Digital Sovereignty & Cyber Security

Nine years ago, I published a cyber-thriller, "Babel Minute Zero". The story was simple: an authoritarian country facing economic crunch and the risk of political destabilization would launch cyber-attacks against the US in order to deflect attention and increase  nationalist support. Today, I realize I've made two major mistakes when I wrote "Babel Minute Zero".…

What occurred with the recently disclosed breach of the Democratic National Committee servers, and the dumping of stolen data on a WordPress site, is more than an act of cyber espionage or harmless mischief. It meets the definition of an act of cyberwar, and the US government should respond as such.

 

The claims by “Guccifer 2.0”—that a lone hacker carried out this attack—are not believable. Of course, anything is possible, but the attack looks to be an operation conducted by Russian intelligence services. Had this been a “normal” operation—that is, covert intel gathering by Russia's Foreign Intelligence Service or any other foreign intelligence service (as the Chinese have done in past election seasons)—it would be business as usual. To be honest, the US government would not really be justified in denouncing it, as it does the same thing. But what makes this attack very different—and crosses the line—is the Russian team’s decision to dump the Clinton campaign’s opposition strategy on the public Web, presumably for the dual purpose of both spreading misinformation about the party responsible for the breach and interfering with the Clinton campaign.

A Chinese supercomputer built using domestic chip technology has been declared the world's fastest. The news highlights China's recent advances in the creation of such systems, as well the country's waning reliance on US semiconductor technology.the taihulight is capable of 93 petaflopsThe Sunway TaihuLight takes the top spot from previous record-holder Tianhe-2 (also located in China), and more than triples the latter's speed. The new number one is capable of performing some 93 quadrillion calculations per second (otherwise known as petaflops) and is roughly five times more powerful than the speediest US system, which is now ranked third worldwide.The TaihuLight is comprised of some 41,000 chips, each with 260 processor cores. This makes for a total of 10.65 million cores, compared to the 560,000 cores in America's top machine. In terms of memory, it's relatively light on its feet, with just 1.3 petabytes used for the entire machine. (By comparison, the much less powerful 10-petaflop K supercomputer uses 1.4 petabytes of RAM.) This means it's unusually energy efficient, drawing just 15.3 megawatts of power — less than the 17.8 megawatts used by the 33-petaflop Tianhe-2.More significantly than its specs, though, is the fact that the TaihuLight is built from Chinese semiconductors. "It’s not based on an existing architecture. They built it themselves," Jack Dongarra, a professor at the University of Tennessee and creator of the measurement system used to rank the world's supercomputers, told Bloomberg. "This is a system that has Chinese processors."

Le système mondial de virement SWIFT a recommandé mardi à ses 11.000 banques clientes dans le monde de relever leur niveau de sécurité. L'agence d'investigation FireEye a authentifié des menaces de cyber-attaques similaires à celles ayant visé la banque centrale du Bangladesh.Le cyber-braquage de la Banque centrale du Bangladesh, qui s'est vu dérober 81 millions de dollars en février au travers du système de transfert de fonds Swift, n'était qu'un avant goût. Les pirates informatiques s'en prennent à d'autres institutions financières. Le centre nerveux du système financier mondial a en effet recommandé mardi à ses 11.000 banques clientes de relever leur niveau de sécurité quand elles passaient par ses réseaux.

FOR MOST OF the past six weeks, the biggest story out of Silicon Valley was Apple’s battle with the FBI over a federal order to unlock the iPhone of a mass shooter. The company’s refusal touched off a searing debate over privacy and security in the digital age. But this morning, at a small office in Mountain View, California, three guys made the scope of that enormous debate look kinda small.

Mountain View is home to WhatsApp, an online messaging service now owned by tech giant Facebook, that has grown into one of the world’s most important applications. More than a billion people trade messages, make phone calls, send photos, and swap videos using the service. This means that only Facebook itself runs a larger self-contained communications network. And today, the enigmatic founders of WhatsApp, Brian Acton and Jan Koum, together with a high-minded coder and cryptographer who goes by the pseudonym Moxie Marlinspike, revealed that the company has added end-to-end encryption to every form of communication on its service.

This means that if any group of people uses the latest version of WhatsApp—whether that group spans two people or ten—the service will encrypt all messages, phone calls, photos, and videos moving among them. And that’s true on any phone that runs the app, from iPhones to Android phones to Windows phones to old school Nokia flip phones. With end-to-end encryption in place, not even WhatsApp’s employees can read the data that’s sent across its network. In other words, WhatsApp has no way of complying with a court order demanding access to the content of any message, phone call, photo, or video traveling through its service. Like Apple, WhatsApp is, in practice, stonewalling the federal government, but it’s doing so on a larger front—one that spans roughly a billion devices.

“Building secure products actually makes for a safer world, (though) many people in law enforcement may not agree with that,” says Acton, who was employee number forty-four at Internet giant Yahoo before co-founding WhatsApp in 2009 alongside Koum, one of his old Yahoo colleagues. With encryption, Acton explains, anyone can conduct business or talk to a doctor without worrying about eavesdroppers. With encryption, he says, you can even be a whistleblower—and not worry.

The FBI and the Justice Department declined to comment for this story. But many inside the government and out are sure to take issue with the company’s move. In late 2014, WhatsApp encrypted a portion of its network. In the months since, its service has apparently been used to facilitate criminal acts, including the terrorist attacks on Paris last year. According to The New York Times, as recently as this month, the Justice Department was considering a court case against the company after a wiretap order (still under seal) ran into WhatsApp’s end-to-end encryption.

Overall, the FBI's request could be seen as a testament to just how good encryption is. The FBI can't attack the iPhone's encryption directly, and it can't bypass the firmware signature mechanism. There's no existing backdoor to the crypto.But what the iPhone does have is software lockouts, and the security of those lockouts is entirely up to Apple. Apple's signing key gives the company wide power over the software-level protections built in to iOS. The FBI knows this, and that is why it's demanding the company's assistance.

A Message to Our Customers:"The Need for EncryptionSmartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business."

If you still assume you don't forfeit the right to privacy by going online, there are very few truly secure OS options.The best one might be the Linux flavor called Tails, recommended by none other than Edward Snowden. Its encrypted apps include email and messaging clients, a web browser, and of course, the anonymizing Tor network.The folks behind the open-source program have just launched version 2.0, with a new UI and numerous security fixes.

With a vigorous national debate underway on whether Sweden should enter a military partnership with NATO, officials in Stockholm suddenly encountered an unsettling problem: a flood of distorted and outright false information on social media, confusing public perceptions of the issue.

The claims were alarming: If Sweden, a non-NATO member, signed the deal, the alliance would stockpile secret nuclear weapons on Swedish soil; NATO could attack Russia from Sweden without government approval; NATO soldiers, immune from prosecution, could rape Swedish women without fear of criminal charges.

They were all false, but the disinformation had begun spilling into the traditional news media, and as the defense minister, Peter Hultqvist, traveled the country to promote the pact in speeches and town hall meetings, he was repeatedly grilled about the bogus stories.

“People were not used to it, and they got scared, asking what can be believed, what should be believed?” said Marinette Nyh Radebo, Mr. Hultqvist’s spokeswoman.

As often happens in such cases, Swedish officials were never able to pin down the source of the false reports. But they, numerous analysts and experts in American and European intelligence point to Russia as the prime suspect, noting that preventing NATO expansion is a centerpiece of the foreign policy of President Vladimir V. Putin, who invaded Georgia in 2008 largely to forestall that possibility.

In Crimea, eastern Ukraine and now Syria, Mr. Putin has flaunted a modernized and more muscular military. But he lacks the economic strength and overall might to openly confront NATO, the European Union or the United States. Instead, he has invested heavily in a program of “weaponized” information, using a variety of means to sow doubt and division. The goal is to weaken cohesion among member states, stir discord in their domestic politics and blunt opposition to Russia.

“Moscow views world affairs as a system of special operations, and very sincerely believes that it itself is an object of Western special operations,” said Gleb Pavlovsky, who helped establish the Kremlin’s information machine before 2008. “I am sure that there are a lot of centers, some linked to the state, that are involved in inventing these kinds of fake stories.”

Dark Arts: Russia’s Stealth Conflict
This article is the second in a series on how Russia covertly projects power.
The planting of false stories is nothing new; the Soviet Union devoted considerable resources to that during the ideological battles of the Cold War. Now, though, disinformation is regarded as an important aspect of Russian military doctrine, and it is being directed at political debates in target countries with far greater sophistication and volume than in the past.

The flow of misleading and inaccurate stories is so strong that both NATO and the European Union have established special offices to identify and refute disinformation, particularly claims emanating from Russia.

The Kremlin’s clandestine methods have surfaced in the United States, too, American officials say, identifying Russian intelligence as the likely source of leaked Democratic National Committee emails that embarrassed Hillary Clinton’s presidential campaign.

The Kremlin uses both conventional media — Sputnik, a news agency, and RT, a television outlet — and covert channels, as in Sweden, that are almost always untraceable.

Russia exploits both approaches in a comprehensive assault, Wilhelm Unge, a spokesman for the Swedish Security Service, said this year when presenting the agency’s annual report. “We mean everything from internet trolls to propaganda and misinformation spread by media companies like RT and Sputnik,” he said.

The fundamental purpose of dezinformatsiya, or Russian disinformation, experts said, is to undermine the official version of events — even the very idea that there is a true version of events — and foster a kind of policy paralysis.

Disinformation most famously succeeded in early 2014 with the initial obfuscation about deploying Russian forces to seize Crimea. That summer, Russia pumped out a dizzying array of theories about the destruction of Malaysia Airlines Flight 17 over Ukraine, blaming the C.I.A. and, most outlandishly, Ukrainian fighter pilots who had mistaken the airliner for the Russian presidential aircraft.

Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.The Intel Management Engine (ME) is a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside the chipset. It is an extra general purpose computer running a firmware blob that is sold as a management system for big enterprise deployments.When you purchase your system with a mainboard and Intel x86 CPU, you are also buying this hardware add-on: an extra computer that controls the main CPU. This extra computer runs completely out-of-band with the main x86 CPU meaning that it can function totally independently even when your main CPU is in a low power state like S3 (suspend).On some chipsets, the firmware running on the ME implements a system called Intel's Active Management Technology (AMT). This is entirely transparent to the operating system, which means that this extra computer can do its job regardless of which operating system is installed and running on the main CPU.The purpose of AMT is to provide a way to manage computers remotely (this is similar to an older system called "Intelligent Platform Management Interface" or IPMI, but more powerful). To achieve this task, the ME is capable of accessing any memory region without the main x86 CPU knowing about the existence of these accesses. It also runs a TCP/IP server on your network interface and packets entering and leaving your machine on certain ports bypass any firewall running on your system.While AMT can be a great value-add, it has several troubling disadvantages. ME is classified by security researchers as "Ring -3". Rings of security can be defined as layers of security that affect particular parts of a system, with a smaller ring number corresponding to an area closer to the hardware. For example, Ring 3 threats are defined as security threats that manifest in “userspace” mode. Ring 0 threats occur in “kernel” level, Ring -1 threats occur in a “hypervisor” level, one level lower than the kernel, while Ring -2 threats occur in a special CPU mode called “SMM” mode. SMM stands for System-Management-Mode, a special mode that Intel CPUs can be put into that runs a separately defined chunk of code. If attackers can modify the SMM code and trigger the mode, they can get arbitrary execution of code on a CPU.Although the ME firmware is cryptographically protected with RSA 2048, researchers have been able to exploit weaknesses in the ME firmware and take partial control of the ME on early models. This makes ME a huge security loophole, and it has been called a very powerful rootkit mechanism. Once a system is compromised by a rootkit, attackers can gain administration access and undetectably attack the computer.On systems newer than the Core2 series, the ME cannot be disabled. Intel systems that are designed to have ME but lack ME firmware (or whose ME firmware is corrupted) will refuse to boot, or will shut-down shortly after booting.There is no way for the x86 firmware or operating system to disable ME permanently. Intel keeps most details about ME absolutely secret. There is absolutely no way for the main CPU to tell if the ME on a system has been compromised, and no way to "heal" a compromised ME. There is also no way to know if malicious entities have been able to compromise ME and infect systems.A large portion of ME's security model is "security through obscurity", a practice that many researchers view as the worst type of security. If ME's secrets are compromised (and they will eventually be compromised by either researchers or malicious entities), then the entire ME security model will crumble, exposing every recent Intel system to the worst rootkits imaginable.Around 2013, we figured out some of the nitty-gritty details regarding how the ME firmware was packaged up into a blob. The ME firmware is verified by a secret boot ROM embedded in the chipset that first checks that the SHA256 checksum of the public key matches the one from the factory, and then verifies the RSA signature of the firmware payload by recalculating it and comparing to the stored signature. This means that there is no obvious way to bypass the signature checking, since the checking is done by code stored in a ROM buried in silicon, even though we have the public key and signature. However, there still might be an exploitable bug in the ROM bootloader.We also discovered that the critical parts of the ME firmware are stored in a non-standard compressed format, which gets decompressed by a special hardware decompressor. My initial attempts to brute-force the decompression scheme failed miserably. Another group had better success and they have now completed a working decompression routine for all versions of ME up to but not including version 11. Kudos to them!Our goal is to implement a completely libre software replacement for ME. When the implementation of such a security-critical component is available for scrutiny, it will be peer-reviewed and audited by persons around the world. This generally results in stronger security.Our goal isn't to replace Intel's ME, but to provide a minimal libre alternative firmware for users who choose to use it. Unfortunately, since the firmware is protected by RSA 2048, we currently have no way to execute our own code on the ME hardware because it fails validation. We have no way to move forward, even if we wanted to.This is scary. Most digital handcuffs are so easy to break that it's not an issue how to break it, more so an issue of the penalty one might face for actually breaking it. In this case, it is impossible to break unless you have a way to factorize semi-primes with approximately 600 decimal digits in a reasonable time. (At the time of writing this article, pretty much impossible in one human lifetime for anyone with the biggest supercomputer).So in conclusion, Intel has so far stopped anyone from tinkering with ME firmware in practice, and there is no way to trust the code running on your ME because it's proprietary. So we are back to the days of the Sony Playstation, but for general purpose computers based on Intel x86. Matters only get worse now that Intel has squeezed a whole system into a chip, SoCs. We have no physical separation between the components that we can trust and the untrusted ME components, so we can't even cut them off the mainboard anymore.Below is a highly simplified diagram describing how some of the older ME hardware fits into a system:Personally, I would like if my ME only did the most basic task it was designed for, set up the bus clocks, and then shut off. This way, it would never be able to talk out of the network card with some of my personal data. I refer to the ME as the Damagement Engine, since it is a hardware add-on that damages your security.(Banner: PIC12C508-HD, ZeptoBars, CC-BY; Diagram, CC0)Who really hacked the DNC?056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1117Earlier this week Crowdstrike, a security company hired by the Democratic National Committee, announced that the party’s servers had been deeply penetrated by hackers working for the Russian government, who had made off with many sensitive files, including the DNC’s Trump oppo research spreadsheet.READ THE RESTGet a 2-Pack of Two-Meter MFi-Certified Lightning Cables, Now 77% offWe all love our iPhones and iPads. But if there’s one thing about them we don’t like, it’s their dang charging cables. It seems like they’re barely out of the box before they’re peeling, frayed, and ultimately unusable. Replacing any Apple product – even charging cables – usually comes at a premium price. Thankfully, we’re looking out […]READ THE REST

A confidential FBI alert shows that government hackers are still roaming through US government networks..../...The FBI wouldn’t comment on the alert, only saying that it was just another example of a routine notice to private partners, “provided in order to help systems administrators guard against the actions of persistent cyber criminals.”This group of “persistent cyber criminals” is especially persistent. The group is none other than the “APT6” hacking group, according to sources within the antivirus and threat intelligence industry. There isn’t much public literature about the group, other than a couple of old reports, but APT6, which stand for Advanced Persistent Threat 6, is a codename given to a group believed to be working for the Chinese government.“This is one of the earlier APTs, they definitely go back further than 2011 [...] more like 2008.”

The possibility of a cyberattack on critical infrastructure such as America’s electric power worries National Security Agency (NSA) Director Admiral Michael Rogers, who told a cyber security conference that it’s a “matter of when, not if” hackers successfully attack America’s power grid.The US eventually will suffer a cyber assault like the one that knocked out power in the Ukraine, Rogers told an audience at the RSA Conference in San Francisco in early March. During that attack hackers used the Black Energy cyber weapon to literally turn the lights out on more than 200,000 people across the region.

Backdoors For Good Guys Only is pliable material for chest-thumping politicians, but legitimate leaders must have the courage to tell the plain truth: It won’t work, it’ll only hurt good people.

On my last morning in Davos, I spotted one of those telepresence robots — the kind Sheldon uses in Big Bang Theory and the kind Edward Snowden has used for interviews and speeches — and fantasized about hacking into it to enable Snowden himself to appear in the halls of the annual meeting of the World Economic Forum.That would be be appropriate, for this struck me as the post-Snowden Davos. It took a few years to sink in, but the results of Snowden’s work and his name — although mostly mumbled or hushed — came up time and again during last week’s do. Trust, transparency, surveillance, encryption, security — his impact echoed in subject after subject. To me, this is further evidence that Edward Snowden is no spy, no traitor, no hacker, no criminal, and more than a whistleblower. Edward Snowden is a policymaker as influential as most anyone invited to the clubhouse of the rich and powerful.