Category Archives: Technology

The Value of a Low Valuation

Business Insider analyzed a leaked email between Evan Spiegel (CEO of Snapchat) and Mitch Lasky, a Board member of Snapchat (Partner at Benchmark Capital). The email was leaked as part of the Sony hack, because the CEO of Sony, Michael Lynton, is also on the Board of Snapchat. Snapchat lost a lot of sensitive emails in the Sony breach because of that connection.

One interesting topic for that Board discussion was Snapchat’s Section 409A valuation. The IRS requires paying taxes as restricted stock vests (or up front if you so-elect) based on the fair market value of the stock. Or, if options, based on the intrinsic + time-value of the options. So maintaining a low common stock valuation becomes a crucial exercise if you want to actually be able to issue any meaningful number of shares to your employees.

Continue reading

The Future of Bitcoin Escrow

Bitcoin has a built-in functionality, called CHECKMULTISIG, where you can require two or more private keys in order to spend a transaction. There are an incredible number of ways you could theoretically use CHECKMULTISIG, but the most obvious use case is a secure escrow functionality. A quick glance at the history of Bitcoin powered services over the last 3 years shows how much the community could benefit from better ways to escrow payments.

Continue reading

CERT Advisory on DNS Amplification Offers Little Hope

CERT released an advisory today on DNS Amplification Attacks.  These attacks are nothing new; in fact dealing with this kind of load is business as usual for the Tier1/2 providers. But I was surprised with how little apparently CERT has to offer in the way of advice to thwart the attacks.

SRP vulnerability when using a 256-bit modulus

Note to reader: This SRP vulnerability applies only if a 256-bit modulus is being used. For example, in Blizzard’s 2 protocol, the modulus is 1024-bit [1].

In my prior blog post, I explained how an attacker can use a dictionary attack to try to guess users’ passwords based on the recent Blizzard data breach, where they were using SRP to store the passwords. Some readers have pointed out, it is significantly slower to dictionary attack SRP than raw SHA1, so SRP at least protects users who have chosen strong / random passwords. However, depending on the bit-length of the modulus, there may be an improved technique which could allow significantly faster attacks.

Continue reading

SRP Won’t Protect Blizzard’s Stolen Passwords

Blizzard announced today they they have suffered a major data breach, and sensitive user data was stolen from their servers.  According to their statement the specific data stolen includes email address, the answer to the personal security question, and information relating to two-factor authentication. They also lost their SRP server-side verifier database, which is the database they use to verify user passwords.

And despite what Blizzard is claiming, I believe the majority of their users’ plain text passwords have been exposed as well.

Continue reading

BrowserID is a step in the wrong direction

Mozilla Persona, the public face of the BrowserID initiative, is a fresh, dead simple, and compelling vision for how authentication should work on the web. Unfortunately, it’s also poorly executed and fundamentally flawed. If you are considering using BrowserID for authentication on your website, the following is my personal assessment on the shortcomings, flawed assumptions, and inherent weaknesses of the current implementation as well as the overall architecture that Mozilla has defined.

Continue reading

Concluding: A better way to store password hashes?

There’s been a lot of discussion about hash collisions and birthday attacks in response to my previous post. If you have small children, you already know a birthday attack is a 140 decibel sonic weapon that spontaneously activates sometime between when cake is served and bedtime. In the course of discussing hashing algorithms however, a birthday attack is whole different matter.

Continue reading

A better way to store password hashes?

Note to reader, this is the first of a two part series.  You can find the second part here.

Ever get that dreadful feeling after doing a password reset, when a site kindly emails your password back to you in cleartext? Nothing is more exceedingly stupid than emailing a user their own password, and yet I encounter these sites with uninspiring regularity.

We all know passwords should be salted and hashed, with a hashing algorithm that runs relatively slowly on current generation hardware. Obvious choices are scrypt, bcrypt or PBKDF2, but this isn’t a religious debate on how to hash. What I’m interested in is, what do you do next?

Continue reading