Unsalted passwords can raise your blood pressure

Presentation slide proposing methods to discredit and destroy Wikileaks. Obtained from leaked HBGary emails. Source: ArsTechnica

Looks pretty bad, doesn’t it?  Well, it’s worse.  Not only did the security firm HBGary prepare a package of dirty tricks against Wikileaks, hoping to get paid by Bank of America’s law firm to put them into action, but they also constructed a similar package to use against labor unions, hoping to drum up business from the US Chamber of Commerce.  As I write this, there is no confirmation that either B of A or the US C of C actually paid for these services to be rendered, but the authenticity of the leaked emails does not appear to be in doubt.  The CEO of Palantir, whose company logo appears on the slide I linked, has apologized at least twice, severed all ties with HBGary, and placed on leave the engineer who developed this slide.

The best coverage I have seen of this sordid affair is at Ars Technica.  Many commenters at Ars have stated that Nate Anderson should win a Pulitzer Prize for his coverage of the hack that led to the leaked emails, and the ongoing aftermath.  That’s not hyperbole: this article by Anderson is the most riveting tech news story I have read in years, maybe ever.

A couple months ago, Richard Lipton proposed a method to stop Wikileaks.  Essentially, the method boiled down to this: for every potentially compromising document generated, automatically generate a set of documents that look like it, but are different somehow — statements are contradicted but otherwise identical, numerical values are inflated or deflated, etc.  Then, if the “real” documents are leaked, ensure all the shadow documents are leaked as well, so nobody knows what to believe.  From the Palantir slide’s first bullet point, it appears that practice is keeping abreast of theory, or perhaps leaping ahead: “Create messages around actions to sabotage or discredit the opposing organization.  Submit fake documents and then call out the error.”

More than 70,000 leaked emails from HBGary, HBGary Federal and rootkit.com are available for download and search on at least five mirror sites worldwide.  They got there because Aaron Barr, CEO of HBGary Federal, went to the media with the (incorrect) claim that he had uncovered the identities of key members of the hacker group Anonymous.  In response, Anonymous entered his computers, erased gigabytes of research data, downloaded and decrypted his hashed password database, remotely wiped his iPad, seized control of his LinkedIn profile and Twitter account — and, oh yes, posted 70,000+ emails that tell a story of three companies that specialized in dirty cybertricks, which is why the fallout from this story will be studied for months, or longer.

I took a graduate class in cryptography.  I even did well.  I had heard of salting passwords and dictionary attacks before this, but I didn’t really understand them.  I had an intellectual grasp of them yes, but I’m talking now about the type of understanding that grabs your solar plexus, squeezes and won’t let go until you’ve really really got it.  I believe this Ars Technica article by Peter Bright should be required reading in every cryptography class, and in every CS class when computer security is discussed.  Normally I would also link to Wikipedia articles on “salting passwords,” for example, but not this time, I won’t.  Bright does a superb job of making you feeeeeel how important it is to defend yourself against a dictionary attack, and I don’t want anything to get in the way of that.  Bottom line: security professionals protected themselves like amateurs, and found their defenses easily compromised once their CEO went out of his way to provoke a hacker collective known for its willingness to attack.

It would not surprise me if Lipton’s idea gained traction, very soon.  If nothing else, it would make searching through the email database far more difficult, because naive search algorithms would generate lots of false positives.  It might be worth turning the question around, to ask something I don’t know how to answer: Is there an algorithmic method to separate real documents from shadow documents, assuming they are uploaded together in the same torrent?


11 responses to “Unsalted passwords can raise your blood pressure

  1. Regarding your last sentence, I certainly hope so, or that it’s not necessary—note that we repented of that article!

  2. Hey Aaron. I am excited to read you new blog!

    I also read ArsTechnica and I agree. They have excellent articles, especially Nate’s articles about the about the HBGary Federal hack. Nate always writes good articles, but his recent sequence of features is outstanding.

  3. “Is there an algorithmic method to separate real documents from shadow documents, assuming they are uploaded together in the same torrent? ”

    Answer: no.

    “I was born in Texas.”
    “I was born in Utah.”
    “I was born in Maine.”

    Which, if any, of those are true? Can you write an algorithm to determine that?

    If the documents in question involve publicly available information, you can look up corroborating evidence (but then why the leak?) If done poorly, you might detect a fraud (e.g. introducing self-contradictions or altering numbers in a non-natural fashion). But short of adding a perfect audit trail to every computer in existence, you can’t tell a genuine piece of text from a fabricated one. Too bad, would’ve been nice.

  4. Ken Regan posts: Note that we repented of that article!

    Ken Regan’s post illustrates one of several admirable aspects of his and Dick Lipton’s weblog Gödel’s Lost Letter and P=NP.

    Consider by way of contrast, that no expression of penitence has ever been associated to a theorem posted on TCS StackExchange or on MathOverflow (at least, I have never seen one).

    This striking contrast between weblog culture and stackexchange culture echoes the striking contrast between von Neumann and Morgenstern’s Theory of Games and Economic Behavior and chapter 2 of Jane Austin’s Sense and Sensibility.

    In Sense and Sensibility, is the half-sister Fanny simply a rational actor who is commendably optimizing resource allocation in consonance with the social contract? Or is Fanny a heartless, manipulative sociopath?

    What these narratives illustrate for us, and Ken Regan’s post reminds us, and the weblog/stackexchange tensions show us, is that *both* questions can be answered “yes”.

    • I think Anonymous below me raises a good point about apologizing for theorems. I saw that you commented elsewhere about Stackexchange sites maybe “stealing” participation from blogs (my term, not yours, I know). I thought you might like to know that the next post in the queue — already written, scheduled to appear Saturday — is my own attempt to rewrite Emanuele Viola’s response to one of your questions on TCS Stackexchange. I am going to try to base blog posts on cstheory questions at least once a month. We’ll see how it goes.

  5. Consider by way of contrast, that no expression of penitence has ever been associated to a theorem posted on TCS StackExchange or on MathOverflow (at least, I have never seen one).

    Can you think of even one case in all of human history when someone really ought to have expressed penitence for a mathematical theorem? “I’m sorry I proved the incompleteness theorems. They ended up causing a lot of philosophical confusion among people I thought would know better, and I’ve concluded we’d just be better off not knowing these things.”

  6. Anonymous, when I spoke of “penitence” in relation to theorems, I didn’t have in mind issues relating to apportionment of credit.

    For centuries issues associated to credit and reputation have been contentious among mathematicians (and scientists and engineers and physicians too). No doubt disputes will continue in the future … and although heated accusations have always been more common than heartfelt apologies, the latter are *not* unknown.

    What I had in mind is the more rare type of penitence that among physicists is exemplified by Robert Oppenheimer’s “The physicists have known sin; and this is a knowledge which they cannot lose” and among engineers is exemplified by Herbert Hoover’s “The engineer cannot bury his mistakes in the grave like the doctors” and among mathematicians is exemplified by Section 6 of Bill Thurston’s Bull. AMS article On Proof and Progress in Mathematics (1994), in the paragraphs following “I do have regrets about aspects of my career …”

  7. By the way Aaron, your idea of posting regularly on StackExchange questions would be IMHO a terrific service to the community … the broader-ranging the commentary, the better!

    It is easy to verify that about 74% of MathOverflow users have a reputation that is too low for them to comment at all (only reputations ≥50 are allowed to comment). On the one hand, this threshold surely improves the SNR. On the other hand, it effectively relegates most non-mathematicians, and even most high school/undergraduate mathematics students, to second-class citizenship in MathOverflow.

    In consequence, the stack exchanges are relegating to weblogs the role of providing what ecologists call “critical habitat” for nurturing young mathematicians and for reaching out to other STEM disciplines … these are two vital functions IMHO.

    In aggregate, these various checks-and-balance seem reasonable (to me) … provided that everyone works to ensure that the stack exchanges and the weblogs *both* function well.

  8. Pingback: Update on HBGary Federal and Anonymous | Nanoexplanations

  9. Pingback: “Shadow CIA” apparently stored credit card information in cleartext | Nanoexplanations

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s