Sunday 21 June 2015

LastPass Breach



On June 15th, LastPass issued a security warning regarding suspicious activity on their network [1]. They stated that their vault containing encrypted passwords was not accessed, but believe the following were compromised
·         email addresses
·         password reminders
·         user salts
·         authentication hashes

So what can the hackers do with this stolen information?

Password manager sites will always be a hacker target because of the potential rewards. Hackers now have copies of all hashed master password. By themselves the hashes are pretty useless, but should these be cracked, the hackers will be able to access the password vaults. However, cracking these hashes through brute force or rainbow tables is unlikely due to the cryptographic protection methods that LastPass use. Let’s look at these:

 

Authentication Hashes & User Salts

Master passwords are not stored by LastPass. Instead, LastPass store a hash of the master password. When a user logs into LastPass, whatever is typed in as the password is hashed in the same method as the master password and compared against the master password hash. If they match, bingo, you are let in.

LastPass recently changed to SHA256 hashing. If LastPass stored just a SHA-256 hash of the master password, comparing master password hashes with a SHA256 rainbow table would probably reveal a large percentage of master passwords. To avoid this LastPass use salting as a method to protect authentication hashes. Salts don't have to be kept secret, as long as they are random and unique to each user. To strengthen the master password hash, the master password is combined with a random salt, which then undergoes 100,000 rounds of SHA256 PBKDF-2 hashing (in addition to any rounds performed client-side).

As a SHA-256 hash is a one way function, the master password cannot be reverse engineered from the hash.  In order to rainbow table crack the hash, the hacker will need to run a rainbow table that has been salted with the same salt. With random salts, even if a bunch of users have the same password, the salt will make each hash unique. Provided each salt is random, cracking authentication hashes through rainbow tables is pretty unlikely.

But the hackers also copies of each user's random salt. To crack the master passwords, the hackers still need to know the algorithm used for combining the master password with the salt. As LastPass code is not open source, this is an unlikely way to crack the hashes. Instead, hackers will need to brute force or socially engineer the password. 

Threat: reverse engineering master password hashes. Likelihood: Unlikely
Threat: cracking master password via rainbow tables. Likelihood: Unlikely/Low
Threat: brute forcing the master password. Likelihood: Low (if the password is strong enough)

Additionally, LastPass employs some other useful features. Probably the most useful feature is 2FA. Even with your master password, a hacker still requires your pin (which could be intercepted, but is unlikely) to access your vault. Restricted country log-in and restricted Tor log- ins should increase the difficulty to accessing the vault even with the master password.

So why did the hackers bother to steal this information if they cannot access password vaults without cracking the master password?
  

Email Addresses

LastPass’s choice to go public on this breach was wise as this should make users mindful of any emails that appear to originate from LastPass asking you to click on this link...don’t!

Threat: SPAM and phishing. Threat Level: High (Low, if users are vigilant)

Password Reminders

It is unsure if the reminder questions were themselves encrypted, but I have not read anything to suggest they were. So any threat depends on the user’s security awareness. The hackers cannot do much with the reminders themselves, as reminders cannot include the actual password.  But if the reminder was “My mother’s maiden name”, a little bit of social engineering should easily acquire the master password. Ideally, security aware users won’t user password reminders at all, choosing to remember the master password in another fashion such as writing it down and storing it in a safe. The cunning user might leave their reminder as "mother’s maiden name" but have their actual master password totally unrelated.

Threat: Master password information. Threat Level: Medium/High


Of course this hack adds fuel to the argument of storing possible hundreds of passwords in the cloud. Even with robust protection, such as LastPass, cloud storage is probably unsuitable for storage of really important things. But then, what are the options? Make all your passwords weak so you can remember then? Write them on a Post-It and stick it to your monitor? When looking at any security process we should always revert back to “How important is the information we want to protect?” Remember, security will always be a trade off between security versus convenience. Password storage is not different. Passwords stored with a salting algorithm and a strong hashing algorithm such as SHA-256, should be pretty difficult to acquire by rainbow tables.


The main difference between this attack and the 2011 breach [2], is that LastPass notified their user-base so quickly. Most useful to the hackers will be password reminders, then the email addresses. So as long your reminder does not reveal your password and you stay vigilant about phishing emails, then you should be okay.  You should enable 2FA if not already enabled. Oh, probably use this as an excuse to change your master password - it won't hurt. 



[3] provides a more detailed description of how LastPass hashing and storage works. He is presenting at Shakacon in July [4] on how to attack password vaults.



[1] https://blog.lastpass.com/2015/06/lastpass-security-notice.html/ 
[2] https://blog.lastpass.com/2011/05/lastpass-security-notification.html/ 
[3] http://www.martinvigo.com/about-todays-lastpass-breach/#more-230
[4] http://shakacon.org/

Wednesday 17 June 2015

Its all in the Minds



 This week the press jumped on a new social network called Minds.

Another social network – who cares?  Anonymous seem to care as they have added their backing to this site.  The Independent (http://www.independent.co.uk/life-style/gadgets-and-tech/news/superprivate-social-network-launched-to-take-on-facebook-with-support-of-anonymous-10325307.html) describes this open-source application as “unlike its competitors it doesn’t aim to make money from gathering data — instead, it encrypts all messages, so that they can’t be read by advertisers or by governments.” According to Wired, two of the site developers are known for their internet activism in fighting for privacy and freedom of expression. (http://www.wired.co.uk/news/archive/2015-06/16/anonymous-backs-encrypted-social-network-minds)

The site offers the usual social network gumph expected, as well as end-to-end encrypted private messaging, unrestricted news feeds and bitcoin. Additionally, the site also lets users control their own reach, unlike Facebook that utilises its own algorithms to control this for you.

The site does still include some 3rd party advertising content but this is just until the site gets established and can pay for itself (http://venturebeat.com/2015/06/15/a-social-network-called-minds-has-an-answer-to-facebooks-strangling-of-organic-posts/)

Check it out here: https://www.minds.com/

The US Freedom Act: so is the US now free?



As expected, earlier this month the US Congress passed the USA Freedom Act, effectively restoring a slightly modified version of the Patriot Act; just under a different name.The main difference is that the Freedom Act imposes limits on the amount of telecoms metadata the NSA and other US intel agencies are allowed to collect. The act also now (or for the pedants - will do in 180 days of signature) restores the NSA’s powers for “roving wiretaps” and tracking “lone wolf terrorists”.

The USA FREEDOM ironically stands for "Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection and Online Monitoring Act." So, just what rights does this act fulfill? The American people’s right to end eavesdropping, dragnet-collection and online monitoring? Or does it re-fulfill the US Governments right for online monitoring? 

The EFF (Electronic Frontier Foundation – who fight for the rights and privacy in a digital world) pulled their support for the Freedom Act back in May saying the revised bill is too open to mis-interpretation (http://arstechnica.com/tech-policy/2015/05/op-ed-why-the-eff-is-pulling-its-support-for-the-usa-freedom-act/).

But don’t worry, the US government still has plenty of surveillance power (https://www.eff.org/deeplinks/2015/05/dont-worry-government-still-has-plenty-surveillance-power-if-section-215-sunsets). The Onion also reports on how the NSA now need to rely on mass surveillance programs that have not yet come to light, saying the agency still has a wide variety of covert hacking, wiretapping, and GPS-tracking programs at its disposal that have not yet been exposed by whistleblowers or investigative journalists: http://www.theonion.com/article/frustrated-nsa-now-forced-rely-mass-surveillance-p-50550.

In other words, if the NSA cannot collect data legally it will just have to use techniques we don’t know about. Just as it did before Snowden maybe?