Re: [math-fun] How to protect computer versus malware
This scheme is not a lot different from a lot of other signing schemes. The attacks are similar. For example, you program an interpreter (e.g., Java) which satisfies all of your security features, except that Java _doesn't_ check the code that it interprets. Game over. MITM. Who signs the code, and why should you trust them? (Untrusted turtles all the way down; more succinctly, turds all the way down, making for a big POS.) Then there are the "weird machines". https://en.wikipedia.org/wiki/Weird_machine It turns out that the paging apparatus of modern Intel processors is so complicated that it is Turing complete. You can execute an arbitrary Turing Machine _without ever (fully) executing a complete instruction_ !! http://www.cs.dartmouth.edu/~sws/pubs/bbss13.pdf "We show that powerful computation on x86 processors is possible without executing any CPU instructions. We demonstrate a Turing-complete execution environment driven solely by the IA32 architectures interrupt han- dling and memory translation tables, in which the pro- cessor is trapped in a series of page faults and double faults, without ever successfully dispatching any instruc- tions. The hard-wired logic of handling these faults is used to perform arithmetic and logic primitives, as well as memory reads and writes. This mechanism can also perform branches and loops if the memory is set up and mapped just right. We discuss the lessons of this execu- tion model for future trustworthy architectures." Return-oriented programming; fashion a machine language out of existing code subsequence "gadgets": https://en.wikipedia.org/wiki/Return-oriented_programming Jacob Torrey's HARES scheme for spoofing the page for reading while executing from another page entirely. The page that is seen by any program scanning memory is completely innocuous, while the pages actually being executed are malware. https://www.wired.com/2015/02/crypto-trick-makes-software-nearly-impossible-... https://www.syscan.org/index.php/download/get/8a49fa76c16592ef790bffad08d1a3... http://blog.jacobtorrey.com/hares-faq At 04:06 PM 4/13/2015, Warren D Smith wrote:
Here's an idea. Let's say some program is a stream of bytes. Every 64th byte is not an "instruction," it is a "security code." Specifically, the codes are such that the whole ball of wax -- program+security -- gets public-key-encoded to something nice, like it has a bunch of 0s. Your computer has built in hardware for public key crypto. It terminates execution if program fails to satisfy security demands.
Point is, it is not possible for anybody to produce malware with valid security codebytes, unless they already know your computer's secret key. E.g they either had your cooperation, or they already had access to your computer's code.
-- Warren D. Smith http://RangeVoting.org <-- add your endorsement (by clicking "endorse" as 1st step)
I’ve been thinking that we need to design some dramatically simpler computers. What happens if, instead of adding more warts to our existing architectures, we “waste” performance by avoiding essentially all of the complexity of caches, out-of-order execution, weird memory mapping. We instead build easily understood, trivial to implement old-school computers, of the kind built in the ‘60s and ‘70s. We optimize for clarity of implementation and simplicity of the execution model. Now, we have a design which could be carefully verified, in the same way that open source code can be verified. We can implement this in FPGAs, perhaps with probabilistic placement of gates to avoid some of the need for verifying the FPGA. We could implement in a 2 micron CMOS process from 1982 which can be analyzed with a light microscope, making it hard to hide things. It could be hardened with implementations that avoid power supply noise. Of course, this computer would really only be suitable for crypto-important code, and for booting a “real” computer, but it would provide a basis of trust unlike anything we have access to today.
On Apr 13, 2015, at 7:49 PM, Henry Baker <hbaker1@pipeline.com> wrote:
This scheme is not a lot different from a lot of other signing schemes.
The attacks are similar.
For example, you program an interpreter (e.g., Java) which satisfies all of your security features, except that Java _doesn't_ check the code that it interprets. Game over.
MITM. Who signs the code, and why should you trust them?
(Untrusted turtles all the way down; more succinctly, turds all the way down, making for a big POS.)
Then there are the "weird machines".
https://en.wikipedia.org/wiki/Weird_machine
It turns out that the paging apparatus of modern Intel processors is so complicated that it is Turing complete. You can execute an arbitrary Turing Machine _without ever (fully) executing a complete instruction_ !!
http://www.cs.dartmouth.edu/~sws/pubs/bbss13.pdf
"We show that powerful computation on x86 processors is possible without executing any CPU instructions. We demonstrate a Turing-complete execution environment driven solely by the IA32 architectures interrupt han- dling and memory translation tables, in which the pro- cessor is trapped in a series of page faults and double faults, without ever successfully dispatching any instruc- tions. The hard-wired logic of handling these faults is used to perform arithmetic and logic primitives, as well as memory reads and writes. This mechanism can also perform branches and loops if the memory is set up and mapped just right. We discuss the lessons of this execu- tion model for future trustworthy architectures."
Return-oriented programming; fashion a machine language out of existing code subsequence "gadgets":
https://en.wikipedia.org/wiki/Return-oriented_programming
Jacob Torrey's HARES scheme for spoofing the page for reading while executing from another page entirely. The page that is seen by any program scanning memory is completely innocuous, while the pages actually being executed are malware.
https://www.wired.com/2015/02/crypto-trick-makes-software-nearly-impossible-...
https://www.syscan.org/index.php/download/get/8a49fa76c16592ef790bffad08d1a3...
http://blog.jacobtorrey.com/hares-faq
At 04:06 PM 4/13/2015, Warren D Smith wrote:
Here's an idea. Let's say some program is a stream of bytes. Every 64th byte is not an "instruction," it is a "security code." Specifically, the codes are such that the whole ball of wax -- program+security -- gets public-key-encoded to something nice, like it has a bunch of 0s. Your computer has built in hardware for public key crypto. It terminates execution if program fails to satisfy security demands.
Point is, it is not possible for anybody to produce malware with valid security codebytes, unless they already know your computer's secret key. E.g they either had your cooperation, or they already had access to your computer's code.
-- Warren D. Smith http://RangeVoting.org <-- add your endorsement (by clicking "endorse" as 1st step)
_______________________________________________ math-fun mailing list math-fun@mailman.xmission.com https://mailman.xmission.com/cgi-bin/mailman/listinfo/math-fun
Are there any documented (or even suspected) cases of exploits based on bugs in the implementation of chips? Or of features hidden in the implementation of chips? I guess the current exploits on flash memories are close, but it's much easier to compromise a computer system "at birth" by hiding things in the boot rom or other low level embedded software.
Don't know if this is what you have in mind, but hasn't the gov't (I don't know which agencies, exactly) arranged to be able to bypass any "password protected" login (at least on personal computers) via some kind of back door built into the machines? There have been at least strong rumors to that effect. --Dan
On Apr 13, 2015, at 8:28 PM, Dave Dyer <ddyer@real-me.net> wrote:
Are there any documented (or even suspected) cases of exploits based on bugs in the implementation of chips? Or of features hidden in the implementation of chips?
I guess the current exploits on flash memories are close, but it's much easier to compromise a computer system "at birth" by hiding things in the boot rom or other low level embedded software.
At 09:07 PM 4/13/2015, Dan Asimov wrote:
Don't know if this is what you have in mind, but hasn't the gov't (I don't know which agencies, exactly) arranged to be able to bypass any "password protected" login (at least on personal computers) via some kind of back door built into the machines?
There have been at least strong rumors to that effect.
sure, but are they based on flaws hidden by the complexity of the chips, or on ordinary software that uses well understood behavior?
They're based on arrangements with the manufacturer to create a means of entering the computer and controlling it. --Dan
On Apr 13, 2015, at 9:26 PM, Dave Dyer <ddyer@real-me.net> wrote:
At 09:07 PM 4/13/2015, Dan Asimov wrote:
Don't know if this is what you have in mind, but hasn't the gov't (I don't know which agencies, exactly) arranged to be able to bypass any "password protected" login (at least on personal computers) via some kind of back door built into the machines?
There have been at least strong rumors to that effect.
sure, but are they based on flaws hidden by the complexity of the chips, or on ordinary software that uses well understood behavior?
On 2015-04-14 12:40, Dan Asimov wrote:
They're based on arrangements with the manufacturer to create a means of entering the computer and controlling it.
The main *public* instance of this with computers that I'm familiar with (of course, there could be others) was the Clipper chip. My recollection is that protests succeeded in squelching this (and the Clipper chips never were deployed at scale, unpopular because of this backdoor and for other reasons). However, if you're talking about network switches, not computers in general, then the CALEA laws require (I think) that every switch has a mechanism to allow the government (subject to warrants and other legal constraints) to tap all traffic going through the switch. My memory is very fuzzy on this point, but I think all switches/routers produced in the US may be required to have this a CALEA tap of some sort. I think both of these cases are distinct from the ability "to bypass any 'password protected' login ...", but recent news items certainly lend credence to the belief that backdoors such as you describe actually exist. I'm just not sure about how officially these are acknowledged. Finally, back to Warren's first proposal: is it substantially different from the myriad schemes in the category of "secure bootstrap", "trusted computing base", etc?
--Dan
On Apr 13, 2015, at 9:26 PM, Dave Dyer <ddyer@real-me.net> wrote:
At 09:07 PM 4/13/2015, Dan Asimov wrote:
Don't know if this is what you have in mind, but hasn't the gov't (I don't know which agencies, exactly) arranged to be able to bypass any "password protected" login (at least on personal computers) via some kind of back door built into the machines?
There have been at least strong rumors to that effect.
sure, but are they based on flaws hidden by the complexity of the chips, or on ordinary software that uses well understood behavior?
_______________________________________________ math-fun mailing list math-fun@mailman.xmission.com https://mailman.xmission.com/cgi-bin/mailman/listinfo/math-fun
Cisco switches are thoroughly p0wned, both through SW and HW (Fedex/UPS interception). Your home routers are already p0wned (google "TR-069") by your service provider, so simple NSL's get the govt the vast majority of these. The rest of them are so vulnerable due to 5-10 year old software that they are cracked in seconds. The Cisco situation is hilarious. The US govt complains that Huawei routers have backdoors inserted by the Chinese govt, while simultaneously inserting their own backdoors into Cisco routers. A case of the pot calling the kettle black. The British govt just passed another CALEA-type law to go after non-voice content, and many other govts already have such laws. CALEA backdoors have already been misused by criminals & govts. http://www.theregister.co.uk/2013/05/21/crypto_boffins_oppose_fed_backdoors/ "For example, eavesdroppers tapped the mobile phones of the then Prime Minister of Greece, Kostas Karamanlis, his cabinet ministers and security officials for about nine months between June 2004 and March 2005 around the time of the Athens Olympics." "The spies used CALEA backdoors on Vodafone Greece switches to illegally plant spyware so that conversations were relayed to 14 shadow pay-as-you-go mobile phones." "The Greek newspaper Kathimerini on Sunday revealed in 2011 that four of those phones were originally purchased by the US embassy, although the eavesdroppers were never traced. In a similar case, AT&T's CALEA controls went through a Solaris machine that was rooted by hackers, giving crooks the ability to tap into calls." At 10:26 AM 4/14/2015, Michael Greenwald wrote:
On 2015-04-14 12:40, Dan Asimov wrote: However, if you're talking about network switches, not computers in general, then the CALEA laws require (I think) that every switch has a mechanism to allow the government (subject to warrants and other legal constraints) to tap all traffic going through the switch. My memory is very fuzzy on this point, but I think all switches/routers produced in the US may be required to have this a CALEA tap of some sort.
Got this notice from MSRI: ----- NOVA’s The Great Math Mystery Wednesday, April 15, 2015, at 9 p.m. on most PBS stations (check local listings to confirm date and time for other cities, as schedules may vary) Join NOVA on a mathematical mystery tour—a provocative exploration of math's astonishing power across the centuries. We discover math's signature in the swirl of a nautilus shell, the whirlpool of a galaxy, and the spiral in the center of a sunflower. Math was essential to everything from the first wireless radio transmissions to the prediction and discovery of the Higgs boson and the successful landing of rovers on Mars. Astrophysicist and writer Mario Livio, along with a colorful cast of mathematicians, physicists, and engineers, follow math from Pythagoras to Einstein and beyond. It all leads to the ultimate riddle: Is math a human invention or the discovery of the language of the universe? (Please visit http://www.pbs.org/wgbh/nova/physics/great-math-mystery.html for more details.) ----- It is, perhaps, not such a good idea to use an astrophysicist to expound on math, especially this astrophysicist, who wrote a book about the golden ratio filled with misinformation. --Dan
On 4/14/2015 3:16 PM, Dan Asimov wrote:
...It is, perhaps, not such a good idea to use an astrophysicist to expound on math, especially this astrophysicist, who wrote a book about the golden ratio filled with misinformation...
It is indeed a shame that Mario Livio missed the opportunity to correct popular misconceptions about the golden ratio in his popular book. I would have expected a scientist to have more of a scientific approach. I tried to correct some of the misconceptions as best I could in these two videos: https://www.simonsfoundation.org/multimedia/mathematical-impressions-multime... https://www.youtube.com/watch?v=_gxC8OjoQkQ George http://georgehart.com/
Thanks, George! (And March 27, 2015 is just in time for this April 15 broadcast, too.) --Dan
On Apr 14, 2015, at 12:43 PM, George Hart <george@georgehart.com> wrote:
On 4/14/2015 3:16 PM, Dan Asimov wrote:
...It is, perhaps, not such a good idea to use an astrophysicist to expound on math, especially this astrophysicist, who wrote a book about the golden ratio filled with misinformation...
It is indeed a shame that Mario Livio missed the opportunity to correct popular misconceptions about the golden ratio in his popular book. I would have expected a scientist to have more of a scientific approach. I tried to correct some of the misconceptions as best I could in these two videos:
https://www.simonsfoundation.org/multimedia/mathematical-impressions-multime...
https://www.youtube.com/watch?v=_gxC8OjoQkQ
George http://georgehart.com/
Boot malware has been seriously discussed since 2007 at various *****hat conferences. Then Snowden showed that NSA had already perfected this for their "toy store" in 2006. Mitre Corp. has done a lot of public work on this issue. Google "Copernicus" for some of their work. Those "trusted" modules? (TPM, etc.) The primary reason for their existence seems to be providing a standard so that everyone stores their secrets in the same locations, enabling the PC population to be exploited "at scale". Between the activities of the NSA & GCHQ, you can reasonably suspect _every_ Intel & ARM processor built since 2001. That oh-so-public tiff between Apple, Google & the FBI? U.S. taxpayers should at least get free popcorn to watch this spat, which is about as sincere as the WWE (ex-WWF): http://finance.yahoo.com/q?s=wwe https://en.wikipedia.org/wiki/WWE At 08:28 PM 4/13/2015, Dave Dyer wrote:
Are there any documented (or even suspected) cases of exploits based on bugs in the implementation of chips? Or of features hidden in the implementation of chips?
I guess the current exploits on flash memories are close, but it's much easier to compromise a computer system "at birth" by hiding things in the boot rom or other low level embedded software.
Sounds like a RISC machine. I worked on the IBM 801 project, which was the first. It was a great piece of hardware. Victor Sent from my iPhone
On Apr 13, 2015, at 21:21, Tom Knight <tk@csail.mit.edu> wrote:
I’ve been thinking that we need to design some dramatically simpler computers. What happens if, instead of adding more warts to our existing architectures, we “waste” performance by avoiding essentially all of the complexity of caches, out-of-order execution, weird memory mapping. We instead build easily understood, trivial to implement old-school computers, of the kind built in the ‘60s and ‘70s. We optimize for clarity of implementation and simplicity of the execution model. Now, we have a design which could be carefully verified, in the same way that open source code can be verified. We can implement this in FPGAs, perhaps with probabilistic placement of gates to avoid some of the need for verifying the FPGA. We could implement in a 2 micron CMOS process from 1982 which can be analyzed with a light microscope, making it hard to hide things. It could be hardened with implementations that avoid power supply noise.
Of course, this computer would really only be suitable for crypto-important code, and for booting a “real” computer, but it would provide a basis of trust unlike anything we have access to today.
On Apr 13, 2015, at 7:49 PM, Henry Baker <hbaker1@pipeline.com> wrote:
This scheme is not a lot different from a lot of other signing schemes.
The attacks are similar.
For example, you program an interpreter (e.g., Java) which satisfies all of your security features, except that Java _doesn't_ check the code that it interprets. Game over.
MITM. Who signs the code, and why should you trust them?
(Untrusted turtles all the way down; more succinctly, turds all the way down, making for a big POS.)
Then there are the "weird machines".
https://en.wikipedia.org/wiki/Weird_machine
It turns out that the paging apparatus of modern Intel processors is so complicated that it is Turing complete. You can execute an arbitrary Turing Machine _without ever (fully) executing a complete instruction_ !!
http://www.cs.dartmouth.edu/~sws/pubs/bbss13.pdf
"We show that powerful computation on x86 processors is possible without executing any CPU instructions. We demonstrate a Turing-complete execution environment driven solely by the IA32 architectures interrupt han- dling and memory translation tables, in which the pro- cessor is trapped in a series of page faults and double faults, without ever successfully dispatching any instruc- tions. The hard-wired logic of handling these faults is used to perform arithmetic and logic primitives, as well as memory reads and writes. This mechanism can also perform branches and loops if the memory is set up and mapped just right. We discuss the lessons of this execu- tion model for future trustworthy architectures."
Return-oriented programming; fashion a machine language out of existing code subsequence "gadgets":
https://en.wikipedia.org/wiki/Return-oriented_programming
Jacob Torrey's HARES scheme for spoofing the page for reading while executing from another page entirely. The page that is seen by any program scanning memory is completely innocuous, while the pages actually being executed are malware.
https://www.wired.com/2015/02/crypto-trick-makes-software-nearly-impossible-...
https://www.syscan.org/index.php/download/get/8a49fa76c16592ef790bffad08d1a3...
http://blog.jacobtorrey.com/hares-faq
At 04:06 PM 4/13/2015, Warren D Smith wrote:
Here's an idea. Let's say some program is a stream of bytes. Every 64th byte is not an "instruction," it is a "security code." Specifically, the codes are such that the whole ball of wax -- program+security -- gets public-key-encoded to something nice, like it has a bunch of 0s. Your computer has built in hardware for public key crypto. It terminates execution if program fails to satisfy security demands.
Point is, it is not possible for anybody to produce malware with valid security codebytes, unless they already know your computer's secret key. E.g they either had your cooperation, or they already had access to your computer's code.
-- Warren D. Smith http://RangeVoting.org <-- add your endorsement (by clicking "endorse" as 1st step)
_______________________________________________ math-fun mailing list math-fun@mailman.xmission.com https://mailman.xmission.com/cgi-bin/mailman/listinfo/math-fun
_______________________________________________ math-fun mailing list math-fun@mailman.xmission.com https://mailman.xmission.com/cgi-bin/mailman/listinfo/math-fun
participants (8)
-
Dan Asimov -
Dan Asimov -
Dave Dyer -
George Hart -
Henry Baker -
Michael Greenwald -
Tom Knight -
Victor S. Miller