A digital certificate that expired after 10 years is causing a major outage in German retail payment handling. The involved Verifone H5000 card reader was introduced in 2012 but is still widely in use. Acceptance points have been advised to not power off their devices, because on startup, the failing certificate locks out the device even from updates. The vendor is trying to come up with a solution, which will likely involve USB sticks for local updates.
Report in English: https://www.stripes.com/theaters/europe/2022-05-27/aaefes-esso-credit-card-outage-6146620.html
Details in German (with screenshots): https://www.borncity.com/blog/2022/05/27/strung-der-verifone-h5000-ec-kartenlesegerte-einige-insights-zur-zertifikateproblematik/
While in the past, many issues could be fixed by cleverly scraping together remaining data, this is one of the first nationwide occurrences of a new class of security-related bugs that actively lock out any solution attempt. What is your experience in this field?
(Score: 2, Troll) by AlwaysNever on Sunday May 29 2022, @09:36AM (9 children)
Certificates are cargo cult security, and them expiring and causing DoS is a well deserved occurrence.
(Score: 4, Interesting) by bzipitidoo on Sunday May 29 2022, @01:04PM (8 children)
Indeed it is deserved. There's nothing wrong with certs. On balance it's a good idea. It's misuse of them that's a problem. Automatic timed expiration is a misuse. As I've said before, this instant deadline regime was a stupid idea. There's no graceful degradation. No reason not to have graceful degradation. In an instant, go from working perfectly, to not working at all.
To use a car analogy (uh oh!) it's as if your car was equipped with a device to lock the wheels at the moment you become late making your car payment. You might be rolling along the highway, and suddenly, all 4 wheels seize up. Extra nasty if it locks one more wheel, the steering one.
Seriously, some day, if it hasn't already happened, a cert expiration is going to kill someone.
Even with graceful degradation, expiration is still not a great idea, any more than expiring passwords every 30 days or 60 or 180, whatever time period they pick, was a great idea. Originally, it was a lame way to compensate for crappy systems that couldn't handle passwords longer than 8 characters. The idea was that it might take a couple of years to brute force an 8 character password, and by forcing the user to change it periodically, you force the brute force attack to start over.
To use another analogy, it's like arguing that every day of a person's life, there's a small chance they will commit a crime. The longer a person lives, the more likely they are to be a criminal. At a 99.9% chance you haven't committed a crime on any particular day, 22 years worth of days comes out to just 0.03% chance that you haven't committed any crime at all, ever. Therefore, starting on everyone's 40th birthday, every 10 years those who have not served any time shall be presumed guilty of something, and locked up in jail for couple of days, to pay their debt to society for all the crimes they must have committed but which for whatever reason went unpunished. Or, if not jail, some other punishment, such as a whipping. You have sinned! Yep, sounds like a cult.
(Score: 3, Interesting) by sjames on Sunday May 29 2022, @10:04PM (7 children)
Funny thing about the brute force attempts. Expiring passwords is effective if there is one entity attempting to brute the password in an orderly manner. In the real world where there are enough different entities slowly guessing all over the place, you are just as likely to change your password TO the one someone is about to guess as you are to change away from the next guess.
I suspect that expiration started out more as a source of recurring revenue for cert providers and then got picked up as cargo cultists who heard the excuses and drank the cool aid.
(Score: 1) by khallow on Monday May 30 2022, @12:35PM (6 children)
You're also just as likely to change your password to one someone already guessed and now has to guess again, if they want to guess your password. Think about it.
(Score: 2) by sjames on Monday May 30 2022, @01:31PM (5 children)
I already did, it's 50-50, but given there will be more than one guesser, that makes it a pain in the ass that works out to be a wash as far as security goes.
(Score: 1) by khallow on Monday May 30 2022, @02:25PM (4 children)
No, it's extremely minuscule chances either way. But if the would-be hacker is brute force guessing, then for a stagnant password, the chance of making the right guess goes up as you make more guesses - because you don't have to repeat the same guess twice.
(Score: 2) by sjames on Monday May 30 2022, @08:43PM (3 children)
You need to look deeper at the statistics and examine things more carefully in cases where there is a large number of slow actors (to avoid tripping a tilt switch).
Even if you require daily password changes everywhere, a non-zero number of passwords will be guessed every day.
(Score: 1) by khallow on Monday May 30 2022, @10:42PM (2 children)
The point is that every one of those would-be hackers has to start all over again each time you change a password. For a really bad real world example, suppose your house has a lock with a four digit combination and you have a bunch of bad actors who sneak in and do a few combinations each, trying to get into your house.
Let's say every one of them tries 10 random combinations each day (different every day). Then on the first day there's a 1 in thousand chance any given one gets into your house. But if you don't change your combination ever, then all of them are guaranteed to get in by three years later (by 1000 days when all the codes are exhausted). And the odds of getting in increase with each day, day 1 is 0.1% chance with 0% chance they already got in. Day 500 is 0.2% with 50% chance they already got in. Day 900 is 1% with 90% chance they already got in.
If you change every day, then in that thousand days, you still have a 36% chance (.999^1000 = 0.367... ~ 1/e) that any given bad actor hasn't found their way into your house yet and while they're getting into the house, sometimes multiple times, they only have access for a day each rather than getting access permanently. And each time, they have only 0.1% chance of getting in any given day with the odds of having gotten in before no more than 63% even by the thousandth day.
Sure, I wouldn't store anything valuable in that house, but it's a much better security situation even with lots of bad actors guessing right frequently.
(Score: 2) by sjames on Tuesday May 31 2022, @12:25AM (1 child)
Except that as soon as someone gets in, they'll install a hidden back door so they don't get locked back out. The first one in is your undoing, the other 9,999 don't matter.
(Score: 1) by khallow on Tuesday May 31 2022, @12:31AM
(Score: 5, Interesting) by Common Joe on Sunday May 29 2022, @10:14AM (3 children)
Heh... Because I live in Germany, I can say that I'm experiencing annoyance at not being able to pay for things in certain stores.
In all seriousness, I've wondered how long before we see something like happen with updates to TPM modules. That would be nasty.
(Score: 2) by maxwell demon on Sunday May 29 2022, @10:32AM (1 child)
What stores can't you pay in? There are stores where I can't pay with card because of that issue (but then, there are some stores where I couldn't pay with card before, simply because they don't offer that). But I've yet to find a store where I can't pay with cash (and ATMs still work, too, so getting cash isn't a problem either).
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by Common Joe on Monday May 30 2022, @07:16PM
You got me. In truth, I was partly avoiding shopping because of this problem (although cash is an option in the place where I live) and partly (mostly) because I'm lazy. And I hate shopping.
It was also a slight exaggeration at humor. I sometimes have trouble with humor online. And then you got snared in the semantics of what I said. I meant it one way, but didn't realize it could be interpreted another way -- which you did. Oh well. :)
So, we live in the same time zone. Cool.
(Score: 2) by inertnet on Sunday May 29 2022, @12:29PM
Last Friday one store in the Netherlands had "cash only" signs posted all over the store. I wondered why, because no other businesses seemed to have their problem. I guess they must have had those bricked pin terminals, I didn't recognize them anyway.
(Score: 5, Interesting) by bart on Sunday May 29 2022, @10:34AM (2 children)
According to the german article, these devices were declared obsolete in 2019. They were already suffering performance wise with modern cryptography functions.
This should never have happened.
(Score: -1, Troll) by Anonymous Coward on Sunday May 29 2022, @03:07PM (1 child)
well, in germany it's quite common to hold on to machines until they physically fall apart, because ultimately that's the only way to make some sort of profit once you take care of workers properly.
anyway.
did someone tell these shopkeepers that the machines would be declared obsolete in 2019 WHEN THEY BOUGHT THEM?
(Score: 1) by khallow on Monday May 30 2022, @12:40PM
Wow, that's so different from every other sort of society where they hold onto machines until they physically fall apart, because those things don't grow on trees. Well, not yet anyway.
(Score: 5, Interesting) by Rich on Sunday May 29 2022, @01:38PM
Submitter here. I submitted this, and particularly added the last sentence, because I recently ran into an issue that, to some degree, may affect how many of us work.
The classic contractor pattern with larger corporations is like: Design by marketing committee (they call the shots), implementation by intern (they are available). Product somehow is made to work and shipped. Two years later, something needs to be done. The intern is gone and the contractor has to clean up the mess. In the past, the contractor could have a look at the whole situation and come up with some clever means to scrape together all data involved. He'd fix whatever needed to be urgently fixed, and do what had to be done.
But now, corporations have to implement data protection rules, which can include strongly encrypting user-identifying data and somehow hiding away the keys. With the described development cycle, there's a good chance that at some point the keys become inaccessible. Which is what happened to me. I've been accompanying a long running project for decades now, and whenever something got screwed up, I got called in and could scrape together the remains to get it back on track (*ker-ching*). The last screwup was a data transfer issue between two machines, this time involving GDPR-mandated encryption, and they cleverly locked themselves out of getting their data anywhere. This was the first time I had to tell them "No. With this stuff you can shoot yourself in the foot in a new way where I can't help you anymore like you're used to".
I think that this style of work is very common in the industry, and issues like the above will shop up, requiring larger scale approaches, which will take a lot more effort than is expected from experience, not only in fixing (which may not be possible at all), but also in initial design effort (e.g. you can't really debug if you can't look at the data). Fred Brooks in the "Mythical Man Month" has this square of "Program", "Programming System" (programs interacting, x3), "Programming Product" (usable by others, x3), and "Programming System Product" (interacting programs usable by others, x9), where each step requires a factor of 3 for the effort. I postulate that adding a "Secure" step will also add a factor of 3, therefore a "Secure Programming System Product" would have 27 times the development effort of a single program that locally does the same job for one user.
This "27" will of course be entirely unacceptable to simple brains (who during the pandemic have proven to be unable to anticipate exponential growth), so expect a lot of hysteria. But don't let it get hold of you, and just remember that there is simply an extra factor of 3 in such situations.
(Score: 1) by AlwaysNever on Sunday May 29 2022, @07:10PM (1 child)
On second thought, expiring certificates causing DoS is a clever way to bake programmed obsolescence into IT products (and almost everything is an IT product these days, from cars to anti-tank weapons).
There is money to be made in this approach, for sure. But it looks like that money is going to flow in the direction of capital hoarding institutions, and to the people/workers.
(Score: 2) by driverless on Monday May 30 2022, @01:12AM
For CAs, absolutely. "Real nice business youse guys got dere. Be a real shame iff'n it were to go offline because youse forgot to pays us dis year".
(Score: 0) by Anonymous Coward on Sunday May 29 2022, @07:55PM (4 children)
i suppose it requires:
1. A thing you have (or two(*))
2. A think you know
3. Physical access to device
a physcial computer key, or electronic key. like a usb stick or such (something you have)
a password or pin or whatever you wanna call it. (this is a bit shitty, 'cause you need a slew of buttons to enter the symbol pattern. could be DIP switches on/off, 8 of 'em would give 256 "password" or "pin" combos) you gotta be physical present to flip all possible combos. (somethink you know)
access to device and the DIP switches and/or keyboard to enter secret symbols. (physical access. touchy-feely security)
(*) maybe you want to lock the door or cage with another "thing you have", like a brass key?
for this case, i suppose, a lockable usb-port and 4 or more dip switches (password to activate reading from usb-port) would allow to "flash" a bricked device?
extra point if the file to be flashed on the usb media and the devices usb port have been setup with a private/public key thingy BEFORE just for the firmware update, not the other signing and/or hash, to confirm that it came from manufacturer.
my main problem is "flashing" and/or "upgrading" micro inverters under the solar panels outside without relying on a network "powerline" or wifi or such, excluding any remote update possibilities withOUT physical presence on premise AND being able to touch the device with your hands. (unlike accessing and configuring some terrabit routers from F4r away :) )
powerline requires a filter, else the signal travels to everyone connected to the same transformer, including your friendly neighbourhood saboteur that only needs access to a power socket feed from the same transformer then.
wifi is kracken and all other things bad including being obsolete before the film or tantalum capacitor died (>20 years).
with enough OOMPH! a new electrical grid standard can be "invented" to obsolete micro inverters that don't have a secure(!) update facility :(
(Score: 2) by maxwell demon on Monday May 30 2022, @04:18AM (3 children)
In this case, the keys are there anyway, as you need them to enter the card's PIN.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Tuesday May 31 2022, @12:08AM (2 children)
i won't pretend to understand this private/public thingy.
i suppose i wanted to say that pluging in a empty usb key into virgin device makes it write some random kep-pair on the usb-key.
one now has a master key (and better make a lot of backups).
one of the writen files can be transfered to another usb key.
this usb, having that key will make the usb authorized.
one can now add a "newest-best-flash.v0.4371.bin" to this "authorised" usb and plug it in...to update.
one could also add a step during virgin initilisation, (if the device has human input facilities, to enter a pin).
the file that contains the "authorisation" for the usb would have to be renamed to "1234.pub.key" or whatever to be accepted by device before reading the new.firmware.bin file.
incase of required reset, insert usb with both pub.key and priv.key present and device will repeat steps like it was virgin.
or sumthing.
(Score: 2) by maxwell demon on Tuesday May 31 2022, @05:44AM (1 child)
I think you misunderstood my post: I meant "keys" as in "the things you press on a keyboard". I probably should have used the term "button" just as in the post I replied to.
Note however that I did quote selectively from that post, to make clear to which part I'm replying.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Wednesday June 01 2022, @12:10AM
okay. thank you for reply :)
i understood that some devices in need of update have a "keypad" or "keyboard or such". some don't.
however a usb port can be: keyboard, printer or such.
basically a modern " punch card". the "message" from pluging in the firmware or reset containing usbdisk could be writen to usb, thus turning it into a display or printer. tho one needs a "full" computer to manipulate (read/write) the punch card and/or "printout".
cumbersome for sure, but if it is 99% more tamperproof and how often do we need to flash *shrug*
(Score: 1) by pTamok on Monday May 30 2022, @03:31PM
@jwildeboer - https://twitter.com/jwildeboer/status/1530227390286290944 [twitter.com]