Slashdot Mirror

IPreadator
https://www.ipredator.se/?lang=en
Fixed, inexpensive costs and unlimited bandwidth. About as anonymous as you'll get for something you have to pay real money for.

The endpoints are somewhere in northern Europe, though exactly where will vary from time to time.

Has a few problems that are just about fixed. Firstly, it supports only PPTP, which is known to be insecure ( http://www.schneier.com/blog/archives/2012/08/breaking_micros.html ). That also makes using anything other than Windows a pain. But it's supposed to be fixed this month ( https://www.ipredator.se/page/faq#gen_openvpn_l2tp ). Multiplexing tunnels is also made difficult due to PPTP, but again, L2TP should fix that.

Secondly, No IPv6 or static IPv4 addresses yet. IPv6 is (and has been for a long time) coming apparently. Static IPv4 addresses is not expected to happen, though; but for most uses, that'd be kind of defeating the point of an anonymous VPN, no?

On the whole, it's tricky to use and not without problems, but it's probably good enough for any realistic use, and it's cheap (I've seen email account that cost more!).

Disclaimer: satisfied (Australian) customer.

Assange is Wikileak's best enemy. The Guardian did not leak the key. Wikileaks was signing multiple files using the same key. You're supposed to use the key once for Mitra's sake! See here and here

Again if Assange wasn't being an asshole with various girls, he would have never ended up in this extradition scenario.

Wikileaks should be forked and Assange should answer to the charges. If he is not guilty as claimed, excellent. All of that "but he is not charged with anything" bullshit is just misinformation (fnord) and not understanding how an other country's due process works.

U.S. District Judge Lewis Kaplan's opinion said that the eavesdropping technique "functioned whether the phone was powered on or off." Some handsets can't be fully powered down without removing the battery; for instance, some Nokia models will wake up when turned off if an alarm is set.

[snip]

The U.S. Commerce Department's security office warns that "a cellular telephone can be turned into a microphone and transmitter for the purpose of listening to conversations in the vicinity of the phone." An article in the Financial Times last year said mobile providers can "remotely install a piece of software on to any handset, without the owner's knowledge, which will activate the microphone even when its owner is not making a call."

Remember, that was 6 years ago. Those civil rights you thought you had? Hope you enjoyed them at the time.

I agree entirely. But how are we to convince the rest of the population who take pride in the fact that they have nothing to hide from the government?

A family member of mine claimed she changed her stance after I gave her a copy of Bruce Schneier's essay, "The Eternal Value of Privacy."

Schneier also recommends Daniel Solove's essay, "'I've Got Nothing to Hide' and Other Misunderstandings of Privacy."

Someone else posted this very good article earlier today: "Debunking The Dangerous 'If You Have Nothing To Hide, You Have Nothing To Fear.'"

I agree entirely. But how are we to convince the rest of the population who take pride in the fact that they have nothing to hide from the government?

A family member of mine claimed she changed her stance after I gave her a copy of Bruce Schneier's essay, "The Eternal Value of Privacy."

Schneier also recommends Daniel Solove's essay, "'I've Got Nothing to Hide' and Other Misunderstandings of Privacy."

Someone else posted this very good article earlier today: "Debunking The Dangerous 'If You Have Nothing To Hide, You Have Nothing To Fear.'"

Mod up. From TFA that's all Google is offering -- more pressure to grap your phone number.

And it's worth noting that Bruce Schneider has pointed out the problems of two-factor authentication for years.

http://www.schneier.com/blog/archives/2012/02/the_failure_of_2.html

http://www.google.com/search?domains=www.schneier.com&sitesearch=www.schneier.com&q=Two-Factor+Authentication&hq=inurl%3Awww.schneier.com%2Fblog

but how much time was taken away by the early termination of the petition?

I'm too lazy to dig up wherever I read it, maybe it was a comment on hacker news, but it sounded like it had about another week to go before expiration.

It expired on the 9th. See, e.g. Bruce Schneier's post a week ago, or the Fark thread from the 8th saying 'it expires tomorrow'.

I am reposting this from Friday:
In a recent Schneier post titled Court Orders TSA to Answer EPIC a menacing comment was left by what claimed to be 'Blogger Bob' from the TSA's blog. It may be and likely enough is a dupe, but seemed terribly appropriate for the TSA. I have pasted it below for your reading pleasure, for the second time:

"I've been asked to respond to this post in order to clarify misunderstandings that some people may have.

The TSA properly exempted itself from the requirements of the Administrative Procedure Act and the Sunshine Act. The TSA granted itself the exemption for valid reasons that must remain classified for National Security reasons, so you'll have to trust us on that.

The TSA also had a valid grounds for respectfully refusing to comply with both court orders. The reasons are also classified for National Security reasons, so again you'll have to trust us the refusal was appropriate and necessary. But I can tell you that the decision was based on thorough analysis of the latest robust intelligence pertaining to the current threat environment.

In both cases, TSA Counsel determined that any form of notice and comment rulemaking regarding the deployment of AIT would be detrimental to National Security, based on the classified determinations I referenced above. TSA Counsel prepared a classified memorandum exempting the agency from notice and comment requirements. TSA Counsel believes that the National Security determinations set forth in the classified memorandum give the TSA full authority to disregard any court orders requiring notice and comment rulemaking.

You are, of course, free to sign the petition. But it will have no more effect than the lawsuit or the court order. And do be aware that pursuant to classified TSA procedures, any names on the petition will be forwarded to the Terrorist Screening Center for possible inclusion on appropriate watch lists.

Thank you for allowing me to address your concerns about this matter."

Posted by: Blogger Bob at August 2, 2012 6:39 PM

http://www.schneier.com/blog/archives/2012/08/court_orders_ts.html Nothing to see here.

In a recent Schneier article titled Court Orders TSA to Answer EPIC a menacing comment was left by what claimed to be 'Blogger Bob' from the TSA's blog. It may be and likely enough is a dupe, but seemed terribly appropriate for the TSA. I have pasted it below for your reading pleasure:

"I've been asked to respond to this post in order to clarify misunderstandings that some people may have.

The TSA properly exempted itself from the requirements of the Administrative Procedure Act and the Sunshine Act. The TSA granted itself the exemption for valid reasons that must remain classified for National Security reasons, so you'll have to trust us on that.

The TSA also had a valid grounds for respectfully refusing to comply with both court orders. The reasons are also classified for National Security reasons, so again you'll have to trust us the refusal was appropriate and necessary. But I can tell you that the decision was based on thorough analysis of the latest robust intelligence pertaining to the current threat environment.

In both cases, TSA Counsel determined that any form of notice and comment rulemaking regarding the deployment of AIT would be detrimental to National Security, based on the classified determinations I referenced above. TSA Counsel prepared a classified memorandum exempting the agency from notice and comment requirements. TSA Counsel believes that the National Security determinations set forth in the classified memorandum give the TSA full authority to disregard any court orders requiring notice and comment rulemaking.

You are, of course, free to sign the petition. But it will have no more effect than the lawsuit or the court order. And do be aware that pursuant to classified TSA procedures, any names on the petition will be forwarded to the Terrorist Screening Center for possible inclusion on appropriate watch lists.

Thank you for allowing me to address your concerns about this matter."

Posted by: Blogger Bob at August 2, 2012 6:39 PM

Perhaps the poll was conducted with a stick. But then again, we are a libidinous culture.

I do hope that they back it up with a PIN, making it full three-factor authentication. While biometrics are useful in being unique identifiers, they are not secrets. An attacker could use the gummi bear fingerprint technique using latent fingerprints extracted from a stolen card...

In addition, The Mythbusters also fooled fingerprint scanners using the same techniques as the Schneier link (above), and also with a photocopy of a fingerprint:

• A 3-D thumbprint imprinted on a latex strip to be worn over someone else's thumb.
• A 3-D thumbprint imprinted on ballistics gel, which has the same viscosity and density as human tissue.
• A photocopy of a scanned image of Grant's thumbprint.

I do hope that they back it up with a PIN, making it full three-factor authentication. While biometrics are useful in being unique identifiers, they are not secrets. An attacker could use the gummi bear fingerprint technique using latent fingerprints extracted from a stolen card...

In addition, The Mythbusters also fooled fingerprint scanners using the same techniques as the Schneier link (above), and also with a photocopy of a fingerprint:

• A 3-D thumbprint imprinted on a latex strip to be worn over someone else's thumb.
• A 3-D thumbprint imprinted on ballistics gel, which has the same viscosity and density as human tissue.
• A photocopy of a scanned image of Grant's thumbprint.

I do hope that they back it up with a PIN, making it full three-factor authentication. While biometrics are useful in being unique identifiers, they are not secrets. An attacker could use the gummi bear fingerprint technique using latent fingerprints extracted from a stolen card...

I do hope that they back it up with a PIN, making it full three-factor authentication. While biometrics are useful in being unique identifiers, they are not secrets. An attacker could use the gummi bear fingerprint technique using latent fingerprints extracted from a stolen card...

though he didn't directly harass him - it was re-tweeted by a swim team member.

And if you think this couldn't happen in America, well it can - as long as the person posted under a pseudonym or anonymously and can be tracked down (since laws exist for cyberbullying that can land you in jail for 5 years, and you can tack on 2 more for being annoying in a provision carried over from the communications decency act ).

If you think biometrics is useful for unsupervised authentication, please read this:

http://www.schneier.com/crypto-gram-9808.html#biometrics
http://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/

Your fingerprints are not secrets.

I believe that there's a 4th kind of factor: something you can do. For example, you might be able to pick out some of your favorite items, even though you don't remember which favorite items you registered. Or you might be able to type your password in a different rhythm than anyone else can (without a lot of practice); again, it's not something that you can memorize/remember/know, and it's not really something that you are or have. Bruce Schneier has an article on one of these kinds of authentication factors.

"Simply, people can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down. We're all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet."
http://www.schneier.com/blog/archives/2005/06/write_down_your.html

"DO use a password manager"
http://www.schneier.com/blog/archives/2009/08/password_advice.html

"Bruce Schneier Writes Down Passwords. So Can You"
http://www.schneier.com/news-101.html (November 6, 2010)

Obligatory xkcd: http://xkcd.com/936/

In summary, due to the overwhelming number of passwords we're forced to use, humans are not capable of remembering all of them. So, we need to find something that humans are capable of doing. The previous links and quotes may not fully agree on the specifics, but they all are examples of that in action. Unusable security is bad security, as the user will work around it, usually in a manner breaking that security. Good security is usable security.

OTOH, single-sign on doesn't feel right to me. I think it's because you're breaking segregation of security, especially across the boundaries of how important the sites are. ("Use the same sign on for banking and social networking? Sure!") It's not the strongest of reasons, so a more thorough analysis may make me change my mind.

"Simply, people can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down. We're all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet."
http://www.schneier.com/blog/archives/2005/06/write_down_your.html

"DO use a password manager"
http://www.schneier.com/blog/archives/2009/08/password_advice.html

"Bruce Schneier Writes Down Passwords. So Can You"
http://www.schneier.com/news-101.html (November 6, 2010)

Obligatory xkcd: http://xkcd.com/936/

In summary, due to the overwhelming number of passwords we're forced to use, humans are not capable of remembering all of them. So, we need to find something that humans are capable of doing. The previous links and quotes may not fully agree on the specifics, but they all are examples of that in action. Unusable security is bad security, as the user will work around it, usually in a manner breaking that security. Good security is usable security.

OTOH, single-sign on doesn't feel right to me. I think it's because you're breaking segregation of security, especially across the boundaries of how important the sites are. ("Use the same sign on for banking and social networking? Sure!") It's not the strongest of reasons, so a more thorough analysis may make me change my mind.

"Simply, people can no longer remember passwords good enough to reliably defend against dictionary attacks, and are much more secure if they choose a password too complicated to remember and then write it down. We're all good at securing small pieces of paper. I recommend that people write their passwords down on a small piece of paper, and keep it with their other valuable small pieces of paper: in their wallet."
http://www.schneier.com/blog/archives/2005/06/write_down_your.html

"DO use a password manager"
http://www.schneier.com/blog/archives/2009/08/password_advice.html

"Bruce Schneier Writes Down Passwords. So Can You"
http://www.schneier.com/news-101.html (November 6, 2010)

Obligatory xkcd: http://xkcd.com/936/

In summary, due to the overwhelming number of passwords we're forced to use, humans are not capable of remembering all of them. So, we need to find something that humans are capable of doing. The previous links and quotes may not fully agree on the specifics, but they all are examples of that in action. Unusable security is bad security, as the user will work around it, usually in a manner breaking that security. Good security is usable security.

OTOH, single-sign on doesn't feel right to me. I think it's because you're breaking segregation of security, especially across the boundaries of how important the sites are. ("Use the same sign on for banking and social networking? Sure!") It's not the strongest of reasons, so a more thorough analysis may make me change my mind.

Not to mention:

http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI

Americans Are as Likely to Be Killed by Their Own Furniture as by Terrorism

Link courtesy of Bruce Schneier's blog.

Here's what Schneier said about it in 2004:

"Computer security experts are unanimous on what to do. (Some voting experts disagree, but I think we’re all much better off listening to the computer security experts. The problems here are with the computer, not with the fact that the computer is being used in a voting application.) And they have two recommendations:

DRE machines must have a voter-verifiable paper audit trails (sometimes called a voter-verified paper ballot). This is a paper ballot printed out by the voting machine, which the voter is allowed to look at and verify. He doesn’t take it home with him. Either he looks at it on the machine behind a glass screen, or he takes the paper and puts it into a ballot box. The point of this is twofold. One, it allows the voter to confirm that his vote was recorded in the manner he intended. And two, it provides the mechanism for a recount if there are problems with the machine.

Software used on DRE machines must be open to public scrutiny. This also has two functions. One, it allows any interested party to examine the software and find bugs, which can then be corrected. This public analysis improves security. And two, it increases public confidence in the voting process. If the software is public, no one can insinuate that the voting system has unfairness built into the code. (Companies that make these machines regularly argue that they need to keep their software secret for security reasons. Don’t believe them. In this instance, secrecy has nothing to do with security.)

Computerized systems with these characteristics won’t be perfect -- no piece of software is -- but they’ll be much better than what we have now. We need to start treating voting software like we treat any other high-reliability system. The auditing that is conducted on slot machine software in the U.S. is significantly more meticulous than what is done to voting software. The development process for mission-critical airplane software makes voting software look like a slapdash affair. If we care about the integrity of our elections, this has to change."

Source.

I'm just a random Tor exit node, up one day, down the next, replaced by another random exit node.

Use the Tor Browser Bundle:
- https://www.torproject.org/

Read the Tor OPSEC article:
- http://cryptome.org/0005/tor-opsec.htm
- https://www.schneier.com/blog/archives/2012/01/tor_opsec.html

"HUGE Security Resource" - enjoy a smart selection of Security
Blogs and other security related information
- http://pastebin.com/Cm2ZHuz3

Many people are thinking that if I am not near a microphone, it is hard to record my conversation and pick it out of a room full of people. This is normally the case. There is a recent technology advancement being used in sports using a phased microphone array.

http://www.schneier.com/blog/archives/2010/10/picking_a_singl.html

This has alrady been posted in Slashdot.
http://hardware.slashdot.org/story/10/10/11/1838252/high-tech-microphone-picks-voices-from-a-crowd

If you record each microphone as a seperate track, and maintain timing syncronasation of the tracks, you can steer the array after the event to pick out individual conversations in a crowd.

Live or recorded, the beam forming can be steered either way.

The article was too thin on details to confirm if this is the tech being used, but I I was going to impliment recording for a room full of people that needed later seperation to review the drug lord converstaion, this is the tech that could do the job.

A for privacy, there is littel chance anyone would steer the array from the stored recording to have any interest in what you were saying to the lady next to you that isn't your spouse.

While the issue was clearly not the hash algorithm here, it should be noted that SHA-1 is now effectively broken - you can get collisions in less time than using brute force.

It's still a perfectly usable hash algorithm, but it has been slowly phased out for SHA-2 (SHA-512) for some time now.

I wrote a nice long reply rebutting every single point then lost it when I hit backspace and focus was in the wrong part of the window. Grrr.

The author gets lots of things confused:

  - He seems unaware that a rainbow table is equally effective against a good password as a bad one.
  - He seems to think a dictionary attack comprises wholly and exclusively of words taken from a dictionary with no added numbers, symbols or punctuation. Bruce Schneier doesn't seem to agree with this, and I'm far more inclined to believe Mr. Schneier.
  - He believes that a likely avenue for attack is constantly guessing a given user's password on a website. Any half-sane web service will block you long before you've tried a few thousand passwords against one username.
  - He fails to note that in the case of LinkedIn, the list of password hashes itself was leaked - and this is Bad News.
  - He also fails to note that in the case of LinkedIn, the password hashes were unsalted - Much Worse News.
  - He also fails to note that if an unsalted list of password hashes is leaked, then it doesn't really matter how strong your password is, it's going to get found rather quickly. There's very little you or I can do about this. You could refuse to use systems that have such terrible security, but usually you only learn their security is this bad when it's far too late.
  - He tops it off by recommending 10 character passwords with symbols and/or numbers. In other words, he falls foul of the problem described by Randall Munroe in XKCD some time ago.

Except when stuff like this comes out: http://freecode.com/articles/ubuntu-new-apt-packages-fix-security-vulnerabilities-3 [freecode.com]

Ubuntu bug: Bug reported 22nd September and closed the same day.

Microsoft bug: attacks on MD5 widely known and carried out since 2005, but Microsoft still carry on using it in Windows Update until 2012.

No one should dismiss the likelihood of rogus developers submitting changes to key components of popular distros like Ubuntu to exploit. Combined with a MITM attack, your Ubuntu system is owned. This is one reason I no longer use Ubuntu.

Do you have any evidence that this was the action of a rogue developer? By your logic, you must no longer use a computer, as the "rogue" developer issue is one that potentially affects all software.

Have you seen this? AES 256 is weaker than AES 128 bit.

http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

Except that AES 256 bit is weaker than AES 128 bit.

http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

256, just to be sure...

256-bit AES turned out weaker than 128-bit AES precisely because some bright spark at NIST followed that line of thinking. (cite)

cryptographers do, after all, find ways to reduce the cost of attacking particular encrption methods occasionally.

If a system is truly broken then adding more bits probably won't save you.

+1 vote just because it's what Bruce Schneier recommends.

Or if you prefer liquid explosives, just get several people with permitted-size bottles of liquid to go through and combine the liquid in a bigger bottle (or plastic bag) on the other side.

It's even easier than that: you put it in one large bottle, and label that "saline solution".

It seems that by your logic people should be able to yell "FIRE" in a crowded theater.

I've said it before and I'll say it again.

You can go into a crowded theater and yell "Fire!" all you want. However, if people panic and rush to the doors and some of them are trampled, you may end up in court. In which case, you cannot use "Free Speech" as a defense.

There are certain cases where "free speech" needs to be curtailed and this in one of them.

There may very well be--none that immediately come to mind. But this is definitely not one of them.

Years ago, there was a movie called "Minority Report" where psychics used their power to see the future in order to determine who was going to commit a crime and to stop them before they actually did it. What a great movie--and a great idea. If we could only stop crimes before they happen, then nobody would be killed, robbed, beaten, or anything like that.

Unfortunately, we don't have that ability to see into the future. We can only guess at what might happen. The problem is, we're looking at worst-case thinking and then trying to prevent that.

Some of the examples I've seen is that people could be pushed off the platform. And if they were pushed off the platform, they might hurt themselves. Or they might fall onto the third rail and be killed! Or they might fall in front of an oncoming train and be hit! That would be horrible! Thus, we must curtail our basic rights based on the chance that someone could die a horrible death. And not even necessarily a good chance--after all, people do survive falling off subway platforms.

The general funding model has been successful for at least a bit longer than Kickstarter in particular has been around, so it's not a completely new thing. Therefore I have a little more confidence in its longevity, though it could always still turn out to be a slightly longer flash in the pan, of course.

One early proposal was John Kelsey and Bruce Schneier's Street Performer Protocol (1998), describing basically the same collect-funds-until-threshold model.

One successful effort I know of from ten years ago was Einstürzende Neubauten, a cult-popular German industrial/avant-garde band, which left their label and focused on crowdfunding starting in 2001. In 2002, they raised around $70,000 to record an album despite using a pretty unorganized system, and repeated that several times. There have been some others since then as well before Kickstarter centralized them, such as David Lynch's effort.

My Open Wireless Network

for people who run unlocked wireless routers and let anybody in the neighborhood utilize their bandwidth, I have zero sympathy.

Before showing contempt for those who run open wireless nodes, please read what Bruce Schneier writes about the courtesy of sharing network access.

I'm just a hard-ass who follows the rules

Perhaps you follow some set of rules that you picked up somewhere, but there is no compelling foundation in law or ethics for requiring restricted access on network nodes.

Mark me troll and flamebait all you want

How about I simply mark you uninformed? Profiling (racial or otherwise) shouldn't be used, not because it's racist (though that doesn't help), but because it doesn't work. See for example what Bruce Schneier says here or here. And if you don't want to take the time to dig through those blogs here are a couple of short quotes:

The trick [for profiling to be effective] is to make sure perceptions of risk match the actual risks. If those responsible for security profile based on superstition and wrong-headed intuition, or by blindly following a computerized profiling system, profiling won't work at all. And even worse, it actually can reduce security by blinding people to the real threats. Institutionalized profiling can ossify a mind, and a person's mind is the most important security countermeasure we have.

Whenever you design a security system with two ways through -- an easy way and a hard way -- you invite the attacker to take the easy way. Profile for young Arab males, and you'll get terrorists that are old non-Arab females.

Mark me troll and flamebait all you want

How about I simply mark you uninformed? Profiling (racial or otherwise) shouldn't be used, not because it's racist (though that doesn't help), but because it doesn't work. See for example what Bruce Schneier says here or here. And if you don't want to take the time to dig through those blogs here are a couple of short quotes:

The trick [for profiling to be effective] is to make sure perceptions of risk match the actual risks. If those responsible for security profile based on superstition and wrong-headed intuition, or by blindly following a computerized profiling system, profiling won't work at all. And even worse, it actually can reduce security by blinding people to the real threats. Institutionalized profiling can ossify a mind, and a person's mind is the most important security countermeasure we have.

Whenever you design a security system with two ways through -- an easy way and a hard way -- you invite the attacker to take the easy way. Profile for young Arab males, and you'll get terrorists that are old non-Arab females.

It's not hard to imagine scenarios in which terrorists use children as mules.

Blink

http://www.schneier.com/blog/archives/2010/08/hacking_cars_th.html

Just saying.

Wrong. Kip Hawley was right when he said that this would merely shift terrorists' training focus to people on those pre-screened lists.

I think by "Kip Hawley" you meant "Bruce Schneier".

What the Trusted Traveler program does is create two different access paths into the airport: high security and low security. The intent is that only good guys will take the low-security path, and the bad guys will be forced to take the high-security path, but it rarely works out that way. You have to assume that the bad guys will find a way to take the low-security path.
  https://www.schneier.com/essay-051.html

Hawley's most recent dump recapitulates things Schneier has been saying for years and which Schneier tried to impress on him when he was still head of the TSA. https://www.schneier.com/blog/archives/2012/04/hawley_channels.html

Finally agreeing with Schneier after he's no longer in a position to use the information is a little worthless.

Wrong. Kip Hawley was right when he said that this would merely shift terrorists' training focus to people on those pre-screened lists.

I think by "Kip Hawley" you meant "Bruce Schneier".

What the Trusted Traveler program does is create two different access paths into the airport: high security and low security. The intent is that only good guys will take the low-security path, and the bad guys will be forced to take the high-security path, but it rarely works out that way. You have to assume that the bad guys will find a way to take the low-security path.
  https://www.schneier.com/essay-051.html

Hawley's most recent dump recapitulates things Schneier has been saying for years and which Schneier tried to impress on him when he was still head of the TSA. https://www.schneier.com/blog/archives/2012/04/hawley_channels.html

Finally agreeing with Schneier after he's no longer in a position to use the information is a little worthless.

Let me repeat that, the security of offline transactions is based entirely on a secret which is on every single mintchip.

I don't think that's true. I had a look at some of their protocol documentation---which isn't all that detailed---and it looks like they're probably using PKCS#7 signatures and X.509 certificates.

Unfortunately, they aren't willing to publish enough information to actually analyze the security of the system to determine whether it's trustworthy (nothing about how the chip itself is secured, for example), but they have released enough information that we can figure out some limits on its security, and it doesn't look all that great. I'll probably get modded down for karma-whoring here, but here's what I posted on that forum, after looking at the limited documentation they provided on their website:

Let me get this straight: MintChip is a proprietary, patented, centralized, unpublished cryptosystem, where a trusted-third-party (the Mint) signs a certificate saying "this private key was stored in a tamper-resistant hardware token that is designed not to double-spend", so we're supposed to just be able to assume that any valid MintChip transaction signatures are trustworthy, even offline. As soon as one person extracts a private key from a MintChip token (which they will, given that there's a monetary incentive), the fundamental assumption that the whole system relies upon is destroyed.

Your organization appears to know this, which explains why you emphasize that MintChip is intended for "low value" transactions.

Fine, so the security of the whole system depends on the security of these hardware tokens, and yet you're "not in a position to release" any tangible information about them? Why should anyone invest in this system? Because you're The Mint?

You have the threat model wrong, too. Why on earth would you want to emulate cash? Cash is easy to counterfeit. It only remains useful because there's a high risk vs. payoff associated with uttering counterfeit cash. On the other hand, MintChip is supposed to be used online, so even if we detect a counterfeit, there's not much chance that the fraudster will actually go to jail. There's also a much larger number of potential fraudsters (basically, everyone connected to the Internet).

MintChip also doesn't deliver on its privacy claims. "No personal data is exchanged in the transaction." That's not true at all. According to your documentation, every MintChip has a *single*, 16-digit ID that's generated by the central authority and used in all transactions, so there's no reason why these IDs couldn't be tracked the way companies already track credit card numbers.

The funny thing is that this all could have been implemented on top of Bitcoin. Make some tamper-resistant hardware with some Bitcoin private keys inside it, and sign a certificate saying "the keys for these addresses are in tamper-proof hardware". For low-value transactions, they could be accepted at face value, but if we wanted greater certainty, we could inject the transaction into the Bitcoin network and wait for a few confirmations to avoid double-spend fraud.

Way back in 1999, Bruce Schneier posted a list of nine cryptography "snake oil" warning signs (http://www.schneier.com/crypto-gram-9902.html#snakeoil). I see 3 of the 9 warning signs here already.

Most relevant post. This initiative probably has nothing to do with the end-user.

http://www.schneier.com/blog/archives/2010/07/the_nsas_perfec.html
http://www.wired.com/threatlevel/2010/07/nsa-2/
http://www.wired.com/threatlevel/2010/07/nsa-perfect-citizen-denial/

Criminal profiling has been debunked as a form of cold reading, specifically relying on the rainbow ruse and Barnum statements.

I think the quote you're looking for is "Security is a process, not a product." --Bruce Schneier.

Or the lady who was forced to milk herself in a public restroom, or else have her equipment seized by the TSA as "contraband".

Have her breasts seized? Sure, I can understand that; probably more than 3oz of liquid in those things. If she wants to get them through security, she needs to wrap them in plastic and write "Saline Solution" on them. See Bruce Schneier: The Things He Carried

Schneier took from his bag a 12-ounce container labeled "saline solution."

"It's allowed," he said. Medical supplies, such as saline solution for contact-lens cleaning, don't fall under the TSA's three-ounce rule.

"What's allowed?" I asked. "Saline solution, or bottles labeled saline solution?"

"Bottles labeled saline solution. They won't check what's in it, trust me."

They did not check. As we gathered our belongings, Schneier held up the bottle and said to the nearest security officer, "This is okay, right?" "Yep," the officer said. "Just have to put it in the tray."

"Maybe if you lit it on fire, he'd pay attention," I said, risking arrest for making a joke at airport security. (Later, Schneier would carry two bottles labeled saline solution—24 ounces in total—through security. An officer asked him why he needed two bottles. "Two eyes," he said. He was allowed to keep the bottles.)

Liquids on the other hand... It only takes 200 ml of a binary liquid explosive to blow a hole big enough to down the plane, and you're allowed five times that.

Yes, but would that be feasible? AFAIR, those hardcore liquid mix explosives are more likely to go off during mixing hurting the terrorist rather horribly, but probably nobody else (links on Schneier's blog).

And what if the encryption scheme protecting the card is broken? (It has already been done).