Slashdot Mirror

You've succeeded in delivering 5 9's, your server farm is a well oiled machine, the helpdesk lines lie dormant. No? Well then how do you get credit for the work you do, when all that's noticed is the downtime?

Then maybe it is high time to hire Counterpane Internet Security, Inc. or similar company. (Disclaimer: I don't have anything in common with Counterpane, other than I have read few books and lots of papers written by Bruce Schneier.) I think we should start thinking about hiring experts on Internet security to watch out networks, just like we hire experts for any other kind of security. That way our own emploees can focus on their work, not on the new exploit or on the new kind of lockpick and the new burgler gang in town.

Don't get me wrong, I rather do not advocate PPTP as the best solution for secure wireless networking. I would opt for something which has proven (or belived) to be more secure, like IPSec.

It's true that the challange/response authentication scheme has been proven to be pretty insecure, mainly because LAN Manager passwords are suffering from significantly weaker encryption than NT passwords, but for backward compatibility reasons both are sent together, always, which makes password guessing way more easy. I figure that is what you refer to as 'breaking keys'. I agree. OTOH, Microsoft released a so-called pptp3-fix, which fixes the LAN Manager password problem. I know there remain a number of other issues, but the main problem has been fixed in there, according to MS and some other sources.

Still, I am no fan of PPTP. But sometimes, admins face needs which force them to make compromises...

Before deploying PPTP, you might want to have a look at these security issues. Others consider it secure as long as the keys are sophisticated enough, IIRC...

>For example, are the data links insecure--I dont
>think so as most are now 128bit encrypted, right?

128-bit encryption without knowing the cryptographic algorithm used is meaningless as a definition of crypto strength, especially if the encryption is badly designed and broken; both of which are true for 128-bit WEP. Do a google search on it and you'll find the papers that describe the vulnerablility, and the tools to exploit it.

WEP is what hapens when non-crypto people design crypto.

Here's a starter link Look at the '802.11 Encryption" section

This article is from 1999.

This article is from 1999.

This article is from 1999.

Actually, it has been thought of before, in the form of the Street Performer Protocol. Granted, the SPP as written assumes that it's going to be applied to textual works, but it doesn't seem like a great leap to apply it to the programming world.

Bruce Schneier's take on this from the ever-excellent cryptogram is here:
Full Disclosure Article

The most sensible thing I've ever read about this kind of question is crptogram article last year by Bruce Schneier.

From the Slashdot story: "Microsoft bashing aside..."

This kind of talk is nonsense! When someone says "Microsoft bashing", they are in effect apologizing for saying something negative about Microsoft. Apologizing is ridiculous. There are many negative things that can be honestly said about Microsoft. Apologizing by using the word "bashing" in the same paragraph as a legitimate complaint weakens the complaint, especially with people who are not technically knowledgeable.

In his November 15, 2002 Crypto-Gram newsletter, Bruce Schneier says "A well-written analysis of the major security/privacy/stability concerns of Windows XP" about this article: Windows XP Shows the Direction Microsoft is Going.

(Bruce Schneier wrote major books about computer security: Applied Cryptography and Secrets and Lies: Digital Security in a Networked World.)

The article contains only a small number of the legitimate complaints about Microsoft. I know because I wrote the article in my spare time, and there are many, many issues I have not had time to document.

Who kept Kevin Mitnick in prison? Who allows Microsoft to be abusive? It's us. It is technically knowledgeable people who allow these abuses. We could be effective in our complaints. Instead, we accept a double standard in which illogical people are allowed to be illogical, but we must be completely logical or we would lose our jobs.

If you are sure of a problem, be effective in talking about it! Get your thoughts in order. Make your communication clear. Get the job done! Write an advisory letter to a government leader. Mention your ideas everywhere a lot of people are listening.

If you prevent Microsoft from being abusive, you are being charitable toward Microsoft. The company has a self-destructive side; preventing Microsoft from being abusive helps you and I personally, helps the world, and helps Microsoft. Remember, Microsoft's abusiveness causes all technically knowledgeable people to look bad to those who are not technically knowledgeable. Those with no technical knowledge are not qualified to sort out the details. We all suffer.

If you know better than the people around you, that makes you the leader! Don't accept foolishness. Don't accept implied criticism; make the speaker state his or her opinions openly. Don't accept the terms "nerd" or "geek". Those terms are used by illogical people to weaken the power of the people who are knowledgeable.

My understanding is that the article put equal emphasis on education and entertainment. He makes such amusing remarks as "call yourself a computer professional? Congratulations. You are responsible for the imminent collapse of civilization." However, he also gives some information that was certainly not to be taken lightly. Therefore, it should be taken somewhat seriously, and quite a few people who read the article just might do that. And this could be a problem. Why? Because at the end of the article he says "Now that you know better, there is no excuse whatsoever. You cannot claim ignorance. Don't destroy humanity." And the article's title is "The Peon's Guide To Secure System Development." And that article could not have covered every ascpect of developing secure systems.

As I previously mentioned, I don't consider myself an expert in this area, but there are some things that I know that were not mentioned in the article. For example, when building secure systems, security must be kept in mind throughout the entire life cycle of the system. Perhaps his intent was to focus solely on programmers, but if he truly wants to see secure systems, he would focus all all aspects of system development. Those involved in software testing should be able to find pointer-related bugs, and many other memory-related problems that break software. In fact, in a recent issue of 2600, an program with less than 10 lines of code is given that crashes Windows. I'm not saying testers should find all bugs, I'm saying both they and developers have responsibility to be aware of potential security problems.

I also didn't like the remark about C++ being inherently insecure, and the statement supporting use of languages that don't use pointers, such as Java, C#, and Python. I would just like to say that programming languages don't break systems. People break them. Therefore, I would say that people should be made more aware of what security problems they can cause. Also, C/C++ won't go away anytime soon. So much software uses it, so it stands to reason that there will be legacy C/C++ applications for years to come. Therefore, teaching C/C++ shouldn't be a crime. Teaching C/C++ poorly should be a crime.

Well, I must say that I was somewhat disappointed in the way in which the article did not seem to go very far beyond the basics. I'll continue to recieve security information from other sources, namely Counterpane CERT and other websites like those ones.

What most fail to realize is that 5 years in a single tech is probably a bad sign. A "better" programmer would probably have gotten bored and moved on, or moved on because it's highly unlikely that a single technology remains the best solution for that long a period of time.

There is probably a bit of truth somewhere in this statement, but there are some real problems with it too. Perhaps this is the view of a system administrator, but it does not match my experience as a developer. I enjoy technology, but at the end of the day I'm being paid to accomplish things. Technology is merely a tool that helps you accomplish your goal. There are a lot of reasons why people can enjoy their job, and why they should seek out new technology. Speaking from experience, boredom is rarely solved by new technology, it usually has it roots elsewhere.

It takes a few days to pick up 98% of any language/tech...

I won't comment on the language part, but from my experience it is wildly over optimistic for a technology field. I'm a generalist by nature, and pride my self on my ability to investigate and use new technology quickly. Over the years I have specialized in a few areas, and most of them can not be mastered in a few days. Perhaps that is because I don't consider any area that can mastered in a few days worthy of being called a specialization. I'm talking about things like embedded system development and developing/analyzing cryptographic protocols, or even managing the software development process.

For example, it takes years to get good at applied cryptography (and this is not based just on my own learning rate :-) The quickest I've seen someone become competent for a reasonable range of tasks was about 2 years (and she was an extremely intelligent cryptography Stanford post-doc). Even for very bright and experienced programmers (10-15 years of experience), it more typically takes 3-5 years to start designing good cryptographic protocols and systems.

I'm sure there are technology fields that are less demanding, but to be frank that is part of the fun of specializing in this field. It does not take much reading (recommend Schneier's Crypto-Gram as a good starting place) to start seeing the flops made by people who thought they could learn cryptography in a few days.

I believe Schneier also makes the point that because the NSA is an information sink, and that public discussion of crypto hadn't really caught on till the 80's, that they do have a significant lead.

I think this is illuminated well here, where he asks that the NSA submit an entry for the AES -- the reason? Because they needed at least one good candidate. That's fairly high praise, sight unseen. No pun. ;)

No, it's secure because no one has ever found a flaw in tinydns. He has a *cash* reward for anyone who can prove that it is flawed. No one has taken then money, in several years of it being offered.

It's hard to believe that people are still trusting in software security, because no one has won some cracking contest yet. Gene Spafford, Sameer Parekh, Jon Wiederspan, Jeff Weinstein, Bruce Schneier... -- they have been writing about it for decades.

Please let me quote part of The Fallacy of Cracking Contests from the December 1998 issue of Crypto-Gram by Bruce Schneier:

You see them all the time: Company X offers $1,000,000 to anyone who can break through their firewall/crack their algorithm/make a fraudulent transaction using their protocol/do whatever. These are cracking contests, and they're supposed to show how strong and secure the target of the contests are. The logic goes something like this: We offered a prize to break the target, and no one did. This means that the target is secure.

It doesn't.

Contests are a terrible way to demonstrate security. A product/system/protocol/algorithm that has survived a contest unbroken is not obviously more trustworthy than one that has not been the subject of a contest. The best products/systems/protocols/algorithms available today have not been the subjects of any contests, and probably never will be. Contests generally don't produce useful data. (...)

Taken at a conservative $125 an hour for a competent cryptanalyst, a $10K prize pays for two weeks of work, not enough time to even dig through the code. A $100K prize might be worth a look, but reverse-engineering the product is boring and that's still not enough time to do a thorough job. A prize of $1M starts to become interesting, but most companies can't afford to offer that. And the cryptanalyst has no guarantee of getting paid: he may not find anything, he may get beaten to the attack and lose out to someone else, or the company might not even pay. Why should a cryptanalyst donate his time (and good name) to the company's publicity campaign?

Cryptanalysis contests are generally nothing more than a publicity tool. Sponsoring a contest, even a fair one, is no guarantee that people will analyze the target. Surviving a contest is no guarantee that there are no flaws in the target. (...)

Contests, if implemented correctly, can provide useful information and reward particular areas of research. But they are not useful metrics to judge security. I can offer $10K to the first person who successfully breaks into my home and steals a book off my shelf. If no one does so before the contest ends, that doesn't mean my home is secure. Maybe no one with any burgling ability heard about my contest. Maybe they were too busy doing other things. Maybe they weren't able to break into my home, but they figured out how to forge the real-estate title to put the property in their name. Maybe they did break into my home, but took a look around and decided to come back when there was something more valuable than a $10,000 prize at stake. The contest proved nothing.

Bruce Schneier writes mostly about cryptanalysis contests but the situation is basically the same with the software security cracking contests. Let me also quote Hacker Challenges -- Boon or Bane? from the February 1996 issue of Electronic CIPHER. It's almost seven years old, but even today many people still seem to not understand it:

A Few Comments on "Hacker Challenges" by Eugene H. Spafford, COAST Laboratory Director, Purdue University

I note with dismay the increasing number of "hacker challenges" used in marketing security products. I think these are actually harmful to the profession and practice of security, rather than helpful. I believe the harm comes in two ways: (1) the challenges don't serve as any real test of the products, and it denigrates security professionals by suggesting that they should accept them as proof of security; and (2) it helps reinforce the image that there should be some form of reward for hacking through security measures. Neither of these are views we should responsibly seek to promote.

Consider the nature of showing the security of a product. Does a "challenge" meet the goal of testing, which is to increase one's confidence in the correct functioning of the artifact? It really doesn't, for a number of reasons:

• Few such "challenges" are conducted using established testing techniques. They are ad hoc, random tests. Thus, there is no way of determining final coverage. For instance, if 90% of all challenge attacks are of the same variety, what has the "test" really shown? (Consider testing a calculator. If you perform 10,000 tests, but 9000 of them are addition with zero, have you done a thorough job of testing?)
• That no problems are found does not mean that no problems exist. It may mean that the testers didn't expose them. Doing random, black-box testing remotely is not likely to really test much of the product. (Challenge testing is basically a form of black-box testing.)
• That no problems are reported does not mean that no problems exist. The "testers" might not have recognized them. (Look at how often software is released with bugs, even after careful scrutiny -- users don't always recognize anomalies.)
• That no problems are reported does not mean that no problems exist. How do you know that the "testers" will report what they find? How do you know the vendor is getting accurate data? If Jane Random Hacker found a way to penetrate the product in a manner that vendor monitoring didn't expose, it is possible she'd find more profitable uses (later) for that information than informing the vendor about it. Further, because of possible problems with the law, hackers might not want to report success and draw attention to themselves.
• Simply because the vendor does not report a successful penetration does not mean that one did not occur -- the vendor may choose not to report it because it would reflect poorly on its product, or not meet the narrow criteria for a "successful" penetration, or the vendor may not be able to detect it happened. (How can anyone outside prove otherwise?)
• Seldom do the really good experts, on either side of the fence, participate in such exercises. Thus, anything done is usually done by amateurs. (The "honor" of having won the challenge is not sufficient to lure the good ones into the fray. Good consultants command fees of several thousand $$ per day in some cases -- why should they donate their time and names for what amounts to free consulting and advertising?)

So, let me repeat: it is NOT necessarily secure just because no one has ever published a flaw in tinydns (we can't even assume no one has found it). There may be a cash reward for anyone who can prove that it is flawed, but even if no one has proven it yet, it doesn't mean it is not flawed. Remember that it doesn't mean that someone has proven it's secure -- it just means no one has proven it's insecure, which is something totally different. Hopefully, people will understand it some day.

How about we implement the Street Performer Protocol? There's already an expression of interest on FreeDevelopers.net. The hard part would be getting artists to sign up initially, but I may have a solution.

I saw an A&E Biography show about David Bowie recently that said: a) he has a 30-year history of seeing trends (albiet musical ones) and jumping in early, and b) that he has $900 million. Surely, money is no longer a driver for him... let's see if we can get him to help us usher in a new economic model.

True, megastars with megabucks (like Bowie) will probably be less likely to occurr the SPP, but I expect that there will be *FAR* more musicians that can make a living ($50k-$80k per year) under SPP than under RIAA.

Does anyone have any links for an SPP project that's been started? Does anyone want to start one?

Bounties and cracking contests are complete snake oil

I thought that was called "putting your money where your mouth is". I am not denying that there is a strong publicity aspect to them, but contests do give a security company some credibility. Do you think that the type of folks who appear in Bruce Schneier's doghouse would run a contest? Of course not. Contest runners are saying, 'give us your best shot, so that we can all learn from it.' It doesn't hurt that they get publicity, but to me that simply makes it a win-win situation for all the participants.

As has been stated previously, one time pads are provably impossible to break when properly implemented. Part of the proper implementation is the transmission of the random bits -- once your 700MB of data is in the hands of somebody else (and even if they destroy the CD) they'll have to put it somewhere!

Schneier's description of a one time pad in Applied Cryptography is interesting reading, however if you aren't willing to shell out the cash for the book then you might also read his recent article on one time pads in the Crypto-Gram mailing list here. The article itself explains how one time pads are infesable for use in most domestic applications.

But I digress.

you can simply generate the 'OTP' at the time, and send it over one channel and the encrypted data over another.

Probably best to do this after you've encrypted it using conventional means, though

It should be pointed out that, if you havn't read the cryptogram article, Russian spies used one time pads -- however they cheated and used the same pads more than once (and so the NSA was able to break the messages). The British did it properly and put the pads on silk and only used them once (Go us British!).

I'd also like to end on my opinion of patenting of the invention: don't waste your money. Your invention isn't revolutionary. It's 99.999% likely to be worthless. Have you read Applied Cryptography? Do you subscribe to the Cryptogram mailing list? If not, do so! They provide invaluable insights into cryptography: Applied Cryptography detailing the theory in general and the protocols, Cryptogram outlining things that one of the world's foremost security consultant -- and formerly one of the world's foremost cryptographers -- thinks about what's happening in cryptography. You'll see lots of people in the doghouse for providing snake oil (and for me, the snake oil warning bells went off as soon as you mentioned 'improving' one time pads).

Marketing
{
If anybody reading this is interested in security but hasn't purchased Secrets and Lies (ISBN: 0471253111) then you should do so immediately!
}

• Phone hacking, the next generation

This is because every node on the internet can have packets directed at it by any other node. That's the whole point of end-to-end. But that means any joker with a PC can log in to his ISP and start up h4x0r scr1pt5 to start cracking phone switches.

With the current phone system, control signaling is out of band - end users can only control the phones at each end of the connection, and cannot control the functioning of the switches in between. You can command the switches by dialing a number, but you can only route your call this way, not control the basic functioning of the switch.

To a large extent security can be maintained by keeping the telco equipment in securely locked buildings.

But the protocols used for the phone system apparently aren't designed with security in mind, so that when they are adapted to the Internet, they become gaping security holes.

Potentially someone could do some clever work and bring down a whole nation's phone system, if it were on the Internet.

The convergence of the telephone system and the Internet has already been going on for a while. It is quite common for long-distance calls to be routed over the Internet, so you get phone-to-phone VOIP without the user being aware of it.

It is also common for telcos to be ISPs, and they just use the same fiber for voice and data. It's more economical to use the same data formats and protocols for voice as well as data, so they transmit all the voice calls with the Internet Protocol.

-some cypherpunk

Now, don't get me wrong; designing crypto algorithms is a decent pastime, and it's certainly a better hobby than, say, watching network TV or binge drinking. But creating an algorithm that people will want to use, and maybe even pay for, because it really is more secure than anything else out there, is something else again.

The same applies to designs of cryptographic protocols, even ones that use good, known-secure algorithms. Schneier himself has said that the computing landscape is littered with poorly-secured systems built by people who had read Applied Cryptography.

Now, don't get me wrong; designing crypto algorithms is a decent pastime, and it's certainly a better hobby than, say, watching network TV or binge drinking. But creating an algorithm that people will want to use, and maybe even pay for, because it really is more secure than anything else out there, is something else again.

The same applies to designs of cryptographic protocols, even ones that use good, known-secure algorithms. Schneier himself has said that the computing landscape is littered with poorly-secured systems built by people who had read Applied Cryptography.

The advantages are proof (i.e. unbreakable) against brute force attacks and known-plaintext attacks (unlike the OTP). The disadvantage is carrying around a very large digital key (which could easily fit on one of those USB memory key fobs).

This sounds just like the dozens of crypto products that Bruce Schneier routinely pokes fun of in his cryptogram newsletters on www.counterpane.com

Now, the real reason why this is bogus is that OTPs require a key of the same length as the original message. If you can securely transmit a key as large as the orignal file then why didn't you just transmit the original message via the same mechanism? The whole reason people spend years developing encryption such as AES/DES/RSA is to keep the key length short for any arbitrary length message. The shorter his "many time pad" is or the more it repeats the weaker it becomes. The whole strength behind the OTP is the randomness of the encrypted result, something lost if a short pad is used over and over again. His scheme may be novel but is more than likely not at all secure and practical at the same time.

Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break. It's not even hard. What is hard is creating an algorithm that no one else can break, even after years of analysis. And the only way to prove that is to subject the algorithm to years of analysis by the best cryptographers around.

6. Don't patent the cipher. You can't make money selling a cipher. There are just too many good free ones. Everyone who submitted a cipher to the AES is willing to just give it away; many of the submissions are already in the public domain. If you patent your design, everyone will just use something else. And no one will analyze it for you (unless you pay them); why should they work for you for free?

.
Show us (well him) the code!

I'm sorry to burst your bubble, but there have been a lot of great mathematicians and cryptographers that have tried to design good, secure algorithms over the past few decades. Very few have actually managed to create algorithms that'll stand up under analysis. You may think you've done so, but it's going to take a lot to convince everyone of that.

I'm sorry to burst your bubble, but there have been a lot of great mathematicians and cryptographers that have tried to design good, secure algorithms over the past few decades. Very few have actually managed to create algorithms that'll stand up under analysis. You may think you've done so, but it's going to take a lot to convince everyone of that.

Go read back issues of Crypto-Gram and read up on all the lame hype laden "unbreakable" crypto schemes (often based on one time pads) that they destroy and then laugh at. If after reading all that you're still convinced you've got something, sure, go see a patent attorney.

My guess is you'll end up saving yourself the patent fees and a fair amount of humiliation by just letting it drop.

Samuel Plimsoll, M.P.
(1824-1898)
Samuel Plimsoll brought about one of the greatest shipping revolutions ever known by shocking the British nation into making reforms which have saved the lives of countless seamen. By the mid-1800's, the overloading of English ships had become a national problem. Plimsoll took up as a crusade the plan of James Hall to require that vessels bear a load line marking indicating when they were overloaded, hence ensuring the safety of crew and cargo. His violent speeches aroused the House of Commons; his book, Our Seamen, shocked the people at large into clamorous indignation. His book also earned him the hatred of many shipowners who set in train a series of legal battles against Plimsoll. Through this adversity and personal loss, Plimsoll clung doggedly to his facts. He fought to the point of utter exhaustion until finally, in 1876, Parliament was forced to pass the Unseaworthy Ships Bill into law, requiring that vessels bear the load line freeboard marking. It was soon known as the "Plimsoll Mark" and was eventually adopted by all maritime nations of the world.

The risks,issues and solutions for providing a more secure operating and application enviroment have been known for decades. Those who do not already comprehend the issues and are willing to learn, should take some time out to listen to some of the speeches at Dr. Dobbs Journal's Technetcast security archives, starting with Meeting Future Security Challenges by Dr. Blaine Burnam, Director, Georgia Tech Information Security Center (GTISC) and previously with the National Security Agency (NSA)

The "security rules" for Unix based system and application development are well known, although not widely taught. See Secure Programming for Linux and Unix by David Wheeler. Although Microsoft's NT,2000 and XP are not Unix based, a lot of the core above "rules" apply or have direct or indirect equivalents

Because some developers ignore similar above rules, the design and implementation of some applications and servers are just too unsafe to use in the "open ocean" of the internet.

Numerous security experts have railed against Microsoft's lack of security, best summed up by Bruce Schneier Founder and CTO Counterpane Internet Security, Inc who rightly stated ...

Honestly, security experts don't pick on Microsoft because we have some fundamental dislike for the company. Indeed, Microsoft's poor products are one of the reasons we're in business. We pick on them because they've done more to harm Internet security than anyone else, because they repeatedly lie to the public about their products' security, and because they do everything they can to convince people that the problems lie anywhere but inside Microsoft. Microsoft treats security vulnerabilities as public relations problems. Until that changes, expect more of this kind of nonsense from Microsoft and its products. (Note to Gartner: The vulnerabilities will come, a couple of them a week, for years and years...until people stop looking for them. Waiting six months isn't going to make this OS safer.)

However Microsoft's products are not alone in the presence of vulnerabilities, this is a major issue for Linux/BSD and Unix as well as any other OS and vendor.

In a recent speech Fixing Network Security by Hacking the Business Climate Bruce Schneier claimed that for change to occur, the software industry must become libel for damages from "unsecure" software, however historically, this has not always been the case, since most businesses can insure against damages and pass the cost along to the consumer.

The Ford Pinto and more recently the Ford Explorer's tires are two examples of public and media pressure being more successful than just threat of lawsuits. Even so, eventually though public pressure the governments around the world have to step in and pass regulations that set up a minimum set of requirements an automobile has to meet to be deemed "road worthy". This includes crash testing as well as the inclusion of safety equipment on all models. The requirement are not constant and change to meet the expectations and demands of the public and lawmakers.

The onus is not only on the automotive industry itself but also on the users. Most countries require that all automobiles undergo regular inspection and maintain an up to date "Warrant of Fitness".

In the same way, if you want a secure IT infrastructure, eventually the software design, implementation and each deployment will have to undergo the same type of regulation and scrutiny.

For paid software distributions, this could mean just a tick list of security features and security tests to the other extreme of requiring the source code to be fully audited for government/secure deployments.

For users, this would require running a program that checks to make sure that all the required software security update/patches have been installed to the other extreme of requiring an audited deployment for government/secure deployments.

Users and vendors should be taking a more active approach, including lobbying government, to
1) set up a minimum set of expectations, in the design and implementation of internet "accessing" software ; and
2) ensure that all deployments are more securely implemented ; and/or
3) remove inherently unsecure products from the marketplace.

IMO the above three are preferable to all software vendors, including Microsoft, than attempts to allow liability lawsuits against vendors for deployments which the software vendors have very little control over.

See this Counterpane article from May.
Seems to me the sOme common gelatin trick would work here as well...you just need more of it.

Another issue that this may create - the chopping off of hands. Think about this...in the early 90's insurance companies tried to reduce their car theft losses by encouraging the use of car alarms and passive security measures (eg, only your key will unlock the steering column). The result...lower incidence of car theft..sort of. While noone now breaks into and steals a car parked on the street, the incidence of "car jacking" or the violent theft of a running car from the owner at gun point. More often than not this results in serious physical harm or evenb death to the car owner. That almost never happened in the "old days" before car alarms.....

So this may, for access to the right kind of data, encourage the kidnapping of perwsons, the "removal" of a hand, and the making or a "hand cast" as in the article (a whole hand print is much harder to come across than a single fingerprint)to use to circumvent this "cool" mouse...

So, be careful what you wish for....

This gelatin fake finger fools fingerprint detectors about 80% of the time.

I personally am not in favor of biometric protection devices. Even if they are 100% effective and never make mistakes reading, I do not feel that they are a wise choice.

Bruce Schneider wrote a good column about biometrics here. I don't like the fact that some biometrics are very easy to steal. This means that once someone discovers your biometric "password" they can use it anywhere because you can't change your password.

So I personally would be wary about having too much faith in such a device. /p neurostar

Of course, this tells us nothing about how easily fooled the system is. Considering the recent success of a Japanese researcher in breaking fingerprint systems, I wouldn't trust this for a second.

Setting up L2TP/IPSEC is basically the same routine. Only you have to install a certificate as well, using MMC (XP/2000) or IE (95/98/ME/NT4).

Also, I think most of the security vulnerabilities of PPTP were specific to an older, unpatched MS client or server.

Yes, most of them. But how good are your users' PPTP passwords?

I don't think a modern (2k/XP) PPTP stream is particularly vulnerable.

What does the Windows version have to do with this? Is the implementation in, say, Win95 flawed, compared to Win2000/XP? What do you know that we don't know? :-)

There needs to be a "Total subscriptions received: $num_subs" banner up there. I'd be happy to help put them over the top, but if they only have 6 people interested, I don't want to send them my credit card number.

Yes, one could argue this is a silly position, but if I'm not the only one this could help draw what they need. K5 used a similar strategy and they got their funding.

One additional problem is that I'm going to pay for 12 issues, but I'm only guaranteed to get one (becaused I get charged for 12 when 1 comes out). This project appears to be a partial implementation of the Street Performer Protocol. I'd trust them more if they implemented more of it, especially third-party escrow.

I'm glad I'm using 1024bit encryption. They've worked so hard to do 64 bit. But each additional bit is a redoubling in the amount of computing power it's going to take to decrypt my packets. Good luck!

This is a good joke, but misleading to readers that might not know better.

For their sake: SSH uses both public key and private key (or symmetric) cryptography. Public key crypto uses keys with thousands of bits; private key crypto uses keys with hundreds of bits (older algorithms like DES used only 56). RSA, DSA, and so on are examples of public key crypto. RC5, Blowfish, and such are example of private key crypto.

Their key lengths aren't comparable at all. Whether or not RC5 is "secure" at 64 bits has absolutely nothing to do with using 1024 bits in authentication and session key negotiation.

There are two excellent tools that I use pretty regularly to keep track of passwords on websites and other services.

Password Safe was origionally developed by Bruce Schneier of . It is open source now.

Gpasman is another alternative. I use it on my linux boxes.

I've found them invaluable for keeping track of passwords. Password Safe runs quite happily under wine, and has a tool built in to automatically generate excellent (i.e., almost unrememberable) passwords.

This isn't the encryption scheme mentioned previously, when Slashdot reported that a distributed project has almost "broken" the scheme, is it?

If you mean the recent article in the last week. No.

The recent /. article was a pointer to Schneier's Sept 2002 Crypto-gram about an academic weakness in AES.
It's academic in that it is not possible to break (at present time, and oh the next hundred years) in real-life.

Mark Ishikawa said:
"We have 100 percent coverage of peer-to-peer file sharing," Ishikawa claims. "If you are illegally sharing copyrighted materials, we know who you are."

Uh-uh. Absolute marketing speak. I'll put BayTSP's 100% coverage in the same category as ZeroSync, and Cryptico.

While I suspect BayTSP might have an effective spider, 100 percent coverage is impossible (DUH!). They don't know if the file sharing is illegal or not. Please, if you represent an organization that thinks the DMCA is a good idea, sink lots of capital into BayTSP.

They don't have a handle on who Jane DeeAchSeePea DialUp is. If they did, they could make far more money by direct marketing than they could being a DMCA tattletale.

They don't know if the web server that just happend to have a gaggle of Ogg files on it is just being used by one bloke who wants to listen his music via the internet at work (instead of slogging CD's around), or is being used to distribute to a wider audience. If they did, then they would be capturing packets which as Mr. Ishikawa stated is wiretapping.

They don't know of the file sharing service they detected is intentional or not - the sharer might not even know that t0rn is installed on their system and they've become a popular source of Britney Spears and N'Sync mp3's. That is, unless they themselves took advantage of a backdoor, which would probably be highly unethical if not illegal.

Possible Palladium patents from Microsoft:

• 6,330,670 Digital rights management operating system
• 6,327,652 Loading and identifying a digital rights management operating system

You can probably find others pending in Europe, where you have to disclose upon filing.

At a panel on Palladium at the USENIX Security Conference in August, Microsoft representatives claimed that there was no way Palladium could be used to enforce Digital Rights Management. In response, Lucky Green invented a bunch of ways Palladium could be used to enforce DRM and then filed for a patent.

1. http://www.mail-archive.com/cryptography@wasabisys tems.com/msg02506.html
2. http://www.mail-archive.com/cryptography@wasabisys tems.com/msg02554.html

During the election fiasco of 2000, Bruce Schneier went into the security side of this in great detail. You need human verifiable voting slips, but it can be done, at least for the most part.

Bruce Schneier wrote about voting technologies in the aftermath of the 2000 presidential election, the article is here. Interesting read, with good links at the end of the section.

My favorite quotation:

"Certainly Florida's antiquated voting technology is partially to blame, but newer technology wouldn't magically make the problems go away. It could even make things worse, by adding more translation layers between the voters and the vote counters and preventing recounts."

For example:

• Jakob Nielsen and Macromedia.
• Bruce Schneier and Verisign
• British ISP critique sites such as NTHellWorld and Pipexwoe being bought out or mysteriously "re-aligning" themselves as support sites

Now I'm not accusing all these people of necessarily selling out, but obviously, if you work with a company, you're less likely to speak frankly about how much it sucks (if only because you have to take into account the interests your employees/shareholders).

Tsutomu Matsumoto, a Japanese cryptographer, recently decided to look at biometric fingerprint devices. These are security systems that attempt to identify people based on their fingerprint. For years the companies selling these devices have claimed that they are very secure, and that it is almost impossible to fool them into accepting a fake finger as genuine. Matsumoto, along with his students at the Yokohama National University, showed that they can be reliably fooled with a little ingenuity and $10 worth of household supplies.

> Let me start by saying I'm all for Open Source software

That's it. You don't grok free software. It is not the same thing philosophically.

> Oh grow up!

I'm amazed my maturity interests you, but I am 30, have a job and a family, and have had some pretty good education, including some reading in Philosophy. Now on to the debate.

> Think for a moment about who you're freeing.

The users, and in the measure in which government has grown dependent on Informatics, the people.

> Most corporations are given the right to modify programs to fit their individual needs.

No, they aren't. I work at a big European telecom operator, and we have neither the Microsoft source code nor the Amdocs (our billing system vendor) one. Now, I think it is self-defeating proposition to run a business without the source code to one's core system, as is a billing system to a telecom operator. But the incredible thing is that MBAs think it is good. No need to tell you how much shareholders' money is wasted.

> The average consumer doesn't know source code from techno-bable. They couldn't change or modify their programs any way.

The main purpose of source code is not modifying it, but avoiding proprietary lock-in. Please educate yourself.

> now stop fighting the licence war

If we allow everyone to hoard software and claim it's free or open or standard, like Apple and the Unix vendors and Microsoft all have done, we loose our freedom again.

> make your products useable.

That needs efforts currently wasted on useless forking, semi-free code and proprietary systems interoperability.

> So then why are people complaining when Apple and other companies release the sorce to programs?

They didn't. Apple released under a quasi-free license mostly that was already available under a really free license.

> Just because it isn't GPL licensed?

No, because it is not free.

> You can't have consensus because different people want different things.

Yes, but most forking is not because of different, valid goals: it is because of bad technical decisions (for instance RPM as a dpkg fork), proprietary licensing (for instance the original TrollTech Qt licensing) or just the not-invented-here syndrome.

> Freedom and Security are on to ends of a scale. There has to be a balance. Complete freedom means no security, complete security means no freedom, but you have to provide a reason.

Go educate yourself about risks and security. Usually free software is more secure than equivalent proprietary software.

> Safety, if M$ Office breaks, theres technical assistance for them.

There isn't. There is no warranty, there is no security, there is no source code to fix things. There are thousands of people who know a little about MS Office, but no one has the source code. The end result is that people learn to live with brokenness in proprietary programs, while with free software it can always be fixed.

> Ease of use, most OSS software is nice sometime seven great once it's running, but getting it up and running is a pain.

This is being addressed by several distributions. Rome wasn't built in one day.

> Extra steps, as nice as the OSS office suite is, the users still have to select M$ Office format to save their documents so everyone else can read them.

This is because MS Office documents are proprietary. If they were open standards, there would be no need of converstion. But still, if things are saved in XHTML, PDF, RTF and the like, MS Office users can read them.

I don't know why I loose time trying to teach people who can't to their homework reading.

Here's the scenario.

Implement a bi-directional communication channel with the smart card. It has to work in a standard CD-ROM drive and you can't modulate the laser itself. However you can make the laser either shine on the smart chip sensors or not. Assuming a reasonably consistent spin rate, you can use head position to communicate information into the smart chip (think serial bit banging and maybe manchester encoding).

Such a com channel would be slow. Max of one bit per rev probably less including encoding and error correction. A single spin cd-rom does about 540 revs/sec when reading from the inside of the CD.

Next, you set up a secure com channel with the smart chip using Diffie-Hellman-Merckle key exchange and transmit the decryption key over the secured channel.

Assuming a 256-bit session key and a 1024-bit content encryption key, there's about 1.5K of data that needs to be exchanged, so the low-bandwidth of the com channel isn't really that big a deal.

Still you could break into the installer and grab the key, but Palladium is supposed to prevent unauthorized debugging and allow you cryptographically tie data to a particular computer and user. Maybe Paladium will work and maybe it won't -- all a know about Palladium I learn from Bruce Schneier's analysis.

Assuming that Palladium works, you you have a secure channel between the CD and installer as well as a secure channel between the installer and a particular machine/user combination (through the hard disk).

That leaves the only method of circumvention to be chip tampering or maybe memory buss snooping, which, while not impossible, certainly raises the bar. It only takes one crack per title -- still knocks me out of the running and I'm not exactly a newbie. It will certainly stop the script kiddies.

It all hinges on bidirectional communicaton with the smart chip. Given that and a working Palladium this is reasonably tough but not impossible to break. You have to crack Palladium.

Bruce Schneier gives a good overview here.
The table of contents is here.

Here is your other modality besides copyright.

Do not take this lightly. It can make citizens into subjects of an already exclusive government. It takes the abuse of power into part of your private domain in ways most people are not prepared to understand. Privacy, as a right, is defined by the U.S. Constitution's explicit freedom from "quartering of soldiers." Email this stuff to the people who you forward jokes to. You need them to know how you feel.

[from the ( Bill of Rights) 3rd. Amendment to the Constitution of the United States of America]
No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law.

Consider Bruce's analysis:

Pd is inexorably tied up with Digital Rights Management. Your computer will have several partitions, each of which will be able to read and write its own data. There's nothing in Pd that prevents someone else (MPAA, Disney, Microsoft, your boss) from setting up a partition on your computer and putting stuff there that you can't get at. Microsoft has repeatedly said that they are not going to mandate DRM, or try to control DRM systems, but clearly Pd was designed with DRM in mind.

There seem to be good privacy controls, over and above what I would have expected...

When you think about a secure computer, the first question you should ask is: "Secure for whom?" Microsoft has said that Pd allows the computer-owner to prevent others from putting their own secure areas on the computer. But really, what is the likelihood of that really happening? The NSA will be able to buy Pd-enabled computers and secure them from all outside influence. I doubt that you or I could, and still enjoy the richness of the Internet. Microsoft really doesn't care about what you think; they care about what the RIAA and the MPAA think. Microsoft can't afford to have the media companies not make their content available on Microsoft platforms, and they will do what they can to accommodate them. There's often a large gulf between what you can get in theory -- which is what Microsoft is stressing in their Pd discussions -- and what you will be able to have in practice. This is where the primary danger lies.

If you consent to allowing companies to install DRM agents on your computer, you are giving up your legal domain of privacy to them. This is not bad if each program is quarantined off from any others, but what is to keep them from conspiring with each other via RPC across "partner" servers from vendor to vendor to offer you "tighter integration." The programs on your computer even with perfect process separation on your Pd equipped computer are no more trustworthy than the websites from each respective vendor. Worse: you still have to trust Microsoft to implement (instead of pretending to implement) those security functions.

He has issues with arming airline pilots as well.

The real dangers, though, involve the complex systems that must be put in place before the first gun can ride along in the cockpit. There are major areas of risk.