Apr 26, 2012 | Leaks, News
TEHRAN (FNA)- Senior Iranian military officials announced that the country’s experts have decoded the intelligence gathering system and memory hard discs of the United States’ highly advanced RQ-170 Sentinel stealth aircraft that was downed by Iran in December after violating the country’s airspace.
Speaking to FNA, Commander of the Islamic Revolution Guards Corps (IRGC) Aerospace Forces Brigadier General Amir Ali Hajizadeh revealed some data taken from the aircraft’s intelligence system to discourage his counterparts in Pentagon who had alleged that Iranians would not succeed in decoding the spy drone’s memory and intelligence devices.
“This plane is seen as a national capital for us and our words should not disclose all the information that we have very easily.”
“Yet, I provide four cues in here to let the Americans know how deep we could penetrate into (the intelligence systems and devices of) this drone,” he added.
Hajizadeh stated that the drone parts had been transferred to California for technical works in October 2010, adding that the drone was later transferred to Kandahar, Afghanistan in November 2010 and had a flight in there.
The commander said that the drone had experienced some technical flaws in its Kandahar flight in November, but the US experts failed resolve the problems at the time.
Hajizadeh added that the RQ-170 was then sent back to an airfield near Los Angeles in December 2010 for tests on its censors and parts, adding that the drone had a number of test flights in there.
As a forth cue to prove Iran’s access to the drone’s hidden memory, the commander mentioned that the spy drone’s memory device has revealed that it had flown over Al-Qaeda Leader Osama bin Laden’s hideout in Pakistan two weeks before his death.
“Had we not accessed the plane’s soft wares and hard discs, we wouldn’t have been able to achieve these facts,” Hajizadeh said, reiterating that Iran’s military experts are in full command of the drone intel and hold a good knowledge of the drone parts and programs.
The unmanned surveillance plane lost by the United States in Iran was a stealth aircraft being used for secret missions by the CIA.
The aircraft is among the highly sensitive surveillance platform in the CIA’s fleet that was shaped and designed to evade enemy defenses.
The drone is the first such loss by the US.
The RQ-170 has special coatings and a batwing shape designed to help it penetrate other nations’ air defenses undetected. The existence of the aircraft, which is made by Lockheed Martin, has been known since 2009, when a model was photographed at the main US airfield in Kandahar, Afghanistan.
The revelation came after Russia and China asked Tehran to provide them with information on the capture US drone.
Ahmad Karimpour, an adviser to Iran’s defense minister, said on Friday that Tehran has received requests from many countries for information on the RQ-170 Sentinel, but Moscow and Beijing have been most aggressive in their pursuit of details on the drone.
Source: http://english.farsnews.com/newstext.php?nn=8101300601
Apr 24, 2012 | Abuses of Power, News
Update: I’ve clarified two aspects of this story below. First, Micro Systemation’s XRY tool often requires more than two minutes to crack the iPhone’s password. The two minutes I originally cited were a reference to the time shown in the video (now removed by Micro Systemation) below. Given that, as I originally wrote, the phone in the video used the simplest possible password (0000), the process often takes far longer.
Second, Micro Systemation had told me that XRY can gain access to phones that run the latest version of iOS. But in fact, it can only gain access to older iPhones and iPads running the latest version of the operating system, and can’t access the iPhone 4S or the iPad 2 or later. Apologies for this oversight.
Set your iPhone to require a four-digit passcode, and it may keep your private information safe from the prying eyes of the taxi driver whose cab you forget it in. But if law enforcement is determined to see the data you’ve stored on your smartphone, those four digits will slow down the process of accessing it as little as two minutes.
Here’s a video posted last week by Micro Systemation, a Stockholm, Sweden-based firm that sells law enforcement and military customers the tools to access the devices of criminal suspects or military detainees and siphon off their personal information.
Update: After this post brought widespread attention to Micro Systemation’s video, the company has removed it from YouTube.
As the video shows showed, a Micro Systemation application the firm calls XRY can quickly crack an iOS or Android phone’s passcode, dump its data to a PC, decrypt it, and display information like the user’s GPS location, files, call logs, contacts, messages, even a log of its keystrokes.
Mike Dickinson, the firm’s marketing director and the voice in its videos, says that the company sells products capable of accessing passcode-protected iOS and Android devices in over 60 countries. It supplies 98% of the U.K.’s police departments, for instance, as well as many American police departments and the FBI. Its largest single customer is the U.S. military. ”When people aren’t wearing uniforms, looking at mobile phones to identify people is quite helpful,” Dickinson says by way of explanation.
With smartphone adoption rocketing around the world, Dickinson says Micro Systemation’s “business is booming.” The small company has grown close to 25% in revenue year-over-year, earned $18 million in revenue in 2010 up from $12 million the year before, and doubled its employees since 2009.
“It’s a massive boom industry, the growth in evidence from mobile phones,” says Dickinson. “After twenty years or so, people understand they shouldn’t do naughty things on their personal computers, but they still don’t understand that about phones. From an evidential point of view, it’s of tremendous value.”
“If they’ve done something wrong,” he adds.
XRY works much like the jailbreak hacks that allow users to remove the installation restrictions on their devices, Dickinson says, though he wouldn’t say much about the exact security vulnerability that XRY exploits to gain access to the iPhone. He claims that the company doesn’t use backdoor vulnerabilities in the devices created by the manufacturer, but rather seeks out security flaws in the phone’s software just as jailbreakers do, one reason why half the company’s 75 employees are devoted to research and development. “Every week a new phone comes out with a different operating sytems and we have to reverse engineer them,” he says. “We’re constantly chasing the market.”
Update: Mike Dickinson has clarified that Micro Systemation’s XRY tool doesn’t support the iPhone 4S, iPad 2 or iPad 3. It does, however, support the latest version of Apple’s iOS operating system, so he says that older devices that have the latest software installed are still vulnerable.
After bypassing the iPhone’s security restrictions to run its code on the phone, the tool “brute forces” the phone’s password, guessing every possible combination of numbers to find the correct code, as Dickinson describes it. In the video above, the process takes seconds. (Although admittedly, the phone’s example passcode is “0000″, about the most easily-guessed password possible.)
Dicksinson acknowledges that users who set longer passcodes for devices can in fact make the devices far tougher to crack. “The more complex the password, the longer and harder it’s going to be to access the phone,” he says. “In some cases, it takes so long to brute force that it’s not worth doing it.” That may have been the situation, for instance, in one recent case involving the phone of Dante Dears, a paroled convict accused of running a prostitution ring known as “Pimping Hoes Daily” from his Android phone; The FBI, apparently unable or unwilling to crack the phone, asked Google to help in accessing it.
SOURCE:
http://www.forbes.com/sites/andygreenberg/2012/03/27/heres-how-law-enforcement-cracks-your-iphones-security-code-video/
By: Andy Greenberg, March 27, 2012
Feb 23, 2012 | Anonymous
Anonymous have unveiled their second major release for this week’s installment of FuckFBIFriday. Their target this time around is Frank Wuterich, the US Marine that admitted to killing Iraqi civilians — and received no jail time for his crime.
Early Friday afternoon, members of the loose-knit online collective Anonymous began circulating news that the website for Puckett and Faraj, the high-profile attorneys that represented Sgt. Frank Wuterich in his recent trial, had been hacked. Wuterich admitted to leading Marines into two civilian homes in Haditha, Iraq in 2005, massacring 24 civilians including women, children and an elderly man confined to a wheelchair.
In response, hacktivists with Anonymous have uncovered gigabytes worth of correspondence from Sgt. Wuterich’s attorneys and affiliated parties.
Last month, a military tribunal finally finished their hearing on Sgt. Wuterich, more than six years after the notorious slaughter. Insiders reported before his sentencing that he was expected to receive only 90 days behind bars. When the case ended, he was sentenced to zero.
Anonymous members have hacked into the website for Sgt. Wuterich’s attorneys and have since defaced it with a detailed message explaining how the self-proclaimed “cold-blooded killer” became their latest target.
“As part of our ongoing efforts to expose the corruption of the court systems and the brutality of US imperialism, we want to bring attention to USMC SSgt Frank Wuterich who along with his squad murdered dozens of unarmed civilians during the Iraqi Occupation,” reads a message now on the homepage of his attorney’s website. “Can you believe this scumbag had his charges reduced to involuntary manslaughter and got away with only a pay cut?”
“Meanwhile,” adds the Anonymous-penned message, “Bradley Manning who was brave enough to risk his life and freedom to expose the truth about government corruption is threatened with life imprisonment.”
“When justice cannot be found within the confines of their crooked court systems, we must seek revenge on the streets and on the internet – and dealing out swift retaliation is something we are particularly good at. Worry not comrades, it’s time to deliver some epic ownage.”
In addition to defacing the website of his attorneys, nearly 3 gigabytes of email correspondence belonging to his attorneys have been leaked online.
“And to add a few layers of icing to this delicious caek, we got the usual boatloads of embarrassing personal information. How do you think the world will react when they find out Neal Puckett and his marine buddies have been making crude jokes about the incident where marines have been caught on video pissing on dead bodies in Afghanistan? Or that he regularly corresponds with and receives funding from former marine Don Greenlaw who runs the racist blog http://snooper.wordpress.com? We believe it is time to release all of their private information and court evidence to the world and conduct a People’s trial of our own,” writes Anonymous
The announcement this afternoon comes only hours after Anonymous operatives posted a recorded phone message that they intercepted from the FBI and Scotland Yard. Hours later, The Associated Press reports that the FBI confirmed the interception and says it is going after the parties responsible.
SOURCE: http://rt.com/usa/news/anonymous-time-wuterich-attorneys-463/
Jan 26, 2012 | Anonymous
Date: Wed, 9 Nov 2011 10:16:11 +0100
From: Eugen Leitl <eugen[at]leitl.org>
To: cypherpunks[at]al-qaeda.net
Subject: Re: [p2p-hackers] Verifying Claims of Full-Disk Encryption in
Hard Drive Firmware
—– Forwarded message from Tom Ritter <tom[at]ritter.vg> —–
From: Tom Ritter <tom[at]ritter.vg>
Date: Tue, 08 Nov 2011 19:51:53 -0500
To: p2p-hackers[at]lists.zooko.com
Subject: Re: [p2p-hackers] Verifying Claims of Full-Disk Encryption in Hard
Drive Firmware
Reply-To: theory and practice of decentralized computer networks <p2p-hackers[at]lists.zooko.com>
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
After reviewing the FIPs approval document for the drive[1], I’ve tried to put together a complete threat model outlining the major classes of attack on the hard drive in the interest of being rigorous. I’d like your input to see if I missed any you can think of. I’ve explicitly excluded DriveTrust (the proprietary stuff) from the threat model, and am only focusing on the ATA Standard.
[1] http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1388.pdf
====================
In approximate physical/logical order, this is every attack I can conceive of:
1. The BIOS may have been replaced to record passwords
2. The keyboard or keyboard connection may be tapped/keylogged
3. The physical computer may have been tampered with physically installing hardware in any of its components
4. The Operating System may have been tampered with
5. The application used to interact with the hard drive (hdparm) may have been subverted
6. The SATA connection to the HDD may have been tapped
7. On the Drive
1. The hardware of the drive may been tampered with2. Firmware
1. The firmware may be buggy allowing code execution on the Hard Disk Drive2. The firmware may have been replaced. Supposedly, the firmware replace requires the firmware be signed with a private RSA key AND that the drive have the Load Firmware capability active. The public key is stored on the system storage area of the media
1. The firmware may be able to be loaded despite the load firmware capability inactive2. The firmware load process may have a bug invalidating the signature
3. The malicious firmware may be appropriately signed
4. The public key in the system storage area may have been replaced, allowing untrustworthy firmware be loaded
3. The RAM of the device may be able to be read, allowing unknown compromising vectors.
1. The encryption key may be stored in RAM2. The Seed Key and Seed used in the Random Number Generator may be read, allowing any new key that is generated to be guessed.
3. Internal states to the encryption process, or other operation of the firmware may be exposed
4. System Storage Area – An area of the drive that is supposed to only be able to be read by the firmware, and not the computer.
1. Secure ID aka Drive Owner (SHA Digest)
1. If the system area is able to be read, an unsalted simple SHA may be crackable2. If the system area is able to be written, this may be replaced with a hash of a known password.
3. If the Drive Owner PIN has not been changed upon initialization, the PIN is printed on the drive
2. User & Master Passwords (SHA Digest)
1. If the System Area is able to be read, an unsalted simple SHA digest may be crackable2. If the system area is able to be written, this may be replaced with a hash of a known password.
3. User/Master Encryption Keys (Plaintext?)
1. The the System Area is able to be read, plaintext storage of the keys allows full data recovery2. If the Random Number Generator is not cryptographically secure, the encryption key may follow a guessable pattern
4. Firmware Public RSA Key
1. The the System Area is able to be written to, the firmware key may be replaced and new firmware loaded
5. User Storage Area – where your data is stored.
1. The data may not be encrypted with AES as promised2. The cipher mode may not be suitable for filesystem encryption
3. The drive may be initialized in a non-random pattern, allowing usage analysis
4. The ciphertext may be stored in a way allowing block swapping, ciphertext injection, or otherwise damaging the integrity of the ciphertext
6. The Drive may be vulnerable to side channel attacks
1. Crypto operations may not be constant-time leaking data about the key structure or value2. Drive may not draw power equally during crypto operations leaking data about the key structure or value
3. The drive may not be acoustically silent, leaking information about where on the platters the data is being written by listening to drive head movements.
4. The drive may not be protected against induced faults such as power manipulation, temperature extremes, electrical shocks, or physical shocks.
8. AT Password Security Protocol
1. Passwords may be attempted at a rapid sequence if a mechanism to reset the module is created.
====================
This groups those attacks together, and notes whether I consider them within the realm of testing for the drive. I’m not sure what will be doable easily or cheaply, but if I can verify the firmware, I’ll try.
Not Considered for evaluation
User Coercion or Cooperation / “Evil Maid” Attacks
1. Hardware tampering or tapping of the Keyboard, Keyboard connection, Computer, SATA connection or HDD Pwnage
1. Subversion of the Operating System, BIOS, or hdparm
Misconfiguration
1. Not changing the Master or Drive Owner password2. Not enabling hard disk security
Side Channel Attacks
Considered for Evaluation
1. Buggy firmware
1. with regards to firmware signature verification2. with regards to firmware replacement despite load firmware capability disabled
3. with regards to randomly selecting an encryption key
4. with regards to proper encryption
5. with regards to backdoors
6. with regards to memory trespass or other “standard” vulnerabilities
2. Key Management
1. plaintext storage of encryption keys in system area2. poor password hashing practices of passwords
3. Encryption
1. lack of encryption of user data2. Improper cipher mode
3. Patterned initial fill of disk
4. Lack of ciphertext integrity
4. System Area
1. ability to read system area2. ability to write system area
====================
Again, all comments welcome, but particularly interesting in talking to
– Anyone familiar with these Seagate drives or DriveTrust.
– Anyone familiar with BIOS support for the AT Security Spec, who can help me locate a new netbook to work with.
– Anyone familiar with Data Recovery Services who could provide information on disk unlocking, AT password bypass, or moving platters between disks.
– Anyone who has done this before.
– -tom
—–BEGIN PGP SIGNATURE—–
iEYEARECAAYFAk65zqYACgkQJZJIJEzU09sNfwCfX3APmmrtFBke2CI3Ia1Rot+4
cDQAn00ezd8VPehRXAYCIM80bh464I6A
=AwIs
—–END PGP SIGNATURE—–
_______________________________________________
p2p-hackers mailing list
p2p-hackers[at]lists.zooko.com
http://lists.zooko.com/mailman/listinfo/p2p-hackers
—– End forwarded message —–
—
Eugen* Leitl <a href=”http://leitl.org“>leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
From: Peter Gutmann <pgut001[at]cs.auckland.ac.nz>
To: cypherpunks[at]al-qaeda.net, eugen[at]leitl.org
Subject: Re: [p2p-hackers] Verifying Claims of Full-Disk Encryption in
Hard Drive Firmware
Eugen Leitl <eugen[at]leitl.org> quotes Tom Ritter <tom[at]ritter.vg>:
>After reviewing the FIPs approval document for the drive[1], I’ve tried to
>put together a complete threat model outlining the major classes of attack on
>the hard drive in the interest of being rigorous.
Without wanting to sound too facetious, and mostly out of curiosity, what does FIPS 140 have to do with the threat modelling you’ve done? It doesn’t address the vast majority of the stuff you’ve listed, so the threat-modelling is kind of a non-sequitur to “starting with FIPS 140”. If you wanted to deal with this through a certification process you’d have to go with something like the CC (and an appropriate PP), assuming the sheer suckage of working with the CC doesn’t tear a hole in the fabric of space-time in the process.
Peter.
http://cryptome.org/0005/fulldisk-crypto.htm
