Category Archives: Sec, crypto, forensics and priv

In the beginning Turing created the Machine

Alan Turing
Alan Turing, via alanturing.net

17 years ago I met for first time with the Alan Mathison Turing (1912-1954) figure. I was taking an AI course at the Faculty of Computer Science. Until that moment, I thought (as many people do) in Albert Einstein, Santiago Ramón y Cajal, Severo Ochoa, Marie Curie… as the privileged minds of the XX century. Then I discovered the top 1 of them: Alan Turing, the codebreaker who helped to Allies to win the II World War. Alan Turing, who helped to build the first computers as we know today. Alan Turing, who showed us the limits of computation. Father of the Artificial Intelligence.

Even all these great contributions to the human progress he was ostracized because his work for the Great Britain secret services and his sexual condition. The intolerance with the homosexuality in GB that time caused him great pains and it is said it pushed him to suicide (some investigators think he was murdered).

It’s clear Alan Turing changed our lives forever. I can’t imagine how the world would be if his life wasn’t so short.

The SS (Second Section) strikes back

As the great mass of Spanish blogosphere, I join to the “Fundamental Rights in the Internet Manifesto” against a new law project of our fascist govern that tries to block Internet web sites bypassing the courts.

  1. Copyright should not be placed above citizens’ fundamental rights to privacy, security, presumption of innocence, effective judicial protection and freedom of expression.
  2. Suspension of fundamental rights is and must remain an exclusive competence of judges. This blueprint, contrary to the provisions of Article 20.5 of the Spanish Constitution, places in the hands of the executive the power to keep Spanish citizens from accessing certain websites.
  3. The proposed laws would create legal uncertainty across Spanish IT companies, damaging one of the few areas of development and future of our economy, hindering the creation of startups, introducing barriers to competition and slowing down its international projection.
  4. The proposed laws threaten creativity and hinder cultural development. The Internet and new technologies have democratized the creation and publication of all types of content, which no longer depends on an old small industry but on multiple and different sources.
  5. Authors, like all workers, are entitled to live out of their creative ideas, business models and activities linked to their creations. Trying to hold an obsolete industry with legislative changes is neither fair nor realistic. If their business model was based on controlling copies of any creation and this is not possible any more on the Internet, they should look for a new business model.
  6. We believe that cultural industries need modern, effective, credible and affordable alternatives to survive. They also need to adapt to new social practices.
  7. The Internet should be free and not have any interference from groups that seek to perpetuate obsolete business models and stop the free flow of human knowledge.
  8. We ask the Government to guarantee net neutrality in Spain, as it will act as a framework in which a sustainable economy may develop.
  9. We propose a real reform of intellectual property rights in order to ensure a society of knowledge, promote the public domain and limit abuses from copyright organizations.
  10. In a democracy, laws and their amendments should only be adopted after a timely public debate and consultation with all involved parties. Legislative changes affecting fundamental rights can only be made in a Constitutional law.

We’ll need eatable DRAMs

The new was released one month ago, but the vulnerability will remain without solution the next months/years. A team of the University of Princeton developed an attack against all the crypto filesystems. The attack exploits a discovery about most DRAMs in the market: the information doesn’t dissapear inmediately after powering off the machine. It remains some seconds, and, if you cold the machine with a simple cold spray, you have until 10 minutes around to reboot the machine with a program and recover the crypto keys from the memory. So, if anybody has phisical access to the machine (it is the main target to use crypto fs’s), they will be able to decrypt the information with some software and cheap hardware.

The cold boot attack paper

Some reactions:

When impossible is not an answer

Recovering deleted files in the ext3fs is a very hard task. It happens because the journal overwrites the block pointers in the inodes with zeroes.

Carlo Wood knew it, but he didn’t surrender when he deleted accidentally his home directory. He studied how ext3fs works, then he wrote a tool, ext3grep, that helped him to recover sucessfully all the lost data. I had no time to analyze and test it but it seems it performs a jorunal-based attack.

Via LWN.net

Jessica Biel is dressed up in my bed

It’s the new of the month: a local  exploit (thanks Emilio J.) that affects both 2.4 and 2.6 Linux kernel series. It uses a serious bug in the vmsplice function of the file systems subsystem. It’s as easy as getting the code and runnning it to become the root.

But it only affects to the kernel if it supports this function. As I compile my own kernels, I tested the exploit and it didn’t work.

So, I’m happy to discover spenting hours and hours configuring and recompiling the kelmer is not only funny. It is useful too :-)

Hardcore censorship

It happened in the first days of December. Everybody who tried to connect to Blogger from Galician universities couldn’t do it. In the beginning we thought about some rare Google trouble. But the reality was very different: CESGA (Galician Supercomputation Center), who are in charge of opening to the Galician universities to the Internet, was blocking every web connection to Blogger. Why?

Since some years ago, in Spain we’re living with a sword over our heads because two laws about digital world rights: the LSSI aproved by right wing Partido Popular (PP), and “LSSI’s 2.0″ , LISI, aproved by left wing Partido Socialista Obrero Español (PSOE) last December, 20th. LSSI was the first step to control Internet operations in Spain. LISI reinforces this control and gives the chance to shutdown webs and another Internet services by administrative organizations even without court sentence.

Ok, what happened with Blogger? Some blogs hosted in Blogger encouraged to boycott Catalonian products because great part of Catalonians try to separate from Spain (in the same way I encourage to boycott Canadian products because they allow seal slaughters in this blog). So a court ordered a lien shutting down those blogs. As the blogs are hosted out of Spain, the next step was to block those webs. And, as CESGA could not block only that blogs, they decided to block all Blogger.

The wall was closed around a week. Those days were the wildest censorship case in the the history of the current democracy in Spain. And sadly, it is only the beginning.

Few webs and press published about the incident:

  • Hazteoir.org(Spanish):“El centro de Supercomputación de la Junta de Galicia cierra el acceso a los blogs de Blogger”
  • Libertad Digital (Spanish):“El centro de Supercomputación de la Xunta cierra el acceso a los blogs de Blogger”
  • Vieiros (Galician): “Os universitarios galegos quedan sen acceso a Blogger”

Intel vPro, the new trojanhorse?

I read this new about vPro [es] wonders. I did a fast overview on Intel’s whitepaper. Then, I thought automatically in Ross Anderson’s FAQ about Trusted Treacherous Computing.

Updated, August 30th : I’m not the lone paranoic. Via OS News.

From the report of Ars Technica:

“You won’t really see much mention of DRM in most vPro coverage, because Intel has (quite appropriately) spent a lot of time and effort over the past few years talking up the TXT + VT-x and VT-d combination as a robust enterprise security and remote management solution. And indeed it is. But as a potential technological enabler of more effective DRM, it’s also the ideal companion to Blu-ray and HD DVD, and a godsend to Big Content. Look for it across the rest of Intel’s desktop and portable line by the end of 2008 and prepare to kiss fair use goodbye.”

Trojanfonica?

Yesterday I received an odd phone call from Telefonica, my ADSL provider. They offer me a new free (as in free beer) service: if I have a breakdown in my computers, they kindly repair it. Awesome, isn’t it?

What’s the dark side of the history? Well, if I accept that service, a technician automatically come to my home. Then he installs in every machine a program so if I call needing their service, they can make basic test from remote.

Sadly I think there will be a lot of wretchs that will accept the service…

Nuclear liability

Yesterday I had a very interesting discussion having dinner about the future of energies. I was in a minority against nuclear energy as solution to the future. One of my reasons was (is) the human factor in the security of
nuclear power plants. Today a new in Securityfocus supports my drawbacks: a ‘data storm’ in the LAN of Browns Ferry power plant (Alabama, USA) caused failure in any PLC (Programmable Logic Control) that stopped re-circulation water pumps, so operators were forced to stop the reactor.

The first, private investigation concluded it was a bad response of cheap hardware failure, the NRC accepted this theory and decided not to investigate. But the Homeland Security Committee forced a more deep investigation to determinate if the data flood came from an external DoS attack.

Both possible causes are extremely serious and amazing. And it happened in the USA…

Les Misérables (hackers of Cuba)

Via Arcadi Espada’s blog(es), I heard about the story of five Cuban university students that used their School servers to create chat rooms, and sell stolen identities and passwords to access to the Internet. They were filmed in a meeting, then they were suspended four or five years.

This case shows again the censorship in Cuba. The authorities said they are thinking in hardening penalties up to 5 years of prison for illegal access to Internet. Times they must change in the island :-P

Solaris UFS architecture (and more)

I read in OS News that it has been released a chapter of the book Solaris™ Internals: Solaris 10 and OpenSolaris Kernel Architecture, by J. Mauro and R. MacDougall.

The chapter published by Informit.com explains history, architecture and use of the Solaris UFS, a filesystem derived from 4.2BSD Fast File System.

Updated, Nov.6th: Again OS News announces a new chapter about Solaris FS. The chapter belongs to the book Solaris™ Performance and Tools: DTrace and MDB Techniques for Solaris 10 and OpenSolaris by B. Gregg, J. Mauro and R. McDougall. This chapter is about I/O performance, cache, etc.

Trying to recover the smile

It’s no easy. In Galicia 4 persons died and around 100,000 Ha of forests burned, lots of animals too. Fortunately, fire didn’t arrived to the Fragas of Eume River, the most important Atlantic forest in Europe (and near my hometown, I kept an eye from the top of my house) . Politicians stinked a lot again. Promised “truth comitees” where truth is what they decide, not the real facts of our tragedy. A jest to population :-(.

But the life must go on. Let’s smile. I discovered via Allan Beaufour’s blog the facts of the great cryptography and security expert Bruce Schneier. Enjoy! :-)