Slashdot Mirror
Ubuntu Forum Security Breach
pinkstuff writes "There has been a major security breach of the Ubuntu Forums database. Every user's email address and salted password has been taken. From the forum home page: Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database. The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP. Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach."
Dupe of http://it.slashdot.org/story/13/07/21/0318243/ubuntuforumsorg-hacked
Posting anon so no karma whoring
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
Again? Or just news older than dirt?
If it was the NSA, then maybe I wouldn't have to worry about the asshole who hacked the forums trying to get some brownie points to enhance his 1337 status with his kiddie hacker buddies by posting my (among millions of others') e-mail address to a public web site for all the spammers to jizz all over. At least the NSA would keep it secret, and you'd probably never know they did a thing.
During last days I have bumped to the "ubuntuforums.org is down for maintenance" message several times while googling some Linux stuff. I never realized before that I visit that site so often.
Ubuntu got popular enough that little script kiddies thought it would be a nice boost to his ego to hack it.
NSA don't need to hack the forums. They've got all the packets in and out of the servers saved on a disk. Not to mention a back door into the servers.
Seven puppies were harmed during the making of this post.
The hashes are salted. Who cares about a breach with salted hashes?
Enh, maybe said spammers won't be able to decode what marketable opportunities Ubuntu users are into (Steam?) and leave those emails be. One hopes.
Ubuntu is the Windows of operating systems.
Dupe.
samzenpus, you fucking suck sometimes. Hope you're not getting paid for this.
They use vBulletin.. the passwords are salted.. but it's just md5(salt+md5(password)). The salt is in the db, and it's just 2 md5 hashes -- NO stretching, PBKDF2, bcrypt, or anything else. It's literally one step up from plaintext. You can recover those passwords in very little time. You SHOULD assume the passwords are compromised.
http://www.vbulletin.org/forum/showthread.php?t=178091
In that case they should set all accounts into a state in which it can be only reactivated via e-mail confirmation.
I'm pretty sure with porn and penis pills, these are prime leads.
So has this happened yet again or just another Dupe?
I don't know about Ubuntu being that popular, but this story seems to be. We had this one on /. only four days ago. Editors asleep at the wheel again... :-|
Indeed...
Here is a 25 GPU cluster that can go after MD5 hashes.
The cluster can try 180 billion combinations per second against the widely used MD5 algorithm
Realize that an 8 character password is only about 48 bits of entropy, so if you find a key that hashes to that 128-bit MD5 hash code then its almost certain that that is in fact the password and not just a random collision. I am appalled at the horrible password "protection" practice in use today. In the 1980's we knew better and didnt store the entire god damned hash.
"His name was James Damore."
It's literally one step up from plaintext. You can recover those passwords in very little time. You SHOULD assume the passwords are compromised.
Really? Can you explain how this is done? My understanding is that MD5 is a one way hash function. I know of no real way to reverse an MD5 hash. I know there are MD5 databases that can do a reverse lookup, but they are only limited to dictionaries the common strings they contain. Surely that is only really useful if your password was something stupid like a dictionary word, or some lame leetified word like "l0ve". How do you reverse an MD5 hash if it is not?
I am genuinely interested.
You can never know everything, and part of what you do know will always be wrong. Perhaps even the most important part.
Rainbow tables.
Script kiddies don't hack.
/* No Comment */
Via the e-mail addresses that were also leaked?
How do you reverse an MD5 hash if it is not?
You try all possible inputs at a rate of 180 billion combinations per second.
For an 8 character alphanumeric with a few symbols, thats about 48 bits of entropy, which equates to 1564 seconds (26 minutes) to try every single possible input. Since you used a 128-bit hash on 48 bits of entropy, the odds are very very very good that only one single input will result in the stored MD5 hash.
Thus the attack knows precisely what the original password was in only 26 minutes, which fits the definition of "reversing" the hash in no more than 26 minutes.
"His name was James Damore."
MD5 is just not computationally intensive by todays standards. You can easily calculate several BILLION MD5 hashes per second on a modern GPU. It's fast enough that you can simply bruteforce it.. you can rent an EC2 cluster for a few dollars if you don't want to spend the money on the GPUs.
There's a reason why at a minimum stretching is used (this is when you hash a password + salt, then hash the hash typically a few 10000 times)... this is standard practice BTW if you're going to use hashes (or better, use bcrypt or pbkdf)
The only thing the salt does is prevent them from cracking all of the passwords at once.. they'll have to crack each user individually.
The Ubuntu forums run on vBulletin, a proprietary solution. Nothing open-source about it.
You try all possible inputs at a rate of 180 billion combinations per second. Thus the attack knows precisely what the original password was in only 26 minutes, which fits the definition of "reversing" the hash in no more than 26 minutes.
Ok. That is fast. Still - there are two md5 hashes with a salt added - so it would likely take 52 minutes - although I think you could call that a distinction without a difference.
You can never know everything, and part of what you do know will always be wrong. Perhaps even the most important part.
To expand further on this, it is a violation of CWE-257 to store a much wider hash than the passwords entropy.
"The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users."
Storing a 128-bit hash of a typical password, due to their much lower entropy, is in fact storing it in a recoverable format.
"His name was James Damore."
Ok. That is fast. Still - there are two md5 hashes with a salt added - so it would likely take 52 minutes - although I think you could call that a distinction without a difference.
Dont forget that since the users account name isnt part of the salt (or so I presume, given the bad hashing practice already noted by others), then every accounts hash can be attacked simultaneously. Thats 26 or 52 minutes to crack the password of every single account.
"His name was James Damore."
Yes.
the salt is random.. so each user's password would need to be cracked individually.
that doesn't make it 52min though..
You could speed this up by hashing the password you want to try, then hashing it with each user's salt. So instead of 2x hashes, you would have (# of users) + 1 md5 calcs for each password attempt.
And the average time would be 1/2 of the max time.
Also... most of those passwords are probably dictionary words.
I'm pretty sure with porn and penis pills, these are prime leads.
Wait wait WHAT?! You can get penises in PILLS now? Wow. The Mac users will love the convenience!
"Still - there are two md5 hashes with a salt added "
No, even that part was done improperly. Since they hashed the password, then added the salt, then hashed the result.. it's actually just (# of users) + 1 md5 hashes.
1) hash password
2) concat hash + salt
3) hash result
4) repeat 2 & 3 for each user
Do you even know what salting is? Salt is already unique random value per user, no need for user's account name.
So, it's 20 minutes to try every quite weak password for a single user. If you throw symbols and space in the mix, it gets closer to 10 hours. Or you can even just add 9th alphanumeric character instead and it gets to 20 hours (or 40 days with random 9 out of full printable ASCII set).
IOW, even with this shitty hashing scheme you can have plenty of time before someone cracks your pass, if they even bother after trying easy passwords - if you don't use 12345 (or, say, qazwsxedcrfvtgbyhnujmik,ol.p;/[']\) as your pass.
That isn't very comforting without knowing the hacker's intentions. For all we know, maybe your password was the only one they wanted.
There's no -1 for "I don't get it."
What happened is that you apparently dont know the difference between operating system vulnerabilities, and someone gaining unauthorized access to a forum.
Then don't use 8 letter passwords.
11 random alphanumerics at 180e9 tries per second is 62^11/180e9/(60*60*24) = 3345 days, quite enough for anything worth hacking your account to lose importance. That's the beauty of exponentiation - adding one more cracking rig doubles the speed, but adding one more character makes password take sixty times longer to crack.
at least stop using email for authentication
This will probably hurt their campaign to bring Ubuntu to mobile.
Their kickstarter at Indiegogo already seems to be slowing down.
Not quite fair to link a forum breach to Ubuntu, but public perception is what matters.
Well, Linux was made by hacking. :)
Then don't use 8 letter passwords. 11 random alphanumerics at 180e9 tries per second is 62^11/180e9/(60*60*24) = 3345 days
Not to mention that we are talking about a 25 GPU's rig. I'm quite certain that some botnet owners have access to a hundred thousand decent GPU's, and a million not-so-decent GPU's. Welcome to reality.
"His name was James Damore."
For both.
slimjim8094: Failed. :P
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
if they can't patch vbulletin, how can we trust them to patch our servers?
So? Now they have my ubuntu forums password, what are they going to do with it? Post as me?
Btw, the article you linked says it's actually md5(md5(password)+salt).
Ok colorful language from a known troll. But the points are still valid. Why the down mods?
What happened was that the PROPRIETARY software on which the forum was based, got hacked.
Great. ...), I bet they have way more information than they needed to have.
With their policy of needing to sign-in in order to download anything (script, picture,
And this information is now compromised....
He hurt their feelings.
I hope the iterated with a sufficiently high count in addition. But as they do not say that, I am doubtful. Any competently done set-up would at the very least use PBKDF2 or scrypt with an iteration count > 100'000.
Why do people keep getting this very basic stuff wrong?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
herp derp all php source is open. herp derp.
It's not news, even for nerds, when it is reported a week after everybody else reported it.
Addition is commutative, so salt+md5(password) == md5(password)+salt
How's that GED going, by the way? Ready to re-take the exam again?
You're right.. the hash is appended to the password hash (not prepended). Carelessness on my part.. good catch.
The source was available to them right? So they could have audited it for security problems. So why didn't they detect the problems? Not enough resources allocated? Not enough talent? Same problem goes for OSS.
Skilled eyes are magnitudes better at spotting security bugs. How many skilled eyes are really looking at open source stuff AND working to get it fixed compared to the number of skilled eyes who are looking at it and keeping the exploits for their benefit.
The security of OSS is overrated. There are limits to what they can do in practice due to users and usability[1] - for example the apparmor profile for firefox etc are disabled by default, and the default profiles are also quite lax (firefox with apparmor enabled can still access most of the files in the HOME directory)
[1] and that's the main security problem for Windows too.
Google, Microsoft and similar have very very many servers. Typical estimates are in the order of a million.
Well they can try and use the same username & password on other forums.
They can try and use the same password on your email address.
If they get into your email, then they can request password resets for online banking, paypal, etc.
This is why you don't use the same passwords on different systems.
If you have your own domain, then use different email addresses for each site filtering into a central inbox. This also makes it easier to track where spammers get your address from.
The hashes are salted. Who cares about a breach with salted hashes?
Salted-and-hashed passwords could still be brute forced, especially if only a simple MD5 or SHA-1 is applied instead of something like MD5crypt or PBDK2. Ars Technica had a good article on the topic:
http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/
Nothing "Happened". *No* operating system is 100% secure, especially when humans are involved. At the place where I work, people send around user names and passwords in e-mail. Twice I've sent out notes to the entire company admonishing them to not do that and why, but the practice continues.
.net and java.
Beyond simply the operating system, you've got vulnerabilities in things like
http://technet.microsoft.com/en-us/security/bulletin/ms13-040
http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-3091/Microsoft-Asp.net.html
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
If you really believe that Windows is just as secure as Linux, then go ahead believing that. You're going to anyway.
Herp derp vBulletin is proprietary, so even if you find the bugs by inspection you can't fix them. Herp derp.
Actually you are a troll, you're posting intentionally inflammatory comments just to rub the fact that you were right in people's faces and that you're far superior to everyone else. You may not be intending to be one, but you most certainly are coming off as one. If you're not trying to be a troll, then your social skills could use improvement, so that they could be on par with your claimed technological abilities.
You're also wrong in general, insofar as general architectural choices in the softwares you brought up, most people ./ included have admitted Windows 7 was a dramatic improvement in security and usability. The biggest complaint against MS right now is deliberate design choices that seem to be made to exclude business and desktop users. A few years ago, sure your point was valid, but in general, OOTB Linux is more secure than Windows, Android is fairly secure, though there have been breaches, most are social engineering hacks, where the apps just ask for elevated permissions and users give them away without reading.
If your point is, as I believe it to be, that all operating systems are only as secure as those who use them, then you could have worded it far more eloquently without being trollish and you may have even gotten a few people to see your point. As it is, you talk a big game, can't back it up(since you post as an AC), and just come off as a childish braggart. Also one last thing, just because you're proficient at something doesn't mean you can't be a troll, regardless of when anyone else was in diapers. Me personally I started in the days of baud rates, when dedicated computer modems just came out. If you've been the techno god you claim to be since then, and you're still having trouble elucidating your point, the problem is on you, not on others.
String appending is not commutative though. How's kindergarten?
You can fix or modify it, you just can't distribute the changes.
Hypocrite: You try "berate me" 4 posting ac & You do yourself & have been. Keep "projecting" - I love it. More downmods of my replies too? How can you LIVE with yourself, being such a worm? People here, especially "penguins" HAD to concede what I wrote. Even you did. It's truth & fact, no combatting it. It's funny watching you do what you attempt to cut me down on though. Pot calling a kettle black != good logic or debate skills.
Upgrade your intelligence and debate skills. You are TOO EASY to tear apart with your own words!
Additionally - I can't back up what, exactly?
For a hypocrite like yourself that claims to have started in the days of early phone based modems, what have you ever done in comp. sci. that did well? I can produce a slew of things that yes, I wager strongly I did while you were still in diapers (boy). You're wasting SOMEONE's time imo (Yours) since you haven't progressed nor achieved anything of note in the timeframe you claim... seriously. The way I see it, is simple: IF you have means & skills - try to IMPROVE the general human condition with them. That's me though. I won't expect it of you. I can't. You obviously haven't done squat, & aren't capable of it. That's all you're showing me along with utter hypocrisy on your part.
Lastly - Letting slip YOU feel I am 'superior' (to you certainly) is nice - Thanks: I take it as a compliment. I merely state facts I have no problem backing up. Ever. You apparently certainly do and can't match them. Period/fact. Prove otherwise.
You can't win. You defeat yourself. Me? I "Fight the GOOD fight, every moment" -> http://www.youtube.com/watch?v=sp3zhgXDDSs and always experience victory because I simply use facts & truth. Straight up, no sockpuppets or bogus downmods. Unlike yourself... lol! How can you LIVE with yourself?
APK
P.S.=> Folks - IF you're going to "ac troll" me? Please - send someone with some intelligence... not this fool whose own words, & "modus operandi" can be used against him with ease! apkIF you're going to "ac troll" me? Please - send someone with some intelligence
vBulletin is written in plain/visible PHP. It is open source. I have worked in places using it in the past and modified the source to fix issues or add functionality (though directly editing the source is not usually a good solution, it's better to use one of the built in hooks).
That said, one should distinguish between OSS and FOSS. vBulletin is not FOSS. You do pay licensing for it, and it's not free to distribute. Various modules can also be encoded/encrypted, as many third-parties that create vBulletin plugins have been known to do.
If Ubuntu want to go full FOSS, they could have used something like SMF, however vBulletin is more popular and (when last I used the two) featureful.
I recall when trolls on /. were less obvious and far better than this.
I don't think that brute forcing to identify passwords is what's meant by "recoverable" here. Though, I suppose I'm with you in the idea that if it's easy enough it's virtually the same.
I'm not getting what (other) significance you're assigning to the idea of passwords being much lower entropy than their hashes. Is there something about the relative entropies that matters, or are you just again pointing to the ease of brute forcing something like passwords (which are going to be, in practice, only a small fraction of the hash entropy), which exists regardless of the potential hash entropy?
Especially from the obvious downmodder posting as AC calling me a "troll"? He conceded I spoke truth yet tries berating me for posting ac yet does so himself (what a pot calling the kettle black hypocrite). Linux is no more & no less secure than Windows. They're all capable of being "security-hardened".
What astounds me is the HYPOCRISY around here. Even extending to the moderation staff here. Examples:
This place? It's no better than ANY OTHER CONCERN that wants to "extend its agenda". Even to the extent of SUPPRESSING news!
How can I state that? Ok, verifiable fact: I submitted a story everyone else was playing out online everywhere on how AdBlock "souled-out" to GOOGLE. Not only was it rejected (that I can handle, word will get out anyhow) but it was REMOVED from submissions too, here -> http://slashdot.org/submission/2783319/adblock-getting-paid-by-google-to-allow-their-ads
Then, I was attacked here a couple months back by StenchWarrior (below). They banned me for 2++ months & I didn't even start it. Additionally since I was called a "spammer" here untruthfully? Jeremiah Cornelius was caught "impersonating" me. Nothing happened to him (with his nigh constant & in every article posted spamming the forums by ac posts but he screwed up letting the cat outta the bag on this one he was doing it to discredit me somehow) -> http://slashdot.org/comments.pl?sid=3581857&cid=43276741 giving away he was doing it.
Then, StenchWarrior the obvious 'sockpuppet' (who has run from the challenge I put to him there before that time too & only posts every few months showing he's someone's sockpuppet alternate account for upmodding themselves & downmodding others) then spewed his crap my way -> http://politics.slashdot.org/comments.pl?sid=3738579&cid=43697705 I went to challenge him to disprove my points and to prove his. I couldn't. I was blocked from defending myself publicly after being attacked thus!
APK
P.S.=> I'd like to know which moderator did that. I really would, just so I could shame them publicly.
Of course, THAT will NEVER happen, since they TOO operate like nerds ('news for nerds" here after all) - skulking in the shadows - despite all the bitching about the tactics the NSA uses around here? They do pretty much the same: Hypocrites!
Even the easily cheated structure of the moderation system here is the same too. Make a few sockpuppet accounts, all your posts get modded up +5 (Jeremiah Cornelius & crew)... Plus, You can't face down accusers or bogus downmodders! (Figures - nerd weasel worms created it, it's going to reflect THEIR modus operandi in life too)... apk