Anthony Vance

I have now officially started work as a full-time employee of Brigham Young University. This week I attended the university’s annual conferences, and it has me even more excited to be here. BYU is a special place.

This fall I will research full time (no teaching), but I will participate in ISYS 571 “Academic Research in IS”, the first part of BYU’s PhD preparation program. This class, taught by Dr. Paul Lowry, is essentially a first-year PhD seminar. It’ll be fun this fall to review the fundamental concepts of science, research design, and theory building.

I wrote last month about the new hardware encryption feature of the iPhone 3GS, which some have claimed provides the iPhone with “enterprise-class security”. However, now that the iPhone 3GS has been out for a month, Jonathan Zdziarski, author of iPhone Forensics, has shown that the encryption on the 3GS is much weaker than suspected.

In this Wired article and associated Youtube videos, Jonathan shows that while the iPhone’s disk is encrypted, the kernel decrypts the data when it is requested by widely-available open source tools. Jonathan will also demo how this works in an O’Reilly Media webcast on July 29th.

This is pretty laughable security. It is essentially encryption in name only. This is a good example of why it is not enough for a device or software to correctly implement a secure encryption algorithm (in this case AES 256). All other aspects of the system must be designed securely.

I love my iPhone 3GS for its refined UI experience and third-party applications, but it’s clear that security has relatively little emphasis in the iPhone’s ongoing development.

In preparing a manuscript for HICSS today, I googled for a HICSS EndNote style (for the bibliography) but couldn’t find one. Here is the style I created so that someone googling for this same thing can find it in the future:

HICSS EndNote style

Update: Well, that didn’t take long. Two hours later and this post is the top hit when entering “hicss endnote style” into Google. It’s amazing how encompassing Google is.

One of the new iPhone 3GS features that has received little attention this week is hardware encryption. However, from a forensics standpoint, this is probably the most significant feature of the new update. The feature is buried at the bottom of this “more features” page:

Phil Schiller also briefly mentions this feature at 1:52 of the Apple keynote.

Why Encryption on the iPhone Matters

Encryption on the iPhone matters to businesses because the iPhone can store potentially sensitive information. Among other things, forensics investigators can recover the following from iPhones (from iPhone Forensics by Jonathan Zdziarski):

• Keyboard caches containing usernames, passwords, and nearly everything typed on the iPhone.
• Screenshots of the last state of an application before the home button is pressed to return to the main menu.
• Deleted images.
• Deleted calendar entries and contacts.
• A record of the last 100 calls made.
• Viewed Google Maps images and directions.
• Browser history and caches, even when deleted.
• Deleted email messages.
• Deleted voicemail.
• Pairing records establishing which computers the iPhone was synced with.

You might think that extensive forensics experience and knowledge of the iPhone operating and file system is needed to recover this data. However, several specialized forensics tools, such as Paraben’s Device Seizure and the Sixth Legion’s Wolf, have automated this forensics process and can recover sensitive data from iPhones in seconds.

So it is understandable that encryption on the iPhone is a highly requested feature by corporations, according to Phil Schiller. Hardware-based encryption on the iPhone could effectively nullify forensics work on the iPhone.

Remote Wipe: A Potential Weakness

However, one potential weakness in the iPhone encryption scheme is how the encryption key is stored, and is related to another new iPhone 3GS feature, instantaneous remote wipe:

According to Schiller, hardware encryption on the iPhone 3GS enables instantaneous remote wipe. Apparently, rather than overwriting every bit as does the iPhone 3G, a remote wipe on the iPhone 3GS only overwrites the hardware encryption key, rendering all data on the iPhone unintelligible. This explains why if you later recover your iPhone 3GS, you can restore your data by enabling your MobileMe account on the iPhone, which apparently downloads the hardware encryption key to the iPhone, making the data on the iPhone readable again.

Although this feature is convenient, it does pose a potential security problem. If the hardware encryption key is hidden in the iPhone file system without being encrypted itself, then a forensics investigator could find the key and decrypt data on the iPhone. And forensics tools like a faraday cage will prevent the iPhone from receiving a remote wipe command, lengthening the window to find the encryption key indefinitely.

Of course this would require specialized knowledge of the iPhone and cryptography, but that is exactly what forensics firms like Paraben and Sixth Legion have. And their expertise is encapsulated and automated in tools like Device Seizure and Wolf, extending this ability to more general users.

So while hardware encryption on the iPhone 3GS is an interesting development, unless the encryption key is itself somehow encrypted, it will be a matter of time before the forensics community learns a way to find the key and make forensic analysis of the iPhone 3GS possible.

[Update June 14, 2009: Jonathan Zdziarski of iPhone Forensics left an insightful comment below.]

I wrote here that I love security measures that are simple. That is, those measures that improve security but require no more (and perhaps even less) effort than not using them. Here are three more examples.

Passphrases

Passphrases may not be an ideal security solution, but they are more secure and easier to remember and type than typical passwords. The fact is, passwords are the most prevalent form of authentication and they are not going away soon. Passphrases, then, usefully provide a more secure, easy-to-use alternative.

A friend of mine, Dr. Mark Keith of Arizona State University, demonstrated in a scientific study that passphrases are more secure and easier to remember than typical passwords. First, he showed that because the average person’s vocabulary consists of 3,000 words (a low estimate), a five-word passphrase is stronger than an 8-letter password using alphanumeric and special characters (3000^5 > 95^8).

He also showed that passphrases, although longer than passwords, are easier to remember and easier to use than passwords. The key is writing passphrases in standard written English, or what Keith et al. call “word processing mode” (WPM). Passphrases written in this way (like the passphrase above) are not only easier to remember, but they are also significantly easier to type and result in less login mistakes.

SSH Public Key Authentication

This one is more esoteric, but for a server administrator, SSH public key authentication is the model of security through simplicity. Rather than having to remember a password to various servers, a pair of public/private key files can be used to authenticate users instantaneously. Additionally, if a SSH public key is used in place of a password, password-guessing attacks cannot be used.

Automatic Backup

Backup is not typically thought of as a security measure, but it is probably the most important means to protect data from threats, malicious or accidental. The best way to back up data is also the simplest: routinely backing up data using automatic backup software. My favorite offline backup solution is Time Machine, which seamlessly backs up everything in the background, without any user involvement. Automatic backups is probably one of the simplest measures on this list, but also likely yields the most security for data.

IT security solutions typically involve trade-offs, usually in the form of trading increased security for reduced convenience or added hassle. However, not all security measures require this trade-off.

Some solutions—aside from the initial expense in time and money to set them up—require virtually no compromise in convenience. In fact, some may even make tasks more efficient or add functionality. Below are three examples.

Password Manager

Passwords are not elegant. To be worth anything they must be hard to guess, which usually makes them hard to remember. To make matters worse, users are often required to change their passwords on a regular basis, like every 90 days.

But the Web is the worst part. A typical user might have 15-30 user accounts that each require a password. Perniciously, most users soon tire of mentally maintaining a portfolio of unique passwords and relent to using the same password for every web site account. It has been said that the easiest way to steal passwords is to create an online service that requires a password. Whatever password a new user submits is most likely the same password for a dozen other online services.

The way to stop this wheel of pain is to use a password manager. A password manager is software that securely stores all of your passwords. Instead of having to remember 30 or more passwords, with a password manager you only need to know one—the password that unlocks the password manager.

Because so many passwords people must remember are for web sites, the best password managers integrate with web browsers. Using a password manager, logging into a website requires no thought—a simple keystroke retrieves the password from the password safe and fills in the username and password fields. When creating a new account at a website, the password manager generates a password for you so you don’t have to waste any thought coming up with a unique, unguessable password.

My favorite password manager is 1Password for OS X. It has saved me a lot of time and grief. Life is too short to manage passwords.

Full Disk Encryption

Another elegant security solution is disk encryption, which encrypts part or all of a hard disk. It is probably the most transparent security solution on this list because aside from entering in a password, the user is unaware that data is encrypted—there is almost no perceptible slow-down in performance. And, once encrypted, you don’t have to worry about losing your hard drive or protecting certain documents. All of your data are protected all of the time. I currently use PGP Desktop 9.10 for Mac.

VPN

I’ve done a lot of traveling in the last few months and so have used a lot of public Internet access points at airports, hotels, and other locations. Public Internet access points are not always securely configured. In some hotels for example, it is possible to sniff or eavesdrop on the Internet traffic of other guests at the hotel accessing the Internet. This is an easy way to collect passwords and other information.

One elegant solution to this problem is a VPN, or Virtual Private Network. The purpose of a VPN is to create a secure connection through an untrusted network to a trusted one. For example, my VPN creates a secure, encrypted connection to Georgia State University, no matter where I am in the world. All my traffic first is sent to GSU’s network, which I trust, and from there it continues unencrypted to sites I wish to access.

A VPN is elegant because once the VPN connection is established, all traffic is encrypted seamlessly in the background. You can access the Internet as you normally would, but now all of your Internet traffic is encrypted and safe from eavesdroppers.

My favorite VPN client is Shimo. Not only does it support a wide variety of VPN types, it is dead simple. Creating a VPN connection, even with CISCO VPN’s, only takes one button click. Plus, if I suspend my laptop while a VPN connection is active Shimo will automatically create a new VPN connection when the laptop wakes.

After a large file transfer using the UNIX command SCP failed at around 90% for the third time, I finally had the sense to google how to resume an SCP file transfer.

It turns out that you can’t. But you can tunnel RSYNC over SSH which works like a charm. This tip is posted in numerous places online, but my SSH setup at home is slightly different, so I have to modify the SSH option as follows:

rsync --human-readable --partial --progress --rsh="ssh -l username -p 2012"
domain.name:/path/to/file .

This just points out again how great a program SSH is. Its uses are truly multitudinous. It’s like the swiss army knife of UNIX commands.

I successfully defended my dissertation for my Université Paris–Dauphine PhD. In September, I completed my PhD at GSU. I scheduled the defense to coincide wih the ICIS conference, which starts next week.

Before moving west to BYU, my family will move east—and north—to Oulu, Finland, where we will live for six months (January—July). I’ll be working as a visiting research professor in the IS Security Center at the University of Oulu, researching with my coauthor and center director, Mikko Siponen.

Among other things, we’ll investigate whether we can devise a theoretically-based and empirically-supported security maturity model, similar to the Capability Maturity Model of software engineering.

The Information Systems Department of Brigham Young University has invited me to join its faculty, and I am delighted to do so. I’ll start researching and teaching at BYU next fall.

I think highly of BYU’s ISD department, and I look forward to collaborating with them. I also look forward to working with the students of the Information Systems major and of the Marriott School generally.