Silence of the LAM

An unauthenticated arbitrary object instantiation vulnerability in LDAP Account Manager (LAM) has been discovered during an internal penetration test.

LAM is a PHP web application for managing entries such as users, groups, or DHCP settings in LDAP directories via a user-friendly web front end, and is one of the alternatives to FreeIPA. Its included in Debian repositories.

But a vulnerability discovered by researcher Arseniy Sharoglazov could allow an attacker to create arbitrary objects and achieve remote code execution (RCE) in one request, and without any out-of-band connections.

**Under construction**

The technique depends on exploiting the construction , with the variable standing for the class name that the object will be created for, and the variable standing for the first argument that will be passed to the object’s constructor.

“When you code in any programming language, you can use good or bad programming practices. The usage of the construction new , which instantiates arbitrary objects, is a bad practice, if and come from a non-controlled input,” Sharoglazov tells _The Daily Swig_.

"It’s a dodgy construction. However, no one showed that it’s really dangerous, so some people think that everything should be alright.”

While the technique requires the Imagick extension, he says, this is usually present in larger websites, including the LAM system itself.

Read more of the latest infosec research news

Sharoglazov says that similar arbitrary object instantiation vulnerabilities have been around for quite some time, but aren’t usually reported as such.

“For example, you might read about an SSRF in a commercial software. If you knew the PoC, you would see that it’s actually an arbitrary object instantiation with the usage of the SoapClient class, for instance. But for the public it will be just SSRF,” he says.

“Or you might read about an SQL injection. But it’s actually an arbitrary object instantiation exploited via a user-defined class which has an SQL injection. This technique, which I found and described, shows how to exploit an arbitrary object instantiation directly to RCE.”

**Coordinated disclosure**

Sharoglazov says the disclosure process went quickly and efficiently. He first reported the flaw on 16 June, with LAM 8.0.1 released on June 29, Debian packages updated on July 5 and public disclosure on July 14.

“I wrote to Roland Gruber, the developer of LAM, and I got an initial reply in just one hour,” he says.

“We discussed what needs to be done to fix the vulnerabilities, and the hardening process that will make LAM way more secure. Afterwards, we did a coordinated disclosure with him and Debian.”

**RECOMMENDED** Microsoft Teams security vulnerability left users open to XSS via flawed stickers feature

LDAP Account Manager bug poses unauthenticated remote code execution risk

Inaugural report from cyber safety panel outlines strengths and weaknesses exposed by momentous security flaw

Inaugural report from cyber safety panel outlines strengths and weaknesses exposed by momentous security flaw

The ‘Log4Shell’ vulnerability in open source library Log4j has reached “endemic” proportions and the aftershock could reverberate for “a decade or longer”, according to a landmark US government report.

The inaugural report by the Cyber Safety Review Board (CSRB) provided 19 recommendations for how organizations and government agencies can bolster their networks and applications against the threat.

The CSRB was established in February 2022 by the Department of Homeland Security (DHS) as mandated by a cybersecurity-focused Executive Order that was signed by President Biden a year earlier.

The public-private initiative is tasked with reviewing serious cybersecurity events and delivering strategic recommendations to government, industry, and the information security community.

**‘Transformational institution’**

The Log4Shell vulnerability, which surfaced in December 2021, offers a potent combination of super-criticality – notching a maximum CVSS severity score of 10 – and enormous attack surface given Log4j’s near-ubiquity in providing Java-based logging to myriad applications.

Secretary of homeland security Alejandro Mayorkas said the CSRB was a “transformational institution that will advance our cyber resilience in unprecedented ways”, and its report will help “strengthen our cyber resilience and advance the public-private partnership that is so vital to our collective security”.

Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, said the report was unusual in providing “a comprehensive review of the impact and root causes of a cyber incident so quickly”.

DON’T FORGET TO READ Prototype pollution in Blitz.js leads to remote code execution

The CSRB report (PDF), published on July 14, said “vulnerable instances of Log4j will remain in systems for many years to come, perhaps a decade or longer. Significant risk remains.”

The Apache Software Foundation, which maintains Log4j, was praised for its “well-established software development lifecycle” and “for recognizing the criticality of the problem” in quickly issuing patches.

The report also hailed the rapid production of effective guidance, tools, and threat information by vendors and governments.

Further down the supply chain, however, “organizations still struggled to respond to the event, and the hard work of upgrading vulnerable software is far from complete across many organizations”.

Moreover, the event highlighted “security risks unique to the thinly-resourced, volunteer-based open source community”, which the CSRB said needed more support from both public and private sector stakeholders.

**‘Hard to believe’**

The report said the CSRB was “not aware of any significant Log4j-based attacks on critical infrastructure systems”, and that hostile exploitation seemed to have “occurred at lower levels than many experts predicted”.

However, Matt Chiodi, chief trust officer at security vendor Cerby, found these claims “very hard to believe”, noting that – as the CSRB itself acknowledged – organizations are not obliged to report exploitation of serious vulnerabilities.

Read more of the latest Log4j vulnerability news and analysis

Chiodi also said the recommendations, which among other things cover mitigating ongoing Log4j risks and migrating to a proactive vulnerability management model, “are too opaque for companies to implement in their current form”.

He advised organizations to get “deadly serious about knowing your assets and moving toward a zero-trust architecture”, noting that “most organizations have terrible asset management practices”, particularly in relation to “homegrown applications in the cloud”.

Mackey, meanwhile, cautioned against “reliance on a commercial vendor to alert consumers of a problem presumes that the vendor is properly managing their usage of open source and that they are able to identify and alert all users of their impacted software – even if support for that software has ended.”

With this in mind, “software consumers should implement a trust-but-verify model to validate whether the software they’re given doesn’t contain unpatched vulnerabilities”.

RELATED Bug Alert launched to provide early warning system for super-critical vulnerabilities

‘Endemic’ Log4j bug set to persist in the wild for at least a decade, US government warns 

Chain of exploits could be triggered without any authentication

Chain of exploits could be triggered without any authentication

Blitz.js, a JavaScript web application framework, has patched a dangerous prototype pollution vulnerability that could lead to remote code execution (RCE) on Node.js servers.

Prototype pollution is a type of JavaScript vulnerability that allows attackers to exploit the rules of the programming language to change an application’s behavior and compromise it in various ways.

The new bug, discovered and reported by researchers at Sonar, allowed attackers to manipulate the code in the Blitz.js app to create a reverse shell and run arbitrary commands on the server.

**Prototype vulnerability in dependencies**

“Blitz.js is an upcoming JS framework that gained traction on GitHub,” Paul Gerste, vulnerability researcher at Sonar, told _The Daily Swig_. “We selected it in order to help secure its code base and study real-world vulnerabilities.”

Blitz is built on top of Next.js, a React-based framework, and adds components to turn it into a full-stack web development platform.

**DEEP DIVES** Prototype pollution: The dangerous and underrated vulnerability impacting JavaScript applications

One of the advertised features of Blitz.js is its ‘Zero-API’ layer, which allows the client to invoke server-side business logic through simple functions without the need to write API code.

Blitz.js makes an RPC call to the server in the background and returns the response to the client function call.

“Blitz.js adds an RPC layer on top of Next.js (among other features), and that layer uses superjson to deserialize data from incoming requests. The vulnerability is entirely inside of superjson,” Gerste said.

As an extended version of JSON, superjson adds support for dates, regexes, and circular dependencies. The circular dependency feature allows JSON specifications to reference property names, which caused the prototype vulnerability. An attacker could use these property names to change the running code on the server.

**RCE on Blitz servers**

Gerste discovered a chain of exploits that could be triggered through the prototype pollution vulnerability and lead to RCE.

First, a polluted JSON request is sent to the server, which triggers the routing mechanism of Blitz.js to load a JavaScript file with the polluted prototype. This allows the attacker to use the malicious JavaScript object to execute arbitrary code.

Read more of the latest infosec research news

Ideally, an attacker would create and run a file on the server. But Blitz.js does not support upload functionality. However, it has a CLI wrapper script that uses JavaScript’s function to launch a new process.

The attacker could use this function to launch a CLI process and run an arbitrary command on the server.

  
  
Prototype pollution in Blitz.js (Image: sonarsource.com)

What makes this vulnerability especially dangerous is that it can be triggered without any authentication, which means any user who can access the Blitz.js application will be able to launch RCE attacks.

“An attacker would have the same level of privilege as the vulnerable application,” Gerste said. “So, if the application runs as root, the attacker would also have root privileges.”

**Complicated bug**

Prototype pollution bugs often act in very complicated ways. For example, in the case of Blitz.js, the CLI wrapper object was not vulnerable per se but could be abused by the prototype pollution bug.

“This attack technique leverages a code pattern that isn’t a vulnerability in itself,” Gerste said. “Prototype pollution can influence the target application in a very invasive way, and it would require a lot of work to get rid of all code that could be influenced by prototype pollution.”

In his write-up of the bug, Gerste gives some general recommendations that can harden JavaScript apps against prototype pollution, including freezing or using the flag in Node.js.

“I think prototype pollution is still unknown to many JavaScript developers,” Gerste said. “I don’t see developers use the patterns that we recommended in our article very often. With our blog posts, we try to help educate JavaScript developers and share this knowledge.”

**YOU MIGHT ALSO LIKE** Microsoft Teams security vulnerability left users open to XSS via flawed stickers feature

Prototype pollution in Blitz.js leads to remote code execution

Private healthcare information was accessible since 2006

Private healthcare information was accessible since 2006

The private health information of more than 4,000 patients was left exposed for 16 years by a US medical transplant center.

Virginia Commonwealth University Health System (VCU) announced that sensitive data belonging to both transplant donors and recipients was available to view by others on a patient portal since 2006.

The healthcare provider said that 4,441 people were affected in the breach, which concerned data, including names, Social Security numbers, lab results, medical record numbers, and/or dates of birth.

This information “may have been viewable” to transplant recipients, donors, and/or their representatives when they logged into the recipient’s and/or donor’s patient portal, VCU said.

**Discovery**

The data leak was discovered on February 7, 2022, and more information about the types of data involved was found on March 29 and May 27.

VCU has not yet released any details about how the privacy incident occurred, but said that there was no evidence that any information has been misused.

Speaking to _The Daily Swig_, Ashutosh Rana, senior security consultant at the Synopsys Software Integrity Group, speculated over what may have happened, determining that it was likely a “typical case” of misconfiguration.

Rana said: “From the limited information out on this, it seems to be a typical case of design issue or misconfiguration, where a patient (donor or recipient) can access someone else’s data without actively exploiting any weakness in the system.

Read more of the latest data breach news

“Any user just needed to login to see someone else’s information because it \[is\] meant to be that way by the design of the system.

“Patient portal is a critical part of any healthcare system, so it is surprising to see this flaw was undetected for that long. The good part is that it seems any patient has to have a valid account (donor or recipient) to be part of this incident which contains the incident in some sense.”

They added: “These days many health care systems are designed in way where sensitive information like SSN, DOB or other PII/PHI is either not shared at all or at least masked on the screen by default, also viewing them needs an additional step-up authentication.”

A spokesperson for VCU told _The Daily Swig_: “Potentially viewable by organ donors and recipients were data such as lab results, medical record numbers, dates of surveys and birthdays. Donors could only view one recipient’s information, if any.

“The number of donors the recipients may have viewed depended on the number of potential donors who were tested.

“We are insured for this possibility and have worked with the cybersecurity experts available to us through our insurance coverage to resolve the issue.”

**YOU MAY ALSO LIKE** US eye clinic suffers data breach impacting 92,000 patients

More than 4,000 individuals’ medical data left exposed for 16 years

Authentication controls added to defend against account hijack threat

Authentication controls added to defend against account hijack threat

The English Premier League has introduced two-factor authentication (2FA) controls to its official Fantasy Premier League game (FPL), offering football fans the option to secure their accounts.

The debut of 2FA for the 2022/23 season follows a wave of account hijacking attack allegations over the last two seasons. Miscreants were said to have made multiple player ‘transfers’ from compromised accounts, leaving victims with weaker fantasy football teams while simultaneously racking up penalty points.

BACKGROUND Fantasy Premier League account hack surge prompts plans to introduce extra login checks for football fans

Victims struggled to make up lost ground and for many, their whole season was ruined. The as-yet unidentified attackers, whose potential motives could range from mischief to sabotage, were also in the habit of changing hacked victims’ team names.

**Third parties caught ‘offside’**

The FPL game had more than nine million players last season, but the wave of hack attacks seemed to have disproportionately targeted the most successful teams – those ranked in the top 100,000 of players.

Success in FPL allows players to win mini leagues and secure bragging rights over their friends. Getting ahead in the game requires close or at least weekly attention to the form and fixtures of Premier League stars that FPL participants select.

Although some compete in paid entry mini-leagues, the free-to-enter FPL is a hobby for most. Even so, many devote considerable effort to putting together the best possible squad, a task aided by a community of FPL YouTube channels and team selection assistance websites.

Some of these team selection sites offer the option of signing users using login details from the official FPL game rather than creating a new account with the third-party website. This practice leaves many at risk of so-called credential stuffing attacks if any of the FPL team management or stats sites they use happens to be breached.

Catch up on the latest password security news and analysis

Back in September 2021, early in the 21/22 season, the Premier League blamed account takeovers on users sharing login details with unnamed third-party websites.

“There is no indication or evidence of a security breach on the accounts of these individuals via fantasy.premierleague.com or the Premier League mobile app,” it said at the time.

One team management website, Fantasy Football Hub, suffered a hack weeks later in October 2021 that exposed usernames, emails, and hashed user passwords.

In response to the ongoing issue, the Premier League initially went for the half measure of tweaking how the game worked so that managers were prevented from making more than 20 transfers in a single game week, except in cases where a free hit chip was in play.

The change was criticized by the community as inadequate, prompting the Premier League to promise the introduction of 2FA – but only from the 2022-23 season onwards.

**4-4-2FA formation**

This pledge was honored with 2FA becoming a supported feature in the recent re-launch of the game for the 2022-23 season, ahead of the kick-off of games on August 5.

Adding two factor authentication to an account means that simply knowing a user’s login name and password is not enough – you also need a 2FA challenge code, typically a varying six-digit number that’s generated by an app.

The technology has been used by corporations for remote access to email for years, but more recently has become widely available to consumers as a means to add safeguards first to email, then social media, and now online gaming accounts.

The introduction of 2FA to fantasy football has been welcomed by the community, even though there have been some quibbles that the feature is tricky to find and not the easiest to activate.

In a typical response, Twitter user @FPL\_Eire said: “Big thanks to @OfficialFPL for listening to the FPL Community and adding this to the game. Getting hacked is a stuff of nightmares for FPL managers so thankfully we won’t see this happen to anyone this year as a result.”

YOU MAY ALSO LIKE ‘Dirty dancing’ in OAuth: Researcher discloses how cyber-attacks can lead to account hijacking

Fantasy Premier League football app introduces 2FA to tackle account takeover hacks

Mozilla’s message to MEPs appears to be gaining traction, says senior public policy manager at the non-profit

Mozilla’s message to MEPs appears to be gaining traction, says senior public policy manager at the non-profit

Mozilla has stepped up its efforts to dissuade EU lawmakers from forcing web browsers to recognize the validity of contentious web certificates created by the bloc.

The non-profit architect of the Firefox browser has launched a campaign urging Members of the European Parliament (MEPs) to amend proposals tabled by the European Commission (EC) that would oblige browsers to accept Qualified Website Authentication Certificates (QWACs).

**QWACkers**

The EU created QWACs in 2014 to validate a website’s professed identity and therefore – in theory – protect users from fraud, malware, and surveillance.

However, QWACs, which are based on somewhat discredited extended validation certificates, have failed to gain much of a foothold in the web ecosystem in the eight years since their introduction.

Mozilla argues that QWACs are inferior to the existing, longstanding web authentication ecosystem, and that the EC proposal would bypass “the critical first line of defense against cybercrime on the web”.

With MEPs expected to vote on the proposal in October, Mozilla launched a #SecurityRiskAhead campaign yesterday (July 13) with a carnival-style duck-fishing game pitched outside the European Parliament in Brussels.

BACKGROUND EU web authentication plan threatens to undercut browser-led system, detractors claim

Owen Bennett, Mozilla’s senior public policy manager for Europe, told The Daily Swig that Mozilla’s message appeared to be gaining traction.

The QWACs amendment – article 45.2 – was deleted from a recent draft report (PDF) for the EU’s digital identity framework in order to accommodate revisions, and various security-related amendments have already been tabled in parliament, he said.

An open letter urging a rethink, published in March by 38 security experts, was “a big turning point” in persuading MEPs, Bennett believes.

The Internet Society, Electronic Frontier Foundation (EFF), and the world’s largest certificate authority, Let’s Encrypt, have also campaigned against the proposal.

**Trusted system**

The browser-led web authentication system in place sees certificated websites using the TLS-encrypted HTTPS protocol and displaying a padlock icon in the URL address bar to advertise their secure status.

DON’T FORGET TO READ HTTP/3 evolves into RFC 9114 – a security advantage, but not without challenges

Web – or SSL – certificates are currently issued by more than 100 certificate authorities (CAs), which are vetted by Mozilla and other leading browser makers, including Google, Microsoft, and Apple.

Critics of QWACs, which are issued by ‘Trust Service Providers’ (TSPs) approved by governments of EU member states, argue that they cannot draw on comparable technical expertise and resources. They can also point to the fact that hundreds of millions of web users happily submit payment card details online as evidence that the status quo is widely, and justifiably, trusted.

Mozilla takes its message direct to MEPs by pitching up outside the European Parliament

Mozilla CSO Marshall Erwin warned that if the well-intentioned EC proposal were “copied elsewhere, the regulation will give the tools to governments to carry out state-sponsored surveillance of internet traffic”.

Mozilla cited large-scale snooping campaigns by Iran’s theocracy in 2011 and the governments of Kazakhstan and Mauritius in 2020 and 2021 respectively as examples of the activity the regulation could enable.

**‘Ceiling on website security’**

“Article 45 puts a ceiling on website security,” said Bennet. “It says you must accept QWACs, not put in place any additional protections, and not take action when a certificate authority is found to be compromised. For us that creates an untenable risk to Firefox users.”

The EU’s digital identity framework will be incorporated into the electronic Identification, Authentication, and Trust Services (eIDAS) regulation, which was enacted in 2014 to facilitate the emergence of a European internal market for trust services.

RECOMMENDED Decentralized Identifiers: Everything you need to know about the next-gen web ID tech

Bennett said the campaign was not seeking to “blow up the whole regulation”, but that Mozilla simply wanted “some small tweaks” to give browsers the “discretion to take action when an entity issuing QWACs doesn’t meet existing security standards or poses a security risk”.

A spokesperson for the European Commission told The Daily Swig:

The eIDAS Regulation is technology neutral. QWACs were introduced in 2014 as a means to enhance trust and reduce fraud and is used to ensure trusted transactions in the PSD2 environment (as a means for Payment Service Providers to identify).

The concerns raised by the browser community is based on an understanding of the technical implementation of the obligation to recognise QWACs which is not supported by the Commission legal proposal. The Commission proposal intends to achieve recognition of QWACs in the browser environment, which can be achieved without interfering with existing root store policies and web browser security requirement. There is no reason why a certificate issued as trustworthy according to EU law should not be recognised as such by the browser community.

In collaboration with the relevant standardisation bodies and the availability of commonly and globally accepted standards, the implementing act referred to in Article 45 will set out the technical specifications/references to the applicable standards which will enable the recognition of QWACs in accordance with the above.

YOU MIGHT ALSO LIKE Oblivious DNS-over-HTTPS offers privacy enhancements to secure lookup protocol

Crunch time for EU web authentication plan as Mozilla launches campaign to protect status quo

The friendly image sent by your colleague on a teleconference may be hiding a malicious secret

The friendly image sent by your colleague on a teleconference may be hiding a malicious secret

A security researcher has found that attackers could abuse the popular sticker feature in Microsoft Teams to conduct cross-site scripting (XSS) attacks.

Microsoft Teams, alongside comparable teleconferencing services including Zoom, have experienced a surge in popularity over the past few years.

The Covid-19 pandemic forced organizations to adopt work-from-home models whenever possible. In the aftermath, employees have often been given the option of either staying remote or going hybrid.

With so many users, any vulnerability in Microsoft Teams could have widespread impact. As such, cybersecurity researchers, including Gais Cyber Security’s senior cybersecurity specialist Numan Turle, have examined the software for potential flaws.

**Sticky subject**

In 2021, Turle uncovered CVE-2021-24114. Issued a CVSS score of 5.7, the bug was discovered in the preview process of images sent via Teams to leak Skype tokens (PDF) and trigger an account takeover vulnerability in Teams iOS.

A year on, the researcher decided to examine Microsoft Teams’ sticker function for new security issues.

**RELATED** Vulnerability in Microsoft Teams granted attackers access to emails, messages, and personal files

When a sticker is sent via Teams, the platform converts it into an image and uploads the content as ‘RichText/HTML’ in the subsequent message.

Turle inspected the HTML request using Burp Suite and tried out typical attributes – to no avail, due to the protections offered by Microsoft’s Content Security Policy (CSP).

CSP is designed to mitigate a range of common web attacks, including XSS.

However, after plugging the CSP into Google’s CSP Evaluator tool, the researcher found a CSP defect – the field was flagged as unsafe, which paved the way for potential HTML injection attacks against multiple domains.

**Trying a different angle**

Microsoft had plugged these security holes via Azure domain changes. So, after digging deeper and inspecting Teams in-browser, Turle uncovered a JavaScript element, , that could be used as an alternative.

jQuery with Angular is a JavaScript framework for managing HTML and CSS interactions. However, this version was out of date and vulnerabilities in the outdated version (1.5.14) – could be utilized to bypass the CSP.

Read more of the latest security vulnerability news

After crafting a malicious iframe with help from HTML encoding, the researcher was able to create a malicious payload, sent via the stickers function in Teams, to trigger XSS, obtained through user interaction.

Turle disclosed the XSS issue to Microsoft on January 6. The vulnerability was patched in March and the researcher was awarded a $6,000 bug bounty.

_The Daily Swig_ has reached out to Gais Cyber Security and Microsoft and we will update when we hear back.

Full details can be found in a technical blog post from Turle.

**INTERVIEW** Vivaldi browser founder Jon von Tetzchner puts privacy at the center of development

Microsoft Teams security vulnerability left users open to XSS via flawed stickers feature

Flaw in Amazon’s Kubernetes service has since been fixed

Jessica Haworth 13 July 2022 at 14:29 UTC

Flaw in Amazon’s Kubernetes service has since been fixed

A vulnerability in AWS IAM Authenticator for Kubernetes could allow a malicious actor to impersonate other users and escalate privileges in Kubernetes clusters, a security researcher has discovered.

Tracked as CVE-2022-2385, the now-patched vulnerability could allow an attacker to impersonate other users and escalate privileges in Elastic Kubernetes Service (EKS) clusters configured with template parameter.

An attacker could craft a malicious signed request to Security Token Service (STS) endpoint that includes the same parameter multiple times with different values.

**Authentication bypass**

Researcher Gafnit Amiga of Lightspin detailed in a blog post how an attacker can send two different variables with the same name but with different uppercase and lowercase characters – for example, they are able to send both ‘Action’ and ‘action’.

Amiga explained: “Since both \[variables in the vulnerable code\] are… ‘’, the value in the dictionary will be overridden while the request to AWS will be sent with both parameters and their values.

“The cool thing is that AWS STS will ignore the parameter it does not expect, in this case AWS STS will ignore the action parameter.

Read more of the latest news about security vulnerabilities

Amiga wrote: “Because the for loop is not ordered, the parameters are not always overridden in the order we want, therefore we might need to send the request with the malicious token to the AWS IAM Authenticator server multiple times.

The vulnerable root cause was present since the first commit in October 2017. As such, both the changing action and unsigned cluster ID tokens were exploitable since day one.

The exploitation of the username through the was possible since September 2020.

**Fixes issued**

Amiga told The Daily Swig that the vulnerability was difficult to locate, and that it was also tricky to notice that values can be overridden while STS ignores unexpected additional request parameters.

“I tried other attack vectors hoping to manipulate the HTTP client, but they protected against them,” Amiga said.

Amazon has since patched the issues which Amiga said has “improved the process significantly”. The researcher added: “The entire process was one month, and they kept me updated during the process. We also coordinated the disclosure.”

The updates are fixed in version 0.5.9. More information can be found in Amazon’s security bulletin.

YOU MAY ALSO LIKE ‘Dirty dancing’ in OAuth: Researcher discloses how cyber-attacks can lead to account hijacking

Vulnerability in AWS IAM Authenticator for Kubernetes could allow user impersonation, privilege escalation attacks

A man for all four seasons

INTERVIEW Jon von Tetzchner has launched not one, but two web browser companies in his career.

Today, he is CEO of Vivaldi Technologies, the business behind the Vivaldi browser, which launched in 2016.

Before that, von Tetzchner co-founded Opera Software, to develop and market browser technology originally developed by Telenor, the Norwegian state telecoms firm.

Catch up on the latest browser security news and analysis

With Vivaldi, von Tetzchner has developed a browser that’s optimized for privacy and security. The intention is to keep Vivaldi free of charge, and the company employee-owned.

**A night at the Opera**

In addition, Vivaldi will continue to serve the needs of more technical users.

“I’ve been doing browsers as long as I have been alive, more or less,” von Tetzchner told _The Daily Swig_. “I started doing browsers in 1994. This is my second browser company… After I left Opera, Opera went in the same direction as all the other browsers.”

The software developer continued: “Browsers are competing, mostly on how good their distribution is. We think that there is a need for a browser that has a different approach and different thinking.”

Jon von Tetzchner, CEO of Vivaldi Technologies

**Taking back control**

Part of Vivaldi’s mission, according to von Tetzchner, is to give users more control over their browsing experience.

“You’re spending so much time in front of your browser. It’s the most used tool in the world. If you’re going to be using a browser, isn’t it great to have a browser that actually takes into consideration your needs as a user and not just some random, median person?”

The technologist describes the browser as a “cross-platform application platform”.

“What we have is the ability to write applications that will run anywhere, and you can run almost everything in the browser,” von Tetzchner explains. “Most of the time, when you are running applications now, it is really in the browser. It’s using web technologies, just in a separate window.”

**Big browser is watching you**

The trusted status of browsers as a platform through which multiple applications run raises critical questions around security, and privacy. Von Tetzchner stresses that Vivaldi is not in the business of collecting personal information. But data collection and tracking on the web, including for advertising, is a real issue.

“I don’t think from a security perspective, you can ignore the fact that our data has been collected in the ways that it is, and I think it’s a massive security problem,” he said. “And we are seeing the consequences of that on a daily basis.”

**YOU MIGHT LIKE** What does the future hold for browser security? Check out the latest features destined for mobile and desktop

“Most people don’t realise the quantity of the data and the kind of data that is being collected,” von Tetzchner added. “It is whatever you do on the web, and it’s not just the pages that you view. It is the links that you click, how long you watch, what you hover on, where you stay on the page. There’s a lot of details that I don’t think people realise.”

Von Tetzchner adds: “And then there’s the location information, including Bluetooth beacon technologies, which will track \[you\] inside buildings. Worst of all, is the collection of that information into a single profile. It’s definitely a ‘1984’ kind of situation.”

The Vivaldi co-founder says this data collection leads to internet users being targeted, be it for their political beliefs, what they read, or their tastes in music. “The privacy side is a massive security problem and it’s being used in the worst-case scenario, for warfare,” he warns.

**On the wrong track**

Ultimately, von Tetzchner would like to see user profiling banned.

He concedes that there are legitimate reasons to collect user data: traffic information, or health data, as long as it is used only for that purpose. But going beyond that, and profiling users, is not justified.

“The fact that the data exists, doesn’t give the company the right to misuse it,” von Tetzchner argues. “You would not expect your mailman to read your mail, you wouldn’t expect your telco to listen to your calls and you wouldn’t expect the carpenter to make an inventory of your furniture. So, it’s just a question of what’s reasonable.”

Read more of the latest browser security news

Von Tetzchner raises concerns about spyware, and objects to technologies that track users between sites. He believes that most internet users accept “normal ads”, not those that follow the viewer online. The browser pioneer feels these encourage business models that “invent news or copy news”, rather than rewarding those who create original content. And tracking is pushing internet users towards ad blockers.

“In a way going back to the model that we had before \[trackers\] would be better for all… I think a lot of people wouldn’t mind seeing ads, but I think they’re being scared with the level of tracking that’s happening.”

This has prompted Vivaldi to give its users more control over the types of data that they share, in contrast to most other browser companies.

**Chromium codebase**

When it comes to securing the browser application itself, von Tetzchner views Vivaldi’s place as within the Chromium ecosystem.

Vivaldi is based on Chromium code, with security issues and fixes mostly contained within the Chromium ecosystem.

“We do changes to that code,” von Tetzchner says. “A lot of that is related to privacy, \[for example\] not calling home as much and stuff like that. But overall, there’s a multitude of companies using the same code base, all trying to keep it safe.”

YOU MAY ALSO LIKE Chromium browsers vulnerable to dangling markup injection

Most of Vivaldi’s user interface (UI) technology is web based, especially for the desktop clients.

But, if there are code changes for security, or other reasons, then the firm releases them back into the Chromium community as open source software.

Users, though, whether individual or in corporations, need to look after their own security, ensuring that operating systems and other tools are up to date.

“If you think about it, we’ve had massive hacks… the reality \[is\] the wealth of information in these \[online\] platforms is huge. It shouldn’t be accessible in any way. And it shouldn’t be collected in this way.

“There’s really bad things that can happen with people hacking all kinds of devices, particularly as we are moving forward with the internet of things, with proprietary solutions, quite often with hardware which is great, with software that is not. Maybe running outdated operating systems and the like. I do think that is a security issue. All devices that you’re able to connect to are hackable. And again, if they’re, in addition, collecting information that makes it even worse.”

It is for users to guard against vulnerabilities.

“It is basic things like making sure that everything that you’re running is running updated software. Obviously, running a browser that doesn’t spy on you is a good idea as well,” von Tetzchner advises.

“Be careful where you go. Don’t go to stupid sites. Don’t give your information to random people. Use the password manager so you don’t use the same passwords everywhere.

“Use a mail client. The reality is, if you’re using webmail quite often it will show you the HTML mail. Is it enabling tracking? People don’t think about that. \[It\] may be just by reading an email you’re giving \[up\] information. And that obviously shouldn’t be that way.”

**Vroom, Vroom**

Over recent years, Vivaldi has added a mail client, calendar and feeds to its product suite.

But von Tetzchner does not see that as the limit. The company recently ported their browser to run on the Polestar range of electric cars.

“This is Android automotive, and there’s a lot of manufacturers that are going in that direction,” he explains. “And as part of that package, there is no browser. So, we saw an opportunity to go in there. I mean, what’s the point of having internet in your car if you can’t do anything with it?”

This, von Tetzchner says, is the other part of Vivaldi’s mission: “delivering the browser as widely as possible”.

“It’s like working on a real computer,” von Tetzchner said. “If I’m doing serious work, I like to have a keyboard and now I have a keyboard in my glove compartment. I can get real work done, if necessary, even if I don’t have my computer.”

Whether opening up browsers to the automotive world brings more security and privacy concerns, remains to be seen.

RELATED Cloudflare CTO John Graham-Cumming envisages a frictionless future for website Turing tests

Vivaldi browser founder Jon von Tetzchner puts privacy at the center of development

A new white paper from NCC Group details the myriad security threats associated with machine learning models

A new white paper from NCC Group details the myriad security threats associated with machine learning models

Organizations are increasingly using machine learning (ML) models in their applications and services without considering the security requirements they entail, a new study by security consultancy NCC Group shows.

Due to the unique ways that machine learning systems are developed and deployed, they introduce new threat vectors that developers are often unaware of, the study finds, adding that many of the old and known threats also apply to ML systems.

**Uptick in use of machine learning**

“We’ve seen a steady uptick since around 2015 in our customers deploying ML systems, and although there was a sizeable body of academic literature, there wasn’t much practical discussion of ML-specific security issues around back then,” Chris Anley, chief scientist at NCC Group and author of the study, told _The Daily Swig_.

Initially, Anley saw machine learning being deployed in very niche applications. But today, ML models are increasingly used in more general web areas, such as content recommendation or workflow optimization.

“We are now seeing chatbots used for customer support and other text-based applications like sentiment analysis and text classification becoming fairly popular – with all of the privacy and security implications that you’d expect,” said Anley.

**Wide range of threats**

One notable study in the field, _Practical Attacks on Machine Learning Systems_, provides an overarching view of the ML threat landscape in real-world applications.

It details some of the threats that are specific to machine learning models and their training and deployment pipeline:

*   Adversarial attacks: Input data is modified with human-imperceptible noise to change the behavior of the ML model.
*   Data poisoning and backdoor attacks: The training dataset is compromised and modified to make the trained ML model sensitive to specific triggers.
*   Membership inference attacks: Querying the ML model to determine whether a specific data point was used in its training set.
*   Model inversion attacks: Querying ML models to recreate their training data in part or whole.

While these kinds of threats have been thoroughly studied and documented by academic researchers, the NCC researchers focused on recreating them in practical settings where ML models were deployed in real-world applications such as user identity verification, healthcare systems, and image classification software.

Their findings show that carrying out attacks against ML systems in the real world is practically feasible.

**YOU MIGHT ALSO LIKE** Post-quantum cryptography hits standardization milestone

“I think that it is fairly startling that there are dozens of papers describing exactly how those attacks work,” Anley said. “We've replicated a few of the results in those papers in ‘demo’ form, and we’ve successfully conducted simulated attacks on similar lines with customers. Although these privacy attacks aren’t as straightforward as, say, SQL injection\-driven data breach\[es\], they’re certainly practical.”

The study also shows that ML systems are often vulnerable to malicious payloads embedded in machine learning models, vulnerabilities in the source code of machine learning libraries, security holes in machine learning pipelines, SQL injection attacks against web-hosted ML systems, and supply chain attacks against the dependencies used in machine learning software.

**Complex data security landscape**

“Data breaches are always a concern, and there are some fundamental aspects of ML that change the privacy risks,” Anley said.

First, ML systems perform better as the volume of data on which they are trained increases, so organizations potentially have to handle large volumes of sensitive information.

Second, trained models don’t have role-based access control – all training data is aggregated into the same model.

And third, experiments are a crucial part of ML development, so it’s important for large volumes of data to be accessible to developers.

“Securing ML systems can be difficult because of these issues, especially if the application handles sensitive data,” Anley said. “Developers often now have access to extremely powerful credentials, so it’s important to carefully consider who needs to do what, and restrict where you can, without impeding the business.”

**ML threats on the web**

The emerging threats of ML systems have direct consequences for the web ecosystem, Anley warns.

“I think the main concern that's emerging from the literature is that it's possible to extract training data from a trained model, even when hosted on the web, behind an API server, and even under some fairly stringent conditions,” he said.

Read more of the latest infosec research news

Various studies, including some that Anley and his colleagues reproduced in their research, show that information extraction attacks are feasible against ML systems that output only class labels, which is the way many web-hosted ML services work.

Of special concern are pre-trained ML models served on the web, which have become very popular in recent years. Developers who lack the skills or resources to train their own ML models can download pre-trained models from one of several web platforms and directly integrate them into their applications.

But pre-trained models can become the source of the threats and attacks that Anley discusses in his paper.

“Trained models themselves can often contain code, so they should also be carefully handled,” he explained. “Since training models is expensive, we’ve seen the emergence of ‘model zoos’, where pre-trained models are available. These obviously need to be handled with the same controls you’d apply to code.”

**Secure development takeaways**

We are still learning how to cope with the emerging threats posed by ML-powered applications. But in the meantime, Anley had some key recommendations to share with web developers who are jumping on the ML bandwagon:

*   “If your model is trained on sensitive data, consider refactoring your application so that you don’t need to train on sensitive data.”
*   “If you absolutely have to train on sensitive data, consider differential privacy techniques, anonymization or tokenization of the sensitive data.”
*   “Apply the same supply chain controls to external models, that you would to external code.”
*   “Carefully curate your training data and apply controls to ensure that it can’t be maliciously modified.”
*   “Authenticate, rate limit, and audit access to models. If your model makes sensitive decisions that could be affected by adversarial perturbation, consider taking advice around implementing a training method to make the model more resistant to these attacks.”

**RECOMMENDED** Decentralized Identifiers: Everything you need to know about the next-gen web ID tech

Source

PortSwigger