under UK Data protections act?

There is a website I use at work, external to our own. They have just presented with every employee with their plain text password and username via our internal website which requires our own logins.

I was wondering if this should be viable for a professional company (Either the external website company or my internal one) to store plain text passwords? And if so are they prosecutable under any law regarding how they store passwords?

Sorry I am very unaware of the way passwords should be handled and the law regarding them Thanks in advance

Is it good practice to let Node/Go/... act as a frontend webserver?

I'm used to writing web stuff in PHP and let Apache or nginx handle the actual HTTP handling and load my code via whatever means (mod_php, fcgi, fpm, ...). I'm under the impression that this is a Good Thing(tm), as there have been years and years of hacking, patching and improving these webservers, so they are "battle tested".

Now, with "newcomers" like Node or Go, I am faced with the question of what's the best way to write real-life, production web applications. I'm hesistant to just let Node listen on port 80, as I fear its HTTP handling mechanism isn't as well tested as that of Apache/nginx (I'm thinking of evil clients, floods, DoS attacks etc.). My admin "confirmed" this by only letting Node apps run behind a reverse-proxy nginx.

Is this fear rational? Or is it totally fine to skip having a dedicated webserver and do the entire request handling in my app (including TLS?)?

Will this code run in real machine or is it some kind of Anti Reversing code?

I am reversing a file which is not running properly in Vmware.The code from the AEP is as shown below :

POP EDI ; value of edi is 0x7C816D4F kernel32.7C816D4F

PUSH EAX ;value of eax is 0

INC EBP ;value of ebp was 0x12FFF0

IN EAX,DX ;value of DX is 0xEB94

AAS

IN AL,0BF

DEC ESP

What I think is that a privileged instruction(IN) is called from user mode which is not allowed and therefore execution fails. IN is used for anti VM code but it requires specific values (VMXh port value in EAX etc) but in my case it is not being used.

My question is ,is it some kind of anti debugging or is the file corrupt and will it run on a non VM machine(in my case XP).

And lastly,if a packer uses the method I mentioned above ie calling IN from usermode for Anti-reversing how come the sample runs on a real machine(since in this case also the privileged instruction will be called in user mode).

remote desktop connection to a potentially compromised machine

I am using rdesktop client on Linux to connect to windows machines. If some of these machines were compromised by some evil malware/virus/worm/trojan, is there any way for the malware to "jump" to my computer over the rdesktop connection?

I have always thought this is impossible, but recently I have read that similar technology, x2go is inherently insecure.

EDIT

To clarify my question, I am mostly interested whether the rdp protocol (or session) can be potentially dangerous for the client.

I don't understand the internals of the rdp protocol. But it seems to me, if the rdesktop client is just rendering images/bitmap then there is not much a potentially compromised server can do. If, on the other hand, the rdesktop client is interpreting some commands sent from the server, it could potentially be exploited.

For analogy: Modern browsers do not just display static HTML webpages. Instead, they interpret Javascript, Flash, ... Is a rdesktop client similar in that it interprets potentially dangerous commands from the server?

If the only think the client does is rendering images, than apart from some bug in rendering library, it cannot be exploited. That would be comparable to a image viewer viewing jpg images.

EDIT 2

Are there any configuration options for the linux rdesktop client which I could use to make the session more secure? For example, I don't need "disk-redirection" or sound. Actually, I only need picture of the screen and clipboard (ctrl+c, ctrl+v).

From what I could read in man rdesktop, disk redirection and sound are not turned on by default. Are there perhaps some features which are turned by default, and which might bring potential security problems?

LG G Flex 2 vs LG G3: LG's best-ever phones compared [updated: video added]

We put the LG G Flex 2 and the LG G3 side by side to see which device is better. Find out where you should lay your money in our LG G Flex vs LG G3 comparison.

(This is a preview - click here to read the entire entry.)

What's to stop someone from just MITMing a checksum?

A lot of sites offer MD5 or SHA sums to verify the validity of your download, but why do some things rely almost entirely on this?

Is there anything in place to prevent people from just replacing the checksum with the malicious binary's checksum?

vendredi 27 février 2015

Is hashing schema information for client when generating SQL queries more secure?

I'm planning to implement a web system wherein APIs and presentation for CRUD in data tables are automatically generated, like that in phpMyAdmin. How I plan to implement this is to construct SQL statements based on requests from the client.

Client receives metadata (table, column) information from server.

User interacts, does something, say update a column on a row.

Client sends request, including an identifier for the table, an identifier for the row, identifier of the column and the new column data.

Server builds query and executes stuff.

Now what I'm interested in are the highlighted words in #3. Just using plain identifiers (the name themselves) would enable savvy users to easily modify requests to their will (e.g. directing request to another table/column). Another important thing I consider is having a read-only presentation, which still should include table metadata for things like sorting, filtering, etc. I'm quite eerie of exposing such metadata when unencrypted communication is used.

Provided that sufficient security (transport encryption (except for some cases), input sanitation, privilege checks) are in place, my question is:

Will hashing (obscuring, maybe in a different fashion) the table metadata (table name and/or column names) provide any additional security? Or will input sanitation (making sure the table name passed is really a table, same for columns) and privilege checks suffice?

I realized that for most of the case (that is, except for the read-only scenario stated above) the user is already inside the airtight hatchway, but would hashing still improve security?

Access encryptd HD with password login

Was doing some Anti-virus scan and there was .ecryptfs file that the scan would always stuck on even for days, that is because it was encrypted file, somehow I managed to disable the function of the file and move/remove it. every-time I try to login with my user and password it won't let me in and just flash the screen!

So, I unmounted that HD to plug on another machine using Ubuntu 10.14, Can read the HD but I cannot access the home folder which I'd like to gain access to copy/move files. How do I go around that ?

New case, audio not detected

As the title says, I moved to a nzxt phantom case and now my audio say's "Not detected" I've tried reformatting and reinstalling drivers, no help. First person who helps me gets paypal dollars.

Can this modified 'Many' Time Pad be made 'stronger' by using an extrememly long key?

Starting with a one time pad say you want to encrypt some small strings like the words in this sentence but you want to reuse the same OTP key for each string so that when you encounter the same word the ciphered text comes out the same.

But say you modify the OTP algorithm in some way, say by jumping around on an extremely long key according to some special calculation that places you on different positions along the key (for the same word you end up at the same position each time) So different words end up at different positions.

Would making the key very long and alternating positions along its entire length make any difference in decrypting the resulting message?

Apple smashes Android in smartphone profit war

Android has fallen well behind Apple in terms of profitability, despite having a much greater share of global smartphone shipments. Read all about it here.

(This is a preview - click here to read the entire entry.)

Galaxy S6 vs Galaxy Note 4 comparison: which big Samsung is best?

Samsung's Galaxy S6 is almost here, therefore we take a look at the Samsung Galaxy S6 vs Galaxy Note 4 comparison to see which will be best.

(This is a preview - click here to read the entire entry.)

Can you steal session cookie with BREACH attack?

Most of the discussions about the BREACH vulnerability are around stealing session-based CSRF tokens. But if you can steal a session-based token, could you also steal the session token itself? Obviously there are some finer points of the BREACH attack which I don't understand :)

I'm specifically interested in Django. In all requests for which browser sends a csrftoken cookie, the browser also sends a sessionid cookie.

No VirtualHost filter (a good practice?)

I am trying to figure out the cons of a current setup and discovered a potential anomaly. There's a webpage hosted at (say) webpage.com. If I point my domain (say) mydomain.com to the raw IP of webpage.com, the actual webpage.com web page is returned on a web request for mydomain.com. But is this a good practice? Should VirtualHost (or SNI) filter queries with 'host' param in the HTTP header, which are not present on the server?

Link to more active security sites?

I have a BS/MS in Computer Science and have worked as a developer for 15 years. Currently I have been reading a lot about computer security.

Serverfault and Stackoverflow seem to be the go to place for those topics, but I don't get the sense that security.stackexchange.com is the go to place for security professionals.

I have found that following ethical hackers on twitter is one venue to learn from others and know what is happening in the world of computer security today. Can anyone recommend sites where that have solid active forums of security professionals? I have a great deal of respect for anyone that has earned on OSCP and am very interested in learning from experts like that.

news.ycombinator.com is not security focused, but there are many crazy smart people on the site that I learn a lot from by reading the comments on various subjects.

Please let me know if you have any recommendations.

How can I encrypt in the column level of SQL for numeric data

I want to encryption in the column level of SQL for numeric data.What should I do?Is there an algorithm for this? Where should I put the function of encrypting in the source code?

Am I subject to industry spionage?

I had a weird experience, that I don't quite know how to explain.

My setup is this: I have my desktop machine, that I use VPN to connect to my company vpn. On this machine I also run a Oracles VM VirtualBox Manager, and I have an ubuntu setup. Now I have intentionally used this sandboxed, since I don't want an unsecure line, but I came across a weird line in my ubuntu machine's /etc/resolve.conf that read:

search "company.local", which is the same address I use when connected to VPN to access the company mails and stuff like that. I have NO idea how that line got in my resolve.conf.

Did VirtualBox put it there, or was it put there by some external intentionality (yikes)

Using a Cryptovariable with an API Designed for Human-Generated Passwords

I'm working with a vendor who provides an API with a user registration method clearly designed for human-generated passwords. We're calling the API in an offline server-to-server fashion, however, and registering with the API on behalf of our user.

I'm relatively comfortable with the idea of generating our own cryptovariable, in lieu of either re-using the user's password or forcing the user to generate their own second password for the API. Either way, due to the design of the API, we're going to be forced to store the password/cryptovariable, which will additionally be encrypted both at rest and on the wire.

The only grief I have is that the API (again, apparently designed for human-generated passwords), has some restrictions on the password format that decrease entropy when using a cryptographic random number generator to generate the 'password' (more accurately a cryptovariable). I can do the math on them all except for one (and getting the code correct is also pretty reasonable).

The most cryptovariable-unfriendly of the 'password' rules is that there can be no repeating sequences of characters in the password. In other words (and not accounting for the other password rules the API enforces), 'ab' and 'ba' are OK, but 'aa' and 'bb' are not. For that specific simple case, assuming fixed-length of two and only the two symbols 'a' and 'b', I can see that restriction exactly halves the entropy, and I can also see that it's better as the length increases. In my case I would just double the length and call it a day, except there's also a maximum password length restriction (doh!).

So enough background -- my concise question is:

What is the entropy of a randomly generated, fixed-length 48-symbol long cryptovariable consisting of 64 symbols (A-Z, a-z, 0-9, + and /), where any combinations with any repeating sequences of symbols are excluded?

As a matter of personal edification, I would also like to know not just what the answer is in this specific case, but I would also like to understand how to determine the entropy for the 'non-repeating' conditions for various lengths and symbol sets. Seems like this might even be an exercise in a cryptography textbook, and would love a reference.

And, now that I'm ready to admit I've spent WAY more time on this already than I'd ever hoped, I'm also wondering:

Am I just being paranoid?

Specifically, since passwords that follow these rules are theoretically "secure enough" from brute force attacks that the remaining entropy is "enough", can I, in good conscience, just trust that the API is plenty "good enough", call it a day, and go have a beer?

-- Tim

p.s. I should also note I'm open to other out-of-the-box solutions to the problem at hand as well, but have already ruled out storing the user's human-generated password locally and prompting the user interactively when we need to pass it through to the API.

Reusing the user's password would force us to store the user's actual personal password locally, rather than use the much more appropriate industry standard practice of storing a one-way hash of the password -- so we very definately don't want to do that.

Forcing user interaction to generate a second password is both a bad user experience in general, and practically guarantees a high degree of password reuse by many users, so we don't want to do that, either. Further, and more critically, we're accessing the API mostly offline. Despite the heartburn this particular problem is giving me, offline use is fully supported by the API per the documentation. In any case, since we're accessing the API offline, we don't actually have an opportunity to request the user enter the password -- so we can't do that, either.

Win a Sony SmartBand in the AndroidPIT newsletter competition

Win a Sony SmartBand in the AndroidPIT newsletter signup competition. One lucky subscriber to the newsletter will get their hands on Sony's fitness tracking device.

(This is a preview - click here to read the entire entry.)

Acceptable secure solution to replace static IP addresses for a web application

I am currently working as a technical lead on a project at a financial institution and have a question about how to provide the same level of security expected by the business in an application we are preparing for them.

The legacy system today allows payment operators at a terminal window to interact with an AIX and mainframe system. The replacement system my team will provide will be a more modern "scale-out" distributed system to replace the mainframe. The software is mostly vendor supplied with ancillary and supporting software components being developed in house.

The operators have the ability to move large sums of money so there are a number of security constraints placed on them today. They are not allowed to VPN into the company network from outside, we can't guarantee the security of the workstation they tunneled into our network, and if they were on a public computer somebody could feasibly use low-tech methods to look over their should and jot down account numbers and such. Furthermore each of their workstations are assigned a static IP address within the internal network (Local or Router set, not sure which) so that they can only ever perform their job tasks on their secure provided workstations. I imagine there are firewall rules that whitelist their IP address to the legacy system.

It was brought up that they want a similar level of requirements for the new system which for the operators will be entirely web based (Locked down Browser -> Load Balancer -> Firewall -> Web Server Reverse Proxy -> Firewall -> Application server -> Firewall -> Database). They seem to believe that static IP addresses should give them identical security here but I am not so sure.

IP addresses can be spoofed rather easily and with the stateless nature of HTTP but then I imagine the firewall is looking at the IP protocol level to decide who it lets through. What I am unsure about is how easy it would be to spoof this, for instance if I happened to compromise the password of an operator and I was inside the intranet, is it possible for me forge my IP address to an accepted workstation IP address for that user id?

Even if this kind of IP spoofing is unlikely, are there viable alternatives that can be equally as secure and perhaps a little more easy for managers to maintain new and leaving members of the team?

Shop saves credit card data from guest orders

A web shop allows customers to order as guest or to create an account.

I ordered as guest, entered my email address and the shipping address, and payed per credit card (I had to enter the security code).

Some weeks later, I ordered something else, again as a guest. To my surprise, after entering my email address and shipping address, I could select the credit card that I used in the previous order.

It showed the credit card issuer, the credit card customer’s name, 4 digits of the credit card number, and the expiration date.

I selected it, and it worked. I didn’t have to enter or confirm anything (not even the security code; but this doesn’t seem to be required anyway).

I tested whether it is related to a cookie (no, it also works from a different PC) and whether the data has to be entered exactly the same (no, it only checks for the email address).

I guess this is bad, right?

I intend to contact the shop owner, but I want to be prepared in case they don’t agree that this is a problem. Should I also contact the credit card company, or is such a process allowed according to their rules (saving and allowing to use a credit card without authentication; showing some parts of the credit card data without authentication)?

P12 private key vs private key file : what is more secure?

The question is a bit tricky because they don't have the same purpose but :

Do both kind of file face the same security issue concerning private key protection : password strenght ? (PBKDF2 as both are often encrypted using password-based encryption)

I would like to better understand the differences between both formats concerning private key confidentiality.

Why am I getting strange HTTP requests for non-existing pages?

I am running a web server and watching what people request. I have been getting frequent traffic like:


GET /phph/php/ph.php HTTP/1.1


GET /mrmr/mrm/mr.php HTTP/1.1

Are these scans? Are the clients checking if my server is already compromised or are they checking if I am vulnerable?

As far as I can tell, since I don't host such directories, such traffic is a scan for compromised machines; I do not know for sure because I think it unsafe to click the links Google provides when I search such things.

Are there any known weaknesses with ElGamal algorithm?

I am working on a messaging system and plan to use ElGamal asymmetric encryption to protect the message contents during storage and transmission. (This would be in addition to TLS used during transmission.) What I want to know is if there are any inherent weaknesses in the ElGamal algorithm that I should be aware of or guidelines to the key bit size.

Assumptions:

Messages will be short, so performance is less of a concern.

Keys (and the associated user accounts) are disposable (short lived).

Message retention will be minimized (days, not weeks or months).

Messaging will be asynchronous as users are not expected to be online at the same time. (This is the main reason that I have ruled out the typical D-H key exchange to generate a shared, symmetric key.)

Private keys will never leave the client device.

Public keys will be stored in a database with the anonymous user account consisting of a username and hashed password.

Using libgcrpt.

combining imperfect random number generators for shuffling an array

Shuffling an array to create a random stream for encryption is well known. The weakness is in the security of the random number generator that performs the shuffling. But is it true or likely that the same array shuffled by two or more imperfect random number generators becomes more secure as it is shuffled by more numbers of known to the enemy random number generators.

The shuffling is a form of undersampling which increases security in my thoughts with the random array becoming more secure as it is shuffled more. Comments ?

How Does AES Encryption Work?

I'm looking for conceptual but semi-detailed step by step explanation of the AES encryption process, from plain text to encrypted text. The explanation should assume knowledge of basic programming operaters (i.e., shift, xor, etc) so that doesn't need to be explained. Also, a basic laymen explanation mathematically in the steps that make AES do what is does so well.

WebInspect issues Cross-Frame Scripting warning - cannot reproduce

Recently ran a WebInspect scan of a small app I'm working on and it returned a critical level warning: Cross-Frame Scripting.

I confirmed the vulnerability by using iframes with the app in the src. It showed up (I am behind several firewalls, but still wanted to fix this STAT).

So I edit the config for Apache with these headers (then restarted the service):


Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
Header always set X-XSS-Protection “1; mode=block”

Go back to my simple test page (iframe with src=myapp) and the app no longer appears in the iframe. Mission accomplished, no? No.

A subsequent WebInspect scan is still reporting a critical Cross-Frame Scripting vulnerability.

Are there ways of defeating Apache XSS protections (above) that I am missing? Or is WebInspect specifically looking for something on the client side?

When signing email with GPG, how does verification by the receiver work?

I use GPG to sign my outgoing emails.

I understand how it works when I encrypt mail to send to someone else. Then I need his/her public key, encrypt it with that, and only he can decrypt it using his private key.

What I understand from signing my outgoing mail, I use my private key to do this. The receiver doesn't need to use GPG (to read the mail), and I don't need their public key. I suppose my public key is used by the receiver to check if the signature is legit, but maybe I misunderstand.

How can they use my public key to verify that my signature is valid?

What else can we now do with the new GCC5 to improve codebase hardening

Noting the recent question: What is the most hardened set of options for GCC compiling C/C++?

Is there anything else that can be shared regarding the new version of GCC, v5 for 32/64bit targets.

I'd like to be able to feed the knowledge back into the Arch Linux community as they will soon be rebuilding all the packages dependent on the lib as per: http://ift.tt/1vGvy0W

Is it possible to take back the control from an MITM in progress?

I heard that MITM also involves DNS poisoning, which basically tells the Net to take a different route than it was supposed to go..

(I'm not sure if my interpretation is correct..)

Given there is an MITM attack happening towards my computer, would it be possible to reverse poison, and cut the MITM out ?

Ability to determine which PGP public keys a message has been encrypted for?

Is it possible to determine, given a PGP message that you can already decrypt, to determine which other PGP keys that message has also been encrypted for?

Superfish vs. Corporate MITM

I work for a consulting company, and I have been implementing a tool from a security vendor, which is a cloud proxy for all user traffic. It will perform malware scanning and filtering of all web traffic. It works by enforcing a proxy autoconfiguration file to redirect HTTP/HTTPS traffic to one of the vendor's global data centers. We, of course, need to deploy certificates to each workstation in order to proxy HTTPS traffic and perform the MITM for malware scanning.

My question: how is this different from Superfish installing a root cert? I've been reading about how the private key for Superfish is stored on the machine. I assume corporate MITM attacks do not have this same vulnerability, but how does the architecture work differently in a corporate environment?

Would an IM app server holding user's messages long after the content was delivered be an issue of personal data protection?

Take a IM app like WhatsApp. If I send a message to another user while their client is offline, the server holds the message and then delivers it when the receiver's client goes online. It even has those two blue ticks, to show that the other user read the message.

Considering an IM app like WhatsApp, would an IM app server holding user's messages long after the content was delivered be an issue of personal data protection?

I know the answer would be jurisdiction-based, because laws aren't the same everywhere. Answers like "in the EU it is like xxxx" or "in the USA it is fine" are ok.

security of RSS readers

Would a site or blog owner know who is reading their site if the visitor is reading it with an RSS reader? Can they get the IP of the person? Say I had a Netvibes account with RSS feeds, can the site owner know which IP or RSS reader is viewing their feeds? If they have trackers or codes on their site or blog, can they tell who is reading their site via RSS feeds? And would the images from their site I view in the RSS reader act in a way as remote images in emails which can expose a person's IP? All this talk lately about webrtc got me thinking.

antivirus/anti-malware vs rootkits on Windows

As I read about rootkits I wonder how well the current antivirus vendors are with detecting them. Does anyone know of a site with a current comparison test? For example, this http://ift.tt/1E4jCJe is a firewall comparison from 2013.

It would be cool if someone had a youtube channel where they dropped rootkits on VMs with different common antivirus/anti-malware tools installed and show what rootkits get stopped from what vendors.

I know that stopping every rootkit is not possible, but currently I don't see any way to know what vendors are able to stop the most common rootkits.

someone attack my wireless

02/27/2015 15:30:03 sending ACK to 192.168.2.3 02/27/2015 15:26:11 sending OFFER to 192.168.2.2 02/27/2015 15:25:10 sending OFFER to 192.168.2.2 02/27/2015 15:25:10 sending ACK to 192.168.2.3 02/27/2015 15:23:37 sending OFFER to 192.168.2.2 02/27/2015 15:22:43 192.168.2.3 login success 02/27/2015 15:22:39 sending ACK to 192.168.2.3 02/27/2015 15:22:13 192.168.2.3 logout

192.168.2.2 is a difrent device that i dont know

Journal des clients DHCP

ip=192.168.2.2 mac=00-24-7E-B2-8F-06 name=dinasore ip=192.168.2.3 mac=00-21-6A-65-7B-2A name=try

i put he is mac in Access Rule for registered MAC address is this Enough to stop him??

AndroidPIT Deals: Win a free 50-inch LG TV and sound bar in our epic giveaway

It's time for another AndroidPIT giveaway: win a 50" LG TV and a sound bar worth 800 dollars in one easy step.

(This is a preview - click here to read the entire entry.)

Choosing a SSL Certificate Issuer

I am going to buy a new ssl certificate that supports SHA2 algorithm for our web services. Web services will be used by variaous java clients written in java6, java7 and java8.

We have got a ssl ceritificate from StartSSL at our test enviroment but their root ca not in java keystore. So if a java client wants to connect our webservice successfully they must include startssl root ca to their keystore.

What do you think about which ssl certificate issuer is the best choice for me? Which one is the most valid in java keystore across different java versions?

Thawte, Entrust and Digicert look promising but I am not sure about their root certificate that signs sha2 certificates in java keystore.

Question About HTTPS Security

I recently read about how HTTPS work and I have some questions to clarify. Pardon me if this sounds silly but I just need to get this clear. Correct me if I am wrong.

I got to know that as part of the beginning of TLS handshake there is a asymmetric encryption where public key from the Certificate is used to encrypt the client generated key before it is sent to the server and only server can decrypt it using its private key.

But subsequent messages (HTTP requests) use symmetric encryption with the client generated key and both client and server use this key to encrypt and decrypt application data.

There is a famous theory in cryptography saying "Repetition is not good" where if a single message is repeated in a encrypted message it is easy to crack it. If this is true all messages encrypted using client generated key will have HTTP/1.x in it as it is part of both HTTP request and response.

So in theoretically a Man in the middle with this knowledge can possibly find patterns in encrypted HTTP requests and responses and find out HTTP/1.x string in those and brute force to generate the client key which was used to encrypt these messages.

Am I correct or is this utter non sense, any answer or guiding would be highly appreciated.

Imported CA certificate to Firefox Browser not working

I created Certificate Authority (CA) according to Ubuntu help using openssl. After creating a certificate for Apache2 and adding to certificate to it, I want to import it in Firefox. In the end of document, there is some information for adding CA certificate to Browser. Before that I should create PKCS#12 certificate using follwoing commands:


openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out      mycert.pem
openssl pkcs12 -export -out mycert.pfx -in mycert.pem -name "Certificate for Whatever"

to create pfx file. But the problems is how this could relates to CA certification? For example, in the document the author generated a file called cacert.pem for CA certification and a file called cakey.pem for server private key. What is usage of the filemycert.pem?

As another note, after I runs following command:


openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout mycert.pem -out      mycert.pem

I asked for entering Common Name information (like city, organization, ...). I entered some information (randomly) to the questions and finally after executing second command I produced mycert.pfx file and imported it to Firefox (as described in the end of document). But it does not recognized the .pfx file and nothing has been imported!

After that I decide to import cacert.pem and the file successfully added to list of trusted authorities:

enter image description here

But after importing certificate to Firefox and restarting it, When I request the page, I got This Connection is Untrusted page (meaning Firefox does not trust in my CA certificate) in the response. Where is the problem?

Acceptably secure solution for users to log in with a short unique code only (no username)

I am creating a website whereby users are given an account by invitation only, and are sent a unique code by post. Users can then log in (at least the first time) by entering the code only.

The goal of this is for it to be extremely easy to understand and use by non tech-savvy people.

User accounts will contain name, email, maybe address if the user wants to add it. No other sensitive information.

The site itself would not be of interest to anyone other than those invited, and will not be indexed by search engines.

If you imagine the users are receiving a piece of mail in the post which says something along the lines of:


 Please visit www.example.com
 Log in with your unique code:

            A6XH3

As for the code, it must be extremely easy to remember and enter.

I was planning four or five upper case alphanumeric characters - e.g. A6XH3 - because I don't want anyone to have to enter a long hash or complicated string. I think 6 characters is the limit that I would deem acceptable for people to enter in this format.

An alternative idea I had was to use two/three easy to spell words, such as [adjective] [noun] which would be more fun and seem less "techy" to the users - e.g. pretty blue flower - which would be more in keeping with the spirit of the site.

Caveat

Website administrators must be able to see all the users' codes in plain text, so they can mail them out in the first place and/or offer support to anyone unable to log in. They may also need to generate a new code for some reason, and tell the person directly.

Questions

Is this secure enough for the context? i.e. The only people who know about the site are those invited, and there is no real motive for anyone else to try to force their way in.

Would you use either of my methods of unique code generation, and if not what would you suggest as a better solution?

Is there another way I could allow a simple login without compromising security or simplicity of use without a username?

Note: I am using PHP/MySQL if it is relevant.

How do I request a certificate from CEP / CES on a Microsoft CA on OSX or Linux?

This article describes how to request a certificate from AD CS (Active Directory Certificate Services) from a non-domain joined windows computer.

I would think the same principals apply to non Microsoft OS's, and it's possible to do the same enrollment from OSX or Linux.

Question

How would I request a certificate from AD CS on OSX/Linux?

OR can someone tell me how does the AD CS service work (in sufficient detail) so I can develop an alternate solution?

are there commonly known risks of PHP generated email?

In the following code, an email is sent via PHP, Apache, and Linux. A comment from a website user, $comment, and her $emailFrom address, are obviously potentially of an unknown nature. Do these fields need any filtering due to any commonly known security risks? The receiving email system would be Gmail and processed by a human and there is no other intervening software other than what is inherent to the internet.


$headers = "From: " . $emailFrom . "\r\n" .
           "Reply-To: " . $emailFrom . "\r\n" .
           "X-Mailer: PHP/" . phpversion();
mail("websiteOwner@mailDomain.com", 
     "a message from somebody that viewed my website ",
     $comment, $headers);

Death to Google Wallet? Google to launch Android Pay in May

Google is preparing to announce a new payment API called Android Pay, their latest attempt to convert the world to making payments using mobile phones.

(This is a preview - click here to read the entire entry.)

Clarification needed on CSR signing process

There doesn't seem to be a lot of in-depth information on the certificate signing process other than:

Key Management Interoperability Protocol Usage Guide Version 1.2 (PDF)

RFC 2986 - PKCS #10: Certification Request Syntax Specification, Version 1.7

Here is an example CSR I created:

I pasted the above in certlogik.com and had a look at the output.

If I understand it correctly, 4 components will make up CertificationRequestInfo:

Version

Subject

Public Key Info

Attributes

I am assuming that using SHA1 or SHA2, the CertificationRequestInfo is then hashed and that hash output is encrypted using the private key of the computer that is creating the CSR.

When it arrives at the CA, the CA takes the CertificationRequestInfo and runs a hash on it. It then also takes the encrypted value and tries to decrypt it using the public key in the CSR. If the hash output and the decrypted hash output match, then the CA will sign the CSR.

Please correct me if I am wrong with the above. At this point I'm confused regarding to what data the CA actually signs (what data the CA hashes and then encrypts that hash).

How i can secure authentication with php?

I have an identification with id and password , after the user enters the ID and password, then script php search in the database ( mysql) if the id and password exists in the table.

Can you tell me How i can secure authentication with php ?

Verifying XSS in a modern browser

I am going through the WebGoat exercises, to refresh my knowledge of XSS attacks.

Specifically, I am doing the Stage 1 XSS exercise. This exercise has a form that deliberately does not sanitize input. The solution video shows using the JavaScript alert function to put out a message and the session cookie.

Stage 3 has a built in XSS code snippet, that upon viewing a profile will show the contents of document.cookie.

In any modern browser, all without any special addons, I cannot get this to execute. I can generate messages using JavaScript alert, but it never prints the contents of document.cookie

The tutorial on this page for get cookies shows that it is possible to print the contents of document.cookie in a JavaScript alert message.

What I would like to know is why I can't do the same in a very simple, deliberatly vulnerable to XSS web application. Is there some XSS detection in all modern browsers preventing this?

Unrestricted file upload on a cloud based platform [on hold]

Are all of the recommended best practices still applicable?

http://ift.tt/1g5Yo2w

I have heard it suggested that because files are not stored on disk they pose no threat, is this the case?

Official Galaxy S6 and Galaxy S6 Edge picture leaks

As we approach the official unveiling of Samsung's new hardware, we've gotten a look at an official picture of the Galaxy S6 and Galaxy S6 Edge together side-by-side.

(This is a preview - click here to read the entire entry.)

jeudi 26 février 2015

HTC one M9 vs LG G3 comparison: fight of the 2015 flagships

The new HTC One M9 faces tough competition. In our HTC One M9 vs LG G3 comparison we discover whether its extra power and pixels are worth paying more for.

(This is a preview - click here to read the entire entry.)

Ensuring data security using datastore

What are some ways to ensure the security of data which is submitted from forms on my site to a Servlet, and then stored in Google's Datastore?

Can attackers substitute/place my queries to/from provider?

Can attackers substitute/replace my queries to/from provider? I mean I do HTTP query and its modified on provider-side so query goes modified to a server or reversal situation, when I get modified answer from server by the modifying response on provider-side?

Ease of Getting Data On Self-Encrypting Drive From Screen-Locked Windows 7/8 Computer

Hypothetical: a Windows 7 or 8 computer has a self-encrypting hard drive. It is stolen with the power on, but with the Windows lockscreen on. Are there easy off-the-shelf ways to access the data on the drive? All of the password recovery mechanisms I see for Windows 7/8 appear to require a reboot, which would drop the decryption key from RAM. I'm not concerned with intelligence-agency stuff so much as what would be available to the average petty criminal.

Huawei Ascend G7 review: a big phone at a small price

The Huawei Ascend G7 is a 5.5-inch beast of a phone at a low price. While its performance doesn't quite match its looks, it's still a great-value mid-rang smartphone.

(This is a preview - click here to read the entire entry.)

Ease of Getting Key To Self-Encrypting Drive From Screen-Locked Windows 7/8 Computer

tool for passive device forensics

Not sure if there is a tool out there but I basically would like to find a piece of software or multiple pieces of software that I could install on all my hosts within a network, for example my office network and if someone plugs a USB stick into a machine or they downloaded / uploaded a piece of code I could be noticed of such events.

Is there something out there which could do at least one of these things or would it be more of a bespoke solution I would need to build

Any advice would be great.

Best Full disk encryption software

I need to find a full disk encryption software and am having a hard time digesting all the data out there. I have worked with Sophos before, and loved it. but I need to find at least 2 or 3 more companies that are similar to Sophos for quote match.

We need to have full disk encryption, and the ability to have pre boot authentication. I have to be able to encrypt storage devices such as external hard drives and flash drives.

This solution will be deployed to over 25 windows OS tablets and PC's

Anyone have good suggestions of some security software they use or have used or seen?

How to change default cipher in GnuPG on both LInux and Windows?

How can I change the default symmetric cipher used by GnuPG from CAST5 to another?

I'm using GPG4Win on Windows, but would also be interested in a solution for Linux.

Change the preferred algorythm from AES to Camelia

I created a new key-pair in Thunderbird Enigmail. Now I would like to change the key, so it uses preferredly Camelia for encryption.

How can I change the preferred algorythm from AES 256 to Camelia-256?

How secure are Tor circuits?

Sometime ago I was talking with a friend about security of different anonimity software kits. The most famous software we talked about was Tor.

While I was talking about the triple secret used in tor nodes, he asked me a very sensible question: Have you ever asked yourself how are the circuits built?

What I immediately thought is that the first connection must be made to a kind of central authority. And what I also thought is that such authority can be compromised beforehand, generating compromised circuits which could lead you to a ... "trap" (i.e. a sniffing exit node).

Am I right? I did not find any explanation un the official docs about where does Tor client connect to make the circuit. How are the circuits built? How secure is it (security: regarding having compromised nodes)?

Meaning of negative value of MessageBoxA hWnd argument

I'm analyzing a malware, where I observed the malware launching a MessageBox with negative value of hWnd (FFFFFFF7h). Message box arguments: (Source:MSDN) int WINAPI MessageBox( _In_opt_ HWND hWnd, _In_opt_ LPCTSTR lpText, _In_opt_ LPCTSTR lpCaption, _In_ UINT uType ); hWnd stands for owner window, I wasn't able to find what it means when hWnd argument is negative. Any help is very much appreciated.

Retrieve anonymous credentials

Background

A registration process to acquire an anonymous, verified account goes like this:

Registrant provides proof of individuality to a Registrar.

Registrar verifies proof, ensures no prior registration, and directs Registrant to a Teller.

Teller provides Registrant with anonymous account authentication and authorization credentials.

At this point, the Registrant has an account, and only one account. The Registrant hereinafter is a Registered User (simply, User).

Problem

A User can lose (accidentally, or deliberately) their anonymous credentials.

Question

How can:

the anonymity of a User's account remain cryptographically secure (even to third-parties who have complete database and source code access), such that discovering either the anonymous account or the registration credentials will not reveal that they belong to the same individual;

registration of duplicate accounts be prevented; and

a User retrieve their lost (or misplaced) account credentials, and only theirs?

I thought homomorphic encryption might be useful here, but I've read it is currently too computationally intensive.

Retrieve anonymous credentials

Background

A registration process to acquire an anonymous, verified account goes like this:

Registrant provides proof of individuality to a Registrar.

Registrar verifies proof, ensures no prior registration, and directs Registrant to a Teller.

Teller provides Registrant with anonymous account authentication and authorization credentials.

At this point, the Registrant has an account, and only one account. The Registrant hereinafter is a Registered User (simply, User).

Problem

A User can lose (accidentally, or deliberately) their anonymous credentials.

Question

How can:

the anonymity of a User's account remain cryptographically secure (even to third-parties who have complete database and source code access), such that discovering either the anonymous account or the registration credentials will not reveal that they belong to the same individual;

registration of duplicate accounts be prevented; and

a User may retrieve their lost (or misplaced) account credentials, and only theirs?

I thought homomorphic encryption might be useful here, but I've read it is currently too computationally intensive.

Galaxy Note 3 Lollipop problems and how to fix them

The Galaxy Note 3 Lollipop problems we've been seeing are pretty easy to solve. Here are the most common Note 3 problems on Android 5.0 and how to fix them,

(This is a preview - click here to read the entire entry.)

generating public/private credentials for MS Outlook email encryption

An app running on a CentOS 7 web server needs to receive encrypted emails sent from users of MS Outlook.

Can someone please provide explicit instructions as to how I can generate or procure all of the credentials that those Outlook users will need in order to send encrypted email to my app? This would of course include how I would generate or procure all the credentials that my app would need to decrypt the inbound emails received from users of MS Outlook.

It would help to know definitively what credentials need to be created as well as how to create them. Like am I using S/MIME, and what else? The Outlook users are in other organizations, so I cannot force them to install new software or add-ons to outlook, etc.

The fact that this is a Linux server with an app that does all processing of email with algorithms means that I cannot install Outlook on the server to handle email. Do I have to set up a remote IMAP connection and use Outlook to generate public and private encryption files, and then port the private keys/files to the web server for use by the Java app on linux, and distribute the public keys via email? Or is there some other way of generating the tools that is more Linux friendly and does not require remote IMAP with Outlook?

How do SSL certificates become compromised after expiring

I'm reading into security issues surrounding SSL, and one of that has come up is certificate expiration. The general idea is that once a certificate expires, the site is insecure. What is the difference between an expired certificate and valid certificate, seeing as they both still encrypt the data? What allows an attacker to compromise an expired certificate that he couldn't do a valid one?

Are the certificates from "skype click to call" and "avast! Web/Mail Shield" any better than superfish?

My Girlfriend has a years-old laptop from lenovo. I checked it over and wasn't surprised that the Superfish / Komodia Root CA certificate was not present. However I found some others that appear to be similar in function if not purpose.

There's keys which appear to have been installed by Avast anti-virus and Skype, both of which are expected to be on the machine. However, the puprose of these keys is presumably quite similar to superfish - interception of secure web content by dynamically creating signed SSL certificates for remote sites.

This potentially opens up similar security issues to what was found with the Superfish software. i.e. if an attacker has these keys they can issue certificates that will be trusted by the local computer.

1). If I understand correctly, in order for these programs to play MITM, they need to have access to the private key associated with the installed cert authority. So it can be obtained by reverse engineering the sotware. Correct?

2) Can anyone confirm whether or not these keys are individually generated for each installation?

Can revoked certificates be "lost" if the base CRL is updated before expiration?

Assumption

Suppose I have a CA that issues a base and a Freshest CRL. I also understand the Freshest CRL to be a Delta of revoked certs in the base. I also understand that clients should pull the delta/freshest CRL on a more frequent (how frequent) basis than the base CRL..If this is incorrect, then this question is invalid.

Scenario

When I look at a delta CRL, there doesn't seem to be any information that links it to the Freshest CRL to a specific base.

Given that information, if a base CRL is reissued (and new revoked certs are added) and the freshest CRL is 'reset', from the perspective of a validating client, there doesn't appear to be a way to know that the base CRL has been updated.

This would, in my mind, cause clients to miss revoked certs.

Question

If I reissue the base CRL early (in Microsoft CA lingo certutil -crl) any client still using the old CRL will miss out on revocations it expects in the delta. This error would occur until next update, when the base CRL is-redownloaded.

Is that a valid scenario? Am I missing something? Is there a mitigation?

What is the minimum acceptable time for "Freshest CRL" to be updated?

I'm working with MSFT CA, and not sure if this behavior is the same across all CAs, but when I run certutil -CRL, the base revocation cert is updated weekly, and the Freshest CRL (the differential) isn't updated for hours.

I discovered the command certutil -crl delta which will immediately update the freshest CRL but not sure how often validating clients will pull this delta.

Further confusing things, there is a Next CRL Publish field that is present on the base CRL and the differential.

Question

Does the field Next CRL Publish on the delta CRL indicate when the client should get a fresher delta? Or does this equal the value of the base CRL?

What is the minimum setting (+ X minutes) that Next CRL Publish should be set?

Do clients validate the delta CRL? Are there notable exceptions that do or don't validate?

Since my distribution mechanism is HTTP, do any clients use HTTP verbs or ETAGs to detect if a file was updated? (saving load and bandwidth of the CRL?)

Is there a maximum size that the freshest CRL should be, prompting a re-issue of the base CRL? (e.g. a tradeoff between performance and efficiency )

Can anyone predict the scope of security in the year 2030?

I'm just curious to know the scope of the future security in terms of compliance and cyber security. And also the way of technology growth in terms of speed, authentication and authorization and OS.

And the most important thing is how the users are comfortable and use of ease with the security ?

P12 private key vs private key file : what is more secure?

The question is a bit tricky because they don't have the same purpose but :

Do both kind of file face the same security issue concerning private key protection : password strenght ? (PBKDF2 as both are often encrypted using password-based encryption)

I would like to better understand the differences between both formats concerning private key confidentiality.

Demonstarting SQL injecton

I want to do a demo for a login page that is vulnerable to SQL injection for training purposes. I already tried to build one using PHP and MySQL. I commented the code sanitation to make the page vulnerable.

The login page code is this:


 //step 1a: sanitise and store data into vars (storing encrypted password)
//$usr = mysqli_real_escape_string($dbc, htmlentities($_POST['u_name']));
//$psw = SHA1($_POST['u_pass']) ; //using SHA1() to encrypt passwords  
$usr = $_POST['u_name'];
$psw = $_POST['u_pass'] ; 




//step2: create query to check if username and password match
$q = "SELECT * FROM users WHERE userName='$usr' AND password='$psw'  ";

//step3: run the query and store result
$res = mysqli_query($dbc, $q);

Then, I tried to enter this in the user name and password fields: ' or '1' = '1

However, the web page tells me the user name and password is wrong. How can I make SQL injection works?

Why haven't I received Lollipop yet? Android updates explained

If you've had to ask yourself "why haven't I received Lollipop yet?" We're here to give you the answers you need. Learn all about the Android update process here.

(This is a preview - click here to read the entire entry.)

Why do clients request .php files my server does not host?

I am running a web server and watching what people request. I have been getting frequent traffic like:


GET /phph/php/ph.php HTTP/1.1


GET /mrmr/mrm/mr.php HTTP/1.1

Are these scans? Are the clients checking if my server is already compromised or are they checking if I am vulnerable?

Are there any known weaknesses with ElGamal algorithm?

Assumptions:

Messages will be short, so performance is less of a concern.

Keys (and the associated user accounts) are disposable (short lived).

Message retention will be minimized (days, not weeks or months).

Messaging will be asynchronous as users are not expected to be online at the same time. (This is the main reason that I have ruled out the typical D-H key exchange to generate a shared, symmetric key.)

Private keys will never leave the client device.

Public keys will be stored in a database with the anonymous user account consisting of a username and hashed password.

What can manufactures of hardware do to prevent attacks on the firmware?

Given the revelations since The Equation Group was discovered. As well as that it is possible to not guarantee removal of a rootkit even with a nuke from high orbit.

What properties of ~~a harddrive~~ hardware can be added to prevent these rootkits from taking control/replacing of the firmware?

Diffie Hellman and exchange of public key for signature

Let's assume an insecure channel.

Is it safe to exchange Alice & Bob public keys first then apply them to sign communications during the DH process? (then encrypt+sign all future communications)?

Should the process be rather: a DH process applied first, then the public key exchange with unsigned messages, then encrypt+sign all future communications? (where obviously at the next DH, there will be not need to exchange again the public keys.)

When signing email with GPG, how does verification by the receiver work?

I use GPG to sign my outgoing emails.

I understand how it works when I encrypt mail to send to someone else. Then I need his/her public key, encrypt it with that, and only he can decrypt it using his private key.

How can they use my public key to verify that my signature is valid?

Prevent location being exposed through VPN

I use the Astrill VPN service to access websites that my country has blocked. There is nothing sinister going on here. Sites like google and youtube have all been blocked. This VPN service offers about 20 servers within the U.S. which I often switch between depending on their speed. I'm not advertising here, I want to point out that this problem is specific to certain servers.

Recently I have noticed that google will always redirect me away from .com to a certain country's TLD. As I mentioned, this is on about half of the servers offered. Somehow google is able to determine my location, even though I am behind a VPN. Note: This is not a problem of being exposed when the VPN connection drops.

Checking my IP on one of the many 'what's my IP' sites, does not reveal my real location. Checking my location using HTML5's geo location API does, though my browser(s) will always ask for confirmation first. Even then the location is a city on the other side of the country, which happens to be the same as what google reports.

Now, I use a desktop PC (no wireless) Ubuntu 14.04 with both chrome and firefox. I have disabled the geo location service in both browsers. I have even tried disabling Javascript thinking they may be using AJAX to get at my IP. Neither worked. And of course I cleared all cookies before retrying.

I contacted Astrill about this problem (their customer support is something to be desired) and their answer was

Your location is being given away by your browser. Not the VPN. You need to disable WebRTC.

Well, that didn't work either. So, now I'm trying to figure out just how google is able to do this. Looking at the HTTP headers, I see that GET www.google.com returns a "302 Found" response with the 'Location' header pointing to the country specific domain. I don't see any requests containing my IP, though I know my IP is standard in all requests. To confirm this is not a problem with my browser, curl get http://www.google.com returns the same '302 Found' response.

Can anybody tell me how google does this? But, most importantly, tell me how my VPN servers' may be leaking this information?

Update:

According to ipleak.net Nothing is being exposed.

Moto E (2015) is official: arriving with Android 5.0.2 Lollipop and 4G LTE

The second generation of the Moto E, the Moto E 2015, has been revealed by Motorola. Here's all the Moto E 2nd generation release date, price, specs, news and features.

(This is a preview - click here to read the entire entry.)

JSON Web Tokens vs. SAML

I don't know too much about security. Specifically, I don't understand the difference between JSON Web Tokens, SAML and OAuth 2. If you could provide some pointers and high level overview of their functions it would help me later on in researching the details.

Specifically, why would I use SAML over JSON Web Tokens or viceversa? Do I need to have OAuth 2 to use JSON Web Tokens/SAML? Or can JSON Web Tokens/SAML can be used independently?

Superfish vs. Corporate MITM

I work for a large consulting company, and I have been implementing a security tool from a security vendor, which is a cloud proxy for all user traffic. It will perform malware scanning and filtering of all web traffic. It works by enforcing a proxy autoconfiguration file to redirect HTTP/HTTPS traffic to one of the vendors global data centers. We, of course, need to deploy certificates to each workstation in order to proxy HTTPS traffic and perform the MITM for malware scanning.

How to appropriately secure a database using different db users

I was thinking recently of the steps to secure a database server. Most of us are aware how to handle the security on the application side, although a malicious user might find his way to bypass the application security and exploit the database.

Scenario

Consider having a database with the following table prefixes blog_ and website_ (for examples and simplicity sake, K.I.S.S.)

I am thinking of something along the lines of the following, but am unsure which is appropriate and which is an overkill, hence the purpose of the question.

Solution 1: One writes, many read

Have only 1 user in the application with write access on the database. On all tables

Have more than one user with read access on to the database, but separated on a per table set(for a specific prefix) basis. Meaning that each RO db user respectively read access only to their set of tables.

global_write@localhost: writes to all tables in the database

blog_read@localhost: Reads from tables with prefix blog_

website_read@localhost: Reads from tables with prefix website_

Solution 2: One read and one write on a per table basis

Have a pair of db users per application component, one to read and one to write

blog_read@localhost: Reads from tables with prefix blog_

blog_write@localhost: Writes to tables with prefix blog_

website_read@localhost: Reads from tables with prefix website_

website_write@localhost: Writes to tables with prefix website_

Solution 3: Only one pair of accounts is sufficient

Only one pair of accounts is responsible for the entire database

global_read@localhost: Reads from all tables

global_write@localhost: Writes to all tables

TL;DR

Solution 1: One writes, many read

Solution 2: One read and one write on a per table basis

Solution 3: Only one pair of accounts is sufficient

Are all of these appropriate?

Which ones are an overhead?

PS: Sorry if I did not tag appropriately with access-control

Windows Firewall single rule with multiple IP addresses vs multiple rules with single IP address

I've tried finding some resources to help me on my dilemma, but wasn't successful in my approach. So here goes:

I am implementing an automated firewall manager for Windows Firewall which will ban some offending IP address for a certain port, for a certain period of time, after which the same firewall manager will remove the ban. My trouble is deciding whether I should just stick to creating a new rule for each IP/port pair or create one rule for each port and only edit the IP list to add/remove an IP address. My main consideration would be if one of the approach would yield better performance than the other. It would suit me better to use one rule for each IP/port pair, but I don't mind going for the other approach if it is significantly better.

Thanks!

How to associate an antivirus with a file to delete it wherever it detects the file?

I want My ESET Smart security 8 to delete a specific file wherever the file is .

or not allow the file to run.

what should I do?

add another layer of protection on top of oauth 2

My Rest API is protected using Oauth2. My main client is a native app.

it's working great but there are certain calls to the API that i want to make sure that are performed from my client - meaning that if the user obtained the access token - he will not be able to use curl in order to call my Rest api.

For example if i have a Rest api for Achievement unlocking, how can i make sure that an authenticated user will not be able to call this rest api in order to unlock the achivment?

Solutions that i thought of:

Sign the request with a special header - But i think that it's breakable

What Exchange permissions are given to each receive connector? (Bypass SPAM, etc)

Exchange has a list of permissions that are assigned to each connector based on the checkbox selection below.

enter image description here

Here are an example of some SMTP headers that are used internally (in routing) to configure how exchange behaves:


ms-Exch-SMTP-Accept-Authoritative-Domain
ms-Exch-Bypass-Anti-Spam
ms-Exch-Bypass-Message-Size-Limit
ms-Exch-SMTP-Accept-Exch50
ms-Exch-Accept-Headers-Routing
ms-Exch-SMTP-Submit
ms-Exch-SMTP-Accept-Any-Recipient
ms-Exch-SMTP-Accept-Authentication-Flag
ms-Exch-SMTP-Accept-Any-Sender

These headers are not visible in Outlook, but live in Exchange as a message is sent

enter image description here

Question

What are the meanings/rights of these headers?

What headers aren't listed?

What permissions are assigned to each checkbox?

AVG reveals worst apps for draining data and battery

Facebook, Spotify and Samsung's Security Policy Update are among the worst culprits for draining data and battery on your phone, according to a new AVG report.

(This is a preview - click here to read the entire entry.)

Explicitly prohibit a CA certificate on OpenSSL

How do you explicitly not trust a particular certificate (especially, CA certificate) for OpenSSL?

On NSS-based applications, one can install the cert with trustarg p: prohibited (explicitly distrusted). In this way, say we we have


  Verisign --->  Some_CA_I_dont_trust ---> ... ---> Some Site

I can remove trust of Some_CA_I_dont_trust without affecting others from Verisign.

However, it doesn't seem to be the case if I add a ! to the corresponding line in /etc/ca-certificates.conf and execute update-ca-certificates. OpenSSL happily accept the certificate even though intermediate CA is not on my system.

Timsort python exploit

Is there an exploit for this bug for python's sort implementation?

http://ift.tt/1abYrIH

Acceptably secure solution for users to log in with a short unique code only (no username)

I am creating a website whereby users are given an account by invitation only, and are sent a unique code by post. Users can then log in (at least the first time) by entering the code only.

The goal of this is for it to be extremely easy to understand and use by non tech-savvy people.

User accounts will contain name, email, maybe address if the user wants to add it. No other sensitive information.

The site itself would not be of interest to anyone other than those invited, and will not be indexed by search engines.

If you imagine the users are receiving a piece of mail in the post which says something along the lines of:


 Please visit www.example.com
 Log in with your unique code:

            A6XH3

As for the code, it must be extremely easy to remember and enter.

I was planning four or five upper case alphanumeric characters - e.g. A6XH3 - because I don't want anyone to have to enter a long hash or complicated string. I think 6 characters is the limit that I would deem acceptable for people to enter in this format.

An alternative idea I had was to use two/three easy to spell words, such as [adjective] [noun] which would be more fun and seem less "techy" to the users - e.g. pretty blue flower - which would be more in keeping with the spirit of the site.

Caveat

Questions

Is this secure enough for the context? i.e. The only people who know about the site are those invited, and there is no real motive for anyone else to try to force their way in.

Would you use either of my methods of unique code generation, and if not what would you suggest as a better solution?

Is there another way I could allow a simple login without compromising security or simplicity of use without a username?

Note: I am using PHP/MySQL if it is relevant.

Making the Firefox key and CSR creation process transparent

Background

I was a bit surprised that several CAs do not allow anymore to send a plain old CSR in text form to them which was created in the classic fashion with OpenSSL or similar.

But this would mean that the CA gets a copy of my key. Which is definitely anything but best practice (also see this question).

What I did so far

Here's what I did so far. All with a recent Firefox version as recommended by the FAQ.

I started the process with a reseller of Comodo CA by entering all the details for contact et cetera as well as some of the fields that would later appear in the certificate (e.g. contact email).

Then, proceeding to the next step, I noticed very brief "popup" which looked like something "key generation" related. And then I noticed there was no way to upload the CSR and backed out for now.

Question

How can I be sure that the private key whether generated by Firefox or by me, never actually leaves my machine? Right now this process looks very much opaque to me.

Is there any way of compelling Firefox to make this process a bit more transparent such that I can be sure the private key never leaves my machine? I'm looking for settings or alternatives that allow me to insert a pre-generated CSR in text form.

Getting Certificate KeyContainerName to initialize CspParameters

How can I get the name of a Key Container that's in a smart card required for initialization of CspParameters?

CspParameters^ cspa = gcnew CspParameters(ProviderType, ProviderName, keyContainerName, cryptoSecurityKey, securityString);

RSACryptoServiceProvider^ csp = gcnew RSACryptoServiceProvider(cspa);

Since certificates from smart cards are automatically installed in a personal certificate store, I have tried looking for keyContainerName in X509Certificate2 and I couldn't find it there.

I have managed to find a container name of one of the keys outside of C++ using certutils.exe, and that way, I just entered that name and I managed to generate a digital signature using the aforementioned RSACryptoServiceProvider. It work beautifully. What what do I do with other certificates that the software might be used with? I can't ask the users to enter container name manually.

But, from what I understand, if I don't provide the container name (leave it empty), it doesn't work. So I need a way to find/get a key container name for any certificate in any smart card within the program code.

Unfortunately, most examples I've seen on the internet provide a constant predefined container name (like "example" or "test" - like here http://ift.tt/1DOBR5h ), which is useless in real life.

Why is the first line of http message unreadable after decryption

I have a TLS Record containing HTTPs application data.

I extracted the encrypted plain text with mac from the application data, then, when I decrypted the extracted data using AES CBC mode, I am expecting that It will return something like this:


POST /ImeiTracki
ng?msg=010908391
1841060249765020
A984108000001540
F7F9D00DFBF00001
7000160005100000
0000800060200020
7022502080300010
30A0E07918184026
284F8FFFFFFFFFFF
0000000000083083
A758909259672050
B00 HTTP/1.1..HO
ST: h..X-Admin-P
rotocol: globalp
latform-remote-a
dmin/1.0..
....

but instead, it returned:


³Y%þ&É?eÄºìr8%
ng?msg=010908391
1841060249765020
A984108000001540
F7F9D00DFBF00001
7000160005100000
0000800060200020
7022502080300010
30A0E07918184026
284F8FFFFFFFFFFF
0000000000083083
A758909259672050
B00 HTTP/1.1..HO
ST: h..X-Admin-P
rotocol: globalp
latform-remote-a
dmin/1.0..
....

The only weird thing here is the first line (³Y%þ&É?eÄºìr8%), it should be POST /ImeiTracki. The lines after the first line are all okay.

My input to the aes decryptor:

encrypted text = encrypted text + mac

I also tried other https messages from the same session and same result was observed - the first line is unreadable and the latter is okay.

I also tried to use an online aes decryptor and still- same result was observed.

I would like to have a result just like my expectation.

Any ideas on why is the first line unreadable?

Difference between data leakage analysis and vulnerability analysis?

What is the difference between data leakage analysis and vulnerability analysis? And how much and what kind of vulnerability testing is required for data leakage analysis?

According to my understanding, I only have to check how is app communicating and saving important data.

Challenge Response with a Tan Book?

i am trying to secure a connection between a Mobile Device (Client) using a webApp and a Home Device (Server) in a potentially unsafe Wifi Network.

The communication is asynchronous and i am trying to prevent "replay attacks".

I was thinking about Challenge Response, but the overhead of "ask for challenge, receive challenge, send message with solved challenge" is a performance issue for us.

So i was thinking about using some sort of TAN Book approach like online baking does it:

Initially the Client would ask for a set of Challenges that it stores. The Server would store those Challenges and keep track of how many are already used.

If only n Challenges are left, the Server creates new Challenges and sends them with the next response to the Client. This way, the Client should almost always have enough Challenges without the overhead of Asking for them first before every request.

Example:

Client wants to log in and asks for challenges first, giving his username/userid.

Server creates n Challenges and stores them for the given userid, then sends them to the user.

Client sends challenge-id and hash(challenge, shared-secret).

Server compares stored challenge (identified by challenge-id) hashed with shared secret and if correct, returns success and deltes challenge since it was now used.

then it gets easier

Client wants to call API Endpoint X on Server, sends request with added Headers (challenge-id, hash(challenge, shared-secret))

Server checks challenge and uppon success deletes it, executes method x and returns response. In response it adds a new challenge in the header (i.e. challenge_id-xyz: 45egrgh3gw43gw43zrezh54egh44zg54b54esb...54sreh5j)

if the client is low on challenges

Client wants to call API Point X, sends Request with Challenge in Header

Server chacks Cahllenge, upon success deletes it, realizes the client is low on challenges (due to low amount of stored challenges) and creates new ones. It sends Response for API Point X and adds new challenges in the headers.

Is there already a concept like this and if not, does this sound to much like "bake your own crypto" or does it sound legit? Or is there a better way to do this without to much http overhead?

samedi 28 février 2015

EDIT

EDIT 2

vendredi 27 février 2015

jeudi 26 février 2015

Background

Problem

Question

Related

Background

Problem

Question

Related

Scenario

TL;DR

Background

What I did so far

Question