MetaSecurity

Mobile Metadata Mining of Augmented Reality Systems

November 6, 2009 by Douglas Crescenzi

Augmented reality is here. Right now, today. We are about to see some creative developers make some incredibly powerful applications, applications that will change our lives on a daily basis. So what is augmented reality?

In case the concept of augmented reality is still new to you, basically it’s the placement of a digital layer of information on top of a real-life view of the world around you, as seen through e.g. a mobile phone’s camera lens. Using augmented reality, you could be using your smartphone to glance around the main square of a city you’re visiting and get up-to-date information about nearby restaurants, ATMs, real estate offers, and more on-screen, bolted on top of what you’d be seeing if you weren’t looking through the lens.

When I first started this blog about 4-5 months ago, I understood the power of virtual environments, but I focused too heavily on three dimensional spaces. I believe three dimensional virtual spaces, that are Metaverse-like, are still important but I am beginning to take a step back from them. Based on where we are today with mobile computing, social networks, location-based media,and real time information, it is hard not to get excited about the oncoming explosion of AR systems.

Instead of providing a third dimension of internet context, augmented reality has an intelligent virtual layer that interfaces with the real world. Currently, the information residing on this virtual layer is primarily solitary and cached. Soon, users will be interacting with, and collaborating over this virtual layer in real time. The output users embed into the virtual layer from their mobile devices, whether it be text, pictures, audio content, etc. will have core metadata components bound to it. These core metadata components will answer questions associated with mobile output for things like who, what, where, and when. This metadata permeating throughout the AR system makes the system more intelligent. However, it will leave behind a digital trail unique to target individuals.

Scraping these AR systems, and mining this user output metadata, willl become a powerful intelligence gathering tool. Relationships between individuals, their locations, their interests, etc will all be easily ascertained. This information will no doubt provide value to malicious attackers but it will also promote intelligent risk management applications. Organizations and nation states will use aggregated metadata from mobile devices to model scenarios and perform dynamic threat vector analysis.

AR systems will be powerful and provide great value, but individuals must be careful with how they interact with the virtual grid and what they’re willing to embed within it.

Posted in Uncategorized | Leave a Comment »

This is how you kill facebook…(or at least cause them to lose some money)

October 19, 2009 by Douglas Crescenzi

How does one damage facebook to cause them serious monetary losses? I was recently posed this question and did not have an immediate response. It is an intimidating question considering facebook’s pervasive ubiquity throughout the world. facebook is a massive giant with perpetually endless resources and support. It defines the success of social media in the virtual space.

When I was first thinking about this question I was too heavily focusing on it from a low level technical perspective. I was devising overly complex ideas that were unreasonable and could by no means challenge the colossal beast facebook is today. Eventually I had to take a step back and think about it at a high level. Upon thinking about if further, I believe I have come up with something that is really quite simple and wouldn’t be difficult for an organization with adequate resources to pull off.

Let me begin by first acknowledging that the following ideas are by no means novel. Yet these independent, unrelated concepts formulate an innovative idea once amalgamated together.

Often times facebook is viewed as a ‘social networking‘ service provider. I prefer to look at facebook as an identity service where users can autonomously stand up an identity that facilitates social networking. Users rely upon this identity service to interface with people they know (or don’t know) from the real world in a virtual environment. Fundamentally, facebook users must trust facebook’s identity service otherwise the system fails. When users can longer trust this service they will go elsewhere and facebook will lose money.

So, how does one attack this identity service??

In recent months we have seen individuals stand up both twitter and facebook profiles that fraudulently pose as celebrities. This causes a number of problems for service providers because users can no longer adequately trust the identity service they rely on. Questions arise regarding how do I know if I’m really communicating, following, friend’ing, etc. the real person, or someone claiming to be said real person, in a virtual environment? How can I trust someone is who they say they are? This comes back to one of the hardest problems to solve in computer security. Identity management.

As a facebook adversary (or adversary of another organization and leveraging facebook as an attack medium…which I will get into in a minute), it is important to create identity ambiguity on a grand scale. Just because a few randomly selected individuals have multiple accounts, one that is actually legitimate, and others that are fraudulent, the damage to facebook’s reputation as an identity service provider will likely not be tarnished. It is imperative for these fraudulent accounts to become widespread. The facebook population is absolutely mammoth so I do not expect all users or members of their social circles to be effected, but rather enough to raise some red flags, jeopardize user trust in facebook’s service, and cause some users to stop using it.

So, how does an adversary initiate the rampant creation of fraudulent facebook accounts?

Many of those who study virtual worlds and MMORPGs are familiar with the concept of gold farming.

Gold farming is a general term for an MMORPG activity in which a player attempts to acquire (“farm”) items of value which are sold to create stocks of in-game currency (“gold”), usually by exploiting repetitive elements of the game’s mechanics. This is usually accomplished by carrying out in-game actions (such as killing an important creature) repeatedly to maximize gains, sometimes by using a program such as a bot or automatic clicker. More broadly, the term “gold farmer” could refer to a player of any type of game who repeats mundane actions over and over in order to collect in-game currency and items. An organization which organizes farmers is known by some as a sweatshop, though the less value-laden term is “workshop” or “gold farm”.

A motivated adversary or organization (perhaps a facebook competitor) with adequate resources could stand up a fraud farm composed of cheap laborers. These fraud farms and their fraud farmers could repetitively stand up fraudulent facebook accounts. These fraudulent accounts would mimic legitimate accounts. Their pictures, their information, etc. however they would require a different email address. It would not be difficult for a fraud farmer to stand up name appropriate user email addresses to impersonate real ones for real accounts. Also, in many cases, fraud farmers would need to befriend their targets to obtain the information necessary for standing up acceptable fraudulent accounts. We already know how many individuals have no problem accepting friend requests from people they don’t know. They would probably be more inclined to accept friend requests from individuals with the same name. “Wow, this person has the same name as me, how cool!” This really is how many people think. Once this relationship exists, the fraud farmer has the tools necessary to stand up a counterfeit account.

For previously existing relationships between individuals on a social network, determining real accounts of friends versus fake accounts would be trivial. However, it becomes interesting in cases in which new relationships between individuals are being established. It becomes particularly interesting when new relationships are established between individuals from the same organization.

Lets say perhaps I have a fairly large fraud farming operation in some third world country and I’ve decided to target Goldman Sachs. It would be easy to establish facebook friendships with legitimate Goldman Sachs employees via friend’ing them with fraudulent accounts that impersonate other real Goldman Sachs employees. In this case, facebook is being leveraged as an attack medium for an outsider to interface with real, internal, employees. Think about all the things a fraud farming unit could potentially do with these trust relationships??? The possibilities are endless.

Eventually some users and some organizations would lose faith in the identity service facebook is providing. In extreme cases, organizations may even go so far as to ban employees from even having accounts! Think about all the press something like that would get. If anything, it would certainly raise questions regarding the risks of facebook and their services.

I exaggerate a bit with this post’s title. Chances are this would not kill facebook….but it would certainly cost them money. Not only that, this concept also turns facebook into a powerful weapon to target other organizations. It could cause these organizations devastating financial and information losses.

It is becoming apparent that social media and virtual relationships have serious security implications for individuals and their organizations. These trends begin to pose the security questions of tomorrow.

Posted in Crime, Fraud | Leave a Comment »

The Evolution of Social Media and Relational Modeling

October 9, 2009 by Douglas Crescenzi

Alternate reality gaming (ARG) is a relatively new trend beginning to gain serious traction. At its fundamental core, an ARG is simply a communication rich, collaboration environment that coalesces the real world and virtual space. An alternate reality game bridges the metaphysical disconnects between the two environments.

I recently began using foursquare. The folks over there tout foursquare as 50% friend-finder, 30% social cityguide, 20% nightlife game. Foursquare provides a virtual world, that interfaces with the real world. Registered users use Foursquare to connect with friends, update their location (“checking in”), describe what they are doing, and receive points for doing so. The point system and earning badges (the gaming aspect), provide users incentive to do and try new things. Additionally, it encourages them to share information. “You should check out this bar and try their microbrew!” Users themselves provide knowledge rich information specific to a target location. The community makes the system more intelligent and capable of meeting profound knowledge management needs.

From a security perspective, the question I find myself asking, what utility can be found in this information? Instead of focusing upon it at a micro-level (privacy, dangers of sharing location, social engineering, phishing, etc) it is far more interesting to look at it from a macro-level.

A paradigm shift in social media is coming in which the real world and virtual space interact together as a singular entity. This entity is comprised of three fundamental components; people, location, and knowledge. These three components lay the foundation for a dynamic, living, breathing system that evolves over time. The system evolves around how these components are built and structured around each other. It is somewhat analogous to an iterative mathematical process in which operators and operands are used to create complex equations and theorems over time. These complex equations and theorems can then be used as the foundation for future equations and theorems…and so on, and so on.

What is most interesting are the relationships that form between people, location, and knowledge. These relationships build around each other to create profoundly rich links and ties that essentially act as the system’s DNA.

With all of this information, security folks could create models to uncover interesting relationships between individuals, location, and the knowledge associated with them. One could then simulate potential outcomes by incorporating variables into the model. This would enable security professionals to predict future relationships between individuals and their locations and thus reveal common threat indicators and patterns. These models used for exploring existing relationships and simulating future relationships (based on variable inputs) would, with hope, provide cogent foresight for law enforcement.

Posted in Uncategorized | 1 Comment »

Using Ephemeral Clients to Interface with Virtual Environments

September 11, 2009 by Douglas Crescenzi

When I come in to work every morning I follow a standard routine. First, I make sure to grab some coffee and fruit down at the cafe. I then check my email, voicemail, calendar, etc. and plan my day accordingly. Next, I catch up on the news – technical, political, weather, security, sports, etc. Trite, cliche, boring eh? Well, the way in which I go about accessing the Internet is somewhat unique….

A colleague of mine recently turned me on to the concept of ‘ephemeral desktops’. The idea behind ephemeral desktops is simple. The reality is, an attacker can catch any one of us snoozing at any given time. Maybe clickjacking? Perhaps drive-by downloads? Phishing malware? etc. Inevitably, every organization at some point or another will have an employee fall prey to persistent malware and put their company’s network at risk. Ephemeral desktops are a great tool for mitigating persistent malware threats. How do they do this? What exactly does this mean?

Getting back to my daily routine…before I check the news, I load a custom Ubuntu 9.04 live CD (that my colleague has put together). This Ubuntu live CD is read-only with a few useful applications to assist me in doing my job including both SSH and VPN clients. The idea behind the ephemeral desktop, in my case the tinkered with Ubuntu live CD, is that nothing can be written to disk. This means, no persistent malware can be written to disk because I am manipulating the Internet with a browser on a read-only CD. Perhaps, while using my ephemeral desktop, I browse the Internet and accidentally download some form of persistent malware. It really doesn’t matter. The next time I boot from my Ubuntu live CD I will be starting, once again, from a clean state. I can lose the battle but still win the war.

The idea behind lightweight, ephemeral desktops, is auspicious considering the direction we are headed with the cloud. As for virtual environments, users require a client to interface with a particular environment. Currently, virtual environments rely too heavily upon these clients for functionality (scripting and condensed physics engines). It may be interesting to pursue research concerning ephemeral clients (with similar principles to the ephemeral desktop) that will always start from a clean state. Despite what malicious content may or may not have been downloaded from a previous virtual experience, a user can trust that no persistent malware has been written to their disk.

Posted in Uncategorized | Leave a Comment »

NATO to implement virtual world

September 8, 2009 by Roderick Jones

Wired reports that NATO is going to implement virtual worlds to improve administrative ability especially around training and meetings.

Posted in News | Leave a Comment »

Security Visualizations of Complex Systems in Virtual Environments

September 2, 2009 by Douglas Crescenzi

A few weeks ago I was fortunate to attend a talk concerning the utility of virtual and synthetic worlds. One idea mentioned was the concept of using virtual environments as a means of which to visualize and interact with complex systems. From a security perspective, complex systems and the amalgamation of varying components often result in many unforeseen security issues. Systems interacting with, and depending upon one another in ways they were not originally designed will leave holes in the fabric (a fun platitude for security folks to chew on once more). Unfortunately, no revolutionary solution for devising uniform, comprehensively secure systems from their genesis are coming any time soon. So what can the security community do to compliment these manifold systems?

This idea of using virtual environments to visualize complex systems is very powerful, especially from a security perspective. Visualization would provide security engineers (network admins, application developers, etc) to see, dynamically, how systems are working and interacting. For instance, if a Web server begins to see heightened traffic rates, perhaps a visual image of the Web server (a blue server box or something to make it uniquely distinguishable) would expand to raise a red flag of a potential DDoS attack. Perhaps, a visualization of a complex system would allow admins to see what different protocols (lines w/ different colors?) are being used for disparate systems to communicate. Maybe, with regards to the “cloud“, visual representations for depicting VM segmentation and resource allocation could be used to symbolize data leaks between VMs, exposure to the host and hypervisor. The potential ways to use system visualizations via a virtual environment are endless. The next question is, how can one trust the visualizations one is seeing? But that’s for another day…

What about the ease of which users would be able to interact with their infrastructure? No more manually grep’ing through log files and modifying systems via command line and shell scripts. It’d be much easier to visually see a comprehensive view of one’s infrastructure and be able to make modifications with a few mouse clicks. Instead of interacting with complex systems by means of such complex methodology, we should be working to interact with them in more simplistic, intuitive ways.

Today, every systems engineer devises many system and network diagrams before deployment and implementation. But these forms of documentation are static. We need to begin implementing living visualizations that dynamically interact with our living systems.

Please understand this is simply conceptual and would require quite a bit of work to take place under the hood, but it’s fun to think about.

Posted in Uncategorized | 6 Comments »

Armed Avatar Cyber Weaponry

August 4, 2009 by Douglas Crescenzi

I was recently doing some work with everyone’s favorite linux live distro, BackTrack, and had an amusing thought. Wouldn’t it be interesting if cyber criminals (and even nation-states) began developing Armed Avatar Cyber Weaponry. What exactly do I mean by that? Today, many penetration testers take advantage of lightweight, live linux distros like BackTrack and Samurai for their testing. These live distros come with a number of prominent security tools for doing all sorts of things including information gathering, network mapping, vulnerability identification, privilege escalation, reverse engineering, forensics, etc. BackTrack, Sumarai, and other pen testing linux distros essentially act as a hacker’s tool belt making it easy to store and use their favorite tools. Why not do the same for avatars?

In Second Life, a virtual environment with a rich client scripting language (LSL), users have the ability to create avatars that come with an inventory full of malicious scripts and tools. These armed avatars could be bought and sold in the same way identity info, credit card numbers, and zero days are marketed in today’s cyber underground. Nation-states could create massive armies with these avatars to combat adversaries and disrupt their order of operations in the virtual environment.

The avatar’s operator need not know a great deal concerning cyber security and coding. Instead, they would simply need to know how to effectively utilize their malicious tool set (ie: executing scripts, deploying inventory objects, etc). Also, these armed avatars would look and act just as any other avatar in the environment. Users would have no idea which avatars were armed with malicious tool sets in their inventory until it was too late.

We continue to see nation-states, terrorist organizations, and cyber criminals effectively utilize cyperspace as a platform to facilitate asymmetric warfare. Despite lacking financial and military resources, they are able to exploit cyberspace and level the playing field. They understand today’s information age and society’s dependence upon cyber technology and telecommunications. As three-dimensional virtual environments become more pervasive armed avatar armies may become a very real threat. Until then, it’s fun to speculate.

Posted in Crime, Extremism/Terrorism | 3 Comments »

Spime Networks and the future of Intelligence Collection

July 30, 2009 by Roderick Jones

I recently had the fortune to attend a seminar by David Orban on the ‘Internet of Things’ hosted by Singularity University at the NASA Ames Research Park. This subject is of deep interest with regard to the future collection of intelligence a fact acknowledged by the National Intelligence Council’s Disruptive Civil Technologies Conference (appendix F). The basic idea surrounding the ‘internet of things’ is that all things become nodes in a global network and to some degree act autonomously or to put it another way, “Our washing machines can ask for soap”. This new or developing network creates a new category of object, known as a Spime [SPace +tIME] – a phrase coined by the science fiction writer Bruce Sterling. A Spime was defined by David Orban as an object with memory, computing capacity, location awareness and sensors. These Spimes already exist just not yet to scale. The leading driver of spime networks was initially thought to be RFID tags but actually it is smart phones that are providing the most compelling current platform. A great example of one such, spime is an application developed for the iphone by WideTag – called WideNoise. This uses the iphone to collect decibel readings posting them to a map to determine where the quieter areas in the world are. Following the presentation we divided into groups to design a Spime.

Citizen as Sensor

The Spime I developed in conjunction with two of the SU students was an Intelligence tool – ‘citizen as sensor’. Taking as a start point the success that the Ushahidi project had in tracking both Kenyan post election violence and war-time activity in the Gaza strip we speculated on what an autonomous app might look like, which ran on a smart phone applying a similar theme. Using the idea of unique sound signatures our app, in its first iteration, ‘listened’ for sounds to report them back to a central database. Sounds such as gunfire, military vehicle movement or even militia on horseback provide a unique signature, which could then be used to provide a much richer intelligence picture of events on the ground. Over time other sensors could be layered into the app to monitor the environment for chemical or biological agents or to provide rapid analysis of images. As a system we conceived of this as an open environment. As a quid pro quo for participation, the citizen has the option to subscribe to areas of local interest for feedback, planning and awareness.

spime

The technology clearly already exists for this kind of app, identifying unique sound signatures using a smart phone is present in shazam [which identifies the song playing in a particular locale] the collection of unique sound signatures is also beginning to extend in a variety of different areas including mosquito’s. Therefore empowering global citizens to collect a richer level of local intelligence is clearly currently within reach and could be used for their own benefit.

Of course the downside of such a system would be the ability of the bad actors to also use and abuse the data. So far studies on the effectiveness of systems like Ushahidi have shown it remains effective even allowing for misinformation attempts. However, this remains a potentially insurmountable concern. Secondly is the actions of national governments who could shut down cell networks or put pressure on hardware providers to take certain applications down [this last scenario is becoming a constant with Apple’s iphone]. There are some potential solutions for this, P2P cell phone functionality seems like an obvious one, as well as the broad adoption of open platforms such as Android.

While Spime networks seem futuristic they are already here and present current opportunities to collect a richer intelligence picture than was previously possible. It takes little imagination to conceive of a DHS or even NYPD smart phone applications that monitors local conditions based on sound signatures and feeds them back to both government responders and the community of users. The future of intelligence collection may be sitting in the Apple App Store.

Posted in News | 2 Comments »

President Obama in Second Life

July 10, 2009 by Roderick Jones

President Obama is scheduled to appear in Second Life tomorrow (Saturday) morning at 8am EST.

The event is being hosted by USC Annenberg across a number of platforms including the virtual worlds Second Life and MetaPlace.

Official Details below:

Global Participation: Re-defining Citizenship
Date: Saturday, July 11, 2009
Time: 8:00 AM Eastern / 5:00 AM Pacific

Locations:
USC Annenberg Island in Second Life, SLURL: http://tinyurl.com/SLobamaghana
Interval in Metaplace, URL: http://metaplace.com/Interval

On Saturday, July 11, a global conversation will push definitions of citizenship by demonstrating how new technologies enable global civic participation. Citizens from numerous countries will meet together in virtual worlds to collectively watch a speech from President Obama, view Twitter feedback on his talk, and a join in discussion with musician and activist D.N.A. (Derrick Ashong), Ambassador Kenton Keith and African historian Professor Tim Burke. It will be hosted in the virtual worlds of Second Life and Metaplace.

President Obama will speak to a live audience in Ghana, Africa. His speech will recognize Ghana’s stable democracy and leadership in the region. It is expected that Africans from all over the continent will converge for this momentous speech. The White House is using a Twitter feed which will enable individuals from around the world to participate in the conversation and share their thoughts with President Obama.

This event, hosted in virtual worlds, provides a public sphere for people to come together as citizens sharing independent views which in turn shape the political institutions of society. These conversations, literally hosted in a virtual physical space, are essential for the marketplace of ideas in our globalizing society. Following the event will be music from D.N.A. Please join us for this historic event.

ObamaSL