goatsec cache blarg

1. This is Google's cache of http://security.goatse.fr/posts. It is a snapshot of the page as it appeared on Mar 5, 2013 18:11:56 GMT. The current page could have changed in the meantime. Learn more
2. Tip: To quickly find your search term on this page, press Ctrl+F or ⌘-F (Mac) and use the find bar.
3.  
4. Text-only version
5.  
6. Home
7. Blog
8. Team
9. Contact
10. Help
11. Compiz vulnerability
12.  
13. May 14th, 2011 Posted in Articles
14. May, 14 2011
15. 33 Comments »
16. Goatse Security has had a lot of fun pointing out the devastating flaws in Apple’s shit-tastic software, but now it’s time to turn to the beloved mascot of the sweaty man-child open source community: Linux.
17.  
18. Linux weenies will often brag about how insecure Windows is compared to Linux. They’ll also argue that Linux is hard to take down with any sort of exploit. Well, it turns out that’s not quite true. Here’s a simple, step-by-step guide to owning the most popular Linux distribution out there today:
19.  
20. Open a long URL beginning with “apt://” in a browser that handles the apt:// protocol.
21. Er…
22. That’s it.
23. Hope you weren’t doing anything important with that X session.
24.  
25. This bug is delightfully trivial to deploy. Just write a normal HTML page containing an iframe that takes a 10000 character apt:// URL as its source. Trick a Debian dickhead into opening it and the bug will take out Compiz, crashing your X session with a cryptic “Unexpected X error: BadAlloc (insufficient resources for operation) serial 1779 error_code 11 request_code 53 minor_code 0)” error. And at no extra cost, we’re also throwing in GNOME theme rendering breakage, which forces you to logout and log back in to get your buttons back!
26.  
27. The following Linux distributions are affected by this vulnerability:
28.  
29. Alinex
30. BLAG Linux and GNU
31. CentOS
32. ClearOS
33. Debian
34. DeMuDi
35. Feather Linux
36. Fedora
37. Foresight Linux
38. gnuLinEx
39. gNewSense
40. Kaella
41. Knoppix
42. Linspire
43. Linux Mint
44. Musix GNU/Linux
45. Parsix
46. Red Hat Enterprise Linux
47. Scientific Linux
48. SUSE Linux Enterprise Desktop
49. Ubuntu
50. Ututo
51. This exploit could never have been uncovered without the help of many highly skilled greyhats. I’d like to give shoutouts to incog, Murdox, sloth, vxp, mith, lulzsec, arab, Leon Kaiser, afed, GNAA, jax, Bantown, Sam Hovercar, 37signals, afed_, The Greater Association of PHP Programmers, goudatr0n, Rufas the earthworm, hepkitten, Girlvinyl, D8, EFNet #politics, DJ FUCK DA PARENTZ, Tory Jarmain, djb, my cat, my other cat, mao & amat, jwz, esr (but not rms), #stress, Lee Vartron, kayla, trelane, krashed, bikcmp, David J. Moore, Justin D. May, bittwist, DolemitE, Craig G. Mueller, sam, Christian Schlore, mith, 808chan, xyz, LeeB, Alex Pilosov, lec, Randi Harper and her aborted baby, Shaniqua, acidburn, Lord Nikon, Mikey Mattice, The Cereal Killer, The Phantom Phreak, DiKKy Heartiez, Adrian Lamo, BLACK_MAN, lysol, wispurs, vap0r, LiteralKa, #arab, Matthew Gore (str8sucker704), Richard Johannes III, and the good people at paedophilewatch.org who work tirelessly to keep our children safe online. Many eyes make even the deepest bug shallow!
52.  
53.  
54.  
55. Linux
56. Read More
57. Goatse Security compromises famous security blog
58.  
59. January 27th, 2011 Posted in Articles
60. Jan, 27 2011
61. 8 Comments »
62. On Wednesday night, after several months of personal inactivity, a Goatse Security administrator finally realized his admin password allowed him to edit the (in)famous security blog Goatse Security. Oblivious to the fact that blogs are generally irrelevant, he and his army then proceeded to vandalize the homepage and cause incalculable damage and loss of life. When the smoke cleared from the battlefield of blogs, many an ego was mortally wounded.
63.  
64. The victory speech went as follows:
65.  
66. Dear Goatsec,
67.  
68. I have taken the liberty of exposing your gaping hole, and hope in doing so that I’ve given your balls a good twist. As you are a group of self-aggrandizing twats, I have also contacted the media to ensure that this incident gets the coverage it deserves.
69.  
70. In cracking this site, I have sent specially crafted requests to the server with my browser ID spoofed to that of an iPad. Please know that while this was not instrumental in this wondrous crack, it _WAS_ poetic in many ways. I also gave Goatsec the same warning that they gave AT&T… none at all, to patch their gaping hole.
71. User Accounts have been deleted, and passwords changed.
72.  
73. AAAAAAAAAAAAAAAAAAAAAAND THE PREVIOUS ADMIN PASSWORD IS… T2!p*uje7ru*
74. Props to: The FBI, OseK, MadMax, mre|666, Scratch (Isuki), Sigdie, anyone who knows what Sigdie is, Krashed (because it’ll make Bratty happy to see his name on a deface page, even if he didn’t have shit to do with it)
75. Fuckoff to: LoRez (FUCK YOU), weev, Apple, AT&T, MI-5, Harry Pierce, and Gay Niggers everywhere.
76.  
77. The previous admin password, which, as stated, was T2!p*uje7ru*, should be considered compromised. Goatse Security advises the general public never to use this password to protect their personal data again.
78.  
79. Big ups, Krashed;
80. Leon Kaiser, Head of Goatse Security Public Relations
81.  
82. Read More
83. Making things right
84.  
85. January 21st, 2011 Posted in Articles
86. Jan, 21 2011
87. 21 Comments »
88. In the wake of recent events, Goatse Security has released an encrypted “insurance” file. Admittedly, it’s not as groundbreaking as the Wikileaks insurance, but we don’t intend to release the key until after a verdict has been passed on both weev and JacksonBrown. We encourage all to download and share this file. Blog about it, upload it to your favourite bittorrent tracker, keep it on your FTP, whatever! We’d like to make clear that it’s nothing to do with AT&T, nor is it the supposed “email list” that was deleted a long time ago.
89.  
90. Direct link: http://security.goatse.fr/media/goatseinsurance.aes256
91. Bittorrent: http://security.goatse.fr/media/goatseinsurance.torrent
92. MD5: b25852056cf86c9aeb42b229ed5752cd
93.  
94. Additionally, we intend to start collecting funds for weev’s and JacksonBrown’s defense fund within the next day or so. Thank you to everyone who has contacted us over the past few days for showing an interest in their trial, and thank you to everyone who continues to raise awareness of their plight. weev would probably appreciate people to pray for him. We don’t know about JacksonBrown, but it’s the thought that counts.
95.  
96. ~Murdox
97.  
98. GNAA President
99.  
100. (By the way, don’t expect too much activity on the GoatseSecurity twitter until weev comes back).
101.  
102. freeweev
103. Read More
104. A Few Notes of Importance
105.  
106. January 19th, 2011 Posted in Articles
107. Jan, 19 2011
108. 7 Comments »
109. On the heels of the arrest of two of Goatse Security’s researchers, I felt compelled to write a statement reiterating a few points regarding last year’s AT&T breach which I believe are important:
110.  
111. The only data gathered was a list of e-mail addresses. No real names, mailing addresses, or any associated data was breached.
112. The data gathered was publicly available on AT&T’s web server. Any person could say “What is the e-mail address associated with ID XXXXXXXX” and the server would happily reply “johndoe@yahoo.com” or “invalid ID”. The process of doing so was simply automated using random IDs. There was no “real” hacking involved.
113. Through intermediary channels, Goatse Security notified AT&T of the hole in their system and waited until it had been patched before we made our disclosure.
114. Under no circumstances was the data ever made public. It was only given to Gawker Media under the condition that it would be redacted, just as proof that the data had been leaked and this was not a fictitious claim.
115. AT&T has pressured the USDoJ and the FBI into building and prosecuting a baseless case because they care more about their own share price than their customers. Stated another way: the American government works at the behest of private corporations.
116. AT&T, the FBI, and the prosecution have labeled this as a “malicious” attack, directly against AT&T’s interests and their customers. This could not be farther from the truth. The flaw was quite literally stumbled upon; AT&T was never targeted, and upon gathering the data, it was not sold, distributed, or used otherwise (although it certainly had the potential to be used quite maliciously) – it was only disseminated to a single media outlet because we believed it was important enough to share. Were the hole discovered by a malicious party, the data could have been easily sold to the RBN at a very high price, could have been used to target iPad owners with AT&T phishing e-mails, the e-mails could have been sent iPad trojans, or otherwise. The private discussions we had to determine the extent of the flaw will undoubtedly be twisted and redacted by the prosecution to create an appearance of malice, as these were all topics touched upon. This can be damning even though the discussion itself is not a crime.
117.  
118. The case is based entirely upon IRC logs, anonymously submitted, which could be completely fabricated with no method of verification. These logs constitute the majority of the prosecution’s “evidence”, and are solely being used to create an image of malicious intent.
119.  
120. The fact of the matter is quite simple: AT&T put their own customers at risk through negligence, their share price dropped when this fact was exposed, and they have now co-opted the USDoJ and the FBI to attempt to shift the blame from themselves to individuals who were looking out for the public good.
121.  
122. In the end, regardless of how the chat logs are made to appear, and regardless of other questionable activities that members may have been involved in, the facts do not change: GoatSec researchers found a hole, made sure it was closed, and responsibly disclosed its existence.
123.  
124. –Rucas
125.  
126. freeweev
127. Read More
128. FBI arrests Goatsec members on conspiracy, fraud charges
129.  
130. January 19th, 2011 Posted in Articles
131. Jan, 19 2011
132. 5 Comments »
133. Today, Jan. 18th, Andrew Auernheimer and Daniel Spitler were brought
134. into custody on the basis of a federal criminal complaint of a highly
135. dubious and unsettling nature. The complaint alleges that the two were
136. responsible for gross crimes of conspiracy to hack computers and
137. fraud. Let's examine the government's case.
138.  
139. The gist of what supposedly transpired is this: in the summer of 2010,
140. Spitler created a PHP script to harvest email addresses of people who
141. purchased a 3G iPad. This was accomplished very simply, because AT&T
142. had set up a web service that would match a given ICC-ID (SIM card
143. serial number) to an email address. This was to make the sign-up
144. process for people who just purchased their new iPads easier, since it
145. would pre-fill their email address in the registration form. Due to
146. sloppiness on the part of AT&T web engineers, there was no rate
147. limiting, user agent checking or any other mechanism to prevent
148. someone from simply taking a random ICC-ID and adding one to it, over
149. and over (the FBI calls this "hacking"). Since AT&T's ICC-IDs were
150. more or less sequential, assembling a list of email addresses was
151. quite straightforward.
152.  
153. The only information that could have been gleaned from this process
154. was ICC-IDs (which are totally useless) linked to email addresses
155. (which are not private information). That's all. The only reason we
156. are even hearing about this is because Andrew is a clever fellow who
157. likes to make very embellished and sensational claims as a form of
158. ironic humor, and he was able to convince some people in the media to
159. make a big deal about the whole situation. This made AT&T look bad,
160. and their customers concerned, both of which outcomes are to be
161. expected.
162.  
163. Apparently, it seems making AT&T lose face is a heinous offense,
164. justifying seven months of investigation by the FBI and many, many
165. grand jury sessions at great taxpayer expense. Several people were
166. raided by federal and state agents to search for evidence relating to
167. the email harvesting. The FBI engaged in standard harassment practices
168. and blanket subpoenas to pursue their case, refused to allow
169. Auernheimer to see his warrant (claiming "national security" concerns)
170. and intimidated his girlfriend and potential employers. There is
171. certainly a history of AT&T doing favors for the FBI (warrant-less
172. wiretapping for example). I am not saying there is evidence of a grand
173. conspiracy here, but it looks an awful lot as though AT&T was mad and
174. got their FBI pals to make the lives of Auernheimer and Spitler
175. unpleasant.
176.  
177. The criminal complaint charges the two with illegally accessing AT&T's
178. computers which are classified as "protected computers" under USC
179. title 18, 1030(e)(2). This law written in 1986 defines a "protected
180. computer" (implying greater penalties) as one that is accessible
181. across state lines, which would now include any machine hooked up to
182. the internet. The servers are described as having been "fooled into
183. believing that they were communicating with an actual iPad 3G and
184. wrongly granted the Account Slurper access to AT&T's servers". No
185. access was granted or requested, no machines were "fooled" (whatever
186. that means), and the machines were already accessible from anyone with
187. an internet connection because they were web servers. They say this
188. was accomplished without authorization from AT&T, even though that
189. point means nothing since all "legitimate" users were not granted
190. explicit authorization either.
191.  
192. In fact, when you examine the facts presented in the criminal
193. complaint, it's amazing that the DOJ would even waste their time with
194. a case with a flimsy house of cards presented as evidence.
195.  
196. The complaint cites news articles quoting Andrew's fantastical
197. hyperbole about the security group's actions. There are
198. well-documented cases of the media believing all sorts of ridiculous
199. computer security tripe and publishing it without fully comprehending
200. what they are writing about. If the FBI is going off of such stories
201. and respected news outlets such as a blog devoted to publishing gossip
202. on Silicon Valley, one really wonders how informed they are. I imagine
203. they know what they are doing, but include it anyway because it makes
204. their case look stronger to the poor judge who's time is being
205. wasted. Also cited is Andrew's LiveJournal, to which I must say "LOL"
206. ("LOL" and its variants stand for laughing out loud, notes the
207. complaint in one of many hilarious footnotes).
208.  
209. They go on to bring up past interviews in which Andrew, undoubtedly
210. under the influence of powerful narcotics at the time, makes up absurd
211. shit to see how much the clueless reporter will print. Anyone who is
212. at all familiar with Andrew or similar persons can immediately
213. recognize the quotes as ironic bullshitting, but the media and FBI are
214. hopelessly out of the loop when it comes to such things and actually
215. take his statements at face value. His past statements such as "I want
216. everyone off the internet" are apparently used to imply his guilt in
217. the present.
218.  
219. The Goatsec website is mentioned as stating Auernheimer among other
220. things as writing "Ruby while living in SF SoMa" which is a dig at
221. Spitler's homosexuality which became a topic during the grand jury
222. trial, although it is couched in so many layers of in-jokes to make
223. such a statement impenetrable by most people, which is true of almost
224. all statements that are quoted in the complaint.
225.  
226. IRC LOGS:
227.  
228. The only actual "evidence" presented of wrongdoing in the entire
229. complaint is "150 pages" of IRC logs provided by a confidential
230. source. Perhaps they are relying on the fact that the jury will
231. consist of people who have no idea what IRC is or why one should not
232. treat what is basically a text file from an anonymous source on the
233. internet as the basis for locking someone up for 10 years.
234.  
235. Unbelievably, the FBI actually subpoenaed Goatsec member "Rucas the
236. Earthworm" to appear before a grand jury in New Jersey to defend
237. himself for advising people to throw their computers in the river,
238. accusing him of advising people to destroy evidence.
239.  
240. The rest of the complaint is filled with hearsay and non-facts with a
241. number of downright fabrications. In one footnote, the agent preparing
242. the report notes that "the phrase 'D8' means to be deeply involved in
243. an activity or to perform an activity to the fullest extent possible."
244. Since "D8" is just a frowny face on its side, one can only conclude
245. that this and other facts are being made up wholesale.
246.  
247. The criminal charges being levied against Spitler and Auernheimer are
248. disconcerting for a number of reasons; most notably the concept of
249. charging someone with conspiracy on the basis of IRC logs. As
250. explained earlier, IRC logs are hardly difficult to make up, alter or
251. attribute to other persons. To say nothing of the very idea of
252. conspiracy as a crime itself. The fact that the conspiracy charge is
253. thrown in usually indicates that the prosecution doesn't actually have
254. any hard evidence of a real crime being committed, so they resort to
255. trying to pin thought-crime charges on their victims instead. It is
256. not my intention to be alarmist, but all citizens of any country
257. should be greatly concerned when corporations are able to get law
258. enforcement to arbitrarily enforce overly broad laws to silence and
259. punish anyone they deem an annoyance.
260.  
261. Thanks for reading,
262. Jason Gates
263.  
264.  
265.  
266.  
267.  
268. freeweev
269. Read More
270. Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
271.  
272. November 18th, 2010 Posted in Articles
273. Nov, 18 2010
274. 14 Comments »
275. Howdy Lee,
276.  
277. Originally, I was outraged by your prosecutorial efforts against me and my associates, and extremely shaken up due to the unjust search of my home, in multiple violations of the Fourth amendment. I believe that the emotional stress caused by my multiple-day solitary confinement without cause, and the accumulated effect of previous harassment by the government lead me to treat you less respectfully than I should have. However, recently I was at the law library, my usual resource for ethical guidance, and I started reading Thomas Paine. There, I experienced a revelation as to how to best proceed in dealing with your actions.
278.  
279. “He that would make his own liberty secure, must guard even his enemy from oppression; for if he violates this duty, he establishes a precedent that will reach to himself.”
280. - Thomas Paine, Dissertation on First Principles of Government
281.  
282. I’m writing to help clarify the situation in which we continue to find ourselves. It appears, despite the obvious facts surrounding the events, that you are continuing to attempt my legal prosecution. While information security experts worldwide (many of whom your department hire as expert witnesses), law analysis groups, consumer affairs groups and lay citizens continue to support me, you still investigate me for some alleged obscure criminal act. While I generally support your mission, Lee, I think you’re being lead astray by a desire for professional distinction.
283.  
284. I am sure that you are probably under great pressure to produce something, as evidenced by your use of quasi-legal means such as your questionable search warrant, the ensuing negative publicity for your office and name, and the growing number of people asking why you are doing this. These influences upon your judgments are of no matter; ultimately, you will be held accountable to the people for your actions. I’m sure that the strain is beginning to take a toll on your personal and professional relationships, and as I am, and always have been, a supporter of the United States’ government, I’d like to offer some friendly advice before irreparable damages from your errors spread to other aspects of the Department of Justice.
285.  
286. Here are the options available to you, and my advice for each:
287.  
288. 1. Continue holding Grand Jury sessions and force an indictment.
289. I can in no way advise this as it will harm your professional reputation and force the Department of Justice to engage in the manufacture of evidence. Social responsibility has always been at the core of everything we do at Goatse Security, and this will be extraordinarily obvious at a trial. Goatse has done large amounts of documented work in project areas such as combating safe havens for pedophiles worldwide, protecting US infrastructure, and keeping US citizens safe from Russian and Chinese organized crime. The DoJ has also pursued these projects, quite well at times, but we should work together for a common goal instead of fighting for territory, and wasting our fiscal and legal resources. At Goatse, we do not have a large advertising budget like the DoJ and FBI; our publicity comes from citizen recognition of national stewardship and skillful work. I hope that you don’t see this as competition to your own great work in the area, but allow me to communicate that I believe that we could both do better
290.  
291. 2. Stop this investigation.
292. Given the vulnerable position the DoJ is in as a result of your actions, you may be required to resign. I am very sorry for this prospect, but there are many great opportunities available for you in the private sector, and just because you will not be employed by the people at large does not mean that you will not be able to help make the country a better, safer and healthier place for us all to enjoy. We at Goatse give back, with daily volunteer work, which we are able to accomplish in our free time due to the gains we make by working in the private sector. We find this the most healthful and heartiest form of patriotism, as it not only allows total agency and freedom of choice, so that citizens can give in the ways they are most capable, but also minimizes bureaucratic costs we all bear as brothers and sisters in this great nation.
293.  
294. 3. Publicly accept assistance from Goatse Security.
295. While the smear campaign your agency has launched against Goatse and myself personally may make this difficult, I’m sure that fully disclosing the rationale behind it would secure the public’s forgiveness and understanding for you and the DoJ. Lest it go unsaid, a friendly hand extended in partnership would earn Goatse’s respect and forgiveness as well. As always, we are more then happy to work with you hand in hand for a stronger country. If you are unable to do this for political reasons, we understand but we would not want you to dishonor your family or the legal education they’ve helped you attain by making choices which are wrong. AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers over the rights of shareholders.
296.  
297. I pray for you, Lee. I pray for you to see wisdom in your actions, and pray for you to be guided towards righteousness. I advise you to discuss this matter with your family, your friends, victims of crimes you have prosecuted and your teachers, for they are the people who would have been harmed had AT&T been allowed to silently bury their negligent endangerment of United States infrastructure.
298.  
299. Hugs and Courage To You,
300. Andrew
301.  
302. Read More
303. Clench, our way of saying “screw you” to SSL PKI forever
304.  
305. September 8th, 2010 Posted in Articles
306. Sep, 08 2010
307. 11 Comments »
308. Nate Lawson has an excellent post on his blog rightly identifying SRP as a superior solution to the Clench implementation. However, upon examination it appears that SRP is encumbered by a questionable patent situation. I would hope that Stanford would be able to release a BSD-licensed version of their SRP distribution sometime soon to enable its adoption everywhere.
309.  
310. Application layer authentication-inherent validation of public key integrity without the use of a trusted third party
311. Andrew Auernhemer and Jordan Borges.
312.  
313. This is the initial unveiling of the pre-alpha version of Clench, Goatse Security’s new simple password-based authentication mechanism that rids most organizations of a need to rely upon an untrustable third party to ensure against man-in-the-middle attacks.
314.  
315. un-tl;dr abstract: SSL is broken. Certificate authorities only exist to let the US, Chinese, Turkish, Brazilian etc etc government or Russian mob spy on you (whichever is interested first). Well, I guess they also exist to line the pockets of assholes who want $10-50 for pushing a button. Luckily, we’ve remedied this! We’ve established a way that a client, using only standard password authentication, can validate a server’s public key and ensure that no third party is listening (without the use of a trusted third party such as a certificate authority or manual fingerprint verification). Read on for a wonderfully simple hack and proof of concept code!
316.  
317. Biggest problem we solve: “Trusted” third parties can’t be trusted and criminals or hostile governments are free to launch man in the middle attacks. Extensive research in this area has been done by by Marlinspike, Dan Kaminsky and Mike Zusman which you really should read.
318.  
319. Exploiting web application and business logic vulnerabilities of certificate authorities allow the generation of valid certificates for arbitrary domains you do not own.
320. The number of entities allowed to issue certificates is now massive and not being effectively tracked– criminal organizations outright buy certificate authorities and print certificates for arbitrary domains they do not own.
321. Do you trust the Chinese government not to snoop on your traffic? What about the United States government? Your browser trusts both– either of them can snoop on your “secure” HTTPS sessions.
322. EV SSL is a joke.
323. Who watches the watchers?
324. The whole SSL architecture is broken and cannot be safely relied upon. Any system of authentication which relies on a “trusted” third party that you have no dominion over is flawed. DNSSEC is only an incremental improvement with the same underlying flaw– I may trust the ICANN, ISC, NIST, NTIA, the Department of Homeland Security, or VeriSign more than the combined ineptitude and maliciousness of every current SSL CA, but I still don’t trust them. The whole idea of a trust anchor is fallacious.
325.  
326. We set out to solve this problem in a way that can reconcile three realities of security:
327.  
328. Users cannot effectively comprehend anything but password authentication. They don’t understand key management, and the task of getting hundreds of thousands or millions of users to install a client certificate or generate a keypair (and not accidentally reveal the private key) is a Herculean task that few IT departments want to try.
329. Users cannot be trusted to manually verify fingerprints. Seriously, they just won’t. Even the ones that perceive themselves as sophisticated and security-conscious.
330. The network is now many times more hostile and open to attack than the server.
331. So we had to create an authentication mechanism in which a user inputs only a username and password, but ends up with a session immune from man-in-the-middle attacks without the use of a trusted third party.
332.  
333. We looked at various authentication schemes. Of note was Livejournal’s. Being the most popular blogging site in Russia, they got user auth details jacked so many times by shady spammers jacking routes with “legitimate” certs that they stopped transmitting the hash plaintext over the wire. They give a nonce to the client and the client hashes locally and then sends the hash to the server. The other source of inspiration was the Socialist Millionaire protocol, which Off-the-Record Messaging utilizes with a shared secret to verify cryptographic fingerprints.
334.  
335. In almost every scenario where security is mission critical, you already have a shared secret from the outset. When an enterprise user is given their new account, or when someone sets up online banking at their bank branch they are given a temporary password. A temporary password is a shared secret, and shared secrets may be leveraged to verify fingerprint information.
336.  
337. Here’s how Clench works:
338.  
339. Client connects to server and sends hello.
340. Server sends hello back, along with its cert.
341. Standard Diffie-Helman key exchange happens in SSL/TLS/SSH fashion. Initial handshake is finished, cypher spec is changed, now here comes the magic:
342. Server sends client the nonce value [ Ticks since unix epoch + 16 bytes of random data ]
343. Client sends userid/username to server.
344. Client types in password, but password is not sent to server. Both sides generate a hash.
345. Client generates y, a hash of [ client password + server's public key, as client sees it + nonce from step 4 ]
346. Server generates x, a hash of [ client password + server's own public key + nonce from step 4 ]
347. Client and server use a symmetric and fair zero-knowledge proof to verify that we both have the same hash without revealing the value of the hash to one another. Imagine a two pan scale, and a secret of a given weight of marbles in a bag. If we both place our bag of marbles on the pans at the same time, if they come to an equilibrium we will have verified our shared secret without revealing it to one another.
348. Server picks random exponents a2 and a3,sends client g2a = g1a2 and g3a = g1a3
349. Client picks random exponents b2 and b3,computes g2b = g1b2, g3b = g1b3, g2 = g2ab2 and g3 = g3ab3, picks random exponent r, computes Pb3r and Qb = g1r g2y, sends server g2b, g3b, Pb and Qb
350. Server computes g2 = g2ba2 and g3 = g3ba3, picks random exponent s, computes Pa = g3s and Qa = g1s g2x and Ra = (Qa / Qb)a3, sends client Pa, Qa and Ra
351. Client computes Rb = (Qa / Qb)b3 and Rab = Rab3, checks whether Rab equals (Pa / Pb), sends server Rb
352. Server computes Rab = Rba3 and checks whether Rab equals (Pa / Pb)
353. For more information on this step please see the excellent paper “A Fair and Efficient Solution to the Socialist Millionaires’ Problem“.
354.  
355. Upon successful completion of the proof, the server allows the session to proceed.
356. This method of authentication avoids nearly all of the current pitfalls for current authentication schemes. Things that cannot be done against our authentication mechanism:
357.  
358. Cracking a hash from the wire: No hash is revealed!
359. Man in the middle attacks. Impossible– compared shared secret is incorporating the server’s public key. If there’s an attacker in the middle, client’s hash value y will be built with the wrong public key and thus will fail zero-knowledge proof comparison.
360. Replay attacks. Underlying hash for proof is not revealed, and nonced anyways.
361. Brute force of Socialist Millionaire protocol with a preloaded Rainbow Table: This is doubly impossible.
362. Even if (x – y) could be extrapolated, the nonce is built with 16 bytes of random data. At least 2-3 bytes of the ticks value are hard to predict, ending up with (18 + password length) bytes of random data results in rainbow table size that is unfeasible to build.
363. (x – y) cannot be extrapolated by brute force, as a new nonce is built for every authentication attempt, and potentially meaningful data from (x – y) cannot be generated without multiple attempts on the same shared secret value.
364. This can be accomplished in either the session layer or the application layer– the latter allowing easy implementation atop current infrastructure with trivial changes to clients.
365.  
366. The roadmap from here.
367.  
368. There’s some barriers to implementation on this for HTTPS. Firstly, there needs to be a javascript function that returns the current public key (or at least the fingerprint) of the https server called to load the page in the current DOM. There also needs to be some mechanism in the GUI of the browser that can’t be mimicked by an attacker to inform the client that the current login form implements a Clench-like authentication mechanism. Because obviously an attacker can just rewrite the form if they’re MitMing and trick the user into sending plaintext.
369.  
370. SSH can be implemented much faster, it’d just need a PAM module.
371.  
372. Hey, wait a second, doesn’t the passphrase have to be stored in plaintext or as an unsalted hash on the server?
373.  
374. Well, possibly yes. The perception of this as being an insurmountable flaw is largely the result of fallacious decisions in SysV in 1988. They were good decisions at the time due to the fact that it was ludicrously easy to break the security of a server then. However, the network has become far more hostile than the server. There are two major ways of ensuring the safety of a plaintext password or unsalted hash data store:
375.  
376. The authenticating server needn’t actually have the password in plaintext, it merely needs access to a more device that has it. A secure hashing device can be implemented on a PIC/Atmel/Xilinx– it’s job is to generate the nonce, give it to the server with a cookie, then when the server responds back with a userid and the cookie it hashes together the nonce, the client’s password (which only the secure device has access to) and the server’s known public key, taken from a whitelist. It then passes the hash to the server. It is trivially easy to build a device in hardware which can only provide nonces, cookies and hashes and write new passwords without ever giving stored passwords up in plaintext, and disallows reprogramming to do anything otherwise. Or if not a hardware device, perhaps a grsec-hardened machine running managed code with no network stack exposed, doing a similar transaction raw over serial port or Infiniband. If my sole goal of a machine is to hash things and keep a file secure, I can confidently make it bulletproof without risk of compromise.
377. The potential implementations highlighted above are in development, and will be aired at the first opportunity (provided I evade unjust imprisonment, lol).
378. Make your users make two passphrases– the first of which will be stored in plaintext, to assure no MitM, the second of which will be stored shadowed as normal in case of server’s compromise. Telling grandma she needs two different passwords to use her bank account is a lot easier than teaching her to install a client certificate.
379. Hey, there’s no way to tell the difference between an attempt at man-in-the-middle and a mistyped password!
380.  
381. With a user-specified password, no. If your initial shared secret has a checksum or LUN check in it, however, the client can notify the user of a potentially mistyped password.
382.  
383. Okay, I’m tired of reading your shit. Where’s the codes?
384.  
385. Here. Enjoy, and know that a meatier paper is on its way (provided I evade unjust imprisonment long enough to do the peer review process for a journal or conference) if you want to read this in academic tripe format.
386.  
387. Read More
388. More hypocrisy exposed
389.  
390. July 29th, 2010 Posted in Articles
391. Jul, 29 2010
392. 1 Comment »
393. Oh look, security researcher Ron Bowes enumerated a list of all public Facebook users from data on a public Facebook webserver:
394.  
395. http://www.thinq.co.uk/2010/7/28/100-million-facebook-pages-leaked-torrent-site/
396.  
397. This action is indistinguishable from the actions of the iPad scraper. This is another case of public data aggregated perfectly legally from a public web server. The difference? Goatse Security only released this data to a single journalist, solely for the purpose of informing the public. Ron Bowes made a public BitTorrent of the data, publishing it for the entire world to abuse. Goatse acted with a higher standard of ethics than Mr. Bowes. Yet we’re pretty sure he won’t be getting his door kicked in by the feds.
398.  
399. AT&T’s claim that we acted maliciously is false and the warrants obtained against us through misstatements of fact are unlawful.
400. Read More
401. Hypocrites and pharisees
402.  
403. July 5th, 2010 Posted in Articles
404. Jul, 05 2010
405. 110 Comments »
406. A while ago, someone came to me and gave me some data involving AT&T iPad customers to publicize, the full story of which I’m sure you’re all familiar with from my previous excellent blog posts. I was subsequently raided by the FBI and arrested, though I have been under gag orders and haven’t been able to discuss the details of what happened. I am now violating those gag orders because my civil liberties are being grossly violated– I have even been denied a public defense attorney on an imprisonable offense. I believe that speaking out is my only hope at being saved, and my story is important reading for anybody that uses the Internet for political speech.
407.  
408. The Institute of Electrical and Electronics Engineers posts on a lawfirm which did the exact same thing the author of the iPad slurper script did– incremented a numerical identifier on a public HTTP server to scrape data. They used this technique to take data from the Anthem/Blue Cross insurance company.
409.  
410. Was that data the law firm grabbed undefined as personal information according to any public statutes like Goatse’s? No, actually! It was medical records (protected by HIPAA) and Social Security numbers, protected by at least the privacy statues of California and Massachusetts!
411.  
412. Did the law firm scramble as Goatse Security did to ensure that the vendor would have the opportunity to patch the data? No! They spent as long as they could manage scraping the data, as opposed to the mere hours that the iPad slurper did in the interim while AT&T fixed the vulnerability!
413.  
414. Did the law firm collect and use the data solely in public interest, destroying it after it was used to notify the public of the vulnerability? No! The law firm collected the data for purposes of private monetary gain, and as far as I know still have a copy!
415.  
416. Has the law firm been raided by the FBI and had its property stolen without cause? No!
417.  
418. Has the law firm had drugs “found” (and found is in quotes for a good reason, as the drugs “found” near me were “found” in the execution of a warrant for computers only, with a landmark free speech case involving a very angry 150 billion dollar corporation in the balance) within its offices? No!
419.  
420. There’s also a case of a security researcher that recently found a privacy flaw in Foursquare and used it to scrape hundreds of thousands of private location updates, without the advance notification of Foursquare. Was this security researcher similarly raided by the FBI without probable cause? No. The utter hypocrisy of this case is astounding.
421.  
422. My actions and those of Goatse were not criminal; they were done using industry standard practices as a public service. All the actions of the original author of this exploit were not criminal. Scraping data from a public web server is an extremely common practice amongst lawyers, security researchers and journalists, not to mention web developers. I have even talked to journalists who have collected stolen credit cards to discuss the implications with the victims who are involved. Hell, if scraping data from a public webserver becomes criminal, virtually all of the content that appears on Google News or Google Blogsearch is going to send someone to jail.
423.  
424. The warrant was executed without probable cause, as there is no way a reasonable and educated person could believe a crime was committed.
425.  
426. Beyond that, my role in this was solely that of a journalist. I never took credit for the collecting of the data itself. I was a publicist and as evidenced by the way this story took off with proper seeding, I am damn good at that. I took data that someone gave me anonymously and let the world know about it in what I thought was the most efficient way possible. I am being persecuted solely because my speech has angered a large corporation. I have been threatened with indictment from the Assistant US Attorney on the case, as evidenced in these screenshots:
427.  
428. screenshot 1
429. screenshot 2
430. I have received similar threats in the past day to be prosecuted on the basis of “computer intrusion” if I do not give the prosecutor in this case the information he wants, which I do not have.
431.  
432. I have even been denied my right to attorney for a jailable offense, in violation of the US constitution, Gideon v. Wainright, and title 16 of Arkansas law, as evidenced by this court memorandum. It took several attempts of visiting the courthouse and begging to even get that memorandum to show you that I was even being denied an attorney.
433.  
434. This is a complete miscarriage of the justice system, and the perpetrators are scribes serving pharisees and hypocrites.
435.  
436. Why my case is important to you
437.  
438. My case is absolutely important to bloggers and journalists. My case involves speech, and speech alone. If I’m threatened today, you are threatened tomorrow. The ability for bloggers and journalists to blow the whistle on corporate and government misdeeds is on the line here.
439.  
440. If you are a website operator of any kind, my case is important to you. The idea that you could be held liable for telling people about user-generated content is a nightmare.
441.  
442. If you are a security professional, this case is obviously important to you. Full disclosure is important to the security community, and is the only way independent researchers can build a name and business for themselves. It is also the only way which the public can be informed and educated about risks to their safety.
443.  
444. If you are a proponent of civil liberties, my case is important to you. This is the first amendment on the line, and I will be first, because I have been actually exercising my right to speak freely when things are tolerable. Very soon, things in this country will be much less tolerable, and if I am sent to prison the precedent will gag your mouths as well.
445.  
446. If you are a fan of the lulz, my case is important to you. I am the master of the art of the spectacle, and if you would like to see more spectacles you want me to stay on the streets. Support me and I promise you dividends in lulz for all eternity.
447.  
448. Not the first time my civil liberties have been violated
449.  
450. The federal government has a long history in violating my civil liberties. In 2008, I became dissatisfied with the public dialogue on the conflict over Israel. In this debate, the first party says “we must unequivocally support Israel’s genocide of the Palestinian people, crimes against humanity and continued acts of espionage against our nation”. The other party says, “it is complicated.”
451.  
452. The first statement is extreme and evil. The second is just plain wrong. I decided to make some videos to balance out the dialogue which consisted largely of support for the absolutely absurd policy of the genocide of Palestinians. So I made some obviously parodic videos consisting of support of the equally absurd policy of genocide of the Jews. Which, besides being an obvious joke, were constitutionally protected speech under Brandenburg v. Ohio.
453.  
454. Let me elaborate on “obviously parodic”. By obviously parodic, in one of them I am wearing a luchador mask and preparing to blow up a pinata shaped like a giraffe while “American barbie did world trade center” scrolls across the frame. In another, I am commanding my “followers” (my audience who is well aware that this is a comedy show) that our faith includes a commandment of wearing temporary tattoos featuring an image of my friend’s dog. In another I am blaming Farrah Fawcett’s death by anal cancer as a result of HPV picked up from anal sex with Jews. In summation, if you took these videos at face value you are a complete idiot.
455.  
456. The reality that these videos were an obvious joke should only be enhanced by the fact that there is a Forbes article comparing me to Shakespeare’s puck and a Fox News article calling my rhetoric “offensive and witty detail”.
457.  
458. Any attempt to brand me an anti-Semite is idiotic. I have no problem with any person solely because of their Semitic descent. Take a look at my last name, “Auernheimer”. Think about the likely origins of this name for a second. Even a quick Google reveals its origins. The most famous Auernheimer of history, journalist and author Raoul Auernheimer, had his way bought from the fires of Dachau by his uncle, Theodore Herzl himself. Come on, I have curly hair and brown eyes here. The claim many “journalists” are making that I am some sort of Nazi is preposterous, but I suppose you have to resort to ad hominem when the public overwhelmingly supported me on the basis of the facts of the case.
459.  
460. So what did the federal government do in response to my videos?
461.  
462. Why, they try to cast me as a synagogue-threatening nutjob in the public eye. I have never threatened a synagogue, nor encouraged anyone else to. I would never do so. How did my name get attached to this?
463.  
464. Let us say, hypothetically, that you’re an FBI agent named Mueller. You have someone whose speech you want to silence. You call up a 3rd party who you have control over, likely a confidential informant absolutely beholden to you because you can put him in prison for unsatisfactory performance. You tell this informant to make threatening phone calls to a synagogue. You then posit that the person whose speech you want to chill is responsible to the victim, and have them report it to the police.
465.  
466. Now that your target has been accused of a terrorist act, they get your name on all the watchlists and your pals at the FBI have “justification” to:
467.  
468. Have a Jewish group publish their name and license plate number in a Jewish publication associating their name with threats of violence to a synagogue, despite the fact that they never had anything to do with such threats and their constitutional right to pseudonymous communication which has been affirmed by many court precedents both appelate and supreme. This article will later be relinked to and quoted by many Jewish reporters and used against your target. Said reporters will convienently forget to publish the part that says some other dude made the threats and not your target.
469. Break into their house and steal hundreds of thousands of dollars of their assets on secret warrants while they are away on vacation, never delivering them a list of stolen property or any means to verify that it happened. They will never get their stuff back. Yes, this happened to me. Yes, I called lawyers. I was told without surveillance footage or some other proof of the theft I had no real ground to stand on.
470. Go to their business partners, friends and family and tell them outright lies (they said I “ran klan meetings in the desert” and “manufactured grenades”, no joke). Due to crown immunity, you can never sue the FBI for libel, no matter what they say!
471. Go to the customers of their newly formed business, which they have invested all liquid capital in and tell them they are funding terrorism. They will no longer have customers.
472. Hand the target items which appear to be contraband in attempts to either frame the target for crimes or put psychological pressures on him.
473. All this because I dared put forward some politics, religion and humor that the establishment doesn’t like. I suppose I received better than Anwar al-Awlaki, a US citizen practicing his faith who received execution orders without trial signed by our Pharoah in return for merely speaking his mind.
474.  
475. I put at risk and lost my business because I believed in speaking out against injustice. I could have shut up, continued receiving a six figure salary and living a pointless life based on fleecing other people. I put it all on the line because of two reasons:
476.  
477. After getting all that stuff they have us chasing after, I realized it was all a load of garbage and wasn’t a sufficient bribe to sit in my castle in the sky and watch the freedoms our forefathers fought and died for be flushed down the toilet.
478. I consider the absolute disdain our illegitimate leaders have for the Constitution the most important problem to be solved in our time.
479. I have empirically proven by experimentation that free speech is gravely threatened in this country. I have only spoken up for what I believe in through politics, religion and humor, the three big constitutional safeguards. Beyond that, other aspects of my speech have been lawful behavior in the service of the public. I have been endlessly persecuted by a government occupied by evil for it. They have libeled me with lies in the public forum, stolen my assets, attempted to frame me for crimes, brought false charges against me, terrorized my friends and family (including threatening my mother with rape), and intentionally destroyed my business. The agents of the federal government that attack me truly hate rule of law and the Constitution, and have hijacked federal funds to silence my speech. The founders understood the need for free speech and the marketplace of ideas. These FBI agents have shown they care little for the protections of the constitution, and should be charged with treason.
480.  
481. I’ve also been subject to “journalists” with a complete lack of integrity telling blatant lies about me. For example, Mattathias Schwartz claimed in the New York Times that I demanded ransom payments for the daughters of corporate executives. This came out of nowhere– I’ve never done such a thing, never claimed to do such a thing, and would do no such thing. As far as I can tell, he paid someone to say it. He didn’t want the story I gave him. It was a story of philosophy, politics and Christianity. He also was visibly distraught when I called Sigmund Freud a child molester (which he was), Israel a nation run by genocidal sociopaths, and the Federal Reserve a privately owned institution to enforce a dynastic oligopoly over credit (which it is). So he made his own story, where I was turned into some fictitious character for his benefit. The whole thing reminded me of disgraced journalist Stephen Glass (though less entertaining). It was pretty funny when it happened, but now that his lies are being used against me to a jury it isn’t as humorous.
482.  
483. Or consider Fast Company, which posted a picture out of context of me holding a bag of white powder. This bag of white powder was something called Piracetam. It is a perfectly legal nutritional supplement along the lines of Ginkgo Biloba– it improves memory. It was in a thread with me asking people what nutritional supplements they take. Out of context, it makes me look like a drug dealer. Such deliberate dishonesty has become a matter of course for “journalists” who have a personal dislike of me.
484.  
485. I’ve been subject to abuses of the system like you wouldn’t believe, and need serious help getting out of this. After I’m done, we need to work together to set up a system where these people won’t merely be punished in the next life, but this one as well.
486.  
487. The current nightmare, and what you can do to help
488.  
489. When I was made a detainee at the Washington County jail, after my phonecall two FBI agents from Newark came by and delivered a document. They stated I had 3 days to respond to said document or I would be given a new charge of contempt. The document was placed in my belongings up front, and I was promptly thrown into solitary confinement. I was not allowed to view the document to write a response to it. I was not able to contact anyone on the outside (such as my bondswoman). If she hadn’t noticed my picture in the paper and come to rescue me, I might still be in jail.
490.  
491. After having my money stolen and business ruined by the FBI because I dared speak my mind in a lawful manner, I am no longer in decent financial shape. I have been denied a public defender by the Fayetteville courthouse. I have had all my computers seized on a warrant which could not possibly have had probable cause, and thus am lacking the very materials I would need to take this pro se. My requests to get a copy of the secret warrant used to steal my property have been stonewalled by state and federal authorities.
492.  
493. As I have been denied my constitutional rights to an attorney, I need help to make the retainer for a private one. This is not a burden I can continue to bear alone. This is the sort of thing which went on before the crumbling of the Soviet Union. This tyrannical bureaucratic torture should not happen to US citizens. I do not want America to crumble, and I want to continue my work defending the United States Constitution and protecting the American people from cyberthreats. To defend myself, I need money. I’ve never needed nor asked for help before, but I am really in trouble this time. If you could spare some cash to donate, please paypal some cash to: snailcricket@gmail.com
494.  
495. Please write letters to your local, state and national representatives. If you happen to know any attorneys who would be willing to take this case let me know. I am at the end of my rope. My largest hope at this point is that history will record my future actions in the context of the illegal injustice that has been done to me.
496.  
497. Read More
498. Goatse Security Press Release
499.  
500. June 20th, 2010 Posted in Articles
501. Jun, 20 2010
502. 8 Comments »
503. June 20th, 2010 ― Goatse Security is dismayed at AT&T’s effort to co-opt the authority of the FBI to absolve themselves of their responsibility in a massive security vulnerability which disclosed private and secure information of its customers. Indeed, this vulnerability was 100% avoidable, and 100% AT&T’s fault. By co-opting the FBI, the private lives of Goatse Security volunteers has been invaded, and destroyed by what was at best a blunt instrument: the raid, by force, of the Goatse Security spokesperson’s private residence.
504.  
505. Goatse Security, in terms both clear and public, deplores this use of force to solve what is, in the end, AT&T’s PR problem. Goatse Security took measures beyond the norm to contact AT&T and assist them in patching the vulnerability before publishing it, or allowing any related media story to be published. It is our belief, and AT&T’s brash and public actions re-enforce this belief that:
506.  
507. Without large numbers of compromised customers, and without the headlines that go with them, this vulnerability would have gone unpublished, and AT&T customers unprotected. AT&T, as has been demonstrated in this instance, grossly irresponsible with the private data of its customers. We have no reasonable belief that AT&T would have taken action, would have warned anyone of this vulnerability. Instead, they would have simply swept it under the rug.
508. Full disclosure, the immediate public release of a vulnerability, is justified when companies act in their own self-interest, instead of protecting their customers’ privacy. Indeed, AT&T, instead of respecting its customers’ privacy, violated ours. This is unacceptable. Further vulnerabilities developed against AT&T will continue to be developed utilizing the best common practices (BCP) for developing such exploits, but will no longer be privately given to AT&T prior to their release. All future releases of AT&T related vulnerabilities will occur under “Full Disclosure” practices.
509. Goatse Security is relieved that Andrew has been released from his incarceration and is mostly unharmed, but condemns the violent, subversive, and unnecessary actions taken against him by both AT&T and the FBI. We wish Andrew the best in coming days as he picks up his front door, and his life, both pointlessly shattered by the FBI.
510. Goatsec is dismayed at AT&T’s effort to co-opt the authority of the FBI to absolve themselves of their responsibility in a massive security vulnerability which disclosed private and secure information of it’s customers. Indeed, this vulnerability was 100% avoidable, and 100% AT&T’s fault. By co-opting the FBI, the private lives of Goatsec volunteers has been invaded, and destroyed by what was at best a blunt instrument, the raid, by force, of the head of Goatsec’s private residence.
511. Goatsec, in terms both clear and public, deplores this use of force to solve what is, in the end, AT&T’s PR problem. Goatsec took measures beyond the norm to contact AT&T and assist them in patching the vulnerability before publishing it, or allowing any related media story to be published. It is our belief, and AT&T’s brash and public actions re-enforce this belief, that:
512. without large numbers of compromised customers, and without the headlines that go with them, that this vulnerability would have gone unpublished, and AT&T customers unprotected. AT&T, as has been demonstrated in this instance, grossly irresponsible with the private data of it’s customers. We have no reasonable belief that AT&T would have taken action, would have warned anyone of this vulnerability. Instead, they would have simply swept it under the rug.
513. Full Disclosure, the immediate public release of a vulnerability, is justified when companies act in their own self-interest, instead of protecting their customers privacy. Indeed, AT&T, instead of respecting it’s customers’ privacy, violated ours. This is unacceptable. Further vulnerabilities developed against AT&T will continue to be developed utilizing the best common practices (BCP) for developing such exploits, but will no longer be privately given to AT&T prior to their release. All future releases of AT&T related vulnerabilities will occur under “Full Disclosure” practices.
514. Goatsec is relieved that Andrew has been released from his incarceration and is mostly unharmed, but condemns the violent, subversive, and unnecessary actions taken against him by both AT&T and the FBI. We wish Andrew the best in coming days as he picks up his front door, and his life, both pointlessly shattered by the FBI.
515. Read More
516. Older Entries
517.  
518. Recent Posts
519.  
520. Compiz vulnerability
521. Goatse Security compromises famous security blog
522. Making things right
523. Recent Comments
524.  
525. iPad Hacking Trial Underway With Big Implications for Computer Law | Exploit Archive on Making things right
526. GoatSec iPad Hacking Case Underway, Ruling Could Address Ancient Computer Law : HotNews Indian News | India Newspaper | India Latest News | News From India | India News Daily | Current India News on Making things right
527. GoatSec iPad Hacking Case Underway, Ruling Could Address Ancient Computer Law - Just another ReviewMonsters.net Sites site - Test on Making things right
528. Blogroll
529.  
530. Help Free Weev
531. Links
532.  
533. GNAA
534. GNAA Corporate Twitter Account
535. Goatse Security on Twitter
536. Goatse Security on YouTube
537. Help Free Weev
538. sam’s blog
539. Archives
540.  
541. May 2011
542. January 2011
543. November 2010
544. September 2010
545. July 2010
546. June 2010
547. Submit to Slashdot
548.  
549.  
550. Meta
551.  
552. Log in
553. Entries RSS
554. Comments RSS
555. WordPress.org
556. Switch to our mobile site
557.  
558. © 2013 Goatse Security, a wholly owned subsidiary of the GNAA