Wednesday, 26 August 2015

What's in a name? Retiring the name "Canary"

Almost three years ago, I started on a project to retrieve data from various sources and process them with the idea of allowing those to know when data has been compromised via alerts or just searching. After the Ashley Madison data hit the Internet last week, I had more searches in one day than I had in the entirety of the project up until then.

Canary has gotten more popular and has received more data since its start in March 2013. Last year, it hit a milestone of one million total samples. And as time has gone on, I’ve realised two things about the service that need to be changed.

The first one is the obvious: Canary has been getting slower as it has received more data and the results are becoming less clear. When I first developed the application, my knowledge of databases and efficient search queries were quite limited even though I was eager to make use of these tools. Having learnt some things from other projects I am engaged on, I am now almost complete in rewriting its backend and migrating to a new database engine too. When it is ready later in the autumn, I’ll be able to discuss this in further detail.

Now, what is the second one you might ask? It needs a name change.


Originally, Canary had a few prototype names: the working name was “DataAlert” and its codebase was referred to as “ODLDB” or “Online DataLoss DataBase”. After getting the software to work as expected, the name “Canary” was adopted after an earlier project of mine, “Avivore”, which was a tool for finding phone numbers and other personal information on Twitter. Internally, I still refer to the software as “ODLDB” even though its components are all named after specific birds.

The problem I am running into now is that there are far, far too many applications and services on the Internet using the name “Canary”. To make matters worse, there have been several other “Canaries” including one that practically did the same thing as the service I run today and another that had a logo so similar to mine that I considered speaking to a lawyer to see what my options were to prevent the sale of its service within North America.

Four services or projects so far have adopted the name “Canary” in the information security sector since I started Canary in 2013. One is a piece of hardware that behaves as a internal network honeypot, another is a webcam for home monitoring, one does practically the same thing as what I offer, and another is supposed to detect changes in SSL certificates. In three of these, I can remain confident that those who went and adopted the name did little to no research on the name and just went and slapped it on--the camera product came out a month or so after I announced the service so I don’t have the same sentiment.

It has gotten to the point where I have been getting e-mails about these other Canary-named services that have nothing to do with me. These e-mails happen at least once or twice per week and usually I just respond with, “these are not the canaries you’re looking for”.


Having said all that, I am not a fan of being litigious or aggressive towards others especially since the space where “Canary” is being used as a product name is becoming quite crowded and the energy and capital I’d have to spend to fight for it would exceed that of simply renaming the service and redirecting traffic to a new domain. I am also a person that prefers to build bridges with people and the other Canary-named services are individuals and groups I’d personally rather be amicable with upon anything else. Additionally, I don't think the adoption of this name by others was intended to undermine me or anything and that instead I think it's just a lack of forward-thinking.

With the release of a new version of the software will come a new name for Canary. I have several candidates for names at this time but I will be doing my research. What I do ask for you as the reader is that when you name a project, consider just doing a simple search on Google or something to ensure that you won’t be stepping on toes or making people who’ve already invested some time and energy into it.

Friday, 1 May 2015

Sever and the idiocy within

A few days ago, I posted some e-mails depicting an actual exchange between myself and a group calling themselves "Rogue Foundry" who are presently engaged in a Kickstarter campaign. The product they're trying to sell is a box called "Sever" that promises complete anonymity when used between you and the Internet.

As stated from their Kickstarter, it makes the following claim:
Sever™ is an embedded forced routing, peer to peer internet networking device with inherent DNS security protections built in, individual packet encryption, a data containment engine, and IP obfuscation capabilities.  Its engineered to make what you do online private, faster, and untraceable! Its designed to work with your existing internet hardware and setup takes only minutes. 

Sever™ enhances secure network communications, secures wired and wireless devices and networks including mobile devices, PCs, servers, and other Internet Protocol based systems. 
Devices like this are not new really as the more recent example of Anonabox make use of a similar sort of tactic--ignoring that particular device's shortcomings here of course.

However, what got my attention were the following two claims on the Kickstarter page itself:
Increase network speeds up to 10X
[...]
Sever™ shreds your data into billions of tiny data packets, encrypts each one with a powerful new encryption algorithm developed to STOP villains dead in their tracks and keeps you, what you do and your data from those you don’t want to have it. 
These are fairly outlandish claims as not only are they stating that they can turn your 25 Mbps network connection up to 250 Mbps, they're claiming that they've developed a whole new encryption algorithm--did they roll their own crypto?

It all started with a tweet and then Twitter going nuts about it the next morning. I figure I'd write my observations into a post here and let you know what I know about Sever and Rogue Foundry.

If you're looking for a good backgrounder besides my e-mails, I also suggest reading 0xabad1dea's account.

Who are these Rogue Foundry guys?


It has been a bit hard to determine who works for them, but I have managed to find out that they are a registered corporation in the state of Delaware but have based their operations in Dracut, MA according to this corporation registrar. Because we have these corporation details, we know who's on their board.

Name Role
Anthony (Tony) McDermott President, Treasurer, Director
Jay C. Grant Secretary
William Edwin Bridgeford Director
Joe Burleigh Director

Besides this board, what I have been able to determine from e-mails with a few people is that there are at least two to four videographers amongst their organisation (which explains this corny video). One of the videographers is a local musician and another one also holds a job at a local Apple store--I have chosen not to link to any details on these individuals. As for the other two, I haven't worked out who they are or if they exist. Having said that, there is no evidence so far that they even have anyone working on the software at their organisation. There is only one employee mentioned on LinkedIn having association with the corporation.

Tony McDermott has been mentioned in the news alongside his daughter advocating for bulletproof glass to be installed in all public schools. In the article, he's cited as owning a company called "Critical Clouds" which is cited by the article as " highly specialized security-software company based out of his Wheeler Road home in Dracut". The only details I was able to glean on this company was any related story to the aforementioned news article. He does have several domains connected to him including scumbags.us and tonymcdermott.com.

In my e-mails with Tony, he cites that he has someone on his executive board who was responsible for "the day-to-day operations of the President's network". Well, that is likely true: Jay C. Grant has indicated on his LinkedIn he worked at the White House--except it was for less than four months and it was merely a role to supervise the operations centre. Jay is pictured in the KS page as the individual standing top-left.

I have very little to no information on Joe Burleigh other than he has posted a job opening for a part-time PHP and "Pearl" developer back in mid-March--normally I wouldn't rag on spelling mistakes, but "Pearl" is used twice. William Bridgeford is cited as a retired photojournalist but other than that there isn't much information on him.

In Tony's second e-mail to me, he mentions Pete Ochinko, who he states is a "former United States Secret Service Presidential Protection Lead"--but unlike the others is not listed on the official corporate registrar. This sort of title makes it seem like just like Jay, Pete is claimed to have worked for the US government. According to this PR release there is some supposed truth in this:
Ochinko retired from the United States Secret Service in 2002 after a 20-year career with the agency. His assignments included the White House, Baltimore Field Office, Miami Field Office, Counter Assault Team, Washington Field Office, Mobile, Alabama Field Office and West Palm Beach Resident Agency. His duties included developing comprehensive security plans for Presidential, Vice Presidential and Foreign Dignitary visits both domestically and around the world.
None of these guys have any real computer security background other than manning an operations centre and their activities on the Internet have been limited to press releases and LinkedIn profiles. Backgrounds are being embellished here a bit much to say the least.

No known cryptographers and no known software developers, but at least four to five executives with very little technology background overall and two to four videographers--one of which has made some half-decent music. How can we trust that they'll put out a product that does as they say?


What is the supposed technology behind Sever?


Tony decided to e-mail me with details on their underlying technology using a brochure that only gave me a high-level overview of everything that offered nothing substantial. It took a bit to cut through what the product was trying to describe itself as but here's the important bit:
the data is broken into packets and sent through multiple constantly randomized pathways via the various servers, PCs, tablets, and smartphones that comprise the Dispersive Technologies Spread Spectrum IP™ network. [...] In fact, the multi-stream strategy is so hack-proof, Dispersive Technologies’ original product didn’t leverage traditional encryption at all!
In its own words, it tries to spell out that it chops up the data into smaller chunks, reorders them in some fashion, and then transmits them without engaging in any encryption--effectively, it reads as if it is a scytale cipher of sorts. Since there has to be a method to decipher what is being received, it should be trivial to determine the order required to successfully reassemble the data without needing to be an authorised recipient of the data.

Of course, nobody in their right mind would want to use such a method to encode their data. Governments and organisations agreed and as such Dispersive Technologies was forced to add encryption.

Dispersive began to experience resistance from procurement officers because the networking system did not incorporate encryption – traditionally a foundational element of every competitive product in the space. Despite Dispersive Technologies’ reservations, it was clear that encryption would be required to grow market share.

[...]
SafeLogic’s CryptoComply module contains a variety of NIST-validated algorithms, allowing Dispersive to dynamically assign each pathway to be encrypted with an entirely different algorithm. This flexible, multi-stream, multi-algorithm system makes the Dispersive Technologies network incredibly secure, and provides an added level of security over traditional single-algorithm, single-stream data networks. The assortment of CryptoComply’s encryption schemes meshed perfectly with Dispersive’s strategy; depending on user needs, customers can configure various pathways and mix-and-match with any number of encryption algorithms.
And we can see that we have NIST-validated algorithms at play here. We can also confirm via NIST themselves that SafeLogic had went and submitted details for validation:
-FIPS Approved algorithms: AES (Cert. #2273); HMAC (Cert. #1391); DSA (Cert. #709); ECDSA (Cert. #368); RSA (Cert. #1166); SHS (Cert. #1954); Triple-DES (Cert. #1420); DRBG (Cert. #281); CVL (Cert. #44); RNG (Cert #1132)

-Other algorithms: RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)
.
Where does the 10x speed come into play? Well in the document that was provided, it makes the following claim:
The system inherently features redundancy and load balancing, and alleviates bandwidth bottlenecks at the servers. The result is a 2x­-5x increase of network speed, a reduction in network traffic by up to 50%, and a significant improvement on traditional networks.

Well that's not "10x speed" but really I question whether or not that the SafeLogic technology can even achieve this the way Sever implies considering the laws of physics and whatnot. Technologies like this have been bantered about before with it not living up to the promises or ending up as vapourware all together.

Now, for Tony, who has previously ran a specialised computer security company, why can't he answer with that? Of course, he doesn't himself know what crypto his product uses because on Twitter, he went on about two, unrelated crypto products instead:


These two products are not like SafeLogic's and nowhere in the document that they submitted to NIST does it mention HAIPE, which is what these two use.

Needless to say, I believe Tony knows not what his product does nor has no clue about cryptography in general. For someone who again previously ran a specialised computer security company to not know much about the cryptography in their highly-hyped product should be damning enough.

Why are you picking on these guys anyway?


To put it simply: I hate snake oil and abhor claims from security vendors that they have the holy grail of security.

To elaborate: one of the problems with the information security (or "cyber security") industry is that there are a lot of players. A lot of people within the sector are quite good and I am privileged enough to consider many involved to be good friends and people I overall like.

However, with more players comes a large number of people who choose to throw away ethics or common sense and come out with claims akin to the discovery of unicorns on how great their product is. Attrition has done a great job documenting the problems certain individuals have brought upon the industry and it should be worth a read if you're still having doubts about what I am saying. It should be noted that there are many other problems too but that is a discussion for another time.

In the case of Rogue Foundry, if they have a product as good as they say they do, they wouldn't need your Kickstarter money. Such a device that promises to make you "hacker-proof" would have larger vendors clamouring all over the technology. We don't see that going on here and as such you should take that as evidence enough that the product wouldn't work were it to actually exist. Just because the technology was featured at RSA this year does not mean that it's worth having. I am certain that if I were to sit down and bother, I could find many examples of technologies promoted at the conference that ended up being nothing more than smoke and mirrors.

Instead of answering my questions about their background and history, they've opted to go silent for two days. When they did speak up, they opted to not go through on their promise to update their Kickstarter with answers to my questions and instead made a video mocking those who called them out on their idiocy. I guess this is what you should expect from a company that has a handful of executives in addition to a handful of videographers.

Rogue Foundry's Sever doesn't work and there's more than enough evidence to say that.

Tuesday, 28 April 2015

Sever and its relation to Snake Oil and defiance of physics

If you haven't heard of Sever by now...

Sever™ is an embedded forced routing, peer to peer internet networking device with inherent DNS security protections built in, individual packet encryption, a data containment engine, and IP obfuscation capabilities.  Its engineered to make what you do online private, faster, and untraceable! Its designed to work with your existing internet hardware and setup takes only minutes. 

Sever™ enhances secure network communications, secures wired and wireless devices and networks including mobile devices, PCs, servers, and other Internet Protocol based systems. 
We're also in the process of building a Sever™ App for your mobile device extending your protection, while away from home. This interconnection will provide security, anonymity, and malware protection wherever you are.
Okay. So it seems to be some sort of Anonabox clone.
Heads up! If you're an online gamer get ready to experience a disgustingly cool boost in network performance. Your data travels faster than theirs!
Alright. So it ended up becoming a bit of a shitstorm on Twitter and they were happy enough to e-mail me with details.

Subject: Greetings from Rogue
Date: 2015-04-28 15:41
From: Anthony McDermott <tony@roguefoundry.com>
To: "colin@keigher.ca"

Hi Colin,

Thanks for reaching out. We are getting slammed on twitter…its making
us smile. Here is an article on some of our underlying technology
http://info.safelogic.com/acton/attachment/9340/f-0007/1/-/-/l-0004/l-0004:29/file.pdf
[1]. This is about 10% of what we’ve done with Sever. Part of we’ve
been playing with the code for a long time and its peer reviewed like
crazy. If your interested in beta testing the first ones let me know.

Best regards,

Tony

ANTHONY MCDERMOTT | ROGUE FOUNDRY, INC.
President
cn:Rogue 4

1934 Lakeview Avenue
Building #3 Mail Box #13
Dracut MA 01826
Direct: 650.564.7644
tony@roguefoundry.com
The PDF really didn't provide me with too many details but I decided to take a crack at figuring out what it did anyway.

Subject: Re: Greetings from Rogue
Date: 2015-04-28 21:09
From: Colin Keigher <colin@keigher.ca>
To: Anthony McDermott <tony@roguefoundry.com>

Hi Tony,

I really appreciate your reaching out to me and attempting to explain the use of crypto within your product. I did read the PDF that you provided for me and found myself still asking what this new cryptography method you're using here.

The document makes the following claim:

> the data is broken into packets and sent through multiple constantly randomized pathways via the various servers, PCs, tablets, and smartphones that comprise the Dispersive Technologies Spread Spectrum IP™ network. [...] In fact, the multi-stream strategy is so hack-proof, Dispersive Technologies’ original product didn’t leverage traditional encryption at all!

This is pretty bold and suggests that after it had chopped the data up and bounced it off of whatever devices that this software runs on that it would be indecipherable to someone who manages to get a tap on your network traffic. However, there's one problem: how are you dealing with this on your device since it appears to run in-line with an existing Internet connection? What I am meaning here is that everyone is just going to have a single egress and ingress point anyway so how does this help the user if the data has been chopped up but still goes out on the same gateway?

Also, while sure if you take some data, chop it up, send it out of order or whatever, it may be difficult to reassemble, it doesn't mean it's impossible and there's going to be enough data to figure out what piece goes where.

Because of it being unclear and seemingly implying that it relied on unicorns going around the network, I went and read the patent (US7895348) for the product and found that the abstract and claims were a tad clearer than the marketing spin that was in that PDF but nonetheless left me with the impression that again all this does is chops the data up and makes use of other machines (or virtual machines in the patent's statement) to send the data around. However, in the diagrams I am again left with the impression that the egress and ingress points stay the same.

So let's go back to that document you linked me to where it discusses what SafeLogic did to reluctantly implement encryption because it was found that nobody in their right mind would rely simply on obfuscation to send network data around:

> SafeLogic’s CryptoComply module contains a variety of NIST-validated algorithms, allowing Dispersive to dynamically assign each pathway to be encrypted with an entirely different algorithm. This flexible, multi-stream, multi-algorithm system makes the Dispersive Technologies network incredibly secure, and provides an added level of security over traditional single-algorithm, single-stream data networks. The assortment of CryptoComply’s encryption schemes meshed perfectly with Dispersive’s strategy; depending on user needs, customers can configure various pathways and mix-and-match with any number of encryption algorithms.

OK. Great. Now we get some inkling of what encryption algorithms it uses here. Here's a list of what NIST has validated:
http://csrc.nist.gov/groups/STM/cavp/validation.html

If you want to be even more detailed:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm

In there we see some common encryption standards that NIST has approved--think AES, 3DES, and RSA for example. Which of these in the NIST list does your product use? Do you know? Or are you relying on whatever SafeLogic has provided for you? Do you know how their RNG works in your product? Why are you unwilling to mention any of this in the Kickstarter you put up and required my hounding to get this information? This sort of attitude tends to lead me towards thinking that your product is a house of cards and that once someone knows one tidbit about its internals that everything will unravel.

Hint: if you need to find the answer to my question, it's in the second link.

Also, there's another part that is confusing here: what are you going on about with SecNet54 and KG-175D? As far as I can tell from their data sheets that they're not even in the same class as this SafeLogic stuff you've thrown at me as they use a totally different methodology (HAIPE). What is the reason for citing this?

So let's go back to your KickStarter's claims:

> Sever™ shreds your data into billions of tiny data packets, encrypts each one with a powerful new encryption algorithm developed to STOP villains dead in their tracks and keeps you, what you do and your data from those you don’t want to have it.

You use the words "new encryption algorithm" but then provide me with a data sheet that cites its use of NIST-validated algorithms. What's new about it? It uses the same stuff that most of us have been using for the past two decades. Can you please tell the public what is so "new" here?

There's a reason why you're getting blasted on Twitter for this nonsense: it smells like snake oil. Why are you trying to go on about its encryption claims when you cannot even take the time to investigate what they even are? This was barely 20 minutes of work and what you could have said is that it uses a third-party, NIST-approved application that makes use of a NIST-approved ciphersuite.

Can you at least attempt to clarify a few things here for me?

- Is what I have said above correct or incorrect? If the latter, can you please provide in your own words what the case is here?
- How can you provide a 10 TB SSD while only offering it at $199 USD? A 1 TB SSD costs $400 USD right now. Are you time travellers? Or is this Kickstarter going to be shipping when we have 10 TB SSDs on the cheap?
- How can you be selling us an open-source hardware and open-source software solutions if you do not mention anything about them? What open-source hardware is this and what open-source software is being used? Can we have a link to your Github?

I look forward to your reply.

- Colin
You'd think they'd be done with my eviscerating them but apparently not...
Subject: Re: Greetings from Rogue
Date: Wed, 29 Apr 2015 00:02:32 +0000
From: Anthony McDermott <tony@roguefoundry.com>
To: Colin Keigher <colin@keigher.ca>

Hi Colin,

First of all thank you for you response.  Its good to be speaking with
someone who understands technology and is willing to ask questions, even
if its with a bit of a skeptical tone. :)  I’m having our technical team
answer your questions one by one.  One thing that they can’t answer is
anything about our new encryption.  That will be released when the
product is launched. Its proprietary information.  Your questions are
valuable enough that we are going to update our kickstarter and post
shorter versions on our FAQ, so thank you.

I’ve reached out to a few people in my network to see if they know you.
  Always helps to have a common friend.   I believe we have a friend
that either knows MARS or knows someone who’s associated with it.  We
know the community, white and black hats and are preparing to throw as
much credibility around the technology that we can in the coming weeks.
  We know there's a lot of questions and skepticism…thats the cutting
edge.  Its what we have to deal with.  But sit back for one minute and
ask yourself what happens if everything we say is 100% true.  What then?
Our CEO is Pete Ochinko - former United States Secret Service
Presidential Protection Lead. Jay Grant is our CISO.  Jay’s most recent
position was Enterprise Operations Branch Chief of the Executive office
of the President of the United States of America.  He was responsible
for the day to day operations of the Presidents networks and data
center.  None of us are willing to put our reputations on the line and
Bullshit the world into purchasing something that we can’t be build.  We
work our tails off and are good professional people.  Definitely don’t
deserve what’s happening on Twitter but we will prevail.  Truth has a
way of doing that.  :)

You have my word you will get your questions answered, they are good!

BTW

http://www.prweb.com/releases/2013/5/prweb10758090.htm

https://youtu.be/I3HXgNGuU5w

https://youtu.be/0GtyXYVOvPk

https://youtu.be/v_G3qBNaidc

If your good at what you do and your looking to change the world…come to
Boston and interview with us.  We really like your style and hitting
this head on.

Best regards,

Tony
And then I decided to just tell him I know more than I care to:

Subject: Re: Greetings from Rogue
Date: Tue, 28 Apr 2015 22:19:32 -0700
From: Colin Keigher <colin@keigher.ca>
To: Anthony McDermott <tony@roguefoundry.com>

Hi Tony,

That sounds great. I am glad to hear that you'll address this in your
Kickstarter page. However, I am dismayed that you have failed to address
these to me personally which leads me to doubt that you will follow
through on this and will likely half-ass the answers.

Here's a tip: trying to pass off people who've done work within the
government as reason for me to believe that your product is solid only
digs your hole deeper. This is why you're receiving scorn on Twitter:
people like yourself come into the security industry promising the moon
and beyond and yet instead deliver on nothing. You haven't earned any
trust and I very, very much doubt you ever will.

Nobody who has a clue about how this stuff works cares about
pseudo-technical Youtube videos, PR press releases, or whitepapers
written by marketing droids. This information is not intended for us and
will only question your guys' motives even further. The lack of
technical information from you so far leads me to believe that either
you're being deceived or you're deceiving others.

I did some research on my own and so far have determined that beyond the
names you've given and the name on the KickStarter, the only other
person I can see possibly employed within your organisation is a
videographer who quit his job at the local Apple store in the past year.

Do you have cryptographers employed amongst you? How big is your
development team? Who are these people in the photo you included on the
Kickstarter? What backgrounds do they have? What whitepapers on
cryptography have they written? Why should I trust based on some notion
that you have some former government agents amongst yourselves?

If all you have is your executive team and this videographer, it does
not bode well for the future of your product.

Again, you have not earned any trust and that is why you're getting
rightfully-deserved scorn and criticism from not only myself but others
who do this sort of work day in and day out.

Also, do better research on me. MARS is a team of four and I am fairly
certain that whoever in your network knows anyone I know is merely a
loose relationship and nothing substantial. What I do know about you is
that you naively advocate for bulletproof glass in schools and had a
bone to pick with a local cardinal.

Lastly, while I very much love an excuse to fly out to the east coast,
I'll have to say "no" to your suggestion that I come pay a visit.

I am not interested in peddling in what I perceive as snake oil. The
fact that you have to rely on Kickstarter to get this project moving
forward instead of outside investment tells me it doesn't work or you
guys just have no clue about running a business. I'm no expert on the
latter I'll admit, but you seem to be promising the security device of
the decade which means that if it did work, some vendor would be all
over you.

I look forward to seeing you update your Kickstarter page and expect
that my questions will be answered there.

- Colin
Bets on Tony trying to threaten me with legal action if Kickstarter pulls their junk?

Wednesday, 18 March 2015

An Australian-specific cipher

B-Sides Vancouver has come and gone and so has its first-ever capture the flag event, YVRCTF. One of the challenges this year included a cryptography one (CRYPTO 200) which was written by yours truly.

Here's the text as it it was posted:
*** TOP SECRET MUST NOT BE SHARED OUTSIDE NZHQ ***

Hello,

We intercepted this transmission sent yesterday morning being sent to Adelaide. Based on our observations it came from Canberra so we can only assume it was a government transmission. Based on new intelligence, they're using a new machine to encipher their text and at this time we're unsure of what they're doing to get the message across.

Please decipher this at the earliest possible and deliver it to my handler in Christchurch. We must not let the Queen take back our land.

4e3b5f5c6f8a4e4c7f0a6d3b7f7c2d4a
3e0a4f7c0d4c6e8a3e6b3d3b3d0a3f6c
7e0a6f6b5f9c0d8a4e3b0d7b3e2c4f7a
4f3b6e8a0d2a6e3a0d6a8e7c8d0a6e6c
8d0a2e3b0d3a3e2c4f7a4e3b7e3b3d0a
2e9c0d2a6e9c0d8b6e2a8e8a4e6c7e4c
7f3b3d0a7d2a7e8a9f0a7f4b6f8b5f3a
0d9c6f8b0d6b6f8a0d2b3e0a2d8b8d4b
6f7b4f7c3e3a0d8a6f0a3d3b2f6c3d3b
0d8a4e4c7f0a6d3b7f7c2d4a3e0a9f6c
8e0a9d4c5f5c0d2b3e0a7d7b6f7c3e2c
8e8a3e3a0d4c6e0a6f8b7e0a6d2a5d3b
7f8a9f7c0d2c6f8b7e8a0d2a8d0a4f8a
7f0a3f8b5f5c3e7c8d4c3f0a9f6c8e0a
2d7b3e0a4f6b0d2a3d3b5f2a4f3a3e0a
7d5c3e2a7f3b0d6a2d5b3e0a9f6c8e7b
0d9a2d9c0d8a6f0a4e6c2e2a7e8a0d8a
6f0a2f6c6e8a2d2c8d0a6d4c6e4c7f8a
3e7b0d3c8e5c5f3b7e0a2d8a0d9c6f8b
7e0a3e2a7e5c4f3b7f8a0d9a3e0a4e2a
8f3b0d2a0d7a2d2c5e2a4d3b0d9a2d4c
8d4c6e4a0d8a6f0a2e3b0d7a4f2c5e3b
3d0a8e7a0d8a4e3b7e3b0d9a4e4c2f4b
0d6a8e7c8d0a2e3b0d3a3e5c4f8c3e7b
3e3a0d8a6f0a8d4b3e0a7f9c3d6b3e9c
0d4b2d7b2e6c8e7b0d2b7e4c3d4a3e0a
2d8a0d4c8d7c0d3b2d7b5f4c3e7c8d0a
9f6c8e0a9d4c5f5c0d6a3e3b8d0a9d4c
8d4b0d2b7e4c8d4c7f4b0d2a6e3a0d2c
2d6b2d3a4f2a6e0a6f3c3f4c2f4c2d5c
7f0a9d4b6f0a9d4c5f5c0d4a8e4c3d3b
0d9c6f8b0d8a6f0a2d0a9d2a4f8a4f6b
4d0a2f2a7e0a2d8a0d9a4e4c2f4b0d7a
6f4c6e8a0d9c6f8b0d9a4f5c5f0a2e3b
0d7a7e6c8f4c3d3b3d0a9d4c8d4b0d3c
8e7b8d4b3e7b0d3a3e8a2d4c5f7c9d4b
3e6b0d9c6f8b0d6a3e3b8d0a8d4b3e0a
6f3c3f4c2f4c2d5c7f0a7d5c3e2a7f3b
0d7a7e6c8f4c3d3b0d8a4e3b6d0a9d4c
8d4b0d8a4e3b0d3c6f5c5f6c9d4c6e4a
0d3c5f2a4d8a4e3b7d2a2f5b2d4a3e7c
2d7b3e2a8d7a3e7b8d4b6e6c7e8a4e9a
3e0a4e6c7d3b0d8a4e2a8d0a8d4b4f7c
0d6a3e7c7f2a4d3b0d6a2d5b3e7c0d4c
8d0a8d6c0d9c6f8b0d7c2d3c3e5c9f9c
6f8b7e7c0d4c6e0a7f8b2f2c3e7c7f0a
4f6b0d8a4e3b0d9a2d7b0d3b3f3c6f7b
8d6a4f6b4f7c8d3b7e0a8d4b6f6a2d7c

Yours truly in defeating the Australians,
Minister Stevensons
There are two versions of this cipher: one for this CTF which has no shift and one for YOSPOS, which has a shift.

If you were involved in the CTF and failed or succeeded at decoding it, I'd love to know what methodologies you threw at figuring it out.

So what was done to encode this?


The methodology used to encode it was fairly straightforward but used an older version of the Australian telephone dial pad--this was sort of the hint I left in the above challenge. Here's an example of its layout:
|-----------|
|1   2   3  |
|QZ  ABC DEF|
|-----------|
|4   5   6  |
|GHI JKL MNO|
|-----------|
|7   8   9  |
|PRS TUV WXY|
|-----------|
|*   0   #  |
|-----------|

What was done was that '0a' was set to handle spaces, but looking back I could have used it to encode new lines and periods--so space would be 'A', '\n' would become 'B', and '.' would become 'C'. During encoding, the position of the letter on the dial pad digit was set to letters 'A', 'B', or 'C', meaning that if you wanted to encode letter 'N', it would become '6b'.

To add a level of confusion for the intercepting party, every other would become flipped so if '6b' came after say '3b', then '6b' would become '6e'.

If we were to take the string "hello world" and encode it, it would come out as '4b3e5c5f6c0d9a6f7b5f3a'.

There wasn't a level of padding added to the text but I intentionally kept it at a specific length so I could come out with something hash-like--meaning that the newlines separating everything had no purpose in decoding. The phone pad and the plaintext should be enough to explain why '1' did not appear.

The YOSPOS version


A few weeks before, I posted a similar but harder version of the above cipher on YOSPOS--for those who are not in YOSPOS, you can just search for it to find out what it is. It's relatively the same as the above except it does one thing differently and thus makes it harder to solve.

The YOSPOS version rotates the numerical value on each pass. The enciphering party sets the shift value at whatever they desire between 0 and 9 and starting at the first letter, it's shifted up by 1 and then continuously at each pass until it goes beyond 9 where at which point it starts at 0. After each shift, the value of each enciphered letter is increased by whatever value the shift is at.

For example, if the shift is starting at 5 and we have the character's value set to 4 (say '4b' for 'H'), then it would become '0' as it would have had 6 added to the value since we already increased the shift before proceeding. Then on the next character, we have the value set at '3' and the shift set at '7', so the next value again becomes '0'--any value that goes beyond 9 would just end up taking the last digit as its value.

In the end, the above "hello world" example would become something like this:
0e0b3f4c6f1a1d9c1e0c9d
To decipher it, it would just involve determining what the shift was to start and then working it backwards on the decoding.

The original text


In case you haven't taken a crack at it using the details above, here's what was encoded:

Hello
 
This message is intended for only the recipient and must not be deciphered by any 
unauthorised party. Should you not be authorised to decode this message you will 
be prosecuted in our majestys court at its fullest.
 
If you are in Adelaide, please make your way to Hobart to contact Minister Fuller 
at your earliest. We have a package waiting to be picked up there which must be 
delivered to the Sydney Harbour Bridge at its earliest. You will meet with British 
and Canadian officials who will guide you to a waiting car at which point you will 
be provided with further details.
 
When you meet the officials, please provide them with the following flag:
 
thepackagesareatperthnorth
 
We hope that this message makes it to you safely.
 
Yours in success in the war effort
Minister Thomas

Keep in mind that no formatting was kept other than spaces so newlines, colons, periods, and whatnot were not kept.

Thanks for playing! I'll probably create more of these in the future with varying degrees of difficulty. The CTF one had its difficulty reduced due to its target level but in the future I'll likely use more obscure enciphering methods.

Saturday, 31 January 2015

Cuba - Internet, currency, and other things

Just a month and a bit before the United States began to open up dialogue with Cuba, my girlfriend and I took a trip to Veradero and Havana. For years, we had discussed going there and I had been wanting to visit the country for some time (as Canadians, entering and exiting Cuba is fairly uneventful), so we decided that we'd finally go.

Me (back-facing, right) wandering the streets of Havana.

I highly recommend that if you get the chance to go that you do so. If you're American and can go now, I am also envious of your alcohol and tobacco allotment--I'll explain a bit later on.

Some of the photos in this post were taken by my girlfriend (included the above).

The Internet and Mobile Phones

At least for tourists, access to the Internet was rather easy to come by but on the flip side it was not cheap. No free Wi-Fi was readily available wherever we stopped as being that the market was in control by the state, so too were all the goodies.

The Veradero airport left much to be desired too. Also this is how the West protests.
For 30 minutes of Internet access, you had to pay 4 CUC (about $4 USD). Internet can be purchased either in 30 minute or 1 hour blocks. Only cash is taken for access as you are required to speak to a person to get an access card--it should be noted that I don't recall seeing a single vending machine for anything while there.

Typical 1-hour access card. (Source)
The access card contains a one-time code you scratch for and details on how to connect to the wireless network. Upon connecting and opening your browser, you get a standard pay-wall you require identifying to. You then enter your code and the clock begins to tick away. If you disconnect from the wireless network or sign out via the pay-wall, your remaining time is valid for up to 30-days. You cannot share the code either without having the previous device disconnected.

I had no trouble accessing any Western media outlets and nor did I run into trouble viewing my favourite websites. Connecting to my home computer via SSH did not create any troubles either. However, knowing the state that Cuba is, I would not be surprised if my actions were monitored the whole time I was signed in. Having said that, my name was never attached to that code that I purchased either so in some ways I was anonymous.

I did not investigate any further what sort of setup there was but the access points were from Huawei (much like a lot of equipment I saw in Cuba).

The price may seem expensive but it is nowhere near as bad as trying to use your mobile phone. Upon my landing in Veradero, I was sent a text by my carrier, informing me that calls would be $3-4 CAD per minute and that all outgoing texts would cost me $1.50 CAD. But then the data cost came up: $20 CAD per MB--to put that into context, an Ubuntu ISO would cost me $19,500 CAD just to download.

So yeah. Stick with using the Wi-Fi there.

Currency

Cuba has two currencies: the Cuban Peso and the Cuban Convertible Peso (CUC). The Peso in itself is really meant for the locals and cannot be converted to CUCs or any other currency, but CUCs themselves can be converted to Pesos (for nationals only) or a foreign currency--including American Dollars. When we were there, we were informed that the Peso would be retired in favour of the CUC much to the delight of Cuban residents--CUCs have incredible buying power there.

You'll need cash to buy hand-made goods.
That aside, I wanted to write about acquiring the CUC notes as it is different than anywhere I've gone before and I had made a quip last week about how it was less complicated than Bitcoin.

Before leaving the country, it's considered best practice to load up on whatever your local currency may be--assuming you have a reserve currency like a Euro, US Dollar, Canadian Dollar, or Pound Sterling. At the hotel, you can bring up your money to the front desk and they will record how much money, your name, and what hotel room you had in a ledger. The exchange itself would be whatever the CUC translates into from your currency plus a fee of a few percentage points--no more than 5% I believe. This is the easiest way to do this.

However, if you end up being away from your hotel, acquiring CUCs requires you to go to a Cuban state bank branch. Upon your arrival, you will wait in line and will require your passport to retrieve any cash. They'll record your passport number in a ledger alongside your name and the amount you took out, plus the aforementioned fee.

All of these prices are in CUCs and are more or less equal to the US dollar.
It's really just that and far simpler than Bitcoin. I do however suggest not exchanging your currency back from CUCs as you'll be doubling up your fees--I did spend the $450 CAD I brought with me but I didn't exchange it all at once.

One other thing: credit cards. If you have a credit union-derived credit card in Canada, it will work--this goes the same for most banks from my country as well. If your credit card is from an American-based network like Capital One or Chase for example, it won't. This is likely to change soon under the new relationship we're seeing between the United States and Cuba.

Alcohol and tobacco

Alcohol is dirt-cheap in Cuba.  How cheap? Well, a 750 mL bottle of Havana Club 7-Year Old costs $34 CAD for me in Vancouver, but was just 8 CUC (or like mentioned before, $8 USD) at the grocery store we went to in Veradero. Earlier, when I mentioned that I was jealous of the alcohol allotment that Americans were getting, I was not kidding about it. You can get a serious amount of decent rum for the $100 limit that is being set.

Having mojitos at the same hotel Jimmy Carter once stayed at
Rum is open-poured everywhere and they make it easily accessible for you if you're a tourist. Personally, I am not a fan of Havana Club now having tried other Cuban rums but anything from the island is still the most superior of the Carribean. If you get a chance, try Santiago de Cuba or Santero, which are both just as cheap.

Foreign liquor as you might not be surprised are not cheap and seem to match the prices here at home.

Cristal and Bucanero beer.
Beer in Cuba is also easy to find but admittedly not as good. Bucanero and Cristal are the most common and at the resort we stayed at, Cristal was dominant. Foreign beers just like foreign liquor is available but the cost is significantly higher.

One of many cigars I picked up.
Tobacco while plentiful in Cuba is not as cheap as the rum and beer. Twelve cigars will run you about 85 CUCs. Having said that, the smell is awesome.

Other things

There were a few other things I can remark on that were interesting.

The stage it was sitting on was of even worse quality.
Expect to find that everything in Cuba is either hand-made or made to at least be repairable at the cheapest cost. Electrics taken on a lassez-faire sort of approach wherein it was not uncommon to find things that otherwise would never pass code back here at home. My favourite was the wooden electrical strip (pictured above) which was being used by the DJ at the resort on random nights.

The "reader" made it look like a Japanese manga. I did not look at it.
Books that were available to tourists tended to be about Cuban revolutionaries and are usually in either English, Spanish, or Russian.

The airport's only highlight was literally this.
They're also a tad more liberal about acquiring pharmaceuticals. At the Veradero airport, I had the ability to purchase Valium or Viagra without a prescription. I have to wonder how Canadian customs would have felt if I had tried to bring that back home.

Closing

I'll close off with this:

The water is nice and warm too.
About 150-200 KM from where I took this photo lied the United States. It just seemed tragic that for over half-a-century, the two countries were not on speaking terms yet were so close physically.

If you get the opportunity to visit Cuba, go. You will not have a bad time and you will want to come back.

Thursday, 22 January 2015

Taking back my money from Bitcoin -- an adventure with the BTC ATM

This opening image sums up my 'fun' with the Bitcoin ATM

Over a year ago, I had written about using the world's first Bitcoin ATM--run by Bitcoiniacs. At the time it was a pretty unique experience because never in my life have I ever had to have someone process a transaction manually for an 'automated teller machine'--not sure how this term even makes sense for what the machine does but I digress. However, I did drop $20 CAD into the machine and then promptly watched over the course of the past year and a bit the value go as high as $120--I had purchased 0.094 BTC.

To make matters even more interesting, I apparently showed up in the New York Times' website after they used a photo from that day for an article.

I'm the fellow in the centre holding a phone, wearing a black jacket
Gone is the day where there was a line up waiting to try out this new fangled ATM, a first of its kind it was touted as. I didn't need to wait 15 minutes for some guy on a laptop to its left to process my transaction as it was instead sitting idle, waiting and perhaps begging for someone to be interested in it.


However, a lot of things have changed: the machine no longer wanted to scan my palm in order to identify me. Instead, it asked for me to sign up with my mobile phone number, enter a PIN of my choice and then confirm, and then enter a six-digit number it sent via SMS. To add to that, it asked for a scan of my ID--however the ID scanner was broken and I was just asked to point whatever I identified with to the web cam above the screen.

Post-It Notes are quite professional
Also what the heck happened to the palm scanner and what did they do with that information?

Being that I suspected I either have gone dormant with them or they just completely ditched old data, I went along with using my new account. However, it had no details about who I was and told me that I would have to send money to an address it specified and then wait for it to be confirmed.

I've used ATMs in so many countries and in every case it's a matter of inserting my card, feeding it some numbers to identify that it's actually me (hopefully), and then magically money comes out if I have enough of it in whatever currency it may be--the only thing I need to be concerned about it is if my card is compatible with the network it uses. In the Bitcoin world, you have to make sure you have your Bitcoin wallet set up on your phone or you need to bring something that can make a transaction (such as a laptop or maybe a tablet), you then need to tell your wallet to send the money to an address the ATM specifies, wait for it to be at least confirmed by at least one other address, and then magically the ATM will let you pull it out when it's good and ready.

This more or less describes Bitcoin
How long does it take to retrieve real, useful money from an actual money ATM? Well maybe a few minutes but rarely have I have I needed to spend more than 45-60 seconds to get my money out and the majority of the time is just waiting for the machine to talk to my financial institution.

With this BTC ATM? It took me 25 minutes but only once I had gone through a bunch of hoops. The only place on Earth I've experienced where real, actual money has even come close to taking as long from starting a transaction and finishing it was when I was in Cuba and had to get some extra CUCs (Cuban Convertable Pesos) as I had run out and wanted to exchange my Canadian currency for it--I've been meaning to write about being a tourist in Cuba for a while and at some point I will.

Here's how it went down step by step:

I show up at the ATM and immediately discover I have to create an account to use it. Fine. So I go through the process I had outlined earlier. Now I have an account with them and then attempt to withdraw money--it is at this point I realise I need a Bitcoin application on my mobile phone.

I downloaded the default Bitcoin application and find out that I cannot enter my private key easily so I opt to download Mycelium after searching around via Google to find one that would just let me do that. Why is it that a non-mainstream Bitcoin wallet is needed to do something as simple as enter a private key? I am sure it is doable if I connect my phone via ADB, but that's ridiculous.

In the meantime, I've left the coffee shop and gone to grab a slice of pizza from a place around the corner using real, physical money. How long did the transaction there take? Probably 2 minutes as I was having the pizza reheated in their oven.

The related apps made me raise my eyebrow a bit
OK. Great. I have downloaded the supposedly useful Bitcoin application and now managed to enter my private key. Time for me to go back to the coffee shop and extract that money.


As you can see, 8 minutes has passed since I had downloaded and installed the wallet application--and for reference, I started at around 12 PM.

Oh. But now there's a new catch: the ATM won't be able to do anything until you've had at least one confirmation. How long does it take for one to occur? Well here's what the app shows at this point:


Four minutes has passed since I sent the BTC to the address the ATM told me to. OK. What shall I do? I guess I'll go check out the comic book store around the corner and see what's new. That will occupy enough time right?


Great. I've avoided spending any real money at the comic book store and finally have a confirmation--the confirmation itself did not appear for 5 minutes after it came to be. Back to the coffee shop I go!

I do the same process again: sign in, request some money, and immediately get told that I have insufficient funds. At this point I am pretty much near "fuck this" and am considering going back to the office but I now see I have another confirmation!


OK. Let's try this again. Oh. What is this?


I have $23.24 available for me to withdraw! Finally! What time is it now? 12:45 PM? What time did I start? 12:00? Did I wait in a queue to use this thing like the last time? No? What the hell.

/r/actualmoney is going to nuts after they see this
Seriously, real money doesn't require this much effort and getting a bank account isn't this painful either.


What a fucking dumb experience this was.

Edit - 20:43 PDT:

I forgot to mention that there was a funny flaw I found in the ATM: if you enter your phone number and PIN, then wait for the SMS to come but cancel out, you can do the same process again, have it send you a code again but use the unused code from before. You cannot however reuse a code that was sent.

Monday, 19 January 2015

Discovering and remediating an active but disused botnet

On a network I help manage, we kept getting malicious DNS alerts for “luna1.pw” on an appliance we had installed. Due to the way the network was configured, we were able to see the name request coming in but no traffic activity. This was unusual because the appliance was configured to monitor all traffic but why was it not picking up anything further than what it was reporting? Why didn’t the supposed malware connect? Resolving the domain lead to an answer:



This explains why the alerts were only coming up as DNS and not capturing any traffic to the domain. The question now is: who owns it?



So the domain doesn’t exist any longer. This became even more unusual because why would malware be connecting to a non-existent domain? Did the domain become lapsed? Did the botnet get shutdown? Well, it did as it turns out that the specific malware using the domain also used other domains and were shut down.
Since the domain was no longer in the possession of anyone and I was seeing attempts to reach it, I decided that the best course of action was to acquire the domain so DNS could be controlled and to also satisfy a curiosity if the malware was still active. The domain was purchased and then immediately I pointed the domain at a server I had in a data centre operated by a friend of mine.



Using ‘tcptrack’, I was able to see that there were a number of machines still looking for this domain. They were all attempting to connect to connect to my machine on port 2009. Now we can just use ‘nc’ to listen on that port to see what is being requested.


Quite the password for this IRC server it was once being controlled by.

I then compiled a simple IRCd and then watched as they all connected.


Immediately I had hundreds of machines ready to do my bidding if I so chose. I let it sit for a bit and at its peak, I had about 325 machines. All of them were identified with their OS, country, and then a random code. Here are some statistics on where the machines were located:

  • Argentina, 5.00%
  • Brazil, 0.45%
  • Chile, 5.91%
  • Colombia, 1.36%
  • Malta, 0.45%
  • Mexico, 73.18%
  • Peru, 2.73%
  • Spain, 14.55%
  • Venezuela, 1.36%

Once satisfied with the reconnaissance, I went and pointed the domain at an internal server and discovered the location of the machine and had it remediated as usual.

An abuse complaint did however come in during the time I was investigating the issue so while the domain had since fallen out of use, someone was still monitoring it. The domain has since been pointed to the ShadowServer guys for them to remediate any machines that are still remaining.