Black Ops of TCP/IP 2011
This year’s Black Hat and Defcon slides!
Man, it’s nice to be playing with packets again!
People seem to be rather excited (Forbes, Dark Reading, Search Security) about the Neutrality Router I’ve been working on. It’s called N00ter, and in a nutshell, it normalizes your link such that any differences in performance can’t be coming from different servers taking different routes, and have to instead be caused at the ISP. Here’s a summary of what I posted to Slashdot, explaining more succinctly what N00ter is up to.
Say Google is 50ms slower than Bing. Is this because of the ISP, or the routers and myriad server and path differentials between the ISP and Google, vs. the ISP and Bing? Can’t tell, it’s all conflated. We have to normalize the connection between the two sites, to measure if the ISP is using policy to alter QoS. Here’s how we do this with n00ter.
Start with a VPN, that creates an encrypted link from a Client to a broker/concentrator. An IP at the Broker talks plaintext with Google and Bing, who replies to the Broker. The Broker now encrypts the traffic back to the Client.
Policy can’t differentiate Bing traffic from Google traffic, it’s all encrypted.
Now, lets change things up — let’s have the Broker push the response traffic from Google and Bing, completely in the open. In fact, lets have it go so far as to spoof traffic from the original sources, making it look like there isn’t even a Broker in place. There’s just nice clean streams from Google and Bing.
If traffic from the same host, being sent over the same network path, but looking like Google, arrives faster (or slower) than traffic that looks like it came from Bing, then there’s policy differentiating Google from Bing.
Now, what if the policy is only applied to full flows, and not half flows? Well, in this case, we have one session that’s a straight normal download from Bing. Then we have another, where the entire client->server path is tunneled as before, but the Broker immediately emits the tunneled packets to Bing *spoofing the Client’s IP address*. So basically we’re now comparing the speed of a full legitimate flow to Bing, with a half flow. If QoS differs — as it would, if policy is only applied to full flows, then once again the policy is detected.
I call this client->server spoofing mode Roto-N00ter.
There’s more tricks, but this is what N00ter’s up to in a nutshell. It should work for anything IP based — if you want to know if XBox360 traffic routes faster than PS3 traffic, this’ll tell you.
Also, I’ve been doing some interesting things with BitCoin. (Len, we’ll miss you.) A few weeks ago, I gave a talk at Toorcon Seattle on the subject. Here are those slides as well.
Where’s the code? Well, two things are slowing down Paketto Keiretsu 3.0 (do people even remember scanrand?). First, I could use a release manager. I swear, packing stuff up for release is actually harder in many ways than writing the code! I do admit to know TCP rather better than Autoconf.
Secondly, and I know this is going to sound strange — I’m really not out to bust anyone with N00ter. Yes, I know it’s inevitable. But if a noxious filter is quietly removed with the knowledge that it’s presence is going to be provable in a court of law, well, all’s well that ends well, right?
So, give me a week or two. I have to get back from Germany anyway (the Black Ops talk will indeed be presented in a nuke hardened air bunker, overlooking MiG’s on the front lawn. LOL.)
Dan Kaminsky's Blog 
There are some interesting ideas in the talk 🙂
Okay, I don’t know if this is of great use, yet here are my idea on the problems with phidelius:
Passwords tend to be low entropy. Yet usernames are forced to be unique. There should be no issue in feeding both concatenated as the seed.
Passwords tend to be forgotten. A password is a memory, that (if you take a new one), is not yet coupled with any relevant emotional association, or say experience. Our brain works like this: it only remembers stuff that is essential and relevant, by adding emotions to it. An ideal passwords has never been used before, and has no associations with anything that happened before in the persons life. This is the best situation, to forget this memory/password immediately :-). The best would be to generate a shocking and emotionally intense unique experience for the user, which is focused on the new password. One Idea would be: You input your name, and a picture of yours, and you have to watch a small movie of a bunch of killers trying to kill you. And the killers are named by the parts of the charsequence you need to remember, first one is “G8”, but you kill him and survive. A beautiful spaghetti-monster by the name “AW” comes flying by, and wishes you good luck. Then the next killer is “R1″… and he kills your family … so forth. You watch this video a few times. You will always remember the names of the killers of your family… you get the idea. Problem: each new password needs a new story, to not interfere with the old. But it will be an unforgettable unique experience password.
On Bitcoin:
There needs to an implementation where a hash is not an end-to-end verififaction of the whole history, but only a part of sufficient time. It would be sufficient for every user to download just a part of this history (like just a part of a bittorent file), preferably the part that concerns his transactions, and be able to verify their correctness based on history balance at the begin of the part, and history balance at the end. The client should also try to download at random a few more parts, and the most recent ones… So the data is spread over more clients, and there is no need to be a bank and store terrabytes on daily basis.
I would love to here your comments on these ideas.
cheers!