Security breach?

[Glom]

Slight concern thinking about it.

I tried to login to my email on my phone from my parents' house yesterday (secured wifi). The login page was accessed from my bookmarks. Normally, the page has autocomplete options for the login form. But this one time, it didn't. I didn't think too much and put in my details anyway. I logged in without issue.

Thinking about it, could it have been a spoof website I got ensnared by?

Can't see any signs of strange activity yet.

[twik]

Sometimes the cookies for autologging in disappear. Not sure why, but it happens to me on occasion. Maybe the elves who really run the intertubes get peckish. If you accessed your site from a known bookmark I would think that's more likely what happened.

If you're concerned, change your passwords right away.

[Glom]

Only thing is the autocomplete was back this morning (and there are two accounts so I wasn't just a case of a new autocomplete cookie).

I really liked that password too.

[Glom]

New password sucks. I'm going to have a rethink.

[ka9q]

Sometimes the problem isn't that you've blown your cookies (so to speak), but that the website has made some change to its HTML (or its domain name) so that your browser client doesn't recognize it as a site to which it should automatically submit your stored user name and password.

Passwords are an abomination. They must die. If the events of this past year haven't convinced people of that, I don't know what will.

[Glom]

So how should we authenticate?

[ka9q]

Oh, I guess I should have explained that.

No authentication. Everything on the honor system. People are basically good.

Just kidding. Seriously, the only proper form of authentication these days is some form of challenge-response exchange where you can prove your possession of a secret without revealing that secret. This is what public-key cryptography is all about.

It should also go without saying that that secret must be randomly generated and large enough to thwart any hope of an automated brute-force guessing attack. (Human-chosen passwords rarely if ever qualify.)

Consider how credit cards without chips work. Every time you do business with a merchant, you are forced to give that merchant all the information he'd need, if he were dishonest, to impersonate you to another merchant. This is utter madness.

The chips change all that. They contain the secret part of a public-key pair along with a processor that executes the algorithm on the combination of external data and the secret key. The math is such that the response can be easily verified to have come from something that knows the secret key without the verifier knowing or being able to learn the secret. Furthermore, the protocols bind the chip's response to the specific verification request so the response can't be "replayed" in another transaction.

Needless to say, all the keys are large and randomly generated, so guessing them by brute force is out of the question -- unlike passwords, which human beings repeatedly prove themselves incompetent at producing and remembering.

There is absolutely no reason why we can't use public key authentication for everything. The chips on credit cards are specially designed to provide a high degree of physical security for the secret key (there's no way to read it out once programmed) but it is not absolutely necessary.

It is common practice to store secret keys on general purpose computers encrypted with a pass phrase memorized by the user in case the computer or storage device is stolen. This isn't ideal because computer operating systems can be hacked, but it is still a vast improvement over plain passwords. Even though the user is still required to pick and memorize a pass phrase, it is useless unless the attacker also has the encrypted key protected with that pass phrase. It is also common to encrypt the secret key for storage with a deliberately slow and complex algorithm to help thwart brute-force guessing of the pass phrase should the stored encrypted key be stolen by itself. This need not be an inconvenience for the user because the key only has to be decrypted once per session, although it is then potentially vulnerable if the computer is stolen while it is actively in use.

But now that chip cards are widespread, I see no reason why we can't also use them to secure our computers; nothing says they can only be used for financial transactions. Readers just aren't inherently expensive, and they can only get cheaper as they're mass produced for retail stores. Give me one I can plug into my computer's USB port, and I could easily use a card (probably distinct from all my debit and credit cards) to authenticate myself to any online service that supports public key authentication. But that's the trick -- getting all those services to do the right thing. It will probably have to start with the big e-commerce entities like the banks, Paypal, Amazon and eBay.

[Glom]

My passwords would take thousands of ages of the universe to brute force. They're quite long.

But with chip n pin for all authentication, we would still be dependent on a four digit pin.

[ka9q]

My passwords would take thousands of ages of the universe to brute force. They're quite long.

But with chip n pin for all authentication, we would still be dependent on a four digit pin.

If the secret key is stored inside the chip and nowhere else, and if the chip is physically and electrically designed to resist extraction of the secret key, then all the chip has to do is to deliberately slow the process of reading the pin and "unlocking" the secret key, usually increasing the delay after each unsuccessful attempt. It can also self-destruct after some number of incorrect attempts.

This is exactly how the Apple iPhone does it, though instead of a credit card chip I believe it's implemented in a special purpose processor connected to those performing the rest of the phone's functions. It was also at the center of the recent standoff between Apple and the FBI over the phones recovered from the San Bernardino terrorist shooters. The FBI wanted Apple to hack the security processor to remove the delay after each unsuccessful attempt, and to allow unlimited tries.

But even if the 4-digit pin is used to encrypt the secret key, the system is still vulnerable if its internal state can be read, e.g., by a scanning electron microscope. Then the trials can be performed on an emulator (a large general purpose computer array, or special hardware developed for the purpose) without any artificial slowdowns or limits. 10⁴ = 10,000, which is a tiny number by today's standards.

This is why the FBI/Apple showdown wasn't really the one we fear may still come. Had the owners of the phone used a much stronger pin, which the iPhone optionally supports, it would have been impossible for Apple to help the FBI recover it even if they had wanted to, even with the technology to read out the complete internal state. The FBI certainly must know this and may still push for legislation to ban the mere existence of such systems for everyone.

Fortunately, the tide seems to be turning. The former NSA and CIA director Gen. Michael Hayden is on record as disagreeing with the FBI; he argues (as do many of my colleagues and me) that we have much more to lose from the use of weak encryption by our economy than we have to gain by exploiting it in our adversaries. If I were cynical I'd say that's because the NSA has secretly figured out how to break everything but I don't think that's the case. I do think it's likely that they've found effective workarounds for specific instances (what Snowden revealed as "targeted systems operations" or something like that) and this presents much less of a threat to the general population.

[Glom]

Does anyone ever get phone calls but nothing on the other end when you answer?

It's really creepy.

[gwiz]

Does anyone ever get phone calls but nothing on the other end when you answer?

It's really creepy.

Been getting them for years.  Apparently some centres doing cold calls have computerised systems that dial several numbers at once, then only puts one of them through to a staff member, saves their staff having to waste time waiting for someone to pick up the phone.

[Zakalwe]

Yes, it's a badly configured predictive dialler at work. These systems predict when an agent will become free and dials the next customer victim. When it works, the agent is presented with a live person without waiting for the phone to ring and be answered.

[Glom]

That's what Ofcom say too.

Sounds sinister for the agent though. Straight off one call onto anothet without time for even a breath?

[Zakalwe]

Diallers can be configured in all sorts of ways...you can even have the agent record a number of greetings that the system plays to the dialled person. The agent can hear the recorded greeting if so configured which giv3s a breathing space. Or the dialler can be programmed to give the agent a period of "wrap up" time before the next call is presented.
Having said that, most of these calls are usually spam calls from offshore centres pretending to be from the "Windows Security Team", PPI or personal injury claims companies so the concern for their agents is rarely very high.

[gillianren]

That's what Ofcom say too.

Sounds sinister for the agent though. Straight off one call onto anothet without time for even a breath?

Often, yes.  Speaking as someone who's done that job, albeit briefly.  (Making cold calls gives me panic attacks, so they seldom even tried putting me on outbound.)  Any time spent not on the phone is time wasted, right?