Hacker News new | ask | show | jobs
by marshray 4791 days ago
If they pwned the server that accepted the HTTP(S) POST with the payment information, they were in a position to obtain at least some CC numbers. They were probably also in a position to obtain the keys by which the CCs were encrypted.
1 comments
eridius 4791 days ago
The encryption keys are useless. The decryption keys are what's important. You do have a point that they could have theoretically intercepted HTTP(S) POSTs, but I don't think anyone's claimed that they actually did that.
link
marshray 4791 days ago
They were using asymmetric crypto on their CC data column?
link
eridius 4791 days ago
Yes. Linode publicly stated that they were using public-key cryptography, that the private key was secured with some crazy-long passphrase, and that the passphrase wasn't stored digitally, meaning that once a month when they billed they had to manually enter the private key.

So for the hackers to get the decrypted private key, then either Linode must have royally screwed up and kept the decrypted key in-memory during the rest of the month (which seems rather unlikely), or the hackers must have had control of the machine during the time in which they did billing (which I don't think is true, because billing presumably happens either at the start or the end of the month, and didn't the hack take place a bit earlier than that?).

So yeah, I believe them when they said they got the private key. But nobody's said anything to convince me that they got the _decrypted_ private key. And if the passphrase really is as long and complex as Linode claims, then it should be reasonably secure (caveat: I am not a security researcher, or otherwise qualified to judge the security of anything).

link
tiredofcareer 4791 days ago
> So for the hackers to get the decrypted private key, then either Linode must have royally screwed up and kept the decrypted key in-memory during the rest of the month (which seems rather unlikely),

They bill you the moment you add a Linode, automatically, if your credit is not sufficient to cover the new Linode. Careful walking that assumption too far; I think it's safe to say the key was kept in memory.

link
MertsA 4791 days ago
Well it's not like it originally comes in encrypted with the public key, it has to be on there for a short amount of time already, why would they keep the unencrypted version around longer than the initial billing?
link
marshray 4791 days ago
OK, I remember reading that now.

Good move on their part.

link