Home » Posts tagged "bias"

Amazon Route 53 對地區的微調功能

Amazon Route 53 推出新功能,針對地區微調資源的比重:「Amazon Route 53 Traffic Flow Announces Support For Geoproximity Routing With Traffic Biasing」。


For example, suppose you have EC2 instances in the AWS US East (Ohio) region and in the US West (Oregon) region. When a user in Los Angeles browses to your website, geoproximity routing will route the DNS query to the EC2 instances in the US West (Oregon) region because it's closer geographically. If you want a larger portion of users in the middle of the United States to be routed to one region, you can specify a positive bias for that region, a negative bias for the other region, or both.

有點 CDN 的想法在裡面...

Facebook 操弄 Trending 裡的新聞

看了 GizmodoFacebook 的對話,就有種之前某長輩常說的「沒被抓到就不算犯罪喔~」的感覺:「Former Facebook Workers: We Routinely Suppressed Conservative News」。

Gizmodo 接到前員工的線報後,再加上透過關係問到其他的前員工,證實了標題的消息:

Facebook workers routinely suppressed news stories of interest to conservative readers from the social network’s influential “trending” news section, according to a former journalist who worked on the project. This individual says that workers prevented stories about the right-wing CPAC gathering, Mitt Romney, Rand Paul, and other conservative topics from appearing in the highly-influential section, even though they were organically trending among the site’s users.

Several former Facebook “news curators,” as they were known internally, also told Gizmodo that they were instructed to artificially “inject” selected stories into the trending news module, even if they weren’t popular enough to warrant inclusion—or in some cases weren’t trending at all. The former curators, all of whom worked as contractors, also said they were directed not to include news about Facebook itself in the trending module.

當然 Facebook 對於這種沒辦法證實的事情是全盤否認,不過再重複一次某長輩的「沒被抓到就不算犯罪喔~」的經典台詞...

新的 RC4 攻擊:實戰化

Twitter 上看到對 RC4 的新攻擊,可以直接攻擊 TLS 與 WPA-TKIP,沒有 workaround:「All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS」。

TKIP 可以在一個小時內打下來:

In practice the attack can be executed within an hour.

對於 TLS 則是 75 個小時有 94% 成功率,實際測試時只用了 52 個小時就順利攻下來:

We also attack TLS as used by HTTPS, where we show how to decrypt a secure cookie with a success rate of 94% using 9·227 ciphertexts. This is done by injecting known data around the cookie, abusing this using Mantin's ABSAB bias, and brute-forcing the cookie by traversing the plain-text candidates. Using our traffic generation technique, we are able to execute the attack in merely 75 hours.

When we tested the attack against real devices, it took merely 52 hours to successfully perform the attack.


NSA 付錢給 RSA 放後門的事件...

Edward Snowden 再次丟出 NSA 內部文件,表示 NSA 付錢給 RSA 在演算法裡面放後門:「Exclusive: Secret contract tied NSA and security industry pioneer」。

RSA 的回應則是完全不想提到這筆錢是做什麼用的:「RSA Response to Media Claims Regarding NSA Relationship」。

現在一般在猜測,這個後門應該就是 RSA BSAFE 的預設偽隨機數產生器 Dual_EC_DRBG

對於 Dual_EC_DRBG 的攻擊,2006 年的「Cryptanalysis of the Dual Elliptic Curve Pseudorandom Generator」就這樣寫:

Our experimental results and also empirical argument show that the DEC PRG is insecure. The attack does not imply solving the ECDLP for the corresponding elliptic curve. The attack is very efficient.

在 2007 年,Bruce Schneier 寫了一篇「Did NSA Put a Secret Backdoor in New Encryption Standard?」,提到這個弱點並沒有大到使得這個演算法不堪用,但看了總是不爽:

Problems with Dual_EC_DRBG were first described in early 2006. The math is complicated, but the general point is that the random numbers it produces have a small bias. The problem isn't large enough to make the algorithm unusable -- and Appendix E of the NIST standard describes an optional work-around to avoid the issue -- but it's cause for concern. Cryptographers are a conservative bunch: We don't like to use algorithms that have even a whiff of a problem.

並且建議不要用 Dual_EC_DRBG:

My recommendation, if you're in need of a random-number generator, is not to use Dual_EC_DRBG under any circumstances. If you have to use something in SP 800-90, use CTR_DRBG or Hash_DRBG.

現在回頭看這件事情... hmmm...