Controversial Security Paper Nixed From Black Hat

← Back to Stories (view on slashdot.org)

Controversial Security Paper Nixed From Black Hat

Posted by Zonk on Friday June 29, 2007 @02:21AM from the keep-it-under-your-hat dept.

coondoggie writes us with a link to the Network World site, as he tends to do. Today he offers an article discussing the cancellation of a presentation which would have undermined chip-based security on PCs. Scheduled during the Black Hat USA 2007 event, the event's briefing promised to break the Trusted Computing Group's module, as well as Vista's Bitlocker. Live demos were to be included. The presenters pulled the event, and have no interest in discussing the subject any more. "[Presenters Nitin and Vipin Kumar's] promised exploit would be a chink in the armor of hardware-based system integrity that [trusted platform module] (TPM) is designed to ensure. TPM is also a key component of Trusted Computing Group's architecture for network access control (NAC). TPM would create a unique value or hash of all the steps of a computer's boot sequence that would represent the particular state of that machine, according to Steve Hanna, co-chair of TCG's NAC effort."

35 of 144 comments (clear)

Min score:

Reason:

Sort:

Reason for pull? by gravos · 2007-06-29 02:23 · Score: 4, Interesting

So, did they pull because they had a problem with the demos at the last minute, or is there a more sinister conspiracy-type explanation for this retraction?

--
This game will waste your life. Don't clicky!
1. Re:Reason for pull? by Baron_Yam · 2007-06-29 02:28 · Score: 4, Interesting
  
  I would definitely be very interested to find out if it is a case of the presenters discovering they hadn't really done what they claimed, or if they folded under threat of litigation.
  
  This is interesting enough geek news that I expect some tech journalist somewhere will follow up on it.
2. Re:Reason for pull? by j0nkatz · 2007-06-29 02:38 · Score: 5, Funny
  
  Who cares???
  
  It's iPhone Day!!!
  
  --
  Don't mod me, bro'!!!!
3. Re:Reason for pull? by PoliTech · 2007-06-29 03:13 · Score: 4, Insightful
  
  As for why they cancelled the presentation, last year Cisco sued Black Hat conference organizers after a security researcher demonstrated a method for running unauthorized code on a Cisco router. That, or there was a deal made.
  My question is why would anyone place their information security "Trust" in MS BitLocker, or Indochinese hardware (TPM chips) that likely already contain built in backdoors for John Law, and corporate drones?
  Open Source Full disk encryption is fast and free, open source Firewalls and process restricting software are available for those who just can't resist getting infected with the latest malware. Most Open Source security software developers are likely NOT under the control of Big Brother in any form, be it corporate drones or big government fascists.
  So while I'm a little disappointed that the Back Hatters decided to forgo the presentation of cracking TPM, since it was never trustworthy or secure to start with, and since anyone serious about security would never use such a faux security scheme at the outset, cracking TPM and "Trusted Computing" was only a curiosity anyway.
  The "Trusted Computing Initiative" is simply a way to provide vendors "Plausible Deniability" and to limit liability for allowing exposed data, nothing more.
4. Re:Reason for pull? by WED+Fan · 2007-06-29 03:46 · Score: 4, Insightful
  
  Or, perhaps, like in science, they discovered a flaw in their own methodology that rendered the presentation pointless. It does happen. How many times has someone yelled eureka, only to have some genius say, "Uh, Bob, you still have the machine plugged into the grid, it's not under its own power"?
  
  --
  Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
5. Re:Reason for pull? by computational+super · 2007-06-29 03:53 · Score: 4, Insightful
  
  As for why they cancelled the presentation, last year Cisco sued Black Hat conference organizers after a security researcher demonstrated a method for running unauthorized code on a Cisco router.
  And still there are people, even here on Slashdot, who insist that anonymous speech is not a precondition for free speech.
  
  --
  Proud neuron in the Slashdot hivemind since 2002.
6. Re:Reason for pull? by Blue+Stone · 2007-06-29 04:24 · Score: 2, Insightful
  
  >"Or, perhaps, like in science, they discovered a flaw in their own methodology that rendered the presentation pointless. It does happen
  Then why did they not just say that?
  
  --
  Corporation, n. An ingenious device for obtaining individual profit without individual responsibility. - Ambrose Bierce
7. Re:Reason for pull? by luckysam · 2007-06-29 05:42 · Score: 2, Informative
  
  There is no conspriracy... The presenters' visa to enter USA has been under FBI name check for over a year ...
How could a presentation "undermine" security? by benhocking · 2007-06-29 02:28 · Score: 5, Insightful

If the chip is secure, then no mere presentation can undermine its security. If it's not secure, then there's no security to undermine. Don't shoot the messenger.

--
Ben Hocking
Need a professional organizer?
1. Re:How could a presentation "undermine" security? by AP2k · 2007-06-29 02:37 · Score: 4, Funny
  
  ...Or kick him down a well.
2. Re:How could a presentation "undermine" security? by eviloverlordx · 2007-06-29 02:39 · Score: 2, Insightful
  
  If the chip is secure, then no mere presentation can undermine its security. If it's not secure, then there's no security to undermine. Don't shoot the messenger.
  
  Agreed. Another possibility is that one of them discovered a flaw with their method. Eleventh-hour bugs right before demos are the most evil ones of all.
  
  --
  'Loose' is when your pants are three sizes too big. 'Lose' is when you misuse 'loose'.
3. Re:How could a presentation "undermine" security? by BunnyClaws · 2007-06-29 02:52 · Score: 4, Insightful
  
  Agreed. Another possibility is that one of them discovered a flaw with their method. Eleventh-hour bugs right before demos are the most evil ones of all.
  
  Ding! Ding! Ding! This more than likely is the case. What is more likely to happen? These guys getting silenced and quietly removing their presentation or these guys figuring out they were wrong and quietly removing their presentation. If there was a threat from the company there would have been a leak about the reason for pulling the plug on the presentation. More than likely the presenter discovered a flaw and quietly pulled the plug.
  
  --
  "Anything tastes good if you deep fry it."
4. Re:How could a presentation "undermine" security? by TheSHAD0W · 2007-06-29 03:19 · Score: 2, Interesting
  
  "The demonstration would include a few live demonstrations. For example, one demonstration will show how to login and access data on a Windows Vista System (which has TPM + BitLocker enabled)," the abstract said.
  
  If they were able to do that, most likely they had what they said they had. I'm betting they were threatened with a lawsuit or a criminal complaint.
5. Re:How could a presentation "undermine" security? by _Sprocket_ · 2007-06-29 03:56 · Score: 3, Informative
  
  What is more likely to happen? These guys getting silenced and quietly removing their presentation or these guys figuring out they were wrong and quietly removing their presentation.
  
  While I definitely agree that its very plausible the researchers simply discovered that they goofed, I would also note that there is historical precedent for other motivations.
6. Re:How could a presentation "undermine" security? by geekoid · 2007-06-29 04:10 · Score: 2, Interesting
  
  YOu would need to put 3 more zeros on that to shut me up, minimum.
  Because when it gets found out, I would not be trusted in the future.
  
  --
  The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
7. Re:How could a presentation "undermine" security? by Overzeetop · 2007-06-29 04:43 · Score: 4, Insightful
  
  How about -$100,000 and possible jail time? Not an unusual price for a criminal investigation, say, for a DMCA violation. These guys really do play hardball, and if you're lawyer agrees with their lawyers, you'd have to have quite a set to go to a public forum where the authorities are waiting for you to finish your talk so they can take you downtown, along with your presentation as proof to turn over to the DA.
  
  Not saying it's right...but there are both carrots and sticks, and I have no doubt they are both used.
  
  --
  Is it just my observation, or are there way too many stupid people in the world?
8. Re:How could a presentation "undermine" security? by Spy+der+Mann · 2007-06-29 05:21 · Score: 2, Funny
  
  ...Or kick him down a well.
  
  Where's Lassie when you need her?
Interesting meta-commentary by WalterGR · 2007-06-29 02:29 · Score: 5, Interesting

coondoggie writes us with a link to the Network World site, as he tends to do.

(emphasis mine.) Interesting. First time for such meta-commentary by a slashdot editor? I don't think we ever saw the same for one of Roland Piquepaille's many submissions...

--
The Online Slang Dictionary
Now crackers will have an advantage... by denis-The-menace · 2007-06-29 02:29 · Score: 4, Insightful

Now crackers will have an advantage and the rest of us will be blind-sided.

I don't like the whole [trusted platform module] (TPM) because we consumers are are not trusted in the whole scheme.

But for the few us techies that get this P.O.S. "security" system foisted upon them by their clueless/soldout management, wouldn't be nice to be able to explain why the hacker(s) got through the night before?

--
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
Conspiracy shmiracy by packetmon · 2007-06-29 02:34 · Score: 4, Insightful

Yanked why? ... Maybe because security experts have already exposed *stolen/old/re-hashed concepts* and they didn't want to be embarrassed...

--
Infiltrated dot Net
Probably realized... by MMC+Monster · 2007-06-29 02:34 · Score: 2, Insightful

...that there is more money just selling the presentation to the highest bidder. Then present it a year later.

Correct me if I am wrong, but if someone adds something like this to a remote execution virus, they can install a virtual machine underneath Windows (any version) and have access to all data, including encrypted volumes?

Nah... I'm just paranoid.

--
Help! I'm a slashdot refugee.
1. Re:Probably realized... by I)_MaLaClYpSe_(I · 2007-06-29 03:11 · Score: 2, Interesting
  
  This can be done with VBootkit as well. Let's resurrect the BIOS viruses. Note that Nitin and Vipin Kumar are the authors of VBootkit and it was covered previously on Slahdot here: VBootkit Bypasses Vista's Code Signing.
So really... by Seraphim_72 · 2007-06-29 02:37 · Score: 4, Funny

...more of a dark gray hat then.

--
Slashdot, where armchair scientists get shouted down and armchair theologians get modded up.
Give it time by gen0c1de · 2007-06-29 02:37 · Score: 2, Insightful

Maybe they are putting it on the back burner, not releasing the information and giving it time to get to the point that once they do release it there will be a much bigger effect. As it is now TPM isn't wide spread yet so give it a bit of time and then break it.
Re:I hope it's published anyway by Anonymous Coward · 2007-06-29 02:48 · Score: 3, Informative

The whole point of the design, almost the whole reason for having the hardware in the first place, is that you can't virtualize it. Neither a VM nor a computer without the chip can impersonate a computer with the chip, because they don't have the signed crypto keys which are (supposedly unextractably) embedded in the chip. It doesn't help if your VM is running inside a TC computer, because the TC device won't see the computer as running trusted software (it'll see the hypervisor, which will NOT be trusted unless it propagates the TCPA regime into the virtual system, which is what you're trying to avoid). So the chip won't attest to the VM's trustworthiness, and the VM can't do that for itself.
DMCA anyone? by TheSciBoy · 2007-06-29 02:57 · Score: 5, Insightful

My guess is that they could not go to the US from fear of being arrested for breaking the DMCA/some other law. I for sure wouldn't go to the US under any circumstances with information on how to defeat any kind of security.

Security by obscurity still seems to be the mantra.

--
Badgers, we don't need no stinking badgers! - UHF
1. Re:DMCA anyone? by ajs318 · 2007-06-29 03:55 · Score: 2, Informative
  
  The point is that with something like public-key encryption using an Open Source algorithm, the only thing that has to be kept secret, and does not even have to be shared with the other party, is the decryption key. And you can prove that (if you've studied enough maths). You are in total charge of the only thing that needs to be kept secret for your communications to be secure.
  
  Whereas, with something like Skype -- which uses a closed-source implementation of christ-knows-what algorithm and handles its own key generation -- there's no way to be sure exactly what needs to be kept secret, or even who else knows it (without reading and understanding the Source Code, you can't be sure that the decryption key is not being made available to anyone else). That's "security by obscurity": someone other than you is in charge of the secrets.
  
  --
  Je fume. Tu fumes. Nous fûmes!
2. Re:DMCA anyone? by dpilot · 2007-06-29 04:25 · Score: 2, Insightful
  
  So you're really saying rather than "security by obscurity", how about "security by threat of Gitmo"?
  
  --
  The living have better things to do than to continue hating the dead.
Nitin and Vipin Kumar are the creators of VBootkit by I)_MaLaClYpSe_(I · 2007-06-29 03:01 · Score: 4, Informative

Nitin and Vipin Kumar are the creators of VBootkit and they were covered previously on Slashdot here: VBootkit Bypasses Vista's Code Signing.
Re:I hope it's published anyway by IgnoramusMaximus · 2007-06-29 04:53 · Score: 2, Informative

Except that there is no way for software to determine whether or not it is running in a virtualised environment. (If there was, that would indicate your virtualisation is not being done right.) Your virtual environment just has to listen for the challenges and send the correct responses. And you can know, by examining the software which is running within the virtualised environment, exactly what response it is expecting.

You misunderstand the way the TPM works. TPM chip computes a running checksum of a number of hardware CPU operations, such as memory access and/or sequence of instructions executed. Then a software in your VM will be asked to return to the remote party requesting attestation a digest value based on a random number sent to you by the other party and then run through the TPM chip. The VM has no access to the internals of the TPM chip (it is an opaque black box as far as the CPU is concerned) and thus cannot compute the correct response. Only the TPM chip can, which it will refuse to do since your running of the VM has altered the "one and only" sequence of instructions/memory accesses that the TPM continuously monitors.
In other words, TPM is specifically designed to defeat virtualization as the virtualized environment does not have sufficient data to recreate the correct responses, only the raw hardware, executing istructions under the supervision of the TPM chip, has.
...and that problem is transport... by Valdrax · 2007-06-29 05:42 · Score: 3, Funny

...Or kick him down a well.

So our country can be free?

--
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Re:Fess up by SiliconEntity · 2007-06-29 06:33 · Score: 2, Informative

Alright, who has been requesting this trusted computing platform bullshit? Speak up! I want to know the name of the one consumer who said "Yes, I really want computers that can be uniquely identified. I hate the freedom that being anonymous brings."

I do want a trusted computing platform. That's because I know how they work, and you don't. You think it limits what code you can run and takes away your anonymity. But those are all lies, fed to you by opponents of the technology, which you have blindly accepted.

The truth is that TC technology lets you prove the software configuration you are running, if you want to. That's it. This will be able to be done per-application, so that you can prove you are running a particular app while keeping other details private. I can think of many good reasons for this; yes, good, privacy-protecting reasons; even good, anonymity-protecting reasons.

But because of people like you who believe the Big Lie, the technology I need to improve privacy and anonymity on the net is being killed even in its moment of birth.
Vendors want TPM, not consumers. by fahrbot-bot · 2007-06-29 07:18 · Score: 3, Insightful

Remember: TPM is there so the vendors can trust the PC, not the consumers (hardware owners) - who are, as far as the vendors are concerned, untrustworthy...

--
It must have been something you assimilated. . . .
Re:Fess up by SiliconEntity · 2007-06-29 07:43 · Score: 2, Insightful

Unless they're Luddites, people aren't opponents of a technology for no good reason. TPM depends on someone else, somewhere, attesting to... something.

How can you object to people attesting to things? People attest to things all the time. Do you get up in arms over the Good Housekeeping Seal of Approval? Do you insist that it is an infringement on your freedom that you can't use their Seal dishonestly in business?

Or how about the Verisign root CA key? This is the foundation for SSL security on the net. Do you think they should publish the private part so that anyone can forge signatures by that key and make their own attestations? That would destroy its security.

Secure attestation is the foundation of commerce in the whole world, as well as in the smaller world of the net. The TPM merely applies that same principle on a finer scale, allowing you to attest to the nature of your own software.

For my security, I don't trust anyone else holding the keys in these TPM chips. Apparently, you do.

No one else holds the keys in the TPM. Only the TPM holds the keys. The TPM owns the keys and never lets them go. That makes the TPM, from the security perspective, an autonomous agent; a little robot that obeys certain rules. Everyone knows what the rules are, and thanks to the keys embedded in the TPM which never leave, everyone can tell when a TPM is making a statement. This gives people confidence in what the TPM says.

That's the essence of this enormous threat that everyone is so up in arms over. That there could be an entity in the world that makes verifiable statements of known facts. The bottom line is that people want the ability to make their TPMs lie. Apparently no one can abide the presence of an honest agent in their life.

I call this complete bullshit. I have no desire to defraud or lie to anyone. Yet I want to preserve my own privacy and anonymity. These goals are completely consistent. And the TPM actually serves these goals. Because people know its rules and can trust what it says, the TPM can make statements about what I am doing that are reassuring to others, without me having to reveal any more information than necessary or any details. The TPM allows local filtering of outgoing information so as to add MORE privacy while allowing a degree of remote trust that is unimaginable today.

I could go on and on, but what's the point? You either won't understand or won't believe me. I have read thousands of pages of TPM documentation and understand this technology as well as anyone. You have read a few web sites that are totally biased in their presentation. Unfortunately millions of others are like you, and almost no one is like me.
Re:Fess up by SiliconEntity · 2007-06-29 11:31 · Score: 2, Insightful

How can you object to people attesting to things? People attest to things all the time.

Because in this case, attestation means requiring a specific set of applications. If you are not using exactly the applications required by a particular service, you'll be locked out of that service. Bad for free software, bad for the free market, bad for the customer, but great for application vendors who can win themselves "trusted" status!

No, that's not what it means. Attestation does not mean requiring a specific set of applications. It means having the ability to believably report what software you are running.

There is no such thing as vendors who win "trusted" status. There is no such thing as "trusted" vendors. Special or "trusted" vendors are not a TCG concept. No group has more or better access to the TPM than anyone else.

I think I should be able to use whatever applications I want on my own machine.

You can!

I think I should be able to modify them.

You can!

But TCPA stops me doing that, by forcing me to adopt applications that are considered to be "trusted".

No, it doesn't. You can run whatever applications you want.

What it does do is allow you to report your software configuration reliably and believably. Maybe someone else won't talk to you unless you are running a certain software config. That's their prerogative. You can always tell them to get lost. They can't make you do anything you don't want to do. You can run whatever software you want and do whatever you want.

What you can't do is to force other people to behave as you would like them to. They have freedoms too.