 I would like to start. Thank you very much for coming. My name is Tim Maas and I'm here to talk to you about security threats at conferences. And I'm very excited and happy to be invited here. It's my first time in the United States and I like it very much. I'm from...no, where's the bag? I'm sorry. So, yes, I'm from Athens, Germany. It's a town located near the Dutch and Belgian borders in Europe. You'll see where it is. And I'm here today because I joined the Fedora project about 10 years ago. Initially I started as a packageer but I also contributed patches to several applications that we use at Fedora. Whenever I found something that bugged me, I tried to submit a patch. And recently I'm doing mostly release engineering. And while I'm contributing to Fedora, mostly in my free time, in my day job I work as a penetration tester at Rating Pen Testing. It's a company specialized on penetration tests so all day long I try to find security vulnerabilities in our customer systems and then I document them and present them to our customers. And because I do this all day long I get a certain feeling for security problems and now I'm here to present you some that I identified especially at conferences. But I do not want to only point to problems. I also want to discuss some countermeasures as soon as possible. There are some that you can do as a user but it's also important that projects provide secure access to their services and perform certain configurations to make it possible for users to actually be secure. And what kind of pets am I talking about? There's one that I'm currently exposed to because I use this wireless presenter and this should actually only allow me to switch to the next slide but it's a full keyboard. Not on this side but on the receiver side. So therefore you can print custom transmitter and then send arbitrary commands to it because unfortunately the communication is not properly secured. And I hope that you don't do this because this would for example delete all my files. It wouldn't work here because I use a dedicated user account but this is one pet that's here at least for speakers. For all of us even if we are not giving a talk there is a pet that comes from a more common wireless communication that we're using here and this is the hotel network or the hotel wireless network and I wonder who of you is using it? Really? Not so many. And do you know whether you are right now using this little access point? Yeah. And this is the problem. You might not, you do not know if you're really using the access point that I bought or if you're using the actual infrastructure from the hotel and therefore certain attacks are possible because I can, if you use this access point I can control other communications and this allows for so-called man-in-the-middle attacks. And one basic attack is just to disturb the communication so I can either make you not communicate at all or just prevent you from using certain sites and what's more dangerous I can manipulate the communication in a way that you don't know what you're really accessing. For example even if you open a certain web page it might be that I manipulated it under the hood and it's doing malicious things. To know whether or not you're using the right website it's important that you use strong cryptography and it's basically keys and signatures and with the keys you can encrypt and create signatures and the signatures can be used to verify whether or not you're accessing the right system. And the common protocol for this is HTTPS compared to plain HTTP which doesn't use encryption. I don't want to get into more details about cryptography but there will be a presentation tomorrow at 11 am that might be interesting for you if you want to know the basics of it. But there's also another important detail about wireless attacks and it's not even necessary that they use the wireless network that's available here but if your devices are configured to use any free wireless network for example from the airport or from some cafe at home it's still possible for me to create the access point properly here and then your devices will connect to it. And I wonder if any one of you using WPA Enterprise at your company and you will also have a problem because it's very hard with Linux and Android to use it securely. It's possible if you properly configure your devices but it's not very easy and if you're using for example username and password authentication with WPA Enterprise it might be possible that I create just the access point that you use at your company and your devices will also tell me what are the names of the networks that they know and then I might get the username and password and it would be maybe even possible to access other accounts or services from your company if you use the same accounts there. If you are interested in the details you can grab me after the talk and you can discuss whether or not you're really affected by this and for everyone else it's probably sometimes more common to use let me begin again if you already know that there might be attacks at the Wi-Fi network you might be using VPN to protect yourself from these local attacks but VPN is not really created to protect against these attacks but allow you to access your home systems and therefore there are still some problems that might be arise from just using VPN for protection for example there are many conferences like for example FOSSTEM in Brussels that already provide IPv6 access but it's not so common to have IPv6 networks everywhere so VPNs might not even handle it because they are used to access your home system if you don't have IPv6 at home the VPN might not be IPv6-aware and then if your system like Linux does for a long time supports IPv6 and the local network supports IPv6 all your traffic might actually be bypassing the VPN and not be protected by the VPN and additionally an attacker can also provide you with IPv6 connectivity making sure that your VPN is bypassed and another problem which should not be forgotten is DNS even if all your regular traffic is protected via the VPN it might still be possible that you do not use your local DNS server sometimes there are even set up conferences where you want to use the local DNS setup to access local services and then this can still be used by an attacker to make sure that certain traffic is not routed to the VPN and therefore you also need additionally a firewall which makes it a rather complex construct it's not just maybe the VPN and everything is working but there are several other things like a set that need to be considered and rather easy and good workaround for the meantime if you just want to have a VPN but don't have one would be to use SSH you can use to support to create a so called SOX proxy server you need the dash uppercase D parameter and then you can configure your browser for example Firefox to use the SOX server and then all your local traffic is at least secured at this point and if you have a software that does not support SOX directly there are other tools like proxy chains G or TSOX available that you can use to create to make them SOX aware but this still leaves certain problems for example you are then secured at the conference but depending on where your SSH server or VPN end point is located the traffic between the VPN end point and the other servers is still not protected so it's not really a final solution and also as an attacker I can just make sure that all traffic to your VPN is very slow and if you're for example from Europe you might just think it's because the traffic from the USA to Europe is currently not so good from this conference and may not be using the VPN without really thinking that an attacker is currently performing an attack and of course this is also something where you have to consider who is really responsible to allow to access a service security is it the user who has to make sure that everything is protected but he can't or he or she can't really because it's not possible to have a VPN to do a final service or is it the service provider that has to do something and also if your VPN is not working would you really stop accessing it especially at the conference they have a workshop and you would like to attend and configure something I guess many people will just try to access the internet and not think about attackers and last but not least there's also at least one page that you will be accessing without the VPN and this is the login page for the wireless network because you can't access it because you can't access your VPN before you access this login page there will be at least one request that's not secured and there are even attacks possible right now so the VPN is not the final solution and the problem is that for the worldwide web we use cookies and cookies especially used to store a secret value and this secret value is used to identify yourself to web pages and this allows you to access web pages without having to enter your username and password again and again and again but it also means that the value of this cookie is as important as a password because once an attacker gets it then the attacker can access the service with the same privileges as the original user and how can I do with this as an attacker if you're browsing any unprotected web page it's possible to insert content that doesn't belong there so for example an image in this case it would be an image from the drug scheduling web application that also supports authentication as you can see it's insecure using plain HTTP instead of HTTPS and if the browser has a cookie for this service and it's not web protected it will be sent via the unencrypted connection and then the attacker can read it and use the scheduling application in this case with the same privileges but it's actually rather easy to make sure that this doesn't happen because all you need to say is secure I don't know if you can see it it's highlighted in red if you send a cookie you just say secure and then the browser knows this is an important cookie and won't send it over unencrypted connections this is something I believe that in the RFC for cookies since the beginning so several years more than 20 years ago or something like this but there are still modern frameworks that don't do this by default I gave the similar talk at DefConf earlier this year and when I looked into this into a good example from the Fedora infrastructure I noticed that the new applications didn't do it right because the new framework didn't do it by default and nobody looked into it until then now the question remains why does the flux scheduling service not do it right and if you... does anyone notice what's wrong here? HTTP yes, it's playing HTTP and not HTTPS and this is currently the default so did anyone notice it while logging in earlier? yeah, so here it's basically already the problem that if you log in into this web application at this point your username and password will be sent unencrypted through the wireless network so it's even easier to get to the credential but this is also the reason why they can't protect the cookie because if the cookie would only be sent via secure communication or HTTPS you would have to log in again and again because the service didn't know that you already authenticated and why don't they do this because HTTPS actually works I asked them and they told me that the problem is that they provide their service also for the customers to integrate them into their application and then they said it doesn't work always I'm not so sure if it's really a valid reason but at least for the Fedora web application it's also currently the case that the certificate is not correct so there you could log in as well but it's not possible to do it via HTTPS fortunately it's really a rare example that we have a web page in Fedora which doesn't have proper certificates I just want to use it as an example in this case and therefore it's important to use proper certificates and provide proper HTTPS service and if you buy and certificate it's also not that expensive anymore it's about 10 dollars per year per certificate and hopefully next month it will also be possible to easily get secure and free certificates but just providing HTTPS service is not enough because initially HTTPS was not designed with security in mind there were secret agencies that influenced the creation of the protocol to make it insecure by default so they would still break it and recently there were several publications about the problems that were found in earlier versions of the Thunder so it's also important that you check your configuration and make it wide and only enable recent and proper cipher suites for example in protocol versions there are so many details about this that I can also not explain right now but if you, for example, use this web page and don't have the proper configured server you also find a lot you find help about what you have to do and I won't now show an attack that might also happen if you provide HTTPS and it's also configured securely because it's still possible as an attacker to make sure that you're not accessing the web service via HTTPS because by default if you enter an address in your browser it will default to playing HTTP and not HTTPS and if as an attacker I block or HTTPS access I can make sure that the user connects via playing HTTP and even if the server if the service server does support HTTPS I can make sure that a proxy program connects via HTTPS to the service only provides playing HTTP to the user and to reduce this risk to make sure that users don't always have to check whether or not they are using playing HTTP or HTTPS there wasn't there was something added to HTTP a header called strict transport security and if you use this it makes sure that every request remains only made securely via HTTPS by default it's for you also have to set a certain time so once your browser is connected to a web page securely it will connect to it for example the next half a year and this still leaves a small window of opportunity because if you access a service for the first time your browser does not yet know that you have to access it via HTTPS and therefore there is a so called preload list that is maintained by the Chrome developers and then you can add your domain after you configured it correctly and then it will eventually be shipped with all major browsers and then the browser knows this is a domain that should only be accessed securely of course it takes a little time until it's available everywhere but this makes me sure that the user does not have to does not we begin again this makes sure that the user does not have any problems if a web page accidentally uses HTTP or if there is an attacker that wants to make sure that HTTP is used and in Fedora we cannot still use it for all of FedoraProject.org but only for selected sub pages because we have still two or three services that we need to migrate to a proper CA but hopefully this will also happen soon until now I mainly discussed HTTP and HTTPS but there are also other protocols that are commonly used at conferences and not everyone might be aware that they are not that secure for example if you use Git like this with the native protocol you don't have any cryptographic protection so if you use this in my attacker Wi-Fi network I could use it to insert arbitrary contents into the Git repository that you are cloning so of course it's not on the server side but on the local side but later if you for example push you call it again back to the server repository it might also get there therefore you should only use secure protocols like HTTPS again or SSH if you need to buy the access it's also important to not do for example use the Git protocol at home because you feel it's safe there because then you have the problem if you do it again at a conference you might not change the protocol and still be using the insecure method at Fedora you already promote the secure protocols at certain pages especially for example at Fedora hosted and you know new Git font and pager will also only provide the secure access and this again makes sure that users do not use insecure configuration by default but only secure configuration and the HTTPS protocol also supports a so called smart transport which is basically a CGI script in the backend and this makes sure that you don't have huge performance penalties that existed when Git was initially introduced or the HTTP transfer method was introduced but this also leads to the next problem if you ever used SSH to access a certain Git repository you probably saw this error message and this again this indicates that the SSH tool doesn't know whether or not it's talking to the right service so if you are at a conference it might also be possible that you are actually accessing a service the server from an attacker at Fedora we therefore provide you secure access to all the SSH keys that are needed to identify the proper service and you can for example easily download them and store them in your local system and then you won't be asked whether or not it's the right server or it only gets run if it's the wrong server and this is something that I would like to recommend for other services as well because it makes it really easy to do it securely and it's not only SSH it's everything that you provide in Fedora that's properly signed and you find whenever you download something you find instructions how to verify everything that we submitted this is something that's also important whenever you provide access to something make sure that it can be properly verified in this case we use GPG with GPG it's important to verify the keys again that you have there many people only use the so-called key ID which is a small part of the fingerprint but this key ID can easily be forged so you can create a second key which has the same key ID and therefore you have to verify the whole thing in this case it's also possible to download the key directly from Fedora over the HTTPS protocol and I believe earlier this year someone even showed how easy it is to fake all these short key IDs and they cloned every publicly available GPG key and created the second one with the same key ID and they also added all the keys found earlier so if you look at their key server it all looks like regular keys but they are all keys that they get generated this shows again that it's practically possible to do this kind of attack and the other part in Fedora we are not only providing users the software we are also consuming it in the form of source code that we get from upstream project and when we are lucky they also provide signatures for example here for YouTube GL therefore it's also possible therefore it's also necessary to check these signatures whenever they are available to make sure that we are not distributing any modified content to our users this is for example how it can be easier to specify the source the signature and the key in a spec file and then make sure before you do anything here in the spec file that you verify whether or not the source, the key and the signatures match and only if this succeeds then you do anything with the source code so until now I only talked about technical risk especially for your passwords but there are also some other problems at the conference if you want to collaborate you probably need to access a lot of services and therefore you will enter your passwords a lot and with other people around you it might be easy that someone just notice or can just see which kind of password you're entering or what's the password you're entering therefore it's also good to avoid using passwords as a single authentication there are several devices currently available that you can use additionally to a password and at Fedora we support so-called UV keys for at least currently for critical access for administrative access in Fedora infrastructure I know that there are plans to provide this kind of protection for future in the future for other services at well and for regular services and this is more or less the only protection you have to protect your password from being spotted at a conference and here we have also another example that we not only provide this kind of security at least for administrative access we also promote it by giving people at least a Fedora badge whenever they configure a UV keys and there's there's even another web page that I want to show you that wants to promote secure truth vector authentication from the other point of view because they list all services or service providers that already provide secure access and whenever you're providing service it should be a motivation for you to be added to this list to have an advantage for your service providers and this is what I wanted to talk to you about currently in conclusion I want to make sure that whenever you access something you try to use encryption or not even try it you enforce it and this is something that needs to be done especially as a project to protect the users and also encryption does not protect you against everything to make sure that whenever you consume something it's the right one therefore verify everything and allow others to verify what you've done by signing it and possibly try to avoid passwords at least long term try to get rid of them so I also got my badge now thank you very much and yeah I also would like everyone who provided me with an image for this presentation do you find the sources and if you ever want to consume something that I signed here are the details about my DBG key but there will also be a key signing party on Friday I believe 5pm so are there any questions I'm not very knowledgeable about this stuff and at work I like how to watch all these videos and it says that they said to do all the same things that you did I don't actually know how to go about doing any of those things I know the words I've heard them before and I just listened to your presentation but I still don't know what to do and I logged into my work email which I'm sure I was not supposed to do on this very insecure network so how do I actually what's the next step to actually doing these things the easiest thing for you to protect you would be if you have doing an SSH so if you know someone who is providing you with an SSH server you can probably easily use it to at least protect you against local attackers and the other thing is that actually your employer needs to make sure that you access your web service securely so it's something you can check whether or not you're using HTTPS but it doesn't show you whether or not the cookies are really protected it's vigilance yeah really easy first steps as a user I think it's only the only thing would be using at least some kind of protection it will survive on VPN yeah so I was on the southwest I was on the southwest airlines and they have an in-flight Wi-Fi so I had two browsers one is Viaparks one is Chrome on my Chrome I disable my HTTPS everywhere that's an extension all of that then I started noticing this bar on top of my web pages that showed the flight status so southwest started injecting their own scripts inside web pages to show this bar and then when I turned back to my Firefox where I had HTTPS everywhere it didn't appear anymore because they cannot really inject anything into HTTPS so it comes down to looking out when you are in the I actually had a similar interesting experience with Wi-Fi I tried to connect to it but I think it was in Chrome and Chrome it looks like you are being hand in the middle I refuse to permit you to connect to this and I went to help but it's refusing to permit me to connect kind of annoying this is also this is also something that you get as service provider if you use the HTTPS header then the browser will not allow you to bypass these kind of warnings but it will only show you there is something wrong, you might be attacked bad luck I think the HTTPS everywhere extension is a good one to mention in this presentation it's kind of always forces to use HTTPS yeah so maybe it would be something for you to go on browser it more or less changes the HTTPS setting with HSTS to the browser so that your browser remembers whether or not you can access something via HTTPS if it ever worked what's your opinion on SSH finger prints and DNS records if you are using a DNS sec it's obviously a good idea when you verify it on its own it does not add much protection because when you are using a DNS server service unprotected an attacker can also manipulate it correct would you be invited to the board if DNS sec was what I made it adopted yes I think Fedora also provides even DNS sec secured access to SSH finger prints right now but the problem still is that the clients don't check it properly yeah all the big gate posters have records out there but they don't get verified properly yeah thank you very much if you have any more questions later you can also grab me at the conference anytime