On 12/02/13 04:49 AM, Kevin W. Wall wrote:
[Full-disclosure: I am not a Bit9 customer; I just get their
spam^H^H^H^H, er, informative product emails, thanks to a colleague
who signed me up for their mailing list.]
Security company, Bit9, has been hacked and have had their private
code-signing keys for their flagship software stolen.
This was discovered only after Bit9 had received reports from its
customers who were using their whitelisting-application software that
malware had been installed on their Bit9-protected networks.
Bit9's explanation is here:
https://blog.bit9.com/2013/02/08/bit9-and-our-customers-security/
They claim they got hacked because they weren't running their own
software...a bit embarrassing to say the least.
Yeah. But frankly, that's all it is. Oh, and 3 customers breached. In
today's threat world, this is nothing to raise eyebrows over.
In addition to
using their own software, you would have thought that they at least
would have air-gapped their code-signing private key, or at a minimum,
secured the private key with a strong passphrase.
Well, that all depends on their business models and their security
models. Two points:
1. There is no absolute security, and all that nonsense in the past
about air-gapping and HSMs and triply redundant secret sharing with Adi
sauce was based on a models ineptly stolen from the NSA and similar
spooks. All models are unique to their owners, and it is high time we
started recognising that "best practices" means "I don't know what to do."
2. And, somewhat related, these models borrowed from the military/spook
lore of the 1990s are now challenged by 2 decades of Internet
experience, which was mostly peace until 2011, and is now mostly war.
What no one seems to be questioning in the first place is why
Bit9 had a *central* code-signing key used to white-list all
the applications in the first place. That pretty much set them
up to be a primary target.
I don't know anything about the _details_ of how Bit9's software works,
but I am aware of how Tripwire works. With Tripwire, each company
generates their own key pair and then use it. The private key
is generally kept offline whenever possible. (For home use, I stored
mine on a dedicated flash drive.)
People sell stuff that people want. It is beyond arguable that nobody
in commercial or business life wants to secure an own key pair and use
it to conduct various voodoo ceremonies in the moonlight with assembled
monks and others in white pointy hats.
What customers want is compliance and cost. If Bit9 can manage all the
certs from the HQ, this sounds fine. (until it doesn't, in which case
we're all agreed it is another selling opportunity :)
What I am trying to still figure out is what the Bit9 security model
was. Certainly they would not have had the customers upload their
entire _proprietary_ executables, DLLs, etc. only to have Bit9 sign
their software as most sane companies would simply not stand for that
and for third party software, it might even imply licensing violations.
Are you sure about that?
...
Personally, I think it would have made for a better security model
if all of Bit9's customers generated their own code-signing certificate.
Have you seen the debates going on over at Mozo central about the
subCAs? Enough to cool the stock price of many a CA ...
Then Bit9 would not have been a target to start with.
Ah, but then the customer would be a target. Now, what is the business
model approach here were you protect the supplier and put the customer
at risk?
This is not
the first time that private keys have been stolen and it is likely
to not be the last. So the best way to avoid this sort of thing is
not to hold the keys to the kingdom and then you won't become
such a huge target to begin with. Sure, Bit9 probably still needed to sign
their own software and distribute a certificate and along with
self-validating code to their own software, but beyond that, it seems
to me to take more sense to take the approach that Tripwire took.
So am I totally off base here in thinking that Bit9 would have better
off requiring that their customers generate their own key pairs? If
so, I'd like to know why.
Thanks,
-kevin
just some late night ramblings!
iang
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography