Customize

GreenMachine - Security Questions

Discussion in 'Keeping Your Anonymity In Iran' started by Unregistered, Sep 11, 2009.

Thread Status:
Not open for further replies.
  1. I saw this new thing release called GreenMachine. It appears to be a wrapper for SSH running on port 80.

    Some observations:

    1) The username ("greenmachine1") and password ("freeiran1") are hard-coded into the binary.
    2) It appears to only connect to one server in Germany (188.40.112.139), meaning Iran can block just the IP and/or target users connecting to this IP.
    3) Since it's using SSH, it has a known signature that would be easy for Iran to target.
    4) It unconditionally accepts the remote host's session key. That means it's trivially vulnerable to a MITM attack. The government wouldn't even need to distribute bugged copies: it's self-bugged.

    That took 15 minutes to figure out and break. Next?
  2. What?

    This project is being passed around all over Twitter...and you're telling me that this is not secure and Iran can track people? Who created this proj? Where is their due diligence?

    Please stop tweeting this if it will hurt the people of Iran! This just blows my mind.
  3. lissnup Member

    We Have to Take Action on This

    Greenmachine is not a secure enough system for people in Iran to use safely. Apart from being illegal, it uses a fixed IP address so is too easily detected and blocked. There is also the possibility of tracking access to that IP.

    It's everyone's responsibility to make sure it's limitations are known. However well-intentioned the creator of this system might be, the fact is that Iranian's need way more security than Greenmachine is currently offering
  4. Not so fast

    Hi guys,
    The problem of it being easy to block or bring down is not that big of an issue. If it gets blocked, well then its blocked. Back to where we were without it. It hasn't been blocked yet, so I remain skeptical that it is as easy as it seems. If in the future it does get blocked, well then the developers will probably make it better. This has happened tons of times with UltraSurf & FreeGate and other anti-filtering software. They've ceased to work, and the developers came up with a new version. Nothing dangerous here.

    What IS dangerous is if somehow the people using this software were traceable. But that is not really a serious danger either. Millions of people in Iran use anti-filtering software of some kind. As they do satellite TV and many other "illegal" things in Iran. Just using the software is not enough to put someone in Iran in THAT much danger.

    What is REALLY dangerous is if someone were to use the software to communicate secret data and that the government would be able to see that data and possibly track its source. I don't think that is possible with GreenMachine and no one has proven that yet. I'm sure any software guy who thinks that is possible could demonstrate exactly how so.

    So overall, I wouldn't worry that much. Most people in Iran just want something that lets them access the web pages that otherwise don't load. They never scrutinized the security of UltraSurf, Freegate, etc. they just use them because it opens the pages. And no one ever heard of the government being able to track someone down or collect evidence agianst someone because of those applications. I don't think Green Machine is much different.

    Having said all that, I encourage the developers of Green Machine to provide a FAQ page at the minimum to address these concerns.
  5. I wouldn't trust any package that clearly looks like skript kiddies put it together. Skript kiddies don't know how anything actually works, faux-hackers.
  6. yelling is not enough

    Just saying that it is "easy to target" or "not secure enough" or that it "clearly looks like skript kiddies put it together" doesn't make it a dangerous software for Iranians. No matter how loud or how many times you say it. If you can prove that it poses a real danger to Iranians who use it, we are all listening.
  7. ha it looks like the first poster pointed out all the reasons this is a clearly novice approach without any regard to protecting those in iran

    if someone online can in 15 minutes figure out the little "plan" behind this software, that's not good

    skype is harder to crack than this bundle of third grade crap
  8. Important

    I'm all about helping the people inside Iran...I don't care how, who, what, where, or when. As long as it helps the people INSIDE Iran. Having said that, the concerns this program raises, not to mention the info my brother gave me, is enough to SCARE the crap out of me!

    IF this program puts Iranians in Iran at any risk -even if 'not that much' as Iran Reporter puts it -then it is my humble opinion that it should be yanked. With a government who is cracking down on its people - especially those with internet access - I find even 5% risk is not worth it. WE are not the ones being arrested and tortured...THEY are.

    I'd like to see the creator of this program take immediate action to stop this threat he/she/they created. I'm sure he/she/they had good intentions, but good intent is not enough at this juncture in #Iranelection. Find another way...it may take more time, research, and programming - but it will be safe. And we owe that to the people of Iran.
  9. is it just me, or does it sound like a bunch of monarchsits made this crap up?
  10. The developers of the "Green Machine" didn't invent anything. They didn't make any new software for Iran (or any other country for that matter). The people who made Freegate and UltraSurf are actual developers who made their own protocol -- and they deserve credit. All that the Green Machine "developers" did is use SSH. SSH was never designed as an anti-censorship tool. At least Freegate/UltraSurf invented something instead of copying an old protocol and calling it new.
  11. So what?

    I don't care what is technically new or not new about Green Machine. As long as its another way for Iranians to access web pages that are filtered by their government, it is useful. It has the added advantage of being very light weight and easy to download and distribute. It is not more dangerous than having an illegal music CD in your home which most Iranians do. In fact you could say it is even less dangerous than that because there is no formal law banning anti-filtering software in Iran and you could not make a court case against it. It remains to be shown that the software poses any real danger to Iranians.
  12. SanguineRose Member

    I rank this up here with this post here http://iran.whyweprotest.net/keeping-your-anonymity-iran/15885-using-unix-talk-command.html

    Few reasons this is not secure.
    1. If they know about it which we can assume they do, they can monitor the connects and know who is doing stuff presumably are not in the 'interests' of the current regime.
    2. This looks like a 5 year old came up with this idea.
    3. A 5 year old coded it w/ideals of 'secret agent man' and fantasies floating in his mind
    4. If it accepts the host session key no mater what as what the OP says, then they can not only know that they're doing something probably not in the 'interests' of the regime BUT can know what they are doing and possibly expose people using it to transfer sensitive data.
    5. It would take me 15 minutes to rig something that sniffed all the traffic going though that and log it for future analysis IF I was Iranian IT in charge of the great firewall. Required Knowledge to do this: 'man ssh'
  13. Bravo

    I'm so blown away by your impeccable powers of reasoning and logic (especially regarding points 2 and 3) that I remain speechless. Seeing as how you're a "super moderator" here who usually has the responsibility of discouraging such rhetoric, I will reconsider activity on this forum.
  14. SanguineRose Member

    You do not have much technical understanding if you actually consider this secure. Points 2 and 3 are pretty much valid because it literally has to be a 5 year old because of their level of understanding. You can use Unix Talk like the Matrix too :D

    http://en.wikipedia.org/wiki/Man-in...ful_MITM_attack_against_public-key_encryption

    ^ Basic explanation of the attack that is 100% possible
  15. SanguineRose Member

Thread Status:
Not open for further replies.

Share This Page

Customize Theme Colors

Close

Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins