Smartphones and privacy
- Axelle Apvrille (Fortinet)
Mobile apps ask for far more permissions than they likely need. She had a wonderful chart showing the result of decompiling several appliations to look for privacy violations. Some of them are easily explained, such as a mapping program that wants location data. Some are less, such as Signal asking for location (documented for to share loation with your contacts).
She also used Frida to hook the HTTP calls in the applications to be able to track all of the communications without having to do MITM proxying. This is a really powerful technique that needs more examination.
Many apps use Firebase, which sends almost every finger press on screen to the network. Frida shows these messages and it's clear there is a problem of scale for the ammount of data collection and monitoring.
Not all the apps necessarily know what they are doing -- many of them have imported hundreds of megabytes of libraries, many of which have their own telemetry and usage monitoring. "Oral B Smart Toothbrush" app was especially bad, with a 92 MB, compared to K9 email (with PGP!) that is only 5 MB.
- Harlo (Freedom of the Press)
There is an "asymetry of preparedness" for journalists and their sources, as well as for journalists and their adversaries. Making it easy for whistleblowers to contact the journalists requires some thought and some best practices, such as not using a separate subdomain "leaks.nytimes.com" (that would be revealed by DNS logging) or requiring special software like tor. "Normalization" of contact and "herd immunity" were the key points.
Super Privacy Preserving ^ | Ghost town <---------------|------------> The New Hotness | v Essentially Garbage Privacy
Meanwhile, corporate IT departments in the news rooms aren't always prepared for the threats facing journalists. Full disk encryption isn't the norm, Outlook doesn't have easy support for PGP (and mailveloped isn't perfect), Signal desktop notifiations contain clear text messages, Facebook messenger "black chats" are only protected on mobile, not on desktop, etc.
One of the most important points came up during the Q&A: what about the non-investigatory journalists? Harlo pointed out that there are risky stories in every beat: real estate corruption, sports betting, etc. And that the other journalists are potential pivot-points for attackers into the news room.
Another important side point is that Signal's use of phone numbers as the primary contact is potentially risky for women / people of color. There are hacks to use a voip number to register, but they are being closed down.
The New Hotness | v Essentially Garbage Privacy
confusion over facebook "black chat" versus normal chat - desktop doesn't have e2e
public phone numbers are not equitable - using signal without leaking phone number requires dummy sim cards - women|poc may not want to publish - twilio can sell a voip number - but whatsapp won't work with voip numbers - signal won't register a landline - workarounds are hard + whackamole
using signal on desktop is gutsy - nearly clear text - notifications are easily searchable - full disk encryption could help, but.... IT etc - remote desktop access - also java and all of its issues
parallel construction means that encryption is effectively broken - whatsap app messages show up in discovery - imesage query logs show metadata
foucault's boomerang - tools built to fight colonizers will be turned back against the resistance
safetag - organization security auditing luma institute - human centered design thinking
q: telegram? a: security theater and mythos, need more analysis
q: what about regular journalists and do they create risks for investigatory journalists? a: need to keep confidentiality between reporters. need to move beyond "nothing to hide" for reporters; every desk might be dealing with corruption or illegal behaviours. (real estate fraud, sports rigging, etc) not "how to be a spy", but "how to do your job"
Wireless keyboard security
- Deeg & Klostermeier
Using a HackRF SDR with the Universal Radio Hacker (URH) they were able to decode the protocols used by several wireless keyboards and mice, including several that had "AES" encrypted streams.
Most of the devices were subject to replay attacks, even if they couldn't decrypt the messages. This allowed them to demo capturing a login password and replaying it to unlock the machine.
However, many devices have an insecure AES CTR mode, which was able to be decoded. Others have one byte of entropy, meaning that only an average of 128 guesses are required to find the key.
In response to their findings, several companies rebranded their devices (The "Cherry B.Unlimited AES" was renamed to the "Cherry B.Unlimited 3.0"). Other vendors refused to investigate, such as Logitech when the researchers bought three R400 remotes from Amazon and received three totally different PCB designs.
They suggested that the Bluetooth devices are likely to have better security overall (but see the BTLE talk!).
Bug reports in the game industry
This was a one neat trick talk: Most game engine bug reports are a complete bundle of the project and all of its native code libraries. When the game engine QA department triages the bug, they often run the code as is on real hardware, potentially allowing an outside attacker to pivot to other systems in the company network.
what the log?
- Miriam Wiesner @miriamxyra
Miriam has written a tool for analyzing Microsoft logs of some sort. I didn't get much from this one, other than a first host compromise to domain admin compromise is 24-48 hours, and that the typical first attack is on users and identities.
Glitch in the Matrix
- Marion Marchalek (intel storm team) @pinkflawd
Marion has recreated parts of Thompson's "Trusting Trust" by adding backdoors to the gcc plugins that can re-introduce bugs or make subtle modifications to leak data. She points out that the diffs can be very subtle, such as changing an unsigned ADD signed ADDS, and that most of the binary diff tools are looking at the basic block level instead of the instruction level.
An important point is that most reverse engineering is done to attack other people's binaries without source availability, so the people who are would be looking at this level are not the ones who are looking for validate the compilers.
Server side processing of user data can leak information as well as give an attacker a pivot point. She provided several examples where an attacker can embed links like to external resources, such as an image in an SVG, something in a DOCX, even something in MP4. Other cases are exploiting bugs like "Imagetragic".
If the bugs allow the attacker to pivot, they are especially worrysome since the address of the requests are from an internal IP address, potentially bypassing firewall rules. She had a demo of using SSRF against some DoD websites, found via "google dorking":
Defeating Bluetooth LE PRNG
BTLE5 adds lots of neat new modes and he wanted to support them with his btlejack tool. The attack is quite clever - it times the delta between repeats in the channel frequency and looks in the PRNG for values that are spaced exactly that far apart. Each repeat reduces the number of candidates, allowing him to quickly identify the counter position in the sequence and guess the seed.
The conclusion was that this was not designed for security - it was designed to be easy to implement on cheap hardware and to allow more BTLE devices to coexist.