# Ubuntu Forums hacked. Should we be concerned?



## noeyx (Jul 23, 2013)

Hi. As some of you might know by now, the Ubuntu Forums has been hacked recently. Their software is vBulletin which is the same as FreeBSD's. I just would like to know if the FreeBSD forums are secure enough to avoid the same fate. Thanks in advance and more power. ï¿½e


----------



## ShelLuser (Jul 23, 2013)

Not that I don't have any faith in the powers that be, let this be very clear, but you should *never* consider a forum to be "safe"; not even this one.

Always make sure that you're not using a password which you've been using all over the place (I heavily rely on PWGen for Windows to come up with unique password for websites), and also double check that you're not providing information which should never make it out in the open.

Honestly; with modern browsers which can save your passwords and the massive amount of password vaults (programs to store a password collection) there really is hardly a need to use one password to 'rule them all' (perhaps apart from securing your password collection itself).

If you take these steps then you'll always be able to minimize the risk, even if something nasty does happen.


----------



## lme@ (Jul 23, 2013)

Yeah, just use some password safe like Password Gorilla or KeePass, let it generate a password for you and never use it on multiple sites/machines.


----------



## kpa (Jul 23, 2013)

I have a password scheme where I use an impossible to guess "hard" password that I can still remember well as a common prefix and I then concatenate a few letters at the end to identify the site I'm using the password on. This makes it impossible for hackers to use the hash of my password on any other sites even if my passwords are different by just couple of letters.

This works if the hash function is "collision resistant". 

Let's say my common password is "epPXSBSy" (random junk from https://www.grc.com/passwords.htm, not my actual password  ). I then use a password "epPXSBSyFBF" on these forums. The SHA256 hash value of this password is:


```
720e57ce6d743bb8438234776ee4728bd9d4b77bf0952e3630d27d074194baeb
```

Let's assume that this hash gets leaked to hackers. Note that I have no idea what hash function is actually used for the passwords on these forums, this is just an example. There's also what is called "salt" involved but I've left that out.

I have used a similar password on for example Debian Linux forums, "epPXSBSyDLF".  The SHA256 hash of this password is:


```
1f541e81bd0d59c6fc65536764552140ecc88cf56bfe0abba70434fdf2d543dc
```

Notice how different the hash is even if only three letters changed.

If the hash function is collision resistant, it should be impossible (computationally infeasible is the term often used) to find out this SHA256 hash of the password I use on Debian Linux forums using only the hash of my password from these forums that was leaked to hackers.

In reality this is the case because SHA256 is still considered collision resistant.

My scheme is also nice in way that it is also impossible for the hackers to gain any advantage from knowing the scheme I use. All they are left with is brute force attack against the hash function and trying to find a collision and that is as noted practically impossible if the hash function is good enough like SHA256.


----------



## SirDice (Jul 23, 2013)

> we believe the root cause of the breach has been identified.


How nice of them to share that information. Depending on the root cause we may or may not have any issues. For all we know they got in by using a SSH brute-force.


----------



## cpm@ (Jul 23, 2013)

Without going to ethical controversy there is good news for Ubuntu's guys


----------



## throAU (Jul 24, 2013)

ShelLuser said:
			
		

> Not that I don't have any faith in the powers that be, let this be very clear, but you should *never* consider a forum to be "safe"; not even this one.



Pretty much.  Always assume that any credentials you use online are compromised.  Even if the forum/site HAS NOT been hacked, do you know/trust the admin staff?  Do you trust the programmer of the forum software?

Never use the same username and password on multiple sites!

Yes, it's a pain in the butt.  No, you won't be able to remember all those passwords, especially if they are properly secure fully random 16-32+ characters in length.

This is why we have password managers now.


----------



## zspider (Jul 25, 2013)

throAU said:
			
		

> Pretty much.  Always assume that any credentials you use online are compromised.  Even if the forum/site HAS NOT been hacked, do you know/trust the admin staff?  Do you trust the programmer of the forum software?
> 
> Never use the same username and password on multiple sites!
> 
> ...



Very true, especially these days when you have many people running sites, who no one really knows anything about and you never know what they are doing behind closed doors or what they might be planning to do.


----------



## h3z (Jul 26, 2013)

There is a real easy solution to this. Don't put out there, anything that would cause any devastation if lost.

My passwords are not complex. They are unique, but not unique enough for the higher standards of security. Most of my on-line identity, is labeled under the same user name. It would cost me very little, if that identity was hacked. There is only one source of monetary quality, to be gained by a very successful attack on me. It is a debit card, connected to no other accounts. It will deny any transaction, higher than the most recently known stable balance. The card has a low minimal balance. I only put more than the minimal balance on the card, when purchasing something on-line. Otherwise the card only maintains the minimal balance. I do not fear an attack on my on-line persona, just because I can afford to lose all that is attached to that persona. A very powerful intruder might be able to acquire, at best the personal information that the card provider may have on record about me. At that point they are putting enough effort into it, that my on-line identity needn't be hacked to render me vulnerable to their skills.

A hacked account would cause a possible end of h3z for me, and a few dollars. I can get a different card from a different bank. I can also create a new user name.

I can't say that I am extremely safe. But, you are asking for it, if you make available on-line that which is important to you.

I'm not saying that adding complexity to your login, is a bad idea. But, its a better idea, in addition to limit the damage possible.

I understand that many people are connected to their employer, through the same device that is used for non-work related affairs. Its a bad Idea to mix work with pleasure. In cases like this, it might be wise to at least use a different browser for the two different instances of use. Better yet, one could isolate the different instances on the the same machine by dual booting operating systems, or running virtual machines. These ideas might be for the more paranoid, who are probably already taking greater on-line precautions.

Yes, the use of multiple complex passwords is important. However, unless required, don't put anything on the line that you mustn't.


----------



## _martin (Jul 26, 2013)

When it comes to strong password topic, I always liked this picture:


----------



## kpa (Jul 26, 2013)

Yeah, there's a good point to that. Contrary to the common perception, it is very hard to guess or brute force crack passwords that are made of multiple common (and easy to remember) words concatenated. So called dictionary attacks only work when the password is just one word straight out a dictionary. Combining two words already creates a big problem for the potential cracker because he then has to try a cartesian product of the words in a dictionary concatenated. Add a third word and it goes way beyond what can be done with a computer. Add a fourth word just in case there's a break trough in quantum computing in next few years.


----------



## SirDice (Jul 26, 2013)

If you can use a passphrase instead of a password. A passphrase contains multiple words. And a short sentence should be easy to remember. Unfortunately sometimes you can't enter more characters and even if you did it would get chopped.


----------



## kpa (Jul 26, 2013)

This looks like a good online password strength tester:

http://rumkin.com/tools/password/passchk.php

I ran a test with three common words concatenated with few numbers in between the words, the password would be very easy to remember. This page told me that there's about 150 bits of entropy in the password and it's most likely an overkill.


----------



## Savagedlight (Jul 26, 2013)

kpa said:
			
		

> This looks like a good online password strength tester:
> 
> http://rumkin.com/tools/password/passchk.php
> 
> I ran a test with three common words concatenated with few numbers in between the words, the password would be very easy to remember. This page told me that there's about 150 bits of entropy in the password and it's most likely an overkill.



I didn't try with any of my already existing passwords, but I tried with a new one created by the same means. It's a pass-phrase which I find easy to remember; And here are the stats:

```
Length: 41
Strength: Very Strong - More often than not, this level of security is overkill.
Entropy: 262.4 bits
Charset Size: 213 characters
```

Good to know.


----------



## sossego (Jul 26, 2013)

lme@ said:
			
		

> Yeah, just use some password safe like Password Gorilla .....


Where does a gorilla keep its password? Anywhere it wants to. It's a damn gorilla.


----------



## graudeejs (Jul 26, 2013)

I try to use UTF-8 passphrases where possible. 

In fact I wrote security/p5-dicewaregen to generate diceware dictionary in any language supported by aspell.

It will generate a tex file.


----------



## sossego (Jul 26, 2013)

There is also the option of having a keyboard with a different language layout from what one considers normal.


Attach keyboard.
Change keyboard locale.
Type in username and password.
Return keyboard locale to normal and start posting.

Using this method along with other methods would be more secure.


----------



## _martin (Jul 26, 2013)

kpa said:
			
		

> This looks like a good online password strength tester:
> 
> http://rumkin.com/tools/password/passchk.php



Yop, that's why my favorite passwords were:

_i like to see you naked_
_#include <stdio.h>_
_fun @ my house_

I still use passwords in this fashion. I did however encounter lots of trouble with the last one on Solaris servers as many of them used @ as a kill control character. So each time I tried to login my session got killed.


----------



## noeyx (Jul 27, 2013)

Thanks for the suggestions


----------



## throAU (Jul 27, 2013)

matoatlantis said:
			
		

> When it comes to strong password topic, I always liked this picture:



Doesn't get around the different password for every credential issue, and isn't as difficult to break as the author makes out 


edit:
Also, the comic explicitly says stolen hashes are not something the average user needs to worry about.  Which given the various hacks we've seen in recent years is VERY MUCH something to worry about.  I'd even say stolen hashes are somethng to be more concerned about than remote login attempts, as logs and account lockout will typically trip those up relatively quickly.

If the hashes are stolen?  All bets are off.  They can be cracked off-line and then used to log in (possibly to an entirely different site if the user has re-used credentials) without generating any login failure.


----------



## ShelLuser (Jul 27, 2013)

matoatlantis said:
			
		

> I did however encounter lots of trouble with the last one on Solaris servers as many of them used @ as a kill control character. So each time I tried to login my session got killed.


Just out of curiosity; do you happen to know what version those servers used?

Because I'm aware that @ is a kill control character, but mainly determined by the SysV specification. Sun Solaris also used ^U as a substitute.


----------



## _martin (Jul 27, 2013)

ShelLuser said:
			
		

> Just out of curiosity; do you happen to know what version those servers used?
> 
> Because I'm aware that @ is a kill control character, but mainly determined by the SysV specification. Sun Solaris also used ^U as a substitute.



If I have to bet on it I'd say it was 9, but I'm not 100% sure - it was ~4 years ago. Majority of the systems I work with are HP-UX, but there was a setup where several Solaris servers were in the environment too. 

But it might have been a non-standard setup to begin with. Nowadays I don't see this issue on any system I work with.


----------



## jrm@ (Jul 28, 2013)

What format is the author talking about? For passwords that can have one of 52 letters (lower and upper case), 10 digits and, say, 8 symbols for each character, the number of possible passwords of length 11 is 70^11.  2^67 ~= 70^11, so there are about 67 bits of entropy.

Two points: 
 I don't know much about this; I just read the Enropy (Information Theory) Wikipedia page
 It's a comic.


----------



## cpm@ (Jul 29, 2013)

I agree with the demon-accounting :e

Could 9 be a random number? Yes, if it was generated via some random method.


----------



## J65nko (Aug 10, 2013)

According to the intruder/cracker quoted at http://www.theregister.co.uk/2013/07/23/ubuntuforums_cracker_promises_no_password_release/ :



> the default vBulletin hashing algorithm (md5(md5($pass).$salt).



It is a pity that bcrypt is not being used because MD5 is not collision resistant.


----------



## kpa (Aug 10, 2013)

Is it possible to change the hash algorithm in vBulletin to at least SHA256 without too much hassle?


----------



## rghq (Aug 11, 2013)

kpa said:
			
		

> Is it possible to change the hash algorithm in vBulletin to at least SHA256 without too much hassle?



Yes and no. vBulletin generates a salted MD5 with a JavaScript function on the client side and then transmits the hash directly while doing a login. So one needs to disable this JavaScript and modifies the board to switch to SHA256 or something else. Partly this salt'ing + hashing is done server side if the user disabled JavaScript in the browser (and the password is sent in plain over the line).


----------



## Savagedlight (Aug 11, 2013)

rghq said:
			
		

> Yes and no. vBulletin generates a salted MD5 with a JavaScript function on the client side and then transmits the hash directly while doing a login. So one needs to disable this JavaScript and modifies the board to switch to SHA256 or something else. Partly this salt'ing + hashing is done server side if the user disabled JavaScript in the browser (and the password is sent in plain over the line).



This sounds very weird to me. If what you're saying is right, then anyone who got their hands on the user database could log in as anyone by sending the username + known hash (you say that's what the JavaScript does). This is almost as bad as storing stuff in plain-text.


----------



## ChalkBored (Aug 11, 2013)

Savagedlight said:
			
		

> This sounds very weird to me. If what you're saying is right, then anyone who got their hands on the user database could log in as anyone by sending the username + known hash (you say that's what the JavaScript does). This is almost as bad as storing stuff in plain-text.



That's why database breaches are bad.

What the JavaScript is doing is basically:

```
MD5 ("password")                                  = 5f4dcc3b5aa765d61d8327deb882cf99
MD5 ("5f4dcc3b5aa765d61d8327deb882cf99salt")      = d514dee5e76bbb718084294c835f312c

If the salt were different:
MD5 ("5f4dcc3b5aa765d61d8327deb882cf99othersalt") = 5780cfec07208298ea40a1335841e3c1
```

Without the salt, if somebody got your password from one site, it would be as good as plaintext everywhere that used the same hashing technique.  With the salt, it's only that good at places that happened to use the same technique, and the same salt.


----------



## Goobie (Aug 13, 2013)

I figure not a whole lot on the net is safe anyway. I'm not going to worry about the forum though because I'm pretty boring and don't have anything to lose on here. Like suggested though, you might want to check out a secure password.


----------



## cpm@ (Aug 28, 2013)

I don't want to sound paranoid, but I just see this announcement related to a potential vBulletin exploit (affects only 4.1+ and 5+), however, about lower versions it says:


> A potential exploit vector has been found in the vBulletin 4.1+ and 5+ installation directories. Our developers are investigating this issue at this time. If deemed necessary we will release the necessary patches. In order to prevent this issue on your vBulletin sites, it is recommended that you delete the install directory for your installation. The directories that should be deleted are:
> 
> 4.X - /install/
> 5.X - /core/install
> ...



I guess that here we already have taken the necessary steps


----------



## tingo (Aug 29, 2013)

Basic security for most installs: remove permissions on the install directory after you've done installing / upgrading. If you later need it for any reason, restore permissions. I thought this was in Security 101...


----------



## SirDice (Aug 29, 2013)

tingo said:
			
		

> I thought this was in Security 101...


Yes, but apparently not everybody has attended that class


----------



## zspider (Aug 30, 2013)

tingo said:
			
		

> Basic security for most installs: remove permissions on the install directory after you've done installing / upgrading. If you later need it for any reason, restore permissions. I thought this was in Security 101...



It even tells you this when you finish the install.


----------



## throAU (Sep 5, 2013)

zspider said:
			
		

> It even tells you this when you finish the install.



What do you mean, read the documentation?  I know what I'm doing, I don't need no stinking documentation!

Derp...


----------

