[ISN] CRYPTO-GRAM, August 15, 2001

From: InfoSec News (isnat_private)
Date: Wed Aug 15 2001 - 03:22:03 PDT

  • Next message: InfoSec News: "[ISN] CardCops Accused Of Sloppy Police Work"

                      CRYPTO-GRAM
    
                    August 15, 2001
    
                   by Bruce Schneier
                    Founder and CTO
           Counterpane Internet Security, Inc.
                schneierat_private
              <http://www.counterpane.com>
    
    
    A free monthly newsletter providing summaries, analyses, insights, and 
    commentaries on computer security and cryptography.
    
    Back issues are available at 
    <http://www.counterpane.com/crypto-gram.html>.  To subscribe or 
    unsubscribe, see below.
    
    
    Copyright (c) 2001 by Counterpane Internet Security, Inc.
    
    
    ** *** ***** ******* *********** *************
    
    In this issue:
          Code Red Worm
          Crypto-Gram Reprints
          News
          Counterpane Internet Security News
          The Doghouse: Chantilley Data Security
          Adobe, Elcomsoft, and the DMCA
          Protecting Copyright in the Digital World
          Europe's Cybercrime Treaty
          Comments from Readers
    
    
    ** *** ***** ******* *********** *************
    
                     Code Red Worm
    
    
    
    
    There has been a lot written about Code Red and its variants in the past 
    month.  There are lessons in both the specifics of the original infection, 
    and the general threats these worms exemplify.  So, first the trees and 
    then the forest.
    
    The trees:  On 19 July 2001, the White House narrowly averted a terrorist 
    attack when security personnel were able to exploit a flaw in a bomb's 
    trigger mechanism and evacuate key personnel to a remote location, causing 
    the bomb to fizzle.  The attack was a denial-of-service attack, the target 
    was the White House Web site, and the flaw was in malicious code, but other 
    than that the sensationalist story is basically correct.  And this tale of 
    attack and defense in cyberspace contains security lessons for us all.
    
    In June, eEye Digital Security discovered a serious vulnerability in 
    Microsoft's Information Internet Server (IIS) that would allow a hacker to 
    take control of the victim's computer.  Microsoft hastily patched the 
    software to eliminate the vulnerability, as they are generally good about 
    doing these days.
    
    By now, everyone realizes that it is impossible for system administrators 
    to keep their patches up to date, so it came as no surprise that hacker 
    tools developed to exploit the vulnerability were able to break into 
    unpatched systems.  The Code Red worm exploited this vulnerability.  This 
    worm, estimated to have affected over 300,000 computers in the first week, 
    spread automatically without any user intervention (no attachments to open).
    
    Even during the first week there were several variants of the original 
    worm, and most early articles underestimated its virulence -- both in terms 
    of what it does and how well it succeeded.  When the original Code Red 
    infected a computer, it defaced any Web site on the server with the words: 
    "Welcome to http://www.worm.com!  Hacked by Chinese!"  (One variant only 
    defaced the site for ten hours.)  Simultaneously, the worm attacked 99 
    hosts at a time, as quickly as possible.  The original variant spread 
    slowly, both because the Web site defacement called attention to itself, 
    and because it had a buggy random number generator.  (It's important to use 
    a different seed each time.)  A corrected variant, with a correct random 
    number generator and no defacement, spread at a much faster rate.  Peak 
    infection rates were estimated at 6,000 hosts a minute.
    
    So far, this is a normal, if virulent, worm.  But there was an additional 
    feature.  The Code Red worm was programmed to flood www.whitehouse.gov in a 
    massively coordinated distributed denial-of-service attack at 8:00 PM on 
    July 19.  The attack failed because of some programming errors in the 
    worm.  One, the attack was against a specific IP address, and not a 
    URL.  So whitehouse.gov moved from one IP address to another to avoid the 
    attack.  And two, the worm was programmed to check for a valid connection 
    before flooding its target.  With whitehouse.gov at a different IP address, 
    there was no valid connection.  No connection, no flooding.
    
    The worm was programmed to continue to spread until July 20, and try to 
    attack the former IP address of whitehouse.gov until July 28.  Then, on 
    August 1, it was to go back to spreading.  At least some variants are still 
    spreading today, albeit at a much slower rate than many of the Internet 
    doomsayers predicted.
    
    At first glance, this looked to be a politically motivated attack: 
    hactivism, as it has come to be called.  The worm's defacement message 
    implied that it was Chinese, and it was programmed to attack only 
    English-language versions of Windows NT or 2000.  If it encountered a 
    foreign version, it went into hibernation, neither spreading nor attacking 
    the White House.  But it's hard to know for sure; many random hackers take 
    on mantles of political activism because it gives them a cool cover 
    story.  Honestly, I don't believe the political connection.
    
    The White House got lucky.  The next worm writer won't make the same 
    programming mistakes.  The White House could have alerted their ISP and the 
    upstream network nodes to block the offending packets, but only because 
    they knew what the attack looked like and had enough warning.  We can't 
    count on that next time, either.
    
    Since the original Code Red attack, there have been several new (and 
    nastier) variants of the worm discovered, predictions of the entire 
    Internet clogging, admonitions for system administrators to patch their IIS 
    systems to prevent the worm's spreading, and reams of columnists trying to 
    make sense of it all.  The result, predictably, is apathy.  A CNN online 
    poll showed that 84% of Americans were no longer worried about Code 
    Red.  Cry wolf too often, and the public just stops listening.
    
    Now, the forest: The truth is that we all got lucky.  Code Red could have 
    been much worse.  It had full control of every machine it took over; it 
    could have been programmed to do anything the author imagined, including 
    dropping the entire Internet.  It could have spread faster and smarter.  It 
    could have exploited several vulnerabilities, and not just one.  It could 
    have been stealthier.  It could have been polymorphic.  Code Red II 
    installs a back door in infected computers.  Code Red III is further 
    improved.  What will Code Red IV do?  What will Code Red XXVII do?
    
    I have long said that the Internet is too complex to secure.  One of the 
    reasons is that it is too complex to understand.  The swath of erroneous 
    predictions about Code Red's effects illustrates this: we don't know how 
    the Internet really works.  We know how it should work, but we are 
    constantly surprised.  It's no wonder we can't adequately secure the Internet.
    
    The hundreds of thousands of infected networks could have had better 
    security, but I have long argued that expecting users to keep their patches 
    current is blaming the victim.  Even so, I would have expected most people 
    to install *this* patch.  But as late as 1 August, after Code Red had been 
    in the headlines for weeks, the best estimates show that only 50% of IIS 
    systems had been patched.  Even Microsoft, the company that continually 
    admonishes us all to install patches quickly, was infected by Code Red in 
    unpatched systems.
    
    The Internet moves too fast for static defenses.  You can't install every 
    possible patch, and you don't know beforehand which ones are going to be 
    important.  New viruses and worms appear all the time, and you don't know 
    beforehand which ones are the ones to worry about.  If we are going to make 
    security work on the Internet, we need to think differently.  I have put my 
    effort into detection and response, instead of protection, because 
    detection and response can be resilient.  I have put my effort into people 
    instead of software because people can be resilient.
    
    But even if you can secure your particular network, what about the millions 
    of other networks out there that aren't secure?  One of the great security 
    lessons of the past few years is that we're all connected.  The security of 
    your network depends on the security of others, and you have no control 
    over their security.
    
    We shouldn't lose sight of who is really to blame for this problem.  It's 
    not the system administrators who didn't install the patch in time, or the 
    firewall and IDS vendors whose products didn't catch the problem.  It's the 
    authors of the worm and its variants, eEye for publicizing the 
    vulnerability, and especially Microsoft for selling a product with this 
    security problem.  You can argue that eEye did the right thing by 
    publicizing this vulnerability, but I personally am getting a little tired 
    of them adding weapons to hackers' arsenals.  I support full disclosure and 
    believe that it has done a lot to improve security, but eEye is going too 
    far.  As for Microsoft, you can argue that the marketplace won't pay for 
    secure and reliable software, but the fact remains that this is a software 
    problem.  If software companies were held liable for systematic problems in 
    its products, just like other industries (remember Firestone tires), we'd 
    see a whole lot less of this kind of thing.
    
    There are two other lessons of Code Red that I haven't seen talked 
    about.  One: Code Red's infection mechanism causes insecure computers to 
    identify themselves to the Internet, and this feature can be profitably 
    exploited.  My network is regularly probed by Code Red-infected computers, 
    trying to infect me.  I can easily generate a list of those computers and 
    their IP addresses.  This is a list of computers vulnerable to the 
    particular IIS exploit that Code Red uses.  If I wanted to, I could attack 
    every computer on that list and install whatever Trojan or back door I 
    wanted.  I don't have to scan the network; vulnerable computers are 
    continuously coming to me and identifying themselves.  How many hackers are 
    piggybacking on Code Red in this manner?
    
    Two: Code Red's collateral damage illustrates the dangers of relying on 
    HTTP as the Internet's communications medium.  Cisco has admitted that DSL 
    routers with older firmware were susceptible to a denial-of-service attack 
    when attacked by Code Red.  HP print servers and 3Com LANmodems also seem 
    to have been similarly affected, and it is likely that other network 
    infrastructure hardware fell over as well.  These devices were not 
    specifically targeted by Code Red.  Instead, their Web interface couldn't 
    handle the Code Red attack.  There has been an enormous proliferation of 
    random devices with a Web interface: listening on Port 80.  This is a large 
    single-point-of-failure that Code Red has illustrated, and no one seems to 
    be talking about.
    
    Hacking is a way of life on the Internet.  Remember a few years ago, when 
    defacing a Web site made the newspaper?  Remember two years ago, when 
    distributed denial-of-service attacks and credit card thefts made the 
    newspaper?  Or last year, when fast-spreading worms and viruses made the 
    newspaper?  Now these all go unreported because they are so common.  Code 
    Red ushers in a new form of attack: a preprogrammed worm that unleashes a 
    distributed attack against a predetermined target.  After a couple of dozen 
    Code Red variants and other worms designed along similar lines, we'll think 
    of them too as business as usual on the Internet.  And oddly enough, the 
    Internet will survive.
    
    Code Red Worm (the news story as it unfolded):
    <http://news.cnet.com/news/0-1003-200-6604515.html>
    <http://news.cnet.com/news/0-1003-202-6616583.html>
    <http://news.cnet.com/news/0-1003-202-6617292.html>
    <http://news.cnet.com/news/0-1003-202-6625470.html>
    <http://news.cnet.com/news/0-1003-200-6792918.html>
    <http://news.cnet.com/news/0-1003-200-6814221.html>
    
    Advisories:
    <http://www.cert.org/advisories/CA-2001-19.html>
    <http://www.cert.org/advisories/CA-2001-23.html>
    <http://www.ciac.org/ciac/bulletins/l-117.shtml>
    
    Good commentary:
    <http://www.time.com/time/columnist/taylor/article/0,9565,169678,00.html>
    
    Code Red hype:
    <http://www.theregister.co.uk/content/55/20908.html>
    
    Even Microsoft can't keep its patches up to date:
    <http://www.eastsidejournal.com/sited/story/html/60582>
    <http://www.theregister.co.uk/content/4/20937.html>
    
    Excellent mathematical analyses of the worm:
    <http://www.silicondefense.com/cr/>
    <http://www.caida.org/analysis/security/code-red/>
    
    Original flaw in IIS:
    <http://news.cnet.com/news/0-1003-200-6312870.html>
    <http://www.eeye.com/html/Research/Advisories/AD20010618.html>
    
    Editorial on the wisdom of disclosing this vulnerability:
    <http://www.theregister.co.uk/content/4/20546.html>
    
    Microsoft's patch:
    <http://www.microsoft.com/technet/security/bulletin/MS01-033.asp>
    
    Editorial on the dangers of Port 80:
    <http://www.zdnet.com/filters/printerfriendly/0,6061,2792689-2,00.html>
    
    How others can piggyback on Code Red to attack computers:
    <http://braddock.com/cr2.html>
    
    
    ** *** ***** ******* *********** *************
    
                Crypto-Gram Reprints
    
    
    
    Vulnerabilities, Publicity, and Virus-Based Fixes:
    <http://www.counterpane.com/crypto-gram-0008.html#2>
    
    Bluetooth:
    <http://www.counterpane.com/crypto-gram-0008.html#8>
    
    A Hardware DES Cracker:
    <http://www.counterpane.com/crypto-gram-9808.html#descracker>
    
    Biometrics: Truths and Fictions:
    <http://www.counterpane.com/crypto-gram-9808.html#biometrics>
    
    Back Orifice 2000:
    <http://www.counterpane.com/crypto-gram-9908.html#BackOrifice2000>
    
    Web-Based Encrypted E-Mail:
    <http://www.counterpane.com/crypto-gram-9908.html#Web-BasedEncryptedE-Mail>
    
    
    ** *** ***** ******* *********** *************
    
                          News
    
    
    
    Log analysis e-mail list!  This list is for system administrators who are 
    building and using a centralized logging infrastructure in their 
    networks.  Tina Bird moderates.  To subscribe, send an e-mail to:
    loganalysis-subscribeat_private
    
    The problem of IDS false positives:
    <http://www.computerworld.com/cwi/story/0,1199,NAV47_STO61973,00.html>
    My follow-up letter to the editor:
    <http://www.computerworld.com/cwi/story/0,1199,NAV47_STO62618,00.html>
    
    Vendor incompetence as a security problem:
    <http://cgi.zdnet.com/slink?118523:8469234>
    
    Russian Mafia is hacking for profit:
    <http://www.zdnet.com/intweek/stories/news/0,4164,2784950,00.html>
    This is a big deal.  The Soviet Union had some excellent programmers, some 
    of whom are certainly willing to work for organized crime.
    
    The NIT Computer Security Division's ICAT project team is now giving away 
    copies of the its vulnerability database for public use (in Microsoft 
    Access form).  The database currently contains 2628 vulnerabilities:
    <http://icat.nist.gov>
    
    Hackers are cheating on their SETI@home scores.  I've written about this 
    previously: people cheating about the amount of work they do on the 
    SETI@Home project to inflate their standings.  This is another article on 
    the same topic, describing an even nastier attack.  This is interesting 
    primarily because it shows that there are often non-financial motivations 
    for computer hacking.  There's no money involved here; only bragging 
    rights.  And look at the effort some people put into cheating.
    <http://webserv.vnunet.com/News/1124058>
    
    Good essay on the unfortunate synergies between DMCA and UCITA:
    <http://www.osopinion.com/perl/story/12143.html>
    
    The Center for Internet Security is launching a campaign to pressure 
    software companies to improve security and ship software with security 
    features enabled.  In a Reuters article, I was quoted as saying: "It will 
    help, but not that much."  That comment was printed out of context, and 
    needs clarification.  What CIS is doing is trying to establish minimum 
    security standards for various products.  Their first attempt is for the 
    Solaris OS: a document detailing the steps necessary to implement a level 
    of security in the operating system, and a program to test how far an 
    existing implementation deviates from that standard.  It's free, and 
    versions for Windows and Linux are coming.  Near as I can tell, the idea is 
    to establish a security benchmark and then to ratchet it up slowly.  Given 
    all of my talk about insurance and risk management, this kind of thing is 
    exactly what we need.  By itself it won't improve security, but if 
    insurance companies start writing policies based on compliance, if software 
    companies start touting compliance as a selling point...then it will help a 
    lot.  When the CIS first formed, I worried that it would become an 
    "extort-a-standard" body, charging people for a seal of approval.  So far 
    there are no signs of them doing that.
    <http://www.cisecurity.org/>
    <http://www.cisecurity.org/bench_solaris.html>
    <http://dailynews.yahoo.com/h/nm/20010720/tc/tech_standards_dc_1.html>
    <http://www.counterpane.com/crypto-gram-0101.html#1>
    
    The U.S. government has successfully pressured the Danish government to 
    change its laws, to make searching for copyright violators easier.
    <http://www.cluebot.com/article.pl?sid=01/06/26/042210>
    
    Companies don't care about identity theft:
    <http://www.washingtonpost.com/wp-dyn/articles/A27475-2001Jul20.html>
    
    Death to virus writers!
    <http://www.zdnet.com/anchordesk/stories/story/0,10738,2795678,00.html>
    The only reason I am listing this article is because of the extreme 
    sentiment.  The Internet is a new and strange place to lawmakers.  The 
    risks are complex, considerable, and not well-understood.  It's easy to 
    overreact.  We've seen this overreaction in the prosecutions, convictions, 
    and sentencing of early hackers -- Kevin Poulsen, Kevin Mitnick, etc. -- 
    and we've seen it in some of the government's large-scale Internet 
    surveillance initiatives.  The punishments do not fit the crimes.  In the 
    1800s in the American West, stealing horses was often punished by 
    death.  The extreme punishment was because horses were so important to 
    society, and people would not tolerate the disruption.  The Internet is 
    becoming increasingly important to industrialized society, and I worry that 
    this kind of extreme punishment will continue.
    <http://www.zdnet.com/enterprise/stories/security/0,12379,2797879,00.html>
    
    An interesting spin on something I've been saying for a long time: the 
    interconnectedness of systems increases their vulnerability:
    <http://www.nytimes.com/2001/07/27/opinion/27FRIE.html>
    
    Here's a hacker who knows how to make money.  Someone broke into the Web 
    site of a company called JDS and gained early access to a press release 
    announcing its fourth-quarter financial results.  The company asked both 
    NASDAQ and the Toronto Stock Exchange to halt trading it its stock.
    <http://dailynews.yahoo.com/h/nm/20010726/wr/tech_jds_hacker_dc_1.html>
    
    I'm not sure if I want to write about the SirCam worm.  On one hand, it's 
    just another Windows e-mail worm that automatically sends itself to people 
    in an infected computer's address book.  But it has some clever 
    features.  One, it hides in the trash, where most anti-virus programs don't 
    bother checking.  Two, it e-mails random data files from the victim's "My 
    Documents" folder to other people.  This is probably the cleverest payload 
    I've seen.  Many people I know are posting the documents they've received 
    via this worm: personal letters, recipes, business plans, financial 
    documents, and one case of "personal pornography."  I read one story about 
    sensitive FBI documents being mailed to people by this worm.  I've received 
    51 copies of this worm so far; more than any other.
    <http://news.cnet.com/news/0-1003-200-6671080.html?tag=mn_hd>
    <http://cgi.zdnet.com/slink?122010:8469234>
    And another about secret Ukrainian documents being leaked:
    <http://news.cnet.com/news/0-1003-200-6763200.html>
    Malware authors are certainly getting more clever.
    
    Way back in 1984, John Gordon gave an after-dinner speech at a coding 
    theory and cryptography conference.  The story of this speech has been 
    passed down through the years, as perhaps the funniest speech about 
    cryptography ever given.  It's the story of Alice and Bob, of coding theory 
    and cryptography.  And it's available online for you to read.
    <http://www.conceptlabs.co.uk/alicebob.html>
    
    NIST has posted two new crypto standards for comment.  The first is a new 
    version of FIPS 186-2, the Digital Signature Standard (DSS):
    <http://csrc.nist.gov/186-2.pdf>
    And there's the "Recommendation for Block Cipher Modes of Operation," 
    associated with AES.  Especially notice Dual Counter Mode, by Mike Boyle 
    and Chris Salter of the National Security Agency.
    <http://csrc.nist.gov/publications/drafts/Modes01.pdf>
    
    Most hacking and cracking contests are nothing more than self-serving 
    nonsense.  It's nice to be able to point to an exception: the RSA factoring 
    contest.  It has a real objective, fair rules, and a good prize.
    <http://www.theregister.co.uk/content/55/20638.html>
    
    Iris recognition will be used to identify passengers at Heathrow 
    Airport.  I've written a lot about bad biometric applications.  This is 
    actually a good one.
    <http://www.msnbc.com/news/605612.asp?pne=msn>
    
    Security problems with Microsoft's Passport protocol.  It's a long article 
    and worth reading.  From the conclusion: "The bulk of Passport's flaws 
    arise directly from its reliance on systems that are either not trustworthy 
    (such as HTTP referrals and the DNS) or assume too much about user 
    awareness (such as SSL).  Another flaw arises out of interactions with a 
    particular browser (Netscape).  Passport's attempt to retrofit the complex 
    process of single sign-on to fit the limitations of existing browser 
    technology leads to compromises that create real risks."
    <http://avirubin.com/passport.html>
    
    More details on the FBI's bugging of a suspect's computer without a 
    wiretap.  Soon we'll find out whether this is constitutional or not.
    <http://news.cnet.com/news/0-1003-200-6719544.html>
    <http://www.wired.com/news/privacy/0,1848,45684,00.html>
    <http://www.wired.com/news/politics/0,1283,45730,00.html>
    The FBI says the technology is secret, but the judge asks the FBI for it 
    anyway:
    <http://www.wired.com/news/politics/0,1283,45851,00.html>
    <http://www.wired.com/news/politics/0,1283,45925,00.html>
    
    Risks of spyware.  Some software packages monitor the customers using the 
    software.  But what if the servers that the spyware talks to are infected 
    by viruses and Trojans?
    <http://www.kuro5hin.org/?op=displaystory;sid=2001/6/28/235018/395>
    
    Update on the sentencing of the convicted author of the Melissa virus:
    <http://www.securityfocus.com/news/230>
    
    We'll soon have software capable of copying any human voice.  In a world 
    where voice is a prevalent means of authentication, this will have serious 
    ramifications.
    <http://www.nytimes.com/2001/07/31/technology/31VOIC.html>
    
    This story is too weird for words.  Microsoft adds PGP signatures at the 
    bottom of its security bulletins, for verification.  But if you try to 
    verify the signatures, they fail.  Already there has been at least one 
    forged security bulletin, urging people to install a "patch" with a Trojan 
    Horse.  Microsoft's reaction to this all simply makes no sense; it's like 
    there's no one thinking there.
    <http://www.newsbytes.com/news/01/168397.html>
    
    PDF files can contain viruses.  This is 1) another example of the dangers 
    of mixing code and data, and 2) a potential rat's nest if Adobe keeps using 
    the DMCA to restrict people from reverse-engineering its security.
    <http://computerworld.com/nlt/1%2C3590%2CNAV65-663_STO62902_NLTSEC%2C00.html>
    
    If you thought Code Red's infection speed was bad, read about Warhol Worms: 
    malware capable of infecting the Internet in 15 minutes.
    <http://www.cs.berkeley.edu/~nweaver/warhol.html>
    
    
    ** *** ***** ******* *********** *************
    
           Counterpane Internet Security News
    
    
    
    Schneier is speaking at ISSA events in Wilmington on 8/17, and in Portland, 
    OR, on 9/13.
    <http://www.issa-dv.org/>
    <http://www.issa.org/Portland/>
    
    A couple of months ago, I gave the URL for my white paper on the state of 
    security and the value of network monitoring.  Here's a review of the white 
    paper:
    <http://www.nwfusion.com/newsletters/sec/2001/00898092.html>
    The white paper itself:
    <http://www.counterpane.com/msm.html>
    
    Along with Vint Cerf, Schneier testified before a U.S. Senate Subcommittee 
    on the subject of Internet security:
    <http://www.counterpane.com/commerce-testimony.html>
    News reports:
    <http://www.cnn.com/2001/TECH/internet/07/16/internet.security/index.html>
    <http://www.newsbytes.com/news/01/167998.html>
    <http://www.thestandard.com/article/0,1902,27996,00.html>
    <http://www.computerworld.com/itresources/rcstory/0,4167,KEY73_STO62309,00.h 
    tml>
    
    
    ** *** ***** ******* *********** *************
    
         The Doghouse: Chantilley Data Security
    
    
    
    This column hasn't appeared recently.  Things that two years ago deserved 
    "doghouse" treatment -- badly configured Web sites, ineffectual security 
    standards, lousy product security -- are commonplace today; exposing them 
    feels like shooting fish in a barrel.  But once in a while I stumble on a 
    company so bizarre that it just screams for ridicule.
    
    Let's all welcome Chantilley Data Security to the world of 
    encryption.  From their Web site:  "Until five years ago, encryption 
    technology was the province of state security, diplomacy, banking and 
    multinational corporations.  Now it is the concern of everyone who sends 
    information by e-mail, who trades on the web, who uses a credit card or 
    who, for any reason, needs to authenticate himself/herself or preserve the 
    integrity of information.  Incredible as it may appear, this huge explosion 
    in demand has not been matched by any improvement in encryption 
    technology.   Until now."  Five years ago?  What happened in 1996?  Could 
    they possibly be referring to the publication of the second edition of 
    "Applied Cryptography"?
    
    It gets *much* better.  On another page they describe "Ciphers:XES the new 
    European Encryption Standard?"  "A Solar Cipher is an idea unique to 
    Chantilley.  It uses a PRIMARY ENCRYPTION STREAM to 'fire up' a system of 
    SUN WHEELS and PLANET WHEELS providing high encryption strength and using 
    only a small number of simple logical on-line operations.  In a Solar 
    Cipher, each new key is a set of primitives which generate 
    cryptographically strong pseudo-random streams, which in turn scramble the 
    wiring of three 256-position rotors as in a rotary cipher."  When I first 
    read this page, I thought it was a joke.
    
    "The theoretical maximum entropy of the algorithm is therefore ... 
    equivalent to a 100818 bit key."  "There are very sound reasons for 
    claiming that XES1152 may be the best combination of strength and speed of 
    any software cipher in the world."  "XES-36 is 30,000 times stronger than 
    DES with similar key strength (if that were possible)."  What in the world 
    does that last quote mean?
    
    Their Web site rings all the snake-oil warning bells.  They give their 
    stuff weird fancy names: e.g. "expert encryption standard."  There are 
    claims about breakthrough technology and totally new cryptography and the 
    like.  There are unsubstantiated accolades from nameless experts.  There's 
    scientific mumbo-jumbo (that "solar cipher" stuff had me rolling on the 
    floor, and they invoke something called "Multiple Fermat Sequencing"): 
    comparisons with a one-time pad, ridiculous key lengths (they have a 
    symmetric 1152-bit cipher), and claims that conventional ciphers are too 
    slow for real-time data encryption.  (Here's a representative 
    quote:  "XES-1152 is the fastest and strongest cipher of its kind in the 
    world.")  And they clearly don't know what's going on in the cryptography 
    world; they have a product called "Automatic E-Mail Security" that they 
    refer to as "AES."
    
    There's more, but I can't reprint it all.  These guys are too much, and 
    their Web site is great entertainment.
    
    <http://www.chantilley.com>
    
    Generic snake-oil information:
    <http://www.counterpane.com/crypto-gram-9902.html#snakeoil>
    <http://www.interhack.net/people/cmcurtin/snake-oil-faq.html>
    
    
    ** *** ***** ******* *********** *************
    
            Adobe, Elcomsoft, and the DMCA
    
    
    
    In July, after DefCon in Las Vegas, the FBI arrested a Russian computer 
    security researcher who had presented a paper on the strengths and 
    weaknesses of software used to protect electronic books.  Dmitry Sklyarov 
    (age 27) landed in jail because the Digital Millennium Copyright Act (DMCA) 
    makes publishing critical research on this technology a more serious 
    offense than publishing nuclear weapon designs.  Just how did the United 
    States of America end up with a law protecting the entertainment industry 
    at the expense of freedom of speech?  And How did the entertainment 
    industry end up with stronger laws protecting their content than the 
    information on constructing nuclear weapons?
    
    I've already written about the DMCA, and the ultimate futility of employing 
    technical solutions to prevent digital copying.  The specific DMCA 
    provision at work here is the one that explicitly forbids the invention and 
    distribution of "circumvention devices" and "reverse engineering of 
    document protection."  Basically, it is illegal to break -- or explain how 
    to break -- technology used to protect digital copyright.  If you do, you 
    go to jail (see above).
    
    Technically, the law only protects "effective" copy-protection 
    technology.  This is a wonderful piece of circular logic: surely if it has 
    been broken, it wasn't effective.  The complaint against Sklyarov 
    sidestepped this problem: "Nevertheless, because the book sold in encrypted 
    form and only accessible through the eBook Reader and is not duplicatable, 
    the copyright holder's interest in the book is protected."  But if that 
    were true, then there would no grounds for the case.
    
    There are also provisions in the DMCA to allow for security research, 
    provisions that I and others fought hard to have included.  But these 
    provisions are being ignored, as we've seen in the DeCSS case against 2600 
    Magazine, the RIAA case against Ed Felten, and this arrest.
    
    What the DMCA has done is create a new controlled technology.  In the 
    United States there are several technologies that normal citizens are 
    prohibited from owning: lock picks, fighter aircraft, pharmaceuticals, 
    explosives.  (Ignore guns, since the 2nd Amendment makes it impossible to 
    generalize from their example.)  In each of these cases, only people with 
    the proper credentials can legally buy and sell these technologies.  (Every 
    participant in the commerce of these items -- buying, selling, or even 
    possessing -- must be registered with some governmental 
    agency.  Registration is a mandatory requirement for commerce.)  The DMCA 
    goes one step further, though.  Not only are circumvention tools 
    controlled, but information about them is also controlled.  2600 Magazine 
    merely described, and linked to implementations of, DeCSS.  Ed Felten 
    wanted to present a paper on the deficiencies of the RIAA's various 
    watermark schemes.
    
    I attended Dmitry Sklyarov's talk at DefCon.  What he did was legitimate 
    security research.  He determined the security of several popular e-book 
    reader products and then notified the respective firms of his 
    findings.  His company Elcomsoft published, in Russia, software that 
    circumvented these ineffectual security systems.  His DefCon talk was a 
    clear and evenhanded presentation of the facts.  He said, in effect: "This 
    security is weak, and here's why."  (One particular company he mentioned 
    stored the password in plaintext inside the executable.  So anyone with 
    Notepad could have the book modified for easy distribution.)
    
    The FBI nabbed him at the request of Adobe Systems, Inc. for breaking the 
    security on Acrobat's E-Reader API, and held him for weeks without 
    bail.  (He's currently out on bail.)  The arrest was not because of his 
    presentation, but because of the work his company did while in 
    Russia.  This is even more confusing.  Elcomsoft created and marketed a 
    product that circumvented Adobe's product.  This kind of software is often 
    required in Russia, where people have a legal right to make personal 
    backups.  Sklyarov was one of the programmers working on this project, 
    which was completed entirely in Russia.  The FBI seems to be claiming that 
    they can arrest you for breaking U.S. law while not in the 
    U.S.  Additionally, they can arrest you if your company breaks U.S. law 
    while not in the U.S.  Computer scientists have long viewed 
    reverse-engineering as legitimate security research.  Fair use allows the 
    owner of a copyrighted work to make copies for his personal use.  The DMCA 
    assumes that the only reason to do any of this work is to pirate 
    copyrighted works.  Writing software, publishing technical details, even 
    giving a technical talk is illegal under the DMCA.
    
    In 1979, "The Progressive" magazine tried to publish an article containing 
    technical information on H-bomb design.  The government claimed publication 
    of the would result in "grave, direct, immediate and irreparable harm to 
    the national security of the United States."  After six months of legal 
    maneuvering, the magazine published it.  In 1971, the government tried to 
    prevent "The New York Times" from publishing "The Pentagon Papers."  The 
    Supreme Court promptly voted 6-3 to reject the government's censorship 
    attempt, with Chief Justice Warren Burger declaring that "prior restraints 
    on speech and publication are the most serious and least tolerable 
    infringement on First Amendment rights."
    
    Welcome to 21st century America, where the profits of the major record 
    labels, movie houses, and publishing companies are more important than 
    First Amendment rights or nuclear weapons information.  (The more you look 
    at the problem, the weirder it becomes.  "The New York Times" has the legal 
    right to publish secret government documents, unless they are protected by 
    a digital copy-protection scheme, in which case publishing them would lead 
    to an FBI raid.)
    
    In many ways, the entertainment industry's tactics are similar to the NSA's 
    during their long war against cryptography and cryptographic 
    information.  Until the late 1990s, the NSA used the threat of national 
    security to prevent the dissemination of encryption technologies.  When 
    they could, they blocked the publication and dissemination of cryptographic 
    information.  When that failed, they concentrated on products, using both 
    legal and illegal methods to block encryption software.  Many people 
    believe the NSA's primary rubric, export controls, would not stand up to a 
    constitutional challenge, but it was never tested.  It wasn't until the 
    Internet made cryptography ubiquitous that the NSA eventually gave up.
    
    During those years I was often asked about the NSA's strategy.  Wasn't it 
    doomed to fail?  Yes, eventually.  But for the NSA, every day they could 
    delay the failure was another day of victory.  Maybe the export control 
    regulations (they were never laws) were unconstitutional.  Maybe preventing 
    publication of this and that was prior restraint.  Maybe pressuring 
    companies to install back doors into their software was illegal.  But if it 
    worked for a while, who cares?  The NSA was fighting a holding action, and 
    they knew it.
    
    The entertainment industry is behaving the same way.  The DMCA is 
    unconstitutional, but they don't care.  Until it's ruled unconstitutional, 
    they've won.  The charges against Sklyarov won't stick, but the chilling 
    effect it will have on other researchers will.  If they can scare software 
    companies, ISPs, programmers, and T-shirt manufacturers (Hollywood has sued 
    CopyLeft for publishing the DeCSS code on a T-shirt) into submission, 
    they've won for another day.  The entertainment industry is fighting a 
    holding action, and fear, uncertainty, and doubt are their weapons.  We 
    need to win this, and we need to win it quickly.  Please support those who 
    are fighting these cases in the courts: the EFF and others.  Every day we 
    don't win is a loss.
    
    Elcomsoft's products:
    <http://www.elcomsoft.com/>
    Government document:
    <http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010707_complaint.html>
    
    A description of Sklyarov's talk, including a link to the slides:
    <http://www.zdnet.com/zdnn/stories/comment/0,5859,2800985,00.html>
    
    EFF support:
    <http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010717_eff_sklyarov_pr.html>
    <http://www.eff.org/IP/DMCA/US_v_Sklyarov/20010718_eff_sklyarov_statement.html>
    
    News articles:
    <http://www.nytimes.com/2001/07/18/technology/18CRYP.html>
    <http://dailynews.yahoo.com/h/nm/20010717/wr/tech_hacker_arrest_dc_1.html>
    <http://www.wired.com/news/politics/0,1283,45298,00.html>
    <http://news.cnet.com/news/0-1003-202-6651535.html>
    <http://news.cnet.com/news/0-1005-200-6699001.html>
    <http://news.cnet.com/news/0-1005-200-6794178.html>
    
    Thoughtful analyses:
    <http://www.osopinion.com/perl/story/12143.html>
    <http://securitygeeks.shmoo.com/article.php?story=20010719141720141>
    <http://www.nytimes.com/2001/07/30/opinion/30LESS.html>
    <http://www.zdnet.com/anchordesk/stories/story/0,10738,2802199,00.html>
    
    Other DMCA cases:
    <http://www.eff.org/IP/DMCA/>
    
    Essays about the dangers of the DMCA:
    <http://www.privacyfoundation.org/commentary/tipsheet.asp?id=47&action=0>
    <http://www.infowarrior.org/articles/2001-05.html>
    <http://www.cs.cmu.edu/~dst/DeCSS/Gallery/cacm-viewpoint.html>
    
    Poignant satire of the DMCA:
    <http://www.linuxplanet.com/linuxplanet/opinions/3642/1/>
    
    Article about this essay:
    <http://www.theregister.co.uk/content/4/20932.html>
    
    
    ** *** ***** ******* *********** *************
    
       Protecting Copyright in the Digital World
    
    
    
    Every time I write about the impossibility of effectively protecting 
    digital files on a general-purpose computer, I get responses from people 
    decrying the death of copyright.  "How will authors and artists get paid 
    for their work?" they ask me.  Truth be told, I don't know.  I feel rather 
    like the physicist who just explained relativity to a group of would-be 
    interstellar travelers, only to be asked: "How do you expect us to get to 
    the stars, then?"  I'm sorry, but I don't know that, either.
    
    I am a scientist, and I explain the realities of the science.  I apologize 
    if you don't like the truth, but the truth doesn't change because people 
    wish it would be something else.  I don't know how authors and artists will 
    make money in a world of easy copyability.  I'm an author myself, 
    personally concerned about protecting my own copyright, but I still don't 
    know.  I can tell you what will and won't work, technically.  You can argue 
    about whether my technical analysis is correct, but it just doesn't make 
    sense to bring social arguments into the technical discussion.
    
    If I had to guess, I believe companies will find a way to make money 
    despite the prevalence of digital copying.  Television stations figured out 
    how to make money despite having to broadcast their programming to 
    everyone.  There are lots of financial models that don't require selling 
    individual units to make money: advertising, patronage, 
    pay-for-performance, pay-for-timeliness, pay-for-interaction, public 
    funding.  I started Crypto-Gram when I was a consultant; I gave the 
    newsletter away and charged for my time.  The newsletter was free 
    advertising.  The Grateful Dead gave away concert recordings but charged 
    for live performances.  Stephen King kept writing chapters of his 
    electronic book as long as a sufficient percentage of his readers paid him to.
    
    I don't know what model will become the prevalent one in the digital 
    world.  But I do know that technical methods to prevent digital copying are 
    doomed to fail.  (This is not to say that social methods, or legal methods, 
    won't work.)  Those companies that have business models that accept this 
    reality are more likely to succeed than those that have business models 
    that reject it.  Complain all you like, but reality is reality.
    
    My original analysis:
    <http://www.counterpane.com/crypto-gram-0105.html#3>
    
    
    ** *** ***** ******* *********** *************
    
                Europe's Cybercrime Treaty
    
    
    
    About a year ago, around eighty of us computer-security people signed a 
    letter to the Council of Europe expressing grave concerns with the 
    Council's draft of the Crime in Cyberspace Treaty.  Basically, we were 
    concerned about provisions that would criminalize legitimate security 
    research in the same way the DMCA does.
    
    Surprise, surprise: it seems like they listened.  Here's the new treaty 
    language:
    
    Article 6: Misuse of devices
    
    1. Each Party shall adopt such legislative and other measures as may be 
    necessary to establish as criminal offences under its domestic law, when 
    committed intentionally and without right:
    
    a. the production, sale, procurement for use, import, distribution or 
    otherwise making available of:
    	1. a device, including a computer program, designed or adapted primarily 
    for the purpose of committing any of the offences established in accordance 
    with Article 2 -5;
    	2. a computer password, access code, or similar data by which the whole or 
    any part of a computer system is capable of being accessed with intent that 
    it be used for the purpose of committing any of the offences established in 
    Articles 2 - 5; and
    
    b. the possession of an item referred to in paragraphs (a)(1) or (2) above, 
    with intent that it be used for the purpose of committing any of the 
    offences established in Articles 2 - 5.  A Party may require by law that a 
    number of such items be possessed before criminal liability attaches.
    
    2. This article shall not be interpreted as imposing criminal liability 
    where the production, sale, procurement for use, import, distribution or 
    otherwise making available or possession referred to in paragraph 1 of this 
    Article is not for the purpose of committing an offence established in 
    accordance with articles 2 through 5 of this Convention, such as for the 
    authorized testing or protection of a computer system.
    
    3. Each Party may reserve the right not to apply paragraph 1 of this 
    Article, provided that the reservation does not concern the sale, 
    distribution or otherwise making available of the items referred to in 
    paragraph 1 (a) (2).
    
    Not bad.  Not perfect, but not bad.  It's rare in this business that 
    governments actually listen and do the right thing.  Kudos to the European 
    governments who drafted the treaty.  This is kind of neat, really.
    
    Let's hope the Americans don't muck it all up.
    
    The entire treaty:
    <http://conventions.coe.int/Treaty/EN/projets/FinalCybercrime.htm>
    
    Our letter:
    <http://www.cerias.purdue.edu/homes/spaf/coe/TREATY_LETTER.html>
    
    My original analysis of the treaty:
    <http://www.counterpane.com/crypto-gram-0008.html#6>
    
    
    ** *** ***** ******* *********** *************
    
                 Comments from Readers
    
    
    
    From: Bill_Roydsat_private
    Subject:  Monitoring
    
    One important thing modern control theory works on is error modeling.  As 
    well as controlling the process, you also monitor the changes in process 
    error to know when processes are getting too many errors.  In systems 
    administration we often are so concerned about getting the thing to work, 
    that we don't also watch our processes and improve them as well.  This 
    attitude (if it ain't broke, don't fix it) works with static systems, but 
    is absolutely dangerous in the dynamic world of IT security.  The real 
    slogan should be "if it ain't broke now, it will be soon."
    
    
    
    From: "Dmitry Streblechenko" <dmitryat_private>
    Subject: Outlook Redemption
    
    You mention one of my products (Outlook Redemption) in your Crypto-Gram 
    newsletter on July 15, and I strongly believe that you are missing the 
    point.  Redemption bypasses the Outlook security patch (aka HELL) only when 
    it comes to executing the code already downloaded to a local machine.  It 
    does *not* bypass the Outlook security when Outlook disables scripting in 
    HTML e-mails or hides executable attachments.  Big difference.
    
    Outlook provides two layers of API: object model (which can be accessed by 
    any language, including any scripting language) and Extended MAPI, which 
    Outlook itself (and Redemption!) uses and which is only accessible to 
    C/C++/Delphi.  No scripting languages or VB.  Extended MAPI cannot possibly 
    be crippled because Outlook itself will simply stop working.  So instead of 
    only blocking the means of receiving and executing the malicious code, MS 
    created an annoyance for those using Outlook Object Model from their 
    legitimate (local) applications.  Being an Outlook MVP, I witnessed people 
    who built their businesses using Visual Basic screaming for help when the 
    security patch was released.
    
    For all practical reasons, one can write a virus that uses Extended MAPI 
    instead of the Outlook object model (it just takes more time and a little 
    knowledge of the relevant API); there will be no way to block it short of 
    uninstalling Outlook.  Which is fine, since once the code is downloaded and 
    run in the current user security context it can do anything it wants 
    whether Outlook or any other application is installed.
    
    The only way to stop spreading such code is to block it from executing 
    automatically (e.g. script in an HTML e-mail) or to make a user think twice 
    before executing it.  Blocking the code which is already installed and 
    assumed to come from a trusted source is outright stupid.  That's where 
    Redemption comes into play.
    
    
    ** *** ***** ******* *********** *************
    
    
    CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses, 
    insights, and commentaries on computer security and cryptography.
    
    To subscribe, visit <http://www.counterpane.com/crypto-gram.html> or send a 
    blank message to crypto-gram-subscribeat_private  To unsubscribe, 
    visit <http://www.counterpane.com/unsubform.html>.  Back issues are 
    available on <http://www.counterpane.com>.
    
    Please feel free to forward CRYPTO-GRAM to colleagues and friends who will 
    find it valuable.  Permission is granted to reprint CRYPTO-GRAM, as long as 
    it is reprinted in its entirety.
    
    CRYPTO-GRAM is written by Bruce Schneier.  Schneier is founder and CTO of 
    Counterpane Internet Security Inc., the author of "Secrets and Lies" and 
    "Applied Cryptography," and an inventor of the Blowfish, Twofish, and 
    Yarrow algorithms.  He served on the board of the International Association 
    for Cryptologic Research, EPIC, and VTW.  He is a frequent writer and 
    lecturer on computer security and cryptography.
    
    Counterpane Internet Security, Inc. is the world leader in Managed Security 
    Monitoring.  Counterpane's expert security analysts protect networks for 
    Fortune 2000 companies world-wide.
    
    <http://www.counterpane.com/>
    
    Copyright (c) 2001 by Counterpane Internet Security, Inc.
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Aug 15 2001 - 07:41:27 PDT