Actually, if you're using an unpatched browser, you might not even have to download the file they offer to be infected. The web page includes Javascript exploits for half a dozen security vulnerabilities, which will install the trojan without user interaction. I've posted an analysis of the malware code on my blog.
Despite what the article says, Storm isn't using Tor (other than trying to exploit it's reputation) and the download isn't a trojaned version of Tor – it's much too small to be that. What's more, the botnet operators appear to have dropped this strategy. While on Thursday the links in the spam went to a fake Tor download page, on Friday they showed a fake YouTube video, and now they show a fake NFL game tracker.
Each exchange is one challenge bit and one response bit, so the timing is accurate, but this is repeated many times to give a high assurance that the real card is present (128 in the prototype). See the draft paper for the details.
Since date and time information isn't included in TCP/IP packets
Actually, it is, and this what I mainly use, but initial sequence numbers also incorporate a timer. If both are unavailable, the link between packet emission and timer interrupts will still show up the clock skew.
First, if the computer is sensibly cooled (ie: not by convection currents) then heating will be minimal.
The computers I tested it with were normal desktop machines. They all had fans, and in some cases were thermostatically controlled. The differences in temperature were only 1–2 C, but that could be remotely detected.
Second, if you use a high-precision clock-chip, the chip will be tens or hundreds of times more accurate than the system time
An oven-controlled crystal might be accurate enough (<1ppm) but it still needs to be integrated at the hardware level. Plugging it into NTP is not enough since non-NTP synchronized clocks are exposed remotely. The same applies for using NTP normally. Moreover, NTP is explicitly designed to react slowly (to handle latency), so faster effects, like the ones I measure, will still be visible.
Have a look at this blog posting for why adding random noise will not prevent the attack. Essentially, random noise doesn't change the average skew, since the computer doesn't have an independent reference clock. By taking a moving average over time, the noise can be detected and removed.
There are more details of the problem and how it was identified, written by Richard Clayton who found out where the traffic was coming from after Poul-Henning Kamp asked him for help.
Out of interest - would you mind saying which bank?
I do know of banks which require activation only from cardholders served by sorting offices for which a lot of fraud has been reported. This could be another possibility.
The report (PDF 767kB) deals with the type of PIN mailers where the PIN is printed on the top layer of the paper, but there is a "scramble pattern" underneath it which prevents you from reading the PIN. The scramble pattern is either peeled away or scratched off. If you can pick out the difference between the toner and the scramble pattern you can read the PIN.
I guess what you are talking about is where the data is printed then covered with a scratch off layer. This technology is common for lottery cards but I have never heard of it being used for PINs. Here you need to see through this layer to get at the data underneath, so the tricks mentioned in the report won't work.
I am one of the researchers involved. Initially we used PIN mailers which we received for our own accounts. Later on, when the PIN mailer manufacturers were co-operating with us, they sent us test samples. However I think all but one image in the report (PDF 767kB) are from live accounts, but the PINs are obviously now changed.
Of course, you have someone mentioning getting windowed envelopes to repost it...what, is that guy like 12 years old or something? PIN numbers don't come in standard envelopes; they are more like wage slips in that they have to be torn open and that there is no way you are putting them back together.
PIN mailers in the UK are sent out using normal envelopes, specifically to stop them looking unusual and easy to pick out from normal mail. Getting replacement envelopes is trivial – the security is in the tamper-evident stock on which the PINs are printed. It seems the security provided by these is not as good as was believed.
The wage-slip style mailers are quite rare in the UK. They are generally less secure, cost more and stand out in the mail system.
(I am one of the authors of the report (PDF 767kB) which the BBC article is about.)
If there is no reason to worry about this exploit then why do banks spend so much money buying amper-evident mailers in the first place?
There are a number of defenses against mail interception and one of these is for the customer to notify the bank if they don't receive the PIN or the PIN is tampered. If this happens the card will be canceled. If a criminal can read the PIN then send it on to the legitimate recipient then the card will not be canceled until a lot later, after which time more fraud can be committed and evidence of the fraud has been lost.
Also, if the criminal has access to your mail sorting office then intercepting both the card and PIN will be trivial. Mail non-receipt fraud costs £37.1 million in the UK for 2002, out of a total of £424.6 million total so this is a serious problem. My understanding is that most of the letters are intercepted in the sorting office rather than the customers house.
I am one of the authors of the report (PDF 767kB) which the BBC article is about. The report is not about looking through the envelope to read the PIN, but to read the PIN off paper which is designed to be tamper evident.
The envelopes that PINs in the UK are sent in are deliberately indistinguishable from ordinary bank letters. This is to help prevent criminals from being able to easily pick them out from the rest of the mail. Being able to read through these is not very helpful, since they are easy to obtain and so you just open the letter and replace it with another.
I think you are talking about the type of mailer which came in a special envelope, either pressure-sealed or printed using carbon-paper. These are quite rare in the UK and have been replaced by laser-printed PIN mailers, which are the subject of our report.
With these, the PIN is printed on specially designed paper which should hide the PIN until a tab is removed or a coating scratched off. Doing this leaves evidence, so you cannot simply put this back into the mail in a new envelope. What our report showed is that it is possible to read the PIN in some cases, without tampering it.
When did a criminal get this sudden hit of "oh my- what am I doing- I can't _OPEN_ this letter! I'll just scan it and see what i can find". This is someone who already intercepted mail and is about to commit fraud. Just open the envelope and call it a day.
If a criminal simply tampers the PIN mailer then the legitimate recipient will either notice not receiving his PIN or will see that it has been tampered. Hopefully this will be reported to the bank and the card canceled.
If the criminal can read the PIN without the legitimate recipient noticing, then the card will continue working until the account is emptied or the card owner receives a statement. This significantly increases the length of time a card can be used and, due to daily withdrawal limits, the amount of fraud that can happen.
You're already stealing mail, you're about to steal a PIN number and hence some money from a bank where you'll be on video camera,
Not all ATMs are covered by video cameras and criminals could specifically choose the ones which are not. They could also disguise themselves.
While the article certainly has a point in pointing out the problem, at least in this scenario the criminal has to hit his targets old school: manually and one-at-a-time. This is a time-consuming, slow process that forces them to be in the geographic neighborhood of their victims.
Unless they have access to a major postal sorting office, or the one which is used by the banks to send out the PIN mailers. In which case they could get a very large number of PIN mailers very quickly. The problem in this case is not getting caught as there would be patterns of fraud which the banks would hopefully detect.
I am one of the authors of the report (PDF 767kB) which the BBC article is about. It deals with tamper-evident PIN mailers, which try to stop people who intercept PINs in the mail from reading the PIN without the legitimate recipient from knowing.
Shredding or otherwise destroying the PIN mailer after you receive it is a good idea, but this attack is about what happens before you receive it. If you don't destroy the mailer before throwing it out, you don't need to use any tricks like scanning since, once tampered, it is easy to read. You only need to use these if you want to read someone's PIN then put it back in the mail, without disturbing the tamper detection.
It also discusses the link between communication in games like this and the concern of covert channels in (generally military) multi-level secure systems. Another interesting area is the link between these types of competitions and voting algorithms, since they may be a good way of designing collusion resistant competitions, or proving that they are impossible.
In 2001 a student produced an open source microprocessor implementing a cut down version of the ARM instruction set, However not long after, ARM pressured OpenCores to remove the it from their website, and nnARM disappeared.
Maybe the reason people like ARM is that at the moment, most of their competition is from big companies and not open source. If projects like OpenCores catch on and FPGAs become cheaper then maybe open source can perform as well in that region as it does in software. Then I think people would not be happy with ARM taking down compatible products, just as people would not be happy if Microsoft went after WINE.
or the webpage, which has the results of more tests (all the ones out of Checkmark which I could get to work).
When I have time and can find some foreign banknotes, I will try them, but all the tests take about 4 days to run. The Checkmark tests are slow (since they are in Matlab), and for every test I have to try at least ~10 images in a binary search so as to find the changeover point. The strongly detected regions test takes the most time, since I test about 2,000 images.
That pattern is not used by the new code, it is possible to open images containing that pattern in Photoshop. Also even if you blank out that part of the note, the rest is still detected as currency.
Slashdot Mirror
Actually, if you're using an unpatched browser, you might not even have to download the file they offer to be infected. The web page includes Javascript exploits for half a dozen security vulnerabilities, which will install the trojan without user interaction. I've posted an analysis of the malware code on my blog.
Despite what the article says, Storm isn't using Tor (other than trying to exploit it's reputation) and the download isn't a trojaned version of Tor – it's much too small to be that. What's more, the botnet operators appear to have dropped this strategy. While on Thursday the links in the spam went to a fake Tor download page, on Friday they showed a fake YouTube video, and now they show a fake NFL game tracker.
Each exchange is one challenge bit and one response bit, so the timing is accurate, but this is repeated many times to give a high assurance that the real card is present (128 in the prototype). See the draft paper for the details.
The computers I tested it with were normal desktop machines. They all had fans, and in some cases were thermostatically controlled. The differences in temperature were only 1–2 C, but that could be remotely detected.
An oven-controlled crystal might be accurate enough (<1ppm) but it still needs to be integrated at the hardware level. Plugging it into NTP is not enough since non-NTP synchronized clocks are exposed remotely. The same applies for using NTP normally. Moreover, NTP is explicitly designed to react slowly (to handle latency), so faster effects, like the ones I measure, will still be visible.
Have a look at this blog posting for why adding random noise will not prevent the attack. Essentially, random noise doesn't change the average skew, since the computer doesn't have an independent reference clock. By taking a moving average over time, the noise can be detected and removed.
There are more details of the problem and how it was identified, written by Richard Clayton who found out where the traffic was coming from after Poul-Henning Kamp asked him for help.
There is an article from FIPR which discusses this case, and some problems it introduces.
Out of interest - would you mind saying which bank?
I do know of banks which require activation only from cardholders served by sorting offices for which a lot of fraud has been reported. This could be another possibility.
The report (PDF 767kB) deals with the type of PIN mailers where the PIN is printed on the top layer of the paper, but there is a "scramble pattern" underneath it which prevents you from reading the PIN. The scramble pattern is either peeled away or scratched off. If you can pick out the difference between the toner and the scramble pattern you can read the PIN.
I guess what you are talking about is where the data is printed then covered with a scratch off layer. This technology is common for lottery cards but I have never heard of it being used for PINs. Here you need to see through this layer to get at the data underneath, so the tricks mentioned in the report won't work.
(I am one of the authors of the report)
I am one of the researchers involved. Initially we used PIN mailers which we received for our own accounts. Later on, when the PIN mailer manufacturers were co-operating with us, they sent us test samples. However I think all but one image in the report (PDF 767kB) are from live accounts, but the PINs are obviously now changed.
PIN mailers in the UK are sent out using normal envelopes, specifically to stop them looking unusual and easy to pick out from normal mail. Getting replacement envelopes is trivial – the security is in the tamper-evident stock on which the PINs are printed. It seems the security provided by these is not as good as was believed.
The wage-slip style mailers are quite rare in the UK. They are generally less secure, cost more and stand out in the mail system.
(I am one of the authors of the report (PDF 767kB) which the BBC article is about.)
Cards in the UK are normally sent out with live PINs and do not require activation.
If there is no reason to worry about this exploit then why do banks spend so much money buying amper-evident mailers in the first place?
There are a number of defenses against mail interception and one of these is for the customer to notify the bank if they don't receive the PIN or the PIN is tampered. If this happens the card will be canceled. If a criminal can read the PIN then send it on to the legitimate recipient then the card will not be canceled until a lot later, after which time more fraud can be committed and evidence of the fraud has been lost.
Also, if the criminal has access to your mail sorting office then intercepting both the card and PIN will be trivial. Mail non-receipt fraud costs £37.1 million in the UK for 2002, out of a total of £424.6 million total so this is a serious problem. My understanding is that most of the letters are intercepted in the sorting office rather than the customers house.
I am one of the authors of the report (PDF 767kB) which the BBC article is about. The report is not about looking through the envelope to read the PIN, but to read the PIN off paper which is designed to be tamper evident.
The envelopes that PINs in the UK are sent in are deliberately indistinguishable from ordinary bank letters. This is to help prevent criminals from being able to easily pick them out from the rest of the mail. Being able to read through these is not very helpful, since they are easy to obtain and so you just open the letter and replace it with another.
I think you are talking about the type of mailer which came in a special envelope, either pressure-sealed or printed using carbon-paper. These are quite rare in the UK and have been replaced by laser-printed PIN mailers, which are the subject of our report.
With these, the PIN is printed on specially designed paper which should hide the PIN until a tab is removed or a coating scratched off. Doing this leaves evidence, so you cannot simply put this back into the mail in a new envelope. What our report showed is that it is possible to read the PIN in some cases, without tampering it.
If a criminal simply tampers the PIN mailer then the legitimate recipient will either notice not receiving his PIN or will see that it has been tampered. Hopefully this will be reported to the bank and the card canceled.
If the criminal can read the PIN without the legitimate recipient noticing, then the card will continue working until the account is emptied or the card owner receives a statement. This significantly increases the length of time a card can be used and, due to daily withdrawal limits, the amount of fraud that can happen.
Not all ATMs are covered by video cameras and criminals could specifically choose the ones which are not. They could also disguise themselves.
Unless they have access to a major postal sorting office, or the one which is used by the banks to send out the PIN mailers. In which case they could get a very large number of PIN mailers very quickly. The problem in this case is not getting caught as there would be patterns of fraud which the banks would hopefully detect.
I am one of the authors of the report (PDF 767kB) which the BBC article is about. It deals with tamper-evident PIN mailers, which try to stop people who intercept PINs in the mail from reading the PIN without the legitimate recipient from knowing.
Shredding or otherwise destroying the PIN mailer after you receive it is a good idea, but this attack is about what happens before you receive it. If you don't destroy the mailer before throwing it out, you don't need to use any tricks like scanning since, once tampered, it is easy to read. You only need to use these if you want to read someone's PIN then put it back in the mail, without disturbing the tamper detection.
Last year I co-authored a paper - Covert Channels for Collusion in Online Computer Games (PDF 151K) which dealt with a similar subject. Rather than IPD, it deals with a Connect-4 competition, but many of the ideas are the same.
It also discusses the link between communication in games like this and the concern of covert channels in (generally military) multi-level secure systems. Another interesting area is the link between these types of competitions and voting algorithms, since they may be a good way of designing collusion resistant competitions, or proving that they are impossible.
In 2001 a student produced an open source microprocessor implementing a cut down version of the ARM instruction set, However not long after, ARM pressured OpenCores to remove the it from their website, and nnARM disappeared.
Maybe the reason people like ARM is that at the moment, most of their competition is from big companies and not open source. If projects like OpenCores catch on and FPGAs become cheaper then maybe open source can perform as well in that region as it does in software. Then I think people would not be happy with ARM taking down compatible products, just as people would not be happy if Microsoft went after WINE.
or the webpage, which has the results of more tests (all the ones out of Checkmark which I could get to work).
When I have time and can find some foreign banknotes, I will try them, but all the tests take about 4 days to run. The Checkmark tests are slow (since they are in Matlab), and for every test I have to try at least ~10 images in a binary search so as to find the changeover point. The strongly detected regions test takes the most time, since I test about 2,000 images.
That pattern is nothing to do with the currency detection in software. This image with the pattern is not spotted as currency. However this slightly bigger one without the pattern is detected as currency.
That pattern is not used by the new code, it is possible to open images containing that pattern in Photoshop. Also even if you blank out that part of the note, the rest is still detected as currency.