0505, 2012

Security in the Light of Emergency Situations

René Pfeiffer/ May 5, 2012/ High Entropy, Security

Let’s assume you have put proper security measures into place and you have spiced them up with proper policies so that everyone always knows what to do in certain situations. So far, so good. Now let’s combine this solid security framework with something out of the ordinary. Catastrophic storage failures are a very good example. Imagine your shared storage array goes AWOL (including the disk images of your precious virtualised servers). In this case your operating status has gone from „all green“ to „full red alert“. Your staff can’t restart the storage array, so you have to rely on experts in the field of data rescue. Due to the critical nature of the data you yank out the disks, label them and send your storage components by messenger to a laboratory. Since time is

Read More

1704, 2012

Let’s talk about War

René Pfeiffer/ April 17, 2012/ Discussion, High Entropy, Stories

Extreme situations, entropy eruptions and unforeseen problems caused by complex interactions between a plethora of components are prime story material. You can use it in (science) fiction, you can use for breaking news, you can use it for scaring your children, you can use it for advertising and you can use it when talking about information security. Maybe this is why talking about „cyberwar“ is all the fashion these days. Let’s follow the trend and introduce the issue with style: No boom today. Boom tomorrow. There’s always a boom tomorrow. What? Look, somebody’s got to have some damn perspective around here! Boom. Sooner or later. BOOM! — Lt. Cmdr. Susan Ivanova, Babylon 5 This statement from a fictional character pretty much sums up the issue (plus it contains exactly the required amount of sources

Read More

1801, 2012

DeepSec.net is on Strike!

René Pfeiffer/ January 18, 2012/ Administrivia, Internet

You have probably heard of the Stop Online Piracy Act (SOPA) and its chilling effects on the Internet and all its users. „The originally proposed bill would allow the U.S. Department of Justice, as well as copyright holders,to seek court orders against websites accused of enabling or facilitating copyright infringement. “ (quote taken from the Wikipedia article)  SOPA is a major security risk for it advocates to change the DNS zones for specific domains. Blocking would be done by DNS, so the bill compromises the Internet’s infrastructure. Speaking from the view of security researchers we would like to quote the white paper written by Steve Crocker and Dan Kaminsky: From an operational standpoint, a resolution failure from a nameserver subject to a court order and from a hacked nameserver would be indistinguishable. Users running

Read More

3110, 2011

Defending against the Hype of Advanced Persistent Threat (APT)

René Pfeiffer/ October 31, 2011/ Security

Many articles like to mention Advanced Persistent Threat (APT), point out that 0-day attacks are extremely dangerous, and that anyone and your neighbour might already be compromised, but doesn’t know about it. So APT casts a long shadow even when not having arrived yet. This is exactly why we used the word „hype“ in the title. If you are not feeling very well and you look up symptoms in popular search engines, then you suddenly end up with lots of diseases that might fit. Doing this won’t change anything, you still got the symptoms and you still got no idea what’s going on. Reading information on security breaches alone won’t alone won’t get you anywhere (currently you can find some news on the RSA hack online). Exchanging ideas and hearing about stories is fine,

Read More

0610, 2011

Talk: Armageddon Redux – The Changing Face of the Infocalypse

René Pfeiffer/ October 6, 2011/ Conference, High Entropy

DeepSec has a tradition of holding a „night talk“. This is the last talk on the first day, just before the Speaker’s Dinner. Don’t let the expectation of good Austrian food fool you. Morgan Marquis-Boire will serve you an appetiser which may be hard to digest: Armageddon Redux The talk is a follow-up on Morgan’s Fear, Uncertainty and the Digital Armageddon talk held at DeepSec 2008. During the past years security researchers have been warning about attacks on fundamental infrastructure. The ghosts and dæmons haunting SCADA systems lead to scary scenarios portraying a failing civilisation. At the time, there was significant worry about the danger that digital sabotage posed to the systems that run our everyday lives. Take a look at the recent Tōhoku earthquake and tsunami in Japan and its impact on industrial control

Read More

1407, 2011

Subverting Femto Cells – Infrastructure at Risk

René Pfeiffer/ July 14, 2011/ Security

The past DeepSec conferences featured talks about mobile telecommunication networks. Security researchers had to turn mobile phones into base stations or create their own from hardware and software. Yesterday The Hacker’s Choice have published a security analysis of Vodafone’s Femto Cells. These cells are small routers used for boosting the 3G signal. They cost about 160£ and can be purchased through the Vodafone store. Reverse engineering turns these little routers into full-blown 3G/UMTC/WCDMA interception devices. You can catch IMSIs and retrieve the secret subscriber information by requesting it from the core network. By using this secret key material you can decrypt intercepted phone calls and data transmissions. The reverse engineering process even produced the root password of the device (it’s ceolyx, but you need to decrypt it; other blogs feature the full plaintext password). This

Read More

2005, 2011

Mobile Network Security revisited at the Linuxwochen

René Pfeiffer/ May 20, 2011/ Veranstaltung

Tomorrow we will present a review talk about the state of mobile network security. The talk will be held at the Linuxwochen in Eisenstadt. We will address results discussed in the past DeepSec conferences (including work of Karsten Nohl, Harald Welte, David A. Burgess, Sylvain Munaut, Dieter Spaar, Ralph-Philipp Weinmann and others). If you understand German we recommend listening to Chaosradio Express #179 where Karsten explain to Tim Pritlove the state of GSM security over a period of 130 minutes. Slides of our talk will be available after the Linuxwochen. Update: You can download the slides here. There’s a simple audio recording available as well (MP3 or OGG).

1203, 2011

Rare Catastrophic Events and Infrastructure

René Pfeiffer/ March 12, 2011/ High Entropy

Most security administrators have to deal with risks and their management. If you read the news, then you will hear about lots of things that can go wrong for a multitude of reasons. A common tactic to get the required budget for securing infrastructure is to collect some horror stories and present them to management. Basically this is a polite form of blackmail. It might work, but there’s already enough fear and uncertainty spread through various media channels and word of mouth (or both). Now if you’re really interested in more stories about the End of your Data Days, why not go for earthquakes and global warming? Asteroids will do fine, too. But seriously, there’s some real thoughts behind this idea. The Internet is not strongly bound by geographical boundaries. The data of most

Read More

0302, 2011

Mind2Mind Event I/2011 – „Wir werden Sie belauschen!“

René Pfeiffer/ February 3, 2011/ Veranstaltung

Wir beginnen im März mit der ersten Mind2Mind Veranstaltung. Es handelt sich dabei um lokale Events in Wien, bei der wir ein bestimmtes Thema mit Bezug auf Sicherheit miteinander und gegeneinander diskutieren möchten. Der erste Mind2Mind Vortrag handelt um alltäglichen Lauschangriff, den viele unterschätzen: Der elektronische Lauschangriff ist nicht nur ein Instrument von Behörden oder Politik. Oder etwa doch? Lassen Sie uns Fiktion und Wirklichkeit mit handfesten Fakten vergleichen. Der Experte Wolfgang K. Meister der Firma VOXCOM möchte Unternehmer, Angestellte und weitere Betroffene über die Situation fernab von Spielfilmen aufklären. Hollywood ist nicht die Realität. Jedoch sind nicht nur ehemalige Finanzminister potentielle Ziele von Abhöraktionen, es kann auch uns betreffen, wenn auch vielleicht nicht direkt. Zwei große Firmen wollen die Machenschaften des jeweils andren auspionieren? Warum nicht über eine Überwachung eines gemeinsamen Nenners? Vielleicht

Read More

0208, 2010

Sneak Preview – your cellphone can be tapped

René Pfeiffer/ August 2, 2010/ Schedule, Security

You probably have a cellphone. Your company might even provide an additional one. Your boss most certainly uses a cellphone. What do you use it for? Do you share details about your private life via phone conversations? Did you ever talk to a business partner about confidential offers? Do you rely on cellphone when it comes to important messages? If so you might be interested in hearing some news about the state of security of mobile networks. Most of them are broken, outdated or both when it comes to security. Details of the security issues have been presented at DeepSec 2009 by Karsten Nohl. During Defcon18 in Las Vegas a security researcher successfully faked several attendees’ cell phones into connecting to his phony GSM base station during a live demonstration that had initially raised

Read More

0108, 2010

Hole196 debunked?

Mika/ August 1, 2010/ Security

(Warning: some technical details, not suited for the TL;DR type of audience) “WPA2 vulnerability discovered” was a headline that caught my attention for several reasons: Someone detected a security flaw in 802.11 RSNA (vulgo “WPA2”) that slipped Chuck Norris’ attention for 3 years (replace the name with any respected security researcher). It’s from a Best-of-breed, Award-winning, World-market-leader etc… company. Reminds me of the CfP submission we received from Ligatt Security. But maybe (hopefully) I’m wrong. Virtually all results of the search engine you prefer point to a copy&paste of the press release without any details (as of Jul 28th). Is this just a result of our copy&paste journalism? I have the impression, that nobody verified the possibility in detail. For example JJ from “Security Uncorked” writes (although expressing clear doubt about the impact): “Without

Read More

2807, 2010

How to secure Wireless Networks

René Pfeiffer/ July 28, 2010/ Security

You have probably followed the news and heard about AirTight Networks’ demonstration of the WPA2 design flaw. What does this mean for operators of wireless networks? Do you have to care? Do you feel threatened? Is there a way to feel better again? First take a look what the design flaw means and what the attack looks like. Hole 196 means that „an insider can bypass WPA2 private key encryption and authentication to sniff and decrypt data from other authorized users as well as scan their Wi-Fi devices for vulnerabilities, install malware and possibly compromise those Wi-Fi devices”. So an attacker has to be authenticated before she can use the exploit. This does not mean that „WPA2” is compromised entirely (yet). It just means that we (maybe) deal with a design flaw. Attacking „WPA2”

Read More

1906, 2010

Call for Papers – Reminder

René Pfeiffer/ June 19, 2010/ Schedule

Our Call for Papers is still running until 31 July 2010. We already have some very interesting talk and workshop submissions. Two experts cover the black magic of the last mile and network backbones. Clearly this is critical infrastructure and is often neglected when implementing security measures. Few administrators put their firewalls in front of the ISP’s modem. There are attacks against infrastructure. Wireless networks illustrate this problem very well. Strangely when it comes to wired networks people think of them as more secure. True, wired connections cannot be accessed through thin air, but this doesn’t immunise them against threats on the infrastructure level. Routing protocols, administrative interfaces, unpatched firmware, bugs, noisy broadcasts and network design errors can lead to a fertile ground for a compromised network well before your firewall kicks in. So

Read More