@codeslack I just brought this problem up to our team a few weeks back. I have a lot of thoughts on this problem. Give me some time after work to write them down.

@hal_pomeranz Congratulations! This Toot must now be released open source and released under the Volatility 3 license.

🤨​

@THORp @hal_pomeranz @attrc Unfortunately, most infosec work in the city is remote, but depending on the type of work, I'm happy to introduce you to anyone I can think of. Happy to meet up for drinks once you arrive.

Full Disclosure: The city is going through a "moment," and it sometimes feels like the Hunger Games. It doesn't sound like you have much choice in the matter, but I've lived here my whole life, and this is the first time I've considered moving.

This is a great synopsis from Objective-See of The Mac Malware of 2022. It was certainly a productive year for #macOS #malware analysts & researchers. Thank you for including our #GIMMICK malware analysis + IOCs! #dfir #threatintel

https://objective-see.org/blog/blog_0x71.html

My 2022 #DFIR APFS Advent Challenge has ended.

Throughout the month, I wrote around 20 APFS-related posts and donated $500 to humanitarian aid for Ukraine.

It was a challenging and rewarding process.

https://jtsylve.blog/post/2022/12/30/Challenge-Retrospective

My 2022 #DFIR APFS Advent Challenge has ended.

Throughout the month, I wrote around 20 APFS-related posts and donated $500 to humanitarian aid for Ukraine.

It was a challenging and rewarding process.

https://jtsylve.blog/post/2022/12/30/Challenge-Retrospective

@xabean I understand that it could certainly make sense or shared or business accounts, but reporting things like this seems to make security worse for non-technical users. I have TFA on those accounts, but I'm not storing the tokens in the same database as the credentials (otherwise what's the point for a personal vault?).

1password is encouraging me to store my one-time password seeds in their vault. It seems to me that storing this information along with the credentials defeats the entire purpose of the second factor.

You can learn more about APFS Fusion Containers in the day 21 post of my #DFIR APFS Advent Challenge.

Only one more post to go!

https://jtsylve.blog/post/2022/12/29/APFS-Fusion-Containers

You can learn more about APFS Fusion Containers in the day 21 post of my #DFIR APFS Advent Challenge.

Only one more post to go!

https://jtsylve.blog/post/2022/12/29/APFS-Fusion-Containers

@codeslack nope. I'll add it to the pile. I see he has a printed version for purchase and I still prefer my reference books on dead trees, so I'll buy that if I like it.

Taking some time to catch up on reading the books that I've collected this year but haven't gotten a chance to open. I've found that Packt #books can be hit or miss quality wise, but "The Art of Writing Efficient Programs" by Fedor Pikus stands apart. Highly recommend, especially if C++ is your language of choice.

#cplusplus #hpc

Day 20 of the #DFIR APFS Advent Challenge blog series discusses additional sources of Snapshot metadata.

https://jtsylve.blog/post/2022/12/28/APFS-Snapshot-Metadata

Watching "A Bridge Too Far" and this is still my favorite scene.

https://www.youtube.com/watch?v=l0dkgukGhVI

No post today, so I've donated another $100 to the Ukraine Humanitarian Fund as promised.

Catch up on the rest of the #DFIR APFS Advent Challenge posts here:
https://jtsylve.blog/post/2022/11/27/APFS-Advent-Challenge-2022

I am wondering if YouTube “Smart downloads” and similar features in other apps are well understood by #digitalforensics examiners (especially mobile examiners, who very often rely on automated tools). These recent features would automatically download and add videos to a suspect’s library / device. #dfir

It's day 18 and the final week of my #DFIR APFS Advent Challenge!

We discuss XTS-AES tweaks and how to identify and decrypt data on software-encrypted volumes.

https://jtsylve.blog/post/2022/12/26/APFS-Decryption

Many of you have been asking for my thoughts on the #LastPass breach, and I apologize that I'm a couple days late delivering.

Apart from all of the other commentary out there, here's what you need to know from a #password cracker's perspective!

Your vault is encrypted with #AES256 using a key that is derived from your master password, which is hashed using a minimum of 100,100 rounds of PBKDF2-HMAC-SHA256 (can be configured to use more rounds, but most people don't). #PBKDF2 is the minimum acceptable standard in key derivation functions (KDFs); it is compute-hard only and fits entirely within registers, so it is highly amenable to acceleration. However, it is the only #KDF that is FIPS/NIST approved, so it's the best (or only) KDF available to many applications. So while there are LOTS of things wrong with LastPass, key derivation isn't necessarily one of them.

Using #Hashcat with the top-of-the-line RTX 4090, you can crack PBKDF2-HMAC-SHA256 with 100,100 rounds at about 88 KH/s. At this speed an attacker could test ~7.6 billion passwords per day, which may sound like a lot, but it really isn't. By comparison, the same GPU can test Windows NT hashes at a rate of 288.5 GH/s, or ~25 quadrillion passwords per day. So while LastPass's hashing is nearly two orders of magnitude faster than the < 10 KH/s that I recommend, it's still more than 3 million times slower than cracking Windows/Active Directory passwords. In practice, it would take you about 3.25 hours to run through rockyou.txt + best64.rule, and a little under two months to exhaust rockyou.txt + rockyou-30000.rule.

Keep in mind these are the speeds for cracking a single vault; for an attacker to achieve this speed, they would have to single out your vault and dedicate their resources to cracking only your vault. If they're trying 1,000 vaults simultaneously, the speed would drop to just 88 H/s. With 1 million vaults, the speed drops to an abysmal 0.088 H/s, or 11.4 seconds to test just one password. Practically speaking, what this means is the attackers will target four groups of users:

1. users for which they have previously-compromised passwords (password reuse, credential stuffing)
2. users with laughably weak master passwords (think top20k)
3. users they can phish
4. high value targets (celebs, .gov, .mil, fortune 100)

If you are not in this list / you don't get phished, then it is highly unlikely your vault will be targeted. And due to the fairly expensive KDF, even passwords of moderate complexity should be safe.

I've seen several people recommend changing your master password as a mitigation for this breach. While changing your master password will help mitigate future breaches should you continue to use LastPass (you shouldn't), it does literally nothing to mitigate this current breach. The attacker has your vault, which was encrypted using a key derived from your master password. That's done, that's in the past. Changing your password will re-encrypt your vault with the new password, but of course it won't re-encrypt the copy of the vault the attacker has with your new password. That would be impossible unless you somehow had access to the attacker's copy of the vault, which if you do, please let me know?

A proper mitigation would be to migrate to #Bitwarden or #1Password, change the passwords for each of your accounts as you migrate over, and also review the MFA status of each of your accounts as well. The perfect way to spend your holiday vacation! Start the new year fresh with proper password hygiene.

For more password insights like this, give me a follow!

@codeslack That's why I like this approach so much compared to intrinsics or inline assembly. The compiler _should_ be smart enough to reorder the instructions to get the best throughput and avoid those bottlenecks.

Agreed 100% on the unrolling. I thought GCC would have figured that out by itself, but no joy even with -O3. Maybe there were fancy flags or pragmas I could have added to make it work.

I love my M1 Macbook Pro, but now I wish that NEON had wider SIMD registers!