We would considerably enjoy it if the cryptography crises limited themselves to one per day. We know, however, that it is only a wishful thinking.
Unintentional exfiltration of keys
Here is the stumbling block – Superfish practises a man-in-the-middle attack on all HTTPS (or also other TLS) connections coming from the computer. Superfish looks as trustworthy certification autority (CA) whose root certificate is installed at the disposal site of certificates. During the access to an arbitrary HTTPS secured page Superfish changes the original chain of certificates and signs it “from its CA“. As a matter of course it does not control at all whether the original chain was the right one.
If you e.g. open the pages of the bank on a computer with Superfish, this Superfish will be stated at the certificate as editor (instead of normal CA). Worse is the fact that the CA certificate as well as corresponding private key can be extracted and used for decoding or handling of the operation from these Lenovo machines. And this can be done by someone who is sitting next to you in an internet cafe. Or it can be done by ISP on its routers or arbitrary black-hat attackers.
It took to programmers about one to two hours before they extracted the certificate and private key enabling anybody to be able to realize the described man-in-the-middle attacks.
By uninstalling of the programme Superfish, however, the problematic CA certificate is not removed from the disposal site. Here is a test which tells you whether your computer is attacked by Superfish adware and instructions for removal.
Intentional exfiltration of keys
The GSM protocol has a lot of known security failings, some of which are better addressed in 3G, 4G or LTE. The breakthrough of the GSM secret code A5/1 is one of known defects – docoding without keys can be done in almost real time while using a common hardware with pre-numbered rainbow tables. Even the newer secret code A5/3 is not much better off.
Much quicker than any breakthrough, however, is to simply steal the keys. NSA and GCHQ attacked the networks of various mobile operators and manufacturers to gain access to authentication and accounting servers. By access to accounting servers, e.g. a redirected call or sending a SMS which was not sent by the real sender can be masked.
The multinational network of the Gemalto company was totally interlarded by backdoor and the keys to SIM cards and other smart cards which are pre-programmed by Ki keys from which other keys for GSM communication are derived were stolen. The stolen keys include also the so-called OTA keys (over-the-air-update). OTA keys can be misused for remote installing of applet to SIM card – e.g. for diverting calls or compilation of the main operating system of telephone.
The spys gained access to the network of Gemalto and other operators in such a way that they passed through transmitted e-mails and guessed and assessed the “best“ addresses of potential goals. Consequently they selected those ones which either had access to databases of keys or relevant data were sent by means of these accounts (e.g. passwords to (S)FTP servers). It was probably very helpful that a lot of addresses were those of “cloude operators“ such as gmail.com and msn.com – NSA as well as GCHQ have for a long time been “pinned in“ there.
Some transmissions of keys of SIM cards were without coding, some were with coding and, as far as it is known, the reporting services did not manage to decode the messages coded with OpenPGP/GnuPG. The very networks of operators were being attacked in “standard“ ways – spear-phishing of selected people, exploitation and installation of “implants“ into servers.
It can no more be said that “it is not my business“. Reporting services and many big companies want data of all.
Another way of mass compromitation of end stations is the spreading of malware through big advertising systems. The operator is not able to guard it and he learns of it late, if he learns of it at all. During this time millions of computers have already been attacked. A recent big case – as late as a month ago, the attackers used Google AdWords for distributing malware. AdWords are everywhere. Because of the use of this advertising system, also various renowned and often visited pages of Forbes type acted as source of infection.
At present it is already good to block the advertisement for stated reasons as security measure.
Kleptography – “cryptography by stealing“ – is probably more effective than cryptoanalysis and it will probably be noted even more.