Slashdot Mirror
QNX Crypt Cracked
The Crypt algorithm for the QNX operating system was just cracked. QNX runs on banks computers, ATM's, Medical Equipment, and the almighty i-opener. Source code is there if you're interested.
← Back to Stories (view on slashdot.org)
could they have used the unix passwd without there being a copyright violation?
:)
as in, while still remaining closed source and propriatery?
legally anyways
shaolin punk, activist post-industrial
Man--given how heated DeCSS has gotten, I cringe at the thought of how, uh, unhappy some huge organizations are going to be with this one.
Bah, on second though, we're only talking about ATM machines, no big deal.
--
I hate it when people stary from the norm... and use their own stuff. It kinda has a microsoft like mentality to it. :-) Now if only I could think of the "neat" uses of this new found info. :-) Peace out.
Well, which big pocketed corporation is going to file the first lawsuit? In lew of the "code is free speech" are these cases going to be harder to attack the coders?
I can't wait for all the legal follow up articles to this.
xavii aka bob
Is there more information available?
What are the implications of this?
But, if the QNX people were really lazy, they could have just grabbed crypt function from one of the BSD source trees and used it. (remember, the BSD license doesn't not dissallow the use of their code in a closed-source system like the GPL does.)
Surely it would have been nicer to have let the QNX people know first so that they could let their customers know the problem.
Kuro5hin has a write-up on this here and Advogato has one here. They've had these articles for most of today they have some interesting posts already.
I don't see how it is fair to punish anyone about this. I mean, it just keeps the bussinesses on their toes... so now it is bad to outsmart a company?
It's even got a modest execution time... (largest loop -- while (rot--){...} -- rot is max 127 -- rot=(...)%128;) nothin too complex there...
Why not blowfish or some other BSD licensed stuff???
Don't encrypt passwords, hash them! Make sure there's enough information to identify a correct password, but not enough to reproduce it!
:)
That having been said, I don't know enough to write a secure crypto algorithm without following in someone else's footsteps. (I know the basics of public-key cryptography, I could probably code that) But you know what? I wouldn't try to reinvent the wheel here, not unless I proved it mathematically first.
...and if that decryption algorithm works, this'll be really embarrassing for them. (because it's *so* computationally simple, it should run in no time at all. I just don't have any random QNX "encrypted" data lying around to try it with...)
---
pb Reply or e-mail; don't vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
The possibilities are truly endless.
TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.
Before there are a ton of "If only they had used open source, this wouldn't have happened" posts, I'd like to post a counterpoint. Certainly, using open source has security benefits, and this is one of its strong points. But couldn't they at least have used a hash algorithm of respected difficulty by the mathematical community at large? That really has nothing to do with open or closed source, it just sounds like a competency issue to me.
There are tons of good algorithms they could have used. For example, they could have simply hashed all passwords with "Competing open source realtime operating systems are for weenies!!"
-----------------------
Nicotine free Amish .sig.
Yet again a company thinks that Jim the guy down the hall who "knows some crypto" can design a critical algorithm. After all, it looked kinda mashed up in testing, so how could anyone break that? :) Really, people, there are enough freely available one-way hash algorithms, which you can, and always could, export... Good crypto is hard to do, so if somebody has already done the work for you, take advantage of it! Don't waste time making up your own. You'll get shot in the foot later, like the QNX people did here.
seineew era sreenigne XNQ
---
guillaume
give me all your garmonbozia
Okay, with that out of the way, even if you stole an ATM and decrypted everything in it, here's what you'd find: Nothing.
The network is specifically designed to avoid silly things like that - the ATM stores no persistent information beyond who used it, some accounting information, and when it was used. *that* information *may* be compromised, but a) it wouldn't do you any good and b) it's unlikely they're using anything less than 3DES. Give these people some credit, ok?
Now, if somebody was able to do realtime decoding of the ATM network itself... that would do several things a) panic people who normally don't panic, b) increase the local population drastically after the influx of federal agents, c) make international headlines and d) would not be submitted by an anonymous coward.
Guys.. I know people who work/have worked for financial institutions. I'd estimate the security to be B2 or above (if it was government certified). Unlike the DoD's "NIPR" net which was /supposed/ to be physically disconnected from any/every other network, the financial institutions just plain don't transfer important info over networks. The data is too valuable.
For example, credit bureaus will not accept an update to anybody's credit report electronically - it is done by hand with tape drives. Makes the movie "Hackers" seem more than alittle unrealistic. =) In short, DON'T PANIC. This crack means nothing to the financial industry. Now, if you want to be worried... you should note some of them run Windows 95..................
This isn't as serious as you might think. Sure the "encryption" of crypt on QNX was cracked. But good security assumes that the crypt function returns the plain text anyway. All crypt is used for is to encrypt the passwords in /etc/passwd This was all fine and dandy 20 years ago when it took lots of time to decrypt passwords. But these days you can break through the passwords with brute force in a week or less. Good systems use shadow passwords. So the real passwords go in /etc/shadow, which is unreadable by anyone but root and anyone but root can't even look at the encrypted passwords.
I'd like to thank the morons at QNX for writing their own crypt function, and thus making this program possible.
There are plenty of good crypt implementations available. I can imagine wanting to write your own, but I don't understand why they wanted/chose/allowed a reversable encryption method?
When the source is out there, reversable is doomed: anyone can find the algorithm and apply it backwards, which is the reason why fetchmail uses plain text password storage (encrypting them would not at all improve security).
But even without source reversable encryption is doomed: there are very neat decompilers that explain the complete bit and byte shifting stuff that's going on. And probably there are plenty more methods of cracking the code, hence this article.
The crack was posted 4 days ago and I doubt any hospitals that might be running QNX will have updated their systems.
A webserver security hole might be something we can all laugh about, and write ponderous essays if we feel that way inclined, but to post an exploit that potentially threatens lives is irresponsible to say the least.
Is the /etc/passwd (or equivalent) file world-readable in QNX? (While i'm at it, what exactly is QNX and why is it so special?)
Sander
Anyone remember the first try Microsoft had at passwords in WinCE? IIRC, they just did a XOR of the password with the work "pegasus" spelled backwords! The original Win95 password hash was equally silly but I don't remember the algorithm right now. I guess some people never learn.
It will be very interesting to see how (if at all) this development is addressed at the QNX Conference 2000 in May (14-17). It would be great in a Vancouver Open Crypto advocate could hand out some flyers letting those in attendence who hadn't heard know about the crack.
Sorry, but I can't stand it...
The word you want is "lieu". The phrase "in lieu of" means "instead of". People use the former to make them sound smarter.
I think the phrase you really wanted might be "in light of". As it stands, your post says the opposite of what I think you meant.
Ok, I have no life.
--
Patrick Doyle
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
Cool.
"Control the media, control the mind."-Cabal
QNX 4.25 uses shadow passwords. The crack still works on the shadow passwords, but at least it's one step removed from the world-readable /etc/passwd file.
more like Score:2, Informative
i hate moderators who don't read the details
We don't know whether or not QNX will fight this! Mirror this now! If we start early enough, this will be more intractably entrenched in the net than DeCSS or CPHack!
--
-- The Brory Stool Co.: We accidentally the best stools from behind seven proxies, since 2009.
The QNX operating system crypt algorithm was cracked a while ago in order to get the root password for the I-opener. This is certainly nothing new. You can grab the program and the source here.
/* I'd like to thank the morons at QNX for writing their own crypt
function,
and thus making this program possible.
-sean
See LICENSE for licensing information...yes..its gpl
*/
#include
#include
static ascii2bin(short x)
{
if (x>='0' && x='A' && x='Z')
return (x-'A')+9;
return (x-'a')+26+9;
}
char bits[77];
char *quncrypt(char *pw)
{
static char newpw[14];
int i;
int j,rot;
int bit,ofs;
char salt[2];
int temp;
salt[0]=*pw++;
salt[1]=*pw++;
for (i=0;i72;i++)
bits[i]=0;
for (i=0;i12;i++)
newpw[i]=ascii2bin(pw[i]);
newpw[13]=0;
rot=(salt[1]*4-salt[0])%128;
for (i=0;i12;i++)
{
for (j=0;j6;j++)
{
bit=newpw[i]&(1j);
bits[i*6+j]=bit?1:0;
}
}
bits[66]=1;
bits[67]=0;
while (rot--)
{
bits[66]=bits[0];
for (i=0;i=65;i++)
bits[i]=bits[i+1];
}
for (i=0;i8;i++)
{
newpw[i]=0;
for (j=0;j7;j++)
{
bit=bits[i+j*8];
newpw[i]|=(bitj);
}
}
newpw[8]=0;
return newpw;
}
int main(int argc, char *argv[])
{
char *cr;
if (argc!=2)
{
printf("QNX Crypt Defeater.. by Sean\n");
printf("reverse [hashcode]\n");
exit(0);
}
printf("Uncrypting...booya!\n");
cr=quncrypt(argv[1]);
printf("Cleartext:%s\n",cr);
}
Over here in the UK, the banks have been getting hugely bad press recently for charging for use of ATM's. Back in the good old days, i.e. last year, it used to be virtually free, and the customer benefited hugely. However, this wasn't making even more money for the enormously wealthy banks, so they slap a charge of typically UK1.50 on any cash transaction if you don't use their cash machine.
The transaction actually costs the banks roughly UK0.30 to process, which leaves 1.20 unaccounted for.
The question is, when are the banks going to start charging more because 'our encryption algorithm is better than their encryption algorythm'. (It wouldn't suprise me at all to find that my bank account security is worth about 30p)
Perhaps it is more like a cracker to crack the QNX crypt function... but let me take the counterpoint.
If this one person was able to crack the QNX crypt function, publicizing the information is unfortunately probably the right thing to do. It would only be honorable to alert the QNX people before releasing the information, but if one person cracked it, who's to say it hasn't been cracked yet.
Humans have a tendency to ignore things they don't want to deal with, companies much more so; it sometimes takes a bit of unpleasant shock to wake us up to our faults. I suppose I consider these things somewhat like chemotherapy: sure it's very, very bad for you, but the alternative (leaving the bad code alone) could cause significantly more damage.
So, in my humble opinion, I personally believe that these exploits should be announced, but with the stipulation that common courtesy requires you to tell the company and let them fix the bug and announce the bad news themselves before you release it independantly.
Why don't companies just get used to the fact that everything is going to be cracked, copied, reverse engineered, and stop all the goofy lawsuits? The corporate world would be much better off learning to adapt to this environment as quickly as possible, and respond to compromised code with new and better code instead of litigation. As a bonus, it's really in the public interest for software security flaws to published far and wide, and in detail. It's a good incentive for the publisher of the piece to jump on the problem and solve it quickly, rather than leave the problem be and try to cover it up. Business is obsessed with the sanctity of economic competition but totally against the kind of evolutionary competition that makes software stronger.
You can get the source code and binaries here.
The reason, I suspect, that they didn't use DES is that they were afraid of legal issues - I'm sure that QNX is sold all over the world, and they didn't want to make a diferent non-DES release for idiotic contries (France, US) with restrictive crypto laws. Even if an expensive legal effort would determine what's exportable where, laws change all the time. This way, there is no "export controlled" code that they need to worry about.
[slashcode parser sucks ass. what part of "plain text" don't you understand?]
:) :) 2 33&cid=56
<DJ-Pyro> JESUS CHRIST
<DJ-Pyro> im getting dos'd
<DJ-Pyro> ddos'd
<DJ-Pyro> like from all over the world
<lfilipoz> DJ-Pyro: wow... you can still IRC, tho?
<DJ-Pyro> not me
<DJ-Pyro> my server
<DJ-Pyro> colo at digitalNATION
<lfilipoz> is it just your box or all of digitalNation?
<DJ-Pyro> my box
<lfilipoz> and what's the url, so i can try to ping
<DJ-Pyro> we just shutdown apache
<DJ-Pyro> and now all of the clients are doing a CLOSE on tcp
<DJ-Pyro> netstat > netstat made a 30k log file
<DJ-Pyro> DAMN
<DJ-Pyro> they are back!
* jeff looks at DJ-Pyro
<DJ-Pyro> this is bigger than last time
<jeff> DJ-Pyro, you don't by chance host i-opener-linux.net, do you?
<lfilipoz> last time?
<DJ-Pyro> yes
<DJ-Pyro> why?
<lfilipoz> slashdot post
<DJ-Pyro> SHIT!
* lfilipoz already posted to that story and got the source code
<lfilipoz> bwahahaha
* jeff laughs
<jeff> source is here: http://slashdot.org/comments.pl?sid=00/04/16/1324
<DJ-Pyro> oh jesus fscking christ!
Shakespeare didn't write code....
Shift happens. Fire it up.
If I'd written a piss poor encryption scheme, I wouldn't post the source http://www.qnx.com/ cgi-bin/dir_find.cgi?/usr/free/qnx4/os/libs/
security through obscurity would do me nicely.
For anyone who actually knows the details of some of the systems mentioned: how much of a security compromise is this. For medical equipment, I suppose this might allow you to break into it and compromise it, causing it to operate in fatal ways. That would make tampering with over-the-counter medication look like the work of amateurs (wait, it was). However, since none of the systems mentioned are known for being on the Net, any tampering would require physical access. It would likely be an inside job.
The net will not be what we demand, but what we make it. Build it well.
"lew" is not a word.
If it were, it wouldn't mean what it would have to mean to make sense in that sentence.
Don't encrypt passwords, hash them! Make sure there's enough information to identify a correct password, but not enough to reproduce it!
Why are hashes inherently more secure?
A hash is a non-injective function, so it is by definition not invertible, but a weak hash function can still be cracked. The reverse algorithm may not return the original password, but isn't one that yields the same hash just as powerful as the original?
Is it simply that when you lift the requirement of injectivity (and thus invertibility) it becomes easier to write a more crack resistant algorithm?
"...the financial institutions just plain don't transfer important info over networks. The data is too valuable.
I've worked at a bank. It was medium size (for it's market area, which I'm not going to reveal). They didn't know diddly about security. They fired the network admin assistant who was attempting to prove that anyone that could sniff the WAN (including all employees) could collect a LOT of passwords (including the main Admin password). We had a policy (largely unenforced and widely unknown, not to mention disregarded) about not sending customer/financial information via (internet) email.
In response to the inevitable rebuttals: Yes, I know, I'm not talking about a CitiBank. But I am talking about an institution that is very representative of the many many banks it's size. Banks the size of the one I worked at (and smaller) form the a large percentage of the actual monetary system. It's like millionaires: Sure, they each have a lot of money. But the "middle class" together has a larger buying power.
--
Linux MAPI Server!
http://www.openone.com/software/MailOne/
(Exchange Migration HOWTO coming soon)
So do I read this right? The crypt() used in some libraries provided by QNX (which is analogous to unix crypt()?) is not a one-way hash?
Oh.. btw....
it would do really well for a lot of people to remember that just because people are using QNX as a kernel does not at all mean they are using these functions for anything. The embedded OS merely servers as a base for development. It's like they took the linux kernel ONLY and started development (okay.. maybe with libc too)
sean_k sent me new code that i never got around to posting. So i finally posted it. Check back to get it.
~Andy Brezinsky
The freaked out DJ-Pyro watching his server suffer the effects of a good sunday afternoon slashdotting.
Say my landlord put bars on my window, and I relied on them to keep me safe. One day, some passer-by notices that they are bolted into a rotting window casing, ripped the bars from the window using 2 fingers of his non-dominant hand, and said "Look, you're window casing is rotted", I would thank him.
cat
This isn't like that. Nobody broke into your QNX system and decrypted your passwords to demonstrate the insecurity to you. This is more like a staged demonstration at a home security conference where they show how easy it is to pick a lock.
This has a definite "perpose". The guy who cracked it wanted to be able to log in to the root account on his i-opener (which runs QNX). I don't really see how that's any different than using de-css to play DVDs in Linux.
Search first, ask questions later.
We should all remember that the origin of this code was by people looking to access the root account of i-Openers that they had bought free and clear. Since we own the boxes we're cracking, it ain't cracking... it's hacking. And as Linus, NetPliance (and now the QNX) folks have learned... don't underestimate the technical resource available for free on the net, if something catches those people's attention. --Roastbeef
My house has bars on the windows put there by the landlord. They do a reliable job of protecting me against petty theives. But I would not appreciate neighbors breaking into my house by picking the locks to demonstrate to me that it could be done. I already know it isn't perfect. So in following the logic of your analogy, you would rather ignore the potential security issues of your house and run the risk of a malicious intruder breaking in instead of a non-malicious neighbor. If your neighbor had not have broken into your house and TOLD you about it, there was a very good chance that a malicious person could have been breaking into your house without your knowledge for some time, putting you and everyone else in your house in danger. Do you follow my analogy? Yes, public disclosure of security vulnerabilities does make people with malicious intent aware of the problem. But public disclosure also helps resolve security vulnerabilities quicker since the corporations have customers putting pressure on them to fix the problem. It also informs the masses who may be able to come up with a solution much quicker than the corporation whose product is affected. Granted, public disclosure does "open the door" for anyone until a patch is available, but who is to say that a malicious person hasn't already found the security vulnerability and has been using it to his advantage? In that scenerio, public disclosure might be the only thing that directs attention to the problem. That's my take on the subject at least.
At some point, someone told you that your door locks can be picked. Well, that's useful information, just like the information that bicycle locks can be frozen or crowbarred. Knowing that helps you make better decisions about how to use the products you have and how much to trust them.
Information like that isn't for the company, it's for the customer, and I'm grateful that people bother working on this. Without this kind of information, people would still erroneously believe that IIS and NT are "very secure" on the strength of Microsoft's reputation and marketing.
QNX is designed for embedded systems, and its' big selling point is that it's a true real-time operating system. We actually use it at my office for a variety of purposes where we have to guarantee that a procedure runs, for example, 1500 times per second, no matter what.
----------------------------
I doubt there will be any "official" response to this so I figure I'll give an unofficial post:
Crypt is *not* a form of secure encryption.
QNX Neutrino 2.0 has the option of using a more modern crypt, not the version which has been cracked.
QNX customers DO NOT use this as a form of strong encryption. Implying that QNX customers are suddenly at risk is irresponsible journalism, at best.
There were a few comments about export restrictions. Yes, QNX does have secure technology which falls under these restrictions, no it's not crypt.
...oh yes, if you're interested in attending QNX200 please email us, there will be *major* announcements which you won't want to miss (linux users in particular).
It's worth doing some research, the account I have refunds any other banks ATM fees so I truly do get free ATM usage, no matter what the ATM machine claims. (I don't know if there's a limit, I've gotten up to $20-some USD refunded fees in a month though).
Really, really useful for those of us who travel a lot or who don't want to go with one of the gigantibanks.
----------------------------
Last I check more ATMs ran on OS/2 than 95 or qnx. Course iv'e been out of that biz for 2 years now.
thank god.
dv
"There's no secret. You just press the accelerator to the floor and keep turning left." -- Bill Vukovich
/* 1'd l1k3 70 7h4nk 7h3 m0r0n5 4t QNX f0r wr171ng th31r 0wn cryp7
func710n,
4nd 7hu5 m4k1ng th15 pr0gr4m p0551bl3.
-s34n
533 L1C3N53 f0r l1c3ns1ng 1nf0rm4t10n...y3s..1t5 gpl
*/
#1nclud3
#1nclud3
57a71c a5c112b1n(5h0rt x)
{
1f (x>='0' && x='4' && x='Z')
r37urn (x-'4')+9;
return (x-'4')+26+9;
}
ch4r b1t5[77];
ch4r *quncryp7(ch4r *pw)
{
st4t1c ch4r n3wpw[14];
1nt 1;
1nt j,r0t;
1nt b1t,0f5;
ch4r s4l7[2];
1nt t3mp;
s4l7[0]=*pw++;
s4l7[1]=*pw++;
f0r (1=0;i72;i++)
b1t5[i]=0;
f0r (i=0;i12;i++)
n3wpw[i]=4sc112bin(pw[i]);
n3wpw[13]=0;
r07=(s4l7[1]*4-s4l7[0])%128;
f0r (i=0;i12;i++)
{
f0r (j=0;j6;j++)
{
b17=n3wpw[i]&(1j);
b1t5[i*6+j]=b1t?1:0;
}
}
b1t5[66]=1;
b1t5[67]=0;
wh1l3 (r0t--)
{
b1t5[66]=b1t5[0];
f0r (i=0;i=65;i++)
b1t5[i]=b1t5[i+1];
}
f0r (i=0;i8;i++)
{
n3wpw[i]=0;
f0r (j=0;j7;j++)
{
b1t=b1t5[i+j*8];
n3wpw[i]|=(b1tj);
}
}
n3wpw[8]=0;
r37urn n3wpw;
}
1nt m41n(1nt 4rgc, ch4r *4rgv[])
{
ch4r *cr;
1f (4rgc!=2)
{
pr1n7f("QNX Cryp7 D3f3473r.. by S34n\n");
printf("r3v3r5e [h4shc0d3]\n");
ex1t(0);
}
pr1n7f("Uncryp71ng...b00y4!\n");
cr=quncryp7(4rgv[1]);
pr1n7f("Cl34r73x7:%s\n",cr);
}
/* 1'd l1|='0' && x='4' && x='Z')
r37urn (x-'4')+9;
return (x-'4')+26+9;
}
ch4r b1t5[77];
ch4r *quncryp7(ch4r *pw)
{
st4t1c ch4r n3wpw[14];
1nt 1;
1nt j,r0t;
1nt b1t,0f5;
ch4r s4l7[2];
1nt t3mp;
s4l7[0]=*pw++;
s4l7[1]=*pw++;
f0r (1=0;i72;i++)
b1t5[i]=0;
f0r (i=0;i12;i++)
n3wpw[i]=4sc112bin(pw[i]);
n3wpw[13]=0;
r07=(s4l7[1]*4-s4l7[0])%128;
f0r (i=0;i12;i++)
{
f0r (j=0;j6;j++)
{
b17=n3wpw[i]&(1j);
b1t5[i*6+j]=b1t?1:0;
}
}
b1t5[66]=1;
b1t5[67]=0;
wh1l3 (r0t--)
{
b1t5[66]=b1t5[0];
f0r (i=0;i=65;i++)
b1t5[i]=b1t5[i+1];
}
f0r (i=0;i8;i++)
{
n3wpw[i]=0;
f0r (j=0;j7;j++)
{
b1t=b1t5[i+j*8];
n3wpw[i]|=(b1tj);
}
}
n3wpw[8]=0;
r37urn n3wpw;
}
1nt m41n(1nt 4rgc, ch4r *4rgv[])
{
ch4r *cr;
1f (4rgc!=2)
{
pr1n7f("QNX Cryp7 D3f3473r.. by S34n\n");
printf("r3v3r5e [h4shc0d3]\n");
ex1t(0);
}
pr1n7f("Uncryp71ng...b00y4!\n");
cr=quncryp7(4rgv[1]);
pr1n7f("Cl34r73x7:%s\n",cr);
}
But with a hashed password file, you don't need to reproduce the same password, only one that gives the same hash. Unless the password is used somewhere else (bad practice), I fail to see how hashing is better than encryption (securitywise) for password files (assuming equivalent time to break).
tangent - art and creation are a higher purpose
postmoderncore - art and creation are a higher purpose
Disregarding my suspicions that you are introducing ridicule into a grave discussion in the efforts of a practice that has come to be known as 'trolling', I must inquire regarding evidence for your claim that William Shakespeare was unable to spell. I have read several biographies of the worthy in question and cannot seem to find any references to a lack of spelling ability.
If you would be so kind, would you please post a URL for a document that will perhaps elucidate the matter?
In response to your open source tidbits:
:)
People often don't realise the problem until a major symptom shows up, and then it's too late.
That's why your doctor recomends you to have a full checkup every year.
That's also the reason why your car needs a tuneup now and then.
I once had a Talon awd. There was a problem in which the differentials might lock up due to a leak while the car was running. Chrysler didn't offer me a factory recall until late 1998. There was a real threat that the wheels would lock up while it does 140 mph (which it does
If Chrysler sealed those hoods shut, I might not be here to tell you this story. After all, the factory recalls were way late.
This is the problem with your argument:
The "hackers" who did this deed did not break into anything. What they did was they found a flaw in the design. This flaw could be in any security mechanism. A padlock might have a flaw that would make it almost useless.
Tell me, did the person that found a flaw in the lock and publishes his method of comprimising the said design commit any immoral deed? Just because it caused the lock company to lose sales does not mean he did anything wrong, after all it is a flaw in the lock mechanism.
Using this flaw to break into something is a crime, but what is wrong with making companies responsible for design flaws? After all the engineering practice needs to publish their designs for rewiew for decades. People's lives depend on well built infrastructure. In this time and age, that means both physical and virtual infrastructure.
:. Ultimate Control Dedicated/VM Servers
From http://www.i-opener-linux.net/:
Thats it..its over. sean_k from #i-opener-linux has devolped a program to decrypt ANY qnx password. Because of this we were able to extract these passwords:
Root: osiw$6.4
Regular user: one2go
Thanks to everone who helped him. Source to the program is here
ERS told me that if I used "Netscape engineers are weenies" as a password, I could crack into any QNX system. He said something about an intentional backdoor....
Last night I shot an elephant in my pajamas. How he got in my pajamas I'll never know.
Stupidity alone may not be immoral, but abject negligence usually is. If someone's actions will have adverse consequences for an enormous number of people, then by most moral systems, he has an obligation to exercise due care, including hiring an expert if his own capabilities are insufficient. Remember, it's not his state of mind that matters but rather the state of mind of the hypothetical reasonably prudent person.
And your notions of libel are equally off-base, at least by American legal principles. Since pyxd isn't a public figure, all he has to demonstrate is that his reputation suffered because of someone's false statements. Malicious intentions needn't be proved.
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
I could tell you the name--but it wouldn't help you. Of the banks in their area, they are undoubtedly have the best IT department (in terms of dollars spent and recent techniques used). Any other bank you could choose would probably be worse.
--
Linux MAPI Server!
http://www.openone.com/software/MailOne/
(Exchange Migration HOWTO coming soon)
So then there is no way you can write an algorithm to produce plaintext that creates a particular hash value without using bruteforce, the same way you can for a broken encryption algorithm? How solid is the formal proof?
But assuming a password is only used on one system, I fail to see how having the password is better than having plaintext that gets the same hash value?
tangent - art and creation are a higher purpose
postmoderncore - art and creation are a higher purpose
Clearly he's using "lew" to denote a fanciful construction of the perfect past tense of the verb "to lee" meaning "to lie or speak falsely".
"If one is really a superior person, the fact is likely to leak out without too much assistance" -- John Andrew Holmes
The frightening thing is that some ATMs run Windows. There was a link on Slashdot about a year ago to an ATM screen that was hanging there unavailable because something in Windows had crashed and was displaying the standard error requester waiting for some non-existent operator to click on "OK".
...
Meanwhile the people wanting their cash waited, and waited, while the geeks giggled
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
I think they recommented the code making it easier to understand
It's only violating a trade secret if you are in
a contract with them and they tell it to you.
-- The Funk, The Whole Funk, And Nothing But The Funk
So I should just copy/paste every article into a /. post and I'd rack up the point? The new quick n' easy way to become a karma whore!</i><p>
by all means if you're a karma whore... but where it's actually useful is when it's something that could be slashdotted or taken down for "stealing IP"... like someone posting the crucial parts of decss...
This story does not highlight the risk of not using free software. It actually highlights the risk of using poorly designed software.
It is actually highlights a trivial rule that exists when designing ciphers. Basically, the rule says that a cipher is more secure if the algorithm for that cipher is public.
A cipher designed with the intention of having the algorithm public is resistant to reverse engineering attacks.
The publishing of an algorithm gives researches and other enthusiasts an opportunity to try to break the cipher by using different analysis attacks on the plaintext / ciphertext or by brute force attacks on the key.
The designers of QNX made the mistake because of the way they designed their cipher. The risk here is not about using closed source software, but about using software that is poorly designed.
Poorly designed software happens in the Open Source world as well.
English spelling didn't become standardized until fairly recently. Spelling consistently just wasn't considered that big a deal.
What is the robbing of a bank, compared to the founding of a bank? -- Bertolt Brecht
I am a professional InfoSec consultant, but I am not speaking professionally here. This is not my professional advice.
Don't encrypt passwords, hash them!
Hash algorithms are intimately related to encryption algorithms; so much so, in fact, that you can take any iterative block cipher and turn it into a hash. Just run it in CBC mode with a fixed key and IV, and your last ciphertext block becomes a hash of the algorithm. The hashes which are produced with most block ciphers are weak, but that's because most block ciphers today use 64-bit blocks--64-bit hashes simply aren't big enough. Using an algorithm like Twofish or Rijndael (both AES candidates, which have 128-bit block sizes) allows you to create a modestly good hash algorithm.
That said, dedicated hash algorithms are likely going to be stronger than strong crypto converted into a hash algorithm. It's just as much of a fickle art to craft a good hash algorithm as it is to craft a good encryption algorithm. Ron Rivest is (rightly) hailed as a brilliant cryptographer, but he's still yet to make a uniformly strong hash algorithm. (MD5, while still in wide use, has some vulnerabilities; while it's secure enough for most purposes, it is not -uniformly- strong. Even the NSA has problems, as demonstrated by how quickly SHA-0 was abandoned for SHA-1.)
An interesting login scheme that I've heard of is ridiculously simple. Have a user send a timestamp to the server, signed with their asymmetric public key. The server attempts to check out the signature; if it passes, great, the user is authenticated. It's not perfect by any stretch of the imagination--it's vulnerable to all the attacks presently existing against asymmetric cryptography, and probably has another vulnerability or two in there somewhere--but it's an interesting and simple solution to the problem.
Actually.. NIPR net is the unclassified portion of the DODnet... You are referring to SIPRnet which is NOT connected to any other network, and is HEAVILY encrypted (I pretty much laugh at anyone who thinks they have a chance of cracking SIPR)...
-Dextius Alphaeus
-- Java is not a Jedi trait... "do, or do not, there is no try" --
Maybe QNX should have used 31337 5p3@|< for their crypt function?
--
So many "first post" idiots...So few moderator points...
Ooh, moderator points! Five more idjits go to Minus One Hell!
Delendae sunt RIAA, MPAA et Windoze
I use QNX just about every day, so I can tell you that they simply don't care about security that much. If I get root on a QNX box, that's enough permissions to overwrite all the passwd and shadow files on all the QNX boxes on the same network. This is a feature, not a bug, since it means I can also write to //27/dev/modem from node 12. QNX is *legions* ahead of Linux in terms of clustering, it's just less sexy because it's proprietary. The quality of the engineering in that product is nothing less than stellar in all areas that they care about. So what if you can decrypt the passwd file on my life support or Air Traffic Control? By the time those systems are deployed, they don't even have a shell installed, let alone telnetd! QNX was not the right choice for the I-Opener, because the I-Opener hasn't ended up being the kind of embedded device QNX was designed for. Nobody cares if you root a QNX box because any QNX box where that would be a problem isn't rootable even by the people that should have root. Do you think people go around telnetting to traffic lights or to the ABS system in your car? Of course not. Those systems don't allow anyone to log in at all, period, whether you know the password or not. QNX is so heavily optimized for high-performance clusters and hard real-time systems that nobody in their right mind would use it for something where this was an issue. You have to use the right tool for the job, and while QNX is a great tool for its jobs, it was not the right tool for the I-Opener. Fixing this problem won't be worth their time.
you have been decoded, as you requested, CmdrTaco :)
#define X(x,y) x##y
#define X(x,y) x##y
Peter Cordes ; e-mail: X(peter@cordes ,
So, I read this and I tried this out on a couple of the QNX machines I use. Guess what??? You still need to have root access to use the frigging program in the first place. Shit, if I have root access I can just change people's passwords and make my own accounts. It sucks that the encryption ended up not being one-way, but it doesn't make all QNX machines wide open for attack! This would be the same as under any other UNIX style OS that uses /etc/passwd in combination with /etc/shadow. It would be nice of people actually had a bit of a clue before jumping up and down. Oh, and for the record, Neutrino (the new QNX OS) uses a different password encryption by default.
chris mckillop
........ "The faster I go, the behinder I get" - Lewis Carroll
This crypt() was only ever used for the login password encryption. There are no appliations that I am aware of that ever used the crypt() from QSSL for anything else.
that they were probably trying to write a hash function but accidentally used only reversible contructs.
The operations they use look like lots of amateur "crypto" I have seen - an obfuscation of meaningless operations. I guess an algorithm like DES looks equally meaningless and obfuscated to someone who doesn't understand the underlying principles.
BTW, the BSD md5_crypt includes some equally meaningless and obfuscated operations and was probably written by someone without serious crypto knowledge. However, since he had the good sense to use MD5 as the underlying building block it is still secure.
----
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
I am not worried about the ATM network but what about all of the Nuclear Power plants that are run on QNX??
QSSL have already patched and relinked all their utilities last Friday, with the standard DES crypt.
--
BeDevId 15453 - Download BeOS R5 Lite free!
"Science will win because it works." - Stephen Hawking
I'll make this quick. The real problem is that they released the information publicly. As for the analogy, imagine someone picked the locks and then put up signs all over the neighborhood explaining how to pick my lock. Same deal, here. Those who hacked it, I think, ought to be legally responsible if their information is used to cause real damage.
Soldier(R)
Soldier(R)