Talk: Common crypto mistakes in Android

Date Tuesday, December 16, 2014 Time 11:00 AM
Speaker Isaac Potoczny-Jones


If you do a web search for “encrypting Strings in Android”, you’ll find a lot of example code, and they all look pretty similar. They definitely input a String and output gibberish that looks like encrypted text, but they are often incorrect. Crypto is tricky: it’s hard to tell that the gibberish that’s being printed is not good crypto, and it’s hard to tell that the code example you picked up from Stack Overflow has serious flaws.

The problem here is that sites like Google and Stack Overflow rank results based on popularity, but the correctness of crypto isn’t something we can vote about. It’s not a popularity contest. To use it correctly, you have to understand the properties of the algorithm and the security goals of your code. Maybe the bad crypto someone pasted up on the Internet was acceptable for their needs, but there’s a good chance it’s completely unacceptable for yours.

In this talk, we’ll discuss the use of a very common crypto algorithm, AES, and show how code examples on the Internet usually make serious mistakes in how they use AES libraries. What are the consequences of these mistakes and what are more reasonable defaults. We’ll also talk a bit about our simple Android library that tries to do AES right.

More information on the Tozny blog.

Encrypting strings in Android: Let's make better mistakes

If you do a web search for “encrypting Strings in Android”, you’ll find a lot of example code, and they all look pretty similar. They definitely input a String and output gibberish that looks like encrypted text, but they are often incorrect. Crypto is tricky: it’s hard to tell that the gibberish that’s being printed is not good crypto, and it’s hard to tell that the code example you picked up from Stack Overflow has serious flaws.

Read more on the Tozny blog, watch Isaac's talk on this topic and check out the Github repo for the AES library.

Godaddy's SSL certs don't work in Java - the right solution

Chrome and other browsers are phasing out SSL certificates that are implemented using the weak SHA-1 hash. As a result, SSL certificate authorities, like GoDaddy are also phasing out SHA-1 in favor of SHA-2. GoDaddy is one of the largest providers, at about 13% of all SSL certificates.

This means that GoDaddy had to switch to their SHA-2 root certificate and get it installed in all the major browsers, OSs, and other important clients. For some reason, it wasn’t installed in some versions of Oracle’s Java 7 or 8. This has caused some problem for Java clients.

Read more about the solution on the Tozny blog.

Blaming users for security incidents is counterproductive

The Associated Press has done some important research into the cause of cybersecurity incidents in the federal government. Unfortunately, they come to the wrong conclusion. They document the huge rise in security incidents, and then add:

"And [federal] employees are to blame for at least half of the problems."

Specifically, not because the employees are the hackers, but because

"They have clicked links in bogus phishing emails, opened malware-laden websites and been tricked by scammers into sharing information."

This is counterproductive. It blames end users for problems that the security community should be taking accountability for.

Read more on the Tozny blog.

Shellshock: Making sense of the question, “Am I vulnerable?”

It seems like such a simple question, “Am I vulnerable to Shellshock,” but it’s surprisingly complicated. Lots of Internet forums suggest pasting some magic code into your command line. If the code outputs “Vulnerable” then you need to upgrade. Unfortunately, it’s not that easy.

There’s an ongoing dance among security researchers, OS venders, the Bash authors, and attackers. Here’s what we know today (read more at the Tozny blog).

A Guide To Insider Threats

Insider attacks are particularly difficult to defend against. Insiders have internal knowledge of the network, and often know a system’s vulnerabilities. Even if they don’t violate security policies, they can perform authorized actions in a malicious way.

Read more at the Tozny blog.

Quote for the Oregonian: Feds accuse Chinese of stealing SolarWorld's data

I was recently quoted in The Oregonian for an article about industrial espionage.

Isaac Potoczny-Jones, a computer security expert with Galois Inc. in Portland, said spearphishing is a "rudimentary but extremely effective" hack. Unlike garden-variety spam promising millions in Nigerian lotto proceeds, sophisticated spear phishers make their emails appear legitimate, often with a familiar name in the sender box.

"It's a very asymmetrical problem," Potoczny-Jones said. "Those defending against cyber attacks have to get thousands of lines of code just right. Attackers have to find just one flaw."

Quote for Portland Business Journal: Heartbleed

I was recently quoted in the Portland Business Journal in an article about the HeartBleed vulnerability.

"The issue in cybersecurity in particular is the defenders have to defend all the points of entry and every line of code and the bad guys just have to find one flaw. When you implement methods to eliminate classes of problems that is helpful, this is a well known type of problem that has been around for a long time." -Isaac Potoczny-Jones

Heartbleed: A great time to think about incident response

Heartbleed is the nickname of a dangerous OpenSSL vulnerability that was just announced. A security update was already available before the announcement, and this is definitely a vulnerability where quickly patching makes a big difference. A fast response matters here because malware wasn’t in the wild yet, so many sites likely can prevent any negative consequences with quick action.

The necessity for rapid response to vulnerabilities illustrates why you should have an incident response procedure in place. An incident response procedure allows for a measured, planned response to a security incident like this one. In this blog post, we’ll walk you through the basics of putting together an incident response plan, mostly based on NIST’s incident response process.

Read more on the Galois blog.

Talk: Reinvent Law NYC - How passwords impact the legal profession

Isaac recently spoke at ReInvent Law NYC at The Great Hall, Cooper Union. A brief article and Twitter discussion on LXBN.

Cybersecurity has never been a more pressing concern for companies with troves of sensitive data. Law firms, especially, have been identified as needing to step their game up on this front because they are a supposed "weak link" for hackers. Isaac Potoczny-Jones of Galois explains why the password problem is going to keep getting worse.