FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
[My apologies in advance if you see several copies of this message. I am posting this fairly widely due to the severity and importance of the problem described.] As you may already have heard via the popular press, First Virtual Holdings has developed and demonstrated a program which completely undermines the security of every known credit-card encryption mechanism for Internet commerce. This is a very serious matter, and we want to make sure that the Internet community is properly informed about the nature of the problem that we have uncovered, and the manner in which we have made the information known. In this (unavoidably lengthy) post, I will try to explain the nature of the problem and its implications for Internet commerce. In deference to those who are not technically oriented, the detailed explanation of how the attack works will be the LAST part of this message. First of all, let me be perfectly clear about the nature of the problem we have exposed. It is NOT a bug in a single program, and it is therefore NOT something that can be fixed with a "patch" or any other kind of software upgrade. Instead, we have demonstrated a very general attack that undermines ALL programs that ask users to type a credit card number into their home computer. We have tested the program and confirmed that it undermines the security of the credit card encryption software from Netscape and Cybercash, and we expect that it will work similarly for ANY future software based on the encryption of credit card numbers on the desktop. Quite simply, we believe that this program demonstrates a FATAL flaw in one whole approach to Internet commerce, and that the use of software to encrypt credit card numbers can NEVER be made safe. For consumers, we recommend the following simple rule: NEVER TYPE YOUR CREDIT CARD NUMBER INTO A COMPUTER. We should also be clear about the Internet commerce mechanisms that are NOT affected by this problem. First Virtual is unaffected because we never ask the user to put a credit card number at risk by typing it into a computer. Hardware-based solutions can also be devised that are immune to this attack, including solutions based on smart cards and solutions based on "card swipe" machines in the home. We believe that current digital cash solutions are also not vulnerable to this attack, although some variants of digital cash may be vulnerable to a similar form of attack. Commerce mechanisms based on the use of telephones or fax machines to transmit credit card numbers are also unaffected by this kind of attack. Other proposed commerce mechanisms should, from now on, be evaluated with this kind of attack in mind. The bottom line: INTERNET COMMERCE CAN BE VERY SAFE, WITH SEVERAL DIFFERENT MECHANISMS, BUT ENCRYPTING CREDIT CARDS ON THE DESKTOP IS NOT ONE OF THE SAFE MECHANISMS. It's important to understand why we have taken this step. Obviously, as the long-time leaders in Internet commerce, the last thing we would want to do is to undermine general confidence in Internet commerce. However, we realized that many people believed that credit card encryption was a safe and easy path to Internet commerce, and that very few people understood how easily it could be undermined. Upon investigation, we were frankly startled to realize just how easy it was -- a single programmer got the first version of our program running in about a week. Aside from our obvious interest in promoting our own commerce mechanism, we felt that we had an ethical obligation to bring this problem to the attention of the consumers, banks, and other financial institutions who could conceivably suffer catastrophic losses if software encryption of credit card numbers became widespread. We also realize that we have an obligation to do everything possible to avoid helping any unscrupulous people who might seek to utilize this flaw for malicious purposes. We have accordingly been extremely responsible in how we have handled our discovery. We first demonstrated and explained our program to vital organizations such as CERT (the Computer Emergency Response Team) and the ABA (American Banking Association). Only after many such private disclosures, none of which revealed any defense against our technique, did we publicly disclose the existence of this program. In addition, we have taken several steps to "cripple" our demonstration program, all of which will be discussed below. Furthermore, we have NOT made the program itself generally available. We are currently demonstrating it to selected financial institutions and government agencies, and will provide copies of the program only to CERT and a few other independent security-minded organizations. We have also alerted Netscape to the problem as part of their "bugs bounty" program. At some future date, we might conceivably distribute the program, in binary form on CD ROM, to selected financial institutions. The source code will always be very closely guarded. Unfortunately, however, the general method of attack is extremely easy to duplicate, and we don't know of any good way to alert the public to the problem without explaining it. THE TECHNIQUE Our basic approach was to write a computer program that runs undetected while it monitors your computer system. A sophisticated version of such a program can intercept and analyze every keystroke, mouse-click, and even messages sent to your screen, but all we needed was the keystrokes. Selectively intercepted information can be immediately and secretly transmitted via Internet protocols, or stored for later use. First Virtual's research team has built and demonstrated a particular implementation of such a program, which only watches for credit card numbers. Whenever you type a credit card number into your computer -- even if you are talking to "secure" encryption software -- it captures your card number. Our program doesn't do anything harmful with your credit card number, but merely announces that it has captured it. A malicious program of this type could quietly transmit your credit card number to criminals without your knowledge. The underlying problem is that the desktop -- the consumer's computer -- is not secure. There is no way of ensuring that all software installed on the consumer's machine can be trusted. Given this fact, it is unwise to trust ANY software such as a "secure" browser, because malicious software could have easily been interposed between the user and the trusted software. The bottom line for consumers is that, on personal computers, INFORMATION IS INSECURE THE MOMENT YOU TOUCH A KEY. We have dramatically proven that security ends the moment you type sensitive information into your computer. The vulnerability lies in the fact that information must travel from your keyboard, into your computer's operating system, and then to your "secure" application. It can be easily intercepted along the way. This kind of insecurity is very frightening, and has implications far beyond credit card theft. However, credit cards embody and demonstrate the kind of information that is MOST vulnerable to this kind of attack. Credit card numbers are far more vulnerable to this kind of attack than most other forms of information because of the following particular characteristics of credit card numbers: -- Credit card numbers are easily recognized by simple pattern recognition. -- Credit card numbers are "one way" financial instruments, with no user-level confirmation or verification required for their use. -- Credit card numbers are of direct financial value. In short, credit card numbers are an almost perfect example of how NOT to design a payment instrument for an insecure public computer network such as the Internet. DETAILS: HOW TO TOTALLY UNDERMINE SOFTWARE ENCRYPTION OF CREDIT CARDS First Virtual's demonstration credit-card interception program, once installed, observes every keystroke that you type, watching for credit card numbers. It recognizes credit card numbers with almost perfect accuracy, because credit card numbers are specifically designed to match a simple, self-identifying pattern, including a check digit. Our program is even smart about punctuation and simple editing functions, so that nearly any credit card number that you type into your computer is immediately recognized as such by this program. When our program spots a credit card number, it immediately plays a warning sound and pops up a window on your screen, including an iconic representation of the type of credit card that you have just entered, along with a clear explanation of what has just happened. The current program works only on Microsoft Windows (Windows 3.1, Windows NT, and Windows 95), but we believe that it would be simple to implement on Macintosh and UNIX systems as well. The program doesn't exploit any "holes" or bugs in the operating system. It uses existing, necessary operating system facilities which are part of the published Windows API, and which are necessary for the implementation of screen savers, keyboard macros, and other important software packages. First Virtual's intent is to educate the public, certainly not to endanger it. For that reason, our program incorporates four important precautions intended to prevent any possibility of harm: 1) Our program is not self-replicating. While a malicious program exploiting the same security flaw could easily be embedded in a virus, spreading itself all over the world, that was not our goal. Instead, the program must be deliberately and manually installed on each computer on which it is to run. 2) Our program always puts up an icon on your screen when it is watching your keystrokes. This is certainly not necessary, and it is clear that a malicious program would be unlikely to do this. 3) Our program is easy to remove from your computer, and even offers an "Uninstall" button to the user. Obviously a malicious program would hide itself as well as possible, and make itself as hard to remove as possible. 4) Our program never transmits your credit card over the Internet. While a program using this approach could transmit your information to a criminal in a totally untraceable manner, we would never do anything like that. In fact, we erase your credit card number from our program's memory before we even tell you that we've seen it, thus making sure that the credit card number can't even be retrieved by an inspection of our program's memory. It is frankly difficult to overstate the severity of the problem demonstrated by our program. A clever criminal could use viral techniques to spread a malicious program based on the same approach, and would be no more likely to be caught in the act than the authors of any of the computer viruses that plague the world today. Once it detects a credit card number, a criminal program could use any of several techniques to send that number to the original criminal without providing any way to trace the criminal's receipt of it. (If you're skeptical about this claim, we'd prefer to talk with you privately, as we've never seen the "best" methods for doing this spelled out in public, and we would prefer to keep it that way.) Altogether, this means that if millions of credit card numbers were being typed into Internet-connected personal computers, a criminal could obtain a virtually unlimited supply of card numbers for his own use. In fact, for all we know this could already be happening today. The first visible sign of such an attack, if it were well-executed, would be a gradual rise in the overall rate of credit card fraud. POSSIBLE SOLUTIONS First Virtual believes that the flaw we have uncovered is fatal. In the foreseeable future, all commerce schemes based on software encryption of credit cards on the desktop are completely vulnerable to this sort of attack. The basic problem is that software encryption of credit cards is predicated on the notion of "trusted software". On the consumer computing platforms, however, general purpose operating system functionality makes it unwise to assume too strong a level of trust in such software. No operating system with anything less than military-grade security (B2) is likely to be safe from an attack such as this one. This does not mean that Internet commerce is dead. Any scheme that is not based on self-identifying one-way financial instruments such as credit cards will be essentially unaffected by this problem. Moreover, even credit cards may be made safe on the Internet using one of two approaches: secure hardware add-ons and the First Virtual approach. First Virtual's Internet Payment Systems never places the consumer's credit card number on the Internet. Instead, the consumer provides it to us by telephone when the account is opened. After that, all purchases are made using a "Virtual PIN". Virtual PINs are essentially Internet aliases for underlying payment mechanisms such as credit card numbers, but with several kinds of added security. Virtual PINs are free-form text, with no recognizable pattern, which makes them much harder to detect with the kind of attack we have just demonstrated. Moreover, Virtual PINs are only usable in conjunction with First Virtual's unique email verification process. No payment is made until the consumer confirms an email query, which means that defrauding First Virtual is a multi-step process that is extremely difficult to automate. (For more details, we recommend our paper, "Perils and Pitfalls of Practical CyberCommerce", available via ftp from ftp://ftp.fv.com/pub/nsb/fv-austin.txt.) The bottom line, once again, for those of you who have read this far: NEVER TYPE YOUR CREDIT CARD NUMBER INTO A COMPUTER. There's simply no other way to keep credit cards safe on the net. The program we have demonstrated completely undermines the security of all known programs that claim to handle credit card numbers safely on the Internet. -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
[general back-patting hysterical text elided]
Our basic approach was to write a computer program that runs undetected while it monitors your computer system. A sophisticated version of such a program can intercept and analyze every keystroke, mouse-click, and even messages sent to your screen, but all we needed was the keystrokes. Selectively intercepted information can be immediately and secretly transmitted via Internet protocols, or stored for later use.
"Sophisticated"? Any first-year comp sci student could do the same. Hooking into the keyboard interrupt is child's play. Reading the display memory is even easier. Who is this guy trying to bullshit, anyway?
First Virtual's research team has built and demonstrated a particular implementation of such a program, which only watches for credit card numbers. Whenever you type a credit card number into your computer -- even if you are talking to "secure" encryption software -- it captures your card number. Our program doesn't do anything harmful with your credit card number, but merely announces that it has captured it. A malicious program of this type could quietly transmit your credit card number to criminals without your knowledge.
The underlying problem is that the desktop -- the consumer's computer -- is not secure. There is no way of ensuring that all software installed
No shit.
on the consumer's machine can be trusted. Given this fact, it is unwise to trust ANY software such as a "secure" browser, because malicious software could have easily been interposed between the user and the trusted software.
Uh-huh. So, no one should ever use a computer ever again, if this nonsense is to be believed...
The bottom line for consumers is that, on personal computers,
Oh? So non-personal computers are secure?
INFORMATION IS INSECURE THE MOMENT YOU TOUCH A KEY. We have
OH-MY-GOD-PLEASE-FIRST-VIRTUAL-SAVE-ME-FROM-MY-EVIL-COMPUTER-AND-MAKE-THE- NET-SAFE-FOR-ONLY-YOUR-PRODUCTS!!
dramatically proven that security ends the moment you type sensitive
The only thing that this post "dramatically proves" is that the poster is an idiot. Double for his company. Even LD was never this stupid.
information into your computer. The vulnerability lies in the fact that information must travel from your keyboard, into your computer's operating system, and then to your "secure" application. It can be easily intercepted along the way.
This kind of insecurity is very frightening, and has implications far
Oh, yeah, please save me from my evil computer. Give me a break.
In short, credit card numbers are an almost perfect example of how NOT to design a payment instrument for an insecure public computer network such as the Internet.
Unless, of course, you use *our* products, services, etc.
DETAILS: HOW TO TOTALLY UNDERMINE SOFTWARE ENCRYPTION OF CREDIT CARDS
First Virtual's demonstration credit-card interception program, once installed, observes every keystroke that you type, watching for credit card numbers. It recognizes credit card numbers with almost perfect accuracy, because credit card numbers are specifically designed to match a simple, self-identifying pattern, including a check digit. Our program is even smart about punctuation and simple editing functions, so that nearly any credit card number that you type into your computer is immediately recognized as such by this program.
So what? Any first-year comp sci student could do the same.
First Virtual's intent is to educate the public, certainly not to endanger it. For that reason, our program incorporates four important precautions intended to prevent any possibility of harm:
First Virtual's apparant "intent" is to scare the public and panic people into believing that they, and only they, have some sort of "magic bullet" that will save us all from Evil Computer Geniuses. Just another scam to try and make money off of unsuspecting people by trying to scare them to death. Just another version of the "Good Times Virus".
It is frankly difficult to overstate the severity of the problem demonstrated by our program. A clever criminal could use viral
It is frankly difficult to overstate the idiocy of this post.
First Virtual believes that the flaw we have uncovered is fatal. In the foreseeable future, all commerce schemes based on software encryption of credit cards on the desktop are completely vulnerable to this sort of attack.
And the sky is falling, too...
The basic problem is that software encryption of credit cards is predicated on the notion of "trusted software". On the consumer computing platforms, however, general purpose operating system functionality makes it unwise to assume too strong a level of trust in such software. No operating system with anything less than military-grade security (B2) is likely to be safe from an attack such as this one.
Nonsense. This also implies that Windows, MS-DOS, NT, etc., are all some sort of "insecure platform" and they are presumably infected from the start. I suppose that when Bill Gates picks himself up off the floor from laughing, he just might send his lawyers after you. Maybe.
This does not mean that Internet commerce is dead. Any scheme that is not based on self-identifying one-way financial instruments such as credit cards will be essentially unaffected by this problem. Moreover, even credit cards may be made safe on the Internet using one of two approaches: secure hardware add-ons and the First Virtual approach.
Gee, why did I know this was coming?
There's simply no other way to keep credit cards safe on the net. The program we have demonstrated completely undermines the security of all known programs that claim to handle credit card numbers safely on the Internet.
With a Windows program? I guess it runs on every known platform, under every known OS. My, that *is* one hell of a program... I guess I'd better stop using my linux box .. it could've been infected with the "FV Windows Virus" ... hehehe -- Ed Carp, N7EKG Ed.Carp@linux.org, ecarp@netcom.com 214/993-3935 voicemail/digital pager 800/558-3408 SkyPager Finger ecarp@netcom.com for PGP 2.5 public key an88744@anon.penet.fi "Past the wounds of childhood, past the fallen dreams and the broken families, through the hurt and the loss and the agony only the night ever hears, is a waiting soul. Patient, permanent, abundant, it opens its infinite heart and asks only one thing of you ... 'Remember who it is you really are.'" -- "Losing Your Mind", Karen Alexander and Rick Boyes
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. Ed Carp@dal1820.computek (6730*)
With a Windows program? I guess it runs on every known platform, under every known OS. My, that *is* one hell of a program...
Actually, the Mac port is now complete. A UNIX port would be pretty trivial too. -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
My mailer insists that Nathaniel Borenstein wrote:
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. Ed Carp@dal1820.computek (6730*)
With a Windows program? I guess it runs on every known platform, under every known OS. My, that *is* one hell of a program...
Actually, the Mac port is now complete. A UNIX port would be pretty trivial too.
How about a NEXTSTEP port? Didn't think so. --- Paul M. Cardon -- I speak for myself. 'nuff said. MD5 (/dev/null) = d41d8cd98f00b204e9800998ecf8427e
-----BEGIN PGP SIGNED MESSAGE----- howdy folks, so what? fv has a keyboard sniffer... if you're going to d/l programs from the net and not pay attention to what's going on you'll always be at risk and a fool as well. for what it's worth, this sort of program could easily be used to get info more important than credit card numbers. passphrases and passwords of all kinds could be obtained leading to broken accts or worthless cryptography. additionally, this hardly has anything to do with netscape. this is not a 'bug' in netscape. it's a malicious program. the only way to prevent malicious programs from causing you problems is to know what your computer is doing; what it's loading when you boot and what data it sends through your phone lines when you're online. my $0.02... - -pjf "Those that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin (1773) zifi runs LINUX 1.3.59 -=-=-=WEB=-=-=-> http://zifi.genetics.utah.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Processed by mkpgp1.6, a Pine/PGP interface. iQCVAwUBMQ0zik3Qo/lG0AH5AQFGsAQAn7WVyjDVXDSOCZCRa1Df/AlCdyCPrCZu gpPhJqr1hFvHb83Cv/jSUrHIhCts6+RAl0vccfdHiwLJpkyqu2lLrfS1xNv3w7fU RWVsEJn8ePC8hRYrk92gYbdWLffZ3g493RSU9h0Suiuzee7neNdrB7bXQwcM9oT4 00GOJC+Wezk= =D7fF -----END PGP SIGNATURE-----
so what? fv has a keyboard sniffer...
if you're going to d/l programs from the net and not pay attention to what's going on you'll always be at risk and a fool as well.
for what it's worth, this sort of program could easily be used to get info more important than credit card numbers. passphrases and passwords of all kinds could be obtained leading to broken accts or worthless cryptography.
I'm quite amazed at the level of ... well ... how can I characterize it without insulting too many people? ... arrogance? ... Many of you would be amazed at what motivates the average person to buy or to use a computer. Most people, when asked about security, do not even have a concept, let alone how it applies in a computer environment. There is far more misinformation and miseducation among the average user than you might think. Not everyone understands why they need a modem in order to get onto the Internet. Not everyone understands why you need to sign up for an account with an ISV in order to get onto the Internet. (You would be amazed at how many people think that just buying a modem is good enough to get onto the Internet.) The response is typically, "I don't understand all that technobabble!" "Just give me something that works!" "This is too complicated!" If you think that the dumb user should be left to fight for his/her own survival on the information highway, you are easily condemning 75% to 90% of the current users. I am not entirely convinced that Borenstein is totally selfless in his (or FV's) announcement. However, the basis of his argument, while it may not apply to the cypherpunk community, has much merit in the real world. Try helping 100 random people with computers. Bet you 90 of them have trouble getting onto the Internet, period, let alone figuring how to run Netscape. There is a reason why AOL/CompuServe do very well caterring to those who are technically-challenged. Ern
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. zinc@zifi.genetics.utah. (1368*)
so what? fv has a keyboard sniffer...
It's considerably more than that. Please read on.
for what it's worth, this sort of program could easily be used to get info more important than credit card numbers. passphrases and passwords of all kinds could be obtained leading to broken accts or worthless cryptography.
Yes, but I think you've missed the main point, probably because we haven't made it clear enough. What's unique about credit card numbers is that they're very small amounts of data, self-identifying, and of direct financial value as a one-way financial instrument (i.e. with no confirmation process). The attack we've outlined -- and partially demonstrated -- is based on the combination of several known flaws: -- It's easy to put malicious software on consumer machines -- It's easy to monitor keystrokes -- It's trivial to detect credit card numbers in larger data streams -- It's easy to disseminate small amounts of information tracelessly We don't claim to have "discovered" any of these flaws. However, when you combine these known flaws, you have something new: a plan for stealing MILLIONS of credit card numbers without a trace. That's the new threat, and we think it's very real. The other kinds of information you mention are certainly all vulnerable to keyboard-sniffer attacks. But the unique aspects of credit card numbers make them particularly vulnerable to large scale automated theft by this kind of attack. I don't know of any other kind of sensitive information that is as easily recognized and as worthwhile to steal. Do you?
additionally, this hardly has anything to do with netscape. this is not a 'bug' in netscape.
the only way to prevent malicious programs from causing you problems is to know what your computer is doing; what it's loading when you boot and what data it sends
You're right, and I feel very bad about the fact that the article in the Merc made it sound like this was specifically targeting Netscape. While it's true that we submitted this to Netscape's "bugs bounty" program -- which is probably what created the Netscape angle in the story -- we really weren't targeting Netscape at all. We consider this flaw to be a very serious "design bug" in the whole software-encryption-of-credit-cards approach to Internet commerce. Netscape is just one of several companies that have gone down this path, but we think it's a very dangerous path, and one that Netscape, as a vendor of web browsers and servers, can do quite well without. it's a malicious program. No, ours is a demonstration program, not a malicious program. Our program never installs itself automatically, always puts up an icon when it's running, never does anything bad when it intecepts your credit card number, and is easy to un-install. However, it demonstrates a technique that could be used by a malicious program to do some very nasty things. through your phone lines when you're online. This is fine for you & me. But Internet commerce has to work for the hundreds of millions of non-technical consumers who are swarming onto the Internet. If someone emails them a program that purports to show them pretty pictures (dirty movies?) for free, how many of them will stop to try to make sure that this program isn't going to do something malicious in the process? The bottom line is that the consumer platform is never going to be a very safe place, so commerce mechanisms shouldn't assume that it is. We may not like that fact, but it's true nonetheless. -- Nathaniel
-----BEGIN PGP SIGNED MESSAGE----- On Mon, 29 Jan 1996, Nathaniel Borenstein wrote:
Date: Mon, 29 Jan 1996 16:14:14 -0500 (EST) From: Nathaniel Borenstein <nsb@nsb.fv.com> To: zinc <zinc@zifi.genetics.utah.edu> Cc: cypherpunks@toad.com Subject: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. zinc@zifi.genetics.utah. (1368*)
so what? fv has a keyboard sniffer...
It's considerably more than that. Please read on.
for what it's worth, this sort of program could easily be used to get info more important than credit card numbers. passphrases and passwords of all kinds could be obtained leading to broken accts or worthless cryptography.
Yes, but I think you've missed the main point, probably because we haven't made it clear enough. What's unique about credit card numbers is that they're very small amounts of data, self-identifying, and of direct financial value as a one-way financial instrument (i.e. with no confirmation process).
The attack we've outlined -- and partially demonstrated -- is based on the combination of several known flaws:
-- It's easy to put malicious software on consumer machines -- It's easy to monitor keystrokes -- It's trivial to detect credit card numbers in larger data streams -- It's easy to disseminate small amounts of information tracelessly
this program is not specific to credit card numbers. it sounds like it could have just as easily been written to watch for a login: or password: prompt and then record everything entered after that. the point is not that this can be done, the point is that users need tools that would check for programs like this running on their system. is fv making a 'fix' available? i would imagine a 'fix' would be a program that would look for tsr type programs (or inits on a mac) that do this sort of thing. this is the sort of thing that crypto can help with. there should be a site that PGP signs the programs available from their site. these signed programs will have been testing on the appropriate system and verified to be free of small malicious programs such as the one you describe. alternatively, the author themselves could PGP sign the app (this is already done) and this would be what users should d/l. it's disapointing to see the spin put on this by fv. instead of going with scare tactics, they could encourage PGP signatures and suggest solutions to this problem like the ones i mentioned above. in fact, fv could even volunteer to help set up a site where all software has been tested and signed by someone who has had their PGP key signed by fv, sort of an expansion of the web of trust. more of my $0.02.. - -pjf "Those that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin (1773) zifi runs LINUX 1.3.59 -=-=-=WEB=-=-=-> http://zifi.genetics.utah.edu -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Processed by mkpgp1.6, a Pine/PGP interface. iQCVAwUBMQ08Fk3Qo/lG0AH5AQGh6QP9EG5BLKZcV7vSxtfyJn0HLIWaXOHU4X9Q 5URRgN6XdDYWO/hZq5jEGEgZv9lm1xO5b0jjXb5MSlIQd0fR4hi3n2W9dTMza7/n ax42OTIyXAGZx/H/s0arSWwnST6AYaU60oEvnQ3/V86aJFgzvQaFZRiC256edVph jeQ1Gt/UwNU= =WYec -----END PGP SIGNATURE-----
the point is not that this can be done, the point is that users need tools that would check for programs like this running on their system. is fv making a 'fix' available? i would imagine a 'fix' would be a program that would look for tsr type programs (or inits on a mac) that do this sort of thing.
Of course they won't. FV's claimed "fix" is their product, which is a joke of appayment system. You actually think they would release a virus checker that would effectively hurt their FUD-based marketing?
it's disapointing to see the spin put on this by fv. instead of
Its not surprising, given FV's attitude. -- Sameer Parekh Voice: 510-601-9777x3 Community ConneXion, Inc. FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org/ (or login as "guest") sameer@c2.org
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. zinc@zifi.genetics.utah. (3361*)
this program is not specific to credit card numbers. it sounds like it could have just as easily been written to watch for a login: or password: prompt and then record everything entered after that.
Yeah, but the real payoff is in the automated theft of items of value, such as credit cards. Since that's the real payoff for criminals, it's also one of the biggest practical risks to watch for.
the point is not that this can be done, the point is that users need tools that would check for programs like this running on their system. is fv making a 'fix' available? i would imagine a 'fix' would be a program that would look for tsr type programs (or inits on a mac) that do this sort of thing.
That's why we've used terms like "fatal flaw" that have led to charges of overinflated rhetoric, but the truth is that THERE IS NO GENERAL WAY TO PREVENT THIS. Our program only uses standard OS hooks. There's no way to distinguish a general program of this type from a legitimate screen saver, keyboard macro package, etc. We could easily write a program that detects our demonstration program, but would good would that do? It wouldn't detect a malicious program using a similar approach. You can detect the last known attack, but not the next attack. That's why we say it is a fatal flaw for software-encrypted credit card numbers. I believe it truly is.
this is the sort of thing that crypto can help with. there should be a site that PGP signs the programs available from their site. these signed programs will have been testing on the appropriate system and verified to be free of small malicious programs such as the one you describe. alternatively, the author themselves could PGP sign the app (this is already done) and this would be what users should d/l.
Do you really believe that the average Internet consumer can be trained never to download any software before performing such checks? Do you really believe that the average Internet consumer can be trained in the proper management of his crypto keys that will make such a check meaningful? With nearly 100,000 paying customers, we're seeing first-hand what the average Internet consumer is like. We have seen customers who complain (seriously!) that they get so lost in our web pages that they have to reboot their machines. You want to explain key management to these people?
it's disapointing to see the spin put on this by fv. instead of going with scare tactics, they could encourage PGP signatures and suggest solutions to this problem like the ones i mentioned above. in fact, fv could even volunteer to help set up a site where all software has been tested and signed by someone who has had their PGP key signed by fv, sort of an expansion of the web of trust.
I'm very big on PGP signatures. In fact, the next major change scheduled in our commerce system functionality will be the addition of PGP signatures to the messages that FV sends to its merchants, which are A) the ones most worth forging, B) sent to merchants, who are more likely to be able to check them properly than consumers, and C) dependent on the integrity of only one party's keys (FV's), which will be changed VERY frequently. I don't think that a software repository site of the kind you mention will provide enough security to make credit cards on the desktop safe. It will certainly, however, make the people who use it safer than they would be without it. Having said that, I will that add we'd *love* to help set up a site like that, but we don't have deep pockets to simply fund it ourselves (yet). We'd be very interested in working with others, signing keys, providing some expertise, and so on. What you're really talking about here is an "underwriters lab" of the net. The big question is: who will pay for it? My guess is that you really have to end up having people subscribe to the site, and they'll need a safe way to pay for it. That's what we've been working on all along. -- Nathaniel
This sounds like nothing but a glorified keystroke sniffer like xkey. More importantly, however, if my system did get compromised, I would have bigger worries than my credit card number. I give my credit card number out to people every day, but no one knows my PGP or ssh passphrases, for example. You may argue that many people don't have source code to their OS's, so that viruses can spread more easily to them than to me. Well, many people don't do backups, either. Ask most people if they would rather divulge their credit card numbers or loose the entire contents of their hard drives, and I think the answer will most likely be the credit card number disclosure. This article looks like a cheap attention getting device for FV to get some free publicity. I am not impressed. David
Nathaniel Borenstein writes:
[My apologies in advance if you see several copies of this message. I am posting this fairly widely due to the severity and importance of the problem described.]
Followed by an hysterical essay on how FV has "discovered" the keyboard sniffer. Oh, please. You people should be ashamed of yourselves. -- Will
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. "W. Kinney"@bogart.Color (381*)
Followed by an hysterical essay on how FV has "discovered" the keyboard sniffer. Oh, please. You people should be ashamed of yourselves.
I trust you've seen by now that we made no claim to have discovered keyboard sniffers. Please read our claims more carefully, and I'd be delighted to discuss them rationally. -- Nathaniel
-----BEGIN PGP SIGNED MESSAGE-----
"Nathaniel" == Nathaniel Borenstein <nsb@nsb.fv.com> writes:
First, pray tell, what prevents me from writing a virus that patches, say, Eudora and Netscape, so they automatically reply to all FV-mails? Or, to quote your security FAQ:
To defeat this mechanism requires someone to steal a First Virtual account identifier;
... which is plainly and unencrypted visible in the E-Mails ...
to identify the corresponding email address (which is not public knowledge, cannot be determined from the account identifier, and will not be released by First Virtual);
... which is in the header of said E-Mail ...
to know or guess the account password;
... which is quite impossible unless you have your own FV shop, monitor IP traffic or a *malicious program on the user's computer* ...
to intercept all incoming messages to that email address;
... which said malicious program is of course completely unable to do ...
and, of course, to know what First Virtual is and understand what our messages are about and how to respond to them.
Wow! I didn't think of that! And while I'm at it, it doesn't take much to be more secure than credit card payments. You shouldn't be too proud of that. And it shouldn't take an experienced programmer one whole week to write a keyboard sniffer. But I think it's not too pessimistic to say that _any_ software-based payment scheme can be hacked using malicious programs. Nathaniel> world today. Once it detects a credit card number, a Nathaniel> criminal program could use any of several techniques to Nathaniel> send that number to the original criminal without Nathaniel> providing any way to trace the criminal's receipt of Nathaniel> it. (If you're skeptical about this claim, we'd prefer Nathaniel> to talk with you privately, as we've never seen the Nathaniel> "best" methods for doing this spelled out in public, Nathaniel> and we would prefer to keep it that way.) Oh, wow, it's your secret. I would post a message containing the credit card number encrypted with a public key cipher to alt.foo.bar. Or to the IRC. And it's not too difficult to hack university computers, so I could even receive mail there without being traceable. Not to speak of remailer chains. Any other ideas? Andreas -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAgUBMQ2Zy0yjTSyISdw9AQEkHwP9HeYucy86Wdre4OuaYAa50YcNZ6LPrJJz GrvDC5t4LRprAqggtYMRBS7NlJ2+rVV58+6R4WXn66wCLcjpAXq0s5FMxKDoxe9Y JyKcevK7O9iFLIGzERZkz2RXLmk2PBlUsi8hzS+WsPBe0QfIK1bFW2gEum2eKjlm bzmq6iI8dx0= =5NT1 -----END PGP SIGNATURE-----
Nathaniel Borenstein <msb@fv.com> writes:
[ credit card numbers, host security ]
Forgive me, but this risk is blindingly obvious and completely nonspecific to credit-card commerce: the same considerations apply to any sensitive data resident on a host. The tone of the article strikes me as alarmist (and self-serving, as it candidly points out). Of course, host security is important, but what is the rationale for panic, given the tools available? Heavens.
NEVER TYPE YOUR CREDIT CARD NUMBER INTO A COMPUTER.
Never speak it either. Walls (and audio peripherals) have ears. Peter Monta pmonta@qualcomm.com Qualcomm, Inc./Globalstar
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. Peter Monta@qualcomm.com (651*)
Of course, host security is important, but what is the rationale for panic, given the tools available? Heavens.
It's the potential for large-scale automated untraceable attack.
NEVER TYPE YOUR CREDIT CARD NUMBER INTO A COMPUTER.
Never speak it either. Walls (and audio peripherals) have ears.
When you can give me a cheap device that can be planted in the wall, listen to everything you say, and just spit out the credit card numbers, then I'll start to be worried about speaking it. Until then, what we've just unveiled has no audio parallel. -- NB -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
-----BEGIN PGP SIGNED MESSAGE----- Hello Nathaniel Borenstein <nsb@nsb.fv.com> and cypherpunks@toad.com, Peter Monta <pmonta@qualcomm.com> NSB wrote:
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. Peter Monta@qualcomm.com (651*) ...
NEVER TYPE YOUR CREDIT CARD NUMBER INTO A COMPUTER.
Never speak it either. Walls (and audio peripherals) have ears.
When you can give me a cheap device that can be planted in the wall, listen to everything you say, and just spit out the credit card numbers, then I'll start to be worried about speaking it. ...
And in a later post: ...
I used to trust the telephone not to be tapped in a selective way based on keyword recognition, but in recent years, with the improvement in voice recognition technology, I have stopped trusting it that way, and I know plenty of other people have too -- if you say "NSA" into a cellular call, you are probably inviting an eavesdropper. ...
So, what's wrong with the virus listening through the audio card? Many people have their phone close to their computer, and credit-card numbers spoken over the phone are usually spoken clearly.
Similarly, we trust the postal service and certain uses of email not to be free of any insecurities, but to be hard to defeat in a large scale automated way. ...
Presumably mail from FV asking for confirmation wouldn't be too hard to search for - I guess one would watch WinSock for connection to the POP port then grab the password etc, followed by periodically checking for new e-mail (without the user's knowledge). Many people would already have their CC number on the computer somewhere, in a letter they wrote (and later printed out and posted). If it's a virus, it doesn't even need a net connection to communicate it back (it can just remember it and pass it 'home' several infections later). The real problem ain't the net, but lousy security in home systems. (Hmm, with the sound cards, couldn't the virus just hypnotise the user....) Jiri - -- If you want an answer, please mail to <jirib@cs.monash.edu.au>. On sweeney, I may delete without reading! PGP 463A14D5 (but it's at home so it'll take a day or two) PGP EF0607F9 (but it's at uni so don't rely on it too much) -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBMQ35nCxV6mvvBgf5AQF6YQQAn4G7Ks+3Tbdc5k5t1Y3H1y6xTYtdQEyS rpespy10GEqCV1QY7LSHSkqqDDfR3Mdx6dlLIMv+gyay9gz5jFp0IKBweWvNfGDr iJa7EiE+6sHt9lR0pjDcL9MGca1cdzOvwZYX6wGoC3JPZBmgFbM7YYv/EYum63TH CwsAkgA2hAk= =2UHy -----END PGP SIGNATURE-----
Excerpts from mail: 30-Jan-96 Re: FV Demonstrates Fatal F.. Andreas Bogk@horten.artc (2677)
First, pray tell, what prevents me from writing a virus that patches, say, Eudora and Netscape, so they automatically reply to all FV-mails?
Nothing at all. But it's still not an automated mass-scale attack, because that's only one piece of the mechanism (which we spell out) for breaking FV. The essence of FV's security is that we don't believe that there's any single bit of technology or magic (cryptographic or otherwise) that provides security, and that real security comes from a series of complex defenses. This approach is particularly good at discouraging automated attacks. Moreover, this attack is almost guaranteed to leave traces and be detected within a single billing cycle. Once the credit card bill comes in, the patch in Eudora/Netscape will be discovered, and people will start looking for its source. In contrast, the scheme I have outlined steals credit card numbers without any connection to the point of theft, which in practice will mean that the attack will go undiagnosed and without countermeasures for a lot longer, because there will be no obvious correlation to the Internet as a point of theft.
to identify the corresponding email address (which is not public knowledge, cannot be determined from the account identifier, and will not be released by First Virtual);
... which is in the header of said E-Mail ...
Typically, they flow over the web, where there's no email address present. You need traffic analysis. Just makes it harder to automate, that's all.
And while I'm at it, it doesn't take much to be more secure than credit card payments. You shouldn't be too proud of that.
We're very proud of it because it's the competition.
And it shouldn't take an experienced programmer one whole week to write a keyboard sniffer.
That included the user interface and a number of precautionary mechanisms, with very careful coding to make sure that there weren't hidden problems that would bite us. The engineer who wrote it is very good, but I also know that several people have since duplicated the basic mechanism in a day or two.
But I think it's not too pessimistic to say that _any_ software-based payment scheme can be hacked using malicious programs.
Right. And the key, as I keep saying, is automation. You have to defend against an automated attack.
Oh, wow, it's your secret. I would post a message containing the credit card number encrypted with a public key cipher to alt.foo.bar. Or to the IRC. And it's not too difficult to hack university computers, so I could even receive mail there without being traceable. Not to speak of remailer chains. Any other ideas?
Actually, one of your methods is very close to my preferred method, but there are still some better wrinkles possible. I prefer to leave them as an exercise for the reader -- my academic background, I guess. :-) -- Nathaniel -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com
participants (11)
-
andreas@horten.artcom.de -
David Mazieres -
Ed Carp, KHIJOL SysAdmin -
Ernest Hua -
Jiri Baum -
Nathaniel Borenstein -
Paul M. Cardon -
Peter Monta -
sameer -
W. Kinney -
zinc