Advanced Micro Devices may be willing to make custom ARM server chips for customers, much like it made custom chips for the Xbox One and PlayStation 4 game consoles.

The first large-scale analysis of a fundamental type of software known as firmware has revealed poor security practices that could present opportunities for hackers probing the "Internet of Things."

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read 2 remaining paragraphs | Comments

Apple pioneered the use of 64-bit processors in smartphones, but Nvidia claims its 64-bit Denver chip will be even faster when it appears in devices later this year.

Read 8 remaining paragraphs | Comments

The popularity of Chromebooks in school districts may be the main reason they're seeing strong year-to-year growth.

Dropbox has improved the search engine of its Android application, as well as given it a document preview feature.

I recently had the opportunity to speak with two representatives from the Netherlands-based security research firm Fox-IT--Maurits Lucas, InTELL Business Director, and Andy Chandler, VP of WW Sales & Marketing. Collectively, the two shared an in-depth story of cybergang warfare suitable for Hollywood.

Sen. Charles Schumer (D-N.Y.) wants the U.S. Federal Trade Commission to investigate the data gathering and sharing practices of makers of personal fitness devices and applications.

Mozilla Firefox/Thunderbird CVE-2014-1551 Use After Free Memory Corruption Vulnerability

In a new trend, Windows tech support scams have gone home-grown, with twists that include bogus warnings from malicious websites urging users to call a toll-free number for "help."

Bitcoin and other virtual currencies can expose users to a number of risks, including hackers and scammers trying to take advantage of hype surrounding the technology, a U.S. consumer protection agency warned Monday.

The number of phishing sites was up 10.7-percent as of Q1 this year (over last year) while at the same time almost 32.7-percent of PCs globally were infected with malware, including adware and spyware, indicating that phishing is an increasing issue for the enterprise, according to a report from the Anti-Phishing Working Group of the Internet Engineering Task Force.

After three years of poring over how customers used its first mobile app, SeaWorld Parks and Entertainment recently rolled out a new set of apps designed to engage park visitors with a more personalized, interactive experience.

Google is joining forces with five Asian telecommunications firms to build and operate an underwater cable system from the U.S. to Japan to support rising bandwidth usage and better link its data centers in other parts of the world.

Motorola Mobility has made an unexpected comeback thanks to its popular Moto G and Moto E smartphones, but increased competition and its looming acquisition by Lenovo make the future far from certain.

Oracle has sued Oregon for breach of contract, seeking more than US$20 million in fees the state is withholding for its work on Cover Oregon, a troubled insurance exchange website developed as part of President Barack Obama's health care policy overhaul.

Laptops and tablets should get longer battery life and better performance with Intel's fifth-generation Core chip family, code-named Broadwell, due to go into devices by the end of the year.

IBM has purchased Lighthouse Security Group and plans to combine it with another recent acquisition to build a set of identity management software and services.

To make a better optical fiber for transmitting laser beams, the first idea that comes to mind is probably not a nice long hydrogen bath.Micrograph of an optical fiber that has been infused with hydrogen and cured with ultraviolet light ...

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability

Mozilla Firefox/Thunderbird CVE-2014-1552 Same Origin Policy Security Bypass Vulnerability

Hoping to cover all its bases in the emerging Internet-of-Things market, Microsoft is proffering a helping hand to 'makers,' DIYers, hardware hackers and other builders of things that may one day end up on the Internet.

Drupal XML-RPC Endpoint XML Entity Expansion Denial of Service Vulnerability

Drupal Views Module Handler Access Bypass Vulnerability

The corporate firewall is like a dike keeping out a raging sea of malware. Where does it all come from?

If you're an iPhone or iPad user, you probably know that iOS app icons dance around when you tap and hold a finger on them to move or remove one. They do a little jig, hoping to entertain you and thereby save themselves from deletion.

Most of us have experienced the "career creepies," those moments of intense anxiety about our place in the work world. I had one of those a few months ago when The Associated Press said it would use computer-generated stories to supplement its coverage of corporate earnings announcements. Yikes! If a writer isn't safe from automation, who is?

LinuxSecurity.com: Several security issues were fixed in Kerberos.

LinuxSecurity.com: Libav could be made to crash or run programs as your login if it opened aspecially crafted file.

LinuxSecurity.com: Security Report Summary

LinuxSecurity.com: Security Report Summary

LinuxSecurity.com: Security Report Summary

LinuxSecurity.com: Security Report Summary

LinuxSecurity.com: A vulnerability in FreeType could result in execution of arbitrary code or Denial of Service.

LinuxSecurity.com: Security Report Summary

LinuxSecurity.com: Security Report Summary

Wireshark ASN.1 BER Dissector CVE-2014-5165 Denial of Service Vulnerability

Acer is cranking up graphics in its latest Chromebook 13, a 13.3-inch laptop that has an processor capable of rendering 4K video.

Atos's offer to acquire servers and services specialist Bull has been approved, making it possible for the company to beef up its security and cloud computing offerings.

[SECURITY] [DSA 3004-1] kde4libs security update

[SECURITY] [DSA 3003-1] libav security update

Microsoft's Devices Group has unveiled the Nokia 130, a mobile phone that costs just $25 but lacks an Internet connection and apps.

A former Microsoft finance manager was sentenced to two years in federal prison Friday after pleading guilty to an insider trading scheme that netted he and a partner more than $400,000.

[SECURITY] [DSA 3002-1] wireshark security update

MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend

[SECURITY] [DSA 3001-1] wordpress security update

[SECURITY] [DSA 3000-1] krb5 security update

A federal Judge Friday ruled that providing law enforcement with access to an entire email account in an investigation did not violate the Fourth Amendment to the U.S. Constitution that prohibits unreasonable searches and seizures of property.

Low-power wearables may soon bid adieu to batteries and start drawing energy generated by body heat and movement, and ambient energy from the environment.

Enterprises that keep the same CIO in place for years -- and even decades -- have a unique culture of collaboration and consistency.

Chip makers want to make hardware the first layer of defense against data breaches and other attacks on tablets and smartphones.

In last year or two, there has been a lot of talk regarding correct usage of SSL/TLS ciphers on web servers. Due to various incidents more or less known incidents, web sites today should use PFS (Perfect Forward Secrecy), a mechanism that is used when an SSL/TLS connection is established and symmetric keys exchanged. PFS ensures that, in case an attacker obtains the server’s private key, he cannot decrypt previous SSL/TLS connections to that server. If PFS is not used (if RSA is used to exchange symmetric keys), then the attacker can easily decrypt *all* previous SSL/TLS connections. That’s bad.

However, the whole process of choosing a cipher is not all that trivial. By default, the client will present its preferred cipher to use and as long as the server supports that cipher it will be selected. This is, obviously, not optimal in environments where we want to be sure that the most secure cipher will always be selected, so administrators quite often enable their servers so they get to pick the preferred cipher.

This allows an administrator to enable only ciphers he wants to have used, and additionally to define their priorities – the server will always try to pick the cipher with the highest priority (which should be “the most secure one”). Only if the client does not support that cipher, the server will move to the next one and so on, until it finds one that is supported by the client (or, if it doesn’t, the SSL/TLS connection will fail!).

This is good and therefore I started recommending web server administrators to configure their servers so that PFS ciphers are turned on. However, at several occasions I noticed that the administrators incorrectly set the preferred cipher suite order on the server. This can result in non-PFS cipher suites selected, although both the server and the client support PFS.

As mentioned previously, this happens because the client sends the list of the supported ciphers and the server picks "the strongest one" according to its preferred list. 
SSL Labs' (https://www.ssllabs.com/ssltest) shows this when testing with reference browsers, but I wanted to be able to check this myself, from command line, especially when I'm testing servers that are not reachable to SSL Labs (or I don't want them to see the results).

So I modified the Nmap's ssl-enum-ciphers.nse script to list preferred ciphers in addition to just enumerating ciphers. I use this script a lot to list the supported ciphers, but I was missing the preferred ciphers list. Let’s take a look at the following example:

$ nmap -sT -PN -p 443 127.0.0.1 --script ssl-enum-ciphers.nse
Starting Nmap 6.46 ( http://nmap.org ) at 2014-08-11 09:15 UTC
Nmap scan report for 127.0.0.1
Host is up (0.00021s latency).
PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   SSLv3: No supported ciphers found
|   TLSv1.0:
|     ciphers:
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|     preferred ciphers order:
|       TLS_RSA_WITH_AES_128_CBC_SHA
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
|     compressors:
|       NULL

Now, things get interesting. You can see that the server supports the PFS ciphers (those starting with TLS_DHE are the PFS ciphers) in the original list ( in green). However, take a look at the preferred cipher list (in red). Since the TLS_RSA_WITH_AES_128_CBC_SHA is the preferred cipher by the server, absolutely every browser today (Mozilla, Chrome, IE, Safari) will end up using this cipher – since they all support it. So, even though PFS ciphers are enabled, they will never get used!

Of course, this is an error in the web server’s configuration. Let’s fix it so the PFS ciphers have higher priority and rerun the nmap script:

$ nmap -sT -PN -p 443 127.0.0.1 --script ssl-enum-ciphers.nse
Starting Nmap 6.46 ( http://nmap.org ) at 2014-08-11 09:15 UTC
Nmap scan report for 127.0.0.1
Host is up (0.00021s latency).
PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers:
|   SSLv3: No supported ciphers found
|   TLSv1.0:
|     ciphers:
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|     preferred ciphers order:
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_AES_128_CBC_SHA
|       TLS_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
|     compressors:
|       NULL

Much better! Now the PFS ciphers are preferred and most browser will use them. We can even confirm this with SSL Labs – all relatively new browsers, that support PFS will pick those ciphers.

So, if you want to use this script to test your servers, you can find it at https://github.com/bojanisc/nmap-scripts - please report any bugs to me.

Finally, I also submitted it to Nmap so hopefully it will get added into the official distribution. There is a bug that Daniel Miller noticed – in case a server supports more than 64 ciphers, and the server is running on Microsoft Windows, the script will fail to list the preferred ciphers.

The reason for this is that, when a client connects, Microsoft (the Schannel component I presume) takes into account only the first 64 ciphers listed by the client. The other ciphers are ignored. This is the reason why the original ssl-enum-ciphers.nse Nmap script splits ciphers into chunks of 64. No idea why Microsoft did it this was (since the spec says that the client can include as many as it wants). However, it’s clearly a problem.

Now, I haven’t seen any web servers that support more than 64 ciphers in the wild – let me know if you find one. Additionally, according to this article: http://msdn.microsoft.com/en-us/library/windows/desktop/bb870930%28v=vs.85%29.aspx, the list of cipher suites on Windows is limited to 1023 characters.
Since most cipher names are 20+ characters, this could mean that you can't really have more than ~50 ciphers active on a Windows machine - I haven't tested this though.

 

--
Bojan
[email protected]
INFIGO IS

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.