How we lost the trusted comping base & how to

regain it• bert.hubert@netherlabs.nl

• bert.hubert@netscout.com

• https://tinyurl.com/thalia2012

WhoamiLaunched in 1997, now powers around 30-40% of all domain names. Open source.Cyber- & national security Research & Development (2003-2006)Founded Fox Replay Analyst joint venture, an intercepted internet analysis solutionCybersecurity Solution Architect, new owners of Replay. Nothing to do with PowerDNS.

Agenda•The end of the Trusted Computing

Base

•History of (secure) systems

•How did it come to be this way?

•How bad is it?

•What can we do about it

•‘brave’ solutions, weak solution

The Trusted Computing Base

• “The trusted computing base of a computer system is the set of all hardware, firmware, and/or software components that are critical to its security, in the sense that bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system.” - Wikipedia

• “A small amount of software and hardware that security depends on and that we distinguish from a much larger amount that can misbehave without affecting security.” - Authentication in Distributed Systems: Theory and Practice[2] Lampson et al

• As a concept, the TCB has been very theoretical for a long time now - it hides behind an untrusted user interface.

The “trusted crypto base”

• We have a base that consists of (discrete) mathematics, information theory, ‘bit-level encryption operations’ (avalanche criterium, diffusion etc)

• Built on top of that we have rock solid hashes, symmetric cyphers and asymmetric operations

• With the technology above, we can build systems that are as secure as we want them to be

• This is a wonder feeling: a solid base to stand on!

The “trusted crypto base”

• However! Even on top of this very good base, people keep messing it up all the time by the wrong application of the primitives

• Reusing keys, leaking knowledge, insufficient error checking etc

• In addition, we sort of lose our heavenly status when we involve random generators and actual hardware

• So solve all this we spend a lot of time discussing crypto architecture, and read (& write!) loads of books about it

• And the we can build things that stand up really well.

• Compare this to building solutions out of a stack of MySQL, Windows 2008 and Firefox.

Doing secure things on a PC (or mac, or iPhone, or

Android)• For most people: “Forget about it”

• Or at least, ignore it..

• Would you sign a real contract online?

• The numbers are stunning - >5% of corporate desktops (which are the most locked down pcs available) are compromised

• Not even on purpose, “drive by hacks”

• We still do it because there is no alternative

So how bad is it?• People do realize there is an issue, nobody wants to

install applications anymore! Browser is preferred platform

• Including for “your mom”

• But if you do - any program you install can do nearly ‘everything’, including uploading all your private files to pastebin

• But wait! I need to give permission for network access!

• Yes, but you will ;-)

• By now, browser is an OS in its own right..

So how bad is it: things no one wants

to do• A phone that could control your pacemaker, and that reports issues to a specialist

• This exists, but requires separate hardware to provide security

• Literally nobody has dared to make an automated & integrated glucose meter & insulin pump (lack of trust)

• Organizations that deal with ‘life or death’ secrets spawn loads of airgap separated networks, because nobody dares to trust that we can connect them safely

• And thus put their data on USB sticks..

* Advertisement *• Are you looking for a job?

• Internship? Graduate with us?

• Work with exciting people!

• Are you good with any or more of: C++, Python, Javascript, (JQuery, Javascript MVC for example), Java, Cryptology?

• Please contact me! bert.hubert@netherlabs.nl

• (we recommend you finish your studies first!)

So, some theory• Limited definition of keeping things secure:

assuring that the operator of the computer is the only one that controls what the machine does. Attacker gets no screwdrivers, no physical access

• The broader definition of security is completely out of reach of a normal PC on the internet

•Tamperproof, emission controls, timing attacks..

Classic example: internet banking

• As a user, I want to control where my money goes

• Bank agrees with me and makes sure I use two-factor access control: something I know plus something I have

• For this to work:

• I must be the only one able to send instructions to the bank once logged in

• The screen should display exactly the orders I gave the website, so I can authorize them

Banking malware• Giant business, very sophisticated, whole eco-

system revolves around this

• “Crimeware”, botnets, money-mules etc

• Revolves around hijacking internet banking sessions

• Keyloggers, browser injection..

• In The Netherlands, currently being fought heavily through intensive network & transaction monitoring

• Firewall, virus scanner etc of (very) limited use in protecting

Banking malware in other countries

• In some countries, it is mandatory to run client-side software which “locks down” the browser to shield it from malware on the PC

• “Trusteer Rapport” for example

• In South Korea, mandatory ActiveX plugins serve the same function (mostly implemented for Windows and IE).

• I hear similar stories about China

• “Retrusting the Trusted Computing Base”

• Also used for some online games!

Banking security: an ongoing fight

• This is an ongoing, and ultimately, unsatisfying battle

• “Arms race”

• In the UK, it is well accepted that credit cards stop working after a few days abroad

• “the scammers have won”

• Banks are, slowly, working on transferring the risk of crime to the consumer

• Pin & Chip in the UK

• Banks indicate that “the desktop is lost”

• Publicly they say that “SSL protects us”

• Sucks!

Some history• We used to have a solid “trusted computing

base” on which to build

• The transistors were fixed

• The CPU built from those transistors was fixed

• The operating system was (relatively) fixed

• There was a system library, on which we ran our programs

• These programs delivered messages (‘content’) and not code

HWHWCPUCPU

TransistorTransistor

BIOSBIOS

C LibraryC Library

OSOS

ApplicationApplication

ContentContent Javascript, macros ;-(

Plugins

“DLL Hell”

Modules, drivers

Flash it! Plus add SMM!

Update the microcode & firmware!

Reprogram the FPGA

Protective measures

• First all these ‘extensions’ or ‘upgrade possibilities’ were added

• Hard to say no. However, sometimes you wonder..

• Later on, more and mode checking & warning was implemented because things got out of and (‘Are you sure you want to..’)

• A large fraction of the ‘weekly patch cycle’ is about insufficient checking

• Goes for all operating systems

“The virtual stack of vulnerabilities”• In the mind’s eye, a vulnerability comes into

existence when it is reported (often with the patch ready)

• This is not the case

• All these vulnerabilities were around for ages and ages already!

• So the correct mental picture is: there are hundreds or thousands of vulnerabilities that STILL NEED patching!

• A patch takes some away, new software adds new problems..

But did we even START clean?

• We’ve been assuming that the computer ‘out of the box’ was safe

• It might not be for two reasons:

• There have been many cases of computers shipping ‘pre-infected’ because the guys that filled the computer with crapware had a virus already (even phones have shipped with Windows viruses on them!)

• Not everybody writing drivers, modules, plugins, firmwares and microcodes might be your friend..

Don’t firewalls and virus scanners help?• Firewalls are essentially useless unless they are

configured to be painful

• Most pass port 80 and port 443 unmolested. This does not hinder any malware significantly.

• Blocking port 80 is not an option

• Smart firewalls can do http-level filtering though

• Virus scanners run a losing battle since attackers can hone their stuff until it is perfect

• Did not stop banking malware

:-(it sucks at EVERY level!

Some examples of what can happen

• The un-wipeable disk. When discarding disks, these are often wiped using bit patterns specifically engineered to remove all magnetic traces of the original data

• Note that these patterns are mostly for very obsolete disks..

• Let’s say we modify the firmware of a disk to recognize such linear wiping, and report that the sectors are wiped - but not actually do it!

• Discarded disk gets new firmware upgrade and all data is back!

• Including passwords..

Some examples of what can happen

• The “Window on your RAM”. Ethernet adaptors on the PCI bus have full view of your memory, and are (by definition!) connected to the network.

• There is even a helpful standard for sharing RAM over IP: RDMA

• A firmware upgrade for the ethernet card could add RDMA support

• Remote parties sending the right packets can read & write all your RAM

• Thanks!

• Oh, and did you know most wifi cards run a whole operating system? RDMA over air!

Infect the very mother board

• Mother boards come with a very unhelpful featured called System Management Mode

• This allows the mother board to take over the CPU, and have it execute code in its behalf

• For example to manage fans and temperature

• SMM has full and complete control over all aspects of the computer, and can be triggered at any time

• Nice trick, update the SMM to ‘reinfect’ a cleaned PC!

• SMM is “invisible” to virus scanners

Kill the crypto• Cryptography always relies on strong random to

generate secure (session) keys

• "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin." - John von Neumann

• A computer always needs hardware assistance to generate random (would not be a computer otherwise)

• Modern Intel CPUs offer the RdRand opcode to deliver ‘true hardware random’ at high speeds

• Upgrade the microcode to turn RdRand into a predictable stream -> break into SSL/RSA because of known (ECDH session) keys!

Bend the router• Find a customer with a known router/modem -

easy to do, pick a large ISP

• Send email with a piece of javascript that makes the browser log in to the router @192.168.1.1

• The password might be default, might be cached!

• Change the DNS settings of the router to malicious servers

• Reroute select traffic for fun and profit!

The trusted computing base.. can’t be trusted

Violence may be required to root out all possible vectors of infection!

So how did this happen?

• Hardware basically sucks and is incredibly inflexible (changes take months!)

• Updating ROM requires physical action and possibly a soldering iron

• Operating systems and applications are also hard things to change

• So, everywhere where this is possible, helpful developers have added ways to update the hardware behavior or modules to the application

• The end result is that we have thousands of fundamental holes in our security!

• Physical ROM is not even easily available anymore..

What happened to the TCB?

• The concept of TCB is alive and well. But we did not respect it, and allowed the _data_ that passes through our TCB to redefine our access to it

• So, the PC might be trustable, but we’ve allowed webpages to take over the operator’s access TO that TCB

• And is now talking to scripts from Nigeria, which transfer our money that way too

• “What good is a TCB if you can’t see it”

What is the result?• Security professionals I know feel really scared

about doing internet banking

• Often have a separate machine for that purpose

• Banks I speak to have ‘given up on the desktop’

• This very rich array of holes enable ‘spear phishing’ and many other attacks

• We now need IDS, IPS, Virus Scanners, Network Access Control, SIEM, Lockdown desktops, Sandboxes and constant monitoring to spot security problems!

What is the result?

•There are now things that we fear to do with computers (online banking), but we have to

•There are things we are not considering doing electronically right now, like medical files or voting

Some solutions• We could make our hardware and software ‘read

only’ again.

• Perhaps using cryptography - history is not promising though

• However, software is already considered ‘inflexible’. Turning off Javascript in email, disallowing plugins, stopping programs from installing is not overly acceptable.

• We should still try though. Rop Gonggrijp reminded us of this at GOVCERT 2011 “don’t give up, write secure code”.

Reintroduce trusted hardware

• On a scale from least trusted to most trusted:

• Windows PC, Linux PC, Mac PC

• iPhone / Android

• Kindle

• Chromebook

• Old school “stupid” phones

• We could envision a limited purpose trusted platform

Trusted platform• Might look like a Kindle, with built-in GSM &

Wifi for connectivity

• Heavily restricted hardware platform, non-PC based. All hardware firmware upgrade possibilities are disabled.

• “Every time you turn it on, it is new”

• Unattractive target to hack that way

• Limited internet browser, no Javascript

• Do authentication via built-in smartcard

Shared trusted platform

•This platform might be expanded to support multiple applications

•Your bank, taxes, medical files

• Find signed way of loading different applications

•Would need very strict control to prevent ‘slide back into generic insecure PC’ territory!

• “beat people up”

Further thoughts• Banks already verify big transactions

manually. Issuing ‘high value’ customers with such a dedicated device might save them money from day 0

• And not just add security

• iPad and various tables IN THEORY come quite close to this ideal, and have a lot of the cool hardware that makes it possible

• However, the incentives are all wrong, as is the track record of the devices

Other solutions• Attackers overcome any security barrier

eventually

• They have unlimited attempts to try it.

• Also, there are thousands of ways to do so, and this is because of the ‘flexibility push’ described earlier

• One solution: add barriers they can’t see and can’t try to work around

• Like the current banking anomaly monitoring

Summarizing• Generic PC+OS security is riddled with loopholes in

the name of flexibility

• All lower layers can be taken over

• To the point that is has become a joke to regard a PC (or a Mac) as a trusted platform

• Makes banking scary..

• Solutions are:

• ‘man up’ and fix our computers,

• move to dedicated devices, or

• very heavy monitoring

More information•Cybersecurity:

bert.hubert@netscout.com

•DNSSEC: bert.hubert@netherlabs.nl

•+31-6-22440095

• https://tinyurl.com/thalia2012