This is a real life story. We were building an enterprise with micro-payments involved and stuff. We needed a terminal/kiosk network, and this task was bound to be outsourced. So my boss had found a company XYZ that offers ready-made solutions, and he asked me to investigate their offer. I returned to him with my verdict:
— we can't use this XYZ service, because they require our users to submit their passwords to XYZ and then XYZ logs into our system on user's behalf. This is plain out wrong, and should not be implemented ever.
He argued on the basis «a well established company can not possibly sell us junk» — so stunningly true! yeah! So he decided to carry out his own investigation.

A few days later he informed me of his decision:
— I have presented the XYZ's offer to a computer security specialist N. He advised us against using the XYZ's services because they do not employ cryptography.

So the story has ended quite happily. Thanks to the magic of the «cryptography».

Let's take a look at a seemingly innocent practice of OCSP stapling. Basically it is a certification that your certificate is valid, with the certificate for the validity of your certificate being issued by your certificate authority and bundled with your original certificate. Sounds perfect! If only we could certify the validity of this second certificate too, with a third certificate issued by the same authority, would be enough, certainly, three certificates are enough for everyone. Right?

This practice stems from OSCP (an Internet protocol used for obtaining the revocation status) which is not nearly as funny, and far from «innocent».

The original OCSP implementation can introduce a significant cost for the certificate authorities (CA) because it requires them to provide responses to every client of a given certificate in real time. For example, when a certificate is issued to a high traffic website, the servers of CAs are likely to be hit by enormous volumes of OCSP requests querying the validity of the certificate.

Do you see what does this quote imply? That FOR EACH SSL CONNECTION YOU MUST ASK THE AUTHORITY'S PERMISSION. The certificate authority is now an authority that decides whether to allow or refuse your SSL connections. In real time. You no longer decide to connect to a host of your choice, this decision is moving to some authorities.

Let that sink in.

====
P.S. Certificate revocation (without SSL) is not that dangerous and absurd. It was initially designed to work OFFLINE, i.e. all certificates, requests and answers are strictly timestamped — which makes revocation lists valuable and transferable — this is all designed to post-factum verification of documents and such.

This is the essay about the biggest and the most successful infosec profanation campaign in the world. It undermines the very idea of security awareness in each and every aspect, and it does so very subtly too. Initially I wanted to tell you how this profanation works and why it would be successful at cleansing users' minds from any security related thoughts; today I have upgraded my test-bunny Android device and realized that my «prediction» is getting late — Android has entered the final stage of the campaign: after the applications succeeded at damaging users' security awareness, the core system itself openly stepped into the battle, to commit the final blow.
Read more →

A russian researcher Maxim Andreev (Максим Андреев) from cloud.mail.ru has discovered recently an appaling (and also embarrassing) security hole in FFmpeg (a popular open source video/audio processing library (yes, thanks god(s) it is open source)). The vulnerability may potentially lead to SSRF and local file read (which in turn may be pretty devastating). To put your computer at risk it is sufficient to keep it connected to the internet while processing with FFmpeg a specially crafted .mpeg file. So the attack may be aimed at servers and desktops as well, and it is important for the desktop users to know that nearly all GUI-oriented filemanagers and file-dialogs do run without a user's consent ALL the .mpeg files in the scope through the thumbnail creation procedure which is often built around FFmpeg library. Oh, my dear «user-friendliness»! Do you feel how problems are piling up?

The vulnerability is based upon the HLS (HTTP live streaming) feature (thanks to the reported vulnerability I now know what is live streaming — what a useful feature it must be). The core of the vulnerability is (as it happened many times before) a masquerade of filetypes multiplied by the stupidity of the modern days programmers. Effectively the worm is a PLAYLIST file masquerading as an ordinary .mpeg. And FFmpeg is programmed to process them «transparently» i.e. HIDE the distinction between them from the user. The playlist file is allowed to prescribe HTTP requeststs (supposedly to retrieve a file to play) and FFmpeg is eager to obey! Thus, FFmpeg being entitled to the access privileges of its caller SILENTLY sends HTTP-requests (full of potentially sensitive data) to an arbitrary HTTP-server in the internet.

Well done FFmpeg! well done!
And I personally send many non-sarcastic thanks to Maxim Andreev.

By the way, Maxim in his original article on habrahabr.ru describes some interesting practical exploits of the vulnerability, if anyone is interested, i can translate his article to English and post it here.

...and remember all vulnerabilities are deliberately created by someone.

The «binary data» is a myth, created by very unintelligent people. This is just another undefined term in IT amongst millions of its brethren. Oh, dear! if you disagree I challenge you to define it or at least look up a definition. Seriously, give it a try.
I have challenged many advocates of «binary data» to define their beloved product of words. All of them (who are not indoctrinated enough to refuse the challenge altogether) immediately slipped into reasoning about text editors, terminals, and ASCII. But, wait, «my terminal can not display binary data» — is your terminal's problem and nothing more. Some terminals can not display unicode — is it «binary»? All different kinds of terminals unable to display different kinds of data. The same goes to the text editors — which particular byte sequences make a text editor cringe and glitch is specifically defined within the text editor and nowhere else.
Read more →

(previous part: Elementary School)

There is an unspoken grievance bothering all us kids for the entierty of schooling. It feels like an earworm with a forgotten title, you hear it in your heead, but you can not articulate it no matter how hard you try. And it lasts for years. Here it is: «Why on Earth I must learn the disciplines that my teachers have failed to learn?! — If they are more stupid than I, why on Earth they are teachers in the first place?! — If it is just normal to be ignorant about the majority of the school curriculum, why do they teach me all the shit they themselves do not want to know and still have their jobs and live normal lives?!»

Yes, I am talking about the specialization of teachers, this ultimate manifest of ignorance! The very existence of your English literature teacher cries silently: «I don't give a damn about all your maths!». «I spit on your Shakespeare!» — is written all over the face of your maths teacher. An your biology teacher is completely happy being ignorant about maths, literature, geography, phisics, and the rest.

When you attend to all these compulsory courses you see the big picture: all these courses are in fact optional — the school lies to you at the very core of its doctrine. Every day the teachers as a whole demostrate you practically that every individual teacher preaches lies to you. This is how the school finishes your motivation off (if there was any remaining after the primary school). I can not concieve a more devastating impact on one's motivation that that.

And again the solution is way simpler than you might expect. It does not require any new institution, it requires a romoval job again. We must abolish the specialization of teachers. All compulsory courses must be taught by a single teacher from the very beginning of the school to the very end. One teacher for the complete curicullum — a role model of an educated person. Teachers must comply to the standards they impose on their pupils.

Although the ideas I am about to formulate here predate this brilliant lecture by Doctor Russell Ackoff, the lecture formulates a challenge to which I am about to respond.

How shall we alter the educational system in order to preserve and nurture the natural curiosity in children, encourage creativity, and stop demotivating them to learn and explore? (Setting aside the fact that no government on Earth is interested in this cause.)
Read more →

It teaches us how to be concise.

Do you really, i mean really, believe that computers are afraid of capital letters? and punctuation? Don't tell me that you want to scare off people, not computers, it would be even more ridiculous, given a second thought.

How would you feel if a service provider asks you: «please include at least three capital letters, seven underscores, and a number thirteen in your password»? — weird? You better adjust your attitude. The first ingredient is already required by some, more to follow soon.

Seriously, have you ever tried to think why all those «password choosing» policies are so ridiculous and stupid, are they as beneficial as people believe?

The serious answer to the question is given in my new paper on the password authentication: arxiv.org/abs/1505.05090 and its summary is as follows: «The password policies are futile, because they have no formal mathematical foundation at all, and this is why they are all as ridiculous as homeopathy».

Here i want to present some fun aspects of the problem.

The two most prominent protagonists of computer security MS and Google directly contradict each other:

DO NOT USE:
Common letter-to-symbol conversions, such as changing «o» to «0».
USE:
similar looking substitutions, such as the number zero for the letter 'O'
No one notice. These both password creation policies are equally respected. Who are we to doubt the Wisdom of the Titans!?

Also, the Titans teach us that there is an inherent contradiction between security and memorability. Of course the Titans do not condescend to proving their claims. We are supposed to make a leap of faith. I don't have faith, i need a proof, or at least some evidence supporting the claim. Here is the claim:

Human memory is limited and therefore users cannot remember secure passwords.
Call me when you find any evidence of that.

I am failing to understand four simple things:
why do people always fail to know the limits of their individual reach?
why do people always believe everything authorities say?
why do people always think «it won't happen to us»?
why do people always prefer to lose everything in order to save a part?

All these four shine and glitter as they intricately weave into the topic of «cash vs plastic» (keep them in mind while reading).

It has become a popular fad to use «plastic» instead of cash… as usual people are completely unaware of the dangers of this fad. And for some reason they think that «plastic» is somewhat equivalent to cash — NOT EVEN REMOTELY!

The most important issue is (as usual) the simplest one and (as usual) the most ignored one — WHO COMMITS A TRANSACTION? You come to a store for a loaf of bread, you pay for it and take it away. Are you sure it was you who payed for it? I am sure, because I always use cash. When I give a banknote to a cashier I physically commit the transaction — this is MY FINAL SAY. When you type your PIN, you MERELY ASK a bank to commit the transaction for you. In the end of the day it is the bank's decision whether you gonna have this loaf of bread or not. Think about it for once! The bread you are having now is not a result of a free trade between you and a backer, it is a free will of an (undoubtedly honest) 3rd-party. The bank decided on their own volition to allow you to have this bread, and they can as easily decide to starve you at any time.

And when I am speaking about bread, I literally mean bread. It is a common practice in Ukraine and Russia to arrest bank accounts of family members of political dissidents, thus rendering them incapable of engaging in any trade, i.e. buying bread. When you are under a police investigation for political reasons, you are offered a choice: your family will starve unless you confess that you were digging a tunnel under Kremlin with a premeditated goal to assassinate the dear comrade Stalin. The most famous implementation of this tactics is the Ruslan Kotsaba case, his wife and kids have only survived thanks to the public campaign (launched by the defence attorney) encouraging people to trade with the wife for cash (she is a pastry chief).

But, of course! It can not happen to you! No way! (Ask The Lighthouse Project what methods do courts and prosecutors employ in USA and Canada to exert pressure on falsely accused.)

The banks do not bother with breaching your security, they took away your agency altogether.

(to be continued)