Slashdot Mirror

Signatures allow me to say "I didn't sign this", not "I did". It's to protect us from banks. Chip and pin has been broken since 2010. For example, see https://www.lightbluetouchpape... Banks in the UK successfully scammed the courts for years with chip-and-pin, claiming that it was poor user security that allowed all frauds.

I like the analysis going on over here:https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/

As a hardware designer, it's an interesting idea to think of attack vectors through "NO STUFF" parts of the BOM. Most PCBs have "NO STUFF" parts of some sort - either for legacy or prototyping reasons.

The idea of some nefarious third party reverse engineering a "NO STUFF" and forming an attack vector with that is well, news to me. I can easily understand a thing like this slipping through a QC check

It would certainly be a difficult attack to construct. But many of todays "software" attacks are quite complicated. Certainly not outside the scope of a state-entity IMHO.

Interesting times in any event, and something to think about.
 

See Ross Anderson's "Light Blue Touchpaper" for a timeline, https://www.lightbluetouchpape...

As other writers noted, Visa has 70% less fraud because they can now disclaim responsibility for all the fraudulent charges on the older, more popular equipment. There might be a small decrease in fraud overall, but the "70% less" is really "70% the merchant has to eat, as we're not accepting fraud reports from their equipment".

If you sign, you can prove it if someone forges your signature.

It's not for the bank or the merchant: merchants want to get rid of them, so they won't have to repay false charges.

PINs and the like are way too insecure: for example, see https://www.lightbluetouchpape...

See Chip and PIN is broken, https://www.lightbluetouchpape...

A follow-up was Chip and Skim: cloning EMV cards with the pre-play attack, https://www.lightbluetouchpape...

This is Ross Anderson's security group at Cambridge, UK, who were the first folks to note that the signature requirement was so the customer was protected, not the bank.

See Chip and PIN is broken, https://www.lightbluetouchpape...

A follow-up was Chip and Skim: cloning EMV cards with the pre-play attack, https://www.lightbluetouchpape...

This is Ross Anderson's security group at Cambridge, UK, who were the first folks to note that the signature requirement was so the customer was protected, not the bank.

Yeah, and EMV actually has inadequate protection against cloning, because it has inadequate standards for the use of the chip [arxiv.org], and “some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply” the nonce for the transaction. That does require a compromised reader, but you don’t have to compromise the reader itself, only its communications channel. This can often be done from outside a building.

And if you don’t trust your logistics chain - PS, you shouldn’t - you might crack open a terminal and find a burner cellphone inside that’s MitMing every single credit card transaction.

It’s not a new thing, Schneier wrote this in 2010.

With an electronic sticker, you can intercept the command from the EMV card saying the PIN is wrong, and re-write the acceptance command. Alas, the PIN confirmation isn’t encrypted.

Another good walkthrough of what’s become known as a “wedge attack”.

See https://www.lightbluetouchpape...

It's actually worse now: for about $20 you can get a stick-on chip to make your own cracker-card.

Chip-and-sign in the US is no more secure, but it has the brilliant advantage of allowing the victims to prove it wasn't their signature and recover from the banks.

Interesting, America being different again ;-)

I found http://krebsonsecurity.com/201... which has some background. I'm not so sure about the security risk, there has been a recent slight increase in lost+stolen fraud in the UK (PDF graph, starting at £120M pre-introduction it reduced to £50M, but has since increased to £60M. (In step with other types too, so maybe it's just more crime in general.) That contradicts the person quoted though.

The other suggestion -- that people will pick the 'easiest' card in a competitive market -- sounds much more likely, especially as it's the reward cards that do use a PIN.

Not having a retailer take a card to check a signature helps -- they can't copy down the details to use online. In restaurants they must bring the machine to you, so you can type a PIN, and the card never leaves your sight (or often possession).

Chip and pin has been broken in Europe since soon after it was introduced: see https://www.lightbluetouchpape...

The US is looking at chip-and-signature, which is safer for the customer , who go screwed by UK banks claiming that chip and pin was perfect, therefor any losses were the customer's fault.

Courtesy of Ross Anderson, one of the serious researchers in the sucurity world.

Protip: this research is being done by some of the best people in inter-disciplinary security, so reading and understanding what they are saying is a good idea before you spout off about how whack polygraph testing is.

Great post. I've had some dealings with Visa and they don't like Ross Anderson as he keeps poking holes in their security. Here's his attack on the UK Chip and PIN system (EMV).

https://www.lightbluetouchpaper.org/2010/02/11/chip-and-pin-is-broken/

The problem with that scheme is if you let users pick their own passwords they tend to follow certain patterns that make them easier to brute force.

Ross Anderson posted an interesting thought about this decision and credit agencies:

The European Court of Justice decision in the Google case will have implications way beyond search engines. ... a favourite trick is to blacklist people with credit reference agencies, even while disputes are still in progress (or even after the bank has actually lost a court case).

While this finding impacts that problem, it is not the right way to tackle that problem. That problem consists of factually incorrect material that should not be there. This finding explicitly indicates that a party can demand that links to factually true reports that are still available to view online must be taken down. It goes far beyond the scope of reason.

The European Court of Justice decision in the Google case will have implications way beyond search engines. Regular readers of this blog will recall stories of banks hounding innocent people for money following payment disputes, and a favourite trick is to blacklist people with credit reference agencies, even while disputes are still in progress (or even after the bank has actually lost a court case). In the past, the Information Commissioner refused to do anything about this abuse, claiming that it’s the bank which is the data controller, not the credit agency. The court now confirms that this view was quite wrong. I have therefore written to the Information Commissioner inviting him to acknowledge this and to withdraw the guidance issued to the credit reference agencies by his predecessor. I wonder what other information intermediaries will now have to revise their business models?

No need they don't need your PIN

You need to read this You are not covered and they don't need your PIN. Possibly from a DB hack you may be safe. All I have to say it's not as secure as you make it sound.

... RFID is orders of magnitude less secure than a regular magnetic strip.

Lucky that chip-and-pin cards don't have RFID on them then ;). They must be inserted into the reader for the chip to be used, and even then, the chip is not (and can not be) read, instead, it's used to encrypt, and sign your PIN, so that the bank can verify that it's really you (or someone who knows your PIN, and has your card – whee, two fold security, something you know, and something you have) there.

Sorry to disappoint you but all my chip & pin cards have RFID as well.

Some light reading on PIN. It does not always get verified by the bank and may well be bypassed with 0000.

Read this.

I use chip and pin cards in Canada, and about a month after I got the first one, it was skimmed. The bank had to replace it (and did, on a weekend no less!)

I suspect the same kind of good math and bad implementation as was documented in http://www.lightbluetouchpaper... I happen to know the ATM that was hacked, and while the Bank was very close-mouthed, the store-owner identified it as an XP-based standalone ATM with no detected mechanical add-ons, suggesting it was a pure software hack.

Another, more recent, attack was via a particular bank-owned ATM, the only one the person used.

--dave

Ross is a security researcher at University of Cambridge.

In practice, it is far more secure to use a written signature than a 4-digit password that is exposed to eavesdroppers, video cameras, interception devices and a plethora of other attacks. That's secure for the person, you understand: it prevents the bank from saying "you must have lost your pin".

Ross is a security researcher at University of Cambridge.

In practice, it is far more secure to use a written signature than a 4-digit password that is exposed to eavesdroppers, video cameras, interception devices and a plethora of other attacks. That's secure for the person, you understand: it prevents the bank from saying "you must have lost your pin".

I read the whole blog post, doesn't say abolished or any other synonym anywhere.

Now, could they theoretically track your traffic back to its origin if they have a complete picture of the network? It's possible, but they can only do a positive ID when there's not much TOR traffic, especially near your physical location, to begin with. That's where security by obscurity comes into play.

Tor's anonymity can be broken with traffic analysis (i.e., of packet timing and sizes) by an adversary that can see both endpoints (i.e., the traffic between the user and first node, and the traffic between the exit node and destination) [1] [2]. There's a lot more work on this topic.

Whether or not there's "much Tor traffic" around you has little to do with it. The only requirement is that YOU send enough packets via Tor for it to be possible to correlate the traffic at both endpoints. The amount of traffic needed for that may be a function of the Tor traffic around you, but it's still very possible to de-anonymize a Tor user who sends a realistic amount of data over Tor.

It's also not necessary for the adversary to have a complete picture of the network. It's only necessary for the adversary to see that traffic at both endpoints. I suspect this is disturbingly easy for the NSA given their ability to monitor traffic at US tier-1 provider(s).

This is currently the single most important problem Tor has. There's been much research into avoiding it, but no one has come up with a good solution. The difficulty is that there's a trade-off between latency and the power of traffic analysis. If only a small amount of latency is artificially introduced, traffic analysis is still feasible. Mix networks are not susceptible to traffic analysis because they introduce a large amount of latency and are thus useless for interactive applications.

I have worked in information security for 25 years and am always amused when people say something is "physically impossible". There is almost always a way. I have worked on forensic engineering for chip manufacturers, finding production faults by etching off layers using warm nitric acid and reading the secrets out of the circuit using a microscope. That technique can be used to make many copies of a card but nobody bothers because it's too time expensive and there are easier ways.

Ross Anderson's group in Cambridge are real experts in the chip and pin technology, they know that security implementation flaws often make cards vulnerable, for example see http://www.lightbluetouchpaper.org/2012/09/10/chip-and-skim-cloning-emv-cards-with-the-pre-play-attack/

Many parts of the world still use only the magnetic strip. For years while Europe waited for the US to deploy chip and pin we saw European CC numbers being used in the US. Now NFC will make it easier for US based cloners to get just enough data from your cards to send to their cousins in other countries.

Replying to myself has caused a temporary split-brain issue. Anyhow, more useful comment on Richard's blog:

http://www.lightbluetouchpaper.org/

Ross Anderson does great work in this field, and has done for decades. The banks are happy to put out a flawed system, and hope that people don't notice they are getting ripped off by criminals. Those that actually do notice get reimbursed if they fight hard enough and manage to win their court case (the banks often falsely convince the judge their system is infallible), and then this simply gets shifted back onto the customers through increased bank charges.

If you look at his February post after they broadcast the problem on Newsnight (major UK political television programme), a large number of the commenters appear to be victims.

The message is clear: if you take your credit or debit card out with you, or use it online, there is a good chance money will easily be stolen from your account. If somebody swipes and clones your card, they do not need to know your PIN number to extract money from it. The safest way to pay is currently with cash.

Phillip.

I really hope you're not serious. Chip & PIN plus the liability on the card holder if there is fraud with a Chip & PIN transaction is just a monumental bad idea. It's not 1000x more secure and it has been compromised. Please do some Googling for news on Chip & PIN fraud in the UK. Beyond the actual negligence ones where the fraudster has the actual card and knows the PIN, there's skimming going on.

A couple of terminals only need a paperclip to make the connection of the decrypted information and didn't trigger any of the tamper-proof mechanisms nor is it really noticeable:
http://www.theregister.co.uk/2008/02/27/credit_card_reader_security_pants/
http://www.lightbluetouchpaper.org/2008/02/26/chip-pin-terminals-vulnerable-to-simple-attacks/

On a more recent note, this year arrests were made in UK of a skimmer gang. Articles can be found on Google:
http://www.google.com/search?q=chip+pin+gang

There's been a lot of analysis of the legal implications by people a lot more qualified than I - see e.g. the Foundation for Internet Policy Research analysis, Dr. Richard Clayton's analysis, or the deconstruction of Phorm's own spin at Is Webwise Legal?. At the very least, there are plausible arguments for fraud and computer misuse (the forged cookies that claim to be from the sites you visit, but are inserted by Phorm) and copyright infringement (commercial exploitation of copyrighted content - not by inserting ads into sites that aren't signed up to Phorm, but by scraping those sites and converting them into advertising profiles, regardless of the site's copyright license / usage terms). Note that most of the data protection issues are generally covered by the modified terms and conditions that BT get you to sign up to when you 'opt-in' to Phorm. Note further that those terms and conditions can be accepted by anyone in your home, so your kids could sign you up without you realising - and BT are attempting to make that your problem.

This new system seems very simplar to Phorm, so here are details. The Phorm "Webwise" System - Richard Clayton. Seems you can avoid being monitored by blocking Phorm's cookie.

The best way to generate a groundswell against these systems is for websites to warn their uers if they are on an ISP that does this. For those in the UK worried about the 'phorm' spying system, Richard Clayton has extracted some technical information from them here: http://www.lightbluetouchpaper.org/2008/04/04/the-phorm-webwise-system/ and Gavin Jamie already has a prototype Phorm detector here: http://www.mythic-beasts.com/~gjamie/

This is, after all, Web 2.0. With The Onion and video links posted on slashdot, with embedded flash ads,, and no website slashdotted for years, times have unfortunately changed since real techheads hung out here. But fear not, because we can go to the sauce and have a conversation with the professor and his team that did this research.

Their solution is to drop ALL RST packets

The same solution also fixes that pesky Great Firewall problem.

The title comes from the article that is linked at the bottom.

If we were talking about software, the fact that key information that are relatively easy to get had to be kept secret would be deemed very poor design and would be scorn upon by the people on slashdot. It is security/privacy by obscurity.

It should not matter that you bank account is lost by the government on a DVD, because if the system was properly design, the only thing people could do with such information would be to give you money. Not take some out without your permission or get a loan under your name.

It is true that without identification that are difficult to falsify, it is difficult to open bank account without having to rely on personal information that criminal can easily get.

Never wonder that identity theft were much more a problem in countries that do not have an Id card?

http://www.lightbluetouchpaper.org/2007/03/12/identity-theft-without-identification-infrastructure/

That's cool - fortunately no open source software uses the systrace facility, which has at least one well known vulnerability that affects apps that use the facility.

The base comment is the one that's unreasonable (an OS can't be considered secure if it allows 3rd party applications to make it insecure).

By that standard, no general purpose operating system in use today can be considered "secure".

If the operating system allows the use of 3rd party code that runs with supervisor privileges, then the 3rd party coe can render the operating system insecure.

Another new feature coming in Leopard is Sandboxing (systrace), which limits an application's access to the system by enforcing access policies for system calls

Folks,

Just FYI, the sandboxing in Leopard is not systrace. Systrace is vulnerable to race conditions -- see Robert Watson's paper "Exploiting Concurrency Vulnerabilities in System Call Wrappers". I asked him about this at WWDC, and he told me that Leopard's sandboxing is based on a different technology and is not vulnerable to the same attacks.

The Regulation of Investigatory Powers Act 2000 has been around for years (7), but The Regulation of Investigatory Powers Act 2000 (Commencement No. 4) Order 2007 actually came into effect on October 1st.
http://www.lightbluetouchpaper.org/2007/09/30/time-to-forget/

Actually, if you're using an unpatched browser, you might not even have to download the file they offer to be infected. The web page includes Javascript exploits for half a dozen security vulnerabilities, which will install the trojan without user interaction. I've posted an analysis of the malware code on my blog.

Despite what the article says, Storm isn't using Tor (other than trying to exploit it's reputation) and the download isn't a trojaned version of Tor – it's much too small to be that. What's more, the botnet operators appear to have dropped this strategy. While on Thursday the links in the spam went to a fake Tor download page, on Friday they showed a fake YouTube video, and now they show a fake NFL game tracker.

Actually, if you're using an unpatched browser, you might not even have to download the file they offer to be infected. The web page includes Javascript exploits for half a dozen security vulnerabilities, which will install the trojan without user interaction. I've posted an analysis of the malware code on my blog.

Despite what the article says, Storm isn't using Tor (other than trying to exploit it's reputation) and the download isn't a trojaned version of Tor – it's much too small to be that. What's more, the botnet operators appear to have dropped this strategy. While on Thursday the links in the spam went to a fake Tor download page, on Friday they showed a fake YouTube video, and now they show a fake NFL game tracker.

Actually, if you're using an unpatched browser, you might not even have to download the file they offer to be infected. The web page includes Javascript exploits for half a dozen security vulnerabilities, which will install the trojan without user interaction. I've posted an analysis of the malware code on my blog.

Despite what the article says, Storm isn't using Tor (other than trying to exploit it's reputation) and the download isn't a trojaned version of Tor – it's much too small to be that. What's more, the botnet operators appear to have dropped this strategy. While on Thursday the links in the spam went to a fake Tor download page, on Friday they showed a fake YouTube video, and now they show a fake NFL game tracker.

http://www.lightbluetouchpaper.org/2006/10/08/kish s-totally-secure-system-is-insecure/

The Register's got this now:
http://www.theregister.co.uk/2007/02/06/card_secur ity_attack/

Original blog:
http://www.lightbluetouchpaper.org/2007/02/06/chip -pin-relay-attacks/

This paper is actually a few months old. It was presented to the ACM in October and linked from Light Blue Touchpaper in September. Here is a link to the summary along with links to the actual paper and slides to Murdoch's talk:

http://www.lightbluetouchpaper.org/2006/09/04/hot- or-not-revealing-hidden-services-by-their-clock-sk ew/
http://www.cl.cam.ac.uk/~sjm217/#talk-ccc06hotorno t

I believe many of the mitigation techniques mentioned in previous comments have been discussed elsewhere and some of them do not work nearly as well as you would expect.

Have a look at this blog posting for why adding random noise will not prevent the attack. Essentially, random noise doesn't change the average skew, since the computer doesn't have an independent reference clock. By taking a moving average over time, the noise can be detected and removed.

Several weeks ago, Ross Anderson and his colleagues set up a wiki containing all the material they've collected on the NHS IT project, and the problems it's facing. Check out his post here: http://www.lightbluetouchpaper.org/2006/10/10/new- website-on-nhs-it-problems/

And the actual wiki here: http://nhs-it.info/

"The front page lead in [November 1st] Guardian explains how personal medical data (including details of mental illness, abortions, pregnancy, drug taking, alcohol abuse, fitting of colostomy bags etc etc) are to be uploaded to a central NHS database regardless of patients' wishes.

The Government claims that especially sensitive data can be put into a "sealed envelope" which would not ordinarily be available... except that NHS staff will be able to "break the seal" under some circumstances; the police and Government agencies will be able to look at the whole record -- and besides, this part of the database software doesn't even exist yet, and so the system will be running without it for some time."

Security Research, Computer Laboratory, University of Cambridge

For everyone whinging that they shouldn't have disclosed this to the Chinese government, they didn't!

In fact, they only reported the denial of service (DoS) issue to CERT, who passed it on to CERT-CN. This is the proper and expected behaviour for security researchers.

They did NOT report the observation that discarding resets made the firewall ineffective. The only way that the Chinese government can find out about that is by reading sites like Slashdot.

Reference: http://www.lightbluetouchpaper.org/2006/06/27/igno ring-the-great-firewall-of-china/, Comment #30.

It appears the link to the source is missing - I first read about it last week on Schneiers blog, linking ot the original blog post found here:

    http://www.lightbluetouchpaper.org/2006/06/27/igno ring-the-great-firewall-of-china/

And for all the details, the paper to be presented is here:

    http://www.cl.cam.ac.uk/~rnc1/ignoring.pdf

I think the interesting thing is that by configuring our end to ignore the invalid resets from the Great Firewall of China we can aid the distribution of otherwise censored material.

DDoS attacks against the GFC seems not to be that easy, as the article mentions the GFC is not one giant router at the backbone, but rather smaller machines closer to the end stations - the firewall is distributed accross an unknown number of gateways.

The guy had help in finding out who it was who abused his service, by Richard Clayton, he writes in his blog about this: "on a typical day he'd receive 3.2 million bad packets (that's 37 a second!). "

Here he explains how he traced down who was behind, what he calls a DDoS attack: His blog

There are more details of the problem and how it was identified, written by Richard Clayton who found out where the traffic was coming from after Poul-Henning Kamp asked him for help.

> Does this mean that they are only illegal when you intend to hack something?

Or when you intend to pass them on to someone who intends to hack something.

However, part 1 of clause 35 might make it illegal to create tools that might be useful even if you don't intend them to be used in an attack.
http://www.lightbluetouchpaper.org/2006/02/10/secu rity-research-may-become-a-crime-in-the-uk/