Daily Archives: May 10, 2018

Meet Sunder, a New Way to Share Secrets

The moment a news organization is given access to highly sensitive materials—such as the Panama Papers, the NSA disclosures or the Drone Papers—the journalist and their source may be targeted by state and non-state actors, with the goal of preventing disclosures. How can whistleblowers and news organizations prepare for the worst?

The Freedom of the Press Foundation is requesting public comments and testing of a new open source tool that may help with this and similar use cases: Sunder, a desktop application for dividing access to secret information between multiple participants.

Sunder is not yet ready for high stakes use cases. It has not been audited and is alpha-quality software. We are looking for early community feedback, especially from media organizations, activists, and nonprofits.

While Sunder is a new tool that aims to make secret-sharing easy to use, the underlying cryptographic algorithm is far from novel: Shamir's Secret Sharing was developed in 1979 and has since found many applications in security tools. It divides a secret into parts, where some or all parts are needed to reconstruct the secret. This enables the conditional delegation of access to sensitive information. The secret could be social media account credentials, or the passphrase to an encrypted thumb drive, or the private key used to log into a server.

Sunder is currently available for Mac and Linux, and in source code form. See the documentation for installation and usage instructions. We also invite you to complete a short survey which will influence the future direction of this tool.

If you are interested in getting involved in development, we welcome your contributions! Please especially take a look at issues marked "easy" or "docs". Sunder is based on the open source RustySecrets library, which is also open to new contributors.

Sunder screenshot
Sunder allows you to divide a secret into shares, a certain number of which are required to reconstruct it


How could Sunder be useful for journalists, activists and whistleblowers?

Until a quorum of participants agrees to combine their shares (the number is configurable, e.g., 5 out of 8), the individual parts are not sufficient to gain access, even by brute force methods. This property makes it possible to use Sunder in cases where you want to disclose a secret only if certain conditions are met.

The most frequently cited example is disclosure upon an adverse event. Let's say an activist's work is threatened by powerful interests. She provides access to an encrypted hard drive that contains her research to multiple news organizations. Each receives a share of the passphrase, under the condition that they only combine the shares upon her arrest or death, and that they take precautions to protect the shares until then.

Secret sharing can also used to protect the confidentiality of materials over a long running project. An example would be a documentary film project accumulating terabytes of footage that have to be stored safely. By "sundering" the key to an encrypted drive containing archival footage, the filmmaking team could reduce the risk of accidental or deliberate disclosure.

But most importantly, we want to hear what you think. Please give Sunder a spin by downloading one of the releases and following the documentation, and please take our survey!


Disclaimer

As noted above, Sunder is still alpha quality software. It's very possible that this version has bugs and security issues, and we do not recommend it for high stakes use cases. Indeed, Sunder and the underlying library have not received a third party audit yet.

Furthermore, any secret sharing implementation is only as robust as the operational security around it. If you distribute or store shares in a manner that can be monitored by an adversary (e.g., online without the use of end-to-end encryption) this could compromise your security.


Inquiries

For inquiries, please contact us at sunder@freedom.press.



Credits

Sunder was primarily developed by Gabe Isman and Garrett Robinson. Conor Schaefer has acted as a maintainer and release manager; Lilia Kai recently also joined the project as a maintainer. RustySecrets was developed by the RustySecrets team. Conversations between Ed Snowden and Frederic Jacobs were the original impetus for the project.

Bypassing Mitigations by Attacking JIT Server in Microsoft Edge

Posted by Ivan Fratric, Project Zero

With Windows 10 Creators Update, Microsoft introduced a new security mitigation in Microsoft Edge: Arbitrary Code Guard (ACG). When ACG is applied to a Microsoft Edge Content Process, it makes it impossible to allocate new executable memory within a process or modify existing executable memory. The goal of this is to make it more difficult for an attacker who already gained some capabilities in the browser’s Content Process to execute arbitrary code.

Since modern web browsers rely on Just-In-Time (JIT) compilation of JavaScript to achieve better performance and the code compilation in JIT is incompatible with ACG, a custom solution was needed to enable ACG in Microsoft Edge: The JIT engine was separated from the Edge Content Process into a separate, JIT Process.

We analyzed ACG and tried to answer the question of how useful this mitigation is going to be in preventing an attacker from exploiting Microsoft Edge. Additionally, we examined the implementation of the JIT server and uncovered multiple issues in it (that have been fixed at the time of publishing this). While the paper focuses on Microsoft Edge, we believe that any other attempt to implement out-of-process JIT would encounter similar problems. Thus we hope that this work would be useful for other vendors who might consider employing similar mitigations.

We published the result of this work in a whitepaper that can be found here. All related materials (tools, PoC code) can be found here.

Malware spam: "New documents available for download" / service@barclaysdownloads.co.uk / barclaysdownloads.com

This fake Barclays spam seems to lead to the Trickbot banking trojan. From:    Barclays [service@barclaysdownloads.co.uk]Date:    10 May 2018, 13:16Subject:    New documents available for downloadSigned by:    barclaysdownloads.co.ukSecurity:    Standard encryption (TLS) Learn moreBarclays Bank PLC Has Sent You Important Account Documents to SignYou can view the document in your Barclays