| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Jul 2015 09:36:00 +0900 From: Pierre Kim <pierre.kim.sec@...il.com> To: fulldisclosure <fulldisclosure@...lists.org> Subject: [FD] Why Full Disclosure is the solution ? An example with RIPE Note: this email has been sent to Full-Disclosure and has been blogposted to: https://pierrekim.github.io/blog/2015-07-22-why-full-disclosure-is-the-solution-an-examble-with-ripe.html TL;DR: hashes list from the RIPE database has been posted to MEGA, containing usable hashes from 2011 to July 2015. ( https://mega.co.nz/#!xMIxHZCT!EgWNb65ERsTf5URgBNq8VW_flzXSNbO3URwE0nqtsXY ) The human is reluctant to change. Full Disclosure is, sometimes, the only solution to improve Security by forcing the change. RIPE, Reseau IP Europeen (European IP Networks), is in charge of IP allowance in Europe ( https://en.wikipedia.org/wiki/RIPE ). In 2011, I had grabbed all the authentication MD5s of the RIPE database before they were taken out from the public view and RIPE asked people to change their passwords. These MD5s were public-made available in WHOIS reponses for years. I don't think I was the only security researcher who downloaded all the hashes. Clearly, there were a lot of people who had this database. The 36.000 hashes stayed in my hard disk for 4 years. Finding them again in 2015 in my $HOME, some may have wanted to deface the WHOIS RIPE database by inserting giant ASCII penises everywhere and changing IP attributions. Instead, I contacted the RIPE NCC Information Security Officer and then the RIPE Database Working Group Members, hoping to have open discussions and find a solution: - [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods ( https://www.ripe.net/ripe/mail/archives/db-wg/2015-May/004554.html ). As I said in the first email: According to the RIPE transparency, as recommended by RIPE NCC Security, therefore I am now contacting this working group to work together because deprecation of MD5 is an important change in the RIPE database and it must be debated in a democratic manner. This john-compatible file (containing MNT logins and MD5 hashs) was never exposed to public but the hashes can be (VERY) easily cracked. From the discussion with RIPE Security (who received a copy of this file), 27.000 usable hashes (on a total of 36.000) appeared to be valid til now. When I discussed it with RIPE NCC Security, I gave a 90 day disclosure policy about this "public" information, starting from the 16 Apr 2015. The 90 day period can be adjusted by adding more days at the end if RIPE shows a good progress of the migration. I wanted to do responsible disclosure when I saw the RIPE Responsible Disclosure Policy which is a Really Good Thing, I think. My analysis is simple: The MD5 authentication is broken for years and it's time to change to a more secure method. I think people needs to be encouraged to move to SSO authentication. Using MD5 now is unsafe and dangerous, especially with unchanged 4 year-old passwords. Please share your thoughts about this situation. I will be happy to debate with you. After a debate with the RIPE working group about the impact of the fact 27.000 hashes were still usable (75% of total valid hashes 36.000) and MD5 is prone to collision attacks, and the ethics in releasing this information, which was not the point, I think, RIPE changed the affected passwords and encouraged stronger authentication methods. You can read all the posts in the RIPE public mailing list, database working group archives: - https://www.ripe.net/ripe/mail/archives/db-wg/2015-May/004554.html - https://www.ripe.net/ripe/mail/archives/db-wg/2015-June/004665.html Now that all the hashes are invalid from July 2015 [1], I am releasing the database[2]. These informations were PUBLIC before 2011. Releasing the hashes is still subject to ethical problems. The release is expected to allow people to study the strengh of the hashes. Again, the hashes (and the decrypted passwords) are now UNUSABLE to anyone. I want to thank all the RIPE participants in the Database Working Group for exchanging their opinions about this problem, especialy Tim Bruijnzeels and Ivo Dijkhuis, from RIPE. Even if, sometimes, we didn't share the same ideas, the debate was democractic allowing people to share their visions of improving security in RIPE. I really think RIPE managed this problem in an effective manner, improving the security of their IT infrastructure. RIPE has a blogpost explaing how to migrate to a safer authentication method here: https://labs.ripe.net/Members/AlexBand/pgp-in-the-ripe-database Now, a small personal analysis: In Twitter, Blogs and vulnerability reports, we are speaking about 0days and new exploitation techniques: I consider it's very important. But I really think too there is a big gap between the research in security and the reality. Companies are mainly hacked using word macros and lazy sysadmins. It is a VERY bad sign in IT Security that: - 75% of the passwords in RIPE were not changed for 4 years and these concern mainly IT professional accounts, even though RIPE alerted them to change the passwords since 2011 - We still find reluctant opinions to challenge the current situation and make necessary actions in improving IT security. Mentality needs to change. Apparently, for some people, this disclosure of information is unethical. This was not the problem of ethics but protection of private information. A lot of people had the RIPE credentials in their hands and something needs to be done. So now, enjoy the show. The hashes list, as a john-compatible file, is available at MEGA ( https://mega.co.nz/#!xMIxHZCT!EgWNb65ERsTf5URgBNq8VW_flzXSNbO3URwE0nqtsXY ). Regards, [1]: https://www.ripe.net/ripe/mail/archives/db-wg/2015-July/004709.html - [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods [2]: https://mega.co.nz/#!xMIxHZCT!EgWNb65ERsTf5URgBNq8VW_flzXSNbO3URwE0nqtsXY -- Pierre Kim pierre.kim.sec@...il.com @PierreKimSec https://pierrekim.github.io/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists