Author Archives: logan

nsd & crypto improvement

NSD

NSD is an open source implementation of an authoritative DNS server. It has a very good security record, and lower memory usage compared to ISC BIND. As part of hackers.mu quest to make the Internet better, we decided to look into NSD's crypto related parts, and see how we can improve it for all of the NSD users in Mauritius.

We came across cases of modulo biases in the form of arc4random() % foo. From a mathematical point of view, this causes a bias, causing the randomization to be slightly less random. This is NOT good :). Our patch uses arc4random_uniform() which is an iterative solution which reduces modulo bias. NSD took our patch and committed it: 10 December 2015: Wouter - 4.1.7 release - trunk has 4.1.8 in development. - take advantage of arc4random_uniform if available, patch from Loganaden Velvindron.

Another small step to make the Internet more secure :)

Tor hardened memory allocator improvement

Leave a reply

Tor's Hardened memory allocator

Tor supports a hardened memory allocator from the OpenBSD project. OpenBSD's memory allocator was designed to be heavily randomized. During the porting effort to make OpenBSD's malloc work on Tor & non-OpenBSD platforms, arc4random() was replaced by rand(). A modulo bias is introduced by using "rand() % bp->free". To reduce modulo bias, hackers.mu sent a patch to the Tor project. Ideally, we would be happy to see tor ship with an arc4random_uniform() implementation from OpenBSD. arc4random_uniform() was designed to eliminate modulo biases.
Geeky details here.

Tor & randomization

Leave a reply

Introduction to Tor

Tor is a piece of software which is used to remain anonymous on the Internet. Users can connect to the Tor Network, and all of their traffic is "hidden". Tor is used by several group of people: journalists living in China, Police Officers for Undercover operations, whistleblowers, human right activists, and even military officers who are on remote mission.

Mauritius & Privacy

In Mauritius, none of the local ISPs have made a public statement for protecting the privacy of their users. This means that the Internet traffic of Mauritians is probably monitored. ICTA has a blackbox which supposedly blocks only child pornography. We do not know what else it can do. Hackers.mu (a group of Ninjas living in Mauritius) publicly encourages Internet Users in Mauritius to adopt Tor, particularly for visiting sensitive websites such as political parties, making comments on forums against the government, and also making the truth known. We encourage civil servants who would like to disclose sensitive documents to use TOR.

Improving Tor

On UNIX/Linux systems, Tor relies on the Operating System to provide it with a random source of data. It's generally /dev/random. However, opening /dev/random implies keeping a file descriptor open throughout the course of execution of tor. If someone sandboxes tor for security, this weakens the sandbox. Someone who compromises a tor process can close the file descriptor for /dev/random, and open another file which is outside of the sandbox. Hackers.mu sent a patch to the tor project which takes advantage of a new API on Linux, which opens the random source in tor without the need for a file descriptor. This in turns leads to tighter sandboxing on tor, and therefore improves the security & privacy of tor users. A different patch by Y. Angel was committed to Tor to take advantage of the new API on Linux.

Adoption of Tor

It is our aim that Mauritian users adopt tor to protect their online privacy, and we will continue to work on improving the code to protect your privacy online! Happy Tor :)

Tor & randomization

Leave a reply

Introduction to Tor

Mauritius & Privacy

Improving Tor

Adoption of Tor

It is our aim that Mauritian users adopt tor to protect their online privacy, and we will continue to work on improving the code to protect your privacy online! Happy Tor :)

DANE missed the boat

Leave a reply

This article represents my personal views

What problem does DANE try to solve ?

DANE wants to be an alternative model for validating domain names with TLS, by moving some of the security check inside the DNS. However, it does not work with plain DNS, it needs DNSSEC as the underlying protocol. The perceived advantage is that it prevents people from issuing rogue certs, unlike the current CA model.

First, let's look at DNSSEC

DNSSEC suffers from a number of issues. One is the complexity of protocol, and deep learning curve. Second is the deployment of DNSSEC. It enjoys a lot of support from ICANN & the RIRs, but comparatively little from the commercial world. Neither ebay.com nor alibaba.com, 2 of the major e-commerce websites in the world. Lastly, the problem that NONE of the Internet Organizations want to talk about is security at the edge. DNSSEC-aware resolvers in CPE equipment are NOT available in 2015. The most popular DNS software for CPE equipment still has a WiP implementation of DNSSEC, which still has some bugs, causing valid DNSSEC signatures to fail. [I have other points on DNSSEC, but I will expand it in another blog post] Good Luck finding an off-the-shelf modem that can do correct DNSSEC for your grandparents.

DANE's history with the commercial world

Despite the issues with the underlying DNSSEC protocol, DANE still managed to gain some support from the commercial world. In my humble opinion, the greatest opportunity came from Google, when it implemented DANE in Google Chrome. That was the right opportunity to solve the massive deployment of DANE (and DNSSEC in the process). However, a number of issues complicated the implementation of DANE: The size of DNSSEC messages caused issues at the edge of the internet. It also introduced additional latency, due to the complex nature of DNSSEC validation process. Google later took the hard decision to remove DANE from Google Chrome. None of the DANE or DNSSEC WG at the IETF addressed those issues. DANE support, enabled by default , is NOT happening in any Google product which are flooding the market. It is available as a plugin. But will your grandmother download a DANE plugin when she downloads Google ? Experience suggests very few grandmothers would do that.

Conclusion

DANE missed the boat when the DANE & DNSSEC community failed to address the implementation issues that Google was facing. It was the golden train, and DANE missed it. Other solutions which were easier to implement and deploy filled that gap. It's very likely that DANE's adoption both on the server and client side will remain small.

An interesting nginx vulnerability

Leave a reply

What is nginx

Nginx is a web server, similar to Apache. It was designed much later than Apache, and is faster. Due to its speed, it's often used in combination with Apache, or as a replacement for Apache. The marketshare of nginx has increased during the recent years. so, when you navigate to http://www.hackers.mu/, your request is taken care by the HTTP server. I use Apache for logan.hackers.mu. I could also have used nginx.

Security vulnerability

A security vulnerability is a coding error that allows an attacker to take advantage of the flaw to get some form of control over the server. Nginx has its fair share of vulnerabilities. I'm going to talk about a particular vulnerability: CVE-2013-2028.

CVE-2013-2028

A stack based overflow is usually one of the easiest type of overflow that can be used to remotely take control of a server. CVE-2013-2028 is one such vulnerability. In the HTTP format, there's a field known as the HTTP header. One of the options that can be used for this header is the transfer-encoding chunk mechanism. In this particular case, this field was supposed to contain up to a maximum size. What happens if you go beyond ? Well, it overflows . As the original nginx code contained no way to handle this particular case, an attacker can leverage this to his advantage. He can put a large chunk size, and inject other code that you grant his a remote access to the server. The server can then be controlled remotely. You can change the contents of the website for example, or use the server to attack other servers on the Internet.

If you would like to have additional details, please let me know :)

The tale of Mauritian backdoors

Leave a reply

The government of Mauritius

The government of Mauritius loves to operate in a non-transparent fashion. Internet Filtering has been implemented by ICTA with little input from local Internet Users. They once blocked facebook in Mauritius. There are probably other plans underway to undermine the privacy of Internet Users in Mauritius. How could the government go and spy on the citizens of Mauritius ? This question has been on my mind since a while now. I would argue that it's easier to implement in Mauritius than in other countries.

ISP Market

When ICTA got the great idea to filter some internet content in Mauritius, there was little protest from any ISP. Orange, which is partially owned by the government agreed to it. I was somewhat surprised that Emtel did not take a public stand against it, as it's a private company. This leads me to believe that there is NO ISP in Mauritius is committed to protecting the privacy of its customers. It's interesting to see how the first backdoor was implemented in Mauritius: The government lacked the necessary technical expertise, and outsourced it to a New Zealand based company to implement the Internet Filtering system. I believe that it's possible that the ICTA filtering system is not only blocking, but also logging the traffic of Internet Users to some of those pornographic websites. Due to the lack of transparency regarding the list of websites, it's hard to say. However, one could speculate that if a political party launches its own website (e.g www.mmmparty.com), ICTA could potentially have any visitor to that website from Mauritius logged passively using the Internet Filtering system. In other words, do not block the website, but log the IP addresses of people accessing the website. This would give the government an idea of how many supporters are behind an opposition party. The ICTA Internet Filtering is the first example of a known backdoor implemented by the Government of Mauritius.

Another backdoor could be in the modems that the ISP deploy on the Customer premises. By matching the customer details and the Internet Traffic from the modem to get a better idea of the different people within a house. I'll give a concrete example: If there is a lot of traffic to the mmmparty.com coming from a particular house, the ISP cannot know exactly who is exactly behind it, as ISPs in Mauritius allocate a single public IPv4 address to each customer. By putting a backdoor within the modem, it can get a full picture of which device is connecting to that website. However, the government itself does not have this kind of technical expertise. It would mandate an ISP to implement that, and a router manufacturer would happily accept that as a "business requirement".

Tablets in school & Wireless Access Points

A number of people are currently raising concerns that a private company is getting all of the contracts for tablets, and wireless access points in Mauritius. The young generation constitutes a sizable group that will be able to vote in 4 years. A contractor could include a backdoor that would log any traffic to those tablets and get the government an idea of the political inclinations of young people. As far as I know, there has not been any audit of the tablets.

Controlling the smartphone market

ICTA has implemented all kind of measures to discourage people from importing wireless equipment under the pretense of "regulatory concerns". This favours companies like Orange and Emtel who are selling smartphones. Since none of those companies are committed at protecting the privacy of their customers, That would be a great avenue to implement another backdoor. By bugging every smartphone, the government can collect information on who is talking to who, and the duration of the call. I heard that the government of Mauritius was taping phone calls at one point right before the elections. The government of Mauritius has historically been tied to the ITU, which is known to operate in a non-transparent manner, so It's safe to say that telephone calls through the GSM network (2G, 3G, 4G) can be monitored.

Monitoring facebook

When the interim Minister of TCI started talking about avenues of co-operation between facebook and the government of Mauritius, I felt uneasy. A few months earlier, Orange was announcing that it would offer facebook for free via its Data package. By channeling mobile traffic via its GSM network, Orange can potentially monitor Internet Traffic of facebook users. I started wondering if the announcement weren't somewhat connected. "We give you free facebook, but we monitor it." Facebook is the most popular social network in Mauritius. Dangerous is the road ahead ...

Encrypting my DNS traffic

Leave a reply

Protecting my DNS traffic

I use Internet Banking because my bank forced me to. They prefer that I avoid going to their regional office for bank transfers. When I launch my mobile banking application, There's a message known as DNS, which is sent to my ISP. The message is basically : "What is the IP address of Internet Banking web site ?". The DNS server at the ISP side will reply with something like "22.22.11.22".

Building a profile

The problem here is that this message is sent unencrypted. My ISP can capture this traffic and send it to some agency somewhere. We already know that they are filtering Internet in Mauritius, and blocking Child pornography. However, we don't know what else they might be collecting on us. Lack of transparency is an issue with the ICT Authorities in Mauritius. I'm not comfortable with my DNS traffic passing around unencrypted. It can be used to guess when I am checking my bank account. It can also be used to check which websites I've been visiting. DNS is a very good metadata to build a profile about anybody on the Internet :)

We have DNSSEC right ?

DNSSEC was never designed to to encrypt the question-reply DNS messages between my ISP and my home router. It was designed to check if the reply (22.11.22.22) I'm getting from my ISP DNS server is valid or NOT. If it's not valid due to failing the DNSSEC validation, we know that there might be an attack somewhere or someone who did not configure DNSSEC properly. [I will talk about misconfiguration of DNSSEC in another blog post.]

What I want to achieve

I want the DNS server on my ISP to receive my request encrypted, and also reply to me using encryption. So, if I type, ib.mcb.mu, I want "ib.mcb.mu" to be sent as "XSDSDDSDSDASASDS", and my ISP takes this string that nobody can make sense, and turn it back into "ib.mcb.mu". Then, It takes the IP address "22.11.22.22", and sends it back as "DEADBEEF0x42asd" to my home router. My home router takes this gibberish, does some math vodoo and sends it back to me as "22.11.22.22". However, in this case, I do not trust my ISP DNS server since it's operated by a partially-owned government ISP which blocked facebook once. The gibberish string is what is important here: This is what is called Encryption. This is key to prevent pervasive monitoring on the Internet.

Enter DNScrypt

A group of really smart people came up with a protocol known as dnscurve. It encrypts the traffic between resolvers, and the big DNS servers on the Internet. OpenDNS is the major company to deploy DNScurve for its public DNS servers. OpenDNS also released dnscrypt, which encrypts the "last mile". It encrypts the traffic between OpenDNS public servers, and my house. Perfect. Exactly, what I'm looking for ! The icing on the cake is that DNScurve and DNScrypt have NOT been influenced by NIST "recommendations" for cryptography.

Configuring DNScrypt

DNScrypt is surprisingly easy to configure and deploy on my end user equipment. The process can be improved further. Below is a snapshot of the start-up messages.




daemon.info dnscrypt-proxy[29929]: Generating a new 
key pair


daemon.info dnscrypt-proxy[29929]: Done


daemon.info dnscrypt-proxy[29929]: Server certificate  #1435874751 received


daemon.info dnscrypt-proxy[29929]: This certificate  looks valid


Tue Nov 10 18:59:49 2015 daemon.info dnscrypt-proxy[29929]: Chosen certificate 
#1435874751 is valid from [2015-07-03] to [2016-07-02]


daemon.info dnscrypt-proxy[29929]: Server key 


fingerprint is 


ED19:BFBA:FAFC:9257:DFDC:68C7:69BF:AC24:94CD:743F:3C1D:4966:134D:FE2C:4BDC:F315


daemon.notice dnscrypt-proxy[29929]: Proxying from 


127.0.0.1:5353 to 208.67.220.220:443

Fun adventure

I tested by snooping on the outgoing traffic leaving my router: my DNS messages are encrypted using strong crypto ! No need to change anything on my home PCs, wireless APs, smartphones, or tablets. It's all transparent to them. And my aim which is to encrypt my DNS traffic has been achieved ! It's going to make the job of pervasive surveillance agencies much harder to build a profile of my surfing habits. A follow-up blog post could be about combining DNScrypt and DNSSEC to get both the validated DNS reply from DNSSEC, with the encryption capabilities of DNScrypt.

Smart cars in mauritius

Leave a reply

Smart cars in the Cyberisland

I went to one of the car sellers, and they were trying to sell me a car with a lot of gadgets. Despite being a hardcore geek, I prefer to avoid "smart" cars that are currently sold in Mauritius and elsewhere. This may come as a surprise for some of you. Read on.

Lack of transparency

Volkswagen was caught cheating on the emission test by tweaking the software of their engine to change its engine behaviour when it was passing auditors test for carbon emission. Volkswagen is apologising, and they want to "win back the faith of their customers". What about the other manufacturers ? Why should I trust them ? How safe are the other car makers ?

2 security researchers discovered a way to play around with the aircon, and sound of Jeep Cheerokees. Some security researchers claim to be able to remotely shutdown, and turn the wheel of a car while it is on the road. I'm pretty sure that the other car manufacturers are vulnerable to this. Just because it's german or the US does not mean it's security proof. A pattern is emerging: The smart car manufacturers are not investing in securing their products.

Potential customers

Electronic Frontier Foundation is fighting for the right to inspect the software running on a car. They did so in a US court. The car manufacturers wanted to make it illegal for security researchers to audit the security of cars. They want to hide behind repressive laws to prevent the security flaws from becoming public.

We can and should boycott smart cars until car manufacturers are transparent about the software running on their cars. Car companies should pay independent security companies to inspect the software running on their cars because LIVES are at stake.

Let’s encrypt

Leave a reply

An intriguing mail

When I opened my mailbox in the morning, an interesting mail showed up ! At first, I thought that it was spam, as it said that "You had been selected to participate .."

A closer look

Upon taking a closer look, I quickly realized that it was coming from the letsencrypt non-profit foundation ! Letsencrypt aims to make TLS available to everybody, and wants to make it easy. You might be suprised to hear this when you know that a TLS certificate costs at least $9 USD. I heard about letsencrypt from websites, and they were active at the IETF in Prague when I was there. For Mauritius & Africa, this represents a huge opportunity for non-profits, educational and Small and Medium enterprises to get better security for their websites, for little cost, except investing time to learn how to use the ACME client from letsencrypt.

The downside

You do not get the full EV (Extended Validation) from SSL/TLS vendors which have much more strict requirements, and are normally costly. This is what a critical Internet organization or a bank would use for its HTTPS services.

First impressions

The service is still in limited BETA phase. It can be setup with a single command:


 ./letsencrypt-auto --agree-dev-preview --server 
      https://acme-v01.api.letsencrypt.org/directory certonly

More to come

Stay tuned as I move a personal website to HTTPS powered by letsencrypt :)