Virtu Email Encryption – Web based email can be easily encrypted

Since former NSA contractor Edward Snowden began divulging information on how vulnerable our personal digital data is – and how much of it security organizations have been helping themselves to – the average web surfer has begun to think a bit more cynically about cyber security. That newfound suspicion creates a headache and a PR-fiasco for the NSA but opens doors for entrepreneurs in the world of online privacy.

Two such entrepreneurs are brothers Will and John Ackerly. The Ackerlys and their startup venture, Washington D.C.-based Vitru, are two weeks into the launch of a product that lets internet users encrypt any and all of their emails for free. Unlike competitors, the service acts as an add-on to your web browser and does not require the email recipient to have signed up for the service. That feature alone makes Virtu notable.

What’s different from what a lot of encrypted communication tools is the integration of their encryption technology directly into Gmail, Yahoo, Outlook.com. They have created a simple system that required little technical know-how.

There is no shortage of privacy and security products out there but most users, while concerned about the privacy of their personal information, have not taken action because they don’t know where to go.

Here’s how it works:

Download Virtru as a Firefox add-on and a mobile app. On Firefox, each new email contains a small unobtrusive switch on the top right corner of the message window which turns encryption on (yes, it is opt in). Press “send” and Virtru encrypts the contents on your device with standard AES 256, then sends it to the recipient but separates the encryption key from the message. The recipient does not need to have downloaded Virtru to get the key but does need to confirm his or her identity by email address. Virtru holds the key to that decryption process and won’t fork it over without verification.  They also have a firewall that makes sure that every keystroke that you type inside the compose window never gets to the server. Normally every single keystroke is recorded and sent to Google servers when using Gmail.

On smartphone, the user can send out emails via the Virtru mail app that links to, say a Gmail app but only after verifying your identity on the device. Other free services include the ability to control whether your recipient can forward your message and the power to revoke access to the message after a chosen period of time.

Email encryption is free (“and it will always be free,” according to the company) but they have formulated a revenue model consisting of soon-to-come paid features like attachment security, domain-level enterprise data management platforms, as well as the licensing of their technology to organizations that want to manage their own security keys.  The fees themselves have yet to be determined but will be announced in the second quarter.

So far Virtru has launched its email privacy product as an add-on to Chrome, Firefox and iOS. In the coming weeks compatibility will spread to Internet Explorer, Safari and Android, as well as plugins for Outlook and Mac Mail.

Multifactor Authentication for Office365

Users of Microsoft’s cloud-based Office 365 offering get a double dose of password security, with client apps to follow soon.

Given the likelihood that Office 365 accounts are bound to contain sensitive corporate information, Microsoft is looking to avoid the high-profile security breaches that have plagued other cloud services. To that end, the software giant announced that it has extended multifactor authentication to the Office 365 user base at large.

The security measure is no longer the exclusive domain of administrators. Multifactor authentication has been available for Office 365 administrative roles since June 2013, and now they are extending this capability to any Office 365 user.

The Multi-Factor Authentication for Office 365 will be available for the Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online.

The will allow organizations with these subscriptions to enable multifactor authentication for their Office 365 users without requiring any additional purchase or subscription. Users must authenitcate once on each device they access their Office 365 account on. Once authenticated, it becomes a trusted computer/device for their account.

The move is part of a broader effort by the company to harden its cloud services slate. In June 2013, Microsoft announced that it was bringing multifactor authentication, based on technology from its PhoneFactor acquisition, to Windows Azure Active Directory (AD) services, enabling users to securely access their accounts with additional credentials supplied by an app or Short Message Service text.

In recent years, online service providers have been rocked by breaches that have caused security-conscious enterprises to regard the cloud suspiciously. Dropbox, a popular cloud storage company, rolled out two-step authentication in 2012 after a breach that made user data susceptible to snoops. Twitter followed suit in 2013 after major accounts had been hacked. Yahoo Mail breach would have been a non-event for users had they switched on the service’s multifactor authentication options. I’m sure all online email providers will be adopting similar services – now it is up to the end-user to turn it on and use it. It should be a required setup for all accounts.

Microsoft is also looking to extend multifactor authentication to Office 365 client apps. Noting that users currently have a workaround by configuring App Passwords to secure their desktop apps. Soon Office 365 customers will be able to use multifactor authentication directly from Office 2013 client applications. Microsoft is planning on adding native multifactor authentication for applications such as Outlook, Lync, Word, Excel, PowerPoint, PowerShell and OneDrive for Business, with a release date planned for later in 2014. The update will supplement phone-based authentication with support for third-party solutions and smart cards that conform to the U.S. Department of Defense Common Access Card (CAC) and U.S. Federal Personal Identity Verification card (PIV) security standards.

Storing passwords in uncrackable form – Information for Web Server Admininstrators

News about intrusions into the servers of online stores, games vendors and other internet services can now be read on an almost daily basis. Often, the intruders obtain customers’ login data including their passwords. As many people use the same password in multiple places, criminals can use the passwords to obtain unauthorized access to further services.

To prevent passwords from being extracted, web site operators usually protect their users’ passwords through such cryptographic techniques as one-way hashing. For this purpose, a character string that doesn’t allow any conclusions to be drawn about the actual password is derived from the password. The only way of finding out whether a password matches a hash is to rehash the password and compare the results. This method is used by the authentication systems of operating systems and web applications – and also by password crackers.

MD5 hashing was long considered sufficiently resilient for this purpose, because the time that is required to try out all possible combinations made it difficult for attackers to reconstruct a password from a hash. With a strong password, trying out all password combinations (brute force attack) using a cracker such as John the Ripper on conventional hardware used to take months, if not years. But times have changed.

Cloud, CUDA and multi-core computer technologies are both a blessing and a curse: they can greatly accelerate the processing of data and make even complex simulations available to end users. Unfortunately, crackers use the same high-speed computing power to reconstruct plain-text data from an encrypted password, and then they use the password to log into a system as administrators. In this context, password crackers can take advantage of the fact that the harvested hashes were probably created using the MD5 algorithm, which is optimized for fast processing.

Commercial password crackers such as those by vendor Elcomsoft, and such free tools as Hashcat and BarsWF, can try out several million hashes per second to find out whether one of them matches a specific password. This means that a password of eight characters can be cracked in four days. However, there are even faster ways. As hard disk storage is getting cheaper and cheaper, attackers often use giant tables (rainbow tables) containing billions of pre-calculated hashes to find a password. These tables potentially allow them to determine a password within minutes. The lists required for dictionary attacks are also becoming longer and longer and, with very weak passwords, often enable cracking programs to succeed within hours.

Fortunately, progress has also been made in hashing technology that hampers high-speed password cracking attempts and makes it uneconomical for attackers to pre-calculate tables – even if the actual password to be cracked is weak. From a certain password length, calculating and storing rainbow tables is no longer viable in a reasonable amount of time. Therefore, an additional, random character string – a “salt” – is added to the password a user has entered. The newly created character string is passed through a hashing algorithm, and the resulting hash is stored in a file such as /etc/shadow. However, the salt must be known if a system is to compare subsequent password entries with the hash. The salt is therefore added to the beginning of the stored hash in plain text. Storing the salt in plain text may sound contradictory at first glance, but the salt doesn’t need to be secret, it only needs to be random. Its only purpose is to inflate the potential number of combinations for each individual password in order to exponentially increase the effort required to create rainbow tables.

However, a salt has only little impact when an individual password is attacked with brute force. Conventional hashing algorithms such as those for generating digital signatures or fingerprinting files are optimized for speed. This is counterproductive when checking passwords, as the intended aim is to thwart password crackers. Brute-force attacks can be rendered unattractive by intentionally slowing down the hashing algorithm or by hashing multiple times. For users, the required speed isn’t really an issue: They won’t notice if checking a password they enter when logging into a system takes a microsecond instead of a millisecond. A password cracker, on the other hand, will become a thousand times slower – instead of 100 million passwords per second, it will only be able to try out 100,000 passwords per second, and a brute-force attack on a password called “P4ssW0r7” would take 48 years instead of 18 days.

The method of artificially slowing things down has its origins in the derivation of crypto keys from passwords. As users’ passwords tend to be too short and have too little entropy, keys need to be lengthened securely, for example when encrypting via AES and 256 bits. Cryptographers call this “key stretching”, and they achieve it by sending a password through a hashing algorithm multiple times. The method has been standardized as Password-Based Key Derivation Function 2 (PBKDF2) and is, for instance, used in wireless networks with WPA-PSK keys. Smartphones use PBKDF to encrypt backup files with a password before exporting them. The method also successfully thwarts cracking attempts in those situations.

Each time, the resulting hash value is simply resubmitted to the hash function as a parameter. More complex round functions may, for instance, add the password to each value before it gets hashed. An operating system or application only needs to perform this exercise once per password and user. A cracking program, on the other hand, must perform it for every possible character combination – and each round adds processing time, so that the overall procedure for each password is slowed down immensely.

While many operating systems already use salts and key stretching techniques to securely store user passwords, password security is still a sore topic especially in popular web applications, even though such applications run the greatest risk of being attacked in an attempt to extract user or customer passwords. Sometimes, passwords are even still stored in plain text; and if they do get hashed, it might only be via MD5. Even such popular content management systems as Typo3 use MD5 without salt or rounds as their default method for hashing user passwords.

The “saltedpasswords” Typo3 extension promises to increase security. It offers added security via bcrypt or the phpass security framework; more about that in a moment. However, the extension must first be enabled and configured, which requires installing further extensions and making system adjustments – it’s hardly surprising that many operators simply use the default installation.

WordPress and phpBB use the phpass framework by developer Solar Designer – who, incidentally, also develops the John the Ripper password cracker. By default, phpass uses bcrypt. Bcrypt is based on the Blowfish algorithm which is, strictly speaking, an encryption algorithm rather than a hashing algorithm. Bcrypt uses a complex key initialization algorithm and further encrypts the resulting ciphertext by adding alternately the salt or the password. The number of rounds is a power of 2, and the exponent that is used is added to the beginning of the created string.

If the Blowfish algorithm isn’t implemented on a system, the phpass framework will automatically default to Extended DES and, if necessary, to MD5 with salt and iterations. To prevent the framework from falling back to weak algorithms, the developer recommends using PHP 5.3.2 or later. Blowfish, SHA-256 and SHA-512 are standard PHP components from this version, which means that no further operating system APIs or added libraries are required. Alternatively, the Suhosin PHP security framework will extend the PHP interpreter to include Blowfish.

However, WordPress and phpBB use the weakest of the three possible configurations. When tested on an Ubuntu system, WordPress used the MD5 variant; the CMS deliberately forces this variant to ensure the compatibility of various web applications. WordPress can reportedly use the phpBB user database, and vice versa. The Drupal developers, on the other hand, have adapted the framework for their purposes and started hashing with SHA-512 in Drupal 7. A “Secure Password Hashes” module provides added protection for older versions of Drupal.

The default security of the Joomla CMS isn’t as good as it could be, either. While the CMS is capable of using salted SHA-512 with multiple rounds (getCryptedPassword) via the crypt() PHP function, the default setting is a salt and MD5 with one round. Manually adjusting individual CMS installations to use a more secure variant is generally unproblematic. The only caveat is that add-on modules may be incompatible with the changes.

Self-test

How your own content management system stores passwords can be determined by analyzing its source code or by looking into its database. The latter solution is easiest and can simply be achieved by establishing a connection to the database server, for example like this: mysql -u <user> -p. The “user” parameter designates the registered database user which is used for the CMS to sign into the server. The command show databases; lists all available databases. For instance, to select the typo3 database, enter use typo3; (don’t forget the semicolon at the end). All available database tables can subsequently be displayed using show tables;.

Under Typo3, the most interesting tables are be_users and fe_users. select * from be_users; displays the table contents. If the user passwords contain a simple sequence of characters such as 1ee9e0daf4a2b81fe4064aa5ae31aae4, the system is using a simple, unsalted MD5 string.

In current Drupal installations, a (user table) password hash that is stored in the database may look like $S$CbkCbEtqypgcggWPee9c6wpgwUYqKjMb0pUR9YTgdwdYkxztRmWj

The dollar signs at the beginning enclose the hash type and are followed by the salt and the actual hash. The hash type value of 2a designates bcrypt. WordPress (wp_users table) will produce entries like $P$Bz0ZwGCmWuvcurZbj4CaptBFir8gQv1 – the “P” hash type designates what is called a portable hash – in other words, the MD5 variant.

Integration

Phpass is very easy to integrate into PHP applications. It consists of a single PHP file with one class and several methods. Although in modern versions of PHP all hash algorithms can also be called directly, the advantage of using phpass is that there is no need to worry about creating a random salt or assembling the character string. The returned hash string can be stored directly in the database.

On UNIX systems, phpass creates the salt by reading /dev/urandom, and under Windows it uses the microtime() PHP function. Two lines are sufficient to generate a secure password hash: $t_hasher = new PasswordHash(8, FALSE); $hash = $t_hasher->HashPassword($password);

The FALSE parameter in the constructor tells phpass to choose the most secure algorithm first – on modern systems, this will typically be bcrypt. Submitting TRUE forces the insecure, but more compatible, MD5 implementation to be used; this is, for instance, the approach chosen by WordPress. The constructor also generates the salt. In bcrypt, the 8 parameter determines the exponent for the required number of iterations, meaning that bcrypt uses 256 rounds. The maximum exponent is 31.

The HashPassword method then generates the hash from the password and the salt. Checking an entered password is equally simple: $check = $t_hasher->CheckPassword($password, $hash);

The $check variable contains the result of the comparison, where 1 is true.

Rather than relying on their system’s default settings, administrators should implement the most secure methods – and let their users know about it. However, when visiting a forum or online store, users have no influence on whether the operator uses a secure method. Even worse, it isn’t possible to ascertain which password encryption method is being used. Therefore, the best way for users to protect themselves is by always choosing different passwords. Using identical passwords for the Typo3 CMS and for a PayPal account should be avoided. The basic rule is: length is trumps – as long as the word isn’t contained in a dictionary. Passwords for less important accounts may be a bit shorter than those used for premium services.

 

Amazon Glacier stores your data for centuries

Ok. I admit it. We were curious about this claim as well. After looking over the materials, here’s what we found.

Amazon Web Services has always been about delivering IT on demand. Spin up a virtual server, or a few thousand, anytime you’d like. Store and access as much data as you need to your heart’s content.   But even in a Web-driven world, there is need for services that don’t offer instant results, but will be around for eternity (or as close as possible). So today, Amazon introduced Glacier, a data archival service that will store data for one penny per gigabyte per month. As befits its name, Glacier is designed to last for a long time, but is slow: accessing data will take three to five hours. Amazon hasn’t detailed exactly what technology is storing the data, but massive tape libraries are a good bet given the lengthy retrieval windows.

The official statement is as follows:

“Glacier is built from inexpensive commodity hardware components,” and is “designed to be hardware-agnostic, so that savings can be captured as Amazon continues to drive down infrastructure costs.”

We also don’t know exactly how Amazon measures the reliability of its storage, but the company is promising 11 nines of annual durability (99.999999999 percent) for each item, with data stored in multiple facilities and on multiple devices within each facility.

While Amazon says Glacier can sustain the concurrent loss of data in two facilities, there is still risk data could be lost forever. If you store 1TB, Amazon’s promised durability rate suggests you can expect to lose an average of 10 bytes per year. Amazon is betting that will be an acceptable risk for the service’s low price.

As mentioned, pricing is one cent per gigabyte per month, although that can go up to a whopping 1.1 cents if you store in Europe rather than the US, and up to 1.2 cents for storage in Japan.

There is no cost to transfer data into the service over the Internet, but some customers transferring large amounts of data may end up paying for Amazon’s import/export service, which involves portable storage devices shipped from the customer to Amazon.

Retrieval of storage is free if you’re only grabbing 5 percent of your data per month. After that, retrieval fees start at 1 cent per gigabyte, but vary widely based upon what region you’re in.

Glacier is really for the data you can’t delete (perhaps for legal and regulatory reasons) but will hardly ever need. In that sense, Amazon is trying to displace the giant tape libraries enterprises build, or offsite archival vendors. While the service has quite a different purpose than Amazon’s traditional cloud businesses, Glacier can be managed from the same console as S3 and Amazon’s database services.

Goodbye Hotmail.com Hello Outlook.com

Microsoft on is replacing Hotmail, the company they bought over 15 years ago, as Outlook.com. Gone is the racy suggestive name hotmail and it is being replaced by the corporate look and feel of Outlook.

By the end of their first day, over 1 million people signed up for the service.

For Hotmail users, here are the most common answers to your questions:

I use Hotmail now. What happens to my email?

The next time you open Hotmail, you may see the new interface.   If you don’t, you can switch by choosing “Upgrade to Outlook.com” from the Options menu in the upper right when you’re at your inbox.

How do I get one of the new Outlook.com addresses?

For a brand new account, go to Outlook.com. (You may need to log out if you’ve already used the new site, then return to Outlook.com.) Start the process by clicking the “Sign up” button on the left. Fill in the form, which includes a field for your new xxxxxoutlook.com address, complete the CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart”) and click the “I accept” button at the bottom.

What does it look like?

Very Metro. The user interface (UI) has the same flattened, color-subdued look as a Metro app in Windows 8. By comparison, the traditional Hotmail UI looks like a carnival … busy, garish, loud, cheap.   Obviously, Outlook.com’s UI will mesh well with Windows 8. Depending on your opinion of that UI, however, it may seem jarring on older or non-Microsoft OSes, including Windows 7 and OS X.

Can I keep my old address and still use Outlook.com?

Yes, you can.   You can keep Microsoft-related addresses ending with hotmail.com, msn.com and live.com while switching to the new UI.

I want to ditch my hotmail.com address. How do I do that?

Start at Outlook.com. If you’re not automatically pushed to the new UI, switch by choosing “Upgrade to Outlook” from the Inbox’s Options menu — and select “More mail settings” from the gear icon’s menu. Click on “Rename your email address.”   Enter your existing hotmail.com address — the portion to the left of the @ character — and click Save while “outlook.com” is visible in the drop-down list. If the address is already taken, you’ll see a message to that effect.

Does Outlook.com show me ads?

Yes, it does. Text-based ads, to be specific.

New Sharing Features from Dropbox

You may have seen a recent email from DropBox about new restrictions for sharing folders. In the past, if you shared a folder with someone else, they could, in turn, share it with a third party. This made it difficult to trust sharing folders with groups of people you did no have complete confidence in to not share this folder with other people outside your group. Now, it appears, DropBox has addressed this issue and will allow you to set the security on shared folders to prevent users from allowing others to gain access.

This feature will be available through a check-box labeled ‘Allow members to invite other people’ within the shared folder options. You can limit sharing with existing shared folders as well as any shared folders you create in the future. If you’re not currently
the owner of your shared folder, the current owner can transfer ownership to you by following the steps at https://www.dropbox.com/help/242.

Members will still be able to create links to files within the shared folder.

The Cost of Cloud Computing Failures

As of late many pundits have been professing the benefits of cloud computing such as; reduced capital equipment purchase, scale ability, reduced management costs and having fixed costs.

The International Working Group on Cloud Computing Resiliency has reported,

“total of 568 hours of downtime at 13 well-known cloud services since 2007 had an economic impact of more than $71.7 million dollars”

Although this isn’t a staggering number over 5 years, this number would more than likely increase as the adoption of cloud computing increased.

According to IWGCCR, the average unavailability of cloud services is 7.5 hours per year, amounting to an availability rate of 99.9%. For mission critical systems an expected uptime is %99.999. A typical electrical grid in the US has down time of less than 15 minutes per year. ”It is extremely far from the expected reliability of mission critical system (99.999%). As a comparison, the service average unavailability for electricity in a modern capital is less than 15 minutes per year,” the researchers noted in their paper.

This is the first paper the IWGCCR has publish on the Availability Ranking of World Cloud Computing (ARWC).  As cloud computing grows and increases in use both by governments and globally,  it is important to understand how reliable cloud computing is especially as it takes on ‘mission critical roles’ in healthcare and other sectors.

The research of cloud outages was conducting using some of the biggest users of cloud computing in the world such Twitter, Facebook, Amazon, Microsoft, Google, Yahoo and Paypal to name a few.

The group admitted that the methodology used is far from perfect and plans to use a better method for the next report.  IWGCCR felt that outages were under reported as well they did not have an accurate assessment of the economic impact of the outages.

It wasn’t discussed, but I would imagine there may be a difference in outages depending on the vendor.

As companies are considering cloud computing, up-time considerations and a solid track record of the vendor must be looked at as well.  This may hurt some of the newer cloud computing service providers as they wouldn’t have an established track record or history to demonstrate to prospective clients.