Computer security

User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

I offered on an earlier thread to write a brief discussion of computer security. Here it is. I've made it simple to follow. I can't see how anyone could read this and end up not understanding what it says.

Some computers have their hard drive encrypted (which means scrambled with a password). If they don't then the plain visible unscrambled text stored on the drives can be seen by anyone who can hold the disk in his hand, getting that data is trivially easy. If you don't have hard drive encryption and I can touch your computer then I can copy your hard drive's plain text to my own machine and everything's visible to me. I'd use a ribbon cable, I'd not need to power up your computer at all and I don't need to go past this paragraph, you've already lost your data to the criminal.

If I can touch your computer then I can put a keystroke copier onto your keyboard ribbon or cable for a day and discover your passwords. It's a fingernail-sized insert that fits inside your desktop keyboard or under your laptop keyboard and you can't see it. It takes two minutes and a small screwdriver to insert it or remove it. So, if I can physically touch your computer then I know your passwords.

Some computers have hardware biometric detectors that confirm your identity by, for example, fingerprint or retina matching. These really do exist, they're not science fiction. I'll include chip and pin verification in this category as well though they're not identical but they have a similar effect. Anyway, if you don't have hardware biometric detectors I can log onto your computer with those passwords I stole in the last paragraph. I can copy your data. I've won.

If you do have hardware biometric detectors then I can copy your encrypted hard drive to my own machine and use those passwords while I'm sat at my own computer and all your data's visible to me. I've won again.

What we're down to at this point is that if anyone can touch your computer they can steal your information from it. There are no exceptions. It would be more difficult if your hard drive was hardware encrypted and paired to the machine it's in so that it could only be read by your own hardware, I'm not sure if that exists. You haven't got it, that's for sure.

If you have a computer which is impossible to physically get at, then the only way I know of getting information from it is to fool you into letting me have the contents.

Maybe I can do this over the internet connection. If you connect directly to the internet without a hardware firewall router or a software firewall in the way then I can touch your internet ports. Are you up to date with operating system security patches? No? Then I'm reading your data, you cooperated without even being asked.

Otherwise at this stage I have to trick you into actively cooperating with me. If you run an up to date virus checker that will be less easy. If you run an up to date virus checker then anything I offer you[1] will be stopped by the virus checker. If you don't, then I'll offer you waves from your friends on MSN or AOL or Yahoo, emails from the same, screensavers, smiley central heaven, online greetings cards, the latest gossip about unpopular celebrities, and if you say Yes to even one of my offers then my virus has permission from you to pump all your secrets to my computer and I've won.

Assuming your virus checker stopped that attack I reduce myself to pleading with you. I'm a home for orphaned puppies, I'm a really cheap source of Vitamin B12, I'm your bank, I'm that auction house you used last year, I'm Harrods or M&S having a half price sale, click here and shop / donate / update your details. Are you really that stupid? You are? I've got your personal details then, I'm selling it to the next crook up the line.

Did you survive all those tests? Well done. Your personal information is safe. Most people can't tick even one paragraph much less all of them.



[1] Unless. Unless I happen to have written the software myself especially for getting your data rather than just used a virus kit off the web. If I wrote it myself you're in way over your head because obviously no virus detector on earth can recognize it, it's hand-crafted just for the one job. If you grant it permission to run, regardless of your virus checker it will not be stopped from running.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
koan
Posts: 16817
Joined: Sun Oct 31, 2004 1:00 pm

Computer security

Post by koan »

Media use of the word you hate so much... "hacker"

Perhaps you can explain their use of the word to us all? :D

story
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

Great article, perfect use of the word. They're a bunch of hackers alright.

What they build are trojans mostly. They swap code, they compile stuff, they test it in controlled space, they release versions into the wild. They have private IRC servers which their trojans report back to and monitor for commands. They hack computer security.Victims of the ring had neglected to do one or both -- opening the door for the ring's kingpins to plant malicious software programs with impunity, he alleged.

Each of the hackers detained yesterday surreptitiously controlled an average of about 5,000 computers, Capt. Gaudreau alleged, activating a variety of malicious programs at will from locations as remote as Val d'Or in the Abitibi region and Riviere du Loup on the Lower St. Lawrence.Think about it. They controlled on average 5000 computers each? What possible way is there that they hacked each of them, or that each of those "victims" was hacked? Each of those "victims" was unhygienic, that's all. They dabbled their computer's toes into the waters of the internet without a barrier cream and shazzam, a dozen trojans landed on their hard drives. That's not hacking, that's utter stupidity.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
CARLA
Posts: 13033
Joined: Thu Nov 25, 2004 1:00 pm

Computer security

Post by CARLA »

Well done Spot you explained it perfectly. :yh_clap:yh_clap

This group of "Hacker" is the most irritating to me I hate cleaning up after them. :-5

[QUOTE]They dabbled their computer's toes into the waters of the internet without a barrier cream and shazzam, a dozen trojans landed on their hard drives. That's not hacking, that's utter stupidity.[/QUOTE]
ALOHA!!

MOTTO TO LIVE BY:

"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, champagne in the other, body thoroughly used up, totally worn out and screaming.

WOO HOO!!, what a ride!!!"

User avatar
Chezzie
Posts: 14615
Joined: Sun Nov 11, 2007 9:41 am

Computer security

Post by Chezzie »

nice one Spotters

I like this off wiki :sneaky:

http://en.wikipedia.org/wiki/Computer_hacker

Nowadays, mainstream usage mostly refers to computer criminals, due to the mass media usage of the word since the 1980s. Unlike the definition in the RFC given above, this includes script kiddies, people breaking into computers using programs written by others, with very little knowledge about the way they work. Free software hackers consider this usage incorrect, and refer to security breakers as crackers.


you sound hacking crackers :wah::wah::wah:
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

Chezzie;781983 wrote: you sound hacking crackers :wah::wah::wah:You know what? I despise what's been done with "decimate" as well. It doesn't mean destroy or annihilate, it means to punish or eliminate one tenth, usually as a warning to the others. There's no other word that means decimate. Using it to mean destroy wastes a great word and leaves you with redundancy. It's the same with presently and with cohort. Cohort doesn't mean friend or accomplice, it means the full set of contemporaries within a given background. What's been done with ilk is criminal.

Why people destroy perfectly good words baffles me. The dictionary will end up decimated at this rate.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
Chezzie
Posts: 14615
Joined: Sun Nov 11, 2007 9:41 am

Computer security

Post by Chezzie »

and here starteth the lesson:sneaky:

just kidding whith ya spot:-6:)
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

http://news.bbc.co.uk/1/hi/technology/7681534.stm prompts me to add a second half to the opening post. The BBC article is about keyboard leakage. It doesn't get to the heart of the problem at all. This post, in contrast, does.

Assume, from the opening post, that you now have a physically isolated computer that nobody can get near. You have an impenetrable firewall between you and the Internet. You have an up to date resident virus checker and an outgoing software firewall so you can stop programs communicating off-site without permission. Your operating system security patches are up to date. You don't fill in strange forms when invited to.

Can anyone get at your data? Well, yes they can but it's not so simple as it was before you put those blocks in place.

This post is about your prying neighbour. There's a brick wall between him and you. Data travels through it.

Let's start with the obvious. If you have wifi it's in one of three states. It's unencrypted, it's wep-encrypted or it's wap-encrypted.

If your neighbour has a packet-sniffer he can stream all your incoming and outgoing wifi traffic to his hard drive and then spend time interpreting it. If it's unencrypted he just has to isolate the text from the unreadable bits and he's there. If it's wep-encrypted he has a harder time of it but there are packages which can crack wep on a good day, and they can talk to your router indefinitely without you knowing there's an attack in progress. If it's wap-encrypted he's not, as far as I know, going to succeed so long as you didn't use a simple pass-phrase to generate your WAP key. Pass-phrases are subject to dictionary attack just like ordinary passwords. The best WAP keys are random (or at least pseudo-random) and not created from intelligible pass-phrases. "fvilo9568u89klhjif" is a good pass-phrase, "cherry Nixon viola" is borderline at best.

Let's assume your neighbour has a bit of a budget and he really has a passion for prying.

Your hard drive read heads have wires on them. Data flies past at a constant speed whether they're told to read or not. The wires act as aerials. The neighbour, with a bit of kit, can stream that broadcast to his hard drive. As long as your heads don't move it's a repetition of a single cylinder. If your computer seeks to a new cylinder then within one disk revolution your neighbour has that cylinder captured as well (and confirmed on subsequent revolutions). Whatever you're working on will be under the heads during your work session. Your neighbour will build up an image of those areas of your hard drive. Was your hard drive encrypted? No? He's reading your text then, isn't he. Next time encrypt your hard drive.

Your VGA/DMI cable leaks sufficiently well for your neighbour to put onto his monitor an approximation of what you're looking at. Each refresh lets him capture a better approximation. There are two approaches you can take to making it more difficult for him to see a good enough image to read your text. You can buy better-shielded hardware (it's called Tempest-hardened). You can also include software which slightly varies the colour of each pixel on each refresh so that your neighbour's bit-summing approximations get screwed without your ability to read the screen being compromised. There are also colour combinations which act as high-contrast to the bit-summing approximator which you can avoid in favour of low-contrast, though those combinations have nothing to do with visual contrast.

There's software which can listen to your typing over a microphone and match your ability to type with dictionary lookup optimizing. It takes of the order of ten minutes capture before it has enough knowledge to show on your neighbour's screen the text you've been entering on your keyboard. It's not good on layout but it's capable of reproducing your unformatted text. The more it hears the more it goes back and corrects its previous best guesses. Your "neighbour" can be a mile away and listen well enough with a laser microphone (it reflects off your window glass and sees the vibration). The best defence is to listen to a Soundz Ibiza CD played high on loudspeakers but that could mess up your train of thought as you type.

So, you've got all that? WAP wifi with a good pseudo-random key, an encrypted hard drive, counter-bit-summing-approximator software to a Tempest-hardened monitor and (let's compromise security slightly for good taste) Deep Purple's Live In Japan played at 95dB, you'll at least make it harder for the neighbour to win. Good luck.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
Daniyal
Posts: 1399
Joined: Fri Jul 04, 2008 2:56 pm

Computer security

Post by Daniyal »

spot;1030237 wrote: BBC NEWS | Technology | Keyboard sniffers to steal data prompts me to add a second half to the opening post. The BBC article is about keyboard leakage. It doesn't get to the heart of the problem at all. This post, in contrast, does.

Assume, from the opening post, that you now have a physically isolated computer that nobody can get near. You have an impenetrable firewall between you and the Internet. You have an up to date resident virus checker and an outgoing software firewall so you can stop programs communicating off-site without permission. Your operating system security patches are up to date. You don't fill in strange forms when invited to.

Can anyone get at your data? Well, yes they can but it's not so simple as it was before you put those blocks in place.

This post is about your prying neighbour. There's a brick wall between him and you. Data travels through it.

Let's start with the obvious. If you have wifi it's in one of three states. It's unencrypted, it's wep-encrypted or it's wap-encrypted.

If your neighbour has a packet-sniffer he can stream all your incoming and outgoing wifi traffic to his hard drive and then spend time interpreting it. If it's unencrypted he just has to isolate the text from the unreadable bits and he's there. If it's wep-encrypted he has a harder time of it but there are packages which can crack wep on a good day, and they can talk to your router indefinitely without you knowing there's an attack in progress. If it's wap-encrypted he's not, as far as I know, going to succeed so long as you didn't use a simple pass-phrase to generate your WAP key. Pass-phrases are subject to dictionary attack just like ordinary passwords. The best WAP keys are random (or at least pseudo-random) and not created from intelligible pass-phrases. "fvilo9568u89klhjif" is a good pass-phrase, "cherry Nixon viola" is borderline at best.

Let's assume your neighbour has a bit of a budget and he really has a passion for prying.

Your hard drive read heads have wires on them. Data flies past at a constant speed whether they're told to read or not. The wires act as aerials. The neighbour, with a bit of kit, can stream that broadcast to his hard drive. As long as your heads don't move it's a repetition of a single cylinder. If your computer seeks to a new cylinder then within one disk revolution your neighbour has that cylinder captured as well (and confirmed on subsequent revolutions). Whatever you're working on will be under the heads during your work session. Your neighbour will build up an image of those areas of your hard drive. Was your hard drive encrypted? No? He's reading your text then, isn't he. Next time encrypt your hard drive.

Your VGA/DMI cable leaks sufficiently well for your neighbour to put onto his monitor an approximation of what you're looking at. Each refresh lets him capture a better approximation. There are two approaches you can take to making it more difficult for him to see a good enough image to read your text. You can buy better-shielded hardware (it's called Tempest-hardened). You can also include software which slightly varies the colour of each pixel on each refresh so that your neighbour's bit-summing approximations get screwed without your ability to read the screen being compromised. There are also colour combinations which act as high-contrast to the bit-summing approximator which you can avoid in favour of low-contrast, though those combinations have nothing to do with visual contrast.

There's software which can listen to your typing over a microphone and match your ability to type with dictionary lookup optimizing. It takes of the order of ten minutes capture before it has enough knowledge to show on your neighbour's screen the text you've been entering on your keyboard. It's not good on layout but it's capable of reproducing your unformatted text. The more it hears the more it goes back and corrects its previous best guesses. Your "neighbour" can be a mile away and listen well enough with a laser microphone (it reflects off your window glass and sees the vibration). The best defence is to listen to a Soundz Ibiza CD played high on loudspeakers but that could mess up your train of thought as you type.

So, you've got all that? WAP wifi with a good pseudo-random key, an encrypted hard drive, counter-bit-summing-approximator software to a Tempest-hardened monitor and (let's compromise security slightly for good taste) Deep Purple's Live In Japan played at 95dB, you'll at least make it harder for the neighbour to win. Good luck.


Thankyou
Never Argue With An Idiot. They Drag You Down To Their Level Then Beat You With Experience.



When An Elder Passes On To Higher Life , Its Like One Of The Library Have Shut Down





To Desire Security Is A Sign Of Insecurity .



It's Not The Things One Knows That Get Him Or Her In Trouble , Its The Things One Knows That Just Isn't So That Get Them In Trouble



When you can control a man's thinking you don't have to worry about his action ...:driving:
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

Daniyal;1086082 wrote: Thankyou


If I'd Known You Were Going To Read It, Daniyal, I'd Have Capitalized Every Word.

Thank you for reading it, I'm glad it was useful to someone.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
Daniyal
Posts: 1399
Joined: Fri Jul 04, 2008 2:56 pm

Computer security

Post by Daniyal »

spot;1086150 wrote: If I'd Known You Were Going To Read It, Daniyal, I'd Have Capitalized Every Word.

Thank you for reading it, I'm glad it was useful to someone.




Your Welcome I Don't Mind Giving Credit When It Do . :driving:
Never Argue With An Idiot. They Drag You Down To Their Level Then Beat You With Experience.



When An Elder Passes On To Higher Life , Its Like One Of The Library Have Shut Down





To Desire Security Is A Sign Of Insecurity .



It's Not The Things One Knows That Get Him Or Her In Trouble , Its The Things One Knows That Just Isn't So That Get Them In Trouble



When you can control a man's thinking you don't have to worry about his action ...:driving:
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

I thought I might add some practical notes on how to set up a computer to invariably encrypt what's stored on it.

I'm aware that credible solutions exist for booting directly into Microsoft operating systems. TrueCrypt vs Free OTFE: A Comparison discusses two of them. I'd rather cage my Microsoft operating system in a virtualbox where I can reset it to my own "factory" default in minutes rather than days, so my notes here relate to booting into Linux.

BE WARNED - I've hard-coded /dev/sda as my boot drive, yours might not be. I've hard-coded partition sizes which are appropriate to a 500GB drive, yours might not be. I've made provision for 5 bootable operating systems sharing a single /boot partition on /dev/sda1, it works fine for my two tested distributions (Slackware and Arch Linux), you need to check if you use another but it ought in principle be simple to manage.

You only need a single manager and a single menu for the MBR, I've chosen legacy GRUB. If you go with LILO you might need a recent version, ones before mid-2010 have unusable size limits for many multi-boot combinations.

Given the shared /home and /backup space, it's easy to have a package configuration which works straight off on all boot systems. That means if you do have virtualbox Microsoft Windows they can be started regardless of what you booted into. The Microsoft Windows will be quite oblivious to the fact that it's fully encrypted but that's what it will be.

Here's the details. I'll be happy to expand on any of them or discuss details if asked.

On The Fly Encryption

BIOS first active boot device

Partition Table

Partition 1: /boot 100MB.

/dev/sda1 * 63 433754 216846 83 Linux

Partition 2: rest of the drive

/dev/sda2 433755 976768064 488167155 8e Linux LVM

Linux Unified Key Setup LUKS under Logical Volume Management LVM

This might look intimidating but the entire section can just be copy/pasted as a script and run as one command.

modprobe dm-crypt

modprobe dm_mod

#useful lines while exploring...

#vgremove -f vgc

#pvremove -ff /dev/dm-0

#cryptsetup luksClose luks

#optionally wipe the partition:

#cryptsetup -d /dev/random -c aes-xts-plain -s 512 create lvm /dev/sda2

#dd if=/dev/zero of=/dev/mapper/lvm bs=512

#cryptsetup remove lvm cryptsetup -v -c aes-cbc-essiv:sha256 -s 256 -y luksFormat /dev/sda2

cryptsetup luksOpen /dev/sda2 jhp

pvcreate /dev/mapper/jhp

vgcreate jhv /dev/mapper/jhp

lvcreate -L 2500 -n swap jhv

lvcreate -L 22G -n root1 jhv

lvcreate -L 22G -n root2 jhv

lvcreate -L 44G -n home jhv

lvcreate -L 22G -n root3 jhv

lvcreate -L 22G -n root4 jhv

lvcreate -L 22G -n root5 jhv

lvcreate -l 100%FREE -n backup jhv

vgscan --mknodes

vgchange -ay

mkswap /dev/jhv/swap

MBR

Points to partition 1.

Maintain with Grub Legacy: /boot/grub/menu.lst

title Slack

root (hd0,0)

kernel /vmlinuz cryptdevice=/dev/sda2:jhv root=/dev/mapper/jhv-root2 ro vga=775

initrd /initrd.gz

title Arch Linux

root (hd0,0)

kernel /vmlinuz26 cryptdevice=/dev/sda2:jhv root=/dev/mapper/jhv-root1 cryptkey=/dev/disk/by-label/SANDISK:vfat:/gorilla/tiny.luks ro radeon.modeset=1

initrd /kernel26.img

To set up a Slack initrd (note the kernel version is for release 13.37, change it as needed):mkinitrd -c -k 2.6.37.6 -m ext4 -f ext4 -r /dev/jhv/root2 -C /dev/sda2 -l uk -L -K LABEL=SANDISK:/gorilla/tiny.luksExample settings for an Arch Linux /etc/mkinitcpio.conf would include (and the HOOKS order is significant)MODULES="dm-mod dm-crypt aes-x86-64 nls-cp437 vfat ext4 radeon"

HOOKS="base udev usb usbinput keymap encrypt lvm2 autodetect pata scsi sata filesystems"Replace or remove the radeon references if you have different graphics hardware.

You'll see reference above to a USB stick carrying the key so it doesn't need typing, giving you a hands-free boot. You need to enter the stick into the LUKS system sometime, the cryptsetup manual discusses it under luksAddKey. If you used a tinpot key while setting up, luksKillSlot will remove it. The key file needn't be text, a photo taken on your own camera does just as well.

The encrypted disk content can be completely scrubbed in under a second by overwriting the first 1MB of /dev/sda2, destroying the LUKS key area. A root script would do it:

dd if=/dev/urandom of=/dev/sda2 bs=1024 count=1024 conv=notrunc

Once that's run, possession of both the computer and the key file would be irrelevant. The content of the hard drive is irretrievably undecipherable, assuming nobody has at any time copied that 1MB area to their own storage and can thereby recreate it.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
yaaarrrgg
Posts: 1193
Joined: Fri Dec 21, 2007 9:29 pm

Computer security

Post by yaaarrrgg »

spot;781808 wrote:

Some computers have hardware biometric detectors that confirm your identity by, for example, fingerprint or retina matching. These really do exist, they're not science fiction. I'll include chip and pin verification in this category as well though they're not identical but they have a similar effect. Anyway, if you don't have hardware biometric detectors I can log onto your computer with those passwords I stole in the last paragraph. I can copy your data. I've won.

If you do have hardware biometric detectors then I can copy your encrypted hard drive to my own machine and use those passwords while I'm sat at my own computer and all your data's visible to me. I've won again.

What we're down to at this point is that if anyone can touch your computer they can steal your information from it. There are no exceptions. It would be more difficult if your hard drive was hardware encrypted and paired to the machine it's in so that it could only be read by your own hardware, I'm not sure if that exists. You haven't got it, that's for sure.




It may be easier to crack these systems than people might think. Just beat the person with a wrench until they give you the passwords, and if you need biometrics chop off their thumb or eye. Yeah, that's all illegal, but so is cracking into their computer. :)
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

In my opinion the purpose of security isn't so much stopping people from finding out, as knowing they've found out if they ever do.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
yaaarrrgg
Posts: 1193
Joined: Fri Dec 21, 2007 9:29 pm

Computer security

Post by yaaarrrgg »

spot;1358429 wrote: In my opinion the purpose of security isn't so much stopping people from finding out, as knowing they've found out if they ever do.


That's probably a good approach to take. Also in that case, intrusion detection software like tripwire or ossec (that save a copy of the log remotely) are useful. At least on the linux side.
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

Here, out of interest, is what it looks like on the machine I'm using.[john@cb6 ~]$ df

Filesystem 1K-blocks Used Available Use% Mounted on

/dev/mapper/jhv-root2 22706684 9275964 12277288 44% /

/dev/mapper/jhv-home 45413424 27645248 15461312 65% /home

/dev/mapper/jhv-backup 319038756 219523764 83308760 73% /backup

/dev/sda1 209998 49627 149529 25% /boot

tmpfs 1023560 0 1023560 0% /dev/shm

[john@cb6 ~]$

I'm using a 64 bit operating system, so even on a single-core processor the encryption overhead is negligible. My copy of XP runs inside VirtualBox and also feels responsive.

How about what do people do for password security on all their Internet accounts? A how-to post on that might be an idea.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

Here we are. One how-to post on passwords.

Firstly a note on how easy it is to create an encrypted file. Getting gpg is simple enough. Here's how to use it with an encryption process of your own selection:

gpg -c --cipher-algo twofish testfilename

and recovering the original content:

gpg -d testfilename.gpg

Anyway. I've finally decided that I'm no longer going to remember passwords, it's too formulaic and far too easily unraveled. Besides, my memory rebels when asked to recall strings of more than 9 case-sensitive alphanumeric characters.

How to select a password length...

Passwords aren't like breaking a cipher. Breaking a cipher might involve maths since they're algorithmic. Passwords aren't algorithmic, they're properly random. Breaking them is consequently brute force or nothing. They might, of course, be intercepted or back-calculated from a stored hash perhaps, but that's a different security issue.

So, considering brute force against which no quantum magic has any effect:

A password consists of x characters from a 64-character set (case-sensitive alphanumerics aka BASE64).

No processor is going to apply as many as 10^20 password tests per second against a lock, not even a cloud process will manage that for several years.

How many seconds protection do you want? 10^18 seconds exceeds the age of the universe.

So a key needs to exceed 10^38 variations.

20 BASE64 characters is 10^36, 25 BASE64 characters is 10^45. There's your password length. Less is (nominally, I admit, and to no practical effect for a few characters less) insecure, more is overkill. My current 9, on the other hand, is pathetic.

Getting a file of random passwords without depending on anyone else...

dd if=/dev/urandom bs=512 count=12 | base64 -w 23 >>/media/SANDISK/keys.txt

and there you are, a lifetime's worth. 350 keys or so, looking like

e3XK51GY5SFsYpwkcz9rOL+

VIs8eW4UivSek+lfeuy/6tL

wuGv6TtVlLdXfHXtfiMOiOR

SkqIkCeSRpcus8dfWqm8l1g

n+/cY3acjsaMEVmBJGmkQ8E

vO6xjx23csl19JI/6mQTL9n

F3f+70kfC3KDcZLlYjpwpQ4

JLOHHkTTtJkBR02L28RQDhD (etc)

All you need then is an effective way of using the file which doesn't expose it to scrutiny.

I keep mine on the same memory stick which unlocks the hard drive of my PC. If the memory stick is compromised then I have no secrecy anyway, so there's no point applying encryption to it.

I edit keys.txt when I want to take a key for a particular account. I may also find a particular site rejects keys that long (the shortest maximum I know, out of interest, is ICQ which has a longest key length of 8) in which case I'll trim the key length to what I actually use. Then there's a script (in a directory on my path and named just "k") to call lines out which match a parameter:

#!/bin/bash

#

# keys.txt displaying lines by identifying text

#

case "$1" in

"") echo "Usage: ${0##*/} <identifying text>"; exit 1;;

esac

grep $1 /media/SANDISK/keys.txt

so that if I type "k garden", for example, it returns

4dzq774wtRSh0kVzc51VZVN http://www.forumgarden.com account spot

and I copy/paste the key into the password area of the login screen. I'm also quite happy to allow Firefox to store keys locally for day to day use. It's an assumption on my part that that's not a security risk, but one I choose to make.

I'm aware there are password safes available as packages. I prefer the simplicity of what I've described.

How often should you change your password?

That depends on what it's protecting.

Is it the sort of password where, if it were compromised, you'd know? Where one-time failure is what you're avoiding in the first place, and the failure would be apparent - like a bank account password where money would go missing? Then there's no benefit in ever changing it, either the password is safe or it isn't and if it isn't you'll find out.

The other sort is where you can't tell whether it's failed or not, and continued failure would be even worse than one-time failure. Changing one of those periodically is a necessity. How often you change it it up to you.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

As a whimsical afterthought I put together a script to add one line to the end of the key file each time you need a password for a fresh site (or a replacement for an existing one). It takes the site name and account as parameters, and you can optionally adjust the key length from the default 23 bytes. It should be a trivial matter to make it run as a DOS batch file instead.#!/bin/bash

#

# key generator appending to keys.txt

#

case "$2" in

"") echo "Usage: ${0##*/} <site> <account> <optional keylength, default 23>"; exit 1;;

esac

key=$(dd if=/dev/urandom bs=36 count=1 2>/dev/null | base64)

lkey=${key:0:${3-23}}

echo $lkey" "$1" account "$2

echo $lkey" "$1" account "$2 >>/media/SANDISK/keys.txt

If you save it as an executable script "setkey" it should produce, for example,[john@cb6 ~]$ setkey http://www.forumgarden.com spot

4dzq774wtRSh0kVzc51VZVN http://www.forumgarden.com account spot

[john@cb6 ~]$

[john@cb6 ~]$ # test the stored output

[john@cb6 ~]$ k spot

4dzq774wtRSh0kVzc51VZVN http://www.forumgarden.com account spot

[john@cb6 ~]$

Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
yaaarrrgg
Posts: 1193
Joined: Fri Dec 21, 2007 9:29 pm

Computer security

Post by yaaarrrgg »

spot;1358701 wrote: [john@cb6 ~]$ k spot

4dzq774wtRSh0kVzc51VZVN http://www.forumgarden.com account spot

[john@cb6 ~]$

[/code]


That's a nice way to manage it. It would be a nice firefox/chrome plugin to pull a password from a script (based on url) rather than firefox's cache. That way, moving passwords between computers would just be a matter of copying the passwords file.

For the longest time, I would never write down system location/username/passwords in any electronic media, though eventually it just becomes impossible to keep track of everything.

I wrote a quick script a while back for an encrypted aes file editor ... which also can be modified slightly as a viewer (vi -R, with no re-encryption), or used with emacs.

Disclaimer: it leaves an unencrypted version on the disk as a temp file, but I'm mostly concerned with losing a laptop and giving someone obvious keys to a bunch of computers. :)



#!/bin/bash

# A simple secure vi editor, for aes encrypted files

# file name passed in as argument, for example

# svi FILENAME

# GPL

cipher=aes-256-cbc

# decrypt file if exists

if [[ -e $1 ]]

then

openssl $cipher -d -a -salt -in "$1" > "$1.tmp"

if [[ ! -s $1.tmp ]]

then

echo "WARNING: decrypted an empty file, exiting."

exit

fi

else

touch "$1.tmp"

fi

chmod 600 "$1.tmp"

vi "$1.tmp"



# re-encrypt after exiting vi

if [[ -s $1.tmp ]]

then

while [[ ! -s $1.aes ]]

do

openssl aes-256-cbc -a -salt -in "$1.tmp" > "$1.aes"

chmod 600 "$1.aes"

done

# make backup, replace old

if [[ -s $1.aes ]]

then

if [[ -s $1 ]]

then

cp -pf "$1" $1.$(date "+%Y-%m-%d").bac

fi

mv -f "$1.aes" "$1"

fi

fi

# cleanup

rm -f "$1.aes"

rm -f "$1.tmp"



use

svi filename
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

A useful script. It would be sensible to use the temporary RAM directory for the unencrypted copy so it dies when the machine's powered off but I do agree, you need to define the edge of where's protected and where's the wild outdoors. Unless you know exactly where that edge is, files can be in danger of drifting across the boundary.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
yaaarrrgg
Posts: 1193
Joined: Fri Dec 21, 2007 9:29 pm

Computer security

Post by yaaarrrgg »

spot;1358720 wrote: A useful script. It would be sensible to use the temporary RAM directory for the unencrypted copy so it dies when the machine's powered off but I do agree, you need to define the edge of where's protected and where's the wild outdoors. Unless you know exactly where that edge is, files can be in danger of drifting across the boundary.


I agree, the temp dir probably should be moved. Also it could run "shred" on the temp files after use, rather than just unlinking them.
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

There's a dearth of Microsoft users in this thread, and I've carefully stayed as OS-agnostic as I know how. Carla? Chonsi? Floppy? Your experience and opinions would be extremely welcome.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

yaaarrrgg;1358717 wrote: For the longest time, I would never write down system location/username/passwords in any electronic media, though eventually it just becomes impossible to keep track of everything.Last month was the month I finally caved in and decided I couldn't keep the juggling act any longer. Until then I'd been using different 8-9 character alphanumerics for each site with no record, just plain mental recall. If it was a site I'd not been to in a while I'd ask for a password resend. What's stopped me was deciding that 8-9 characters without case sensitivity is inadequate. The only passwords I carry in my head now are for the screensaver/login and su/root, each only needs to be strong enough to fend off the bots banging away at my ssh port.

The other thing I refuse to use on any website is that ridiculous what's-your-first-pet-called. Every one of those fields is just begging for a dictionary attack. I dutifully say "ask me my mother's maiden name" and then bang in 20 random keystrokes of which I take no record whatever. Stupid sods.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
Wandrin
Posts: 1697
Joined: Wed Apr 13, 2011 8:10 pm

Computer security

Post by Wandrin »

When I was a kid, I memorized a long string of random letters and numbers. It was just a kid's game I played with a friend. Because I did it at the right time, this string is "permanently" etched into my memory. For most of my adult life, I have used this string as a password generator. I simply have to remember a number that is an offset into the string.

Because my house is made of steel, I have an outside antenna for WiFi, so I can work on the "patio". When I am parked near a populated area, it is fairly common for some bored script kiddie to attempt to crack my WiFi password. I am currently parked in a National Forest campground and have been watching a kid work at it. Since mine is the only WiFi around this bored city kid has been at it non-stop. Since I will be wandering on, later today, it isn't worth the effort to go scare him.
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

spot;1358257 wrote: The encrypted disk content can be completely scrubbed in under a second by overwriting the first 1MB of /dev/sda2, destroying the LUKS key area. A root script would do it:

dd if=/dev/urandom of=/dev/sda2 bs=1024 count=1024 conv=notrunc

Once that's run, possession of both the computer and the key file would be irrelevant. The content of the hard drive is irretrievably undecipherable, assuming nobody has at any time copied that 1MB area to their own storage and can thereby recreate it.It's been niggling me ever since I wrote this that I didn't mention triggering such an event. Anyone with a need to incorporate a data auto-destruct into their computer would presumably want to be able to activate it quickly, either locally or remotely.

Remotely is quite simple. Assuming the machine is internet-connected, a preconfigured port (even port 80) can respond to a passworded instruction from, say, a remote browser (either a recognised one or any) to run the 1MB wipe and then shut down the computer.

Locally, the same command sequence can be triggered from a udev rule such that just putting a preset key into a USB socket will effect an instant copy and shutdown. The choice of key could be any pre-arranged USB device at all but a memory stick would be the obvious candidate for size, cheapness and normality. No content is checked, the mere presence of that particular device applied to a USB socket on that particular computer would be the trigger.

It goes without saying that a desktop PC which might need terminating this way has to be connected to an uninterruptable power supply and switched on before all vulnerable periods.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
Wandrin
Posts: 1697
Joined: Wed Apr 13, 2011 8:10 pm

Computer security

Post by Wandrin »

I've been intrigued by the security apps currently used for smart phones. They have recently been extended to tablets and laptops. To make sure the device isn't simply missing, a coded SMS message can be sent to the device that enables GPS tracking. If nearby, another coded SMS message turns on the ringer at full volume and plays a loud obnoxious sound. If the device is not nearby, the camera can be triggered and the photos sent. Yet another coded SMS message can wipe the device's memory. There is even remote notification if the SIM card is changed, revealing the new details.

What is missing?
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

I've always been a bit leery of machines with microphones and webcams and GPS because the possibility of some external group turning them on seems too risk-laden. It's a choice.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

I had another reason for passwords over 22 characters. It's that I doubt any private individual can brute-force 11 BASE64 characters, which means a 22+ character password can be held by multiple people without any one of them being able to subvert the others. You can divide the password among anything up to 22 people and only authenticate when they all agree.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
gmc
Posts: 13566
Joined: Sun Aug 29, 2004 9:44 am

Computer security

Post by gmc »

Can you point to any good links on how to password protect a hard drive? Sort of an idiot's guide. I use external drives for stuff I need to keep and i think my on line security is good
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

gmc;1367505 wrote: Can you point to any good links on how to password protect a hard drive? Sort of an idiot's guide. I use external drives for stuff I need to keep and i think my on line security is good


TrueCrypt - System Encryption will let you convert just your existing external drive to a fully encrypted one and then to read and update it in exchange for a password. That's what I'd use with a Microsoft operating system at the moment, I think. It's free and robust and reliable. The TrueCrypt - Tutorial 1/5 page gives you a taste of how to install and use it. The example creates an encrypted virtual drive but you can see where the option is for "Encrypt a non-system partition/drive" which is the selection you'd make.

Just having a password permission to access an unencrypted drive gives very little protection, the data needs to be scrambled when seen without the password.

There are some hard drives which have hardware encryption built in, that's as good a solution as TrueCrypt if your drive will do it.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

I've a couple of extra utilities for generating passwords, one's internal and uses /dev/urandom and the other downloads a Megabyte of quantum-noise-generated random bits from the University of Berlin - you need a free account from High Bit Rate Quantum Random Number Generator Service and their qrngdownload source and library to use it. I also picked up an xor utility to jumble the qrng feed against the previous stored jumble (jf1), thereby creating something on my own drive which can't be replicated elsewhere.

Here's the components:

xor.c - compile this to create the xor utility.

My makekeys utility:

#!/bin/bash

#

# multiple key generator

#

for i in {1..32}

do

key=$(dd if=/dev/urandom bs=36 count=1 2>/dev/null | base64 | awk '{{gsub("/","q")} {gsub("+","J")} print $0}')

lkey=${key:0:${1-23}}

echo $lkey

done



My key generator (qrn62) using the qrngdownload utility. Note that the first time it's used it will also get 1 MB of data from qrngdownload and name it jf1 as the jumble file. Each run will refresh j3 with new passwords.

#!/bin/bash

#

if [ ! -f ./jf1 ] # Create jumble first time we run

then

./qrngdownload jf1 1 [account] [password] SSL

fi

./qrngdownload j1 1 [account] [password] SSL

./xor j1 jf1 j2

base64 --wrap=23 <j2 | grep -v '/' | grep -v '+' >j3

cp j2 jf1

srm -s j1

srm -s j2

Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!
User avatar
spot
Posts: 39129
Joined: Tue Apr 19, 2005 5:19 pm
Location: Brigstowe

Computer security

Post by spot »

You're in India, posting unrelated Canadian newsclips from 2008 onto discussion forums you have to register with first?

Might I ask why?

You're annoying more people than just me, you know...



3 days ago - The Anti Hacker Alliance fights against 123.201.155.92 - Internet worst Spammers, Hackers, known Spam Gangs ...

www.stopforumspam.com/ipcheck/123.201.155.92 5 days ago - 123.201.155.92 appears in our database

The Project Honey Pot system has detected behavior from the IP address 123.201.155.92 that is consistent with that of a Mail Server.



And the list goes on.
Nullius in verba|||||||||||
Who has a spare two minutes to play in this month's FG Trivia game!

Return to “Computers Internet”