EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 25 Dec 2018, 12:52 AM   #1
ChinaLamb
The "e" in e-mail
 
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,221
Necessary Security Discussion to start 2019 right

TLR Ditch everything else, and start the new year out with FIDO

Authenticator codes are now broken and offer little real security:
From: https://mashable.com/article/hackers.../#K6LfewCAGOql
Unfortunately, 2 factor "authenticator" codes from Google Authenticator and similar tools are phishable, through man in the middle attacks.

The scam works like this. A malicious site sets up a Fastmail (or Google) login, or worse, redirects you from fastmail's (or Google's) login to their login, and uses SSL, with an approved SSL Certificate. As you type in your username and password, the automated site immediately enters this data into fast mail or Google. The automated site checks if an Authenticator code is requested from the site you are trying to reach, and either asks fast mail or Google to send you an SMS code, or for you to enter in your Authenticator code from the app on your phone. You give the middle web page the code and it passes it to fast mail or Google, giving **them** access to your account.

This effectively lets the man in the middle, to gain access. The malicious site, then automatically sets up a "App Password" (outlook, applemail, etc. non-2-factor password) and collects the password, and then gives themselves PERMANENT access to your account.

Additionally, IF someone gains access to your phone, all they have to do is look at your authenticator app, none of which I know to have additional passwords to be able to access, and see what accounts (email, bank, etc.) that you have. I personally don't like having a list of all my secure accounts, so easily accessed on my phone.

In short, future Phishing schemes will likely all include automated attempts to both get your password, and to get your security code, and in an automated method, gain access to your account.
Unfortunately SMS Codes are likewise woefully inadequate:
From: https://www.entrepreneur.com/article/317830
Also, multiple other documents: https://www.makeuseof.com/tag/two-fa...tion-sms-apps/

First off, SMS codes fall prey to the exact same problem as the man-in-the-middle attack above. There is NOTHING stopping someone from getting you to try and enter in a SMS code, legitimately generated by fast mail or Google, but triggered by an automated attack such as the one detailed above which then uses the password and code, before the code expires.

Reddit, and multiple other users have detailed how their SMS second factor codes were intercepted, or cell phone numbers were redirected, or cell accounts were transferred to malicious agents, etc. etc. etc. This should also be a significant concern to anyone living in a country that practices excessive surveillance on anyone within their borders.

Bottom line, SMS is not secure either, and potentially much less secure than an authenticator code depending where you live...

The only significant answer right now, seems to be FIDO U2F
From: https://www.yubico.com/2017/10/creat...-security-key/

The answer is something called "Origin Bound Keys" that is, creating a key, that is BOUND to the receiver. That means, only the "Real" site is able to authenticate the key. U2F mints a cryptographic pair foe each service. Enhanced by token binding, where the key is bound to the secure TLS connection, that only works with the intended website. If someone tries to spoof Fastmail, they cannot do it. They won't get the code, nor can they get a code from you... The two ends of the key won't work together if someone tries to stand in the middle, and pretends to be Fastmail. The key ONLY fits into the slot created by Fastmail, and it only unlocks the lock which Fastmail sets up.

What results, is a theoretically unphishable security key.
FIDO Devices
IF you use a mobile device, you'll need SOMETHING more than a simple USB device. Your phone needs to be authenticated to use Fastmail. That leaves you with either a Bluetooth or a NFC Based FIDO U2F compliant device. You should NOT authenticate your phone with Authenticator codes or SMS codes due to the issues above.

Google's new Titan key pair is FIDO compliant. It is based upon FeiTian, a Chinese company, but Google rewrote the firmware themselves, to ensure that the devices do not leak any information to the Chinese government. Google claims they've had no successful phishing attempts since enabling these devices across Google. Source: https://krebsonsecurity.com/2018/07/...oyee-phishing/

Unfortunately, TITAN is $50, but you get two keys. One Bluetooth and one NFC/USB

Yubikey also provides multiple FIDO compliant keys, unfortunately, as stated, you need a NFC device, and Yubikey's cheapest NFC capable device is $45 (Series 5 keys, EXCEPT the Nano).

Also note, that the orignial Yubikey devices were NOT FIDO compliant. That is, a Non-Fido Yubikey will not protect you from the above issues. If you currently rely on Yubikey, you should check if your current key IS or IS NOT Fido compliant.

There is, of course, the Feitian keys on Amazon. These can be purchased separately, starting at about $17. The problem is, the Feitian keys seem to have more issues than the Google version, and you are stuck with Chinese firmware, which may have vulnerabilities, and have poorly written documentation etc.

Unfortunately, I do not know of any other NFC or Bluetooth Capable FIDO devices currently on the market. his means your minimum cost to get rolling with FIDO is about $45.

And, I strongly suggest having a backup. One of my Yubikeys failed on me, and if I didn't have a spare, I'd be out of luck. Google sends two keys, Bluetooth/USB and NFC/USB for $50. With Yubikey that'll set you back at least $90...
/cl

Last edited by ChinaLamb : 25 Dec 2018 at 04:38 AM.
ChinaLamb is offline   Reply With Quote

Old 25 Dec 2018, 04:32 AM   #2
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 2,756
Yes, FIDO U2F is the way to go, especially since Apple finally stopped trying to sabotage U2F (though they still try to push their own proprietary solutions like Face ID).
BritTim is offline   Reply With Quote
Old 25 Dec 2018, 04:41 AM   #3
ChinaLamb
The "e" in e-mail
 
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,221
Can face id be used as 2 factor for fastmail?
ChinaLamb is offline   Reply With Quote
Old 25 Dec 2018, 05:28 AM   #4
ChinaLamb
The "e" in e-mail
 
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,221
Security Best Practices
Copied from:
https://www.reddit.com/r/yubikey/com...stions_please/


Use a Password Manager.
You shouldn't have passwords memorized, and you*definitely*should not be reusing passwords amongst multiple services. Bitwarden (*open source), KeePassXC, Dashlane, LastPass, 1Password, Keeper all have free tiers (KeePassXC is*completely*open source!), and all of these support using a YubiKey to make logging into them even more secure.
2 Factor all things.
Your high level goal should be to start using 2FA more often. In other words, start using something you know (a password) and something you have (a Fido compliant key) whenever you can. Doubly so when you're working with a service that's important.

Your email is typically your most important service because you recover your account with your email. 2 Factor that thing up! If you're using Gmail, this is a no-brainer as it supports the phishing resistant protocol known as FIDO. From there, ensure your password manager (you are using one, right?) is secured with 2FA as well. After that, my friend, the world is your oyster!
Not all 2FA is created equal.
....In other words, don't buy a huge steel front door and then leave an open window next to it.

HMAC Counter-based One Time Password (HOTP)
It's a bunch of digits that are different every time you press the YubiKey. No time element. Used with some identity platforms. Phishable

YubiOTP
One Time Password protocol made specifically for the YubiKey. Buncha characters, cryptographically "stronger" than HOTP, some replay attack protections baked in. Use with Lastpass and identity providers. Phishable

Time-Based One Time Password (TOTP)
The most common form of 2FA on the planet. If you've ever used an RSA token or the Google Authenticator app or the Authy app, ALL of these are forms of TOTP. Bunch of digits that changes on a given time schedule (ex. 30 seconds).Open standard by the folks at OATH. Phishable

Strong Password
This i s not 2FA, just a really long password. Phishable, use with caution.

Universal 2nd Factor (FIDO U2F)
It's a modern authentication schema that uses the browser to tell the website you're trying to log into whether or not you're being phished.*Strong*asymmetric crypto. Use with Google, Facebook, Twitter, GitHub, GitLab, Salesforce, AWS, and various identity providers and more. Often referred to as "Security Key". Open Standard by the folks at the FIDO Alliance. Extremely phishing resistant.

FIDO2
Essentially FIDO U2F on steroids. Adds an ability to put your identity into the device as well. In the future, use in place of smart cards on Windows with Azure. Today...no real use cases.
ChinaLamb is offline   Reply With Quote
Old 29 Dec 2018, 10:30 PM   #5
easemail
Member
 
Join Date: Nov 2010
Posts: 57
Wow, fantastic thread! Been hearing the stories of 2FA being phishable, but didn't realize that FIDO can take care of that.

I use the fastmail app on my phone and I wonder how "phishable" it would be using an authenticator app. I see how going through a browser would put you at risk, but does anyone know how robust the app is by chance? I assume that it's not just a simple browser wrapped app, but I'm not sure.
easemail is offline   Reply With Quote
Old 30 Dec 2018, 04:53 AM   #6
minimalist
Junior Member
 
Join Date: Nov 2012
Posts: 11
Quote:
Originally Posted by ChinaLamb View Post
TLR Ditch everything else, and start the new year out with FIDO

...
Additionally, IF someone gains access to your phone, all they have to do is look at your authenticator app, none of which I know to have additional passwords to be able to access, and see what accounts (email, bank, etc.) that you have. I personally don't like having a list of all my secure accounts, so easily accessed on my phone.
...
Authy can be set up to require a 4 digit PIN.
minimalist is offline   Reply With Quote
Old 30 Dec 2018, 06:09 AM   #7
ChinaLamb
The "e" in e-mail
 
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,221
Quote:
Originally Posted by minimalist View Post
Authy can be set up to require a 4 digit PIN.
The problem is entering codes into websites like fast mail. Unless it's FIDO it's phishable if immediately used ...
ChinaLamb is offline   Reply With Quote
Old 30 Dec 2018, 08:11 PM   #8
FredOnline
The "e" in e-mail
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,178
As regards this;

Quote:
Additionally, IF someone gains access to your phone, all they have to do is look at your authenticator app, none of which I know to have additional passwords to be able to access, and see what accounts (email, bank, etc.) that you have. I personally don't like having a list of all my secure accounts, so easily accessed on my phone.
I don't know about Authy (never used it), but using the FreeOTP authenticator you have the option of renaming a stored key - so instead of say "my bank account" it can be renamed to something not so obvious.

Quote:
Originally Posted by minimalist View Post
Authy can be set up to require a 4 digit PIN.
Having a PIN to unlock your 'phone is one factor - then you have your authenticator - a second factor. If your authenticator app also has PIN access that's a third factor.
FredOnline is offline   Reply With Quote
Old 30 Dec 2018, 09:35 PM   #9
ChinaLamb
The "e" in e-mail
 
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,221
However, you are missing the point that the codes that Authy gives you are phishable. The point here is to get rid of that kind of second factor altogether.
ChinaLamb is offline   Reply With Quote
Old 30 Dec 2018, 09:42 PM   #10
FredOnline
The "e" in e-mail
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,178
You're assuming I'm missing the point - I'm not.

My post does not state my suggestions make the authenticator unphishable.

I've responded to the quotes only.
FredOnline is offline   Reply With Quote
Old 30 Dec 2018, 11:35 PM   #11
JeremyNicoll
Member
 
Join Date: Dec 2017
Location: Scotland
Posts: 57
Quote:
Originally Posted by easemail View Post
I use the fastmail app on my phone and I wonder how "phishable" it would be using an authenticator app. I see how going through a browser would put you at risk, but does anyone know how robust the app is by chance? I assume that it's not just a simple browser wrapped app, but I'm not sure.
No matter what the app is, it has to send traffic to and from Fastmail's servers (just like the browser would do). It seems to me that that would be just as susceptible to a man-in-the-middle attack? Unless the app doesn't use DNS to look up the FM server's name and find its IP address - but it that were so it would also mean it couldn't be diverted to alternate FM servers (when eg FM have an outage on one set of servers). Or, unless the app encrypts traffic using a key that only it (and the FM servers) know - but is that possible? Couldn't bad guys reverse-engineer the app and discover the key?
JeremyNicoll is offline   Reply With Quote
Old 31 Dec 2018, 01:10 AM   #12
BritTim
The "e" in e-mail
 
Join Date: May 2003
Location: mostly in Thailand
Posts: 2,756
Quote:
Originally Posted by JeremyNicoll View Post
No matter what the app is, it has to send traffic to and from Fastmail's servers (just like the browser would do). It seems to me that that would be just as susceptible to a man-in-the-middle attack? Unless the app doesn't use DNS to look up the FM server's name and find its IP address - but it that were so it would also mean it couldn't be diverted to alternate FM servers (when eg FM have an outage on one set of servers). Or, unless the app encrypts traffic using a key that only it (and the FM servers) know - but is that possible? Couldn't bad guys reverse-engineer the app and discover the key?
A man-in-the-middle attack can intercept traffic based on IP address, as well as DNS queries. Any robust authentication method must assume that traffic can be intercepted and replayed. That is why it is a non trivial problem. It can pretty much only be done when there is a hardware security device on the client end that can set up session keys in a way that cannot be replicated by an attacker.
BritTim is offline   Reply With Quote
Old 31 Dec 2018, 03:33 AM   #13
ChinaLamb
The "e" in e-mail
 
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,221
Quote:
Originally Posted by BritTim View Post
A man-in-the-middle attack can intercept traffic based on IP address, as well as DNS queries. Any robust authentication method must assume that traffic can be intercepted and replayed. That is why it is a non trivial problem. It can pretty much only be done when there is a hardware security device on the client end that can set up session keys in a way that cannot be replicated by an attacker.
Exactly... Which is what FIDO is, and was created for.

Which is the point of my post here. People need to know that security keys, authenticator codes, etc. etc. etc., if not FIDO compliant, are susceptible to MITM attacks.

FIDO, by creation, is not susceptible to MITM Attacks.
ChinaLamb is offline   Reply With Quote
Old 31 Dec 2018, 05:16 AM   #14
FredOnline
The "e" in e-mail
 
Join Date: Apr 2011
Location: Manchester UK
Posts: 2,178
Just been re-reading the FastMail blog from July 2016:

https://fastmail.blog/2016/07/23/how...ity-keys-work/

Quote:
The security keys are small and light (they look great on your keyring), but we recommend you register at least two, or have TOTP or a backup phone number as well; you don't want to be locked out of your account if you lose it!
It would be interesting to hear from FastMail on this subject, if someone should rely only on Fido U2F and that fails for whatever reason, how easy or how quickly would it be possible for them to restore access to an account.
FredOnline is offline   Reply With Quote
Old 31 Dec 2018, 05:23 AM   #15
ChinaLamb
The "e" in e-mail
 
Join Date: Dec 2004
Location: a virtually impossible but finitely improbable position
Posts: 2,221
I strongly recommend having 2 FIDO keys for this exact reason. I had one of the old non-FIDO Yubi keys, and it failed on me, luckily my wife had one too and I was able to get into the account that way.

Having the key fail was a great reminder that the old YubiKeys were non-FIDO compliant, so, I upgraded.
ChinaLamb is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 10:49 PM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy