Apology and clarification
First of all, I believe that I owe the cypherpunk community an apology for an error in judgement on my part. The message that I sent out yesterday regarding our demonstrations of a newly-discovered security threat was the exact same text that I sent to a far less technical audience. As such, I understand that many people on this list found the tone of my message to be insulting and offensive. I apologize, and I certainly didn't mean to insult anyone's intelligence. Having said that, please cut me a break. If you read my message as saying "FV has just invented keystroke sniffing" you've completely missed the real attack here. If you really think I'd throw away my reputation on a bogus claim like that, you're insulting *my* intelligence. My (charitable?) take on it is that a lot of people were so put off by the tone of my mass-market message that they leapt to the quick but erroneous conclusion that there was no underlying content. There is. The threat is NOT from keystroke sniffing per se, and we're certainly not claiming to have invented keystroke sniffing. However, we do have to *explain* keystroke sniffing in the public announcement, because it is a *part* of our attack, and most of the public does NOT already know that it's possible. What we at FV have done is to demonstrate how easy it is to develop an FULLY AUTOMATED attack that undermines the security of all software-based credit card commerce schemes. It is the automated aspect that separates it from all of the "dumpster-diving" attacks on credit card numbers which have previously been widely discussed, because it provides a path to large-scale fraud that has never been publicly discussed before, to my knowledge. The key "invention" in our approach is to integrate several techniques that are already well-known (in this community) into an automated attack that we consider to be devastating to commerce systems based on software-encrypted credit cards. Our approach combines the following four known problems into a fatal attack: 1) Consumer machines are insecure and easily compromised. 2) Keyboard sniffers are easy to write. 3) Credit card numbers are self-identifying (they have check digits) and can easily be extracted from a huge stream of input data. 4) Once intercepted, small amounts of information (e.g. a cc #) may be distributed completely tracelessly over the Internet. When you put all four of these together, you have an attack that IS new, in the sense that nobody we know of has ever mentioned it before, and which could in fact be used by a single criminal, with only a few weeks of programming, to tracelessly steal MILLIONS of credit cards, if software-encrypted credit-card schemes ever caught on. This is a very real threat. If you think we're just re-hashing keyboard sniffers, you haven't yet understood what we're demonstrating. The real threat is the traceless theft of millions of credit card numbers by a single easily mounted automated attack. So here's the factual claim, to be proven or disproven: One good programmer, in less than a month, can write a program that will spread itself around the net, collect an unlimited number of credit card numbers, and get them back to the program's author by non-traceable mechanisms. Does anyone on this list doubt that this is true? If so, I'd like to know the flaw in my thinking, -- I am *not* too proud to withdraw any claims that aren't true. If not, I think it's worth noting that this fact was previously completely unknown to the bankers and businessmen who are putting large sums of money at risk on the net. The only way to get the message to those communities is with a very visible public announcement of the kind you saw yesterday. -- Nathaniel -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
Excerpts from mail.cypherpunks: 30-Jan-96 Re: Apology and clarification Jamie Zawinski@netscape. (4170*)
Nathaniel Borenstein wrote:
What we at FV have done is to demonstrate how easy it is to develop an FULLY AUTOMATED attack that undermines the security of all software-based credit card commerce schemes.
You have done no such thing. You have written *one component* of that attack, and the easiest part of it at that.
Combine it with a virus, or self-replicating worm, and demonstrate that it is immune to all known virus checkers, and *then* you will have spoken the truth when you say you have "demonstrated" anything.
This is a particularly fascinating reaction, Jamie. As I see it, we have implemented every part of the attack that we can implement without doing anything that is either unethical or illegal. Is it your position that no systematic flaw in your security is real until someone has actually broken it? Actually, that position would in fact be quite consistent with your company's earlier implicit assertion that 40-bit encryption was sufficient (for international consumers) until somebody actually broke it, even though everyone who understood cryptography already knew otherwise.
You may think this is nitpicking, but the fact is, you're assuming that the implicit cooperation of some vast number of users in running your program is easy to obtain. I disagree with this assumption. If this assumption were true, then viruses would be a much bigger problem than the mere annoyance that they are today.
Nearly everyone with a computer has either been infected with a virus or knows somebody who has. There has never been a serious financial incentive for virus writers in the past, so they haven't ever been, for example, bankrolled by organized crime. They've been written by sociopathic hobbyists in the past. Your commerce mechanism gives them an incentive to turn pro. The average sophistication of Internet users is dropping every day, as the net continues to explode, and the ease of spreading malicious software is going up accordingly. Having said all that, I do agree with you 100% that the hardest part of the devastating, automated attack that we have outlined is in fact the infection vector. You are absolutely right about that. What we have shown is that the HARDEST part of stealing an unbounded number of credit cards transmitted using your company's preferred commerce mechanism is, in fact, the deployment of a virus or Trojan Horse. Unfortunately, as most personal computer users have long since realized, that just isn't that uncommon or hard to do.
*Computers* provide a path to large-scale fraud. So does the printing press. So does the telephone, and the postal system. So what. You still haven't proven that it's easy.
I suspect that the world's financial institutions will, by and large, be grateful that First Virtual doesn't share your belief that one has to wait for a criminal to break a system to be convinced that it is insecure. Show me an automated way to break the postal system in a large-scale way without getting caught, and then I'll be worried about it, too.
With as much work as you've put into this, someone could write a Microsoft Word document which when opened, would start dumping the contents of your hard disk into the mail.
Ooh, good point. We could probably use MS Word macros as the infection vector for our program. I like that idea. I'll add it to our list of potential ways this program could spread itself. However, the entire contents of your hard disk aren't of direct economic value. They're also hard to digest, and they're big enough to be likely to be noticed in transit (e.g. they can easily fill up mail spools if you mail 'em out). I'd much rather sift through your hard disk looking for credit card numbers, and then spirit them quietly off your machine. But I'd also install a keystroke sniffer if I suspected the user might be using your preferred mechanism to send out his credit card number.
It's not a matter of possibility. It's a matter of probability, and risk management. It's unlikely enough that I'm not afraid of using my credit card on the net. Tell me my credit card number, and I'll change my mind.
Hey, you're a smart guy. That probably means your machine is relatively hard to infect. A criminal would skip you and instead target the millions of consumers who were more easily infected. I didn't describe a scheme that could target one individual's credit card. I described a scheme that could steal millions of them indiscriminately.
All a banker needs to know is the amount of risk associated with the thing in which they are investing; they don't need to know how keyboard sniffers work.
The "trust us, we're experts" approach to security is only as good as the experts you trust, as you've just amply demonstrated. For my part, I'm happy to let the bankers hire independent experts study the attack we've outlined and reach their own conclusions. -- Nathaniel -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
Nathaniel Borenstein wrote:
What we at FV have done is to demonstrate how easy it is to develop an FULLY AUTOMATED attack that undermines the security of all software-based credit card commerce schemes.
You have done no such thing. You have written *one component* of that attack, and the easiest part of it at that. Combine it with a virus, or self-replicating worm, and demonstrate that it is immune to all known virus checkers, and *then* you will have spoken the truth when you say you have "demonstrated" anything. Heck, combine it with a screensaver as a trojan horse *and* collect a few hundred credit card numbers and *then* you will have demonstrated something. You've demonstrated nothing but your ability to write press releases, and print out some messages when fully-cooperating users submit to your "test." You may think this is nitpicking, but the fact is, you're assuming that the implicit cooperation of some vast number of users in running your program is easy to obtain. I disagree with this assumption. If this assumption were true, then viruses would be a much bigger problem than the mere annoyance that they are today.
It is the automated aspect that separates it from all of the "dumpster-diving" attacks on credit card numbers which have previously been widely discussed, because it provides a path to large-scale fraud that has never been publicly discussed before, to my knowledge. The key "invention" in our approach is to integrate several techniques that are already well-known (in this community) into an automated attack that we consider to be devastating to commerce systems based on software-encrypted credit cards.
This is the same kind of vaccuous reasoning that leads to things like the "concryption" patent. You have invented nothing. You've combined the painfully obvious and written a fearmongering rant about it. *Computers* provide a path to large-scale fraud. So does the printing press. So does the telephone, and the postal system. So what. You still haven't proven that it's easy.
This is a very real threat. If you think we're just re-hashing keyboard sniffers, you haven't yet understood what we're demonstrating. The real threat is the traceless theft of millions of credit card numbers by a single easily mounted automated attack.
With as much work as you've put into this, someone could write a Microsoft Word document which when opened, would start dumping the contents of your hard disk into the mail. The knee-jerk moral to *that* is to never store non-public information on a computer that has a network connected to it. However, reasonable people assess that risk, and decide to do it anyway, because the benefits outweigh the risk.
So here's the factual claim, to be proven or disproven: One good programmer, in less than a month, can write a program
Come now, right off the bat you know that no assertion taking that form can be *dis*proven.
that will spread itself around the net, collect an unlimited number of credit card numbers, and get them back to the program's author by non-traceable mechanisms. Does anyone on this list doubt that this is true?
It's not a matter of possibility. It's a matter of probability, and risk management. It's unlikely enough that I'm not afraid of using my credit card on the net. Tell me my credit card number, and I'll change my mind.
If not, I think it's worth noting that this fact was previously completely unknown to the bankers and businessmen who are putting large sums of money at risk on the net. The only way to get the message to those communities is with a very visible public announcement of the kind you saw yesterday.
All a banker needs to know is the amount of risk associated with the thing in which they are investing; they don't need to know how keyboard sniffers work. I don't believe you've demonstrated anything that changes the risk model that they have presumably already gotten from their flock of experts who they no doubt employed before investing in the net (experts who also no doubt know all about how viruses work, thank you very much.) == Jamie
Jeff Weinstein wrote:
I think that you are misinterpreting the intent of Jamie's posting, but I will let him defend himself.
Well I'm not particularly interested in arguing about this further (and I suspect this is true of most people reading this too :-)) but my point was: Nathaniel and crew have implemented the easy part (a tiny fraction) of a program which would successfully capture some large number of credit card numbers. Nathaniel thinks that what I'm characterizing as a tiny fraction of the work (the keyboard sniffer and pattern recogniser) is *most* of the work, and "demonstrates" the attack. I said that they have demonstrated nothing without some proof that combining this with an infection vector would yield the desired result, because I don't think that infecting some vast number of credit-card-using computers is any small task; whereas, Nathaniel says (or at least strongly implies) that it's trivial (or so close to trivial that it can be taken as a given.) Nathaniel said:
As I see it, we have implemented every part of the attack that we can implement without doing anything that is either unethical or illegal.
It's far from clear that you need to do something unethical or illegal to prove that coupling it with an infection vector would be effective. For example, you would no doubt agree that evesdropping on some unsuspecting user's transaction on an exportably-crippled SSL connection would be immoral. But it wasn't necessary to do anything immoral to demonstrate conclusively that such an attack was possible. It just required a little creativity, and a lack of handwaving.
Is it your position that no systematic flaw in your security is real until someone has actually broken it?
Of course not. You don't have to actually break it to show that it's possible. Of course, you *do* have to show the likelyhood of success and effort required to pull it off as well before it's interesting at all, whether it's theoretically possible or not. == Jamie
Nathaniel Borenstein wrote:
Excerpts from mail.cypherpunks: 30-Jan-96 Re: Apology and clarification Jamie Zawinski@netscape. (4170*)
Nathaniel Borenstein wrote:
What we at FV have done is to demonstrate how easy it is to develop an FULLY AUTOMATED attack that undermines the security of all software-based credit card commerce schemes.
You have done no such thing. You have written *one component* of that attack, and the easiest part of it at that.
Combine it with a virus, or self-replicating worm, and demonstrate that it is immune to all known virus checkers, and *then* you will have spoken the truth when you say you have "demonstrated" anything.
This is a particularly fascinating reaction, Jamie. As I see it, we have implemented every part of the attack that we can implement without doing anything that is either unethical or illegal. Is it your position that no systematic flaw in your security is real until someone has actually broken it?
Actually, that position would in fact be quite consistent with your company's earlier implicit assertion that 40-bit encryption was sufficient (for international consumers) until somebody actually broke it, even though everyone who understood cryptography already knew otherwise.
Actually that position would in fact be quite inconsistent with our more recent actions. For example we have implemented blinding code to protect against Paul Kocher's timing attack, even though it has not been demonstrated against any real world system. I think that you are misinterpreting the intent of Jamie's posting, but I will let him defend himself. I just wanted to say that the company takes security problems very seriously, even if there has not been an active exploit. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.
Excerpts from mail.cypherpunks: 1-Feb-96 Re: C'mon, How Hard is it t.. Jamie Zawinski@netscape. (2014*)
Is it your position that no systematic flaw in your security is real until someone has actually broken it?
Of course not. You don't have to actually break it to show that it's possible.
Of course, you *do* have to show the likelyhood of success and effort required to pull it off as well before it's interesting at all, whether it's theoretically possible or not.
OK, let's try this again: Is it your position that the hardest part of the attack we've outlined is the large-scale infection of consumer's machines with untrusted code, using a virus, Trojan Horse, or some other method? And that this attack is not serious because doing that is prohibitively difficult? If so, I agree with the first claim but not the second. But I'm really trying to get clear about your position here. -- Nathaniel -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
participants (3)
-
Jamie Zawinski -
Jeff Weinstein -
Nathaniel Borenstein