Linux Kernel Multiple Remote Denial of Service Vulnerability
Linux Kernel Crypto API CVE-2014-9644 Local Security Bypass Vulnerability
Linux Kernel Crypto API CVE-2013-7421 Local Security Bypass Vulnerability
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

(credit: Juniper)

Juniper Networks, which last month made the startling announcement its NetScreen line of firewalls contained unauthorized code that can surreptitiously decrypt traffic sent through virtual private networks, said it will remove a National Security Agency-developed function widely suspected of also containing a backdoor for eavesdropping.

The networking company said in a blog post published Friday that it will ship product releases in the next six months that remove the Dual_EC_DRBG random number generator from NetScreen firewalls. Security researchers have known since 2007 that it contains a weakness that gives knowledgeable adversaries the ability to decrypt encrypted communications that rely on the function. Documents provided by former NSA subcontractor Edward Snowden showed the weakness could be exploited by the US spy agency, The New York Times reported in 2013.

A month after the NYT report was published, Juniper officials wrote in a knowledge base article that NetScreen encryption couldn't be subverted by the weakness because Dual_EC_DRBG wasn't the sole source for generating the random numbers needed to ensure strong cryptography. The Juniper post said NetScreen also relied on a separate random number generator known as ANSI X.9.31 that made it infeasible to exploit the Dual_EC_DRBG weaknesses. Random number generators are a crucial ingredient in strong cryptography. Their role is similar to the shaking of dice at a craps table and ensure that keys contain enough entropy to make them infeasible to guess or predict.

Read 5 remaining paragraphs | Comments


Proof of connection: the site check.torproject.org will show you if you're connected via Tor. (credit: Tor)

It's been quite a few months for the Tor Project. Last November, project co-founder and director Roger Dingledine accused the FBI of paying Carnegie Mellon computer security researchers at least $1 million to de-anonymize Tor users and reveal their IP addresses as part of a large criminal investigation.

The FBI dismissed things, but the investigation in question is a very high-profile matter focused on members of the Silk Road online-drug marketplace. One of the IP addresses revealed belonged to Brian Farrell, an alleged Silk Road 2 lieutenant. An early filing in Farrell's case, first reported by Vice Motherboard, said that a "university-based research institute" aided government efforts to unmask Farrell.

That document fit with Ars reporting from January 2015, when a Homeland Security search warrant affidavit stated that from January to July 2014, a “source of information” provided law enforcement “with particular IP addresses” that accessed the vendor-side of Silk Road 2. By July 2015, the Tor Project managed to discover and shut down this sustained attack. But the Tor Project further concluded that the attack resembled a technique described by a team of Carnegie Mellon University (CMU) researchers who a few weeks earlier had canceled a security conference presentation on a low-cost way to deanonymize Tor users. The Tor officials went on to warn that an intelligence agency from a global adversary also might have been able to capitalize on the vulnerability.

Read 59 remaining paragraphs | Comments

Internet Storm Center Infocon Status