Summary: Much of the hooplah about the possible involvement of foreign intelligence in digital certificate-forging is probably foreign governments wishing they had the level of access to citizen data that ours does (and we won’t share). The second in a series by guest author Marcus J. Ranum discussing cyberwar — perhaps one of the major forms of war in the 21st century.
Article deleted at author’s request.
(6) For more information about cyberwar
(a) About this incident:
- DigiNotar Certificate Authority breach “Operation Black Tulip”, Interim Report by FOX-IT, 5 September 2011 — FOX-IT are security consultants hired to investigate this incident.
- “Fake DigiNotar web certificate risk to Iranians“, BBC, 5 September 2011
- “Dutch Government Struggles to Deal With DigiNotar Hack“, PC World, 7 September 2011
- “SSL Certificate Authority Recall Grows“, eSecurity Planet, 7 Spetember 2011 — “Mozilla issues yet another Firefox update for SSL issues as certificate authority risks mount beyond DigiNotar.”
- “DigiNotar Certificate Authority Breach Crashes e-Government in the Netherlands“, IEEE Spectrum, 9 September 2011
(b) About cyber-snooping by the US government:
- “Certifed Lies: Detecting and Defeating Government Interception Attacks Against SSL“, Christopher Soghoian (Indiana U – Bloomington) and Sid Stammy, working paper posted at SSRN, 16 April 2010
- Article about VeriSign (“Trust is the Foundation of Every Human Relationship”): “VeriSign sells digital certification services and runs the Internet registry, thus is well prepared to sell private information on its all-too-trusting customers and to assist ISPs and wireless providers in the business of betrayal, though it is hardly alone in spying boomtime.”
- Facebook Subpoena / Search Warrant Guidelines
- “Patriot Act – The kitchen-sink approach to national security“, Benjamin Wallace-Wells, New York, 27 August 2011
- A Review of the FBI’s Use of Exigent Letters and Other Informal Requests for Telephone Records, Office of the Inspector General of the US Department of Justice, January 2010
- A thread for the tinfoil hatters: “Beware Verisign has a security breach“, DN Forum, 2003
.
.
“Air traffic system vulnerable to cyber attack“, New Scientist, 12 September 2011 — “A next-generation global air traffic control system is vulnerable to malicious hacks that could cause catastrophe.” Opening:
AN ALARM blares in the cockpit mid flight, warning the pilot of an imminent collision. The pilot checks his tracking display, sees an incoming aircraft and sends the plane into a dive. That only takes it into another crowded air lane, however, where it collides with a different plane. Investigators later discover that the pilot was running from a “ghost” – a phantom aircraft created by a hacker intent on wreaking havoc in the skies.
It’s a fictional scenario, but US air force analysts warn that it could be played out if hackers exploit security holes in an increasingly common air traffic control technology.
At issue is a technology called Automatic Dependent Surveillance – Broadcast (ADS-B), which the International Civil Aviation Organisation certified for use in 2002. Gradually being deployed worldwide, ADS-B improves upon the radar-based systems that air traffic controllers and pilots rely on to find out the location and velocity of aircraft in their vicinity. …
The problem with the article is that it doesn’t show any kind of sensible understanding of security. Which makes me (always) suspicious. They are worried that someone could degrade the signals with a jammer near the tower? Sure, but you could also degrade the signals with a .22 rifle by just shooting a few holes in the cables leading to the antenna. Virtually all of our infrastructure is vulnerable to simple and effective rifle-based attacks and – because of how the infrastructure is distributed, it’s impossible to protect it. (Imagine how much damage 3 guys in 3 pickup trucks with 3 .300 win/mag rifles and scopes could do to a local power grid if they simply drove around shooting holes in transformers?) Yeah… and (unlike in a “cyber” attack, the damage would be costly to repair and there’s always the question of a lurking rifle-man…)
Also, the stuff about the communications being in the clear is – interesting but sort of bogus. The problem with crypto is that it only solves a fairly limited set of problems and they aren’t the kind of problems that an air traffic control system has. For an ATC system you need to be able to allow a “complete stranger” to participate in the communications, without having to exchange complex crypto keys, first. Otherwise, there is hardly any point in having one! So you could build a digital certificate system and “sign” the outbound messages but then the receivers would have to be pre-introduced into the system OR they would have the same problem as SSL, that they trusted anything that came in with a specific certificate, etc, ad nauseam.
This stuff is _hard_ and when I read a scary scary article that treats it as if it’s easy, I immediately smell a rat or a hidden agenda. There are a lot of “security researchers” that like to point out holes in stuff as a lead-in to getting fat consultant $$ fixing the holes. This article makes my spider-senses tingle.