UW Computer Security Research and Course Blog

Summary:

It is now very common to do business with companies that will by default (or even as a requirement to patronize) permanently store credit card and associated personal information in a database to help speed up future transactions or insure them against liability. While this action can sometimes be a convenience to consumers it is worth exploring how it is a general security risk.

Assets:

• The confidentiality of credit card and personal information within the database. Only authorized individuals should be able to access it and it should be stored in a secure manner on disk.
• The availability of the credit card number if it is is needed or depended on by a patron (say for something like Amazon’s One Click service)

Adversaries:

• Employees of a company who may use your personal information for their own gains. At a video store, they may do something like shift their own late fees onto your credit card.
• Outsiders who would try to retrieve your credit card or personal information. This might include people who would physically steal machines or people who would use social engineering techniques to retrieve your credit card from an unsuspecting employee.

Weaknesses:

• The employee who is the gatekeeper of the personal information is most likely not trained with security in mind and might therefore be likely to give up your personal information without proper verification.
• The information will most likely be viewable by more than just the person who has to access it.

Defenses:

• The ultimate defense to protect ones self would be to stay “off the grid” so that there wouldn’t be any concerns of private data getting in the wrong hands. Doing this, however, is becoming increasingly difficult and impractical for most people.
• Being vigilant about credit card information. This involves auditing ones credit card bill each month to make sure that no unauthorized charges were made.
• Being mindful of anything that may suggest someone is trying to use your personal information or impersonate you. It’s possible that what looks something like a phishing attack (mail from the bank) is actually an indication that someone has acquired personal information and is trying to use it.

Risk Analysis:

There is a very real risk that personal information will be compromised when stored in company’s databases. Perhaps the most interesting threats are those waged by adversaries who pursue a social engineering route. There is an interesting incident recounted in Kevin Mitnick’s book “The Art of Deception” (google “art deception filetype:pdf” p. 47) where a son is able to get his father’s credit card number from a videostore in a matter of minutes without leveraging his relationship or anything personal about his father.

Conclusion:

The only practical approach consumers can take to limiting the risks that go with having credit card information in company databases (other than opting out altogether) is to be vigilant in recognizing when information might have been compromised. As consumers we have a broad range of choices to make when patronizing businesses, and ultimately the most important thing to do is to recognize one’s own habits and assess the threats accordingly.

As our professor has continually emphasized throughout the quarter, one of the primary aims of our course has been to go beyond technical details of current computer security in order to learn the security mindset. This new way of thinking enables us to analyze security issues in the future regardless of particular directions that technology may take. It also enables us to examine the security of less technical entities like physical locks, parking meters, etc. As I was considering some of these less technical systems, I began to realize the pervasive implications of applying the security mindset to broader aspects of life and so began my examination of the human heart.

Recently, Governor Eliot Spitzer of New York was revealed to have been involved with a prostitution ring despite his façade of crusading against white collar crime. As a result, his reputation was tarnished, his career ended and his family has been deeply hurt. Although this is just another note in the continual drumbeat of tragedies we hear about in the news, the frequency of these incidents, clearly demonstrate that each of us is vulnerable to fall in similar ways. How can we defend our lives (and hearts) against being deceived into compromising our integrity and falling into these common pitfalls?

A second observation motivating this study comes from the fact that insiders are often the adversaries who cause the most damage and harm because they are trusted and by nature must have access to the assets we desire to protect. Human beings are often the weakest component of any security system. This review of the human heart will hopefully provide insight into ways to protect the integrity of trusted insiders as well as our own hearts in relation to the people who trust us.

Finally, defending the human heart has significant ramifications in every aspect of physical/computer security. Much of the violence that takes place on campuses (e.g. shootings, assault, etc.) have at their root a compromised heart (e.g. someone who has been continually hurt and lashes out in despair to cause pain to others after he/she has received so much). Many of the adversaries in computer security scenarios are motivated by financial gain, prestige, and other related incentives, which are deceptive and violate the worth and personhood of the people they attack. If people’s hearts were able to be defended, many of the human adversaries that we encounter in typical security reviews might in fact become allies; the ideas in this post are tools that can provide another layer of defense in depth.

(Read on …)

From The Guardian, and on Slashdot.

Police in the United Kingdom may soon be be able to collect DNA samples from children if they exhibit behaviors that suggest they may commit crimes later in life, at least if Scotland Yard forensics director Gary Pugh has his way.

Pugh cites the importance of identifying future offenders, saying that “the number of unsolved crimes says we are not sampling enough of the right people.” Advocates of such programs, including the Institute for Public Policy Research, claim that most career criminals begin their lives of crime as early as 10 to 13 years old, and suggest that children from 5 to 12 years old should be profiled and sampled if they exhibit certain “risk factors.”

Even these advocates acknowledge that such treatment could have a “stigmatising” effect, but they do not seem to have any problem with gross violations of privacy in the name of improving public safety.  One concern that is not directly addressed in the article is the possibility that the negative attention such sampling and registration involves might even place more obstacles to a child’s chances of leading a normal life, perhaps even increasing the likelihood that they would turn to crime; a self-fulfilling prophecy, in other words.

Of course, an even greater issue that is sidestepped by the focus on children is the question of whether preemptive DNA sampling of any individual, adult or child, should be tolerated in any free society. Whether such programs are effective in reducing crime is not the only issue - the cost to individual liberty must also be considered. In my opinion, at least, personal freedom must always outweigh public safety, but I’m interested in hearing other ideas.

Summary:

As humans we are cursed by the need for a number of basic necessities. Among these include nutritious food, clean air, and of course water. In this brief post I will focus on the later of these.

While the importance of securing our computing systems and infrastructures cannot be stressed enough, the importance of ensuring that everyone has access to clean water far surpasses any other consideration simply because it is essential for our health and well-being. It would indeed be tragic to lose a life savings due to identify theft, but such loss pales in comparison to the health risks involved with contaminated or otherwise unsanitary water. Financial loss can be recovered, while the same cannot be said about the loss of life, life years, or the degraded quality of life in the years that one does have. Unfortunately, while some risks to our water supply seem far fetched and highly unlikely, others are very real and seemingly unavoidable. (Read on …)

Summary

Car GPS navigation systems are handy tool for finding one’s way on the road. With features like local points of interest, address book and SD card backup it would not be surprising if becomes a common everyday item soon. Here is a review for a GPS navigation system similar to the Magellan Maestro 4200:

(Read on …)

I’ve seen a few people on this blog cover various aspects of cellphone security, including the new iphone 3rd party support and GPS tracking, however I haven’t seen anything covering the most basic of cellphone features, voice communication. It seems to me there are just as many, if not more, security implications that arise by the simple act of eavesdropping or account spoofing as there are in the more modern functions of cell phones. (Read on …)

Being a frequent visitor to Japan and thus knowing its people and culture fairly well, I thought it’d be appropriate for me to conduct a review on the new ‘taspo’ RFID cards which Yoshi also mentioned a while back.  The ‘taspo’ cards are being introduced in Japan in an attempt to reduce underage smoking.  They are to be used with cigarette vending machines. 

(Read on …)

Summary:
In order to shop at Costco, one must have a membership and proof of that membership. When an individual purchases a membership at Costco, they and their spouse may use the membership at any Costco. Otherwise, no one else is allowed to use that me mbership. If you have ever been to Costco, you know that they check for membership cards at the door and when making purchases at the register. They do not, however, check the name on the membership against another ID to verify you are the person on the card. At the front door, they glance to make sure you have a card, so they do not ever examine the fine details at this stage.

(Read on …)

Summary

FairPlay is an encryption scheme (DRM) developed by Apple to  prevent users from further distributing playable content to other users. It  has been cracked numerous times in different ways to create unrestricted/unencrypted versions of the content. The technology has since  been renamed “Hymn”. (Read on …)

No need to go to great lengths to try to spoof finger print scanners on USB sticks. You can just tell the device that the data is public. Researches discovered this vulnerability in models from 9pay and A-Data fingerprint USB data sticks. The vulnerability lies in a fundamental design flaw: the signal to access the data comes from the PC, and is not computed on board the chip. This means all one has to do is send the correct signal and the stick happily discloses the data. This can be done with a very simple command from an opensource utility. The manufacturers commented admitting they were aware of the vulnerability, but that it was difficult enough that most people wouldn’t figure it out. A fine example of attempted security through obscurity.

(Read on …)