Castellucci, whose pronouns are they/them, acquired this remarkable control after gaining access to the administrative account for GivEnergy, the UK-based energy management provider who supplied the systems. In addition to the control over an estimated 60,000 installed systems, the admin account—which amounts to root control of the company’s cloud-connected products—also made it possible for them to enumerate names, email addresses, usernames, phone numbers, and addresses of all other GivEnergy customers (something the researcher didn’t actually do).
tl;dr: hacker (the good kind) exploits weak encryption key to gain access to the utility’s management system. Because you too were probably wondering how key length and power generation could possibly be related.
Wow, props to Castellucci for being a stand up person and not using their discovery to control or mess with tens of thousands of people’s power supply. And props to GivEnergy for not turning around and suing them after they reported finding the issue.
This could have gone badly in either direction, but we lucked out that this Castellucci seems to be an excellent and conscientious citizen.
How in the fuck do you even coax software into using a key like that? Did someone just say “yeah just use the smallest size possible, that’ll be okay” and then just like not care?
From the article:
In an email, a GivEnergy representative reinforced Castellucci’s assessment, writing:
In this case, the problematic encryption approach was picked up via a 3rd party library many years ago, when we were a tiny startup company with only 2, fairly junior software developers & limited experience. Their assumption at the time was that because this encryption was available within the library, it was safe to use. This approach was passed through the intervening years and this part of the codebase was not changed significantly since implementation (so hadn't passed through the review of the more experienced team we now have in place).So, it sounds like they don’t have regular security audits, because that’s something that would absolutely get flagged by any halfway competent sec team.
No need for audits. It’s only critical infrastructure embedded into tens of thousands of homes, lol.
Yet another reminder that trust should be earned.
This was an incredibly interesting article.
Right? I feel like ars technica has been on a roll this year
I subbed because I’ve really enjoyed their content for the past few years
You have to wonder how many other things are out there with effectively worthless encryption because some old document or default option told them to/allowed them to implement it without any ‘hey! some 14 year old with a TI-83 could crack this key!’ warnings.
There was a book with a Bitcoin wallet generator code in it that specifically said that it was vulnerable and was only to be done as a demo test and yet somebody released a wallet with that code and fucked a bunch of people over on accident.
You know, at least when I’ve had to generate RSA keys for SSH, it seems like the highest I can possibly do is 4096. Just makes me wonder why you can’t generate a key of any links that’s a multiple of 1024. Such as, what if I wanted a 20,480 bit key?
Current recommendation is to stop using RSA in new deployments altogether. ECC is preferred now, and the major programs (OpenTLS, OpenSSH, etc.) support it.
Thats ECDSA correct? Or is that something different?
ECDSA
Yup, that’s an implementation that uses ECC (elliptic curve cryptography).
ECDSA is elliptic curve digital signature algorithm. Key exchange is usually done with ECDH (elliptic curve Diffie-Hellman). There has been some debate on the exact best way to do ECDH, but I think the FOSS world is currently settled on Curve25519. Anyway, it is best to leave stuff like that to specialists if you’re not one yourself. As mentioned, OpenSSL and OpenSSH both provide working implementations so go ahead and use them. The NIST curve P256 is also perfectly fine as far as anyone can tell. It has a mathematical drawback that it’s especially easy to make mistakes and screw up the security if you don’t know what you’re doing, but the deployed implementations that are out there have been checked carefully and should be ok to use. Bitcoin uses P256 so if anything were wrong with it, someone would have broken it and gotten pretty darn rich ;).
deleted by creator
Yet another reason to never connect your devices to the cloud.
