Re: [Fed-Talk] Malware targeting ActivIdentity smart cards
Re: [Fed-Talk] Malware targeting ActivIdentity smart cards
- Subject: Re: [Fed-Talk] Malware targeting ActivIdentity smart cards
- From: Paul Nelson <email@hidden>
- Date: Fri, 13 Jan 2012 15:07:28 -0600
The irony is that you are required to have your smart card in the reader in order to use the computer.
This rule makes the vulnerability greater.
I'm not clear on why a keylogger is even needed. All malware needs to do is watch for a smart card to be present, then try to use it to make an SSL connection to a trusted site like web.mail.mil. If the malware can run in your browser app, then you are in trouble.
You can get card readers with entry keypads, and if the middleware on the host computer works right, then the keylogger adds nothing to the vulnerability. In this approach, there would be no way for the host computer to send a PIN to the card.
The main problem I see with Mac OSX (Snow leopard and Lion both) is that once your smartcard has been unlocked with your PIN, then ANY process on the computer can use it without ANY user intervention.
The architecture is just not smart enough to keep track of what process caused the card to be unlocked and why. For example, on a CAC, the PIN unlocks all three private keys on the card. This make the design simple, but if the user only wanted to sign an e-mail, the system would allow any other app to decrypt data.
On Jan 13, 2012, at 2:48 PM, William Cerniuk wrote:
> It might be argued that any input to a computer is a point of vulnerability.
>
> How easy is it to design a wedge driver for USB or Bluetooth? Essentially capture everything in the flow in from the analog world to the digital world. It does not matter how NIST certified your crypto is on that hard drive or that CAC/PIV card; as long as the interface to the device does not have a direct connection to the encrypted device, it is an easy point of attack.
>
> The only way a PIV or a CAC card can be secure from electronic data capture at PIN entry is to have a membrane keypad on the CAC/PIV card itself. But... then it could be argued that a RF monitor embedded below the desk surface, sufficiently close to the PIV card, could pick up the RF leakage and determine the codes bases on keypad voltage variations and the resulting RF output from key presses.
>
> The most secure system is a system that is not used... which frequently is the result of attempts at risk elimination vs mitigation ;-)
>
> Best,
> Wm.
>
>
>
>
> On Jan 13, 2012, at 15:11, David Emery <email@hidden> wrote:
>
>> Independent of the problems Windows has with vulnerabilities, this highlights the problems in depending on a 3rd-party add-on as an element of what should be your Trusted Computing Base!
>>
>>> ...
>>>> With ActivIdentity as the target, the attacks are clearly aimed at U.S. defense departments, the Times added. But it's as yet unknown what information the hackers have so far been able to capture.
>>
>>
>> dave
>> -----
>> David Emery, 703 298 3473 (c) 703 272 7496 (fax)
>> Supporting PdM Software Integration
>>
>>
>>
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden