Translation: We're doomed.
It's a neat trick, at least.Don't break the encrpytion, break the weakest link that contributes to the encryption.
Kaspersky says it has uncovered a new malware infection that is able to decode encrypted TLS traffic without the need to intercept or manipulate it. Known as Reductor, the malware was spotted in April of this year and is believed to be the work of an espionage-focused hacking crew known as Turla. The malware is thought to be …
Crumbs, indeed.
I've been waiting for a example of an exploit that justifies serious application lock-down/code-signing and traceability. As someone who needs to roll-my-own applications and install my own choice of OS at times, I've resisted the push by Apple and co for features like TPMs, Gatekeeper and SIP to be mandatory. I've got good firewalling and user discipline around trusted sources and checksumming, but it's still a worrisome development. I may have to switch to a small target browser.
Breaking the CPRNG is one of the oldest tricks for modern computer-based cryptanalysis, of course. It's how the original Netscape SSL implementation was first publicly broken.
In that case, it was Netscape's weak seeding of the CPRNG which was attacked - a completely passive attack (i.e. the researchers were able to break the CPRNG by observing the target machine and deriving enough of the seeding entropy to reduce the seed space to something that could be brute-forced). With Reductor it's an active attack, compromising the CPRNG in memory.
Another infamous attack on the CPRNG was the Dual_EC_DRBG scandal, where the NSA tried to push a compromised CPRNG into the industry, assisted (perhaps inadvertently, perhaps deliberately) by RSADSI.
How about an 8 armed vampire squid ..... for a little/lot of insider trading advantage/fantasy market continuance?
Whatever can be, invariably inevitably always is, and relies catastrophically on belief being only suspended due to mass ignorance in sees of arrogant complex misdirection and simply outrageous fake denial?
The posit here is that some of the more sophisticated of professional things are much more likely to be private/pirate enterprise doing it for themselves rather than being quite common in the public nation-state backed actor field ....... although there are many reasons to expect that is a current situation in fundamental flux and disruptive future change.
.. is why the Americans had to get rid of Kaspersky in a screaming hurry.
These sorts of neat tricks require the kind of concentrated effort a state can easily buy, and Kasperky's consistent refusal to whitelist government spyware (over years of operation) and detailed analysis and disclosure of what they come across must have buggered up quite a bit of spying.
If their Mac software wasn't such a *pain* to run I'd have them on my Mac too.
"Dude. It's Turla. Hint: they're not the US."
I don't know if you're aware of this or not Tom but the hardest thing for researchers to do is to say who the malware authors actually are.
The CIA in the US has even created a framework called Marble to inject symbols and comments into malware code to make it look like the malware was created by agents from a different country of origin.
From the Linux mprotect(2) man page:
On Linux, it is always permissible to call mprotect() on any address in a process's address space (except for the kernel vsyscall area). In particular, it can be used to change existing code mappings to be writable.
Yes, there's pkey_mprotect(2). There's PaX. There's SELinux. But there are plenty of Linux systems out there where ordinary processes are not running with page-permission enforcement. And the same goes for some other POSIXy OSes. (Some online discussions suggest that MacOS enforces "maximum protections" for pages which prevent using mprotect to change existing rx pages to rwx; I haven't investigated.)
If you were running Windoze, you wouldn't have a problem. Because Windoze provided TLS at the OS level. It's only the infection of cross-platform browsers (including more recent MS open-source cross-platform browsers) providing their own TLS that provided the platform for this exploit.