Having access to something as insanely valuable as a bank 'master key' puts the employees at risk of blackmail, extortion, etc.
That's why you have HSMs, key ceremonies, Shamir's secret sharing etc. It's not just for trust, it's also for protection of those involved.
Unauthorized wire transfers can be undone, or covered by insurance. Loss of life cannot.
- The system is proven to be information theoretically secure (not just computationally)
- It uses only high school math
- The paper is only TWO PAGES LONG
I highly recommend printing this out on a single sheet of paper (double sided) and digging in.
Additional references from the app's About page.
- What is Key Sharding? Shamir’s Secret Sharing Explained (Easy) https://www.youtube-nocookie.com/embed/TQ-DsEZBuQY
- Shamir's Secret Sharing - Solution and alternative to Lagrange (More in-depth) https://www.youtube-nocookie.com/embed/rWPZoz0aux4
This is my favorite video on Diffie-Hellman key exchange which is a slightly different problem (sharing a secret, without the constraint of dividing the key): https://www.youtube.com/watch?v=YEBfamv-_do (oh, hey, same channel! Guess I'll need to check out more videos from here!)
It's also so I can enter for regular maintenance without needing the tenant to be there.
They lost more than $3.2 million from fraudulent transactions and will now have to replace more than 12 million cards for its customers after employees printed and then stole its master key in December 2018. Took them long enough to figure it out.
I can't read anymore. Is there anymore technical explanation?
Was it actually 'printed' ... on paper?
Was it even an actual encryption key or just a password or something?
What it means is that the master secret in the HSM is probably a 128bit AES key. The ways to generate this depend on the ceremony and the particular HSM, but the risk I have encountered in security consulting is the question of whether that master secret itself was just derived from simple components, like pbkdf2("secret phrase known to 3 people", 1000)
The consequence of compromising that key is that an attacker could use it to forge cards, or more usefully, instantiate a virtual card in software to fuzz cryptograms for different account numbers to get available balance information and then personalize cards for those.
> The advantage is that any security issues of USB interfaces or cameras are completely avoided.
There's also the section that enumerates all the downsides for each medium of storage: https://en.bitcoin.it/wiki/Cold_storage#Private_key_backup_s...
This is a huge failure.
So just exporting the private key so easily without some pretty involved hight-tech HSM key extraction sounds insane.
Because losing these keys can be very, very, very expensive.
For an example (somewhat similar to this Postbank case) see India Cosmos Bank 2018 incident (https://www.reuters.com/article/cyber-heist-india-idUSL4N1V5... is one link) where criminals generated fake cards to cash out some $13 million; and replacing 12M bank cards also has an huge cost to replace the cards (perhaps roughly $12M - $1 per card replacement is plausible though possibly on the cheap side) even if we ignore the reputation cost.
They have a page for each signing ceremony:
With a script of everything done:
It was not for security. Ever.
Credit Cards were introduced as a less-secure-but-more-convenient-check.
The store then would have a stock of "blank checks" with absolutely no security features where they would imprint with carbon paper and a pressure roll the credit card information and pretty much "mint" the client a check on the spot.
Over time the raised letters for the crude minting press morphed into a magnetic strip, but the process was still 100% the same. Outside of the US in the last decade (2yrs in the US) some little security was added with encryption keys and PINs. Which is nothing more than a digital signature the bank may or may not check (like it did with the actual signature on the previous mentioned blank checks minted by the store). This is the step that was compromised with the stolen keys. In other words, the few places where you have to insert your card chip into a reader and type a pin had their security degraded to the same level as places where you simply use your magnetic strip or type your numbers on an online store.
Yeah, no. Diners Club was the first credit card and was released in the 1950's to aggregate and streamline paying for things on account. It was, as the name suggests a line of credit. Checking accounts could become credit accounts if they allow overdrafts but this is not the normal intent.
It was not until First National of Seattle released a debit card (also now known as a check card) in 1978 that any of those plastic cards behaved as a check.
It's an important distinction because in one case (credit) the money transferred first is the bank's. This has important implications on who holds the liability and how long investigstions take into fraud allegations.
Chip security was added first overseas because online authorization was less ubiquitous. The US was able to have online terminals pretty much everywhere since the 1980's and knucklebusters became a rare sight in the 1990's. The chip security now is less to prevent card-present fraud in the US, more to prevent reauthorizations of stored CC information (see, target breach). With a chip or NFC the card generates a unique signature for every transaction so there's nothing a POS system could store to reauthorize future transactions.
This is why in the US for credit cards a pin is mostly unheard of and we are finally moving away from signatures which have been obsolete since the time offline batching mostly went away.
Edit: Consider 1980's America was under the monopoly of AT&T. This greatly influenced the design of payment card networks. Europe, for example, probably had probably over 100 different companies in dozens of countries, so universal online authorization was less feasible.
Credit cards, yes, started replacing the high APR credit-checks. And then moved to a mix of this and regular debit checks.
But the actual process, which was what i was describing, was still pretty much exactly the same used to validate a check (whichever type) at the bank branch. Where the bank will draw the funds from is not a important topic when we are talking about process of the transaction itself.
Edit: also the pin is verified each Transaction unlike with receipt signatures, which as you say were rarely checked by anyone.
At least in my experience this has increased a great deal more in the US in recent years.
Unless something changed in the past few years, this is not the case. US debit cards are accepted through Visa or Mastercard's payment network which doesn't require a PIN (this is what it means when you process as credit in the US). Those transactions do not use the debit payment network. https://en.wikipedia.org/wiki/Interlink_(interbank_network).
EDIT: I will add that while POS systems don't have a way to do this up there, ATM's with their notoriously high fees do support cash access through a US debit card.
Liability shift works like this: Historically the merchant is protected if they had good faith belief that the payment card was authorised via things like a mag stripe. After liability shift that goes away unless you use EMV. You checked the card was "real" with just a mag stripe? Not interested, the chargeback comes out of your money.
Your local gas station can keep using mag stripe readers for another decade if they like. But liability shift means places that see significant fraud will have an obvious economic incentive to go EMV, and that shifts the fraud onto nearby stations that didn't have fraud problems, so they go EMV and so on.
If you're a merchant with very low fraud rates it can make sense to do no Authorization step whatsoever. Any merchant, anywhere in the world, can do Settlement, which is the step that moves money from your account to theirs, based just on the card number. Only if it becomes a question as to whether this payment was authorized does it matter whether they did the Authorization step, a mag stripe read, the old fashioned impression machines, or a chip-and-PIN terminal.
Certain types of companies can find it makes sense to do no Authorization for groups of customers. One Click may be an example of that. You did a bunch of transactions, with a physical delivery address, what are the chances that a new transaction with the same delivery address and card details is fraud while the previous ones were not?
When NFC showed up, it was intended for plastic cards. This was pretty widely deployed.
Then software companies integrated it with phones. This made the telcos unhappy, because these phones had a "secure element" that they did not control (traditionally the SIM card was the secure element, but these phones ignored that and that upset them; back then, a carrier being upset meant that your phone could not be used on their network). It also made processing networks unhappy, because they saw that they were losing control. (You don't need Mastercard and Visa when the phone can just use the Internet to ask Apple to authorize the transaction, after all.) So they flat-out stopped issuing cards with NFC. Then the final blow is that merchants were tired of paying credit card transaction fees, so they removed NFC readers from their stores, and banded together to make some shitty system to bill your purchase directly to your checking account. No more paying fees or pesky chargebacks.
The retail side blew up -- no consumer wanted it, and it was technologically bad. NFC readers are back in stores. The carrier side blew up -- SIM cards are gone and Apple or Samsung is your secure element provider. I am not sure what happened on the processing card network. I'm guessing they made some private deal with the NFC payment providers (Apple, Google, Garmin, Fitbit, etc.; enough companies in on the game that they can sit back and watch them fight each other while they profit).
I kind of got to watch this from both sides. I worked on Google Wallet when I started at Google in 2012. Used it pretty much every time I went to CVS. Then CVS removed their readers. Then Apple entered the market, and CVS once again accepts NFC cards.
So maybe gas pumps played a role; I don't drive so I don't interact with gas pumps ever. But there were much deeper problems. A lot of entrenched monopolies stood to lose a lot, so they were happy to impede progress wherever possible. There was never a good possible outcome, though -- let the incumbents keep their power, or let the upstart megacorps become the new incumbent. Plenty of VC money available if you think you can fix this problem, or become the new big guy ;)
Didn't help that thr superior user experience of NFC built into cards was drowned out by the klaxons of the media continuously warning customers of proximity theft.
Wrong threat model, the cheap mag skimmer or camera or unsecured database models were the real risks. It wasn't that someone will stand butt-to-butt with you to steal a NFC token.
You need to do a relay attack. Here's how that goes:
1. Jenny's payment card is in her jacket pocket.
2. Charlie walks into a store wearing a small NFC-capable computer and a medium distance radio (a cell phone might do) perhaps concealed inside his clothing
3. Charlie's friend Barry walks near Jenny, Barry is also wearing a similar setup to Charlie.
4. As Barry gets close to Jenny, Charlie "checks out" at the store, paying with NFC. The transaction travels from a machine near Charlie, through the radio, to Barry (now creepily close to Jenny) and then back over NFC to Jenny's card. Jenny's card agrees to the purchase - everything seems legit.
Jenny just paid for Charlie's purchases even though they've never met.
This attack isn't economically attractive because transaction sizes are limited. A complicated trick that sometimes allows you to get "free" pizza or coffee in exchange for risking time behind bars seems like a bad idea. If you could get a laptop, or a big TV then it might be more attractive, but you can't because those cost too much to allow mere NFC presence authorization.
First, it does not mean that you're getting any money. Such a charge is effectively "sending an invoice" to the issuing bank from the store which is supposed to have that terminal, and they will pay your merchant bank, which will give money to the institution who got issued that terminal. There's no way for the store clerk personally or someone else to get to these funds.
Second, the money is not coming today. You get an authorization message, but you'll receive the actual money later.. if ever. If the payment is disputed, you won't get that money. If it's disputed a month later, they'll take that money back from you. If many of your payments are disputed, then all your incoming funds will be frozen until they verify if all of them should be returned. If multiple payments are disputed, then the standard methods of tracing 'common point of purchase' will reveal the particular terminal as the culprit. Also, malicious merchants is a known threat, so the merchant bank will ensure that you can't just spam a day's worth of fraudulent purchases and run - standard terms will expect that some amount of money is frozen (e.g. rolling 15 days worth of transactions) so if you suddenly get a bunch of chargebacks, the customers will be paid back in full. Fake stores and shell companies are a thing, but there are reasonably effective measures to try and prevent that.
So there's no threat through collusion from a store employee - the fraudsters would get identified and would not get any money at all; and there's limited threat from collusion with a whole merchant - the fraudsters would get identified and can't get any meaningful amount of money. Extracting a couple hundred dollars could probably work - but you're "burning" the identities of multiple people and a company; the bank will 'eat' that loss if you succeed, but you can't repeat this trick.
An employee? Or the store owner?
These terminals don't offer a choice of destination bank account, if you type $16.94 into Walmart terminal and hold it near Jenny's card the card will authorize $16.94 payment... to Walmart.
For an independent merchant (including e.g. franchise operators) in some sense that's their money in the merchant account, so it makes a little bit more sense, but I still don't think it really adds up. It's like opening a bar so you can get cheap booze, the economics don't make sense.
There are opportunities for insider crooks. In the UK for example there were a rash of what are morally skimmers built into chip card terminals. Here's how that worked:
You own one or more stores with shiny new EMV payment terminals. From an instructional video you learn how to prise open a common model of terminal without setting off its tamper detection. Then you use the huge space inside the terminal left for an optional security feature (never implemented because features costs money) to add a board that taps the communication to the card and uses a cell phone connection to upload it. You seal up the tampered terminal and install it at one of your busier stores.
Customer puts their chip card in, the terminal works as expected but unknown to them your modification stores the card details and transmits them to other crooks half way around the world.
The other crooks are making old-fashioned magnetic stripe cards with details that have been uploaded. They send small fry out with these bogus cards to buy stuff in a country that doesn't have EMV yet. The stuff is fenced, and you, back in the country with EMV, get say 10% of the proceeds for your contribution to this international crime.
Some people in the UK got prison time for this. International card fraud is easier to spot (this person bought groceries just outside Luton, then forty minutes later they bought a laptop computer in Hyderabad or Houston?) but until EMV is rolled out everywhere similar tricks will be done.
At the same time fees could be raised 2% for non-chip transactions to incentivize upgrades.
I don't see a bank replacing its customers' forms of payment with a new form that isn't accepted in as many places as the old one.
Shops accepting mag stripe payments are liable for counterfeit fraud. If you use EMV (chip cards), then card brands protect you (Visa, MasterCard, etc.
You can Google it as "EMV liability shift" if you're interested in more details.
Exxon (pre-ExxonMobil) had chip-enabled pumps in the early 90's. Instead of a card, you had a little cylinder-shaped keyfob about the size of a few Tylenols strung together. I'm not sure what happened to that, I ended up moving out of an area served by Exxon.
These days I see gas pumps with the little wireless payment logo, and I have a card with the same logo, but it's never worked for me.
And our (USA) law enforcement agencies promise us that any encryption master keys required by their grandiose plans will only be used in cases with proper legal court warrants (ignore the FISA court warrant abuse based on lies and deceit) and will be super secure and never stolen.
Just like those secret hacking tools stolen from the CIA.
Or these private master keys.
I understand that the illusion of control is very helpful for nervous passengers, but your luggage is leaving your control and it's mostly nylon fabric and plastic.
Also I think they used these locks on handgun / firearm containers that were declared when travelers with a CPL or LEO people traveled. Those are typically put into a hard container that is difficult to open unless you unlock the lock.
EDIT: last paragraph is wrong, please ignore that. Thanks guys.
Deviant Ollam gave an (in)famous talk  about this at Defcon.
"Only the passenger should retain the key or combination to the lock unless TSA personnel request the key to open the firearm container to ensure compliance with TSA regulations. You may use any brand or type of lock to secure your firearm case, including TSA-recognized locks."
If you use a TSA lock, that means they have a key to open up the case and access the firearm without you around. That's a big no-no and could result in problems with the law.
You'd also probably want to show up an extra hour early because this could cause long delays. Some airports are notorious for workers who don't know the regulations, don't want to be responsible for any of it, and will refuse to do anything to help you resolve the situation. Also, definitely don't try this if you're flying through New York or New Jersey.
What’s important is that you don’t have to use a TSA lock. You just have to open it for them if they ask.
> Also, definitely don't try this if you're flying through New York or New Jersey.
However, the TSA agents in NY do not recognize my MI CPL. As a result when I fly back from NY to MI, I could get arrested for carrying a firearm.
More on this here: https://www.theblaze.com/news/2018/01/18/colorado-woman-decl...
To be clear, this rule can be triggered by a flare gun or starting pistol. Traveling with those seems perfectly reasonable and I don't see why a CPL would be required.
Why? If a TSA person unlocks it in accordance with their procedures, surely that's fine (and is what they would do anyway, just getting the key from you first)? If a TSA person abuses their position to open your luggage with their master key against their procedures, surely that's not your problem - more akin to a criminal breaking open your luggage than anything else.
TSA's procedures are as robust as a high school recital of A Midsummer Night’s Dream. The TSA knows this and so when it matters (like when firearms are involved) the rules change.
Most high security locks can be re-keyed. There's no need for it to be keyed to any existing master. I consider that better than "one of these 6 predefined TSA keys that can be 3d printed oh and also it is labelled."
Nor does the threat model of "dedicated attacker" make a lot of sense. If that is your constraint then flying with complete guns is probably not for you.
There are easier ways for criminals to get guns than a mole in the TSA or baggage handling. Like, stores. A decent padlock can secure a gun case beyond the "crime of opportunity" level required for protection in a secured environment like an airport.
If you're really paranoid you can even build in trap pins so attempting picking or using the wrong key can permanently bind the lock. The point is you are in full control of the lock and don't have a government mandated, well understood backdoor included.
Finally, all of this misses the point which is that you can put a firearm such as a starting pistol, flare gun, frame or lower  in your luggage and use whatever lock you want. This means you can protect the rest of your stuff from getting swiped by TSA or baggage handlers.
I'm not sure, those are not my words. Ask swimfar.
It strikes me as simply irresponsible gun ownership although I'm not sure what legal liability that may open you up to.
Again, the point of bringing this up is that you can decide to use an actual secure lock to protect your property if you just put a "firearm" in your luggage. It's not actually about firearms at all. It's about protecting yourself from an obviously broken and exploitable government backdoor.
I am not the one missing the forest for the trees.
It has always been security theater. From day 1. What's most galling is that quite a lot of the people participating here are young enough that they don't remember a time before the theater. If you are under 30 your first plane flight you can remember is probably after this all started.
Locks are mechanical, and a master key can be built by taking apart a lock and measuring the innards. In some cases you can create a master key by filing down the right teeth on a key you already have. Master keys in apartment buildings are an old, known problem to competitive lockpickers.
As other people are pointing out elsewhere in this thread, carrying a firearm requires that you use a lock-lock, not a TSA "lock".
They let the Washington Post take high-res pictures of the masters while supporting them doing a story about the TSA and those got published which was enough to decode the keys.
The TSA is a lot more likely to steal your stuff than some random person with a printed key. Plus, if you use a real lock, they have the right to clip it off, which is trivial. Don't put stuff of value into checked luggage. Keep it on your person or ship it via a carrier who has insurance.
Life hack: you can pack a stripped AR lower, and it's legally a firearm. You must use a non-TSA lock, and the TSA (nominally) is not allowed to open it.
Though your core point is valid: your nylon luggage isn't going to keep anyone determined out.
And why is TSA not allowed to open it?
Edit: I guess AR is Assault Rifle?
When transporting a firearm through air travel, it's supposed to be locked such that only the owner can open it. So you can claim you're carrying a firearm with nothing but a small-ish piece of metal in your luggage.
For illustration: https://i.imgur.com/ARZgZV6.png. The non-transparent part is the lower receiver.
As an aside, the "AR" in AR-15 stands for Armalite Rifle (after the company that originally designed it); not "assault rifle".
But unless you travel with valuables quite often it is definitely cheaper to ship it insured.
I only flew with a stripped lower once, and the baggage attendant at the Delta counter had to wave a TSA agent over because they did not believe it was a firearm. I never had an issue checking a handgun though.
I'm glad we don't need to trust the TSA with following any kind of security protocols. /s
An entity that is bankrupt and barely functional despite having a state mandated monopoly on an entire country's postal system.
As per article they're also running the SASSA social grant system which is a train wreck in itself and has been buried in legal disputes for years (not random small cases...a challenge to the legitimacy of their core mandate on grants).
Someone walking out the door with printed encryption keys sounds about right.
To be fair, plenty of state-mandated monopolies of postal systems still aren't profitable, often because they don't significantly control their revenue stream insofar as they don't set the prices of their products.
Currently people are paying a massive premium to utilize private courier to have their stuff privately couriered. People are literally going f that I don't care what it costs I don't trust the postal system.
A sane postal service would review this situation and try to understand why the people think "f you". SAPO has decided that the correct solution to this situation is to simply legally mandate that everyone has to use their useless service thus making couriers illegal for this category. Literally:
I personally take a pretty dim view on "nobody wants this...fine...so we'll just force it by law" dynamics
The key factor has been unmitigated corruption and ineptitude.
They are actually - and SAPO is trying to legally enforce it. Whether it sticks or not...we shall see.
I sometimes wonder whether accounting is like this too. Is financial audit just as much of a fig leaf? Can a skilled accountant also spot dozens of ways to embezzle?
It was great to see N26 come along and change that, and thank god for their native translations.
How do you summmon dang, with @dang?
The threat model in the two areas is a bit different, so different tactics are used. It doesn't mean that some people are trusted more than others, just that as groups they behave differently.
Is this legal?
Sounds like a lawsuit waiting to happen.
With that prior police authorisation it's legal to record more or less anywhere without those recorded knowing.
The police knowing you were authorised means when Sandra finds a camera in the employee locker room and freaks out, the cops who attend can verify that yes, Sandra's manager's boss got that OK'd two weeks ago when six £700 graphics cards "vanished" versus no this is some camera planted by an unknown creep and if the cops figure out who it was they'll be arrested.
If the "unknown creep" turns out to be the boss, the existence of this authorisation mechanism means they have no excuse - if they'd asked "Hey, can I secretly film my employees to get evidence of theft?" the answer would be "First, go to a police station to get guidance" not "Sure, act exactly like a pervert and just hide a camera".
Like you can record corridors and such, but you can't record him programming at his desk.
In any case it would make sense to have multiple master keys...say use a different master key for each batch of so many cards.. then if one key was compromised it wouldn't affect 12M cards.
All you have are white hat security consultant experts that only have their dollars and reputation to work with. The public is highly vulnerable on those things yet I don't see politicians really caring.
All have had just totally monumental theft often at the top levels. It all seems to be pretty consequence free. Meanwhile, the hawks open immediate investigations and charge people almost immediately who are trying to expose things - which is kind of funny - 10 years to investigate totally obvious theft, 7 days to charge folks who are exposing it :)!
It was really the Zuma years that messed things up and the new folks don't seem interested in any cleanup (the ANC has had a lock on power a long time). They are still a great country relatively speaking in Africa, with incredible potential.
2. "politically motivated assasinations"? Citation wanted, please.
> These prizes seem to be worth killing for. Since 2014 more than 115 Glebelands residents have been murdered. Many were anc members who objected to the ways of Robert Mzobe, an anc councillor accused of corruption, and Bongani Hlope, a local warlord who terrorised residents. “Glebelands is a microcosm,” argues Mary de Haas, a researcher into local violence. Throughout the country violence is regularly meted out by one faction of the anc against another. From 2000 to 2017 nearly 300 political assassinations have been recorded, many of them anc members.
Every citizen who drives a motor vehicle must be issued a driver's licence by the state they reside in. This enables a minimum understanding of how a complex machine (the highway transportation system) works so that other drivers / participants of that system can use it safely. Without regulation, vehicle collisions would be rampant and the system would be far less stable.
Not all government regulation and oversight is bad.
I highly recommend reading the book "Click here to kill everybody" by Bruce Schneier . Bruce has been in the cyber-security world for a long time now and is considered one of the world's foremost experts on cryptography and computer security. In this book he makes projections about the "internet of things (internet+)" and the security problems that will come with it. He strongly advocates for government oversight and legal reform in multiple areas.
FDA still allows companies to hide ingredients under the guise of "natural flavors" and "artificial flavors". I hope you aren't allergic to one of those!
> Every citizen who drives a motor vehicle must be issued a driver's licence by the state they reside in. This enables a minimum understanding of how a complex machine (the highway transportation system) works so that other drivers / participants of that system can use it safely.
License plate technology helps the government (and private companies) know where-ever you are at all times!
Government intervention rarely happens proactively, just as major market changes rarely happen proactively. Supplier failure on a large scale makes it apparent that change is necessary, and only then do changes follow, either from the top down by government intervention, or from the bottom up by the market.
Painters can be masters, carpenters and all kinds of other artists and craftsmen too. Are they no longer masters of their crafts because the word is somehow "not inclusive"? It's not. And it shouldn't be. It takes word to be a master crafter.
What about BDSM, should subs and doms no longer refer to their counterparts as master/mistress & slave?
Apparently this is a controversial issue in some places, and I don't understand why. Maybe HN isn't the best place to gain that understanding, but then maybe I'll be pleasantly surprised?