Truecrypt

I’ve long been a fan of Truecrypt for encrypting partitions and creating files with encrypted data for secure storage and transport. The reason I like it so much is that there are a number of cases of government organisations failing to get to the data of a purported criminal nature protected by TrueCrypt.

Although there are many good encryption programs out there Truecrypt covers a number of areas that sets it apart from the others. Lets first look at some of the other methods in use out there that I like.

  • Luks / dmcrypt – This is also one of my favourites and I use this on a regular basis. All my Linux machines are encrypted with luks. Even my Android tablet and phone are encrypted using the Android luks encryption. However, the only drawback (for others) is that it is only applicable to Unix like systems. So far I haven’t found a nice method of using luks on Windows. I have no idea about Macs.
  • PGP / GnuPG – I use this quite a bit for email signing and encryption. Although it is very useful for encrypting partitions stored on HDDs live mounting and encrypting / decrypting on the fly is not an option, so this is not really the space it shines in.

So the above describes what I use on a daily basis. However, on occasion I need to share documents with friends and family. Asking them to have a Linux machine handy just so they can share data with me is not really a practical option, so Windows must also be supported.

This is where TrueCrypt shines. It is available cross platform and has a strong history of successfully protecting data against brute force attacks. Unfortunately, it seems recently the developers, out of the blue, decided to discontinue the development of TrueCrypt.

WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues

The above is posted on their web site. Put on your tin foil hat. Some theories believe that they were pressured into adding back doors and as an act of rebelion rather bailed on the project (I like this theory), and others believe there are vulnerabilities and they rather decided to bail as a result.

The collective community in the form of Kenneth White and Matthew Green decided to audit the project (as the source code is available) and post their findings of the audit on line on the web site Is TrueCrypt Audited Yet. The first half of the report is already available and things are looking good.

In the same vein a fork of the project started. Called TrueCrypt Next or TC Next started but unfortunately failed for various reasons. Once possibility might be that it is in contravention of the license which precludes a fork containing any reference to TrueCrypt (the name).

Enter CipherShed a fork of TrueCrypt with all the references of TrueCrypt removed from the code. Version 1 is TrueCrypt, rebranded. Eventually the goal is to rewerite all of the code so no trace of the original TrueCrypt remains. We’re eagerly awaiting the first release.

Oh, one more feature I really like on the original TrueCrypt software is the ability to have two passwords for an encrypted partition or file. One password is used to decrypt the actual data that one would like to keep secure, the other is used to decrypt fake data that might appear to be the actual contents. This means one can in theory release a password protecting some of your data that may appear to be valuable without sacrificing the really sensitive contents. And best of all it is not possible to determine IF the second password exists. This feature allows what is commonly called “plausible deniability.”

Securing you Virtual servers comment

I forgot to mention. There is one very big flaw in this process. Nothing prevents someone from stealing your server and investigating the contents and then using Mandos (modified for their needs) to download the decryption password.

Now the above assumes time, and this is where Mandos has some additional security. Mandos will regularly query your client. If the client disappears for a specified period it will disable the key. So setting a timout long enough to allow reboots, but not extended poweroffs add some additional security. And if the client key is disabled, it is very simple to reenable it on the server with the mandos-monitor utility.

Securing your virtual servers

From my previous post it must be obvious that I am sometimes concerned about security. This post is the start of my investigation into securing my servers.

Irrational paranoia and tin foil hats aside, there are valid reasons for wanting to do this.

The problem

1) Protect your data against the man. Now this is not as ridiculous as you might think. We trust out lives to google, dropbox and various companies. Although we are generally well protected we have heard of rumours of data being made available to government agencies. Any big company with lots of useful data will eventually have this problem. But, this is the tin foil hat scenario.

2) Keeping data secure from theft. My email accounts are very important to me. Without email I am not connected to the rest of the world. From getting my CV out to prospective employers to bank statement. My life is stored in email. My on line accounts can be reset via email. If a nefarious character happens apon these details it would be very inconvenient. What about all my files? My work documents, or more important, our company intellectual property. Securing a server in such a way that its data is not available in case of theft is very important.

3) Cool factor. Yes, my data is encrypted, from flash disk to server. It’s awesome, my one friend will appreciate this…

Recall Digital Oceans recent announcement that old data from past droplets might be available to new droplets as the SSDs are not scrubbed. We trust our data to unknown entities, and as in this case there was no malicious intent but potentially valuable data was exposed to the world. Fortunately they are very forthcoming and very quickly let their users in on the potential risk. It just bring home the reality that we are responsible for security, not our service providers.

Requirements

So what do we need to make our lives better? My laptop is encrypted and as such I am reasonable sure the cost of extracting the data is greater than its worth. The password is changed regularly as part of my security regime. But for a server this is not ideal.

So we need the following:

1) Encryption. This is the obvious requirement.

2) No passwords. Now here is the sticky part. How do you decrypt an encrypted partition without a TPM? The password cannot remain on the disk as it is then available to any semi computer literate person. You don’t want to type it in every time. Imagine having to log onto your VSphere client every time the VMWare servers is taken down for maintenance.

Solution

The best compromised I have come across is Mandos (https://wiki.recompile.se/wiki/Mandos).

The diagram above is from the Mandos project web site.

In order to get the password entered during boot, someone, or something needs to type it in. Now there is no reason this cannot be automated. I have a server abroad, and a server locally. It is immensely unlikely that international and local fiends will band together to compromised both servers. So using this newly found confidence the one server is used to serve passwords to the other.

And the awesome part is that this process works both ways. Once again, both servers are very unlikely to bounce at the same time so as long as one is up, the other will be able to get it’s decryption keys from the other.

The how

Now to do this, it is possible that we can just get one server to ssh in to the other and decrypt and mount a remote partition. However, Mandos has made the process very simple and added some security features to boot.

On the client side (device needing the password to decrypt and boot) we install mandos-client conveniently available in most repositories. On the server we install mandos (the server package). Unfortunately, as my machines are geographically inconvenient the ubuntu 12.04 package, version 1.4.something did not have the required networking hooks available so I ended up installing v1.5 from ubuntu 12.10.

The process below assumes an ubuntu installation with full disk encryption configured during the initial install.

Server

# dpkg -i mandos_1.5.5-1_all.deb

Edit the mandos config file to listen on a specific port (/etc/mandos/mandos.conf):

port = <port>

Client

root@hydra:~# dpkg -i mandos-client_1.5.5-1_amd64.deb

root@hydra:~# mandos-keygen –type RSA –force –password

During this process the client will ask for the password that will be used to decrypt and mount the partition. This password will be encrypted and made available to copy to the server as demonstrated below.

Back to the server

The above command will output some text, including a piece that will be familiar GnuPG. This text is copied directly to the server config file (/etc/mandos/clients.conf)

;[foo]
;
;# OpenPGP key fingerprint
;fingerprint =  7788 2722 5BA7 DE53 9C5A  7CFA 59CF F7CD BD9A 5920
;
;# This is base64-encoded binary data.  It will be decoded and sent to
;# the client matching the above fingerprint.  This should, of course,
;# be OpenPGP encrypted data, decryptable only by the client.
;secret =
;        hQIOA6QdEjBs2L/HEAf/TCyrDe5Xnm9esa+Pb/vWF9CUqfn4srzVgSu234
;        REJMVv7lBSrPE2132Lmd2gqF1HeLKDJRSVxJpt6xoWOChGHg+TMyXDxK+N
;        Xl89vGvdU1XfhKkVm9MDLOgT5ECDPysDGHFPDhqHOSu3Kaw2DWMV/iH9vz
;        3Z20erVNbdcvyBnuojcoWO/6yfB5EQO0BXp7kcyy00USA3CjD5FGZdoQGI
;        Tb8A/ar0tVA5crSQmaSotm6KmNLhrFnZ5BxX+TiE+eTUTqSloWRY6VAvqW
;        QHC7OASxK5E6RXPBuFH5IohUA2Qbk5AHt99pYvsIPX88j2rWauOokoiKZo
;        t/9leJ8VxO5l3wf/U64IH8bkPIoWmWZfd/nqh4uwGNbCgKMyT+AnvH7kMJ
;        3i7DivfWl2mKLV0PyPHUNva0VQxX6yYjcOhj1R6fCr/at8/NSLe2OhLchz
;        dC+Ls9h+kvJXgF8Sisv+Wk/1RadPLFmraRlqvJwt6Ww21LpiXqXHV2mIgq
;        WnR98YgSvUi3TJHrUQiNc9YyBzuRo0AjgG2C9qiE3FM+Y28+iQ/sR3+bFs
;        zYuZKVTObqiIslwXu7imO0cvvFRgJF/6u3HNFQ4LUTGhiM3FQmC6NNlF3/
;        vJM2hwRDMcJqDd54Twx90Wh+tYz0z7QMsK4ANXWHHWHR0JchnLWmenzbtW
;        5MHdW9AYsNJZAQSOpirE4Xi31CSlWAi9KV+cUCmWF5zOFy1x23P6PjdaRm
;        4T2zw4dxS5NswXWU0sVEXxjs6PYxuIiCTL7vdpx8QjBkrPWDrAbcMyBr2O
;        QlnHIvPzEArRQLo=

Obviously the above is the commented example in the config file. Paste your own right at the end of the file.

The client in question resides on a VMWare server in a datacenter in Johannesburg. This means, no entropy on the VM. For the client I had some fun assisting the VM with generating the required entropy – I leave that investigation up to the reader.

Server

service mandos restart

Client

At this point you should be able to test whether mandos can return your password to the client.

root@hydra:~# /usr/lib/mandos/plugins.d/mandos-client –connect=<ip address>:<port> –pubkey=/etc/keys/mandos/pubkey.txt –seckey=/etc/keys/mandos/se
ckey.txt ;echo

If it returns the password it worked, otherwise, add –debug to the above command line to get some more information regarding the problem at hand.

The next step is getting Mandos to collect the password automatically at boot. This is more tricky as networking is not yet up. This means somewhere in initramfs the network configuration needs to be specified. Fortunately Mandos comes prepared (this is why I needed to install version 1.5.5 r1).

Client (/etc/mandos/plugin-runner.conf)

–options-for=mandos-client:–connect=<server ip>:<server port>

The above line tells mandos to connect to the server on the specified port (the same port configured on the server above). Next up is networking.

We need to create a script /etc/mandos/network-hooks.d/ethernet

#!/bin/sh

set -e

do_start(){
modprobe e1000 # Substitute for your network module
ip link set dev eth0 up
ip addr add <client ip> dev eth0
ip route add <gateway ip> dev eth0
ip route add default via <gateway IP> dev eth0
}
do_stop(){
ip link set dev eth0 down
}

case “${MODE:-$1}” in
start|stop)
do_”${MODE:-$1}”
;;
files)
;;
modules)
;;
esac

I just copied the bridge script example and stripped what I don’t need. Not very elegant, but it works. Remember to chmod +x /etc/mandos/network-hooks.d/ethernet.

Client

The last step is to install an initramfs with the new parameters.

root@hydra:~# update-initramfs -k all -u

I think that was it. Now the server boots without asking for a password prompt.
As soon as I disable networking, or switch of the Mandos server, the client stops at the password prompt.

ptunnel, proxy via icmp

Years ago while sitting at the airport trying to get internet access a friend and I set up a VPN via dns – I can’t remember off hand what it was called. It worked, albeit very slowly, and transferred all requests. However, recently they’ve gotten clever and poisoned DNS till you’ve paid for your internet service. It seems though that some still allow ICMP packets through.

That is where ptunnel comes in. You run it on a server that listens for ICMP packets with a special payload.

This initiated the server that listens on the specified port. A nice safety feature is the password authentication.

This starts up the client. It looks like you can map any port through from the client. So if you need internet browsing, have a remote proxy ready to accept connections through ptunnel. I tested the tunnel with ssh, and although there is a definite additional lag, the response was very good. Delay was not too much and throughput was good.

According to the web site they tested about 150 kbps download speed. Not too shabby for free internet…

Small secure linux distributions update

Some time ago I posted on my search for a small secure linux distribution to take care of our office paranoia.

I eventually settled on two. Lightweight portable security is perfect and the one in use at the office. Tails is perfect for personal use.

Lightweight Portable Security

The core requirements are a small OS that leaves no footprint behind and protection against attackers. We need to be able to securely do banking (that’s the office requirement) and be protected from the usual malware, key loggers and the like. It fulfils this requirement completely.

It boots off a CD which is kept in the office safe (yes, we are that paranoid) to prevent tampering. Account details are also kept in a secure location.

The image will boot from a a CD (burnt to disk using any iso CD writing software such as Brasero) or from a flash disk with the following alteration

isohybrid LPS-1.4.1_public_deluxe.iso –entry 4 –type 0x1c

to enable it to boot on the USB disk.

On boot it asks the user to accept or reject the terms and conditions and then ends with a screen that looks suspiciously like a dated version of windows. It has a functional browser, terminal and some software to encrypt and decrypt data. It leaves no trace when the PC is shut down and will not mount any partitions when in use, so it is safe for any secure transaction.

Tails

My favourite for personal use is tails. It is based on the popular tor project. See the excerpt from the tor project web site.

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis

Yes, they are even more paranoid than I am. Tails hinges of this awesome project to provide users with even more.

Tails is a live DVD or live USB that aims at preserving your privacy and anonymity.
It helps you to:

  • use the Internet anonymously almost anywhere you go and on any computer:
    all connections to the Internet are forced to go through the Tor network;
  • leave no trace on the computer you’re using unless you ask it explicitly;
  • use state-of-the-art cryptographic tools to encrypt your files, email and instant messaging.

As with LPS it does not leave any footprints. It runs from memory, and when the flash disk is removed from the PC or laptop it immediately writes random data to ram and video memory to limit the chance of someone collecting any sensitive data.

Tails starts up by default with root locked, and no ability to access any form of persistent storage. However, with the USB image it is possible to add a persistent encrypted volume (after numerous warnings about security).

It features the tor project secured browser (a secured Iceweasel, i.e. unbranded firefox), pidgin with security bells and whistles both operating via the tor network proxy. Claws mail provides email comms. It also has an I2P client to connect users to the I2P network – I couldn’t really find any use for it although it is awesome in its own right… Note in the image above how it warns about the dangers of the virtual machine and the insecurities it is running on.

As a little test I booted up the VM and browsed a couple of web sites.

All the connections are to localhost on the tor proxy port except for the tor secure connections.

For the less paranoid, there is also an insecure browser that can initiate direct connections. This is useful for banking institutions that may take exception to their customers who switch countries of origin every 10 minutes.

The setup I use is on a small (only in form factor) 32 GB gem drive from AData

It’s virtually inconspicuous and has plenty of persistent storage (encrypted of course) for any important data. Don’t forget though, it is very dangerous to have persistent storage as someone with nefarious intent can torture you to reveal your password… Yes… It’s not paranoia if they’re really out to get you.

And, oh, and, let’s not forget. It has Windows XP camouflage…

All giggles aside, it is a great little environment. It tagged along on my recent Europe trip. Although I did not need it much it is very convenient to have a Linux boot disk handy so I can boot into something useful and secure on a friends laptop. It also raises an eyebrow or two – it’s so mysterious…

Puppy linux

I had to include puppy linux as it is a close contender. The big reason it lost out was because it failed on a lot of our test hardware, probably because it was stripped down so heavily to optimise it. And it doesn’t have a bundled browser, a big no no.

It runs completely out of memory and has a super tiny footprint. Most likely it will run off very old hardware. Definitely have a look at it if you have need of a small and fast OS to revive your old laptop or desktop.

There were quite a few other distros in the running, however, the above are the favourites.

Others worth mentioning are XPud , ubuntu desktop live CD, Slitaz (a linux OS in under 35 MB), Linux Mint, and Damn small linux.

Long post. Thats it for now.

 

Small secure linux distributions

With the recent news stories about bank accounts being hacked and monies pilfered we decided to investigate ways to protect our business.

Now the problem is two fold.

Online banking login details

The first is quite obvious, protecting the online banking username and password. It is fairly obvious when someone stands over your shoulder concentrating on memorising your account details. It is also very easy to protect yourself from this approach by, say, locking yourself in a tiny room.

More frightening is key logging software. We’ve on occasion identified key logging software running on a clients machine in the logs of one of our products. Malware, trojans, virus (whatever the plural may be) and the like easily infects browsers and workstations. We even had articles this week about government spy software in RSA masquerading as a firefox process collecting end user data. So this is where the problem lies, protecting the details from stealthy criminals thieving all your hard earned cash.

One time passwords

There is a fallacy regarding the cellphones we carry. Banks do not make us aware of this and place the onus on the phone owner to ensure their security. Our cellphone companies do not and have never indicated that sim cards are secure and securely dished out. So when our banks added OTP sms message and claimed we’re all saved it was a huge lie. A fake ID, a couple of bob, and 30 minutes later a crafty criminal is in possession of a new sim card on your account. The OTP sms messages arrive on the new sim card (as the one in your phone was declared stolen) and bobs your uncle, new beneficiaries are created, money transferred and wailing and gnashing of teeth for the now much poorer individual.

Solutions

The solution is not simple, however, one easy start is to use a small OS that stores no data, runs from RAM and loses all data when the workstation is rebooted.

http://en.wikipedia.org/wiki/List_of_Linux_distributions_that_run_from_RAM. Wikipedia lists a number of these small distributions. So now when locked in a small windowless room this ensures no software key loggers are able to steal bank account details. Note software carefully placed in the previous sentence. Physical security is the only way to protect yourself from hardware key loggers readily available for purchase on the internet.

We’re experimenting with Tails, a small distro employing the tor network for anonymity. It’s not ideal, as it forces you to use the Tor network to access the internet securely which makes the experience slow and most banks will raise alarm if your bank activity jumps from country to country.

Another possibility is Lightweight Portable Security (LPS) which is a DoD initiative, if I can get it to work…