Hey! I'm David, a security engineer at the Blockchain team of Facebook, previously a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

# The ghetto way of extracting the private key of superfishposted February 2015

A realy entertaining piece by Errata Security where Robert Graham ghetto reverse the current controversial superfish of Lenovo.

The goal is to set the right break point before it actually infects your machine -- reversers have been known to infect themselves this way.

his ghetto way of reversing is first to infect himself with the "virus" and then using procdump to dump the process memory. Then dumping all the strings that the memory contains with the tool strings and voila. You have have the private certificate in the clear.

But the private certificate is protected by a passphrase. But apparently not, it was just protected by a password contained in the memory in clear as well...

I advise you to read the article, it comes with screenshots and nice commands that use text processing tools:

05/22/2013
paid the attacker $50k 05/29/2013 rewrote orders page paid attacker$50k weekly ransom $2M was stolen from my mtgox account by DEA 09/19 - 09/25/2013 red got in a jam and needed$500k to get out. ultimately he convinced me to give it to him, but I got his ID first and had cimon send harry, his new soldier of fortune, to vancouver to get $800k in cash to cover it. red has been mainly out of communication, but i haven't lost hope. Atlantis shut down. I was messaged by one of their team who said they shut down because of an FBI doc leaked to them detailing vulnerabilities in Tor. 09/30/2013 Had revelation about the need to eat well, get good sleep, and meditate so I can stay positive and productive. All of this sounds so surreal. He is making a huge amount of money for sure. A million dollars doesn't seem much for him. He is constantly buying servers and he seems to be coding a lot. He also seem like a normal dude. And here's a funny thread on who's Variety Jones comment on this story # Kleptography: hidding a private key in plain sightposted January 2015 from wikipedia: A kleptographic attack is an attack which uses asymmetric encryption to implement a cryptographic backdoor. For example, one such attack could be to subtly modify how the public and private key pairs are generated by the cryptosystem so that the private key could be derived from the public key. In a well-designed attack, the outputs of the infected cryptosystem would be computationally indistinguishable from the outputs of the corresponding uninfected cryptosystem. If the infected cryptosystem is a black-box implementation such as a hardware security module, a smartcard, or a Trusted Platform Module, a successful attack could go completely unnoticed. I've seen implementations of this in the wild, here on reddit (python) and here on lobsters (C#) comment on this story # Explanation of Shellshockposted January 2015 Here's an awesome explanation of shellshock: https://bitbucket.org/carter-yagemann/shellshock/src/f0a88573f912?at=master This repository contains useful documents which I have written to help educate the cybersecurity community on the "ShellShock" bash vulnerability. These documents are designed to help facilitate learning, including on how to identify possibly vulnerable services and how to remediate such vulnerabilities. It's actually the clearest explanation I've seen on the subject. Made by these guys from Syracuse: • Carter Yagemann • Amit Ahlawat comment on this story # One example of a crypto backdoor: NSA's backdoor in Lotus-Notesposted January 2015 Excellent finding from Adam Back. If I understand the article correctly, when exporting encrypted content with Lotus-Notes, 24 bits of the 64 bits key would be encrypted under one of the NSA's public key and then appended to the encrypted content (I guess). This would allow NSA to decrypt those 24 bits of key with their corresponding private key and they would then have to brute force only 40 bits instead of 64 bits. This shouldn't allow any bad attacker to get any advantage if they don't know the NSA's private key to decrypt those bits. And if they do acquire it, and they do decrypt 24bits of key, they would still have to have the computing power to brute force 40 bits of key. I have no idea what I'm talking about but I have the feeling the NSA might be the most powerful computing power when it comes to brute forcing ciphers. comment on this story # How facebook hash its passwordsposted January 2015 $cur  = 'plaintext'
$cur = md5($cur)
$salt = randbytes(20)$cur  = hmac_sha1($cur,$salt)
$cur = cryptoservice::hmac($cur)
[= hmac_sha256($cur,$secret)]
$cur = scrypt($cur, $salt)$cur  = hmac_sha256($cur,$salt)

the explanation is here

tl;dr: the md5 is here for legacy purpose, cryptoservice::hmac is to add a secret salt, scrypt (which is a kdf not a hash) is for slowing brute force attempts and the sha256 is here for shortening the output.

comment on this story

# Morse code in a pop songposted January 2015

Amazing article on the verge about how the army created a song hiding a message ("19 people rescued. You’re next. Don’t lose hope") so that hostages of the FARC could hear it on the radio.

This is a genius idea for concealing a message! Not really crypto, but kinda cool none the less. I knew about Stenography and I also posted about transforming your message into spam as a way of hiding your message, but this is cool on a different level. Even the song is catchy ^_^

There was this disturbing video of a captive soldier in a North Vietnamese prison who when forced to do a fake interview, blinked the Morse Code 'T-O-R-T-U-R-E'.

comment on this story

# Faster Pythonposted December 2014

Zokis wrote some tests on python, showing that a difference in declarations and simple syntax do have implications in the size of the program and the rapidity of execution.

For example writing a, b = 0, 1 seems faster than doing a = 0 then b = 1 Using chained conditions like a < b < 0 seems faster than doing a < b and b < 0 etc... you can find all the tests here

The differences seem negligible though. dis and timeit were used to quantify the tests.

Also here are two useful python arguments:

python -c cmd : program passed in as string (terminates option list)

# python -c "print 'haha'"
haha

-i : inspect interactively after running script; forces a prompt even
if stdin does not appear to be a terminal; also PYTHONINSPECT=x

# python -i -c "a = 5"
>>> a
5
comment on this story

# Did Korea hacked Sony?posted December 2014

According to the US government, yes they did:

the FBI now has enough information to conclude that the North Korean government is responsible for these actions

What do security experts think about that?

Here's a piece from Marc Roger called No, North Korea Didn’t Hack Sony. So you can guess what the director of security operations for DEFCON and principal security researcher of Cloudflare is thinking.