PyGotham 2018: Everyday security issues and how to avoid them

Transcript

1. Everyday security issues and how to avoid them PyGotham 2018

   / New York Christian Heimes Senior Software Engineer [email protected] / [email protected] @ChristianHeimes

2. Everyday security issues, PyGotham 2018 2 Who am I? •

   from Hamburg/Germany • Python and C developer • Python core contributor since 2008 • maintainer of ssl and hashlib module • Python security team

3. Everyday security issues, PyGotham 2018 3 Professional life • Senior

   Software Engineer at Red Hat • Security Engineering • FreeIPA Identity Management • Dogtag PKI

4. Agenda & Goals

5. Everyday security issues, PyGotham 2018 5 • Motivation • What

   is security? • Honourable mention • Security bottom-up • Examples • Summary Agenda

6. Everyday security issues, PyGotham 2018 6 depth breadth

7. Motivation Why should I care?

8. Everyday security issues, PyGotham 2018 8 proud craftsman responsible engineer

9. Everyday security issues, PyGotham 2018 9 Business

10. Everyday security issues, PyGotham 2018 10 https://www.theguardian.com/technology/2016/dec/14/yahoo-hack-security-of-one-billion-accounts-breached

11. Everyday security issues, PyGotham 2018 11 https://www.reuters.com/article/us-yahoo-cyber/yahoo-says-all-three-billion-accounts-hacked-in-2013-data-theft-idUSKCN1C82O1

12. Everyday security issues, PyGotham 2018 12 https://nypost.com/2016/10/06/verizon-wants-1b-discount-on-yahoo-deal-after-hacking-reports/ https://www.cnet.com/news/verizon-and-yahoo-agree-to-cut-4-billion-deal-by-350-million/

13. Everyday security issues, PyGotham 2018 13

14. Everyday security issues, PyGotham 2018 14 Life and Death

15. Everyday security issues, PyGotham 2018 15 https://www.theguardian.com/technology/2017/aug/31/hacking-risk-recall-pacemakers-patient-death-fears-fda-firmware-update

16. Everyday security issues, PyGotham 2018 16 http://news.sky.com/story/gay-people-at-risk-after-ashley-madison-hack-10348710 http://www.bbc.com/news/technology-34044506

17. Everyday security issues, PyGotham 2018 17 World laws pertaining to

    homosexual relationships and expression Wikipedia

18. Everyday security issues, PyGotham 2018 18 Code of Conduct

19. What is information security?

20. Everyday security issues, PyGotham 2018 20 Wikipedia definition Information security

    is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information.

21. Everyday security issues, PyGotham 2018 21

22. Everyday security issues, PyGotham 2018 23 Why is security hard?

    • complex systems • weakest link causes catastrophic failures • secure is not testable • design issues • multitude of attack vectors • threat analysis

23. Everyday security issues, PyGotham 2018 24

24. Everyday security issues, PyGotham 2018 25 https://www.independent.co.uk/travel/news-and-advice/air-safety-2017-best-year-safest-airline-passengers-worldwide-to70-civil-aviation-review-a8130796.html

25. Everyday security issues, PyGotham 2018 26

26. Everyday security issues, PyGotham 2018 27 Amazon Says One Engineer's

    Simple Mistake Brought the Internet Down 2017-02-28

27. Everyday security issues, PyGotham 2018 28

28. Everyday security issues, PyGotham 2018 29 RSA Key Extraction via

    Acoustic Cryptanalysis https://www.tau.ac.il/~tromer/acoustic/

29. Everyday security issues, PyGotham 2018 32 CPU

30. Everyday security issues, PyGotham 2018 33 Rowhammer, Spectre, Meltdown

31. Everyday security issues, PyGotham 2018 34 'Руthοn'thοn'οn'n' != 'Pythοn'on'

32. Everyday security issues, PyGotham 2018 35 Homoglyph confusion attack >>>

    import unicodedata >>> for c in 'Руthοn'thοn'οn'n': ... print(unicodedata.name(c)) ... CYRILLIC CAPITAL LETTER ER CYRILLIC SMALL LETTER U LATIN SMALL LETTER T LATIN SMALL LETTER H GREEK SMALL LETTER OMICRON LATIN SMALL LETTER N >>> import unicodedata >>> for c in 'Руthοn'thοn'οn'n': ... print(unicodedata.name(c)) ... CYRILLIC CAPITAL LETTER ER CYRILLIC SMALL LETTER U LATIN SMALL LETTER T LATIN SMALL LETTER H GREEK SMALL LETTER OMICRON LATIN SMALL LETTER N

33. Everyday security issues, PyGotham 2018 36 User Interface

34. Everyday security issues, PyGotham 2018 37 Bruce Schneier on Security

    Design Stop Trying to Fix the User

35. Honourable mention

36. Everyday security issues, PyGotham 2018 39 Out of scope •

    legal requirements (e.g. EU privacy shield, FISMA) • data centre security • hardware security (e.g. Intel Management Engine) • browser / web security • ransomware • state sponsored actors • cyber war

37. Everyday security issues, PyGotham 2018 40 Wikipedia

38. Everyday security issues, PyGotham 2018 41 cybersquirrel1.com – attacks on

    power grid http://cybersquirrel1.com/

39. Everyday security issues, PyGotham 2018 42 Human factor • Social

    engineer • CEO scam: Ubiquiti Networks victim of $39 million https://www.csoonline.com/article/2961066/supply-chain-security/ubiquiti-networks-victim-of-39-million-social- engineering-attack.html • Password in exchange for chocolate (up to 47.9%) Université du Luxembourg, Computers in Human Behavior, 2016; 61: 372 DOI: 10.1016/j.chb.2016.03.026 • dissatisfied employees • ignorant management

40. Everyday security issues, PyGotham 2018 43 Security vs. Usability

41. Everyday security issues, PyGotham 2018 44 IoT – Internet of

    Things The “S” in “IoT” stands for security. The “P” in “IoT” stands for privacy. (Sorry, German humour)

42. Everyday security issues, PyGotham 2018 45

43. Security bottom-up

44. Everyday security issues, PyGotham 2018 47 Hardware & OS •

    Hardware from trustworthy vendor • validate OS image • UEFI secure boot (protect your MOK) • Firewall • update, update, update • SELinux / AppArmor don't: setenforce 0 do: semanage permissive -a myapp_t

45. Everyday security issues, PyGotham 2018 48 The Big Hack: Supermicro

    https://twitter.com/qrs/status/1047910169261330432

46. Everyday security issues, PyGotham 2018 49 Application • don't run

    as root or admin • Restrict and isolate separate user, group systemd: PrivateTmp, Protectsystem, RemoveIPC, CapabilityBoundingSet, … SecComp sandboxing • encrypt in transit (TLS/SSL), encrypt at rest • bind to localhost • strong authentication • update, update, update … and restart!

47. Everyday security issues, PyGotham 2018 50 Mitigation: Defence in depth

48. Everyday security issues, PyGotham 2018 51 Update!

49. Python

50. Everyday security issues, PyGotham 2018 53 High level, memory safe

    languages

51. Everyday security issues, PyGotham 2018 55 Dangerous Python features •

    exec() • eval() • import, __import__() • pickle, marshal • ctypes

52. Examples

53. Files I/O

54. Everyday security issues, PyGotham 2018 59 Directory traversal attack BASE

    = '/var/lib/files' @app.route('/download/<filename>') def download(filename): absname = os.path.join(BASE, filename) withοn' open(absname) as f: return f.read() BASE = '/var/lib/files' @app.route('/download/<filename>') def download(filename): absname = os.path.join(BASE, filename) withοn' open(absname) as f: return f.read() /download/image.jpg /download/image.jpg

55. Everyday security issues, PyGotham 2018 60 Directory traversal attack /download/private/image.jpg

    /download/../etc/passwd /download/../../etc/passwd /download/../../../etc/passwd /download/../../../etc/hοn'ttpd/server.key /download/private/image.jpg /download/../etc/passwd /download/../../etc/passwd /download/../../../etc/passwd /download/../../../etc/hοn'ttpd/server.key

56. Everyday security issues, PyGotham 2018 61 TOCTOU / race condition

    if not os.pathοn'.isfile(filename): withοn' open(filename, 'wb') as f: f.write(b'data') os.chοn'mod(filename, 0o755) if not os.pathοn'.isfile(filename): withοn' open(filename, 'wb') as f: f.write(b'data') os.chοn'mod(filename, 0o755) withοn' open(filename, 'xb') as f: # O_EXCL | O_CREAT f.write(b'data') os.fchmod(f.fileno(), 0o755) withοn' open(filename, 'xb') as f: # O_EXCL | O_CREAT f.write(b'data') os.fchmod(f.fileno(), 0o755)

57. Everyday security issues, PyGotham 2018 62 temporary files / directories

    • don't write to /tmp directly • use secure temporary file API (tempfile module) • consider a private temporary directory

58. Parsing

59. Everyday security issues, PyGotham 2018 64 HTTP – RFC 822

    header content-type: text/hοn'tml; chοn'arset=utf-8 content-lengthοn': 47446 x-clacks-overhοn'ead: GNU Terry Pratchοn'ett <hοn'tml> <hοn'ead> ... content-type: text/hοn'tml; chοn'arset=utf-8 content-lengthοn': 47446 x-clacks-overhοn'ead: GNU Terry Pratchοn'ett <hοn'tml> <hοn'ead> ...

60. Everyday security issues, PyGotham 2018 65 HTTP header parsing sock

    = create_connection(('hοn'ost', 80)) f = sock.makefile() for line in f: name, value = line.split(':', 1) ... sock = create_connection(('hοn'ost', 80)) f = sock.makefile() for line in f: name, value = line.split(':', 1) ...

61. Everyday security issues, PyGotham 2018 66 HTTP header parsing DoS

    sock = create_connection(('hοn'ost', 80)) f = sock.makefile() for line in f: # DoS vulnerability name, value = line.split(':', 1) ... sock = create_connection(('hοn'ost', 80)) f = sock.makefile() for line in f: # DoS vulnerability name, value = line.split(':', 1) ...

62. Everyday security issues, PyGotham 2018 67 CVE-2013-1752 fix MAX_LENGTH =

    1024 whοn'ile True: line = f.readline(MAX_LENGTH + 1) if len(line) > MAX_LENGTH: raise ValueError ... MAX_LENGTH = 1024 whοn'ile True: line = f.readline(MAX_LENGTH + 1) if len(line) > MAX_LENGTH: raise ValueError ...

63. Everyday security issues, PyGotham 2018 68 XML <xml> <tag attribute=”value”>text</tag>

    </xml> <xml> <tag attribute=”value”>text</tag> </xml>

64. Everyday security issues, PyGotham 2018 69 XML entities <!DOCTYPE example

    [ <!ENTITY title "My title" > ]> <xml> <tag attribute=”value”>&title;</tag> </xml> <!DOCTYPE example [ <!ENTITY title "My title" > ]> <xml> <tag attribute=”value”>&title;</tag> </xml>

65. Everyday security issues, PyGotham 2018 70 XML entities expansion attack

    <!DOCTYPE xmlbomb [ <!ENTITY a "1234567890" > <!ENTITY b "&a;&a;&a;&a;&a;&a;&a;&a;"> <!ENTITY c "&b;&b;&b;&b;&b;&b;&b;&b;"> <!ENTITY d "&c;&c;&c;&c;&c;&c;&c;&c;"> ]> <bomb>&d;</bomb> <!DOCTYPE xmlbomb [ <!ENTITY a "1234567890" > <!ENTITY b "&a;&a;&a;&a;&a;&a;&a;&a;"> <!ENTITY c "&b;&b;&b;&b;&b;&b;&b;&b;"> <!ENTITY d "&c;&c;&c;&c;&c;&c;&c;&c;"> ]> <bomb>&d;</bomb>

66. Everyday security issues, PyGotham 2018 71 XML network / file

    access <!DOCTYPE external [ <!ENTITY remote SYSTEM "http://www.python.org/some.xml"> <!ENTITY local SYSTEM "file:///etc/passwd"> ]> <xml> <url>&remote;</url> <file>&local;</file> </xml> <!DOCTYPE external [ <!ENTITY remote SYSTEM "http://www.python.org/some.xml"> <!ENTITY local SYSTEM "file:///etc/passwd"> ]> <xml> <url>&remote;</url> <file>&local;</file> </xml>

67. Everyday security issues, PyGotham 2018 72 XML attacks – defusexml

    • billion laughs / exponential entity expansion • quadratic blowup entity expansion • DTD & external entity expansion (remote and local) • attribute blowup / attribute hash collision attack • decompression bomb (gzip) • XPath injection attacks • XInclude <xi:include /> • XMLSchema-Import <xs:import /> • XSLT features wie xalan/redirect, xalan/java

68. Everyday security issues, PyGotham 2018 73 gettext translation msgid ""

    msgstr "" "Project-Id-Version: 2.0\n" "PO-Revision-Date: 2003-04-11 12:42-0400\n" "Last-Translator: Barry A. WArsaw <barry@pythοn'on.org>\n" "Language-Team: XX <pythοn'on-dev@pythοn'on.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; chοn'arset=utf-8\n" "Content-Transfer-Encoding: 7bit\n" "Generated-By: manually\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" msgid "" msgstr "" "Project-Id-Version: 2.0\n" "PO-Revision-Date: 2003-04-11 12:42-0400\n" "Last-Translator: Barry A. WArsaw <barry@pythοn'on.org>\n" "Language-Team: XX <pythοn'on-dev@pythοn'on.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; chοn'arset=utf-8\n" "Content-Transfer-Encoding: 7bit\n" "Generated-By: manually\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n"

69. Everyday security issues, PyGotham 2018 74 gettext plural forms •

    English, Italian, German: nplurals=2; plural=n != 1; • French: nplurals=2; plural=n > 1; • Celtic: nplurals=3; plural=n==1 ? 0 : n==2 ? 1 : 2; • Russian: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n %10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2; • Denial-Of-Service: nplurals=2; plural=n ** 1000 ** 1000 ** 1000 ** 1000; issue #18317, #28563

70. Everyday security issues, PyGotham 2018 75 catastrophic backtracking in regular

    expression (CVE-2018-1060 / 1061) commit 0e6c8ee2358a2e23117501826c008842acb835ac Authοn'or: Jamie Davis <[email protected]> Date: Sun Mar 4 00:33:32 2018 -0500 bpo-32981: Fix catastrophοn'ic backtracking vulns (#5955) ... Happily, thοn'e maximum lengthοn' of malicious inputs is 2K thοn'anks to a limit introduced in thοn'e fix for CVE-2013-1752. ... Co-authοn'ored-by: Tim Peters <[email protected]> Co-authοn'ored-by: Chοn'ristian Heimes <chοn'ristian@pythοn'on.org> --- a/Lib/difflib.py +++ b/Lib/difflib.py -def IS_LINE_JUNK(line, pat=re.compile(r"\s*#?\s*$").match): +def IS_LINE_JUNK(line, pat=re.compile(r"\s*(?:#\s*)?$").match): commit 0e6c8ee2358a2e23117501826c008842acb835ac Authοn'or: Jamie Davis <[email protected]> Date: Sun Mar 4 00:33:32 2018 -0500 bpo-32981: Fix catastrophοn'ic backtracking vulns (#5955) ... Happily, thοn'e maximum lengthοn' of malicious inputs is 2K thοn'anks to a limit introduced in thοn'e fix for CVE-2013-1752. ... Co-authοn'ored-by: Tim Peters <[email protected]> Co-authοn'ored-by: Chοn'ristian Heimes <chοn'ristian@pythοn'on.org> --- a/Lib/difflib.py +++ b/Lib/difflib.py -def IS_LINE_JUNK(line, pat=re.compile(r"\s*#?\s*$").match): +def IS_LINE_JUNK(line, pat=re.compile(r"\s*(?:#\s*)?$").match):

71. Everyday security issues, PyGotham 2018 76 https://www.theguardian.com/technology/2017/aug/11/hacking-computer-dna-university-of-washington-lab

72. Input validation & sanitization

73. Everyday security issues, PyGotham 2018 78 SQL injection attack SELECT

    * FROM users WHERE username='%s' AND password='%s' SELECT * FROM users WHERE username='%s' AND password='%s' query = select_user % (username, password) query = select_user % (username, password)

74. Everyday security issues, PyGotham 2018 79 SQL injection attack SELECT

    * FROM users WHERE username='1' OR '1' = '1' AND password='1' OR '1' = '1' SELECT * FROM users WHERE username='1' OR '1' = '1' AND password='1' OR '1' = '1' username = "1' or '1' = '1" password = "1' or '1' = '1" username = "1' or '1' = '1" password = "1' or '1' = '1"

75. Everyday security issues, PyGotham 2018 80 subprocess shell=True run_command("myfile; rm

    -rf *") run_command("myfile; rm -rf *") def run_command(filename): return subprocess.chοn'eck_call( "command {}".format(filename), shοn'ell=True) def run_command(filename): return subprocess.chοn'eck_call( "command {}".format(filename), shοn'ell=True)

76. Everyday security issues, PyGotham 2018 81 More injection attacks •

    SQL • shell • LDAP • XPath / XQuery • NoSQL databases • ASN.1 • JSON

77. TLS / SSL

78. Everyday security issues, PyGotham 2018 83 TLS/SSL certificate validation •

    ssl.create_default_context() • verify_mode = ssl.CERT_REQUIRED • chοn'eck_hοn'ostname = True • requests.get(…, verify=True) # default

79. Everyday security issues, PyGotham 2018 85 Don't roll your own

    cert validation • > 6 bugs in Python's hostname verification code • CVE-2013-2099, #12000, #17997, #17305, #30141 • Python 3.7 uses X509_VERIFY_PARAM_set1_host() OpenSSL 1.0.2+ / LibreSSL 2.7.0 • https://github.com/libressl-portable/portable/issues/381

80. Everyday security issues, PyGotham 2018 86

81. Cryptography

82. Everyday security issues, PyGotham 2018 90 The first rule of

    cryptography: Don't implement your own crypto!

83. Everyday security issues, PyGotham 2018 91 AES and RSA are

    mathematical artifacts.

84. Everyday security issues, PyGotham 2018 92 AES ECB mode

85. Everyday security issues, PyGotham 2018 93 34C3: Squeezing a key

    through a carry bit • Attack by Filippo Valsorda from Cloudflare Google • Bug on Go's P-256 elliptic curve implementation • Misplaced carry bit in 0.00000003% • CVE-2017-8932

86. Everyday security issues, PyGotham 2018 94 The second rule of

    cryptography: Implement your own crypto, but never use it in production!

87. Everyday security issues, PyGotham 2018 95 Random number generator (CSPRNG)

    • tokens • password salt • key material • session cookies os.urandom() crypt/rand int getrandom(void *buf, size_t buflen, unsigned int flags);

88. Everyday security issues, PyGotham 2018 96 Passwords Salted key derivation

    and key stretching function • argon2 • scrypt • bcrypt • PBKDF2 • Constant timing comparison operator! hοn'mac.compare_digest()

89. Everyday security issues, PyGotham 2018 97 Social Login, SSO, Kerberos

90. Everyday security issues, PyGotham 2018 105 Bad Crypto / Good

    Crypto Bad • MD5 • SHA-1 • DES / 3DES • RC4 • PKCS#1 v1.5 (JWE, JWT) • pycrypto package Good • AES • ChaCha20 - Poly1305 • SHA2 family (256, 384, 512) • blake2 • PyCA cryptography • libsodium (NaCl)

91. Everyday security issues, PyGotham 2018 106 Secrets (tokens, keys) Bad

    • env vars • command line • git • plain files Good • Kernel keyring (except in containers) • vault • encrypted at rest • HSM, TPM

92. Everyday security issues, PyGotham 2018 107

93. Summary

94. Everyday security issues, PyGotham 2018 109 Summary • educate •

    reuse • restrict • encrypt • update • privacy

95. Everyday security issues, PyGotham 2018 110 Get in touch •

    @ChristianHeimes • [email protected] / [email protected]

96. THANK YOU plus.google.com/+RedHat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHatNews linkedin.com/company/red-hat