Motherboard
China Is Another Step Closer to Building a Quantum Internet
China's quantum satellite just facilitated the first intercontinental video call secured using quantum encryption.
By Daniel Oberhaus
Sep 29 2017, 3:16pm
Earlier today, China's pioneering quantum satellite Micius facilitated the first-ever intercontinental video conference using a quantum communications network. The video call connected Chunli Bai, the president of the Chinese Academy of Sciences in Beijing, with Anton Zeilinger, president of the Austrian Academy of Sciences in Vienna, a distance of over 4,600 miles. It was the first real-world demonstration that showed that a global quantum internet is not only possible, but within reach.
A little over a year ago, Bai and his colleagues launched Micius, the first quantum satellite that was meant to serve as a testbed for technologies that would pave the way for a global, space-based quantum communications network. Unlike the normal internet, this quantum internet would be perfectly secure, an issue of paramount importance as we stand on the threshold of the age of quantum computing.
Today, satellites are the backbone of many internet technologies that we use on a day-to-day basis, such as the GPS systems that power Google Maps, satellite televisions, ATMs, and many of the consumer products that make up the Internet of Things. These satellites help route data between internetworked objects all around the globe and when the data is sensitive, such as with banking applications, it is generally encrypted as it is passed between ground stations and satellites. The encryption algorithms used to protect this data are generally based on difficult math problems, such as factoring astronomically large prime numbers.
"This is a very important step towards a world-wide and secure quantum internet."
While contemporary encryption standards are robust enough that an attacker would be unable to crack them even if they had access to all the computing power on Earth, these same encryption standards will be rendered obsolete with the advent of large-scale quantum computers. Unlike a traditional computer, which traffics in binary bits, where data is stored as either a 1 or 0, quantum computers make use of qubits, which is data that is either a 1, 0, or a combination of these states at the same time. In practice, this means that a quantum computer will be able to crack today's encryption without much difficulty.
This impending crypto-apocalypse has resulted in a race to create quantum-resistant cryptography, and one of the leading candidates in this area is known as quantum key distribution (QKD). This is a method of manipulating the quantum states of individual photons to encode an encryption key. This key is then used to secure another key, which would work with a non-quantum encryption algorithm that is used to actually encode the data being sent. In other words, QKD is using particles of light to create a quantum encryption key that secures a traditional encryption key.
One way of implementing QKD is by entangling photons. Entanglement is a way of linking two different particles, in this case photons, at a distance, so that each share the same quantum state. Entanglement is kind of like having one particle exist in multiple locations at once. As far as the quantum internet is concerned, entanglement could be used to transfer quantum keys between two distant locations.
Advertisement
For example, in June of this year, Chinese researchers demonstrated that they were able to transmit entangled photons from the Micius satellite to two ground stations in China that are 750 miles apart while maintaining entanglement between the particles. The entangled particles were generated on board the satellite and then delivered to two different ground systems using a split laser beam. Each beam sent one of the entangled photons to a ground station, where the quantum state of the photon could be measured, thus distributing the same quantum key to two remote locations.
The quantum states of entangled photons are also a more secure cryptographic basis than difficult math problems because as soon as an attacker tries to measure the state of the photon, it alters the photon's state and renders decryption impossible. Today, these researchers took these same principles a step further by using the Micius satellite to facilitate the first intercontinental communication secured using QKD. According to a press release from the Austrian Academy of Sciences, using QKD to secure the video call made it "at least a million times safer" than securing it using conventional methods of encryption.
In the case of today's video conference, QKD was used to encrypt the video signal being routed between ground stations near Vienna and Beijing. Prior to the video call, the quantum state of photons generated on board Micius were generated and sent to a ground station near Vienna where these states were measured. These same quantum states were then translated into binary code (1s and 0s) on the satellite and sent to the ground station near Vienna. There, researchers compared their measurement of the quantum state of the photon with the binary translation of this quantum state. If these values didn't match exactly, it would alert the researchers that an attacker was trying to eavesdrop on the transmission.
This same process was then repeated between the Micius satellite and the ground station near Beijing. At this point, the researchers in Austria and China both had unique quantum keys that were stored on board the satellite. These keys were then combined to generate a new quantum key that was transmitted to both China and Austria. Each station was then able to use its unique quantum key in combination with the shared quantum key to securely encrypt the video call that was routed between them, effectively establishing the first intercontinental communication secured using quantum encryption.
"The exchange of quantum encrypted information over inter-continental distances confirms the potential of quantum communication technologies as opened up by fundamental research," Zeilinger said in a statement after the video call. "This is a very important step towards a world-wide and secure quantum internet."
Read More: Researchers Made the First Quantum Enigma Machine
Prior to the launch of Micius, the world-record for QKD using entanglement was 64 miles. Although both open-air and fiber-optic cable can be used to transmit photons, both of these mediums degrade the entanglement and over a long enough distance the effect is lost entirely. Space, however, provides a nearly lossless medium for the transmission of entangled particles, making it an optimal way to route quantum information between two distance points and lasers help the quantum state of photons survive their turbulent journey through Earth's atmosphere.
These ground stations were connected to the research institutions via terrestrial quantum communication networks built with optical fiber. Such networks have been used by government institutions for a few years, but these networks are limited in the distance that they can sent quantum information (around 60 miles).
In the future, the combination of local quantum communication networks on the ground and quantum satellites in orbit will enable the creation of a truly global quantum internet. For now, however, Micius remains an orbital laboratory testing the fundamental technologies that will make the quantum internet possible, but the video conference makes the quantum internet feel closer than ever.
SHARE
TWEET
china
Anton Zeilinger
chinese academy of sciences
qkd
Micius
Austrian Academy of Sciences
Chunli Bai
Watch This Next
5:34
The 80s Cult Classic Envisioning the Final Hour Before Nuclear Apocalypse
Find us in the future.
Like Motherboard
Advertisement
EFI
Some MacOS Users Aren't Getting the Firmware Security Patches They Think They Have
Do you know if your Mac's low-level firmware is up to date with the latest patches? You might not be able to, researchers say.
SHARE
TWEET
LC
Lucian Constantin
Oct 2 2017, 2:00pm
Image: Shutterstock/Rachel Pick
Apple's security updates for macOS sometime include patches for serious vulnerabilities in the firmware that runs beneath the operating system. So you might think you're safe if you keep your OS version up to date, but that's not always the case. Depending on your Mac model, you might get the firmware patches or you might not, a team of researchers found.
On one hand, Apple has done more than most other computer manufacturers to secure low-level firmware in Macs by automatically delivering security patches for it to users. On the other, there are still problems with the firmware update process that could put Mac users in the dangerous position where they think they have patched critical vulnerabilities that would let hackers completely compromise their machines—with some effort—but in reality they haven't.
The EFI (Extensible Firmware Interface) is the modern equivalent of the BIOS, the low-level code responsible for initializing the various hardware components when a system is powered on. Unlike the BIOS, however, the EFI has much more functionality, including the ability to communicate over the network.
In a sense, the EFI is a mini operating system with drivers, its own specialized applications, a command-line shell environment and various other extensions. Network cards, graphics cards, solid state drives (SSDs) and other components also have their own firmware that communicates with the EFI.
Starting in 2015, Apple began bundling EFI updates together with the updates for OS X—now called macOS. The goal was to make it easier for users to get these patches automatically because in the past these firmware updates had to be installed manually. This is still the case on most Windows computers today for example.
Researchers from security firm Duo Security analyzed Apple's EFI patches and compared them with the firmware versions installed on over 73,324 Macs that are used across organizations of different sizes and from different industries. Their analysis revealed that Apple does not deliver EFI patches consistently for all models and that even when an EFI patch is available for a certain model, its installation might fail during the update process with no indication to the user or administrator. They think they got the update, but they didn't.
Duo Security researchers Rich Smith and Pepijn Bruienne found 16 Mac models that appear to have never received any EFI update in the past three years, over the lifetime of OS X Yosemite (10.10), OS X El Capitan (10.11) and macOS Sierra (10.12). During that time, other models received patches for serious vulnerabilities that could allow hackers to install stealthy bootkits—boot rootkits—into the EFI and gain total control over the systems. There were also Mac models for which Apple released EFI patches for known vulnerabilities with significant delays, leaving them potentially exposed for months compared to models that got fixes for the same flaws quicker.
The researchers found 47 Mac models that did not receive an EFI firmware patch for a vulnerability revealed in 2014 called Thunderstrike and 31 models that did not receive a patch for a follow-up attack called Thunderstrike 2.
Thunderstrike allows a malicious Thunderbolt-to-Ethernet adapter plugged into a Mac computer to write malicious code to the EFI. Thunderstrike 2 takes the concept further and allows for a similar security breach but without the need of a physical device, as the EFI infection can be done directly by privileged malware running in macOS.
Apple shipped Thunderstrike patches with OS X Yosemite v10.10.2 and with Security Update 2015-001 for older OS X versions. The vulnerabilities behind Thunderstrike 2 were patched with OS X Yosemite v10.10.4 and Security Update 2015-005.
But here lies the first problem: The flaws were not actually fixed in OS X itself, but in the EFI updates that were bundled with those OS X updates. And according to Duo Security's research, which will be presented today at the Ekoparty security conference in Buenos Aires, not every affected Mac model received those EFI patches and there's no easy way for regular users to tell if they got them or not.
Thunderstrike and Thunderstrike 2 were not the only EFI attacks for which Apple didn't provide fixes to all Macs, according to Duo's research. A 2015 patch for an EFI flaw known as CVE-2015-4860 was not made available to 25 Mac models and the fix for CVE-2016-7585, an EFI vulnerability that allows recovering FileVault 2 encryption passwords via malicious Thunderbolt devices was not released for 22 models.
Read More: Turning Off Wi-Fi and Bluetooth in iOS 11's Control Center Doesn't Actually Turn Off Wi-Fi or Bluetooth
Because of its highly privileged position, malicious code running in the EFI has a lot of power: it can reinfect the OS with malware even if it has been completely wiped and reinstalled on the hard drive; it can disable security features and bootloader cryptographic checks; it can potentially "brick" the computer in which case restoring it to a working condition would require a complicated chip reflashing process, and much more. It is what some security experts refer to as "God mode" malware.
Apple has already started to take some action to detect potentially malicious EFI modifications. MacOS High Sierra (10.13), which was released this week, contains a tool called eficheck that runs every week and compares the system's EFI contents to a whitelist maintained by Apple. If discrepancies are detected it will alert users and allow them to send a report to Apple.
"I agree with their conclusions, that we've got things we can do better."
It is important to keep in mind that in order to compromise the EFI, an attacker needs to already have privileged access through code running on your system or have physical access to the device, reputed OS X and iOS security researcher Dino Dai Zovi and one of the authors of The Mac Hacker's Handbook, told me. So, it is better to focus on protecting the weakest links in the chain and raise the cost of attacks across the board, he said.
Compared to Microsoft, which only provides the operating system for PCs, Apple controls both the hardware and the software of its Mac computers. This means that it's in a much better position to deliver firmware updates to them as it doesn't depend on third-party hardware manufacturers.
In the PC ecosystem there's much more fragmentation because there are several companies that provide base implementations of the UEFI (Unified Extensible Firmware Interface) standard to PC makers. Manufacturers then take these implementations—often more than one—and add additional code on top, leading to situations where even different PC models from the same manufacturer use considerably different EFIs, making patch development a costly and complicated process.
Ironically, while bad for patching, this fragmentation also makes it harder for attackers to create EFI bootkits that can run on a very large number of PCs. From that point of view, it might be easier for them to build low-level malware for Macs, which share the same EFI codebase.
The Duo researchers told me that despite the identified problems, Apple actually does a much better job of patching EFI security issues than other computer makers and the fact that the company has created a system capable of deploying EFI updates without manual intervention from users is laudable.
The reason why Mac and not PC EFI updates were chosen for this research project was specifically because Apple's vertical integration of hardware, firmware, and software made it much easier to build a dataset and analyze it, the researchers said.
"We appreciate Duo's work on this industry-wide issue and noting Apple's leading approach to this challenge," an Apple spokesperson told me. "Apple continues to work diligently in the area of firmware security and we're always exploring ways to make our systems even more secure. In order to provide a safer and more secure experience in this area, macOS High Sierra automatically validates Mac firmware weekly."
Last week, Xeno Kovah, one of the researchers behind the Thunderstrike 2 attack who has since been hired by Apple, said on Twitter about the Duo Security research: "I agree with their conclusions, that we've got things we can do better." He has since deleted the tweet, but an archived copy is still available.
After analyzing Apple's updates and establishing which Mac models did have EFI patches available from the company and with which OS X or macOS updates they were bundled, the Duo Security set out to see if Macs used in production by companies actually had the EFI patches they were supposed to have according to the OS version the were running.
They started with a dataset of 73,383 Macs, of which they selected 65,853 running OS X/macOS 10.10, 10.11, and 10.12—the versions for which EFI and OS updates are shipped together.
The analysis led them to another discovery: some Macs didn't have the latest EFI patches that were available to them from Apple and which should have corresponded to the OS versions they were running. In order words, on those Macs, the installation of the bundled EFI updates failed but the OS updates succeeded, so now they were "software secure, but firmware vulnerable."
Across the entire dataset, 4.2 percent of the analyzed Macs had mismatched firmware-to-OS patch levels, the researchers said. But the discrepancy was much higher for some models: 43 percent for the late 2015 21.5" iMacs, between 25 and 35 percent for three variants of the late 2016 13" MacBook Pro and 12 to 15 percent for two variants of the early 2011 MacBook Pro.
It's not entirely clear why EFI updates fail on some systems, but the more concerning finding is that there's no indication to users or Apple when this happens. And even if users would know how to use low-level tools to determine that they're running an outdated EFI version, there is no easy way for them to only re-apply the EFI patch without reinstalling the OS update.
The Duo Security researchers said that Apple's new eficheck tool does not alert users about situations where their systems are running the latest OS but have an out-of-date EFI version.
"Burn it to the ground. Toss it out. It's really game over."
In conclusion the research revealed several issues: 1) Because Apple continues to deliver security updates to older OS X versions, many users might understandably assume that they're getting the EFI patches too, but that's not the case. The only way to ensure that they're getting the latest EFI patches available for their Mac models is to upgrade to the latest major version of macOS. 2) Even then, there is no guarantee that their Mac models will get the same EFI patches as other models, even though Apple lists the patched EFI vulnerabilities in the security advisories that accompany security updates. 3) And even if all EFI patches are available for a particular model, the installation of those patches might fail during the update process with no warning to the user.
EFI compromises are really bad
Detecting EFI infections is difficult because the malicious code can lie to OS-level tools that try to interrogate the EFI, so EFI malware is undetectable to most antivirus and other security products. Even if it is somehow detected, recovering from such an infection is also extremely hard, because the malicious code can block EFI updates.
If you think your EFI has been compromised, the best option is to stop using the device and get rid of it, said Patrick Wardle, the director of research at penetration testing firm Synack. "Burn it to the ground. Toss it out. It's really game over."
While many of the EFI bootkits known so far have been created and demonstrated by researchers, there is evidence that such low-level malware programs are being used in the wild by sophisticated attackers.
A cache of supposedly internal CIA documents published by WikiLeaks earlier this year mention a tool codenamed Sonic Screwdriver that consists of a malicious Thunderbolt-to-Ethernet device. The tool can be used to deliver a fileless Mac malware implant called Der Starke which installs a persistence component in the EFI.
Read more: MacOS Keychain Theft Issue Shows You Can't Just Trust Apple to Keep You Secure
It is reasonable to assume that intelligence agencies from other countries or sophisticated groups of attackers have similar capabilities. However, researchers agree that it's very unlikely to see widespread EFI attacks indiscriminately targeting large numbers of users. If there are EFI attacks out there—and there likely are—they are almost certainly very targeted to specific individuals or organizations, so the risk they could affect you really depends on your threat model—who would be interested in you or your data.
In general, follow all recommended security practices to lower the chances of malicious code ever getting onto your system and you should be fine.
What should Apple do?
"I would love for Apple to have similar boot security on Macs as it does on iOS devices or as Google has on Chromebooks," Dai Zovi said. On those systems the entire boot chain components from the EFI, to the bootloader to the OS system partition are cryptographically verified, he said.
The reason why that hasn't been done on Macs is probably because it would prevent users from installing other operating systems like Windows or Linux through the Boot Camp feature. Dai Zovi said that he wouldn't be surprised if in the future Apple will make the boot security model for Macs more closely resemble that of iOS devices, which have the best firmware security around.
By simply providing an automatic update mechanism for the EFI, Apple is already doing more than most PC manufacturers, the researcher said. However he agreed that Apple should be more transparent in regards to which EFI vulnerabilities are being patched in which updates and for which models.
In addition to things that Apple could do to raise the cost of EFI attacks— better boot chain security—there are also things that could be done to lower the value of such attacks.
For example, if there would be a way to easily reflash the EFI to a known good state, it would make it much less valuable for attackers to go through the effort of getting malicious code into the EFI in the first place, Dai Zovi said. "You could do it at every system boot."
Get six of our favorite Motherboard stories every day by signing up for our newsletter.
SHARE
TWEET
apple
security
Updates
patches
mac
firmware
macOS
Related Articles
Internet Insecurity
WikiLeaks’ New Dump Shows How The CIA Allegedly Hacked Macs and iPhones Almost a Decade Ago
EFI
Some MacOS Users Aren't Getting the Firmware Security Patches They Think They Have
landmarks
A Giant Concrete Orb in Northern Iceland Moves With the Arctic Circle
trip on this
Start Rolling Your Blunts: There's a New Trailer for 'Blue Planet II'
Find us in the future.
Like Motherboard
landmarks
A Giant Concrete Orb in Northern Iceland Moves With the Arctic Circle
It’s on the remote island of Grímsey in Iceland.
SHARE
TWEET
Kate Lunau
Kate Lunau
Oct 2 2017, 1:02pm
Image: Studio Granda
On Grímsey, a remote island 25 miles off the northern coast of Iceland, sits a massive orb of concrete that marks the Arctic Circle. The artwork, called Orbis & Globus ("Circle & Sphere"), weighs 8 metric tons (almost 9 tons US), and will be physically moved a short distance each year because the Arctic Circle is moving, too.
The artwork. Image: Studio Granda
"The Arctic Circle marks a point where the Sun never sets in the summer and never rises in the winter," Steve Christer, a partner with Studio Granda, which created the work in a partnership with artist Kristinn E. Hrafnsson, told me over the phone from Reykjavik. "It isn't just a point on a map." At 66.5 °N, the Arctic Circle moves a little bit each year as the Earth travels through space, shifting on its axis. (Earth's axial tilt can vary by about 2° over the course of a 40,000-year cycle.) This giant orb will have to be repositioned every year by an average of 14.5 meters. Christer told me they'll hire a contractor to do it.
The orb was commissioned by the nearby town of Akureyri, which was seeking "a symbol for the Arctic Circle on the island of Grímsey," he said. Getting the work there was no easy feat.
Getting the artwork to this remote location was no easy feat. Image: Studio Granda
Orbis & Globus was created in a builder's yard in Akureyri, Christer told me. It has a foam core sprayed with concrete and a reinforced layer of steel. To get the globe, which has a diameter of 3 meters, to the island, they put it on the back of a truck, rode the ferry to Grímsey, and unloaded it. "We're working right on the edge of civilization out there."
Construction. Image: Studio Granda
Christer said the intention of the artwork is to get people thinking about the wider world, and what's beyond that. "It represents how we move through the universe. That's pretty mind-expanding," he told me. "Something that's more important than Donald Trump or anything else is, where are we going? That's what this piece is about."
Get six of our favorite Motherboard stories every day by signing up for our newsletter.
SHARE
TWEET
space
ICELAND
art
ARCTIC
Artwork
ORB
Read
North Pole
arctic circle
grimsey
Watch This Next
8:23
Miami's Most Powerful Speedboats
Find us in the future.
Like Motherboard
VICE
Broadly
Creators
Garage
i-D
Amuse
Motherboard
Munchies
Noisey
Tonic
Thump
Impact
VICE Sports
Waypoint
VICELAND
VICE News
VICE Video
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment