Two comments about this
-- I give it maybe a week or two against a good cryptographer. You never, ever invent your own encryption algorithm.
-- Even if the encryption algorithm happens to be secure against differential/linear/slide/boomerang attacks, I bet there will be an implementation flaw. It's really hard to get implementation right on those things, even if you have an almost perfect algorithm.
Not that that all really matters -- anything that it's encrypted can be decrypted since they key lives on the computer -- but the fact that they created their own encryption algorithm gives some insight in to their minds. Namely, that they they they are smarter than they really are, and that despite all of that, they don't know enough about security to stick with AES.
> and the botnet uses the domain names of the C&C servers as the encryption keys.
... what? That kind of defeats the entire purpose of encryption when they key is something like that. Besides, what are they using this encryption for. It seems more likely they want a check on the integrity of messages. And even still, a MAC is equally worthless since it's not public/private key.
Either (1) this botnet is really weak or (2) the writers of this article have distorted the truth.
from http://www.securelist.com/en/analysis/204792157/TDSS_TDL_4
So it is mainly there to fool anti-virus programs that look for a particular fingerpring, and not necessarily to pass secret info back and forth.
Don't rule out the possibility that the botnet code was written by a good cryptographer. It may be that they're using a well-designed algorithm that these researchers didn't happen to recognize.
Even if the encryption algorithm happens to be secure against differential/linear/slide/boomerang attacks, I bet there will be an implementation flaw. It's really hard to get implementation right on those things, even if you have an almost perfect algorithm.
Sometimes something that would be bad as a standard building block can hold up in a specific use case. Maybe this thing really only needs to obfuscate the communications.
Not that that all really matters -- anything that it's encrypted can be decrypted since they key lives on the computer -- but the fact that they created their own encryption algorithm gives some insight in to their minds. Namely, that they they they are smarter than they really are, and that despite all of that, they don't know enough about security to stick with AES.
I wouldn't underestimate the Russians and Eastern Europeans like that.
[...] Either (1) this botnet is really weak or (2) the writers of this article have distorted the truth.
Probably both, at least (2).
It's really really hard to write technically accurate descriptions of these things that are also accessible to a wide enough audience that you reach the people you need to reach.
Well, they could simply be using more than one algorithm. They could use AES as the main one and then re-encrypt everything with their own algorithm. If cryptographers break through their own created algorithm (probably just a variation of 3DES or AES) then they still have to break through the standard AES. I would be surprised if they were not doing something like this. As you say, everybody knows that you do not create your own algorithm. However, layering it with different algorithms, would probably be a good idea and it would make cryptographers work a lot harder (maybe?)
Although if the keys are as easily accessible as they say then I agree with you, what is the point?
Seems like it would be better to spend time on the implementation of other parts of their botnet (like ... public key cryptography instead of using domain names as a key?).
Maybe it is public/private key, and they use (derive?) the public key from the name of the server?
Either (1) this botnet is really weak or (2) the writers of this article have distorted the truth.
I suspect (2), but I don't think they did it deliberately. I suspect it was an attempt at simplification, but they went too far.
How would that work though? Maybe I just don't know enough, but I can't think of a way to generate a public key from some known source, and then somehow derive a private key from that source such that no one else can derive that same private key.
I guess you could generate an RSA key pair using the domain name as a seed for your random number generator, but that seems like a terrible idea. As soon as they introduce some real randomness in to it, then you're no longer deriving the key from the domain name.
I also suspect (2), but I wouldn't be surprised if they added some extra distortion to make the article read more like "Look how impressive these guys are! They made their own encryption algorithm!".
Who are these people that read the front pages of both Hacker News and computerworld.com?
EDIT: This is more like it: http://www.securelist.com/en/analysis/204792157/TDSS_TDL_4
EDIT2: That link was just an initial analysis of the infection vectors, here's a more full analysis of the payload and suchlike http://www.securelist.com/en/analysis/204792180/TDL4_Top_Bot
1. estimated 4.5 million infected machines
2. it infects the Master Boot Record
3. it uses the Kad Network (http://en.wikipedia.org/wiki/Kad_network) to issue commands to the clients (No idea how, the article did not explain this)
4. it disables competing malicious software
5. it acts as a malicious software manager; they install software for their "customers" to temporarily use
If TDL-4 keeps your machine free of other malware at the cost of engaging in the occasional DDoS....
Actually, wouldn't TDL-4's owners possibly earn more money by doing remote management and tuning of 4.5 million PCs than they could by selling malware connectivity?
I suspect you aren't the type of person who gets infected by a botnet.
Whoa, it's the evil app store!
Could this be used to take the botnet down? Pay them to install something and sneak in an antidote?
Although that may have been down to my relative inexperience at the time.
EDIT: I have more memories of using the plain ol 'fixmbr' command that you ran from that weird 'recovery console' shell on the windows install CD. Didn't realise fdisk had a /fixmbr switch. Guess it does the same thing.
-There's a lot of software with no equivalent in other OSs (including computer games, which are a selling point for a lot of people, and Visual Studio)
-Many companies are reluctant to change software they've been using for any length of time. Changing the OS is specially unlikely.
-It's really not that bad an OS...
My misadventures with linux include forgetting to set up a netbook to connect to unencrypted wireless networks and the latest kernel update breaking wifi after suspending or hibernating; I've never had to deal with any of that on Windows. The most time that I've spent on system administration has been switching to an SSD, which became extremely easy after I found the right software to mirror my disk.
The fact that the malware has to bury itself so deep into the boot sector actually says some pretty positive things about Windows security. Nothing like those heroics would be needed to target Linux for example (I don't know about Mac).
Also because Windows is a good operating system in it's own right.
