New research from Panda Security shows eBay and Western Union are among the favorite sites for cyber-criminals to try to emulate for their schemes.

No surprise.

From NPR:

Based on surveys Barnes collected, the top five worries of parents are, in order:

1. Kidnapping
   
2. School snipers
   
3. Terrorists
   
4. Dangerous strangers
   
5. Drugs

But how do children really get hurt or killed?

1. Car accidents
   
2. Homicide (usually committed by a person who knows the child, not a stranger)
   
3. Abuse
   
4. Suicide
   
5. Drowning

Why such a big discrepancy between worries and reality? Barnes says parents fixate on rare events because they internalize horrific stories they hear on the news or from a friend without stopping to think about the odds the same thing could happen to their children.

No surprise to any regular reader of this blog.

Microsoft is warning users about a new fake AV program that mimics warnings generated by popular browsers as well as the Microsoft Security Essentials Web page.

If you're a typical wired American, you've got a bunch of tech tools you like and a bunch more you covet. You have a cell phone that can easily text. You've got a laptop configured just the way you want it. Maybe you have a Kindle for reading, or an iPad. And when the next new thing comes along, some of you will line up on the first day it's available.

So why can't work keep up? Why are you forced to use an unfamiliar, and sometimes outdated, operating system? Why do you need a second laptop, maybe an older and clunkier one? Why do you need a second cell phone with a new interface, or a BlackBerry, when your phone already does e-mail? Or a second BlackBerry tied to corporate e-mail? Why can't you use the cool stuff you already have?

More and more companies are letting you. They're giving you an allowance and allowing you to buy whatever laptop you want, and to connect into the corporate network with whatever device you choose. They're allowing you to use whatever cell phone you have, whatever portable e-mail device you have, whatever you personally need to get your job done. And the security office is freaking.

You can't blame them, really. Security is hard enough when you have control of the hardware, operating system and software. Lose control of any of those things, and the difficulty goes through the roof. How do you ensure that the employee devices are secure, and have up-to-date security patches? How do you control what goes on them? How do you deal with the tech support issues when they fail? How do you even begin to manage this logistical nightmare? Better to dig your heels in and say "no."

But security is on the losing end of this argument, and the sooner it realizes that, the better.

The meta-trend here is consumerization: cool technologies show up for the consumer market before they're available to the business market. Every corporation is under pressure from its employees to allow them to use these new technologies at work, and that pressure is only getting stronger. Younger employees simply aren't going to stand for using last year's stuff, and they're not going to carry around a second laptop. They're either going to figure out ways around the corporate security rules, or they're going to take another job with a more trendy company. Either way, senior management is going to tell security to get out of the way. It might even be the CEO, who wants to get to the company's databases from his brand new iPad, driving the change. Either way, it's going to be harder and harder to say no.

At the same time, cloud computing makes this easier. More and more, employee computing devices are nothing more than dumb terminals with a browser interface. When corporate e-mail is all webmail, corporate documents are all on GoogleDocs, and when all the specialized applications have a web interface, it's easier to allow employees to use any up-to-date browser. It's what companies are already doing with their partners, suppliers, and customers.

Also on the plus side, technology companies have woken up to this trend and -- from Microsoft and Cisco on down to the startups -- are trying to offer security solutions. Like everything else, it's a mixed bag: some of them will work and some of them won't, most of them will need careful configuration to work well, and few of them will get it right. The result is that we'll muddle through, as usual.

Security is always a tradeoff, and security decisions are often made for non-security reasons. In this case, the right decision is to sacrifice security for convenience and flexibility. Corporations want their employees to be able to work from anywhere, and they're going to have loosened control over the tools they allow in order to get it.

This essay first appeared as the second half of a point/counterpoint with Marcus Ranum in Information Security Magazine. You can read Marcus's half here.

Back in 2007, I wrote an essay, "Portrait of the Modern Terrorist as an Idiot," where I said:

The JFK Airport plotters seem to have been egged on by an informant, a twice-convicted drug dealer. An FBI informant almost certainly pushed the Fort Dix plotters to do things they wouldn't have ordinarily done. The Miami gang's Sears Tower plot was suggested by an FBI undercover agent who infiltrated the group. And in 2003, it took an elaborate sting operation involving three countries to arrest an arms dealer for selling a surface-to-air missile to an ostensible Muslim extremist. Entrapment is a very real possibility in all of these cases.

Over on Salon, Stephan Salisbury has an essay on FBI entrapment and domestic terrorism plots. It's well worth reading.

Kaspersky Lab found that three pieces of malware targeting the Windows LNK shortcut flaw that made headlines in July were among the top 20 pieces of malware in August.

Squid car.

Interesting:

Who are these certificate authorities? At the beginning of Web history, there were only a handful of companies, like Verisign, Equifax, and Thawte, that made near-monopoly profits from being the only providers trusted by Internet Explorer or Netscape Navigator. But over time, browsers have trusted more and more organizations to verify Web sites. Safari and Firefox now trust more than 60 separate certificate authorities by default. Microsoft's software trusts more than 100 private and government institutions.

Disturbingly, some of these trusted certificate authorities have decided to delegate their powers to yet more organizations, which aren't tracked or audited by browser companies. By scouring the Net for certificates, security researchers have uncovered more than 600 groups who, through such delegation, are now also automatically trusted by most browsers, including the Department of Homeland Security, Google, and Ford Motors­and a UAE mobile phone company called Etisalat.

In 2005, a company called CyberTrust­which has since been purchased by Verizon­ gave Etisalat, the government-connected mobile company in the UAE, the right to verify that a site is valid. Here's why this is trouble: Since browsers now automatically trust Etisalat to confirm a site's identity, the company has the potential ability to fake a secure connection to any site Etisalat subscribers might visit using a man-in-the-middle scheme.

Clever:

Quantum cryptography is often touted as being perfectly secure. It is based on the principle that you cannot make measurements of a quantum system without disturbing it. So, in theory, it is impossible for an eavesdropper to intercept a quantum encryption key without disrupting it in a noticeable way, triggering alarm bells.

Vadim Makarov at the Norwegian University of Science and Technology in Trondheim and his colleagues have now cracked it. "Our hack gave 100% knowledge of the key, with zero disturbance to the system," he says.

[...]

The cunning part is that while blinded, Bob's detector cannot function as a 'quantum detector' that distinguishes between different quantum states of incoming light. However, it does still work as a 'classical detector' ­ recording a bit value of 1 if it is hit by an additional bright light pulse, regardless of the quantum properties of that pulse.

That means that every time Eve intercepts a bit value of 1 from Alice, she can send a bright pulse to Bob, so that he also receives the correct signal, and is entirely unaware that his detector has been sabotaged. There is no mismatch between Eve and Bob's readings because Eve sends Bob a classical signal, not a quantum one. As quantum cryptographic rules no longer apply, no alarm bells are triggered, says Makarov.

"We have exploited a purely technological loophole that turns a quantum cryptographic system into a classical system, without anyone noticing," says Makarov.

Makarov and his team have demonstrated that the hack works on two commercially available systems: one sold by ID Quantique (IDQ), based in Geneva, Switzerland, and one by MagiQ Technologies, based in Boston, Massachusetts. "Once I had the systems in the lab, it took only about two months to develop a working hack," says Makarov.

Just because something is secure in theory doesn't mean it's secure in practice. Or, to put it more cleverly: in theory, theory and practice are the same; but in practice, they're very different.

The paper is here.

This is beyond stupid:

The Pentagon is contemplating an aggressive approach to defending its computer systems that includes preemptive actions such as knocking out parts of an adversary's computer network overseas—but it is still wrestling with how to pursue the strategy legally.

The department is developing a range of weapons capabilities, including tools that would allow "attack and exploitation of adversary information systems" and that can "deceive, deny, disrupt, degrade and destroy" information and information systems, according to Defense Department budget documents.

But officials are reluctant to use the tools until questions of international law and technical feasibility are resolved, and that has proved to be a major challenge for policymakers. Government lawyers and some officials question whether the Pentagon could take such action without violating international law or other countries' sovereignty.

"Some" officials are questioning it. The rest are trying to ignore the issue.

I wrote about this back in 2007.

As part of NIST's SHA-3 selection process, people have been implementing the candidate hash functions on a variety of hardware and software platforms. Our team has implemented Skein in Intel's 32 nm ASIC process, and got some impressive performance results (presentation and paper). Several other groups have implemented Skein in FPGA and ASIC, and have seen significantly poorer performance. We need help understanding why.

For example, a group led by Brian Baldwin at the Claude Shannon Institute for Discrete Mathematics, Coding and Cryptography implemented all the second-round candidates in FPGA (presentation and paper). Skein performance was terrible, but when they checked their code, they found an error. Their corrected performance comparison (presentation and paper) has Skein performing much better and in the top ten.

We suspect that the adders in all the designs may not be properly optimized, although there may be other performance issues. If we can at least identify (or possibly even fix) the slowdowns in the design, it would be very helpful, both for our understanding and for Skein's hardware profile. Even if we find that the designs are properly optimized, that would also be good to know.

A group at George Mason University led by Kris Gaj implemented all the second-round candidates in FPGA (presentation, paper, and much longer paper). Skein had the worst performance of any of the implementations. We're looking for someone who can help us understand the design, and determine if it can be improved.

Another group, led by Stefan Tillich at University of Bristol, implemented all the candidates in 180 nm custom ASIC (presentation and paper). Here, Skein is one of the worst performers. We're looking for someone who can help us understand what this group did.

Three other groups -- one led by Patrick Schaumont of Virginia Tech (presentation and paper), another led by Shin'ichiro Matsuo at National Institute of Information and Communications Technology in Japan (presentation and paper), and a third led by Luca Henzen at ETH Zurich (paper with appendix, and conference version) -- implemented the SHA-3 candidates. Again, we need help understanding how their Skein performance numbers are so different from ours.

We're looking for people with FPGA and ASIC skills to work with the Skein team. We don't have money to pay anyone; co-authorship on a paper (and a Skein polo shirt) is our primary reward. Please send me e-mail if you're interested.

IBM has updated a threat report for the first half of 2010 to adjust its tallies of unpatched vulnerabilities.

Skein is my new hash function. Well, "my" is an overstatement; I'm one of the eight designers. It was submitted to NIST for their SHA-3 competition, and one of the 14 algorithms selected to advance to the second round. Here's the Skein paper; source code is here. The Skein website is here.

Last week was the Second SHA-3 Candidate Conference. Lots of people presented papers on the candidates: cryptanalysis papers, implementation papers, performance comparisons, etc. There were two cryptanalysis papers on Skein. The first was by Kerry McKay and Poorvi L. Vora (presentation and paper). They tried to extend linear cryptanlysis to groups of bits to attack Threefish (the block cipher inside Skein). It was a nice analysis, but it didn't get very far at all.

The second was a fantastic piece of cryptanalysis by Dmitry Khovratovich, Ivica Nikolié, and Christian Rechberger. They used a rotational rebound attack (presentation and paper) to mount a "known-key distinguisher attack" on 57 out of 72 Threefish rounds faster than brute force. It's a new type of attack -- some go so far as to call it an "observation" -- and the community is still trying to figure out what it means. It only works if the attacker can manipulate both the plaintexts and the keys in a structured way. Against 57-round Threefish, it requires 2503 work -- barely better than brute force. And it only distinguishes reduced-round Threefish from a random permutation; it doesn't actually recover any key bits.

Even with the attack, Threefish has a good security margin. Also, the attack doesn't affect Skein. But changing one constant in the algorithm's key schedule makes the attack impossible. NIST has said they're allowing second-round tweaks, so we're going to make the change. It won't affect any performance numbers or obviate any other cryptanalytic results -- but the best attack would be 33 out of 72 rounds.

Our update on Skein, which we presented at the conference, is here. All the other papers and presentations are here. (My 2008 essay on SHA-3 is here, and my 2009 update is here.) The second-round algorithms are: BLAKE, Blue Midnight Wish, CubeHash, ECHO, Fugue, Grøstl, Hamsi, JH, Keccak, Luffa, Shabal, SHAvite-3, SIMD, and Skein. You can find details on all of them, as well as the current state of their cryptanalysis, here. NIST will select approximately five algorithms to go on to the third round by the end of the year.

In other news, we're once again making Skein polo shirts available to the public. Those of you who attended either of the two SHA-3 conferences might have noticed the stylish black Skein polo shirts worn by the Skein team. Anyone who wants one is welcome to buy it, at cost. Details (with photos) are here. All orders must be received before October 1, and we'll have all the shirts made in one batch.

"Protecting your daily in-home activity information from a wireless snooping attack," by Vijay Srinivasan, John Stankovic, and Kamin Whitehouse:

Abstract: In this paper, we first present a new privacy leak in residential wireless ubiquitous computing systems, and then we propose guidelines for designing future systems to prevent this problem. We show that we can observe private activities in the home such as cooking, showering, toileting, and sleeping by eavesdropping on the wireless transmissions of sensors in a home, even when all of the transmissions are encrypted. We call this the Fingerprint and Timing-based Snooping (FATS) attack. This attack can already be carried out on millions of homes today, and may become more important as ubiquitous computing environments such as smart homes and assisted living facilities become more prevalent. In this paper, we demonstrate and evaluate the FATS attack on eight different homes containing wireless sensors. We also propose and evaluate a set of privacy preserving design guidelines for future wireless ubiquitous systems and show how these guidelines can be used in a hybrid fashion to prevent against the FATS attack with low implementation costs.

The group was able to infer surprisingly detailed activity information about the residents, including when they were home or away, when they were awake or sleeping, and when they were performing activities such as showering or cooking. They were able to infer all this without any knowledge of the location, semantics, or source identifier of the wireless sensors, while assuming perfect encryption of the data and source identifiers.

In Australia:

A high school teacher who assigned her class to plan a terrorist attack that would kill as many innocent people as possible had no intent to promote terrorism, the school principal said yesterday.

The Year-10 students at Kalgoorlie-Boulder Community High School were asked to pretend they were terrorists making a political statement by releasing a chemical or biological agent on "an unsuspecting Australian community".

The task included choosing the best time to attack and explaining their choice of victims and what effects the attack would have on a human body.

"Your goal is to kill the MOST innocent civilians," the assignment read.

Principal Terry Martino said he withdrew the assignment for the class on contemporary conflict and terrorism as soon as he heard of it. He said the teacher was "relatively inexperienced" and it was a "well-intentioned but misguided attempt to engage the students".

Sounds like me:

It is in this spirit I announce the (possibly First) Movie-Plot Threat Contest. Entrants are invited to submit the most unlikely, yet still plausible, terrorist attack scenarios they can come up with.

Your goal: cause terror. Make the American people notice. Inflict lasting damage on the U.S. economy. Change the political landscape, or the culture. The more grandiose the goal, the better.

Assume an attacker profile on the order of 9/11: 20 to 30 unskilled people, and about $500,000 with which to buy skills, equipment, etc.

For the record, 1) I have no interest in promoting terrorism -- I'm not even sure how I could promote terrorism without actually engaging in terrorism, 2) I'm pretty experienced, and 3) my movie-plot threat contests are not misguided. You can't understand security defense without also understanding attack.

Australian police are claiming the assignment was illegal, so Australians who enter my movie-plot threat contests should think twice. Also anyone writing a thriller novel about terrorism, perhaps.

An AFP spokeswoman said it was an offence to collect or make documents preparing for or assisting a terrorist attack.

It was also illegal to be "reckless as to whether these documents may assist or prepare for a terrorist attack".

A security researcher has uncovered a zero-day vulnerability in QuickTime that can be used to bypass Windows' data execution prevention and address space layout randomization protections.

Chilling:

How do most wrongful convictions come about?

The primary cause is mistaken identification. Actually, I wouldn't call it mistaken identification; I'd call it misidentification, because you often find that there was some sort of misconduct by the police. In a lot of cases, the victim initially wasn't so sure. And then the police say, "Oh, no, you got the right guy. In fact, we think he's done two others that we just couldn't get him for." Or: "Yup, that's who we thought it was all along, great call."

It's disturbing that misidentifications still play such a large role in wrongful convictions, given that we've known about the fallibility of eyewitness testimony for over a century.

In terms of empirical studies, that's right. And 30 or 40 years ago, the Supreme Court acknowledged that eyewitness identification is problematic and can lead to wrongful convictions. The trouble is, it instructed lower courts to determine the validity of eyewitness testimony based on a lot of factors that are irrelevant, like the certainty of the witness. But the certainty you express [in court] a year and half later has nothing to do with how certain you felt two days after the event when you picked the photograph out of the array or picked the guy out of the lineup. You become more certain over time; that's just the way the mind works. With the passage of time, your story becomes your reality. You get wedded to your own version.

And the police participate in this. They show the victim the same picture again and again to prepare her for the trial. So at a certain point you're no longer remembering the event; you're just remembering this picture that you keep seeing.

Since a fatal crash a few years ago, Boston T (their subway) operators have been forbidden from using -- or even having -- cell phones while on the job. Passengers are encouraged to report violators. But sometimes T operators need to use their official radios on the job, and passengers can't tell the difference. The solution: orange tape:

The solution? Goodbye, sober black; hello, bright orange, a hue so vivid that, MBTA officials hope, no one will mistake the radios for phones anymore. Workers at the agency's car barns and garages are in the process of outfitting every handset in the fleet with strips of reflective tape emblazoned with T logos.

[...]

... a small but steady number of hot line tips have been found to be cases of drivers or operators communicating with dispatch by radio, according to video and operations-center call logs.

That is where the electric-orange tape should help, Davey said. Over the past two months, the tape has been applied to handheld radios on about 95 percent of the T's 1,050 buses (each of which has one handset) and one-fourth of its nearly 210 double-ended Green Line trolleys, which have handsets at each end. The rest of the Green Line and the Orange, Blue, and Red line radios will follow.

Taisha O'Bryant, a Roxbury resident who serves as chairwoman of the T Riders Union, said she is more concerned with the frequency and reliability of bus service than the appearance of bus radios. But she said it is a good thing if a driver or operator can call dispatch in the event of a breakdown or service problem without worrying about appearing to talk on a cellphone, and she hailed the cellphone ban.

Of course, no T operator would ever think of putting bright orange tape on his cell phone. Because if he did that, the passengers would immediately know not to report him.

Pretty.