Web sites that store personal information can be worrisome. Depending on the type of information stored, disclosure of the data can have effects ranging from embarrassment to financial loss. There are steps that web services (or "cloud" services in the parlance of our times) can take to reduce the danger of data disclosure. The Grendel encryption mechanism for sensitive data, which was recently released under the MIT license, is a reasonable approach to the problem—and one that can now be examined and possibly adopted by other web services.
Grendel comes from Wesabe, which is an online money management tool. That means that Wesabe stores some of the most sensitive information a user has, so focusing on security is important to Wesabe and its users. Unlike many other web services, though, Wesabe has been very candid about the steps it takes to safeguard its users' data. The release of Grendel is just another step along that path.
The basic idea behind Grendel is a REST-based API that a web service can use to implement an encrypted store for users' data. The encryption is done using OpenPGP, with keys being generated when the user is created. The private key is then encrypted using the user's password, so that it is only when a user is logged in that their data can be decrypted.
The interface is meant for the back-end, "behind the firewall", so the rest of the web application uses the API over a local or private network to retrieve whatever data has been stored by the user. Grendel is meant to reduce or eliminate sensitive data leaks to third parties, not to protect against malfeasance from web site operators. The recent RockYou breach is mentioned as an example of the kinds of leaks Grendel is meant to prevent.
The decryption key for the OpenPGP private key (i.e. the user's password) is only available to the application while the user is logged in. Once that session terminates (either through an explicit log out or a session time out), any attacker will be unable to access the data unless they can crack the password. So, even a complete compromise of the database contents will not easily allow access to the sensitive data.
In some ways, Grendel is an outgrowth of another technique that is used by Wesabe, called the "privacy wall". The wall makes it difficult for attackers to correlate users and their private information even if the database contents are exposed. Instead of using a user_id field to connect a user table to another table, the technique uses a cryptographic hash of the username and password as the key into the second table. That way, a particular user's data in the second table cannot be retrieved without the user's password, which is only available during the lifetime of their session.
There are some additional wrinkles, of course. If a user forgets their password, their data is essentially lost. This might be viewed by some as a weakness to the system, but from a security standpoint it makes a lot of sense. One way to handle that problem might be storing the key value (i.e. hash of username and password) encrypted with other information, such as the answer to security questions. However, security questions have risks of their own to consider.
There is nothing truly groundbreaking in these techniques, but there are certainly useful ideas embodied in them. While Grendel itself may not be of interest to other web services, due to its architecture or its Java implementation, it is heartening to see a web service that takes security seriously enough to explain its methods. It certainly stands in stark contrast to other services and their "trust us" security policies—something to consider when storing sensitive data on the web.
Brief itemse107 content management system (CMS) version 0.7.17. The e107 developers have pulled the offending release and issued an update for anyone that is running the code. In addition, they have enabled an update notification feature in the administrative interface for future problems. Click below for the report to the Bugtraq mailing list. LedgerSMB accounting system will probably want to look at the attached advisory; a number of vulnerabilities - including file inclusion and SQL injection - have been fixed. At least some of these vulnerabilities are present in SQL-Ledger as well.
|Package(s):||acroread||CVE #(s):||CVE-2009-3953 CVE-2009-3954 CVE-2009-3955 CVE-2009-3956 CVE-2009-3959 CVE-2009-4324|
|Created:||January 22, 2010||Updated:||September 8, 2010|
|Description:||From the Red Hat advisory:
Adobe Reader 8.1.7 is vulnerable to critical security flaws and should no longer be used. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2009-4324, CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3959, CVE-2009-3956)
|Package(s):||dokuwiki||CVE #(s):||CVE-2010-0287 CVE-2010-0288 CVE-2010-0289|
|Created:||January 22, 2010||Updated:||January 27, 2010|
|Description:||From the Debian advisory:
It was discovered that an internal variable is not properly sanitized before being used to list directories. This can be exploited to list contents of arbitrary directories. CVE-2010-0287
It was discovered that the ACL Manager plugin doesn't properly check the administrator permissions. This allow an attacker to introduce arbitrary ACL rules and thus gaining access to a closed Wiki. CVE-2010-0288
It was discovered that the ACL Manager plugin doesn't have protections against cross-site request forgeries (CSRF). This can be exploited to change the access control rules by tricking a logged in administrator into visiting a malicious web site. CVE-2010-0289
|Created:||January 22, 2010||Updated:||March 21, 2011|
|Description:||From the SUSE advisory: Missing CAP_NET_ADMIN checks in the ebtables netfilter code might have allowed local attackers to modify bridge firewall settings.|
|Created:||January 21, 2010||Updated:||February 11, 2011|
From the NVD entry:
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 184.108.40.206, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.
|Created:||January 25, 2010||Updated:||March 23, 2010|
From the Red Hat bugzilla entry:
When print-fatal-signals is enabled it's possible to dump any memory reachable by the kernel to the log by simply jumping to that address from user space.
Or crash the system if there's some hardware with read side effects.
The fatal signals handler will dump 16 bytes at the execution address, which is fully controlled by ring 3.
|Package(s):||lintian||CVE #(s):||CVE-2009-4013 CVE-2009-4014 CVE-2009-4015|
|Created:||January 27, 2010||Updated:||January 28, 2010|
|Description:||Debian's "lintian" package checker suffers from directory traversal, format string, and command execution vulnerabilities.|
|Package(s):||phpgroupware||CVE #(s):||CVE-2009-4414 CVE-2009-4415 CVE-2009-4416|
|Created:||January 27, 2010||Updated:||January 27, 2010|
|Description:||The phpgroupware system suffers from multiple remotely-exploitable vulnerabilities, including SQL injection, directory traversal vulnerabilities, and a cross-site scripting issue.|
Page editor: Jake Edge
Next page: Kernel development>>
Copyright © 2010, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds