BC TRADING
Saved by @Alex1Powell

A thread on the Tasmota TLS MitM attack I found a few months ago since getting a proper blog post about it is taking me forever.

Tasmota is an open source firmware that runs on a number of ESP8266-based IoT home automation devices, which talks to an MQTT broker for management.

 MQTT can be run over TLS to provide confidentiality and integrity, but given the constraints of running on an ESP8266 device, standard TLS certificate validation is rather heavy. As an alternative, Tasmota implements fingerprint based validation, like SSH
The fingerprint validation can do "trust on first use" (TOFU) and just remember the server's public key. This can work well if you're hosting your own MQTT server, and you can just use a self signed certificate. The fingerprint algorithm was even based on how SSH does it.
If you read RFC4253, it describes the RSA key format with the following encoding

string "ssh-rsa"
mpint e
mpint n

where e is the public exponent (usually 65537) and n is the modulus.

Slight problem. RFC4253 doesn't explain what an mpint is.
You have to go dig up RFC4251 for what an mpint is. The precise details don't really matter for this bug, but the critical detail is that an mpint is length-prefixed, which makes it unambiguous where when mpint ends and the next begins.

Tasmota's implementation missed this.
Instead, everything was simply concatenated together with no delimiter. That means each fingerprint actually matches a "family" of RSA keys with identical serialization with the public exponent ending and the modulus beginning in different places.
As an example (with tiny number), we could have e=17 and n=389436408973, with a serialization of "ssh-rsa17389436408973". But e=17389 and n=436408973 gives the same serialization and is much easier to factor - it's 7 * 11 * 13 * 435973.
A quick bit about RSA - keys are normally formed from two large prime numbers that are around the same size, which are multiplied together to form the modulus. The security of RSA depends on it being difficult to decompose the modulus into its prime factors.
The math behind RSA also works perfectly fine with more than two prime numbers - and this is even supported (though rarely used) by modern implementations. The question is, can factors actually be found for collisions of arbitrary RSA keys under Tasmota's scheme?
There are two ways to factor numbers large enough to use as RSA keys - general number field sieve and elliptic curve method.

GNFS's difficulty depends on the size of the number, and these are too big.

ECM, however, depends on the size of the second largest factor.
For a normal RSA number with two primes, GNFS would be faster, but if the primes are small enough, ECM is feasible.

So, then, to attack the key, the family of RSA keys that match the fingerprint are all generated, and then ECM is used to try to factor them.
The ECM attempt can be time bounded. I found a few minutes per key worked reasonably well, and gave about a 99% success rate in finding one usable factorization.
As a "nothing up my sleeve" demo, I picked this key here that covers nsa[.]gov (among other domains):

https://t.co/1AITBNXWIv
I was able to find a colliding key with a factorization of 13, 1,091, 15,032,926,429, and a 340 digit prime that won't fit in this tweet.

The attack also worked just fine on my LAN and I was able to pull off a MitM attack.
I supplied a patch to Tasmota to remediate this. My patch adds length prefixes to the RSA key serialization to make it unambigious, and will automatically update the fingerprint so long as the server's key isn't "suspicious".

https://t.co/quyAT5uzw4
I believe my code made it into Tasmota 8.4.0, so if you're running an up to date version you're protected - though I imagine most folks aren't bothering with TLS on their home networks.

I am the sort of person who thinks that running transport mode IPSec at home is a good time.
This was one of the coolest crypto exploits I've ever written.

I published a blog post a couple months ago about constructing multi-prime RSA keys in python, which was part of my attack for this.
I did need to patch OpenSSL to remove the limits on the maximum number of primes it allowed, but that was pretty simple.

I think that wraps this thread.

More from Trading

Aditya Todmal
Aditya Todmal
@AdityaTodmal
DJ @ITRADE191 multiple chart analysis for INTRADAY TRADING.

1. Core setup
2. Pivot points trades
3. PDH/PDL trades
4. Open interest addictions combined with rejections on charts.
5. Website to confirm bias

Very quick read.

Share if you liked for the benefit of everyone.

•Main setup of @ITRADE191
He used this setup daily for all trades.

1. EMA crossover 10/20
2. Supertrend 10/3
3. Vwap
4. RSI >


•Volume always greater than


•Candle Rejecting from


•Pivot settings
STOCKLEARNINGS , TRADING , DJ SETUP
SPACVet
SPACVet
@SpacVet
My number 1 stock pick for 2021 is: Pine Island Acquisition Corp.

$PIPP

Let me break down why I think this will be THE SPAC of 2021. 👇

TL:DR – the management team is loaded with President Biden’s closest friends and advisors. No other SPAC has this level of access.

$PIPP company overview:

-focused on defense, government service & aerospace
-perfect focus when you consider who is on their Management Team


$PIPP Management

-here's where it gets EXCITING
-founded by John Thain (ex Merrill Lynch CEO and Uber director)
-then STACKED with veteran Government and Administration key figures


$PIPP Insane Management Connections

-the list of PIPP "DC Partners" includes:

-- President Biden's pick for Secretary of State (Tony Blinken)
-- President Biden's pick for Secretary of Defense (Gen. Lloyd Austin).


$PIPP - The Joe Biden Connection

- Tony Blinken and President Biden are close allies.
- Blinken has been an advisor to Biden for decades
- Blinken set to be appointed Sec. of State
TRADING , CATEGORY
Advertisement
Aneesh Philomina Antony
Aneesh Philomina Anton...
@ProdigalTrader
If u are looking to enter a scrip just before the breakout
what would u look for?
How would u identify scrips just before breakout?

Here are a few pointers
Carefully understand the them and use at ur own discretion
(All comments r compiled from a question i posed)

1/23

Price is testing the same resistance repeatedly since long.
But now in recent times it's forming multiple candles near the same resistance with low volume.
Observe it and see for opposite move.
As soon as u get a positive candle, get in to it.

2/23

1. Volume buildup (vol > when resistance point created) along with, increase in OI, increase in delivery % on HTF
2. On LTF, price stalling around breakout area for at least 1-2hr.
3. No major events.

3/23

Stock reaching breakout LVL with HL-HH
Contraction of price and volume near it especially near 20 days ma.
If there is any breach of the latest HL it should be followed by a bullish candle with good volume.
Left side of the chart has a rally with a very steep slope of ma.

4/23

Number of wide range green bars with high volumes.
If stock is at its ATH then it adds more conviction bcz there wont b supply after that point

Consolidation below the resistance, volume of the candles & strong bullish candle closing at near highs just below the resistance

5/23
TRADING , ALL
Madan
Madan
@madan_kumar
Thread on 'no stop loss', 'adjustments' and 'Risk'
----------------------------------------------------

Wanted to share my thoughts on this topic for a long time but this email sent by someone yday woke me up from slumber

Pls read the email 1st before delving into thread

(1/n)


In the past 1-2 years, there has been a sudden surge of traders who just talk about theta decay, option selling, adjustments and stuff like that..

It is all fair as long as the trader knows what he's doing. But the reality is far from what we see/perceive...

(2/n)

Many of these folks were told that one can 'adjust' their way out of any situation. Any sane options trader know that you cannot come out of any situation by adjustment

One of my friend used to do that(he is famous in options selling desi fintwit) for a long time until..

(3/n)

..he realized that one cannot possibly do that and its gonna burn him one day. He's pretty smart and hence, he put a portfolio level SL & when that hits, he will stop dancing, gets out and calls it a day

So, risk is managed at account level and he is quite clear about it

(4/n)

Unfortunately, 1000s of traders who does option selling(with adjustment) dont have this risk mgmt in place.

They think (i dont know if i had to call it false confidence or ignorance) their skills in 'adjusting' will take them ashore 😅

(5/n)
TRADING
Emperor\U0001f451
Emperor👑
@EmperorBTC
CHEAT-SHEET

Multiple Confirmation short.

A Short Entry that we shared in 2020.

Study it point wise.

1. Bearish Candle type and lowering of volume on Price rise.

2. OBV divergence.

3. Accumulation with Bearish candles and Volume increase on Price decrease.

STUDY IT!


Explanation

1. When price increases with a decreasing volume, it's bearish.

2. OBV, On Balance Volume should be correlated with price.
If price increases without similar increase in OBV, it's bearish.

3. During consolidation, if the volume increases during dumps, it's bearish
TRADING

You May Also Like

JayneshKasliwal
JayneshKasliwal
@JayneshKasliwal
ULTIMATE GUIDE TO 21 and 200 Moving Average
SUNDAY THREAD 🔖
A trend Following System That will Help You Improve Trading immensely.

RETWEET AND SHARE 🔄
@kuttrapali26 @AmitabhJha3
#stocks #StockMarket
1/n

Moving averages
EMA and SMA
1. Exponential Moving Average (EMA) is similar to Simple Moving Average (SMA), measuring trend direction over a period of time.
2. However, whereas SMA simply calculates an average of price data, EMA applies more weight to data that is more current
2/


21 EMA : SHORT TERM TREND
1. Calculates the Average Price of past 21 days
2. A stock above 21 ema is in strong momentum , which will give pullbacks to 21 ema again and again.
3. Stock above 21 ema should never be shorted so as to stay with the trend
3/n

3. A stock which moves 10-15% above 21 ema will be too extended and hence will generally pullback
Stocks take dynamic support on 21 ema
4. You can Short only if its too extended like 15 to 20% from 21 ema ( Not advised )
#ADANIPOWER:
#pnbhousing
4/n


1. Whenever 21 ema is sloping upwards its called uptrend
2. Whenever 21 ema is sloping downwards its called dowtrend
3. Whenever 21 ema is sideways its called consolidation
⏫Buy in uptrend
⏬Sell in downtrend
Examples:
5/n
MOVINGAVERAGES , MOVING AVERAGE 20021 , ALL
Trader knight
Trader knight
@Traderknight007
Pyramiding 2.0

A thread-


What is pyramiding?

It is simply adding to your winners.

Why use pyramiding?

1. It makes your winners bigger than your losers.

• Because you are adding positions when your trades are going your way, you are increasing your gains but your losers will be small comparatively.

2. You lose less during Draw-down time ( it saves you from losing big during whipsaws )

• Many times when the market is in sideways mode, Entering a trade with full risk might not be the best idea.

• So, you test the waters with a small position first, it could be ⅓ or ¼ of your total risk.

• So if the Breakout fails or whipsaws come, then you will only lose a small part of your overall risk.

• Then when position starts to go in your favor you can add to it.

3. It helps you to concentrate on a few trades,

They say that don’t put all your eggs in one basket, but don’t put them in too many either.

• See, Everyone can see charts and find breakouts, pullbacks etc.
ALL , SWING TRADING , PYRAMIDING
Advertisement
\u0936\u094d\u0930\u0940\u092e\u093e\u0932\u0940 \u0939\u093f\u0924\u0947\u0936 \u0905\u0935\u0938\u094d\u0925\u0940 \U0001f1ee\U0001f1f3
श्रीमाली हितेश अवस्थी ...
@HiteshAwasthi89
#Thread
An interesting story of Kamala Devi hazarika for all Sanatanis...🙏

A Xtian missionary was sent to Assam for the promotion of religion. His name was Cruz. He came across to one the boys from an influential family in Assam to teach him English.
@noconversion

Cont 👇


The p@stor slowly began to study the house and he learned that the boy's grandmother was the most influential person in the house. So he thought 'Corrupting the grandmother's mind can make the whole family Xtian as well as the whole village.

Cont 👇


The p@stor began to tell Grandma the stories of how J€$u$ cured leprosy of lepers, how He gave sight to the blind, etc..But after listening to him, the strong Sanatani grandmother said. A stone turned into a living woman (Ahalya) for our Rama when he touched the stone.

Cont 👇


She spoke of Rama setu where stones floated in sea just by writing his name on the stones and that they are still floating today.
The p@stor continued his efforts but all his tricks went in vain.

Cont 👇


One day he had brought a cake from the church and he thought of offering it to grandmother but he was doubtful that she would eat it. But contrary to his expectation, she took the cake and ate it.

Cont 👇
ALL
\u0936\u094d\u0930\u0940\u092e\u093e\u0932\u0940 \u0939\u093f\u0924\u0947\u0936 \u0905\u0935\u0938\u094d\u0925\u0940
श्रीमाली हितेश अवस्थी...
@HiteshAwasthi89
Sri Parasurameswara Swamy Mandir, Gudimallam, Andhrapradesh

Gudimallam is a small village located in Chittoor district. It is seven miles away from Tirupati. This small village came to significance,due to it's very beautiful Shiva Mandir with history of thousands of years. 1/n


The main importance of the mandir lies in the Linga which is housed in the Garbhagriha of the temple & considered as the only one of such type. It is the earliest Linga discovered so far and it has been assigned to the 3rd century BCE.(Satavahana period) 2/n
ALL
Erik Torenberg
Erik Torenberg
@eriktorenberg
1/“What would need to be true for you to….X”

Why is this the most powerful question you can ask when attempting to reach an agreement with another human being or organization?

A thread, co-written by @deanmbrody:


2/ First, “X” could be lots of things. Examples: What would need to be true for you to

- “Feel it's in our best interest for me to be CMO"
- “Feel that we’re in a good place as a company”
- “Feel that we’re on the same page”
- “Feel that we both got what we wanted from this deal

3/ Normally, we aren’t that direct. Example from startup/VC land:

Founders leave VC meetings thinking that every VC will invest, but they rarely do.

Worse over, the founders don’t know what they need to do in order to be fundable.

4/ So why should you ask the magic Q?

To get clarity.

You want to know where you stand, and what it takes to get what you want in a way that also gets them what they want.

It also holds them (mentally) accountable once the thing they need becomes true.

5/ Staying in the context of soliciting investors, the question is “what would need to be true for you to want to invest (or partner with us on this journey, etc)?”

Multiple responses to this question are likely to deliver a positive result.
LIFE


Category Partner: Enkryptopedia