Category Archives: Security

Insecure self-updates via plain HTTP

Yesterday I discovered by chance (since I was running the program whose name I will not disclose yet on my Mac where I’m using Little Snitch to control outgoing connections) that a program created by one of the few software giants does not use SSL to ensure the integrity of self-updates, but just uses plain HTTP so that attackers can modify downloads and thereby introduce malicious code.

Immediately I got in touch with the manufacturer of the application, and only 9 hours later they came back to me with the below response:

Right now <unnamed product> download server supports only HTTP and not HTTPS, so we don't have any immediate solution to offer. However we are keeping notes of this concern and we will address it.

Is this not simply unbelievable?!

Remember we’re not talking about someone who does this for a hobby, who may not have the money or time or even knowledge to implement SSL on their server. But we’re talking about one of the largest IT companies in the world… ūüôĀ

I will now wait for a while, and if they haven’t fixed the issue by then I will disclose it on my blog anyway to put pressure on them… But maybe they do it intentionally in order to aid the NSA?! :-/

iTunes app downloads are unsafe…

I recently bought Little Snitch because it was on sale, and just found something strange…

I launched iTunes to download an app that’s currently available for free (ok, so I am a cheapskate… ;-)), and when the actual download was about to start Little Snitch asked for confirmation to allow iTunes to connect to phobos.apple.com on port 80, meaning that the download is not protected by SSL…

IMHO this is a big security risk since it allows attackers to manipulate your download and replace the original app by another one (e. g. one that contains malicious code).

I can’t see any reason why Apple would intentionally not protect downloads by SSL — it just seems to be very bad, careless design… ūüôĀ

What do you think?

Nagios check for Avira AntiVirus definitions

I wrapped up a quick script to check whether my Avira AntiVirus definitions are current. Since it might be useful to other people I thought I’d just publish it here:

#!/bin/bash

YOUNGEST_FILE=$(ls -tr /usr/lib/AntiVir/guard/*.vdf|tail -1)

WARN=$1
CRIT=$2
WARN=$((${WARN:=3} * 86400))
CRIT=$((${CRIT:=7} * 86400))

function age() {
   local filename=$1
   local changed=`stat -c %Y "$filename"`
   local now=`date +%s`
   local elapsed

   let elapsed=now-changed
   echo $elapsed
}

FILEAGE=$(age "${YOUNGEST_FILE}")

if [ $FILEAGE -gt $CRIT ]; then
    echo "CRITICAL - Youngest file is $FILEAGE sec old"
    exit 2
elif [ $FILEAGE -gt $WARN ]; then
    echo "WARNING - Youngest file is $FILEAGE sec old"
    exit 1
else
    echo "OK - Youngest file is $FILEAGE sec old"
fi

The default (if you don’t supply any command-line parms) is to warn if the youngest of all virus definition files is older than 3 days, and a critical alert will be triggered if it is older than 7 days. If you supply only one parm it will change the number of days until a warning is triggered, and if you also supply the second parm it will also change the days for a critical alert.

I hope this is useful for someone!

Enabling Forward Secrecy in Apache

I tried to follow the instructions given in this article by Ivan Ristic, but somehow it seems not to be working, or the test at https://www.ssllabs.com/ssltest/ might be broken… ūüôĀ

Unfortunately I can’t seem to comment on Ivan’s article (I even registered just to reply), so I created this blog post, hoping that my trackback will work…

This is what I have in Apache:

SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH

According to the output of openssl ciphers this should enable the following cipher suites (filtered by only those that contain ECDHE):

ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA256
ECDHE-RSA-RC4-SHA       SSLv3 Kx=ECDH     Au=RSA  Enc=RC4(128)  Mac=SHA1
ECDHE-ECDSA-RC4-SHA     SSLv3 Kx=ECDH     Au=ECDSA Enc=RC4(128)  Mac=SHA1
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA384
ECDHE-RSA-AES256-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA1
ECDHE-ECDSA-AES256-SHA  SSLv3 Kx=ECDH     Au=ECDSA Enc=AES(256)  Mac=SHA1
ECDHE-RSA-DES-CBC3-SHA  SSLv3 Kx=ECDH     Au=RSA  Enc=3DES(168) Mac=SHA1
ECDHE-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH     Au=ECDSA Enc=3DES(168) Mac=SHA1
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA256
ECDHE-RSA-AES128-SHA    SSLv3 Kx=ECDH     Au=RSA  Enc=AES(128)  Mac=SHA1
ECDHE-ECDSA-AES128-SHA  SSLv3 Kx=ECDH     Au=ECDSA Enc=AES(128)  Mac=SHA1

As far as I can tell this should include the below cipher suites which supposedly enable forward secrecy:

    TLS_ECDHE_RSA_WITH_RC4_128_SHA
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
    TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

Unfortunately the above SSL test shows the following when running towards my Apache:

Forward Secrecy 	No

Does anyone know what that means? Is the test just broken, or am I misunderstanding anything?

PayPal-Sicherheitsschl√ľssel

Gestern wollte ich w√§hrend eines Bestellvorgangs mit PayPal bezahlen als ich feststellte, dass mein PayPay-Sicherheitsschl√ľssel nicht mehr funktionierte. Egal wie oft ich den Knopf zur Anzeige eines Sicherheitscodes dr√ľckte, das Display blieb ohne Funktion, das Ger√§t war wie “tot”.

Es handelt sich bei meinem Modell noch um den urspr√ľnglichen Schl√ľssel (und nicht den neuen im Kreditkartenformat), der eine gewisse √Ąhnlichkeit mit den ersten RSA SecurID-Tokens hat:

Das Teil war jetzt √ľber sechs Jahre alt, daher ging ich davon aus, dass schlicht und einfach die Batterie leer war. Da ich nicht riskieren wollte dass mein Bestellvorgang wegen Inaktivit√§t abgebrochen wurde, wollte ich den Schl√ľssel m√∂glichst schnell “reparieren”. Continue reading PayPal-Sicherheitsschl√ľssel

Data Privacy issue: Your Android phone might leak your IMEI…

Just played around with a new home router and noticed that my HTC Desire S Android phone sends the following hostname when requesting an IP address with DHCP in a wireless network:

Android_3567080XXXXXXXX

Why is this is a problem? Because the trailing part of that hostname is your IMEI, which is a unique number identifying your device. It’s normally only seen on radio-network level, so can normally be considered “private” (because your operator can’t disclose it to anyone).

The IMEI also contains a component called “TAC” (type allocation code) which identified the exact handset model you have.

So if you regularly visit Internet cafes or the like, these guys know how often and when you are there.

Please let me know whether you consider this a problem or not — I do think it is one.

Integrate “AVG Anti-Virus Free Edition” into Exim with ExiScan patch

If you would like to integrate “AVG Anti-Virus Free Edition” into Exim, using the ExiScan patch, this is actually quite easy.

Just insert the following fragment into your Exim config:

  # Reject virus infected messages.
  # Add message to implicit X-ACL-Warn: header
  warn  message         = This message contains malware ($malware_name)
        set acl_m0      = cmdline:\
                          /usr/bin/avgscan --arc %s; echo -e \N"\navg_retval $?"\N:\
                          avg_retval 5:\
                          \NVirus identified *(.*)$\N
        malware         = *
        log_message     = This message contains malware (avg:$malware_name)

Let me know if this works for you — I hacked this up quite quickly, but it seems to do its job…