Slashdot Mirror

Tell you what, when you've written a book that gives a tenth of the useful advice, interesting information and insightful analysis of a single issue of CryptoGram, come back and tell us about it. Until then, your words serve only to make you look bad.

"Information security, as critical as it is, needs to be taken care of by organizations who live and die by it, who invest the money, time, resources and staff."

Security guru Bruce Schneier thinks the same way - which is why he founded a company to do exactly that.

lest he have to go and find a real job.

Blowfish was developed by Bruce Schneier and frineds. Not the spooks.

DO NOT scan/test a company's network without their permission! This is the fast track to a jail cell. Like QuantumG said (albeit a little sarcastically), get a sales manager and expect to pay out a lot of money in advertising.

If you think you're post was well composed, I would recommend some English/technical writing classes. If you recognize your post has some grammar problems and you know your writing skills are good, I would not worry about it.

Check out Bruce Schneier, Counterpane Internet Security, or SecurityFocus. Gibson Research Corporation is another site to check out. This is just a start to getting some background on the basics and depth of IT "security".

I would say from the post you are not coming from a security background. Assuming you have an IT Bachelors degree, the minimum I would recommend is for you to study for some basic security certifications (such as the CompTIA Security+ and the MCSE/MCSA: Security on Windows Server 2003 specialization) and take them if you have not already. On top of this, I would recommend doing research into security conferences and possibly even local university classes on IT security (although I recommend these with a grain of salt as there is a lot of variance between the quality and type of information offered currently). There are whole books written on this subject, so visit your local bookstores and research what they have available. My rule of thumb in evaluating books is to see how in depth they get with their subjects. If they just talk in general about their subjects with no specific examples, I typically look for something else (unless it is an introductory book, of course).

Finally, just remember security is different to everyone (even in the business/corporate world). One company might just need you to identify their weak spots, patch them, and setup a plan to make sure they stay patched. Another company might need you to analyze everything from weak spots/patches to physical security of IT assets. Your job as a consultant would be to identify what they need (Business 101).

Hope this helps.

i don't believe schneier has any bias except towards making sure bad security and policy doesn't become commonplace. this means making clear the user's rights and the content owner's rights and making sure they don't overstep each others bounds.

have you ever read any of his stuff?

The one feature I'd look for in an intrusion detection device is that it can quickly escalate a detected intrusion attempt to real people (through email, phone, calls, etc).

For real enterprise needs, companies like counterpane not only install the intrusion detection devices; but offer services that monitor them just like the physical alarm companies do.

What was that saying?

"To view it, we have to decrypt them. If we can decrypt them, we can rip them."

That wise man was Bruce Schneier. Check out his book for a very readable yet detailed overview of crypto...

You etch it using PCB fabrication techniques, and then cast it with gummy bears. Details here.

I use the open source PasswordSafe The original was written by Bruce Schneier who worked on an AES finalist and runs CounterPane Security and writes the CryptoGram Newsletter

The program saves all your passwords in an encrypted file, which you then keep on your USB keychain. You only have to remember one password to open the safe, and then you can copy/paste your different username/passwords to the site that needs them. As long as you keep the data file on your keychain (and keep that with you) then you should be fairly secure. You can alse make all your passwords 12 digit random alphanumerics (though some idiotic places limit your password length, never figured that one out...)

I'd recommend applied crptography by Bruce Schneier instead.

Not only does it cover the same ground, it also goes into detail a bit more about real tricky business; protocols (where most mistakes are made these days, since nearly everybody uses off-the-shelf algorithms like AES, DSA, RSA and ElGamal). This guy knows how to write, and succeeds in warning you of potential pitfalls in a humorous manner. Also, he knows his stuff; he submitted one of the AES candidates, Blowfish.

Bruce also publishes the most excellent Crypto-Gram newsletter.

Beware of not heeding Bruce's stern words of warning. You may end up in the doghouse! The humiliation! The shame upon your house!

A solution that works for many is PasswordSafe. This is a small application that keeps all passwords encrypted (using the Blowfish algorithm). Entries are presented either as a flat list or tree, and double-clicking an entry decrypts the password and copies it to the clipboard. The project originally came from Counterpane, Bruce Schneier's company, and is regarded as a useful and secure application.
PasswordSafe has random password generation that can be customized rather nicely.
Of course, the PasswordSafe database itself needs to protected by a passphrase...

[Disclaimer: I'm currently the project admin for PasswordSafe.]

People have short memories. There was an Apache worm about two years ago (in mod_ssl).

Here is a link

Of course, worms like that are few and far between, especially when compared to the number of Windows worms going about lately, but to claim a system is "worm free by nature"? I think that's more than a little premature.

First, not my statment, this is a statment from Bruce Schneier, someone who has forgotten more about encryption than most know. Second yes, you can freeze water, it then called ice, but you don't need an "approved" thawing device to get it back to being water.

Also, nobody is trying to make the DRM'd songs uncopyable, just unplayable. You can make as many copies of the file as you want, you just can't play it... Just as you can copy my PGP-encrypted data all you want, you just can't decode it.

If it is "unplayable", what good is a copy? "Water, water everywhere but not a drop to drink."

Well if I got your private key I could ;) Most are "protected" with very weak passwords as humans are lazy.

Finally, anybody who knows a little bit of science will tell you that water really isn't all that wet to begin with.

Not all that wet, I'm sure Jacques Cousteau would disagree, for a liquid it sure seems wet. The lakes, rivers, and oceans I have visited sure seemed wet. Actually oil has a higher viscosity than water, this is why oil spills "float" on the ocean as it binds together better.

Instant water available, just add water... ;)

200,000 airline passengers? Did you even read the article?

From the BBC article:
"Some 13 million visitors from visa waiver countries visit the US each year, compared to some 19 million from non-visa waiver countries."

200,000 people, at ~400 people per 747 would make only 500 planes PER YEAR. WTF? That's 2 planes per day over the ENTIRE country?

Your argument is valid (and one with which I agree), but the numbers are way wrong! The problem is false positives, not false negatives, as you suggest. With the system mis-identifying large numbers of people as terrorists, people soon learn to mistrust it or ignore it. Bruce schnier has written about this extensively in the last couple of crypto-gram issues.

a pdf describing "clueless agents" that can search through a dataset (or do other things) without the agent's code itself revealing what they are looking for/about to do.

In the bio for Vladimir Levin:

"...a security system so tight that no other financial institution in the world has it."

As I'm sure Bruce Schneir would fall all over himself to point out, this association actually decreases the likelyhood that the system is actually secure.

Sounds like an interesting book. If you're interested in security topics, I can't recommend Bruce Schneider's (author of Applied Cryptography, among other things) Crypto-gram newsletter. It's free and gives a great overview of the news on computer security. His focus is often on ineffective security measures that people manage to avoid and how they can be improved. Well worth reading.

Um... you sure you're not confusing Bruce Sterling (the sci-fi/cyberpunk novelist we're talking about here) with Bruce Schneier (the guy who wrote Applied Cryptography, among other things?)

Though it is possible the job in question went to Hyderabad, there's no need to see a Hindu behind every lost job.

Where does that claim come from? I'm pretty sure it's not true because more than 10% of encryption is PGP (not counting government crypto, anyway), and PGP isn't snake oil.

It's pretty easy to find snake oil, just read the Doghouse section of Bruce Schneier's monthly Crypto-Gram. But there are also a lot of good companies out there providing a lot of crypto solutions (although admittedly most of them actually license the technology from a small handful of good companies, like RSA and Certicom).

Encryption also does little when physical security can't be controlled

But the issue at hand, with regard to the RIAA and anonymity, is about network security. The RIAA finds it much easier to subpoena your ISP than to sneak into your house and steal your USB keys.

Good and ubiquitous crypto certainly isn't the end-all-and-be-all of security, as you point out, but it would indeed make for 'profound and irreversible' changes in the Internet, in the vulnerability landscape, and in the threat models of pretty much everyone on it.

(1) no better system than passwords has yet been devised

Except those nifty token+PIN systems. My bank has even given me a "calculator" type thingy in which I put my ATM card, and using my normal PIN, the chip on that card will calculate the response to a challenge when I log into online banking. Pretty nifty, pretty secure. The chip will stop working after 3 attempts at a wrong PIN, and if the card is stolen, I'd report it straight away anyway. This closes the window of opportunity considerably.

Token based security systems can integrate really well into computer systems, so you end up with Single Sign On solutions, and the challenge-response protocol can run over a simple USB link, so all you have to enter is your PIN (into hardware which you carry with me, and isn't susceptible to having keyboard sniffers installed).

There are lots of vendors who sell this hardware, iButton, rsa.com, etc. etc. Pick up a random computer industry mag and they're right there in the less-than-a-page-big ads.

Note that SSH uses a similar idea for single sign on; you type in your password/phrase into an agent which decrypts your private key on your workstation, and challenge/response is used when logging in; your password is only exposed to your local workstation, not to the remote system, nor is it sent over the line in any way. You can even change keys without changing the password/phrase (and vice versa).

I saw another post here mention diceware, which is pretty nifty too; passphrases generated using dice.

Physical security is also often overlooked, on the premise that you're fucked anyway when people bring in laptops, or plug a wifi access point into your network. But physical security is the only kind of security where biometrics make any sense at all (as in; "hey, I haven't seen you here before" or; "that's not your photo on this id here.."). So if you're going for 3-out-of-3 authentication (something you know/have/are) you need physical security as well.

No security is perfect, but it doesn't have to be quite as bothersome to users. Let's say no one can log into remotely to the work LAN. That's not that inconvenient to most people, and if some one complains, sure, let them at it, and log what they're doing. The window of opporunity may be widened by a creak because a few accounts do get remote access, but no form of security is perfect anyway.

I find attack trees a useful way to present weaknesses in security; it emphasises the weakest chain in the link, but also the prerequisites to get there, and the alternatives. (For example, the CEO might well have a yellow sticky tape with his password on his monitor at home, but breaking into the CEO's home is quite hard because that house has pretty good physical security, him being the rich bastard that he is.. Whereas bribing cleaning people who come in at night to place a keyghost is cheap and effective.

Sabotage is destruction of important resources, like trains, planes, buildings, bridges, factories, banks, farms, networks. It is material destrucion, all too well known to people through generations of war. Sabotage is expensive for both parties, and society has developed more or less effective security defenses. It has always been accompanied by terror, which spreads through a population affecting morale - "war, and rumors of war" go hand in hand.

Terrorism emphasizes the terror generated by sabotage. It attacks the morale of a population, rather than the material resources. Terrorism is much cheaper for the attacker than the defender (an "asymmetrical" threat). And our society has fewer effective security defenses, though now we must.

America has long been at the vanguard of security innovations, with much success. There is no other population of 300 million that has had the degree of safety as does America, certainly with the open access we enjoy. And this has been true, in proportion, since the nation was established centuries ago, with the notable (and still unfolding) exception of the Civil War. We have the opportunity to repeat our successes in securing our physical security, in the information-oriented world that we have created, dominate, and are committed to living in.

The distinction between sabotage and terrorism is important, probably pivotal. Our consumption of information about bad events must account for the focus of terrorists on the information, and its vulnerability. I recommend reading War and Peace in the Global Village, by Marshall LcLuhan. And Beyond Fear is on my own "to read" list. The challenge of terrorism presents an opportunity to become stronger, freer, and to lead the rest of the world with our good example.

Lets hope Bruce still has his job by the end of the week.

As the founder of Counterpane, he's probably got a bit more say in his company. Also, @Stake has expanded a lot with VC, I think Counterpane has grown more... carefully.

Now, having said that, I use VTUN and haven't had any problems. But then again, I also have the boxen firewalled to hell and back, no services allowed but SSH from a few known hosts, no root SSH, etc. So even if you do crack my key, you're not getting much that will get you anywhere.

Security failures are typically not obvious. They are not like a normal (accidental) failure which tends be random and uncontrolled so it is apparent to the user. An attacker that does not what her attack known, you likely won't know if they gain unauthorized access to your VPN or internal network.

Note that the attacker does not need your VPN keys, they simply bypasses the VTUN attempt at security, and can possibly gain direct access into your VPN or internal network.

While I don't consider it the most secure tool, it does the trick well enough for now.

How can be certain that an attacker is not breaking into your network?

• Extreme depression with the level of technical expertise demonstrated on Slashdot in particular and within the computer industry in general
• Sincere belief that Freenet is nothing more than two ROT13s and a Caesar cipher (using original Roman) fed by a PRNG believed by all to be a RNG
• Renewed dedication to feed only well-decorated bullshit into this site, because I'm sick of wasting hard-earned knowledge on schmucks like you who already think they know it all

Electrical engineering comes into play when you're having a discussion about what to base a solid random number generator on. One such interchange I witnessed was regarding using entropy from network devices to feed into /dev/urandom (Linux's 'secure' random number generator, which attempts to gather 'randomness' from various sources that are unlikely to generate a recognizable pattern) -- it isn't necessarily a good idea, because on some machines network traffic is very periodic. There is a tradeoff consideration in determining which sources of entropy to use within computer hardware: how quickly do you want to be able to draw on the sources of entropy vs. how secure do you want the final entropic stream to be?

I mention the 1's complement because it's an example of a problem I personally encountered. I had a 16-bit 1's complement checksum I implemented that worked quite well, except for the fact that the software it interfaced to used a zero value to indicate no checksum was present on the packet. However, there were cases where the checksum would really BE zero, and the thing to do was to subtract one in that event (leaving 0xFFFF, which pulled double-duty for values checksumming to 0xFFFF or 0).

I have it on good authority that similar errors have happened and are easy to make particularly in cryptographic implementations, while not necessarily making themselves evident to the implementor in the output. Feeding data through an encrypt -> decrypt phase isn't proof-positive your implementation is correct just because data comes back out unscathed -- maybe you forgot an XOR in two spots or are only putting blocks through 7 of the 8 S-Boxes because of an off-by-one error. Testing is non-trivial.

I mention games because they also combine several disciplines, and the evidence of poor design and implentation is much easier for the layperson to notice. If you think closer attention is paid to cryptography, you haven't been reading Crypto-Gram.

In conclusion, I don't normally give a sizeable rebuttal because that's usually the work of a terminal trollbiter, but frankly I'm kind of shocked at your response given your impressive choice of field in school and Open Source projects (going by your Slashdot description) and think maybe you'll benefit from the details.

These changes do correct the major security weaknesses of the original protocol: the inclusion of the LAN Manager hash function and the use of the same OFB encryption key multiple times. However, many security problems are still unaddressed: e.g., how the client protects itself, the fact that the encryption key has the same entropy as the user's password, and the fact that enough data is passed on the wire to allow attackers to mount crypt-and-compare attacks.

Just remember that the most common reason for using PPTP is to interface with a Microsoft product... And MS's PPTP is ripe for the attacker and calling it secure is pretty laughable.

Or he could encrypt the message before he types it into the computer, perhaps using a deck of cards and solitaire, though that's a bit slow, but at least he wouldn't have to have encryption software on his laptop. Obfuscating the encrypted text might be tough though.

/graf0z.

And if you think I'm giving people ideas, you obviously haven't read Snow Crash. Airport security isn't about true security. It's about giving people the appearance of security. True security is what they have at El Al airport: all passengers are asked a series of questions (usually brief and not very deep, sometimes very probing if the initial questions suggest you have something to hide); all baggage is put through decompression chambers, to simulate flight conditions in the baggage compartment; cockpits are heavily reinforced. The latter two, in particular, aren't visible to the public. But they work, and far more effectively than what we have in Australia (or, AFAIK, in the US.)

Nail clippers? Sewing scissors? The effort in confiscating those, versus the security that doing so provides, is way out of proportion. Read Cryptogram for more detail on this subject than I can be bothered typing.

If you hope nobody can hack you or cause any problems with your servers because you assume they dont know what you are running...that is a problem.

Here's an amusing item about vulnerability scanners and version strings. A reminder how silly it is to focus on trivia like this.

This is what will appear in the next issue of Crypto-Gram:

A recent Associated Press story about licensing computer users has some people believing that I am in favor of the idea of licensing computer users.

I'm not. Period.

The idea is that users can potentially do damage with their computers, so why not force them to get licenses as we do for automobile drivers. While this is one potential way to deal with the problem of people having default security configurations and not installing their patches, I think that the damage that would do to the Information Age would be disastrous. And that it is a bad security trade-off.

It's interesting that people are taking this idea seriously, though. I think that the computer industry has painted itself into a corner. On the one hand, it has positioned computers as a mass-market consumer item. Everyone should own a computer. On the other hand, they have made computers so complex to administer that you need significant training to do it properly. One of the results of this is bad security, which we're seeing.

But I don't think the solution is to force computer users to be licensed. When I read my quote it's clear to me that I'm not saying that, but I want to correct the impression of anyone who does.

Bruce

Yeah, I have a hard time believing that Bruce Schnier suggested this licensing idea. This is what we really need. If software companies have to eat the cost of their screwups, they'll drastically improve their quality or go bankrupt, and frankly I don't care which.

Yes, there are significant problems with biometrics over the Net. Most of these problems can be alleviated by adding a trusted human being to the equasion, someone to stand by the biometric reader and make sure nobody does anything obviously hinky with it. (In this case, the teller serves that function.)

Yes, there are significant problems with biometrics over the Net. Most of these problems can be alleviated by adding a trusted human being to the equasion, someone to stand by the biometric reader and make sure nobody does anything obviously hinky with it. (In this case, the teller serves that function.)

It's perhaps bad because it's a single point of failure, but all of my passwords are, one way or another, stored using the Mac Keychain. Safari stores its passwords in there, as do some other browsers. I use PasswordWallet (for Mac and Palm) to store passwords (and more) in an encrypted file, which is accessed via a passphrase stored in the Keychain. Even my SSH passphrases are stored in there (accessed via SSHPassKey).

Anyway, what prompted this was Schneier saying, "Don't let Web browsers store passwords for you." Sometimes, the browser is as secure as anything else on your computer, as in the case with Safari + Keychain.

Store then in your wallet like Bruce Schneier does.

Note: I don't store mine in my wallet, so keep your hands to yourself!

Here's another from Bruce Schneier at Counterpane.

Bruce Schneier mentioned how weak the GSM algorithm was back in this Dec 99 issue of Crypto-Gram. Its lousy encrpytion and is secret, non-peer reviewed.

What's most interesting about these algorithms is how robustly lousy they are. Both voice-encryption algorithms are flawed, but not obviously. The attacks on both A5/1 and A5/2 make use of subtle structures of the algorithm, and result in the ability to decrypt voice traffic in real time on average computer equipment. At the same time, the output of the A8 algorithm that provides key material for A5/1 and A5/2 has been artificially weakened by setting ten key bits to zero. And also, the COMP128 algorithm that provides the keying material that is eventually weakened and fed into the weakened algorithms is, itself, weak.

And remember, this encryption only encrypts the over-the-air portion of the transmission. Any legal access required by law enforcement is unaffected; they can always get a warrant and listen at the base station. The only reason to weaken this system is for *illegal* access. Only wiretaps lacking a court authorization need over-the-air intercepts.

...any encrypted document they have is "Permanently" gone...

I'm not sure what you're arguing here. How many people actually use that feature? How many people use the access control currently implemented in MS Office? If you are so against encryption to keep "whistleblowers" effective, why do you care about security at all? Stop patching your system, take down your firewall, open up all of your ports, and run public services on ports that you don't need that give access to all files on your hard drive.

Why won't you do this? Because
A. You give a shit about your privacy
B. You're worried about people destroying your documents.

Point is, everyone has a right to protect their privacy. Right? Just because somebody is a corporation doesn't mean that their rights are out the window. In fact, a privately held corporation is allowed to operate in complete secrecy from you. Sure, they still need to produce audited financials for Uncle Sam...but otherwise, they don't have to disclose a damn thing. One last time, you're rehashing an ethical issue for every cryptographer and/or coder who implements cryptographic products...and I don't think that you fully understand the issue. Do some reading and take a class (preferably a seminar) that covers ethics in encryption and then make your argument.

--Turkey

The whole point of RSS is that, unlike email, it is not push.

In fact, "push" vs "pull" is not very descriptive. You have a newsletter, a publisher who controls the content, and subscribers who read it. There is only one important question: where is the subscription recorded?

There are effectively three models:

1. The subscription is recorded in the subscriber's brain. The subscriber has to make a point of going after the content. This is the model for web pages. I am "subscribed" to publications like The Risks Digest and Crypto-gram because I make a point of viewing the web pages regularly. This model is of little value to a lot of publishers, because their content is not valuable enough that users will make a point of keeping up in this way
2. The subscription is recorded in the publisher's system. This is how email newsletters work. It's fine for the publisher, but unsatisfactory for the reader as he can get subscribed to things he doesn't want. Separating bona-fide subscribed content from spam is very difficult for filtering systems, and the result is that delivery failure rates are rising. This is where we are now, this is where we want to get away from.
3. The subscription is recorded in the subscriber's software. This is the ideal. I can choose to subscribe to something, and no-one can make me subscribe to anything I don't want. The subscribed content will appear in front of me without my needing to remember it or pick it out of a list of a hundred browser bookmarks. RSS falls into this category.

My pet theory is that there is another method that fits in the third category: email retrieved directly from the publisher's system by the subscriber's system using POP3. I subscribe to the content by adding an account to my mail client with the publisher's POP server, and a username of my choice. Doing a "get email" on my mail client will bring down the newsletter along with my other email. (IMAP or NNTP could be used the same way). The advantage of this over RSS is that the clients are already widespread, although ideally they would be enhanced to support this model more smoothly.

If you're interested in these articles, read them on the Crypto-Gram newsletter instead of waiting for /. ers to read it and post them here.

Microsoft Corporation, to say the least, has struggled with its image over the years. The company has a slight reputation for putting security on the back burner while concentrating on flashy features that will appeal to the home user, such as MAPI and COM+. Security experts have criticized Microsoft in the past for a practice known as "full disclosure." Security expert Bruce Schneier accuses, "Microsoft is leading the charge to ... the free flow of computer security vulnerabilities." Against the advice of experts, Microsoft provides comprehensive information on the causes and inner workings of their security problems. This is so that other developers will be able to write fixes themselves, freeing Microsoft of the responsibility.

Microsoft, in its insistence on releasing detailed explanations of vulnerabilities, is enabling attackers to write exploits! Is no one surprised that Microsoft's infantile approach to security concerns has finally caused real financial damage?

I am speaking, of course, of the "MS Blaster" computer virus that has been terrorizing Microsoft computers of late. The word from electricity industry insiders is that the Microsoft worm is the most likely cause for the historic blackout of 2003.

Canadian officials have determined that a power control computer, responsible for adjusting the flow of electricity across the US/Canada border, was attacked on the afternoon of August 14, 2003. The computer was even behind a firewall but as we know, a firewall does not protect you from inside attacks. Network traffic indicates that a Canadian user on-site was playing the popular computer game Everquest during working hours, which caused the virus to be downloaded to his hard drive - effectively bypassing the firewall. From there, it was on to the operations servers, which remained vulnerable. When the infected PC went haywire, operators were forced to shut it down, which completely disabled the flow of electricity across the US/Canada border. This had a ripple effect on the already beleaguered power grid, causing the blackouts in major cities such as New York, Detroit, and Cleveland. Boston was largely unaffected due to its reliance on GNU/Linux and open source software.

Do you want to hear the real kicker? Some time last month, Microsoft posted a detailed explanation of the "RPC bug," the very security hole that Blaster uses to infiltrate computers. Coincidence? Microsoft releases an explanation, and less than a month later a massive worm is sent onto the Internet that exploits the very same hole! Is anyone still convinced that "full disclosure" is a good idea?

Tell me this: If Microsoft hadn't released the details, how on earth would an attacker have known how to write an exploit for the "RPC hole?" If you think full disclosure is a good idea, tell that to the families of the victims in New York, Detroit, and Cleveland. Microsoft has willingly provided the tools necessary to cripple the United States' information infrastructure. These tools are accessible to anyone - even our terrorist enemies. Tell me, how does this make Microsoft any better than the terrorists themselves? The answer here is clear: Full disclosure is information terrorism. I urge you all to write to your legislators and end this dangerous practice once and for all. We need to make companies take responsibility for their security issues, and end the information terrorism known as full disclosure. God Bless America.

Read this article here titled "Why Digital Signatures Are Not Signatures." As demonstrated in the article, there really is no fool-proof way to connect a person's online identity to their real-world identity.


Cryptogram

A real world example -- 10 years in the future and the developed countries and businesses of the world have agreed to use some kind of digital "signature" to authenticate people. Technogeek Bob wants a fake online identity. He breaks into Joe Sixpack's unpatched computer, and finds the private key. He then installs a keystroke logger and waits a few weeks. Joe unwittingly uses his key to "sign" his latest phone bill payment, and voila, Bob has his identity. As long as he doesn't do anything outrageous with it, it's unlikely he will be caught. Or an even worse scenario -- someone leaks the government's key to the public or is bribed/coerced into "signing" fake certificates, and then all such "signatures" become meaningless and we are back where we started -- here. Like everything else security wise, the technology isn't the weakest link -- the people are.

Now that's not to say that this level of security isn't good enough for friendster. But because this type of attack is possible, it's doubtful that digital "signatures" will ever reach widespread usage for anything economically or legally important. And as such, it will be unlikely that businesses or governments will ever bother to use them in such a major way.

That is far easier said than done. See, for instance, Bruce Schneier's explanation of why secure electronic voting is a hard problem.

As you suggest, a distributed, global (federated) identity would make this all a lot easier and work a lot better. Persistent profile information is powerful and offers many advantages to citizens, corporations and all those middlemen, but can lead to serious privacy abuses if the information is not securely - and absolutely - controlled by the profile owner.

The fact that global identity is so valuable has not escaped the eye of marketing departments everywhere, and there are several projects aimed at establishing global identities for consumers. (Note that I say "consumers" here rather than "citizens" as the systems being designed generally only see you as a consumer and nothing more. Therefore, since there's nothing to buy on Slashdot or Poliglut, you probably wouldn't exist on those systems.)

There are two main problems with the currently proposed systems: Passport, designed by Microsoft, is a wholly centralized system. (The only thing good about this is that your profile data in Passport is not in danger of being bought by Microsoft!) The other system is Project Liberty, a system being put together by a scary consortium of BigCos. EPIC has a good, short paper on the privacy considerations of Liberty here.

There's a new group in this area working...

...to create the world's premier electronic system for individuals and organizations to interact commercially, socially and personally, while providing every entity with control of its information, identity, and relationships consistent with healthy communities.

So where does one go? First, of course it has to be open source. PGP's web of trust, Ron Rivest's and Carl Ellison's SPKI/SDSI, and Matt Blaze's Keynote all offer secure local name spaces and even integrated trust management systems. (Thought I had forgotten about your original point, didn't you?) We're nearing completion of a requirements specification and hope to have an initial implementation by years end. And this is being done mostly by volunteers, as there's no money (yet).

BTW, one of the most difficult problems facing federated identity systems such as Liberty is how to get all these BigCos to work together. We're following Chaordic approach that, like the Visa payment system, melds simple but powerful global unilateral agreements (Principles) with local control of agreements that control inter-group relationships.

Whenever I've voted (three different jurisdictions to date), there has always been a series of stations that voters have to pass through: [1] check in, [2] take a ballot (optional, depending on the voting technology), [3] enter a booth to vote, [4] deposit the ballot in some kind of tallying machine (again, optional depending on the technology), [5] check out.

If enough technical intelligence were added to this process, then figuring out who voted for what could be reduced to a fairly predictable traffic analysis problem. If you vote mid-day, when the lines tend to be short, it wouldn't be hard to pin down that voter John Doe checked in at 1:17pm, that a vote for candidates A, B, & C was recorded at booth 5 at 1:19pm, and that John Doe checked out at 1:20pm. Guess what, you've just figured out who John Doe voted for.

In the June 2003 issue of Cryptogram, Bruce Schneier pointed out that:

Video cameras in cell phones are a potential tool to buy elections. One of the basic tenets of a good election is that the ballot is secret. Someone can offer to buy a vote, but the buyer has no guarantee that the seller will deliver from the privacy of the voting booth. But video cameras in cell phones have the potential to change that; the buyer can demand proof of a vote bought before he pays.
<http://news.bbc.co.uk/2/hi/technology/3033551.s tm>

One of my big fears with all these electronic voting schemes is that they will also make it easier to get around "secret" ballots.

If electronic voting ever becomes the norm, I too want there to be an old-fashioned paper audit trail. On the other hand, that paper trail has to be done in a sufficiently anonymous way, and I don't have an answer for how to implement that. I do however appreciate that getting it right isn't likely to be easy, and that bugs in the system will cause serious problems in the first few elections in which such systems are employed (fraud, buying votes, unaudited software errors, crackers, etc).

Whenever I've voted (three different jurisdictions to date), there has always been a series of stations that voters have to pass through: [1] check in, [2] take a ballot (optional, depending on the voting technology), [3] enter a booth to vote, [4] deposit the ballot in some kind of tallying machine (again, optional depending on the technology), [5] check out.

If enough technical intelligence were added to this process, then figuring out who voted for what could be reduced to a fairly predictable traffic analysis problem. If you vote mid-day, when the lines tend to be short, it wouldn't be hard to pin down that voter John Doe checked in at 1:17pm, that a vote for candidates A, B, & C was recorded at booth 5 at 1:19pm, and that John Doe checked out at 1:20pm. Guess what, you've just figured out who John Doe voted for.

In the June 2003 issue of Cryptogram, Bruce Schneier pointed out that:

Video cameras in cell phones are a potential tool to buy elections. One of the basic tenets of a good election is that the ballot is secret. Someone can offer to buy a vote, but the buyer has no guarantee that the seller will deliver from the privacy of the voting booth. But video cameras in cell phones have the potential to change that; the buyer can demand proof of a vote bought before he pays.
<http://news.bbc.co.uk/2/hi/technology/3033551.s tm>

One of my big fears with all these electronic voting schemes is that they will also make it easier to get around "secret" ballots.

If electronic voting ever becomes the norm, I too want there to be an old-fashioned paper audit trail. On the other hand, that paper trail has to be done in a sufficiently anonymous way, and I don't have an answer for how to implement that. I do however appreciate that getting it right isn't likely to be easy, and that bugs in the system will cause serious problems in the first few elections in which such systems are employed (fraud, buying votes, unaudited software errors, crackers, etc).