Domain: linuxnet.com
Stories and comments across the archive that link to linuxnet.com.
Comments · 28
-
Re:An idiot playing a semantic game.
Software one time password generators are cool, but smartcards are more secure, more functional, and more convenient for the end user.
Smartcards at minimum store a private key and use public key crypto on the card itself for authentication. You can use this in PAM for login and single sign on through local authenticators, LDAP, or Kerberos. You can use it as a RSA ssh key for remote login, as a client side SSL cert, as your credentials for S/MIME, etc..
The largest deployment at the moment is the US military, with their CAC system.
Check out http://www.opensc-project.org/ and http://www.linuxnet.com/ for some of the linux oriented projects. Fedora is also leading the charge in the linux world through integration to their directory services and crypto consolidation. However, you can get it to work everywhere with some general geekery. ;-) -
Re:they got you covered
Although this page has a driver for the O2 Micro 4-in-1, I've never seen a distributution where it worked out of the box. Hope Asus doesn't forget.
-
MUSCLE project
Information from the MUSCLE smartcard-on-Linux project be useful:
http://www.linuxnet.com/
-
Re:How long till open source.... Read...There's also the MUSCLE project at http://www.linuxnet.com/index.html. MUSCLE stands for Movement for the Use of Smart Cards in a Linux Environment.
Haven't tried it, but there's at least work in progress towards being able to login using a smart card - among a lot of other components.
-
(really) smart cards anyone?
I'd love to see this chip in a USB smart card. The most advanced USB cards out there from Axalto only have 8-bit CPUs from ST with 4 KB of RAM and 64 KB of EEPROM. All sorts of fun and games would be possible with a secure 32-bit USB card. So anyone from Atmel want to comment on if you're talking to any of the Smart Card vendors? I'm sure the folks from the MUSCLE card group would be happy to create a linux driver.
-
Re:Coerce how?
It didn't matter to me, They sent me a letter a year ago. I bought some smartcard equipment to reasearch and impliment a linux secure login system like this for example...
After consulting a lawyer I sent them a VERY RUDE letter and even dared them to sue me or do anything in court as I was going to counter sue for 10X whatever they were asking plus damages...
I heard no response cince. but if they try anything I will be taking them for a HUGE amount of money and bad publicity as I will make it very public. (I told them that also.)
I strongly suggest that EVERY person that is strong-armed by them to do the same...
Taunting the tiger is fun when you have a howitzer aimed at their head...
-
Re:Low Saxon
They're still waiting for biometric logon features, namely voiceprint-based passwords.
This security scheme would be very weak. Someone can record you while you say 'friend' and later use the recording to log on. Old-fashioned passwords are better.
Worse, you can change your password if someone steals it, but you can't change your voice, or fingerprints. If you want more security you have to consider three elements:
1. What the user knows. That is, the password. This is the most versatile.
2. What the user is. You use biometrics for this.
3. What the user has. You can use smart cards or RFID tags or similar.
If you can only afford one of these, you have to pick good old-fashioned passwords.
I think there are free PAM modules for smart-card authentication. Check MUSCLE for more info. Don't know about biometrics PAM modules. Since KDE login screen uses PAM for authentication, it shouldn't be too hard to support combined password, biometrics and smartcard authentication. -
Re:Its not your job, tell your boss
the security of files comes from properly configured and admined win servers, not from the clients.
The clients are always the weak link. Everyone from script-kiddies to the FBI knows this. It's hard to secure files when they have to traverse the network. Besides, don't pretend that a 'properly configured win server' is any different from a Windows workstation when it comes to security: they're the same OS.
There might be some freeware projects out there, but none of them come close to the completeness of a commercial product.
I've had some experience with those 'complete' commercial security products. Let me tell you, they are *far* from complete and even *farther* from secure. I wouldn't trust any security system that I didn't build from scratch, or at least from source. M.U.S.C.L.E. is a good place to start. -
Alternative
As far as I can tell, this is about a hundred line Perl program. Get some nice smart cards and readers (they're quitecheap), use MUSCLE's Perl bindings, hook up to a Linux box, and dump times to a logfile/postgres db. On a successful read, beep.
-
So am I going to get a letter?
I own a smartcard reader/programmer (most devices are both readers and programmers, it's just a serial interface to a "chip card" aka smartcard.) made by Schlumberger, and the SmartCard Developer's Kit from Amazon, which I bought to play with Smartcard support for Linux.
So am I going to get a letter from DirectTV?
-
Why not use a smart card?
Just a thought. If you really need 2-factor authentication, setup the reverse proxy (unless you can get TiVo to require SSL client-side authentication). Pick up a smart card and reader from http://www.cardstore.slb.com/. I recommend the CyberFlex E-gate for this as it will reduce you overall costs and give you MAXIMUM convenience. Once you get this all set up (you may want to visit the M.U.S.C.L.E. site if you're using Linux or Mac OS X or other un*x variants), go to your favorite free-cert provider like Thawte/Verisign. When you generate your keys, be certain to instruct your smart card to do the work. Next, configure your web-server (TiVO or Apache) to require client-side SSL authentication and specifically, your certificate. Viola! Two-factor authentication. In this case, your private key makes your smart card very unique (what you HAVE) and you should set a PIN on your smart card to protect it (what you KNOW). If you're really up for a project, add some biometric (what you ARE) card-authentication for 3-factor authentication.
-
JavaCard and MUSCLE
A previous poster mentioned the MUSCLE project. It provides lots of open-source software for talking to smartcards, primarily for cryptographic applications.
MUSCLE works with JavaCards . With these it is relateively easy to write your own applets that run on the card and do whatever you want.
Lots of vendors supply JavaCard-compliant cards. For example, SchlumbergerSema, iButton, and Gemplus.
-
Re:Someplace to TryThe guys who did Opencard have started using a Java PC/SC wrapper instead. Opencard is just to big for what it does in most cases.
You can find JPCSC and other open source smart card stuff at the MUSLCE project.
Also, I happen to be on a team that has implemented a smart card based photo ID system. Contact me through the email on my webpage (linked to in the header of this post) if you have questions and I'll get back to you on my corporate acocunt.
-
MUSCLE - Linux Smart Card Development
I was a developer in the smartcard field before. A few good places for Linux smartcard resources were: Movement for the Use of Smart Cards in a Linux Environment and the CT-API for Linux pages.
-
Some links
MUSCLE - Movement for the Use of Smart Cards in a Linux Environment looks kind of helpful.
And to use a smartcard reader for your login here. -
Since linux devices gets /.'ed rather easily-by Rick Lehrbaum (April 12, 2002)
Back in November of 2000, Jim Thompson, Kem McClelland, Brad Martin, and Jamie Thompson started brainstorming about the idea creating a company to specialize on the emerging market for publicly accessible wireless access points. They reasoned that there would soon be a significant opportunity to supply devices to public access "hot-spot" providers, wireless ISP/infrastructure providers (WISPs), and various value added resellers (VARs).
Thompson and McClelland were both senior managers at WapPort, where they had both been frustrated by the inability to convince existing access point providers to modify their products for "hot-spot" features, or even to allow Wayport to have access to their source code so that Wayport could make the necessary modifications. So the two, joined by Brad Martin and Jamie Thompson, decided to have a go at it on their own.
"My original frustration when I was at Wayport, was that we couldn't get any of the existing access point manufacturers (Cisco, Lucent, Symbol, etc) to embed the features we needed to deploy an 802.11-based "Hot Spot" service," recalls Musenki CTO and founder Jim Thompson.
Roughly 18 months later, Austin, TX based Musenki ("musenki" means "small wireless gadget" in Japanese) is poised to ship beta units of its first product -- the M-1 wireless access point. The devices, which are scheduled to ship to customers next Monday (April 15, 2002), will be sent to developers, strategic technology partners, VARs who want to start integrating their own features, and some prospective major customers. Among the significant customer prospects being sent beta units are several regional wireless ISPs and mobile operators, according to McClelland.
McClelland describes Musenki as a developer of "secure, open-source wireless networking products" whose "software and high-performance equipment enable open development, bringing expandability and customization to the wireless LAN market." Indeed, the company's first device packs a lot of computing power in a very small space, by taking advantage of some of Motorola's highly integrated PowerPC-based system-on-chip processors running at speeds ranging from 200 to 400 MHz, along with high density RAM, built-in solid state disk (Flash memory), and internal expansion based on "miniPCI" modules. The use of built-in PCI expansion allows Musenki to configure its access points for a variety of wireless interfaces -- an important factor in an emerging technology-based market that has a long way to go before stabilizing.
According to McClelland, Musenki has incorporated several features into its wireless access points that are crucial to success in the public access market. These include tie-ins with external authentication and billing systems, roaming across various service provider networks, the ability to slot-in additional network-layer functionality such as VPN and protocol translation, and functions that enable the management of a large number of these devices disbursed over a large number of locations.
What's on the drawing board after the M-1 and M-3 wireless access points have made it into full production? According to McClelland, Musenki's plans include a number of technology and interface enhancements and upgrades, including . . .- Client side devices (miniPCI/PC cards, particularly GPRS/802.11 combo cards)
- Mesh networking technology
- Technology for enabling seamless roaming, by means of cellular and WLAN networks
- Additional security features
- Integration with innovative antenna technologies
- Expansion of the platform beyond the WLAN market
Building in power and flexibility
Jim Thompson characterizes Musenki's first product as a Linux-powered 802.11 access point: "Its open, so the customer can make it do what they want" So flexible, in fact that you could use it for other things. "Like a sexy small, high-performance router," according to Thompson. "Take the 802.11b NIC out and install one of several available miniPCI modules with crypto/compression chips, and now you've got a VPN router -- with compression -- that will run at 100Mbps."
Prototype of the M-1 access point
Here is a summary of the features of the embedded computers that are built into the M-1 and M-3 . . .
M-1 specs . . .- Processor: Motorola MPC8241 running at 200MHz
- RAM: 32MB (default), 64MB, or 128MB of SDRAM
- Flash: 8MB (default) or 16MB
- 1 x Davicom DM9102AF (tulip-clone) 10/100 Ethernet on RJ45
- 1 x miniPCI socket (comes filled with a 802.11b NIC and "AP" software)
- miniPCI socket has the pins for V.90 modem and 10/100 Ethernet brought out to a second RJ45
- 1 x Smart Card (SIM form-factor)
- I2C header
- 3.5 x 3.6 in. (smaller than PC/104 form-factor)
M-3 specs . . .- Processor: Motorola MPC8245 running 333MHz
- RAM: 1 x SODIMM socket, usable with up to 512MB (off-the-shelf modules)
- Flash: up to 32MB
- 2 x Davicom DM9102AF (tulip-clone) 10/100 Ethernet on RJ45s
- 2 x miniPCI socket
- first slot comes filled with a 802.11b NIC and "AP" software);
- first miniPCI socket has the pins for V.90 modem and 10/100 Ethernet brought out to a second RJ45
- first slot comes filled with a 802.11b NIC and "AP" software);
- 1 x full PCI slot (more Ethernet, T1, T3, additional 802.11a/b/g NIC, etc.)
- 1 x Smart Card (SIM form-factor)
- I2C header
- Size: 6.0 x 7.0 in.
Closeup of the M-1's internal single-board computer
"We feel that the additional CPU and the large memory resources are going to be more and more important as 802.11x (x = a, b, g) becomes the predominant method of client connectivity," points out Thompson. "In addition, as other 802.11 standards mature -- for example 802.11e Quality of Service, 802.11i security, 802.11f Inter Access Point Protocol, 802.11h Dynamic Frequency Selection (DFS), and Transmit Power Control (TPC) -- we will have the CPU power and architecture to allow us to incorporate these improvements, as well as the future increased bit-rates planned for 802.11a."
"Also, the minute you start thinking about 'mesh' routing, you need lots of memory and CPU resources," Thompson adds. "Consider a medium-sized city with 40,000 houses, all connected to each other via a wireless 'fabric' at 20Mbps or more."
"One could run an 802.11b (or 802.11g) NIC in one slot and an 802.11a NIC in the second slot and have a 'dual-mode' AP, with all the gateway features still enabled," explains Thompson. "Or you could use all three slots -- one slot of 802.11b for older clients, one slot of 802.11g for those clients, and one slot 802.11a. Or you could cover a coffee shop with 802.11b/802.11a and still bring a DSL, Cable, or T1 connection or even 802.11 'back-haul' out with one box, AND run the 'captive portal' on the same box."
Thompson explains that there are varied reasons for the Smart Card. "One of the most interesting is that if you're going to deploy this type of equipment into 'public access' venues, you need a way to both secure the contents against prying eyes -- and people who will dredge through your Flash -- as well as being able to potentially authenticate the equipment back to your billing system, if you're Wayport, Surf-n-Sip, VoiceStream/Mobilestar, Boingo, etc. We use the smart card for both of these, and more. Consider the use of Smart Cards in GSM phone or DBS satellite systems, and then apply same ideas here."
Embedded Linux inside
Musenki's wireless access points run a recent version of the Linux kernel (currently 2.4.18), along with other open source software.
"For Linux, we started with the PowerPC kernel sources from BitKeeper," says Thompson. For the bootloader, for example, they started with ppcboot sources and added 8245 support. "We've given all the code back to the community. Interestingly, I ended up supporting the 'Sandpoint8245' platform in the process."
"We did it all ourselves, with more than a bit of 'help' from the associated mailing lists," continues Thompson. "Linux mostly just 'runs', other than small bits of effort to get the on-chip serial ports working, and board-specific issues."
Why Linux?
"We see open source software as our greatest strategic advantage," says McClelland.
"Essentially, Linux lets us do what we want to do, because we have source -- stand on the shoulders of giants, and not pay royalties to Wind River," Thompson adds.
The development process wasn't without its "bumps in the road", explains Thompson. For example, the time he discovered that the Flash memory bus was wired backwards on the 'BBWISP' board. "This is one of the places where 'open source' ruled for us, because I just hacked support in for changing the 'endianess' of the Flash bus to an existing driver for the Flash chip we're using," he adds.
Thompson claims it took him about half a day to solve the Flash bus problem, thanks to the availability of Linux source code. "I can't imagine having to do that on VxWorks," he says.
According to Thompson, the following open source projects were valuable to Musenki in the development of its wireless access point products . . .- PPCBoot
- PowerPC Linux kernel
- Busybox
- hostap
- uClibc (A glibc2 environment is also available)
- M.U.S.C.L.E (Movement for the Use of Smart Cards in a Linux Environment)
- open1x.org
How will they cost, and how will they be sold?
Quantity one pricing for the M-1 (including 802.11b NIC, antenna, power supply, etc) will be $300, and the M-3 (similarly configured) will be $500, with quantity discounts available.
Beta units of the M-1 will go out on Monday, April 15th. Beta shipments of the M-3 are planned by the beginning of May. General availability of both should be by the end of June.
Initially, the units are being sold directly by Musenki, but the company is currently developing various sales channel relationships.
What's next for Musenki?
Musenki is currently staffed by six people (four founders plus a hardware and software engineer), along with consultants and part-time employees who have contributed to the open source, open architecture approach. Musenki is self-funded to date and is actively discussing additional financing with outside investors. - Client side devices (miniPCI/PC cards, particularly GPRS/802.11 combo cards)
-
Re:some smartcard infohttp://www.linuxnet.com/smartcard/software.html and http://www.citi.umich.edu/projects/smartcard/ have tons of free software.
nobody
-
Smart cards, and Linux supportSmart cards are microprocessors embedded in a flexible plastic credit card sized card. (ISO 7816)
The capabilities range from simple memory storage cards (3KB to 16KB), which are a high tech equalivant of the magnetic stripe on "swipe cards" to high end crypto processors which are tamper resistant and/or tamper evident. These crypto cards can generate a private key that never leaves the card, and can securely performing digitial signind decryption using the private key. Such cards typically support DES, Triple DES, RSA 512-1024 bit and SHA-1. E.g. CryptoFlex from Schlumberger, Gemplus Public Key
Smart cards are already far more common in Europe, are used in satellite TV, Mondex (an electronic wallet scheme that never seems to get off the ground), and in a different form factor, the SIM cards of GSM mobile phones are smart cards. Because of Sat-TV, Pay-TV, and GSM phones there are hundreds of millions of smart cards in use today.
There is also Linux support via MUSCLE which supports the PC/SC API made popular under Windows, and most vendors support.
-
techinical details of the card and privacy aspects
I work for a smart-card solutions company in India and was the technical lead for a team that wrote software for India's largest installation of smart-cards which in India is larger than most credit cards. I have also been asked to present my views in front of RBI (India's fedral bank) sponsered committee to create standards for smart-card use in the country. Coming to technical details, a smart card basically acts like a secure computer with a secure filesystem and operating system of its own. It exposes a limited set of "system calls" that you can call from inside your program which are supposed to be secure (at least in theory). For example, the system calls may allow you to "write" a private key to a "file" in smart card froma program but having once written the private key you are not allowed to modify or read it back. There will be a seprate set of "system calls" that will allow you to decrypt or sign messages using this key however (after giving one or more PIN(s)). As a card is small and can be easily hidden or transported under rugged enviroments this allows a very secure and convenient place to keep critical private keys. Such cards are commercially available and are programmable from Windows and Java (A free linux version in C is being done by MUSCLE guys). There is nothing more or nothing less to smartcard technology. As you can imagine one can leverage this simple use and storage of assymetric (and also symetric) keys to design wonderful credit-card (or other financial) solutions that can provide almost complete privacy and fraud-control. However,it is not technology but the corporates and government which are limiting the use of smart cards. For example, in India a large number of people (especially with money from dubious sources) used to spend by buying stored value smart cards which were available off the counter for cash. Till income-tax department decided to make it compulsory to record identification details for each such transaction. One can argue that it was a blow to privacy but does the govt has an option in front of brazen money laundry? This is not bound to change any time in near future. As soon as you make financial transactions anonymous, guys who got "bad money" get in and start using the system for their own laundry. However, fraud-control is on everybody's list and one should expect VISA and MasterCard to move in this direction. As somebody else pointed out, there is a lot of investment done by merchants and banks in current terminals and rest of the credit-card infrastructure so one should not expect new technology to come out overnight. however, over next 5-10 years I would expect a lot more credit cards to be chip-based with at least PIN protection on them
-
it can be used...
As far as I can see, the mysmart pad is ps/sc compliant. This means that it has drivers so an OS (especially windows) can treat it as a generic smart card reader. There is also a Linux project for this stuff (muscle) so anyone can use it. There are several *nix projects on sourceforge too just search. This type of card is different in form-factor to DirectTV ones. The chip is placed in a different part of the card but I am pretty sure they are otherwise similar. Though I haven't used the mysmart pad myself, I do like the quick-link ideas though it depends on software running (like cuerat). And you can replace the sheets that allow OEMs to put their brand on it. It has been around at least a year so someone is buying them. For lotsa fun in smart card microcontroller programming (cheap too) see BasicCard. Cheap too.
-
PGP manual, absolute security, human usersRead the PGP manual it deals with these sorts of questions.
There was already a Word marco virus Caligula that attacked the PGP secret keyring and mails it to codebreakers.org, circa 1998.
You are mainly concerned with your private key ring, since lose or corruption of that would be the most damage. If the public key ring was modified you could alter local trust of a specified key, but it could not sign a public key without the private key.
As others have stated the private key itself is protected by symmetric encryption (e.g. IDEA, TripleDES) and you need the passphrase to unencrypt this encryption. So, a private key protected by a poor passphrase could be brute forced using a fast dictonary search tool, similar to Alex Muffett's crack for Unix passwords.
There are several ways to increase the security without irrating the user, such as using a floppy based key ring, using a smartcard memory card to store your own public/private keys, using a Dallas iButton, a removable PCCard (PCMCIA) storage device, or using a crypto smart card that stores your own private/public key, and does the RSA calculations on the card, designed in a such a manner as the keys cannot be extracted from the card. This gets into Differential Power Analysis (PDA) and tamper resistance attacks.
For a high security application, you could consider a hybrid smartcard and PDA (e.g. Palm), which forms a small trusted computer. Of course most security experts wouldn't call a out of the box Palm and PalmOS a trusted platform, but it's an example of a smartcard with a direct human interface (human input & output), rather than trusting a larger more complicated computer which is also more flexible because it is designed to be general purpose. Some 3G cell phones plan on having similar smartcard interfaces I believe. I think Nokia had a prototype. Of course since there have been some trojan SMS messages already seen in Europe, and with WAP expected to expand its capabilities rather than die, you can expect this to be a more virus friendly platform as cellphones evolve.
While Bruce's Secrets and Lies shows his change of heart from the absolute security through cryptography that he and cypherpunks dreamt of in the early 90's, he now understands that absolute security in a practial system is a myth, and wants readers to think like engineers in weighing of trade-offs, how easy to use verus how secure, and how expensive vs. how secure. It is not a reason to give up on cryptography, but to realise that in designing and working with secure systems you need to look at more than just which neat cryptographic algorithms to use.
-
ChipDrive linuxpack
-
M.U.S.C.L.E.
Check out MUSCLE...I think that is what you are looking for. The site for it is here. IIRC, this project was started/is maintained by someone attending the grandest university of them all
-
Other fingerprint stuff for Linux
If you want fingerprint identification for Linux right now, check out American BioMetrics and their BioMouse (around $100). Although they don't ship Linux drivers, there are drivers available from MUSCLE on this page.
--- -
Other fingerprint stuff for Linux
If you want fingerprint identification for Linux right now, check out American BioMetrics and their BioMouse (around $100). Although they don't ship Linux drivers, there are drivers available from MUSCLE on this page.
--- -
Re:At least you know what you get...
unlike AmEx's stupid idea of a credit card swiper on your PC,
Do you actually understand how their smart card will work? Hmmm, because you don't seem to. First It is a smart card, and ISO-7816 smart card to be more specific.
Second the cards will have have certificates on them which will contain IIRC a set of 1 public and 1 private key which will be used to encrypt sessions, I personally feel it is a bit better then ssl since it is on the card and not on the system.
So this is at worst at least as good as ssl and it is much more convienent. I don't understand all the details of how they will implemented but it may even be better then ssl. So pls, try to understand a technology before you go off on it. -
Check out M.U.S.C.L.E.
Take a look at M.U.S.C.L.E
I learned about this project at the Atlanta show during a presentation on the Secure Filesystem project at the University of Minnesota. They are using it extensively for their project, the site for that project is www.securefilesystem.org -
Blue has many good things going for it
Disclaimer: Although I work for one of the biggest smart card makers in the world and the inventor of Java Card (Java on smart card), as far as I know AmEx is not using our cards.
As for Blue, Frost and Sullivan's analysis is a good place to start. Personally, I think it is a good thing: get consumers used to idea of smart cards and making everything free at first really helps. And if they use Java Card based smart card, they'll be able to roll out new features in the future. Besides, free card, free reader and 0% APR are hard to beat (unless they start cutting checks, I guess). At least I've applied for the Blue card.
Linux support probably can be found at: http://www.linuxnet.com/ (I say probably because AmEX is highly likely to use one of the well known readers, much of them supported by MUSCLE project)
As for security: much of the first 40 posting I've read are either wrong or misinformed. I'd recommed that you read some smart card introduction before posting here:
Smart card industry association: http://www.scia.org/
Smart card forum: http://www.smartcrd.com/
Java Card (but lots of general smart card info) http://members.xoom.com/javacard/
-----
More misc.: AmEx are working on a web page: www.blueamex.com (www.blueamex.net, too)
Danny (shameless ad: Java Card was invented here: www.cyberflex.slb.com)