Network Time Security
The 31st Chaos Communication Congress has been held for the third time in the Congress Center Hamburg between December 27th and December 29th. The Roadmap offers an overview of all talks and their speakers. And even if you didn’t make it to Hamburg, most of the talks could be watched over a streaming portal. Under the banner of Congress Everywhere there is further information regarding this multimedia endeavour as well as a list of localities where likeminded people can meet. In addition to all that, only days after the 31C3 the recorded talks are online in a variety of formats. Basically, all relevant information regarding the 31C3 can be found in the dedicated Wiki. In this article, I’ll summarize all the talks that I have attended and chronicle my impressions of the 31C3.
A day before the congress officially started, the CCH is open. The last few tickets are on sale and visitors can check themselves in. I wholeheartedly recommend to arrive a day early and do the check-in on Day Zero, before the events start. This saves the endless standing in queue on Day One. Besides, this will allow for a few last hours of sleep before the congress starts. Although the event hasn’t officially started, the presence of the Chaos Computer Club (CCC) is noticeable.
31C3 was opened by erdgeist and Geraldine de Bastion. Last year’s congress didn’t have a slogan due to the speechlessness after the Snowden leaks. This year, the congress proclaimed A New Dawn, claiming that the first shock of the leaks is over and we’re now looking for new ways. One of the suggested new ways is the end-to-end encryption of communication of all kind. The keynote was held by Alec Empire, who is an artist and a member of Atari Teenage Riot. He talked about his experiences with Atari Teenage Riot and his views of political movements, the music industry, the actions and manipulations of society as well as the art and technical scene that should come closer together. His demand is to question authorities and to further decentralization, which has been a creed of the CCC for quite some time. I wasn’t too impressed by this talk. There was no recognizable train of thought and I wasn’t able to make out a clear message during the entirety of it.
I pass the time until the next talk to explore the CCH. There are four halls that all hold talks at the same time. Then there’s the Hackcenter and several rooms that hold workshops or offer space to hold what the CCC refers to as Assemblies. The NOC team offers a free Wi-Fi network spanning the entire building that supports IPv4/IPv6. On Day One, the net ran flawlessly with a few exceptions such as when Hall 1 was packed to the rafters with 3000 attendees. That’s when the network had a bit of trouble communicating with the outside world. This year, the wiki was – unlike 2013 – available at all times. More data concerning (network) activity can be found on c3netmon.
Following this was a talk titled SCADA StrangeLove: Too Smart Grid in da Cloud The StrangeLove Team, represented by Sergey Gordeychik and Aleksandr Timorin, presents their findings in the industry sector of IT Security. There are a huge number of vulnerabilities that are shockingly easy to exploit such as standard passwords that are hardcoded and web servers with buffer overflow vulnerabilities upon
GET requests. Therefore, there’s a lot that still needs fixing and doing in the ICS sector. Vendor reactions to findings vary, they say. They thanked Siemens CERT for their constructive work. There’s still not a single vendor that doesn’t react to vulnerabilities and neglects to publish patches.
Andrea Barisani showed that the EMV (Europay, MasterCard and Visa) Standard as well as the Chip plus Pin process still has several vulnerabilities during his talk titled Practical EMV PIN interception and fraud detection. Using the attacks PIN verification wedge and CMV downgrade he was able to successfully attack the Chip plus Pin process of all available credit cards. Therefore, credit card fraud is still possible. Andrea’s summary: Liability for fraud should not be on the side of the client, because fraud is entirely possible without the client doing anything.
The following talk SS7: Locate. Track. Manipulate. held by Tobias Engel describes how using only the protocol Signalling System No. 7 (SS7) the location of any mobile phone could be determined. Apart from information gathering, an attacker is also able to manipulate Call/SMS routing. In a live demo Tobias demonstrated how a call using SS7 can be re-routed to another phone. These attacks are possible due to the fact that SS7 does not require authentication and everyone with access to SS7 can send requests for random phone numbers.
The talk Mobile self-defense by Karsten Nohl builds on the findings of the previous presentation. Karsten focused on intercepting and recording SMS and calls using UMTS. Because calls and text messages are encrypted in UMTS, reading them requires a key. However, using SS7, it’s possible to request the current decryption key. This means that using the vulnerabilities in SS7 a call can be re-routed and decrypted at the same time. This doesn’t only work for calls but also for text messages. Further along the talk Karsten visualized during project GSM Map how mobile phone operators of many a country implement security measures for GSM (2G) and UMTS (3G). Finally, Karsten presented the app SnoopSnitch that acts as a means of self-defence against attacks on the mobile phone layer. For example, it recognizes IMSI Catcher. SnoopSnitch is available for Android higher than version 4.1, requires root access and the device needs to have a QUALCOMM chipset. SnoopSnitch utilizes the debug function of the QUALCOMM libraries in order to access the GSM baseband because these attacks can only be recognized on this level.
The talk Ich sehe, also bin ich … Du (translated: I see, therefore I am… you) by starbug showed that authenticating using biometric means can be insecure. For example: He was able to extract fingerprints from photographs that were taken from several meters away and use them for authentication purposes. Finally, starbug presented his Hack of the Apple TouchID in the iPhone.
Unfortunately, I missed the beginning of the talk titled ECCHacks by Dan Bernstein and Tanja Lange because I was still in queue to buy some 31C3 clothing. After about ten minutes of the talk, I stopped trying to follow because it was definitely not the right time for complex mathematical formulas. This is a talk that should best be watched in peace and quiet as a recording.
After all that theoretical math there was a talk about the practical uses of cryptography and Operational Security (Opsec)_ in the life of journalists. The title of the talk was Crypto Tales from the Trenches. The journalists Julia Angwin and Jack Gillum as well as the documentary film maker Laura Poitras were accompanied by security researcher Nadia Heninger reported how they started working with crypto software, how they learned to properly use them and how difficult it was to get sources who lacked technical background to understand that they should use encryption in their communication.
To conclude the first day the film Citizenfour by Laura Poitras was screened in Halls 1 and 2 as a stream. After the movie, Laura Poitras received standing ovations and spent more than half an hour answering audience questions.
After the official part of the first day ended without bigger incidents. Guesstimated, there were many more people than there were last year. Asked to put a number on it, I would say that there were about 10 000 people. During some presentations in hall 1, that could hold about 3000 people, was packed to the rafters and seat rows had to be defragmented so that more people could fit into the hall. During the 30C3 this only rarely happened during some very popular talks. But because there were more rooms in the CCH and there was none of the feeling of lack of space and proximity of everything that is so prominent in memories of the days in Berlin was just not there. A new feature during the presentations was the showing of subtitles. The team writing the subtitles tries to create subtitles as the talks were being held. These subtitles were displayed underneath the slides of the presentation. This is more of a success during talks with slow speakers than during those with fast speakers. I am curious to see if these subtitles will be used all the way throughout the congress, but they’re still more of a nuisance to me rather than an additional benefit.
The first talk of the second days was Why is GPG damn near unusable by Arne Padmos that was all about the encryption software GPG. It’s not easy to use – Arne used the example of Glen Greenwald and Edward Snowden – and the basic vulnerable points during deployment of encryption software.
Joseph Tartaro and Matthew Halchyshak held their talk Cyber Necromancy that concerned the reverse engineering of network protocols. Both are/were big fans of the PlayStation game Metal Gear Online. But one year after the game was published, the official servers for it were shut down. The two decided that they would develop their own server, based on an analysis of the client as well as the network traffic (only requests sent by the client as there were no responses by the server anymore). After ten months of hard work, the two were successful to get their beloved back up and running. However, it is necessary to run a custom firmware on the PlayStation that runs the game.
In the talk The automobile as massive data gathering source and the consequences for individual privacy by Dr. Rüdiger Hanig and Jimmy Schulz talked about the data that are collected by a modern car and how high the need of said data by various parties. Among these parties: companies that rent out cars, or insurance companies. The two researchers demanded that the owner of the car has access and control of said access to that data. Talks with the car industry, however, have been difficult thus far. My opinion of this is that it’s highly questionable whether or not the car industry will ever comply with these demands.
Next on my list was Forging the USB armory by Andrea Barisani. It was about a USB drive that has all the capabilities of a computer. It’s called USB armory and it can run a modified Linux version. It can be used as SSH Proxy, password manager, web proxy, or as an authentication token. The device is powered via the USB port and sports its own CPU – a Freescale i.MX53 -, memory as well as storage in the form of a SD card. The device is the size of a normal USB stick. The device can be accessed by SSH. An interesting detail, just as a side note: The device is completely manufactured in Italy.
The artist Aram Bartholl gave the visitors of his talk titled Hard Drive Punch the chance to destroy hard drives they brought along live on stage. Meanwhile he showcased various means of destroying hard drives starting with the traditional method of hammering the drive to death and ending with the use of thermite.
Going by the title of Too Many Cooks – Exploiting the Internet-of-TR-069-Things the talk started with an edited version of the internet meme of the same name. Lior Oppenheim and Shahar Tal discussed a weakness in the remote management protocol TR-069, deployed in routers for home use, for example (SOHO routers). The service TR-069/CWMP can be reached at port tco/7547. During a scan in November 2014 that covered the entire IPv4 spectrum, the researchers discovered 46 million devices that accept a connection on that port. The software Allegro RomPager v4.07 (published in 2002) runs on 11.3 million of those. After an analysis of that specific software on various devices Oppenheim and Tal found a vulnerability concerning the implementation of the webserver and not TR-069 itself that exploits modified cookies. Thus, they were able to access the admin interface of the router. They named the vulnerability Misfortune Cookie (CVE-2014-9222). Other than tcp/7547 the vulnerability can also be exploited using tcp/80. There’s no need for authentication. The service can’t be deactivated on devices, the only known countermeasure is a firmware update. But for many devices, there’s no vendor patch thus far. The affected devices are listed on a website.
Zakir Durumeric is not only a student at the University of Michigan but also main developer of the ZMap Project. During his talk concerning The Matter of Heartbleed he took a look back on Heartbleed (CVE-2014-0160) and presented several scans using ZMap. In the Top 500 of websites, the vulnerability was patched within 48 hours. Zakir estimates, based on scan results, that 55% of all HTTPS websites were potentially vulnerable and in 18% of all websites, the vulnerability could be confirmed. Two weeks after Heartbleed’s publication, there were only 600 000 hosts still affected. All affected hosts were notified by the university and the patching rate was elevated by 47%. But patching alone wasn’t enough. The certificate and the private key should be renewed as well – but only 10.1% of all affected websites replaced their certificate. There’s much left to do.
The following talk by Nick Sullivan also dealt with Heartbleed and was titled Heartache and Heartbleed: The insider’s perspective on the aftermath of Heartbleed. Nick works at Cloudflare and talked about his experiences when dealing with the vulnerability. He knew that Heartbleed was bad on the day that it was published when his mother called him to ask what was going on… He presented statistics that showed that there were 200 million tests executed using the Heartbleed Test Tools before he went into The CloudFlare Heartbleed challenge which aimed to prove that the private key could really be extracted using the vulnerability. It took all of ten hours to prove that this was indeed possible. The reason for this was yet another bug in OpenSSL, which led to the age of certificate revocation. Over the course of 24 hours, more than 100 000 certificates were revoked and this led to grave problems (workload, denial of service) with CRL, OSCP and CRLSets. There should be a new solution for spreading revocation lists.
Frank Rieger and Felix von Leitner presented during their talk titled Fnord News Show the news-highlights of the past year. Readers of Fefes Blog – the blog written by Felix von Leitner – might recognize a story or two.
The motto of the second day was defragmenting. Almost every talk I attended was fully booked. The place was packed to the rafters. Sometimes, it was necessary to close the doors until some people left the room in order to make more space. I can state with absolute certainty that the venue in Hamburg has also reached the point where it has capacity issues. But all streams worked flawlessly throughout the day. The subtitles weren’t displayed anymore on the second day, by the way.
Funky File Formats was Ange Albertini’s talk in which he played with all the possibilities of file formats. For demo purposes he created a JPG file that he decrypted with AES. It turned out to be a PNG file. He decrypted that file with AES again and it turned into a Flash video, which he then decrypted with 3DES. It turned into a PDF. There were more examples how files can be embedded in files of other formats. One of his preferred formats is PDF and he showed a document that was both an executable PDF viewer and contained PDF slides. Ange’s recommendation at the end of the talk was that you should never forget to open images in a music player, PDFs should be opened in console emulators and files should be de- and encrypted with all possible ciphers. All the examples he used can be downloaded from his website.
Olia Lialina took a look back into the past of web design during her talk The Only Thing We Know About Cyberspace Is That Its 640×480. For example: She spotlighted the time when it was fashionable to have an _under construction_-GIF on your website.
During What Ever Happened to Nuclear Weapons? by Michael Büker spotlighted the history of nuclear weapons. He started with the basics: The manufacturing, the various types of nukes and which effects the detonation of the bombs would have. After that, he analysed the development over time, starting in 1968, which countries had nuclear weapons and how they deal with having them. For example: India was testing nuclear weapons in 1974 under the codename Smiling Buddha. They considered the tests to be peaceful. In the 1960s, scientists collected the baby teeth of children in order to find traces of radiation in them. They were successful. Michael showed a video by artist Isao Hashimoto that chronicled all nuclear tests in a sped up way. Michael concluded his talk with the statement that humanity should get rid of nuclear weapons once and for all.
He discovered that the ROM is reprogrammable, because there’s no more TPM-Chip in a MacBook that monitors changes to the ROM. There are also no cryptographic checks and only a CRC32 based check. Further analyses showed that LMZA is used to compress and RSA2048 (SHA256) to sign the firmware (SCAP files). The checking of the signature is only performed on a software level. Using the Thunderbolt port users have the ability to load OptionROMs upon boot of the MacBook. Trammel used that as an attack vector to use his own RSA key to install a modified EFI ROM using Apple’s own Firmware update mechanism. And because all cool exploits these days get a nickname, he called this Thunderstrike. The vulnerability exists in every MacBook that has a Thunderbolt plug. It’s even possible to spread the vulnerability to other Thunderbolt devices. This software can’t be gotten rid of by mere deletion and even survives a reinstall of the operating system or a change of the hard drive. Apple has not yet published a countermeasure or a patch. Trammel suggested among other solutions that the EFI ROM should be cryptographically checked. Anja Drephal in Living Drones talked about history once again. She talked for 20 minutes about living drones. The most popular example of a living drone is a carrier pigeon, that were used during the two World Wars. The carrier pigeons were so vital to war efforts that harming or killing one led to half a year of imprisonment. A carrier pigeon named Cher Ami in the service of the French ended up being a decorated war hero and was treated as a prisoner of war. The Americans tried to train bats to act as bombs. And on the other side of the Iron Curtain, the Russians trained dogs to take out tanks. They were outfitted with bombs and trained to crawl under tanks. The project wasn’t particularly successful. These days, scientists are working on controlling the electric signals sent to the muscles of moths in order to control their flight.
Will Scott covered Computer Science in the DPRK and talked about his experiences as a teacher at the university in North Korea. Will, much to his own surprise, had internet access without there being a filter. Most of the students, though, only had filtered access to the net. There’s an intranet for companies and universities that spans the entire isolationist state, but systems that accessed the internet didn’t have access to the intranet and vice versa. Most computers were running Windows XP, but he saw a few systems running North Korea’s own operating system Red Star OS. He was able to demo the OS which is a Linux distro supposed to look and feel like Mac OS X. Mobile devices are predominantly Android and a 7” tablet even had an analog TV antenna. It lacked Bluetooth and WiFi, though. This tablet, too, got demonstrated.
During The Perl Jam: Exploiting a 20 Year-old Vulnerability Netanel Rubin showed how handling Perl Lists in a specific way can lead to vulnerabilities. Among other affected areas, there are the modules CGI and DBI. An example he used was a vulnerability in Bugzilla (CVE-2014-1572). His summary: Perl shouldn’t be used anymore. The talk led to heated debate with Perl enthusiasts in the Q&A after his talk.
Epilogue to Day Three: The subtitles were still in use – in the stream of the talks they were just not displayed. Also, the Wiki including schedules was occasionally unreachable during the day.
All the projects that the two presented can be read in the blog of the Tor project
The 31C3 NOC team presented their numbers and statistics in their 31C3 Infrastructure Review.
The talk Security Nightmares by Frank Rieger and Ron was held for the 15th time. It reviewed the year and looked ahead in time. And just like the 14 times this talk was held before, it ran over length… and concluded with them wishing the attendees a happy new year and a good passing-over into 1984.
Tomate and dodger declared the 31C3 over with the final talk aptly named 31C3 Closing Event. There were over 10 000 people at the event. There were 186 talks in total, amounting to 122 hours and 30 minutes of scheduled events by 202 speakers and one theatre troupe.
31C3 was four days of great entertainment. Most of the talks that I attended were of high quality. My personal top three:
Most talks were recorded and can be watched and downloaded on the CCC media site. In closing, I would like to thank all people involved who made this great congress possible. Well Done!
We are going to monitor the digital underground for you!
Our experts will get in contact with you!
Further articles available here