Slashdot Mirror

Don't pedophiles use hard currency, credit cards, cars, clothing too? I'll bet they use household cleaners all the time. Shouldn't government ban those things as well to prevent pedophilia?

Like Tide.

You can't make this stuff up.

Yeah it's all rather disappointing really, but at least we know that gains in processor speed won't some day break our crypto (assuming it has no other weaknesses).

For some interesting numbers check out http://www.schneier.com/blog/archives/2009/09/the_doghouse_cr.html

There's still some cryptography news, but so much of it lately is the very best insight and analysis on the intersection of technology, privacy, security, government, and society that is available.

Is there evidence that profiling passengers based on appearance and behavior is not more effective than randomized screening?

Yes. MIT published a paper entitled "Carnival Booth" that demonstrated that random screening is more secure than profiling, essentially due to the latter's vulnerability to probing:

Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System

A Lay Explanation of the MIT Research Paper [Carnival Booth]

Schneier on Security: Profiling

Proxy bombs are also difficult to screen for with profiles.

Because that has nothing to do with signals intelligence.

NSA isn't "tracking terrorists"; it's doing foreign SIGINT against foreign intelligence targets, some of whom may be described as "terrorists". To take your hypothetical, if NSA tips another agency that it is tracking a terrorist currently within the United States, and OTHER information is developed on, say, the license place of the rental the person is driving, why SHOULDN'T data that has been lawfully* collected by any number of agencies be brought to bear on that problem?

If you want to become outraged or make slippery slope arguments, at least realize that it's going to be federal domestic law enforcement agencies (e.g., FBI) that utilize this data, not "the NSA". This willful misunderstanding of what NSA does, and for what reasons, has got to stop.

This talk by Dr. Donald Kerr is well worth a thorough reading:

http://web.archive.org/web/20120207055035/http://www.dni.gov/speeches/20071023_speech.pdf

Safety and privacy -- it's common thinking that, in order to have more safety, you get less privacy. I don't agree with that. I work from the assumption that you need to have both. When we try to make it an either/or proposition, we're bound to fail. You can be perfectly safe in a prison; but you certainly aren't free. And you can be perfectly free in an anarchist society; but you certainly aren't safe.

The balance is one we've been working to perfect throughout my time in the intelligence community. That's of course a very hard thing to convince people of. Movies like "The Enemy of the State" and "The Good Shepherd" have poisoned the well of public opinion in some ways, and make people think we focus on safety mainly for governmental activities to the exclusion of all else. My takeaway message for today: We're not. You can -- and we do -- have both. We have always been a free people who can defend ourselves without giving up the liberties that animate us to action.

These two components of security -- safety and privacy -- are the crux of much of what we're doing in the intelligence community.

Bruce Schneier recognizes this truth

I have come to believe that the solution to all of this is regulation. And it's not going to be the regulation of data collection; it's going to be the regulation of data use.

* If we want something to not be done by government, it needs to be prohibited from doing so by law. Vague platitudes about surveillance states aren't going to cut it. Here is where some say, "But, but, but, it's unconstitutional!" No. It isn't, if a legal determination has already been successfully made by the government -- whether or not it has been challenged in court -- until a court of competent jurisdiction says it is. That's sort of how our system works, and perhaps the outcomes of arguments by the ACLU, EPIC, EFF, and similar in the era of "Big Data" will formalize some of these principles in law. Until then, this is the electronic equivalent of a police officer looking at and remember a license plate -- and yes, I realize full well that the scale and automation completely transform the argument. But a previously legal and perfectly legitimate government activity doesn't magically become illegal and/or unconstitutional simply because of scale or automation.

In a country where laws applies in the same way for everyone, that could pass. In US, in the other hand, that now see hacking as mass destruction weapons as they are used and plan to use them in big scale in that way, it will be labeled as terrorist and put you in jail for decades or more... unless you are a big contributor or work for them, in that case it will have no consequences.

Bruce Schneier saw this coming. And he's got a point...on one hand, we argue against the policies of countries like Egypt, Syria, Bahrain, China when it comes to free, uncensored and unmonitored use of the Internet (or lack thereof in the aforementioned countries). And then, oh...look what we're doing with all those network links that pass through our own country. You can argue that the motives are different, the means are more surgical (but only to a point since 1, they are classified programs and 2, intelligence agencies lie their assess off, by necessity, to foreign powers) but the argument still won't carry much weight.

But that still doesn't explain how giving the UN control of the DNS system would do anything to prevent governments from sniffing comms traffic.

Bruce Schneier saw this coming. And he's got a point...on one hand, we argue against the policies of countries like Egypt, Syria, Bahrain, China when it comes to free, uncensored and unmonitored use of the Internet (or lack thereof in the aforementioned countries). And then, oh...look what we're doing with all those network links that pass through our own country. You can argue that the motives are different, the means are more surgical (but only to a point since 1, they are classified programs and 2, intelligence agencies lie their assess off, by necessity, to foreign powers) but the argument still won't carry much weight.

Or just maybe this "Google Now" might be an app you can run when you want to be able to interact with your phone hands-free, and leave off when you don't?

Ok, I get the outrage now that we all know just how pervasive the TLA spying really is, but the ability to listen in using cell phone microphones is nothing new. It's been part of the surveillance landscape for decades, well before smartphones were common.

Schneier on Security, 2006:

The surveillance technique came to light in an opinion published this week by U.S. District Judge Lewis Kaplan. He ruled that the "roving bug" was legal because federal wiretapping law is broad enough to permit eavesdropping even of conversations that take place near a suspect's cell phone.
Kaplan's opinion said that the eavesdropping technique "functioned whether the phone was powered on or off." Some handsets can't be fully powered down without removing the battery; for instance, some Nokia models will wake up when turned off if an alarm is set.

http://www.schneier.com/blog/archives/2006/12/remotely_eavesd_1.html

So fine, your phone can listen to you, just like it always could. If you don't want that, then you don't want a mobile phone, but that's nothing to do with a (possibly) handy voice activation app.

Another good article that makes the same point by Bruce Schneier himself. Biometrics: uses and abuses.

The are encryption systems that you can do mentally. To stand up to a full attack by the NSA they may get a bit laborious (tbh, simply memorising the data is probably easier), but if you simply want to make it unprofitable to crack you can probably use http://www.schneier.com/solitaire.html.

Bruce Schneier agrees with you:

Why do otherwise rational people think it's a good idea to profile at airports?

From paper discussed here: http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

In the case of AES-128, there is no known attack which is faster than the 2^128 complexity of exhaustive search. However, AES-192 and AES-256 were recently shown to be breakable by attacks which require 2^176 and 2^119 time, respectively.

This is fearmongering. Encryption standards that have been adopted are open source and mathematicians comb over them with a fine tooth comb before giving them their blessing. Yes, there is a worry among mathematicians about the NSA developing an algorithm that would permit a pre-computed set of numbers to decrypt all communication. Which is why they make sure it DOESN'T HAPPEN.

See https://www.schneier.com/essay-198.html

And there's the fact that AES-192 and AES-256 are NSA approved for protecting Top Secret classified documents.

It seems unlikely that they would approve the use of an algorithm with a known vulnerability to protect classified information -- knowing that a vulnerability would likely eventually be discovered (or stolen) by an adversary, leaving classified documents at risk. It would be awfully embarassing if, for example, someone stole secret documents and handed them over to a newspaper reporter and revealed some of the inner workings of the NSA.

> Can we get plate with code to delete the database?"

Yes. http://gizmodo.com/5498412/sql-injection-license-plate-hopes-to-foil-euro-traffic-cameras https://www.schneier.com/blog/archives/2008/04/sql_injection_a_1.html

Why the hell would you want to keep one for 10 years?

Because it works and suits my purposes. Why else?

Because it will stop suiting your purposes, for one. Microsoft has announced that there are only ten more Patch Tuesdays left for Windows XP: July 2013 through April 2014, after which Microsoft will end support for the operating system. This means that a PC that still runs Windows XP will no longer suit the purpose as an Internet client after mid-April 2014 when the black hats begin to release their forever-day XP exploits to the throngs of script kiddies.

Ah.. an anti-ms troll still stick in 1999. _NSAKEY has nothing to do with backdoors. Its understandable that non-technical simpletons would mistake it as such.

http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI

This was the discussion on Slashdot: http://yro.slashdot.org/story/13/04/07/2029233/is-the-dea-lying-about-imessage-security Here was Schneier's piece, noting concerns: http://www.schneier.com/blog/archives/2013/04/apples_imessage.html I couldn't find the white paper you refer to on Apple's site, though there are references to it elsewhere. This article (with a dead link to the white paper) makes no mention of iMessage, though it does refer to other aspects of iOS security: http://securitywatch.pcmag.com/none/298642-nothing-new-in-apple-s-ios-security-guide

So then Bruce Schneier has no place in security?

Kerckhoffs' Principle is just one half of the decision process. Just because security does not require that something be kept secret, it doesn't mean that it is automatically smart to publicize it. There are two characteristics that make publication so powerful in cryptography. One, there is a large group of people who are capable and willing to evaluate cryptographic systems, and publishing is a way to harness the expertise of those people. And two, there are others who need to build cryptographic systems and are on the same side, so everyone can learn from the mistakes of others. If cryptography did not have these characteristics, there would be no benefit in publishing.

Missile guidance algorithms is another example. Would the government be better off publishing their algorithms for guiding missiles? I believe the answer is no, because the system lacks the second characteristic above. There isn't a large community of people who can benefit from the information, but there are potential enemies that could benefit from the information. Therefore, it is better for the government to keep the information classified and only disclose it to those it believes should know.

Oh and:

Because the secrecy requirements for security are rarely black and white, publishing now becomes a security trade-off. Does the security benefit of secrecy outweigh the benefits of publication? It might not be easy to make the decision, but the decision is straightforward. Historically, the NSA did not publish its cryptographic details -- not because their secrecy improved security, but because they did not want to give their Cold-War-world enemies the benefit of their expertise.

Basically you have no place lecturing about security practices.

Obscurity is a perfectly valid layer of security as long as the security mechanism's integrity is not based solely on that obscurity. Just because certain information can be made public about a security system without damaging its integrity as a whole does not mean you necessarily should make that information public. Bruce Schneier even says so himself:

Kerckhoffs' Principle is just one half of the decision process. Just because security does not require that something be kept secret, it doesn't mean that it is automatically smart to publicize it.

From: http://www.schneier.com/crypto-gram-0205.html#1

Bruce Schneier points out one of the ways in this essay.

Stop giving up your civil liberties so readily everytime the news starts churning out the Terrorism drama with every "think of the children" campaign. Life is always going to have it's dangers and none of the DHS/TSA stuff to date has saved us from any of it*. The only reason TFA has happened is because people let it happen.

[*] - http://www.schneier.com/blog/archives/2012/01/abolish_the_dep.html

Rijndael is recommended by US government. Therefore inherently suspicious to any paranoid person. If I were trying to hide my data, I would personally go for twofish or a combination of 2 algorithms. (Having said that, I only use EncFS with default settings == AES)

http://www.schneier.com/blog/archives/2011/08/new_attack_on_a_1.html

Oblig answer

Similarly, from the Jargon File:

rubber-hose cryptanalysis : n.

[sci.crypt newsgroup] The technique of breaking a code or cipher by
      finding someone who has the key and applying a rubber hose vigorously and
      repeatedly to the soles of that luckless person's feet until the key is
      discovered. Shorthand for any method of coercion: the originator of the
      term drily noted that it can take a surprisingly short time and is
      quite computationally inexpensive relative to other cryptanalysis
      methods. Compare social engineering ,
      brute force.

Wikipedia also has it the term Thermorectal cryptanalysis for it, which brings disturbing images to mind. The comments on Schneier on Security suggest that hot soldering irons are involved. :-S

From what I'm reading, if the judge doesn't believe him, he'd just find him in contempt of court and detain him until he remembers.

http://www.schneier.com/blog/archives/2012/02/what_happens_wh.html

To maintain your household under constant marketing surveillance. I'm waiting for Bruce Schneier to weigh in on this one, specifically. He does an excellent examination of the general case in his recent "Surveillance and the Internet of Things"

Microsoft is taking Xbox further down the road of current trends in targeting and profiling "users". The model for most web applications and nearly all mobile apps has been that of of the Trojan Horse. An apparently benign, amusing or useful set of functions is presented the user, often below the cost of producing the technology. It does no good to labour the point with tedious argument: the applications are invasive and - depending on your perspective - abusive of privacy.

XBox One is the adaptation of these trends, delivered into the home as a 7/24 data collection head, with a colour camera and a microphone that can't be turned off.

"German federal commissioner for privacy protection: "Xbox One is a surveillance device"

Civil Liberties Australia says Xbox One 'meets definition of surveillance device'

Privacy breach: Xbox One a 'twisted nightmare'

Here's why that doesn't work. The attack is very, very, very simple, and once you see it explained, you'll never trust those sorts of services again. A basic attack looks like this:

Attacker compromises the device and waits for user to log into Google.
Attacker captures the response to the authentication request and forwards it to their own server.
Attacker's server connects to Google's system and obtains credentials.
Attacker displays a network error message to the user. The user logs in again to the real Google server, unaware that the first attempt was successful, just for

Here is how I know you haven't a clue what you are talking about, and why I hope you will just go away and stop pontificating:

Attacker compromises the device...
    Really? Really? Just like that, compromises my cell phone, which is never out of my possession?
    How is it you hand waive all that process away?
And waits for the user to log into google
    Again, Really? Do you even have a clue how Google authenticator works?
    You don't log into google with the authenticator. You log in with some other computer over a ssl connection.
      Then google asks you for a code from the authenticator app. Guess what: The app doesn't even talk to google
        except at install time. You can put your phone in airplane mode and still get a code from the authenticator.
        So even a compromised phone (something you seem to think is trivial, but never bother to explain) won't do you
        any good because it does not contact google.

        You then key this number into the computer talking to google over a ssl connection. It compares it to the
          number your authenticator would have rendered for that particular 30 second window. If its good you get in
          but again you are in a ssl pipe.

        So you capture nothing. NOTHING.

Attacker captures the response to the authentication request and forwards it to their own server
    No it doesn't, because you captured nothing. It was in an SSL pipe from some compute you don't even know about.
    Further the code has been USED, and its no good any more. Its a one time code.
    Further Google would see you trying to create your own connection and would immediately you to get a code off of your authenticator...
        but wait, you don't have an authenticator synced with that account, and the old number is no good..

You would have to already have an ssl compromised machine in place and lure a google user into signing on via that specific machine.
But wait, that wouldn't work either because
google already detects this. Even Schneier does believe this would work even with National authorities forcing bogus certificates.

Even if you had a pre-compromised computer and an elaborate SSL spoofing setup in place ahead of time, on a computer that you knew I would have to log in from, you can only compromise that single session, and when you attempted to change anything so that you could log in again in the future, I would be locked out of the account, and would therefore know the account had been compromised.

So just stop hand waiving into existence imaginary compromised devices, and thereby supposing into existence the hardest part of the whole operation.
If this was so easy, it would have already been done. Yet every attempt to bypass Two Factor has been done via apps that would not support Two Factor, and which required an application specific password, which in the end, is just another password.

Except what they obviously intend to use it for - large scale decryption of SSL traffic so the data can be mined by Google (for profit) and the Government (to oppress).

If that's their intent, they'll be sorely disappointed, since D-Wave's machine has only 512 qubits (where as all new SSL certificates are at least 1024 bits). More importantly, the machine is not a general purpose quantum computer and can't run Shor's algorithm.

Besides, NSA is already able to break 1024 bit RSA using conventional computing (not to mention the possibility of much cheaper side channel attacks). See e.g. Schneier.

If we are optimistic, it may be possible to factor a 1024-bit RSA modulus [before 2020] by means of an academic effort on [a] limited scale.

- Kleinjung et al., 2010, my emphasis

The same paper gives an estimated difficulty of 2 million CPU years for factoring 1024 bit RSA. Sure, that's about $500 million on Amazon EC2, but the NSA have dedicated data centers, dedicated ASICs, smarter algorithms, and money to burn. Realistically, breaking 1024 bit RSA may be as cheap as $50,000 a pop to the NSA... and remember, they only have to break it once per HTTPS certificate, not once per connection.

(As for Google, they're already have your email and knows every page you visit that contains a YouTube video, a +1 button, or Google Analytics... Why would they waste time breaking RSA when the sidechannel attacks are cheap and plentiful?)

This article is about 10 years too late. The War on Photography is not exactly a new thing.

I don't know why I bother to even come to this site anymore. The shit that gets posted here is pathetic. The editors aren't even worth the trouble to laugh at anymore.

Bruce Schneier commented on this and has some links that may provide a primary source: http://www.schneier.com/blog/archives/2013/04/securing_congre.html

Well as of a year ago, here's a few tidbits on AES and the NSA.. But that was a year ago and I don't think the NSA would be sharing
their resources with the FBI on something like a potential kiddie pr0n case.

And every time someone posts that, someone else has to post a reply saying that just does not scale. I guess it's my turn. Even Bruce Schneier says so. Bruce, quoting someone else with whom he agrees: "...no matter how safe or how wonderful the flying experience on El Al, it is TINY airline by U.S. standards, with only 38 aircraft, 46 destinations, and fewer than two million passengers in 2008. As near as I can tell, Cairo is their only destination in a majority Muslim country. Delta, before the Northwest merger is included, reported 449 aircraft and 375 destinations."

A few days ago, Bruce Schneier launched the Sixth Movie Plot Contest, with the goal of creating catastrophic but plausible things that "cyberwarriors" and evil hackers could do to destroy America. There are some fascinating ones, that's for sure, but the real point is that if you try to defend against everything that could happen, you'll waste most of your efforts.

A couple of days ago, Bruce Schneier posted a blog entry that seems relevant. There's something in the military mindset about secrecy that I don't understand, and perhaps none of us do.
How people talked about the secrecy surrounding the Manhattan project.

Depends on what you mean by conclusive, but there's a motive and there's a capability. For the capability part, see:

http://www.schneier.com/blog/archives/2012/05/backdoor_found.html

http://www.schneier.com/blog/archives/2013/03/our_internet_su.html

But... if I were going to try and confound the system which can correlate almost all of your electronic records, you'd need to have a rolling list of sock-puppets who supply proxy identifying information to the cell towers. You'd need to have a bundle of SIM cards in the handset to do this, or to have electronics which fake the same data. Then, to make sure you can actually be contacted, you need to have a call redirection system sending you SIP calls (though if you're designing the hardware for this, you can encrypt the data streams carrying your voice over the existing cell transports - note that Skype may be encrypted but we don't know how well or who has a back door key). To avoid that being a single point of obfuscation failure, it probably needs to be a distributed network of TOR-like relays across hardware and cloud providers, and even then, it will probably need to be steganographically hidden in ordinary-looking traffic.

Not impossible, but still a pipe-dream since 1993.

http://www.schneier.com/news-101.html
http://www.schneier.com/blog/archives/2005/06/write_down_your.html

But yes, when he writes them down he encrypts it through Blowfish on the fly. And his wallet doesn't open without a 65536-bit key.

http://www.schneier.com/news-101.html
http://www.schneier.com/blog/archives/2005/06/write_down_your.html

But yes, when he writes them down he encrypts it through Blowfish on the fly. And his wallet doesn't open without a 65536-bit key.

It's already well established that eye witness testimony is highly unreliable and it's still treated as the most important evidence in any criminal case.

Or compile gcc with gcc?

Not if Ken Thompson contributed to gcc, unless you've taken sufficient care.

This shouldn't be that shocking. Congress authorized offensive cyberattacks in 2011. Remember? We talked about it: http://it.slashdot.org/story/11/12/23/1850209/us-congress-authorizes-offensive-use-of-cyberwarfare [Slashdot]

That aside, however, the US can only let itself get punched so many times before it hits back. The Chinese are doing a lot more than just probing our networks, and they've been doing these things for a long time now: http://www.schneier.com/blog/archives/2011/04/wikileaks_cable.html [ Schneier on Security]

Don't forget, they also now reenforce / lock the cabin door. It helps that the hijackers can no longer control the plane.

www.schneier.com

If you aren't sending generic mails, but something tailored for the recipient (and in particular, the weakest link between the possible ones) this gets worse. Phishing has gotten very good

How is that link supposed to be used without first getting into the now-secured email account?

Perhaps because not all "forgot password" links work that way? Now, of course, that particular method no longer works and it did require some "personal" info and a physical call. However, it's not an isolated story, it's just the first that came up in my admittedly haphazard search. Online password cracking is too easy to detect and stop unless you have a large botnet at your disposal. Crackers are going after alternate channels. While you and I can pick our complex passwords to protect the front door, we cannot pick the reset methods and procedures chosen by Apple, Amazon, Google, or Microsoft.

In 2009, an al-quaida agent attempted (unsuccessfully) to assassinate a Saudi prince with an ass bomb. The shoe bomber and the crotch bomber were very successful -- not at blowing up a plane but at allowing the TSA to implement even dumber and more invasive security measures.

I'd say the crotch and shoe bombers were more successful than if they had blown up

In 2009, an al-quaida agent attempted (unsuccessfully) to assassinate a Saudi prince with an ass bomb. The shoe bomber and the crotch bomber were very successful -- not at blowing up a plane but at allowing the TSA to implement even dumber and more invasive security measures.

"Currency" is anything two or more transacting parties say it is. "Goodwill," "reputation," "an understanding that if I do this for you, you'll do something for me later," and the like are all "currencies" in this sense.

The same goes for Tide laundry detergent, apparently.

Cost vs. benefit? You have to be kidding me. The probability of hitting a city or a nuclear plant with a decent size asteroid is so incredibly small that there is really is no benefit for this survey at all. Just because there was a recent meteor blast doesn't make them more likely.

Meteor defense is another name for security theater. An overreaction to a big and scary threat (like terrorism) that when you actually calculate the risk turns out to be very small.

This reminds me of a Bruce Schneier essay on tagging newborns with RFID tags.

Bruce Schneier has pointed out another similar device: http://www.schneier.com/blog/archives/2012/08/200_for_a_fake.html

I'd also like to know if the standard is secure against attacks that use variable bit rate info to detect words/phrases. I believe ZRTP avoids that problem by using a constant bit rate stream but most services don't bother because it uses more bandwidth. Doing VOIP encryption without countermeasures for that attack seems a bit silly.