It does not "assume no MITM attacks can exist". It deliberately does not protect against them. This is not the same thing, as one is a position of ignorance whereas the other is an intentional choice not to defend against that threat.
In practical terms, MITM is considerably harder than simply listening in. Wide-scale surveillance such as what caused the big recent flap with FISA and the NSA simply can't perform MITM attacks. Protecting against pure eavesdropping while remaining open to MITM attacks is useful, it's just not a 100% solution. As long as it doesn't sell itself as one (and I see no indication that it is) then there's absolutely no problem with that.
The point being that this is the actual security hierarchy, from best to worst:
SSL with cert signed by a trusted certificate authority
SSL with self-signed cert
Plain HTTP
Whereas most web browsers make it appear like this:
SSL with cert signed by a trusted certificate authority
Plain HTTP
SSL with self-signed cert
Any browser that warns you about self-signed certs should make at least as much of a fuss about using plain HTTP, but they don't. Firefox takes it to ridiculous extremes but they're all faulty in this respect.
And really, if browsers would save the self-signed cert and then alert me if it changes the way SSH does, then the result will be very good, nearly as good as a regular cert (and potentially even better, since there's no potential for compromising the trusted certificate authority).
Much like a broken smoke detector waking you up in the middle of the night is not grounds for rejecting the idea of automatic smoke detection altogether, this technology can be extremely useful.
If the smoke detector goes off every single night, and there's only a fire on average once every 100 years, does that make a case for or against that smoke detector?
It doesn't matter, because the only place where you have to get your ID checked is at the TSA checkpoint, and they don't check it against any databases.
So, the easy recipe for bypassing the no-fly list is:
Purchase tickets in a fake name.
Check in at home before your flight, and print your boarding pass on your home printer.
Using any number of techniques which are trivial to the computer literate, capture that boarding pass, alter it to match your real name, and print a second copy.
When you arrive at the airport, go straight to the security checkpoint.
Use the altered pass with your real name in combination with your real ID to get through security.
Use the original, non-altered pass to board the plane.
I flew as recently as last month and was not subjected to anything which would defeat this scheme. It fails if you need to check luggage, but I doubt a terrorist is going to be doing that. The no-fly list is such an obvious joke.
Yes, but he was talking about his friend the balloonist, and unless his friend's last name was Fossett he was probably not at airliner altitudes.
With the old networks, even GA planes could cause havoc. I heard one story about a guy who was approaching Chicago and called his family to tell them he would be home soon. When his bill showed up that one call had been billed to him six separate times, because he hit so many different towers that were too far apart to communicate with each other and coordinate billing. Of course airliners are far worse simply because of their speed, but at 10,000ft over flat terrain the horizon describes a circle over 250 miles in diameter, way bigger than a phone cell.
My understanding is that the older networks got really messed up by any aircraft use, and newer ones don't get messed up by any aircraft use. As evidence, I submit this article which claims:
The researchers found that on average one to four cell phone calls are typically made from every commercial flight in the northeast United States. Some of these calls are made during critical flight stages such as climb-out, or on final approach. This could cause accidents, the investigators report.
In my opinion that last sentence is crap, but there's no reason to doubt their data. If that kind of call volume is already taking place I'd think the mobile phone network would already be in shambles if it couldn't withstand phones on airliners, although it's certainly possible that it can cope with this much but not with more.
Considering the number of passengers who are carried by airplanes each year, even something with a one-in-a-million chance of causing a problem would be a very bad thing.
This is blatantly false. Airliners are chock full of things with much higher odds of failure than one in a million. Airliners achieve their extremely good safety record through redundancy and robustness, not through avoiding failure at all costs. Airliners have things fail all the time, it's just that the vast majority of the time the inherent redundancy and robustness of the aircraft make it such a minor event that the passengers don't even know it happened.
Sounds like this was long enough in the past that he was using an older network, not a modern digital network. My understanding is that modern digital networks have no problems coping with phones which can view many towers at once. As a thought exercise, consider this question: does it cause chaos to use a cell phone from a high mountain peak?
I have used my cell phone in the air several times with no trouble. I even got to listen in once as my flight instructor had a nice chat with his wife while I flew the plane.
Um, so what? Do you think that one kiloton exploding high up in the atmosphere over New York or Los Angeles would do anything other than provide an unusual light show for the inhabitants? Think again.
You can subtract out the "smack upside the head" part and still end up with effective discipline. All corporal punishment really does is teach the child that authority comes from violence and therefore the strong exercise power over the weak. Which is mostly true, but we ought to aspire to higher ideals.
I rather doubt it would run "perfectly well". 60HP is seriously small, and you're going to have a really difficult time safely getting up to speed on a highway with it. It's not an exceptionally light car even without the hybrid bits, and that is a rather small engine for its size. What other conventional cars are there with a similar weight (subtracting the hybrid bits) and a 60HP engine?
You're correct that the electric motors don't help at highway speeds, but that kind of misses the point. The idea of having them is that they allow you to have an engine which is sized purely for cruising, not for accelerating. A conventional car must have an engine that is much larger than what it would need purely to sustain highway speeds, so that it can get up to those highway speeds in a reasonable amount of time. A hybrid only needs an engine that can sustain cruise, because the extra power for acceleration comes from the electrics.
Well, it's not quite no good reason. That extra weight allows the car to use a significantly smaller and more efficient engine, which does help. The Prius gets very good highway mileage for a car of its size, even though there are a couple of non-hybrid models which achieve similar results. You mention 34MPG, and a bit of searching rates the Prius at 40+ for normal highway driving. (I've never driven one so I don't have any direct experience.)
But most people aren't driving their cars exclusively for 300-400 miles non-stop on highways. Most people drive them shorter distances at slower speeds and with more acceleration and braking. And hybrids really shine there. As far as I know, diesels still take a similar hit on city driving compared to gasoline cars, so hybrids have a good advantage over both.
It has nothing to do with "one Boss", and everything to do with the ordinary corrupting influence of power. For the record I lived in Europe for three years, and never got the sense that the police there were somehow magically incorruptible.
I have a similar approach with my kids. If you consistently say no, the kids stop asking. It's only when you start saying yes sometimes that they start. That's as true of advertising as it is of buying candy in the checkout aisles.
What really gets me are the parents who say "no" until the kid gets unbearably annoying about it, then say "yes". Somehow they don't realize that they're only training the kid that being loud and obnoxious will get them what they want.
Call me back when GM is actually producing them and selling them. Your hypothetical price for the Volt strikes me as being extremely low. Wikipedia says that the price is currently unknown and could be as high as $48,000 depending on a lot of factors which simply can't be determined until it starts being sold.
Meanwhile I bought a Malibu used for $13,000 several years ago. It gets 35MPG on the highway, drives great, and has plenty of power. I also routinely make trips longer than 40 miles with it, imagine that. Seems like the right choice to me!
That may be the case for highway driving. But where hybrids really shine is city driving. A Prius actually gets better mileage in city driving than it does on the highway, because unlike traditional drivetrains, the hybrid drivetrain gets more of an advantage from the lower speeds than it loses from the constant acceleration and braking. I doubt that shaving 100kg of junk off a regular Prius-sized car is going to suddenly give you 50MPG in city driving.
I wish you people would take the time to explain your point, instead of just skirting around the outline and assuming I already know what you mean. I mean, if I already know your point, why bother to reply in the first place? Elaborate and actually give me the details of what you're talking about. I have no idea at all what you mean by "One word - fungible." I know what "fungible" means, but I don't know what kind of point you're trying to make with it.
You're wrong about inherent value. There are plenty of things with inherent value. Food, for example, is inherently valuable because it sustains us. But food is a terrible choice for a monetary system because an individual only needs so much of it, and it mostly doesn't keep.
So instead of "keeping score" with the stuff that has intrinsic value, we use other things for money. Gold was the material of choice for a long time in many places because it's rare and impossible to fake. Many people confuse this with having intrinsic value, but being rare does not by itself confer value. For example, Bismuth is less common than gold but considered to be far less valuable looking at market prices.
But it's true, aside from certain things like food, water, and housing, nothing really has intrinsic value. It is all in the eye of the beholder. (And most housing value is too; the intrinsic value is far below the market price in most places, because the value people place on housing is often greatly tied up in aesthetics and location.) And I'm not sure why you find that to be so ridiculous as to use it as proof that I'm wrong. Why does there have to be intrinsic value in the world beyond the basics? Why does there have to be an intrinsically valuable material to base our money on?
One of the things I find scary about the rest of the "first world" is how much powerful people are trusted. I really don't see any evidence that these other countries are less corrupt than the US, but at least here we recognize that our government officials are largely full of crap and attempt to limit their power accordingly. Hasn't been working so great lately but the general principle is, in my mind, sound.
I'm sorry, did you just quote a section of my post, criticize it, and then go and say something utterly irrelevant to it? I mean, I talk about how gold is not intrinsically valuable, and you go and talk about beans and IOUs. How does this make any sense? Whatever point you were trying to make is utterly lost on me.
It's the same with stocks and a lot of other things. Few companies have anywhere near the assets that correspond to their paper value.
Of course they don't. A company's value is their assets plus their potential for future profit. A properly-priced stock takes both of these into account. Future profit is hard to predict, which is why stock pricing is tricky. But just because it's future profit doesn't mean it's illusory.
Also your example about house values sucks. If somebody prices their house at $110k, then somebody else who's selling at the same time will be able to undercut them to attract buyers. The net result is that, unless supply is very short, the guy who overpriced his house will never sell it.
I'd also love to know what you consider to be "real" money, if this is all fake money. I've yet to find any kind of money that doesn't end up being fake if you dig into it deeply enough. Even gold, the standard that everybody loves to hold up as being "intrinsically valuable" is just a soft, visually pleasing metal with no inherent worth outside of certain industrial processes. If it weren't so rare people wouldn't even care about it.
Oh, and if you follow the link from the article you'll find that this attack is being published by the makers of TurboCrypt, which was incompetently designed and thus vulnerable to this attack, but has now been fixed. The makers of this app (which you should probably stay away from, if they made such an elementary mistake then who knows what other problems it has) are essentially hyping this fairly inconsequential discovery in order to sell their product.
Yup. "Everyone knows" that reusing the same key/IV on more than one piece of data means that you're screwed. The Soviets learned this lesson in a painful manner on what were supposed to be one-time pads during WWII. If these programs are really re-using the same key and IV for different revisions of the data, then they are horribly broken and this is just the barest beginning of how.
The bad news is that this would seem to indicate that a fair amount of full-disk encryption software is absolutely, horribly broken and cannot be trusted in any way. The good news is that this break is nothing particularly interesting in and of itself, and that it will do nothing against a competently designed product.
Slashdot Mirror
It does not "assume no MITM attacks can exist". It deliberately does not protect against them. This is not the same thing, as one is a position of ignorance whereas the other is an intentional choice not to defend against that threat.
In practical terms, MITM is considerably harder than simply listening in. Wide-scale surveillance such as what caused the big recent flap with FISA and the NSA simply can't perform MITM attacks. Protecting against pure eavesdropping while remaining open to MITM attacks is useful, it's just not a 100% solution. As long as it doesn't sell itself as one (and I see no indication that it is) then there's absolutely no problem with that.
The point being that this is the actual security hierarchy, from best to worst:
Whereas most web browsers make it appear like this:
Any browser that warns you about self-signed certs should make at least as much of a fuss about using plain HTTP, but they don't. Firefox takes it to ridiculous extremes but they're all faulty in this respect.
And really, if browsers would save the self-signed cert and then alert me if it changes the way SSH does, then the result will be very good, nearly as good as a regular cert (and potentially even better, since there's no potential for compromising the trusted certificate authority).
Let the software pick up suspects.
Let's not. It does a shitty job at it.
Much like a broken smoke detector waking you up in the middle of the night is not grounds for rejecting the idea of automatic smoke detection altogether, this technology can be extremely useful.
If the smoke detector goes off every single night, and there's only a fire on average once every 100 years, does that make a case for or against that smoke detector?
It doesn't matter, because the only place where you have to get your ID checked is at the TSA checkpoint, and they don't check it against any databases.
So, the easy recipe for bypassing the no-fly list is:
I flew as recently as last month and was not subjected to anything which would defeat this scheme. It fails if you need to check luggage, but I doubt a terrorist is going to be doing that. The no-fly list is such an obvious joke.
Yes, but he was talking about his friend the balloonist, and unless his friend's last name was Fossett he was probably not at airliner altitudes.
With the old networks, even GA planes could cause havoc. I heard one story about a guy who was approaching Chicago and called his family to tell them he would be home soon. When his bill showed up that one call had been billed to him six separate times, because he hit so many different towers that were too far apart to communicate with each other and coordinate billing. Of course airliners are far worse simply because of their speed, but at 10,000ft over flat terrain the horizon describes a circle over 250 miles in diameter, way bigger than a phone cell.
My understanding is that the older networks got really messed up by any aircraft use, and newer ones don't get messed up by any aircraft use. As evidence, I submit this article which claims:
The researchers found that on average one to four cell phone calls are typically made from every commercial flight in the northeast United States. Some of these calls are made during critical flight stages such as climb-out, or on final approach. This could cause accidents, the investigators report.
In my opinion that last sentence is crap, but there's no reason to doubt their data. If that kind of call volume is already taking place I'd think the mobile phone network would already be in shambles if it couldn't withstand phones on airliners, although it's certainly possible that it can cope with this much but not with more.
"TidBITS is an award-winning electronic newsletter and web site dealing primarily with Apple Computer and Macintosh-related topics."
Maybe you should find out a little bit about the web sites you criticize before you shoot off your mouth.
Considering the number of passengers who are carried by airplanes each year, even something with a one-in-a-million chance of causing a problem would be a very bad thing.
This is blatantly false. Airliners are chock full of things with much higher odds of failure than one in a million. Airliners achieve their extremely good safety record through redundancy and robustness, not through avoiding failure at all costs. Airliners have things fail all the time, it's just that the vast majority of the time the inherent redundancy and robustness of the aircraft make it such a minor event that the passengers don't even know it happened.
Sounds like this was long enough in the past that he was using an older network, not a modern digital network. My understanding is that modern digital networks have no problems coping with phones which can view many towers at once. As a thought exercise, consider this question: does it cause chaos to use a cell phone from a high mountain peak?
I have used my cell phone in the air several times with no trouble. I even got to listen in once as my flight instructor had a nice chat with his wife while I flew the plane.
Again, so what? Lite Brite toys have caused "some people" to freak out and think it's a terrorist attack.
Um, so what? Do you think that one kiloton exploding high up in the atmosphere over New York or Los Angeles would do anything other than provide an unusual light show for the inhabitants? Think again.
You can subtract out the "smack upside the head" part and still end up with effective discipline. All corporal punishment really does is teach the child that authority comes from violence and therefore the strong exercise power over the weak. Which is mostly true, but we ought to aspire to higher ideals.
I rather doubt it would run "perfectly well". 60HP is seriously small, and you're going to have a really difficult time safely getting up to speed on a highway with it. It's not an exceptionally light car even without the hybrid bits, and that is a rather small engine for its size. What other conventional cars are there with a similar weight (subtracting the hybrid bits) and a 60HP engine?
You're correct that the electric motors don't help at highway speeds, but that kind of misses the point. The idea of having them is that they allow you to have an engine which is sized purely for cruising, not for accelerating. A conventional car must have an engine that is much larger than what it would need purely to sustain highway speeds, so that it can get up to those highway speeds in a reasonable amount of time. A hybrid only needs an engine that can sustain cruise, because the extra power for acceleration comes from the electrics.
Well, it's not quite no good reason. That extra weight allows the car to use a significantly smaller and more efficient engine, which does help. The Prius gets very good highway mileage for a car of its size, even though there are a couple of non-hybrid models which achieve similar results. You mention 34MPG, and a bit of searching rates the Prius at 40+ for normal highway driving. (I've never driven one so I don't have any direct experience.)
But most people aren't driving their cars exclusively for 300-400 miles non-stop on highways. Most people drive them shorter distances at slower speeds and with more acceleration and braking. And hybrids really shine there. As far as I know, diesels still take a similar hit on city driving compared to gasoline cars, so hybrids have a good advantage over both.
It has nothing to do with "one Boss", and everything to do with the ordinary corrupting influence of power. For the record I lived in Europe for three years, and never got the sense that the police there were somehow magically incorruptible.
I have a similar approach with my kids. If you consistently say no, the kids stop asking. It's only when you start saying yes sometimes that they start. That's as true of advertising as it is of buying candy in the checkout aisles.
What really gets me are the parents who say "no" until the kid gets unbearably annoying about it, then say "yes". Somehow they don't realize that they're only training the kid that being loud and obnoxious will get them what they want.
Yep, it has the devastating combination of being sarcastic and wrong. Not just parents, but people in general really hate that.
Call me back when GM is actually producing them and selling them. Your hypothetical price for the Volt strikes me as being extremely low. Wikipedia says that the price is currently unknown and could be as high as $48,000 depending on a lot of factors which simply can't be determined until it starts being sold.
Meanwhile I bought a Malibu used for $13,000 several years ago. It gets 35MPG on the highway, drives great, and has plenty of power. I also routinely make trips longer than 40 miles with it, imagine that. Seems like the right choice to me!
That may be the case for highway driving. But where hybrids really shine is city driving. A Prius actually gets better mileage in city driving than it does on the highway, because unlike traditional drivetrains, the hybrid drivetrain gets more of an advantage from the lower speeds than it loses from the constant acceleration and braking. I doubt that shaving 100kg of junk off a regular Prius-sized car is going to suddenly give you 50MPG in city driving.
I wish you people would take the time to explain your point, instead of just skirting around the outline and assuming I already know what you mean. I mean, if I already know your point, why bother to reply in the first place? Elaborate and actually give me the details of what you're talking about. I have no idea at all what you mean by "One word - fungible." I know what "fungible" means, but I don't know what kind of point you're trying to make with it.
You're wrong about inherent value. There are plenty of things with inherent value. Food, for example, is inherently valuable because it sustains us. But food is a terrible choice for a monetary system because an individual only needs so much of it, and it mostly doesn't keep.
So instead of "keeping score" with the stuff that has intrinsic value, we use other things for money. Gold was the material of choice for a long time in many places because it's rare and impossible to fake. Many people confuse this with having intrinsic value, but being rare does not by itself confer value. For example, Bismuth is less common than gold but considered to be far less valuable looking at market prices.
But it's true, aside from certain things like food, water, and housing, nothing really has intrinsic value. It is all in the eye of the beholder. (And most housing value is too; the intrinsic value is far below the market price in most places, because the value people place on housing is often greatly tied up in aesthetics and location.) And I'm not sure why you find that to be so ridiculous as to use it as proof that I'm wrong. Why does there have to be intrinsic value in the world beyond the basics? Why does there have to be an intrinsically valuable material to base our money on?
One of the things I find scary about the rest of the "first world" is how much powerful people are trusted. I really don't see any evidence that these other countries are less corrupt than the US, but at least here we recognize that our government officials are largely full of crap and attempt to limit their power accordingly. Hasn't been working so great lately but the general principle is, in my mind, sound.
Yes, don't bother to explain anything or be coherent, just act like an asshole. It's what everybody else does!
I'm sorry, did you just quote a section of my post, criticize it, and then go and say something utterly irrelevant to it? I mean, I talk about how gold is not intrinsically valuable, and you go and talk about beans and IOUs. How does this make any sense? Whatever point you were trying to make is utterly lost on me.
It's the same with stocks and a lot of other things. Few companies have anywhere near the assets that correspond to their paper value.
Of course they don't. A company's value is their assets plus their potential for future profit. A properly-priced stock takes both of these into account. Future profit is hard to predict, which is why stock pricing is tricky. But just because it's future profit doesn't mean it's illusory.
Also your example about house values sucks. If somebody prices their house at $110k, then somebody else who's selling at the same time will be able to undercut them to attract buyers. The net result is that, unless supply is very short, the guy who overpriced his house will never sell it.
I'd also love to know what you consider to be "real" money, if this is all fake money. I've yet to find any kind of money that doesn't end up being fake if you dig into it deeply enough. Even gold, the standard that everybody loves to hold up as being "intrinsically valuable" is just a soft, visually pleasing metal with no inherent worth outside of certain industrial processes. If it weren't so rare people wouldn't even care about it.
Oh, and if you follow the link from the article you'll find that this attack is being published by the makers of TurboCrypt, which was incompetently designed and thus vulnerable to this attack, but has now been fixed. The makers of this app (which you should probably stay away from, if they made such an elementary mistake then who knows what other problems it has) are essentially hyping this fairly inconsequential discovery in order to sell their product.
In conclusion: lame.
Yup. "Everyone knows" that reusing the same key/IV on more than one piece of data means that you're screwed. The Soviets learned this lesson in a painful manner on what were supposed to be one-time pads during WWII. If these programs are really re-using the same key and IV for different revisions of the data, then they are horribly broken and this is just the barest beginning of how.
The bad news is that this would seem to indicate that a fair amount of full-disk encryption software is absolutely, horribly broken and cannot be trusted in any way. The good news is that this break is nothing particularly interesting in and of itself, and that it will do nothing against a competently designed product.