Security Review: UW Parking Enforcement

By ezwelty at 3:32 pm on March 13, 2009Comments Off on Security Review: UW Parking Enforcement

The parking at the University of Washington has always been a deadly game of cat and mouse between driver and parking enforcement. There are limited parking resources on campus, and parking enforcement wants to make sure that they are maximizing their revenue for the spaces they have available. On the flip side, poor students/faculty are trying to get away with parking their cars/motorcycles free of charge.

There are a few assets that parking enforcement wants to protect. One is their revenue stream — making sure that they are receiving money for the parking that is available. Another is the availability of spaces, so that legitimate paying customers won’t be turned away at the door if the lots are oversold. In both cases, the adversary is the driver trying to cheat the system (aka, me).

One weakness of the system stems from having way more parking spots than there are parking enforcement officials. While this can work in an cheater’s favor in general, the longer one spends in the same spot, the more likely they are to be eventually ticketed. This might assume someone illegally parked would stay shorter — but then they have the added overhead of having to move their car frequently. One way that they can combat this is to deploy resources first towards the most high-traffic lots, and then check less frequently at satellite lots.

Another weakness of the system involves procedures for contesting tickets through the parking department. Any ticket can be contested through the office, and last checked, they had an average turnaround of 3-6 months, no doubt due to bureaucratic inefficiencies. If an adversary were to contest a ticket, they wouldn’t have to pay it for months, and would be likely to get it fined. One could also try sending in a longer letter to the department as to why they deserve to not get the ticket, in order to push it to the back of the queue for processing.

In the future, there might be an emphasis on more high-tech solutions (such as cameras) to quickly monitor parking lots and possibly detect cheaters. For the time being, however, there are some vulnerabilities in the parking system that allow attackers to get away with free campus parking undetected.

Filed under: Ethics,Integrity,Miscellaneous,Security ReviewsComments Off on Security Review: UW Parking Enforcement

Security Review – Google Voice

By Tim Crossley at 10:19 am on | 1 Comment

Product Page: http://www.google.com/voice/about

Recently, Google has rolled out another product designed to change the way people use existing technologies. This time, it’s called Google Voice, a replacement/advancement of an existing technology called GrandCentral. Google Voice aims to centralize phone calls and SMS text messages between many different phones, allowing routing of incoming calls to different lines, advanced voicemail boxes, and numerous other features.
Like many Google products, Voice suffers from a fundamental security problem in that personal user data is stored completely outside the user’s realm of control. Call logs, voicemail, contacts: everything is stored on Google’s servers. Google Mail suffers from the same problem: that the end user must place trust in a corporation whose internal procedures are mostly kept secret.
(Read on …)

Filed under: Security Reviews1 Comment »

Security Review – BitTorrent

By jonfung at 3:24 am on Comments Off on Security Review – BitTorrent

Summary
BitTorrent is a peer-to-peer communications protocol that has risen in popularity very rapidly.  It is a file-distribution protocol that facilitates transferring large files between peers.  In order to download a certain set of files, a user would typically find a .torrent file which would connect them to a tracker.  This tracker would provide a list of peers that the client can connect to.  BitTorrent’s wild success is due largely to the low cost to the initial content distributors and it’s redundancy.  Peers with complete copies of the files listed in the torrent are known as seeds.  As other peers download from seeds, they acquire parts of the torrent which they inturn upload themselves.  This usually results in increasing numbers of seeds and makes it far easier for other peers to successfully connect and begin downloading.

Given the incredibly low cost for any person to begin distributing content and the low cost of entry for other peers to join in, BitTorrent has become a dominant method of transferring files between computers.  While there are many legitmate uses, BitTorrent has become a very popular and easy way to acquire copyrighted materials.  Previous to BitTorrent, the methods to acquire copyrighted materials were more obscure and less mainstream.

Assets and Goals

  • Content distribution network: BitTorrent provides a content distribution model that is very valuable to it’s user.  It provides a convenient way to transfer files for commercial and personal purposes.  Companies use BitTorrent for content delivery to customers.  Examples include 20th Century Fox, Comedy Central, and Blizzard Entertainment which bases it’s updating software for World of Warcraft.
  • Accurate file transfers: BitTorrent wants to ensure that files received are authentic, accurate, and have not be forged.
  • Privacy: Users may not want others observing the files that they are sharing, or that the fact that they even are sharing files.
  • Optimal Network Usage: BitTorrent wants to maximize the effectiveness of client connections and maximize peer upload rates.  By doing so, it allows other peers to download quicker and begin uploading themselves.

(Read on …)

Filed under: Security ReviewsComments Off on Security Review – BitTorrent

Security Review: Electronic Voting

By nhunt at 7:36 pm on March 12, 2009Comments Off on Security Review: Electronic Voting

Summary

The rise of electronic voting machines in recent years has led to some heated debates as to how secure these machines actually are. Voting is a fundamental right of a democratic society, so ensuring that each citizen’s vote is properly counted and the impunity of the election is upheld is of the utmost importance. In an era where everything is becoming digitalized, voting is just the next step. Electronic voting machines offer some benefits, but they are also susceptible to error and fraud.

(Read on …)

Filed under: Security ReviewsComments Off on Security Review: Electronic Voting

Security Review – Mobile Banking in the Developing World

By cxlt at 1:00 am on Comments Off on Security Review – Mobile Banking in the Developing World

mobile banking

One of the interesting topics brought up by Microsoft Research India during their Change talk last week was that of mobile banking in the developing world. Managing and distributing money can be a tricky proposition in the developing world – often, people end up entrusting their money to drivers to transfer around the city or country.

Mobile banking through cell phones has proven to be an extremely cost-effective way to avoid these kinds of headaches. Through both downloadable software and text message interfaces, it is possible to efficiently transfer and manage money without the existence of local branches to handle the transaction, with minimal fees and far less obvious physical risk. However, this method has resulted in its own set of idiosyncrasies that would not likely exist with similar systems elsewhere.

Afraid of doing something wrong, many people in these developing areas are reluctant to actually carry out their own banking. Thus, a whole class of middlemen have arisen specifically for mobile banking. People will bring their mobile phones into these middlemen’s stores and tell the store owners what they want done, and the middlemen will then go do it for them. This interesting use case leads to quite a few security implications.

Assets and Security Goals

  • Customers’ money is of course important. The reasons should be fairly obvious – we of course want to protect it from being stolen.
  • Customers’ financial records are also important – financial histories are private, with some exceptions, and they should stay that way. Knowing how much money someone has may put them at risk for a real-life robbery, for instance, or knowing their stock portfolio could cause other problems.

Adversaries and Threats

  • Malicious third parties who would like to steal the customers’ money, perhaps by listening to the airwaves, or physically stealing the phone. A lot can be done with just a few seconds with a phone given a text messaging interface.
  • The middlemen have an extraordinary amount of power given what they have been entrusted with by the end-users. And, since their clients won’t have it any other way, banks have been forced to actually work with these middlemen, including them in the system. A store owner could easily pull off an “Office Space” type scheme, stealing miniscule amounts of money from each customer.

Potential Weaknesses

  • Snooping on peoples’ wireless connections is difficult since the network provides some level of intrinsic security. We’re not experts on this subject, so it’s difficult for us to assess how feasible this approach is in reality.
  • Replay attacks are possible, especially if any actions are carried out via text message, and a malicious user manages to take over the phone physically, or duplicate/forge the SIM card.
  • Physical access is an imminent problem given the prevalence of these middlemen in transactions. Somehow, even with physical access by users other than the clients there needs to be security and accountability.

Potential Defenses

  • For snooping, simply use any of the well-established encryption protocols we discussed this quarter.
  • Replay attacks can be guarded against by confirming each action with a code that can only be used once.
  • The physical access problem is the most difficult problem to address – and the most interesting. Since third parties are allowed access to the system by the clients, it is difficult to enforce anything in the system if the third party is malicious. One way to defend against third party mischief would be to not carry any actions out immediately, but instead to queue them and then confirm them via text message with the client an indeterminate amount of time in the future, on the order of several hours. This way, hopefully clients will be forced to examine and acknowledge all actions away from the influence of the store owners. Malicious middlemen could counter this by requesting to keep the phone until the transaction is complete, but hopefully clients would grow suspicious of this request before long.

Mobile banking is something that hasn’t quite caught on here like it has in other places of the world. Not only is it useful for banking when branches aren’t nearby, the service has in some places, like Japan, evolved to include payments via cell phone rather than credit card, and other technology-enabled services which have security implications. Ultimately, a lot of these problems are already being worked on in the context of their low-tech equivalents (eg transmitting credit card information, etc), but as we can see with the rural banking case study, there can be a lot of unexpected usages which result in unexpected potential problems.

These unexpected issues are likely where we will see the most interesting security issues in the future.

Clint Tseng and Erik Turnquist

Filed under: Physical Security,Policy,Privacy,Security ReviewsComments Off on Security Review – Mobile Banking in the Developing World

Security Review: CV2 codes

By zacf at 11:05 am on March 11, 2009Comments Off on Security Review: CV2 codes

A CV2 code is a three-digit number that is known to the issuing bank and printed on a credit to verify physical possession of the card. Online merchants often require customers to enter the CV2 code along with the rest of their credit card information when making a purchase.

Online merchants can verify that an entered CV2 code is correct for a particular credit card, but they will not be given the code if they don’t have it.

Assets: Money- Issuing banks want to avoid making payments to fraudulent merchants because they will typically not be able to recover those funds from the cardholder. This is because a rise in credit card fraud has led issuers to offer contracts in which the cardholder is not liable for unauthorized charges.

Merchandise- Merchants want to avoid shipping merchandise to customers committing fraud because they will most likely not be paid for it. Just as issuing banks have granted their cardholders a release from unauthorized charges, they have also used their negotiating power to obtain favorable terms from merchants, who must in most cases assume responsibility for fraudulent charges.

Threats: Fraudulent buyers- People who are trying to use a victim’s credit card to buy things for their own use or sale.

Credit card brokers- People who trade in stolen credit card numbers.

Weaknesses: Brevity- A CV2 code is only three digits. That makes it very easy to record or simply memorize any time a person sees the card. That reduces the security from verifying possession to verifying having seen the card. It also potentially exposes the code to a distributed brute-force attack. While an issuing bank would surely notice several queries on the same account, if they were spread out over time and came from different merchant accounts, they might not be detected.

Permanence- A CV2 code does not change as long as the card is in use. That means that once a customer provides a CV2 code to an online merchant or hands the card to a merchant in person, that merchant knows that customer’s CV2 code.

Defenses: One-time codes- Just like issuers offer one-time card numbers, one-time CV2 codes could be used to defend against exploits of the permanence weakness.

Merchant-specific codes- A CV2 code could be a function of the credit card account and the merchant account. That would prevent a malicious merchant from obtaining its customers’ codes and using them with other merchants.

Evaluation of risks: CV2 codes do not offer additional security beyond what the card already has. They are printed on the card, and they are often transferred along with the card number and expiration date, so in effect, all they do is make the card number three digits longer.

Conclusion: While CV2 codes don’t do much to help, they don’t hurt either, so a user shouldn’t rely on them, but also should worry about them.

Filed under: Security ReviewsComments Off on Security Review: CV2 codes

Security Review: Virtual Reality Helmet

By seraphim at 8:17 pm on March 9, 2009Comments Off on Security Review: Virtual Reality Helmet

As technology advances to the point of interacting with and in some cases replacing our bodies’ biological functions, security on these technologies must also advance to ensure the safety of users. The virtual reality helmet being designed by researchers at York and Warwick Universities (found here and here) aims to bring these capabilities into a helmet unit for recreational and training purposes. It will mimic sight, sound, smell, taste, and touch on the face, as well as temperature and humidity, to create the feeling that one is in a faraway locale. That said, the researchers will obviously need to make sure all of these channels are secure to ensure safety when using the helmet.
(Read on …)

Filed under: Security ReviewsComments Off on Security Review: Virtual Reality Helmet

Security Review: In-Eye Video Camera

By jimmy at 1:15 pm on Comments Off on Security Review: In-Eye Video Camera

Rob Spence, a Canadian Filmmaker, is currently developing a prototype to equip his prosthetic eye with a built-in, wireless video camera.  The digital system, while not able to transmit information to his brain, will be able to route the signal through a series of increasingly large transmitters to a remote machine, which could potentially stream that data live on the internet.  As Spence explains, “If you lose your eye and have a hole in your head, then why not stick a camera in there?”
Spence hopes to be able to integrate this recorder seamlessly into his existing prosthetic eye, such that a casual observer would not be able to notice its presence (for a stunning picture of how realistic his current eye looks, and how small his current camera is, see the article linked at the bottom of this post).  He plans to have an on/off switch, so the recording feature can be stopped for private events, theater screenings, or bathroom trips.  Spence and his team are currently working to shrink all of the necessary components such that they are small enough and lightweight enough to fit within the space of an eye-socket, without weighing enough to cause disfigurement.

(Read on …)

Filed under: Ethics,Physical Security,Privacy,Security ReviewsComments Off on Security Review: In-Eye Video Camera

Dementia patients may benefit from new technology – or will they?

By qwerty at 12:48 pm on March 6, 2009Comments Off on Dementia patients may benefit from new technology – or will they?

New technology arising from the UK is focusing on helping the elderly through technology.  In particular, they are creating devices which can help dementia patients be able to live on their own for longer.  Typically, when people start suffering from dementia, or experiencing memory loss, it is vital that someone be appointed to watch over them to be sure they don’t unknowingly do something harmful or forget to do something vital.  This could involve a family member living with them and watching after them 24/7, or moving to an inpatient center or nursing home, under the supervision of a nurse.  Engineers at Bath University beleive that computers can solve this problem, and help the family member or nurse, allowing the individual to stay at home longer.

The new technology involves a system integrated into the user’s home which has functions such as monitoring actions, speaking to you, turning off appliances, contacting help when needed, and even emailing a status to family members or caretakers.  The system can remind you to turn off appilances or shut off the water if you forgot to, and can even turn them off itself if the user fails to comply.  If the user unexpectedly gets up in the middle of the night, the system will turn the light on for you, and, if you are gone for long enough, will start talking to you and letting you know that “it seems a little late – don’t you think you should be getting back to bed?”

(Read on …)

Filed under: Miscellaneous,Security ReviewsComments Off on Dementia patients may benefit from new technology – or will they?

Security Review: Portable Computing

By dravir at 1:56 pm on March 5, 2009 | 4 Comments

Portable computing continues to increase in diversity and use.  While a few years ago the number of average people that carried a laptop around with them were relatively few, increases in the capabilities of cell phones as well as the rise of the netbooks are resulting in a society where any given person walking around on the street is likely to be carrying a portable computing device on them with the capability to store sensitive documents and browse the web.  This means that it’s more and more likely that the average person has with them a device that is designed to make it convenient for them to access their bank accounts and sensitive personal documents.

  (Read on …)

Filed under: Security Reviews4 Comments »
« Previous PageNext Page »