NIST Colloquium Series discusses how doctored images are used and revealed in media, politics, science and law…or as Plato asked, how do you believe what you see?
Perhaps my favorite line in the presentation is when Dr. Hany Farid says what worried people about doctored Iranian missile photos was not the number fired, but that the Iranians figured out how to use Photoshop.
In related news the Chinese were just accused (again) of showing Top Gun movie images as real and current military news.
Where is Godzilla when you need him? A giant menacing shadowy figure of petrochemical poisons looms over America. It waves its tentacles and weaves it ways into every market, every sector, trying to subdue the environment and overpower resistance. Is it smog? Could it be…is it…The Kochtopus?!
…the University of Massachusetts at Amherst’s Political Economy Research Institute named Koch Industries one of the top ten air polluters in the United States.
[…]
Koch Industries owns Brawny paper towels, Dixie cups, Georgia-Pacific lumber, Stainmaster carpet, and Lycra, among other products. Forbes ranks it as the second-largest private company in the country, after Cargill, and its consistent profitability has made David and Charles Koch—who, years ago, bought out two other brothers—among the richest men in America. Their combined fortune of thirty-five billion dollars is exceeded only by those of Bill Gates and Warren Buffett.
One of my big beefs, pardon the pun, with the Kansas-based duo is that they fail the libertarian test.
They claim to be advocates of a completely free market — only the strongest should survive through “creative destruction” (their term) — yet their history of wealth tells a very different story.
When their father failed in the market, he quit and found a more generous source of income. Regulations might have helped Fred innovate in America, but an easier path to get rich lured him away — Russia.
Fred attended M.I.T., where he earned a degree in chemical engineering. In 1927, he invented a more efficient process for converting oil into gasoline, but, according to family lore, America’s major oil companies regarded him as a threat and shut him out of the industry. Unable to succeed at home, Koch found work in the Soviet Union.
It might be said he was unfairly shut out of the market, but this begs the question of what market is completely fair and why he did not try to reform the market? He failed in the existing market, and instead of using creative destruction to improve he quit the competition and gave himself to Stalin. That arrangement apparently did not work out so well for Fred, who soon realized his financial benefactor now was calling all the shots (pun not intended).
In the nineteen-thirties, his company trained Bolshevik engineers and helped Stalin’s regime set up fifteen modern oil refineries. Over time, however, Stalin brutally purged several of Koch’s Soviet colleagues. Koch was deeply affected by the experience, and regretted his collaboration. He returned to the U.S. In the headquarters of his company, Rock Island Oil & Refining, in Wichita, he kept photographs aimed at proving that some of those Soviet refineries had been destroyed in the Second World War. Gus diZerega, a former friend of Charles Koch, recalled, “As the Soviets became a stronger military power, Fred felt a certain amount of guilt at having helped build them up. I think it bothered him a lot.”
Fortunately for Fred, he managed to get rich thanks to Stalin. But his decisions bothered him so much it became a grudge that he passed on to his children.
Here I think it appropriate to mention the younger Bush Presidency connection to problems raised by the elder Bush. The elder Bush invaded Iraq, but failed to depose Saddam Hussein, for example. The younger Bush then re-lit and carried his father’s torch to the point where it blinded him; who today believes that the current war with Iraq was really about the search for WMD? Could the Koch sons make a similar mistake in judgment?
I fear the same totally irrational view of current events now infects the Koch corporate offices in Wichita. They probably seek to avenge their father; they want to win the battles in a war that ended over 60 years ago. Although there are many possible paths they could choose, it seems they may just want to find a target to pin with a 1950s hatred of the “Reds”.
The Koch father, no matter how well intentioned he was with his grudge, unfortunately tended to work himself up over nothing. He joined extreme political movements and vowed to fight the evil Communist agents taking over America, like a decorated war General elected President and the “colored man”
Members considered President Dwight D. Eisenhower to be a Communist agent. In a self-published broadside, Koch claimed that “the Communists have infiltrated both the Democrat and Republican Parties.” He wrote admiringly of Benito Mussolini’s suppression of Communists in Italy, and disparagingly of the American civil-rights movement. “The colored man looms large in the Communist plan to take over America,” he warned. Welfare was a secret plot to attract rural blacks to cities, where they would foment “a vicious race war.” In a 1963 speech that prefigures the Tea Party’s talk of a secret socialist plot, Koch predicted that Communists would “infiltrate the highest offices of government in the U.S. until the President is a Communist, unknown to the rest of us.”
He admired suppression by Mussolini? That’s like saying he admires the use of WMD. The Italian leader made indiscriminate use of chemical weapons and viruses on civilians, which decimated the Horn of Africa. He even bombed hospitals. Koch was either ignorant of the facts or blinded by his rage. Either way, his admiration was misplaced.
Perhaps Fred Koch did not concern himself with the welfare of Africans, dismissing them as more of the “colored man” who “looms large”.
The Koch sons now running his empire do not seem to reflect upon their father with any disdain for his philosophy at all. It does not appear that they have distanced themselves from his admiration of fascism or from his rhetoric against civil rights and welfare; thus we today find a mutation from Fred Koch into a formidable Kochtopus.
The Kochtopus has entered new battles. It has rallied against clean energy innovation in America, for example. Imagine a Fred Koch today, just graduating from MIT and hoping to bring his new ideas for energy to market to reduce emissions. Who would oppose the need for his ideas and try to shut him out? The Kochtopus would, because energy innovation to reduce emissions is some kind of evil government plot, apparently.
…97 percent of the $8.2 million raised by the [Yes on Proposition 23] forces has been given by oil-related interests and 89 percent of that money has come from out of state. Three companies, Koch Industries, Tesoro, and Valero — another Texas-based oil company — have provided 80 percent of those funds.
“There are three companies from out of state that have a very specific economic interest in rolling back our clean energy economy and jobs,” Thomas Steyer, a San Francisco hedge-fund manger who is co-chair of the No on 23 campaign, said during a conference call Friday.
“I am a businessman,” he added. “I believe in the free enterprise system. I believe in profit. But companies have to accept the rules that are placed on them.”
Steyer, founder of Farallon Capital Management, has pledged $5 million of his own money to the No campaign.
If Proposition 23 had passed, the Fred Koch’s of today would likely have to go to China or other countries to innovate with clean energy, just like Fred had to go to Stalin.
“If the Yes on 23 folks win, we’re going to change the framework for investment here,” said Steyer. “We’re going to change our ability to create new industries. Those industries are going to go elsewhere, probably not in the United States. Probably specifically our biggest competition in this is China.”
Oh, the irony of so-called libertarianism. First the Koch family gets rich from government aid, then they try to shut down regulations that would help others with new ideas who could be in competition. They also spin studies that try to cast doubt on the need for cleaner energy or more regulation to protect health; it’s a play right out of the oil company book of the 1930s that their father was so angry about.
The sons should be backing innovation and new ideas and fighting for regulation that protects the market. They should be promoting welfare programs and proving Communism evil and wrong by example — show how success in a fair market can spur growth and help reduce harm. Instead they are playing right into the hands of their harshest critics.
The Kochtopus is demonstrating an obsession with consolidation of wealth, deregulation and monopolization, fueled by misplaced pride in anti-Stalinism, which is quickly earning it the reputation of one of the more ironic and tragic stories in America.
Look around. Do you see signs of the Kochtopus, ready to take control and stop you from suggesting new ideas or helping others?
Excuse me, which way to the boardroom?
The PCI Council seems to suggest in today’s Assessor Update that extensive use of MD5 is a reason not to prohibit its use:
…the PCI DSS and PA-DSS do not explicitly prohibit the use of MD5, acknowledging the prevalence of MD5 as a cryptographic technology in the marketplace. Additionally, it may be possible to mitigate some of the risks associated with MD5 through the implementation of additional cryptographic controls or security measures. For example, the susceptibility of MD5 hashes to rainbow table lookups can potentially be mitigated through the proper use of strong, unique salts.
They then, of course, say it is up to the QSA or PA-QSA to assess the risk with their client.
They could have said they same thing about SSLv2.
Section 4.1 of the PCI DSS, until the end of 2008, was open to interpretation for SSL. However, the Assessor Update Nov08 clarified that use of SSLv2 for protection of sensitive information is prohibited.
…it is imperative that an ASV identify the use of SSL 2.0 to transmit cardholder data as a failure
The difference between the two probably comes down to two factors:
SSLv2 was required only by browsers before 1997. Options for SSLv2 therefore have not only been around for a decade, but SSLv3 or later has been the default for applications since at least 2005. Despite possible workarounds, the advocated path was an upgrade.
Upgrading from SSLv2 is a trivial setting on servers. One reason often given by organizations to avoid change is the cost of development but there is none for SSL because a change was required from the start. Clients can automatically negotiate the upgrade. However, there still may be support calls due to error messages or warnings. This has been offset by servers configured to provide instructions or self-help to reduce support requests.
In comparison to SSL, MD5 has many available options (even though less obvious than SSL), so it passes the first criteria. It probably is said to be too difficult/costly to change because it was built into applications without any upgrade path for the hash function. Thus, the Council must really base their decision upon this second issue.
This makes for an interesting dilemma for an Assessor. The PCI Council is stepping away from the risk assessment themselves because they say they are “acknowledging the prevalence” of MD5 rather than any security or safety of the hash function.
I doubt most Assessors would use prevalence alone as a measure, whether or not it is “possible to mitigate some of the risks”. Some of the risks? An Assessor would probably say a more appropriate measure of risk, when asked to approve an increasingly vulnerable control like MD5, is the rise and prevalence of threats.
In 2007 Google was given a simple UI that matched md5 strings to prove a point that collisions were more common than we might have wanted to believe. Attacks up to this time were mostly theoretical.
Cheap and large storage continued to rapidly expand and hold massive rainbow tables for unsalted MD5. Two terabytes for just $100, for example, makes it hard to believe that rainbow tables could be outrun (e.g. expand the range of symbols for a hash) since table sizes simply increase at almost no cost.
In 2008 the theoretical attacks on MD5 became more real. A researcher claimed free MD5 attack software could run at 1.4 billion cycles per second. A race for the fastest MD5 crack engine heated up, using compute speed with simple code to crack hashes using a long salt. Last year saw a number of free attack tools that target salted MD5 and take advantage of ATI and nVidia multi-GPUs.
NVidia 8800gt, % applies to MD5
2 hashes: v0.23 = 302.9M/s, v0.24 = 311.3M/s
500.000 hashes: v0.23 = 295.6M/s, v0.24 = 302.5M/sNVidia gtx465, % applies to SHA-1
2 hashes: v0.23 = 376.9M/s, v0.24 = 430.3M/s
500.000 hashes: v0.23 = 366.8M/s, v0.24 = 418.3M/s
The author of bcrypt adds some color to the evolution of threats against MD5
It’s important to note that salts are useless for preventing dictionary attacks or brute force attacks. You can use huge salts or many salts or hand-harvested, shade-grown, organic Himalayan pink salt. It doesn’t affect how fast an attacker can try a candidate password, given the hash and the salt from your database.
Salt or no, if you’re using a general-purpose hash function designed for speed you’re well and truly effed.
Thus, while the PCI Council advises Assessors to take a risk-based approach with clients, there in fact seem to be no countermeasures or compensating controls to make MD5 suitable for cardholder data protection. The best path in terms of “implementation of additional cryptographic controls” to meet the intent of PCI compliance is a move to a stronger hash function or to an encryption algorithm (e.g. do not list MD5 as a control that can protect cardholder data).
That is probably why Bruce Schneier put it so succinctly two years ago (December 31, 2008):
I’m not losing a whole lot of sleep because of these attacks. But — come on, people — no one should be using MD5 anymore.
US federal agencies suggested MD5 was not even worth using in 2004.
There are known MD5 collisions and weaknesses, and MD5 is not recognized by FIPS 140-2, Security Requirements for Cryptographic Modules. The NSRL data provides an MD5 to SHA-1 mapping to facilitate the migration away from MD5.
Then they migrated away from SHA-1 last year, because of threats.
[D]ue to advances in technology, NIST plans to phase out of SHA-1 in favor of the larger and stronger hash functions (SHA-224, SHA-256, SHA-384 and SHA-512) by 2010.
Organizations that have not made their hash function easily modified/upgraded will only be in an even more difficult pickle when the Council finds the courage to finally ban MD5, or a specific breach is linked to the hash function. The latest guidance from the PCI Council, however, moves more risk into the hands of the Assessor at the same time it makes it much harder for Assessors to emphasize a prepared fallback position (e.g. SHA-256) for those who claim to be unable to move from MD5.
Prevalence in the marketplace could as easily have given the Council reason to push for change, just like with SSLv2. Instead they seem to call it a reason for pause.
Updated to add: Confusion may come from whether MD5 is allowable within other security processes. A TLS tunnel, for example, can protect MD5 hashes. This is like saying a TLS tunnel can protect ASCII-encoded data, however. Sensitive data (hashed or encoded, etc.) that requires a strong tunnel for its protection is therefore weak on its own; it would be imperative then to identify the use of MD5 to protect cardholder data as a failure.
Interesting revelation from Bletchley Park — Britain’s army of code-breakers were able to confirm in advance of D-Day that the Nazis had been successfully fooled. Hitler believed the invasion would happen at Pas de Calais instead of Normandy, as shown in this document:
DONNY, DICK AND DORICK
These are the names of three entirely fictious spies for Germany who, Pujol writes, have told him that large numbers of Allied troops remain gathered in southern England. This, Pujol says, means the initial D Day landings were just a “red herring”. Of course, this is disinformation.
PAS DE CALAIS
Pujol writes that the “critical attacks” are still to come, most likely to be focused on Pas de Calais in northern France. In truth, this is a bluff on Pujol’s part, intended to keep German forces away from the rearguard of the actual invasion sites in Normandy.
AMY
Here Pujol quotes AMY, another fictitious agent, telling him that there were 75 divisions in England before the France landings – meaning more were still to come. The Germans have no idea that this is untrue.