Twelve Commandments for Internet Security

Posted on 2014/07/30 by admin

A reader asked in a comment to my post about unsafe password managers:

So, what is the solution?

It is a good question and prompted me to write this answer.

My Recommendations With Regards to ‘Evil Password Managers’

Always keep in mind that the internet is dangerous and there is no security available and never will be. Because:
All technical solutions to safety, secrecy and security are for phishers, gangsters and secret services what is sh*t for flies.
Distribute your money between several bank accounts at different banks. So if one account is hacked, you will still keep a big part of your money.
For bank accounts, keep a unique password or -phrase for every one which does not resemble any of the others.
If you cannot keep these in mind, write them down onto a sheet of paper.
Write them down with a simple encryption which you can remember and calculate easily in your head. So in the rare case that somebody finds it by chance, he still cannot take your money.
Hide this sheet of paper somewhere in your home. Maybe glue it into a book or the like.
Use an extra computer for doing banking related stuff. Use this computer for nothing else. Do not surf the web or read mails or watch %/*%/@&* on this computer.
Keep it switched off all the time when you don’t need it.
Run an obscure and seldom used operating system on the extra banking computer.
For all medium important stuff – non-banking and not really important but quite annoying if hacked – build a base password or passphrase. Modify this slightly for every of these accounts.
For all fun stuff – accounts where you could live well with them being hacked – use one and the same simple password for all of them.
If I needed to do communication that must stay secret under all circumstances – for example being a freedom fighter in a state run by criminals – I would not use the internet or a phone or any technical thing at all. I would do extremely delicate communication only face to face in real life.

I can not claim that my methods are safe. Because – see point number one above – nothing can ever be safe.

But in my view, my methods are much much safer than using any kind of password manager or things like TOR or encryption algorithms which I do not understand.

What do you think about my solutions to evil password managers? Do you have better ideas? I’d love to hear your opinions.

Problem Steps Reporter

Posted on 2014/07/23 by admin

Surprisingly few software developers know psr.exe, the Windows built-in Problem Steps Reporter. It is a tool well suited to record some steps which lead to a problem in a software and share them with a developer.

It is so much easier to use the psr.exe than to write down step by step and make screenshots on the way.
Psr is so easy to use, everybody can use it and report problems with it. Even your uncle Sam, 87 years of age.
No installation needed. Psr is already there since Windows 7 at least.

Click onto the start button .
Type in psr.
In the upcoming window, click psr at the top.
The problem steps reporter starts.
Click Start Record in the psr.
Do the steps you want to report.
Click Stop Record in the psr.
A Save As window comes up. Save the recording somewhere where you will find it later.
Send the zipped report to the developer by email.
The developer will run the .mht file contained in the zip file by doubleclicking it.
The MS Internet Explorer opens and shows the problem report, with every mouseclick, every dialog box and so on. Very very helpful for the developer.

Advanced

Spy Tool !?

Psr has got a lot of command line options. You could start it automatically and without GUI. The user wouldn’t even notice that it was running. Which makes it sort of a spy tool, says annoyedadmin.
But IMO, psr would make a quite bad spy tool. Because

The keys pressed by the user are not visible.
Psr can maximally record 100 screen shots.

How to Convert Mht to Html

Mht is a Microsoft proprietary format which normally can only be opened by IE. But Goran Atanasijevic has written and GPLed the converter mht2htm.exe which can convert a mht to several htm-files. You can get it from sourceforge or from me. It works well.

Also, a Total Commander plugin for mht-files called MhtUnPack exists. I have not tested this one yet.

Why Password Managers Are Not Safe

Posted on 2014/07/16 by admin

Why Password Managers Aren’t Safe – And Won’t Ever Be

Lately a paper by Zhiwei Li, Warren He, Devdatta Akhawe und Dawn Song from the University of Berkeley has been published which is called The Emperor’s New Password Manager. It reveals that

…in four out of the five password managers we studied, an attacker can learn a user’s credentials for arbitrary websites.

and later in the paper they write

We found critical vulnerabilities in all the password managers and in four password managers, an attacker could steal arbitrary credentials from a user’s account.

I’m not surprised; not at all. IMHO, which I have had since password managers have been invented is: Password managers are evil and cannot ever be really fixed.

Why Password Managers Can’t Be Fixed

There are two main problems with password managers:

Nobody is trustworthy.
Password managers are for phishers and secret services what is sh*t for flies.

Let me explain. Of course,

You can trust any given password manager maximally as much as you can trust the provider of the password manager.

And all providers are untrustworthy because everybody on the net is untrustworthy. Especially when it comes to password managers.

Even if there would be company XYZ which you trusted fully, how do you make sure that the password manager you download from company XYZ is really the password manager from XYZ? You can bet that there exist a lot of hacked versions on the net.

Not trusting the identity of anybody is common sense these days. But aside of this, there are other problems…

Basically there are three possible types of password managers. Each of them is untrustworthy per se, even without identity theft.

A Commercial Company’s Closed Source Password Manager

You can bet that the NSA has built backdoors into it.
And there is a secret law that forbids that the company talks about the backdoors.
Other secret services are very much trying to find out the backdoors or to put spies into the company to be able to introduce their own backdoors.

An Open Source Password Manager

The NSA has built backdoors into it.
Other secret services have built backdoors into it.
Some bright phisher has built backdoors into it.
With many eyes, all bugs are shallow, you say. Heartbleed I say. Oh, and Shellshock, of course.

A Password Manager Built by Yourself

This is a site for developers, so building your own password manager may seem like an option. At least, you will be sure that nobody builds backdoors into it.

But are you really savvy of security related programming stuff? I don’t know any programmer who really is. Maybe there are those. Surely there are those. Probably most of them work for the secret services of the world or are gangsters. 😉

If you are one of the really security savvy developers in the world, maybe you can build your own flawless password manager.

But before you start…. answer these questions for yourself:

How many bugs have you produced already in your career?
Yes, estimate a number.
With this number in mind, how much do you trust yourself?

Of course, even in spite of the bugs in your own password manager, it will be much more secure than all the others: because nobody knows that it exists, nobody tries to hack it.

US-CERT

The US-CERT stated in a paper (cited from Li et al’s paper)

[A Password Manager] is one of the best ways to keep track of each unique password or passphrase that you have created for your various online accounts without writing them down on a piece of paper and risking that others will see them.

Li et al’s view

While idealized password managers provide a lot of advantages, implementation flaws can negate all the advantages of an idealized
password manager …

My view:

Password managers are flawed and cannot ever be fixed.
I won’t ever trust one.
I’ve also written about a kind of a solution to the ‘Evil Password Managers’ problem.

UPDATE, Dec 2017

As I’ve always said, password managers are inherently unsafe. And nobody can be trusted. I’ve been right: Now it came out, that even in an original Windows 10 installation, there is preinstalled a flawed password manager which allows any website to steal any password.

UPDATE, Jan 2018

With the processor flaws Meltdown and Spectre, it is even more obvious, that all of the internet is inherently unsafe. And will always be. Including password managers.

Java for C# Programmers 11: Algorithms

Posted on 2014/07/09 by admin

Algorithms

In Java, there are many algorithms available as static methods of the Collections class. I’m giving here examples for the most important ones.

    import java.util.Collections;    
    List numbers = new ArrayList();
    numbers.add(1);
    numbers.add(5);
    numbers.add(4);                 // 1 5 4
    Collections.sort(numbers);      // 1 4 5
    Collections.reverse(numbers);   // 5 4 1
    Collections.shuffle(numbers);   // 4 1 5
    Collections.swap(numbers, 0, 2);   // 5 1 4
    Collections.fill(numbers, 7);      // 7 7 7

    List num2 = new ArrayList();
    Collections.addAll(num2,  2, 6, 5);    // 2 6 5

    Collections.copy(numbers, num2);    // numbers is 2 6 5
    Collections.sort(num2);     // 2 5 6
    num2.add(7);            // 2 5 6 7
    Collections.rotate(num2, 1);     // 7 2 5 6 
    Collections.rotate(num2, -1);    // 2 5 6 7

    int pos = Collections.binarySearch(num2, 5);    // pos is 1

    pos = Collections.binarySearch(num2, 3);    
        // -> pos is -2. pos is (-(insertion_point) - 1), if the 
        // element is not contained in the collection. 
        // Therefore you can add an element to a collection
        // with a line like the following. 
    num2.add(-pos-1, 3);        //  2 3 5 6 7

    pos = Collections.binarySearch(num2, -8);   // pos is -1
    num2.add(-pos-1, -8);           //  -8 2 3 5 6 7

    Collections.shuffle(num2);      // 2 3 -8 5 7 6
    int n = Collections.min(num2);  // -8 
    int m = Collections.max(num2);  // 7

    boolean b = num2.contains(3);   // true 

    b = num2.contains(4);           // false
    b = num2.containsAll(numbers);      // true;    
    numbers.add(11);        
    b = num2.containsAll(numbers);      // false;   

    b = Collections.disjoint(num2, numbers); // false
    numbers.clear();        // numbers is empty
    Collections.addAll(numbers, 11, 9, 1);  // 11 9 1
    b = Collections.disjoint(num2, numbers);    // true

    numbers.add(11);                            // 11 9 1 11 
    n = Collections.frequency(numbers, 11);     // 2

    Collections.copy(numbers, num2);    
      // -> IndexOutOfBoundsException: Source does not fit in dest

UnsupportedOperationException

Gotcha: In Java, it may be that a collection has the Collection interface but does not really implement it. This is true especially for unmodifiable collections. In these cases, it is common practice that all methods that are not really implemented throw UnsupportedOperationException.

Converting Arrays to Lists And Vice Versa

As arrays and Iterables do not have a common base, you sometimes will need to convert an array to an Iterable and vice versa.

Array to Iterable

To use an array in a function, where a List or an Iterable is required, you can create a fixed-size List from the array. Such a fixed-size List is no real List, it is just a wrapper around the array and has a List interface.

Gotcha: This interface is not implemented out. Only reading functions are implemented. All the others throw UnsupportedOperationException.

void a(Iterable list)
{
    for(int i: ll)
        System.out.printf(" %d", i);
}

Integer[] h4 = {4, 5, 11, 46};
a(h4);      // Compile error: The method a(Iterable)
            // is not applicable for the arguments (Integer[])  

List ll = Arrays.asList(h4);
a(ll);      // ok,   4 5 11 46

ll.add(4711) // **GOTCHA** throws UnsupportedOperationException

Probably it is safer to use only the Iterable interface with
the asList function:

Iterable l2 = Arrays.asList(h4);
a(l2);       // ok,   4 5 11 46

l2.add(4711) // Compile error: The method add(int) is 
             // undefined for the type Iterable

If you need a List with variable size, use the following construct. This will copy the array into a List and not only create a wrapper.

List ll = new ArrayList(Arrays.asList(h4));
ll.add(4711); // ok
a(ll);     // 4 5 11 46 4711

List to Array

ToArray Method

Sometimes, you may need an array but you have a List. Imagine you must use this function:

static void b(Integer[] ll)
{
    for (int i : ll)
        System.out.printf("%d ", i);
}

And you have a List.

List h5 = new ArrayList();
h5.add(89);
h5.add(76);

Then you can create an array of Integer like this.

Integer[] h6 = new Integer[h5.size()];
h5.toArray(h6);

b(h6);  // 89 76

Manual Method

If you have got a function which needs an int[] array like this

    static void a(int[] ll)
    {
        for (int i : ll)
            System.out.printf("%d ", i);
    }

And you have a List like above, then you can of course create an array of int like this:

    int[] h7 = new int[ts.size()];
    for (int i = 0; i < ts.size(); ++i)
        h7[i] = ts.get(i);

    a(h7);    // 89 76

Java for C# Programmers 10: Collections

Posted on 2014/07/02 by admin

Collections

Collections in Java involve several inconsistencies which seem quite odd for a C# developer. To understand some of the oddities of Java collections, you should keep in mind that Java is an old framework and at some points in its evolution, some new paradigms have been introduced and some old paradigms have been changed.

Before Java 5, you had collections that had Object as contained type. Later Java versions have generic collections and generic collection-interfaces. I’ll talk only about the generics here, but am leaving away the mostly.

Collection Interfaces

Modern Java collection handling is based completely on generic interfaces. The basic interface for collections is Collection.

From Collection derived interfaces are

List, Set, Queue, Deque, SortedSet, NavigableSet and the thread-safe interfaces concurrent.BlockingQueue, concurrent.BlockingDeque, concurrent.TransferQueue.

The following table shows the interfaces and the implementations available in Java SE 7. The names are mostly self-explanatory but where needed, some explanations are given under the table.

Interface	Implementing Class	C# Analogon
`Collection`	All of the following	`ICollection`
`List`	`LinkedList, ArrayList, Vector, Stack`	`IList`
`Set`	`HashSet, TreeSet, LinkedHashSet`	`ISet`
`Queue`	`ArrayDeque, LinkedList`	`Queue` class
`Deque`	`ArrayDeque, LinkedList`	`LinkedList` class

ArrayList and Vector are nearly the same, the main difference is that Vector is synchronized and ArrayList is not.
Stack extends Vector and so is synchronized, too.
LinkedHashSet is implemented as a hash table with an added linked list. The linked list orders its elements in the order the elements have been added to the LinkedHashSet.

Map Interface

The Map interface is equivalent to C#’s IDictionary. Map is the base interface of these extended interfaces: SortedMap, NavigableMap, concurrent.ConcurrentMap and concurrent.ConcurrentNavigableMap.

Gotcha: Strange, but true: a Map is not a Collection in Java.

HashMap, Hashtable, TreeMap, WeakHashMap, Properties and LinkedHashMap are the most important implementations of the Map interface.

The difference between Hashtable and HashMap is: Hashtable is synchronized, HashMap is not.
A TreeMap is implemented as tree. It is ordered by key.
LinkedHashMap keeps a linked list which is ordered by the order of insertion of elements into the list.
A WeakHashMap stores keys as weak references. The C# analogon to a WeakHashMap is a Dictionary>.
Gotcha: The WeakHashMap automatically removes an entry if the entry’s key is garbage collected. Of course, a Dictionary> does not remove entries automatically.
Properties can be used for ini-files.

Map Example

Map h = new HashMap();

h.put(20097, "Hamburg");
h.put(76307, "Karlsbad-Auerbach");
h.put(76307, "Karlsbad");

if (h.containsKey(20097))
    System.out.println(h.get(20097));     // Hamburg

System.out.println(h.get(22222));   //  null
System.out.println(h.get(76307));   //  Karlsbad

Set keys = h.keySet(); 
// -> { 20097, 76307 } in unpredictable order.

Collection values = h.values();  
// -> { "Hamburg", "Karlsbad" } in unpredictable order.

Set> entries = h.entrySet();  
// -> { {20097, "Hamburg"},  {76307, "Karlsbad"} }
//    in unpredictable order.

Properties class

The Properties class is a Map that according to docs shall only contain String-String pairs. Nevertheless, and strange but true: it is derived from Hashtable, not from Hashtable.

The Properties class can be used to store ini-like files on disk. An example on how to use Properties to read and write data follows.

Properties p = new Properties();
p.setProperty("a", "A");
p.setProperty("b", "xy");

static void StoreProperties(String filename, Properties prop)
       throws IOException
{
    FileWriter fw = null;
    try
    {
        fw = new FileWriter(filename);
        prop.store(fw, "This is a comment.");
    }
    catch (Exception e)
    {
        e.printStackTrace();
    }
    finally
    {
        if (fw != null)
            fw.close();  // may throw
    }
}

static void ReadProperties(String filename, Properties prop) 
       throws IOException
{
    prop.clear();
    Reader fr = null;
    try
    {
        fr = new FileReader(filename);
        prop.load(fr);
    }
    catch  (Exception e)
    {
        e.printStackTrace();
    }
    finally
    {
        if( fr != null)
            fr.close();  // may throw
    }
}

Dictionary

From Java 1.0 on, there has been the abstract class Dictionary which of course denotes the same concept as the Map. So you will find this in legacy code frequently. Nowadays, Dictionary is deprecated.

IEnumerable, Equals, Indexers, …

equals, hashCode and compareTo

The Java methods equals, hashCode and compareTo are analog to C#’s Equals, GetHashCode and CompareTo. Like in C#, if you use any of the generic containers you must be aware that these methods must be implemented on your classes. Otherwise strange things will happen.

IEnumerable, IEnumerator / Iterable, Iterator

Iterable is the Java equivalent of C#’s IEnumerable and Iterator is the Java equivalent of IEnumerator. The following two code snippets show their usage.

// Java
TreeSet ts = ...;

Iterable t = ts;
for(java.util.Iterator it = t.iterator(); it.hasNext();)
        System.out.print(it.next() + " "); 

// C# 
List a = ...;

IEnumerable  t = a; 
for(IEnumerator en = t.GetEnumerator(); en.MoveNext();)
    Console.Write(en.Current + " ");

Some further Gotchas:

Ordinary Java arrays do not implement IEnumerable. Nevertheless you can iterate over them by the extended for loop.
Collections of primitive types are not allowed in Java. You need to use the corresponding wrapper class. Example: List = new LinkedList();
Indexers do not exist in Java. Access to elements of array-like collections can be done by get(i) instead.

99 Developer Tools

Time tested Tools for Software Developers

Monthly Archives: July 2014