Some tips on using the certbot for Let’s Encrypt and the support for wildcard certificates through DNS updates: [WayBack] SSL certificates – not optional | Open Query Pty Ltd
–jeroen
Archive for the ‘Security’ Category
SSL certificates – not optional | Open Query Pty Ltd
Posted by jpluimers on 2020/09/04
Posted in Encryption, HTTPS/TLS security, Let's Encrypt (letsencrypt/certbot), Power User, Security | Leave a Comment »
Some banking apps are not so privacy friendly
Posted by jpluimers on 2020/09/01
Some baking apps want a lot of permissions, including privacy sensitive ones.
Maybe they should split themselves in a small, non-intrusive app that allows payment confirmation, and fatter (hopefully less intrusive than now) app for account management.
For now, I try to avoid these apps as they are single points of failures.
ING had a great TAN code system on paper. It hardly had any side-channel attack vectors, and by putting some copies in geographically distinct locations, you had good and safe back-ups too.
It looks like the successor is a single point of failure: only one scanner device per account holder is possible.
Let’s see what the future will bring.
Related:
- [WayBack] Roderick Gadellaa on Twitter: “@ingnl Ik begrijp dat jullie gaan stoppen met TAN codes. Juich ik toe, 2FA met sms is behoorlijk lek. Maar nu moet ik jullie app gaan gebruiken. Ik werp 1 blik op de permissions die jullie app wil en denk: Neen.… “
- [WayBack] ING Nederland on Twitter: “er blijft zeker een alternatief bestaan, meer hierover is via deze link te lezen: https://t.co/gSCwYUG2JM ^Sabrina… “
- Bevestigen met de ING scanner – ING – Mobiel en internetbankieren (cannot be archived, see [WayBack/Archive.is]
Opdrachten bevestigen in Mijn ING verandert. De TAN-code stopt. Mobiel bevestigen wordt de standaard. Heb je geen smartphone of tablet? Dan ga je een ING Scanner gebruiken.
- [WayBack] “Apps like Google Authenticator or 1Password are much more convenient and secure” One problem that I start to see more often is that a lot of governmen… – Roderick Gadellaa – Google+
- [WayBack] Major SMS security lapse is a reminder to use authenticator apps instead – The Verge: 26 million customer texts were exposed
–jeroen
Share this:
Posted in LifeHacker, Power User, Security | Leave a Comment »
DIY electronic RFID Door Lock with Battery Backup – CodeProject
Posted by jpluimers on 2020/08/26
On my list: check if Mifare Desfire cards are still secure enough for something like a [WayBack] DIY electronic RFID Door Lock with Battery Backup – CodeProject.
Via: [WayBack] Lots of interesting info on RFID use. https://www.codeproject.com/Articles/1096861/DIY-electronic-RFID-Door-Lock-with-Battery-Backup – Lars Fosdal – Google+
–jeroen
Share this:
Posted in Development, Hardware Development, LifeHacker, Power User, Security | Leave a Comment »
Password hashing on client side is insecure · Issue #44 · meteor/meteor-feature-requests · GitHub and some bcrypt notes
Posted by jpluimers on 2020/08/26
Some interesting bits from [WayBack] Password hashing on client side is insecure · Issue #44 · meteor/meteor-feature-requests · GitHub by tysonclugg:
Stop with the client side hashing – it’s security theatrics. Submit plain text passwords over TLS. The focus should be on having TLS enabled by default, and making sure the server has a sufficient amount of cryptographic work-factor during authentication to render brute-force attacks ineffective (eg: use server-side bcrypt).
Honestly, javascript password shenanigans in the browser is as dumb as backing up HOTP/TOTP secrets from your 2FA app in case you lose your phone. Hint: that changes “something you have” into “something you know”, authenticating with two things you know is single factor authentication. And yet, a group of “smart people” created an app that allows just that. Don’t be another one of those “smart people”.
If you’re still unsure about ditching client-side password hashing, have a read on what others have said:
- https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/august/javascript-cryptography-considered-harmful/
- http://thisinterestsme.com/client-side-hashing-secure/
- https://security.stackexchange.com/questions/53594/why-is-client-side-hashing-of-a-password-so-uncommon
- https://cybergibbons.com/security-2/stop-doing-client-side-password-hashing/
- https://www.reddit.com/r/crypto/comments/375lor/is_client_side_hashing_of_passwords_viable_to/
5.1. One of the comments specifically mentions SRP, but goes on to say:You’ll probably be interested in the Secure Remote Password protocol (SRP). It uses a variant of the Diffie-Hellman key negotiation protocol to simultaneously authenticate the client with the server, the server with the client, and establish a session key for sending secrets between the client and server. It’s not very useful with web applications, because you still have to trust the encrypted channel to deliver the right version of the JavaScript to manage the communication. It could be useful for other client/server applications, where the client application can be verified and isn’t retransmitted every session.
If you’re still not convinced after reading all of the above, I’d suggest you contact a notable cryptographer for further advice. Prof. David A. Wagner might be a good choice.
…
Meanwhile, client side password hashing hinders upgrades to the password hashing scheme, and nothing has been done.
…
Hindering, not preventing. Of course you can send many hashed variants of the password from the client to the server to account for whichever legacy hash exists in the DB, but in my that weakens the system by allowing many hashes to be submitted simultaneously (or in short order) with no work factor. The result is that brute forcing an account becomes much easier.
and in [WayBack] Password hashing on client side is insecure · Issue #4363 · meteor/meteor · GitHub:
On compatibility (the reason I visited the Meteor password hashing code in the first place), upgrading to new hashing algorithms (which MUST be done from time to time) is much easier if the plaintext password is passed to the server, and transparent to the client as no new API is required to handle the case of upgrading from an old hash to a new hash. The generally accepted means of storing hashes is “$” such as “
pbkdf2_sha256$15000$ZLpQISRxzhY0$fxrQcKxhkG//nHg10NrkulhvWkAqWbWeQg4QeD7c59E=”
This is a PBKDF2 hash for the password “pass” which includes the number of rounds, the salt and the resultant hash ready to be verified and upgraded if required, for example by increasing the number of rounds from 150000 to 250000, or ready to be swapped to a different algorithm altogether (eg: pbkdf2_sha512).
NIST in 2017 on key derivation functions:
In June 2017, NIST issued a new revision of their digital authentication guidelines, NIST SP 800-63B-3,[12]:5.1.1.1 stating that: “Verifiers SHALL store memorized secrets [i.e. passwords] in a form that is resistant to offline attacks. Memorized secrets SHALL be salted and hashed using a suitable one-way key derivation function. Key derivation functions take a password, a salt, and a cost factor as inputs then generate a password hash. Their purpose is to make each password guessing trial by an attacker who has obtained a password hash file expensive and therefore the cost of a guessing attack high or prohibitive.” and that “The salt SHALL be at least 32 bits in length and be chosen arbitrarily so as to minimize salt value collisions among stored hashes.”
It looks like Argon2 is better than bcrypt and PBKDF2_SHA512. The 2017 hashing speed table:
sha1: 68.000.000.000 hash/s sha256: 23.000.000.000 hash/s sha512: 8.600.000.000 hash/s sha3: 6.500.000.000 hash/s bcrypt(5): 105.700 hash/s(for work factor 15 it’s hash/sec)
sha256crypt: 3.100.000 hash/s And with stretching: pbkdf2-sha1(1000 r): 26.000.000 hash/s pbkdf2-sha256: 9.400.000 hash/s pbkdf2-sha512: 3.400.000 hash/s Also, one commenter mentioned that using future telling skills we expect that hash values improve 55% annually, which is exciting and scary at once. —grin✎ 13:51, 10 October 2017 (UTC)
The cost is confirmed at [WayBack] bcrypt cost 10/12/14 brute force time? – Information Security Stack Exchange, so in 2020 it should be somewhere around the 12-14 range.
Moore’s law does not fully apply any more for single core performance, but there are other potential optimisations, and it is unclear how future hash attacks will improve, so it is better to use a mini-bench mark to calculate a good cost, see:
- https://github.com/JackTrapper/bcrypt-for-delphi/commit/d22eeff823a9f6cc8db4a0a0c96baabcd6ceeb67
- https://github.com/JackTrapper/bcrypt-for-delphi/commit/78223bbd2a65bb60dd6827331cef30711a1fc00f – in 2015, cost increased to 11
Delphi implementations:
- [WayBack] GitHub – JackTrapper/bcrypt-for-delphi: BCrypt implementation for Delphi
- [WayBack] GitHub – JackTrapper/argon2-for-delphi: Argon2 password hashing algorithm
Via:
- [WayBack] Recommended # of rounds for bcrypt – Information Security Stack Exchange
- [WayBack] Is there a bcrypt implementation available for Delphi? – Stack Overflow
Further reading:
- [WayBack] bcrypt, A Future-Adaptable Password Scheme : Introduction
- [WayBack] hash – What is the specific reason to prefer bcrypt or PBKDF2 over SHA256-crypt in password hashes? – Information Security Stack Exchange
- [WayBack] cryptography – Do any security experts recommend bcrypt for password storage? – Information Security Stack Exchange
- [WayBack Matasano Security LLC – Chargen – Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes]
–jeroen
Share this:
Posted in Development, Hashing, Power User, Security, Software Development | Leave a Comment »
Roderick Gadellaa auf Twitter: “@ingnl Ik begrijp dat jullie gaan stoppen met TAN codes. Juich ik toe, 2FA met sms is behoorlijk lek. Maar nu moet ik jullie app gaan gebruiken. Ik werp 1 blik op de permissions die jullie app wil en denk: Neen.…”
Posted by jpluimers on 2020/08/12
[WayBack] Roderick Gadellaa auf Twitter: “@ingnl Ik begrijp dat jullie gaan stoppen met TAN codes. Juich ik toe, 2FA met sms is behoorlijk lek. Maar nu moet ik jullie app gaan gebruiken. Ik werp 1 blik op de permissions die jullie app wil en denk: Neen.…”
Reminder to self: check what permissions are needed now.
–jeroen
Share this:
Posted in Development, Power User, Security, Software Development | Leave a Comment »
On my research list: finding out how to prevent FortiClient to route all traffic over VPN
Posted by jpluimers on 2020/08/10
Links that will likely help me:
- https://docs.fortinet.com/d/forticlient-5.4.1-xml-reference/download
- [WayBack] FortiClient-5.4.1-XML-Reference.pdf
- [WayBack] FortiClient VPN Problems With OSX 10.11 El Capitan | Fortinet Technical Discussion Forums
- [WayBack] macos – How to selectively route network traffic through VPN on Mac OS X Leopard? – Super User
- [WayBack] vpn – How to get forticlient working in OSX El Capitan – Server Fault
- [WayBack] Set no default route for VPN Client via PPTP/L2TP – Mac OS X Hints
- [WayBack] Routing all remote traffic through the VPN tunnel
–jeroen
Share this:
Posted in FortiGate/FortiClient, Hardware, Internet, Network-and-equipment, Power User, routers, Security, VPN | Leave a Comment »
Android passwords: store as transient as possible using arrays in stead of strings
Posted by jpluimers on 2020/08/06
Sometimes you cannot avoid handling passwords in your application. When you do,
- keep them around as short as possible
- store them in data types that are not garbage collected
- wipe the storage as soon as you are done
In practice, this usually comes down to storing them as arrays (character or byte arrays), not strings.
This holds for many other platforms outside Java as well: strings are usually managed in one way or the other, so they cannot be wiped
References:
- [WayBack] java – Why is char[] preferred over String for passwords? – Stack Overflow
- [WayBack] What is the best way to store password in memory (RAM) in Java? – Information Security Stack Exchange
For actual storage of passwords, you always have the risk of retrieval: when a “bad guy” gets physical access to a device, it is basically hosed.
A KeyStore can only do so much against it: if your APK can be downloaded, it can be reverse-engineered revealing the exact steps how the store is accessed, reproducing the steps needed to hack into the underlying protected data/functionality.
- [WayBack] Using the Android KeyStore to store user authentication credentials – Stack Overflow
- [WayBack] Best place to store a password in your Android app
- [WayBack] Using AdroidKeyStore for secure user password storage
- [WayBack] security – How to store private key in android without pin code – Stack Overflow
- [WayBack] How to use the Android Keystore to store passwords and other sensitive information – Android Authority
- [WayBack] Using the Android Keystore system to store and retrieve sensitive information
- [WayBack] security – How to store Android KeyStore passwords securely – Stack Overflow
- [WayBack] Mobile App Security Basics – The Wanari Business Blog
- [WayBack] Java Examples for android.security.KeyPairGeneratorSpec
- [WayBack] AESSecureTokenStore.java example: com.couchbase.lite.auth
The keystore can be forgetful…
You’ve just moved in to a new house and have been given the master key for the front door. You only have one of these so you know you need to keep it safe. Your really paranoid so you hire an armed guard, whose sole job is to protect this key, in fact, this is all he has been trained to do and has a catchy slogan of “need to protect a key, its what I was born to do!”. You install an extra lock on your front door as you feel the bodyguard isn’t enough, this is a rough area anyway and who’s going to make sure no-ones about to break in and steal all your crap. You return to your key guard only to be informed he has thrown the key away. You shout and scream at him but he just blankly says “I don’t have it anymore, I didn’t think it was important”. You can’t contain your anger “What the hell, your a jerk! You had one thing to do and you failed, this causes me a lot of problems, why didn’t you tell me you might do this?! What do I do now?!”
[WayBack] Android Security: The Forgetful Keystore – SystemDotRun – Dorian Cussen’s Super Blog
–jeroen
Share this:
Posted in Android, Development, Java, Java Platform, Mobile Development, Power User, Security, Software Development | Leave a Comment »
Try locking your PC next time
Posted by jpluimers on 2020/07/31
Everyone falls for social engineering. A while ago I got too and my home page got changed into [WayBack] Try locking your PC next time after being lured away from my machine without locking it.
--jeroen
PS: there are many YouTube versions (as long as 24 hours) of this as well, see [Wayback/Archive] Gandalf Sax | Know Your Meme (via [Wayback/Archive] On this day 11 years ago, the first known video of Gandalf smiling and nodding along with the Epic Sax Guy music on loop was posted to YouTube. : KnowYourMeme).
[WayBack]
Share this:
Posted in Power User, Security | Leave a Comment »
UAC elevation steps
Posted by jpluimers on 2020/07/29
Just in case I need to explain this to someone, as it has been a long time ago I did this: [WayBack] windows – Is there a single UAC binary? – Super User.
Via: [WayBack] Jeroen Wiert Pluimers: Is there a UAC binary? – Google+
Most important reference: [WayBack] How User Account Control Works | Microsoft Docs
- Logon:
- Elevation steps: decision tree in the various pieces:
- Elevation confirmation via
consent.exe
- Consent example prompt:
–jeroen
Share this:
Posted in Development, Power User, Security, Software Development, Windows, Windows Development | Leave a Comment »
EU-Hof haalt streep door Privacy Shield en blokkeert datatransfers naar VS – IT Pro – Nieuws – Tweakers
Posted by jpluimers on 2020/07/18
For my link archive a good article and nice discussion thread:
Privacy Shield, het data-uitwisselingsverdrag tussen de EU en de VS, is van tafel. Volgens het Hof is het strijdig met de GDPR. De ‘standaard contractuele clausules’ blijven wel bestaan, maar door de surveillance in de VS wordt ook dat instrument voor de datadoorgiften een lastig verhaal.
[WayBack/Archive.is] EU-Hof haalt streep door Privacy Shield en blokkeert datatransfers naar VS – IT Pro – Nieuws – Tweakers
[WayBack/Archive.is] Wie toestemming onder de AVG vraagt, snapt de AVG niet (of heeft een nieuwsbrief) – Ius Mentis
–jeroen
Share this:
Posted in GDPR/DS-GVO/AVG, Power User, Privacy, Security | Leave a Comment »
The Wiert Corner - irregular stream of stuff 