Mark Loveless, aka Simple Nomad, is a researcher and hacker. He frequently speaks at security conferences around the globe, gets quoted in the press, and has a somewhat odd perspective on security in general.

Old Code

Old Code

Mark Loveless
Fun Friday
Photo by Zoltan Tasi on Unsplash

Photo by Zoltan Tasi on Unsplash

Recently I was looking for something on my system, and stumbled across some old code. I mean I remember it of course, but wow I hadn't looked at it in ages. So I decided to just share it as is. This is a weird glimpse into the recent past, as it reflects a more paranoid time. All of the code is intended for use on Linux systems primarily, although I am sure many could (and at the time did) compile on other systems.

This is from the whole “./configure; make; make install” world of last decade’s open source. All of it is written in C. I was clearly paranoid - I used my own slightly customized memset and did not use compiler optimization since that often would optimize out certain safeguards that had been originally coded in. Ah C, how I loved and hated you.

I did clean things up slightly - which involved making sure they'd compile and run on a modern Linux system. I left in all of the other stuff, such as credits for those that contributed or I borrowed from, all of the notes that outlined attack scenarios, and every comment in every piece of code. I then uploaded them to GitLab(about.gitlab.com), and now they are available to the world for free. Let's get into each one of them.

Ncrypt

Ncrypt is a file encryption utility, and includes a file wiping utility as well. In the 90s the standard for file encryption used by the US Government (and others) was DES and it was eventually deemed insecure. Additionally, many didn't trust the NSA who were the ones that approved the algorithm as adequate for non-classified use by the US Government. NIST came up with an open proposal process to choose the DES replacement. From an initial fifteen algorithms, five finalists were chosen, and ultimately Rijndael was chosen as the new standard - AES.

In the process of selection, all of the proposals were written and ultimately submitted as C code using a similar coding structure to help even the playing field, so to speak. In other words, the code itself would not get in the way of the evaluation process. The code was of course made public.

From the finalists, there was a vote of "positive" or "negative" for each of the five. The top three - Rijndael, Serpent, and Twofish - received more positive nods than negative nods. I thought this was an excellent reason to grab the original C code for these three and combine them into a single file encryption program, giving the user the choice of algorithm (Rijndael was the default).

A secure wiping utility (nrm) was included so one securely wipe the original plaintext after encryption. This antique is a lovely example of paranoia on its own - it refers to methods that only apply to ancient hardware and outdated file systems no longer in use, but the code and its descriptions make for a nice little walk down a twisted lane through a hellish cyberpunk landscape.

Ncovert2

I am not sure whatever happened to just Ncovert. Ncovert2 was one of those proof-of-concept tools with really no good reason to exist - I just thought it was cool. The idea is that you can have a "server" running on a system on a network, the "client" could run on another system on some other part of the Internet, and a file could be transmitted from client to server by hiding small chunks of the file inside what would look like an ordinary port scan. Goofy, but fun to code up. I made up a bunch of reasons how it could be used, such as human rights workers moving important documents to the outside world from behind an evil government's state-controlled firewall, but really because of my background as a blackhat the main use would most likely end up being intruder exfiltration.

NPC

NPC, or Nearly Perfect Crypto, was another proof-of-concept program. The most secure method of encryption is of course a One Time Pad. To make really secure you needed to have a good source of randomness. I didn't, so I settled on at least a decent compromise - ISAAC. This is the reason it is referred to as nearly perfect.

Wrapping Up

While the latter two are more for just fun, I really tried with Ncrypt to make it a useful program. I hope you enjoy this as much as I did re-reading, compiling, and uploading all of it.


Ncrypt - https://gitlab.com/mloveless/ncrypt
Ncovert2 - https://gitlab.com/mloveless/ncovert2

NPC - https://gitlab.com/mloveless/npc

The Dark Side of Research

The Dark Side of Research
Observations from Vegas

Observations from Vegas