Google's security people aren't thinking straight. They believe there is state sponsored hacking and they then recommend their silly phone pin nonsense ("two factor authentication")? Did they think that the phone channel was secure? They don't believe someone could watch them send the PIN over a text message? If they really cared about security they'd ween people off of passwords and only use computer generated RSA/DSA keys. I believe that browsers already allow client certificates for setting up https connections. Using computer generated and invoked keys would solve the phishing and guessing attacks. The keys would have a high enough search space that guessing would be impossible. The connections would be authenticated in a way that wouldn't expose the private key itself, so phishing wouldn't work. 1) the google server key would be checked in a secure crypto manner and a MITM attack wouldn't be possible. 2) the user's key would be checked in they standard public key crypto manner also, which wouldn't expose the private key in the process of authentication. Crap, I know practically nothing about crypto and can punch holes in Googles stuff. They don't think the equivalent of some evil country's NSA could do much better?ï
I never understand these "standards" bodies. Why didn't they just go with a microsd card format and as a bonus one could stick a microsd card in there for more storage if one was using wifi and didn't need cell coverage.
If terahertz wifi cards become generally available, how long before we see articles about people repurposing the hardware to do terahertz reflective imagery like the security guys already do for looking through walls to spot people in a room or look through cloths to see "weapons"?
Google needs to add wear and tear to the clothes so that as time goes on they look rattier and rattier. After a few months the clothes finally develop holes and fall off on their own accord. After all the clothes have disintegrated they can shut down the servers.;-) It is sure to be cheaper than paying out 5 megabucks.
Not being able to grep the logs would suck. It would break every hack script I have for checking things in the logs.
Furthermore, I'm not sure what problem the binary file with crypto signing would solve vs. just also logging to a secure log machine. Syslog already allows one to duplicate the logging to any number of off-machine syslog daemons.
For figuring out how a breaking was done woudln't it be better to just log all IP traffic (say with "tcpdump -w...") on a dedicated logging machine and perhaps have a pruning mechanism that trims any TCP stream to a few megabytes. That way large file transfers wouldn't fill up the logging disk unnecessarily. Add to that some off-machine logging built into sshd or perhaps the pty driver and one can get a pretty good picture of how any breakin was done.
Is this plant built where one can extract some geothermal energy from the ground? 1 MegaWatt isn't all that much to scam. The only problem would be getting rid of all the sulfur and mercury that comes up with the steam without anyone noticing.
The groups trying to enforce security in government systems are no doubt smiling.
It is sad how the TLA's in charge of security standards are regularly ignored. Maybe these embarrassing break-ins will give them the power to force other government agencies to take security a bit more seriously.
Shared networks work best if they are unsaturated. Having a very fast network is a simple way to achieve that without having to sweat bullets over how to enforce fairness in the sharing algorithms.
"you should consider the passwords and SSH keys that you have used on these sites compromised."
How the heck can ssh keys compromised by this breakin? Doesn't the site just have access to the developer's public key? With a sufficiently large ssh key (say 1k or 2k) how is anyone going to derive the ssh private key from the public key? The fact that if is effectively impossible is supposed to be the whole point of public key encryption.
How long before browsers automatically low-pass filter these broken jpegs? If not, then the browser is going to have a hard time resizing the jpeg if this high frequency noise is so large in amplitude that it causes clipping in the jpeg calculations.
People need to stop using non-random passwords for WPA2-PSK. This attack sounds like a dictionary attack, because there is no way at only 400k passwords per second that he could map more than a minuscule fraction of the 2^256 key keyspace. We are talking 1e77 potential passwords. At 400k/sec that only amounts to 1e13 passwords per year. It will still take 1e64 years to break. Since the universe is only ~1.5e10 years old, I think we are safe enough from a true brute force attack.
Of course that assumes people do turn off WEP and WPA1 and all the WPA1 crap in WPA2 (like turning off TKIP and only allowing CCMP).
This incident underscores how little influence the NSA really has when it comes up against lobbyists and morally-corrupt senators trying to ingratiate themselves to the same lobbyists. It is shameful that this country has a group that is very, very good at analyzing security issues yet it isn't allowed force use of a secure operating system within the government.
If you could actually AFFORD the phone you buy a unlocked one.. Google tried to sell you one, none of you cheap bastards bought one.
The G2 is also available for $500 from T-Mobile free and clear with no contract. It will be interesting to see what justification T-Mobile comes out with for locking down the bootloader on the G2 when it is bought outright like this.
What is needed is a compelling reason for people to get out from under NAT. Most people are so used to the Microsoft way of doing things with their desktop computer being so functionless that they can only work in conjunction with a remote server to do anything of significance. They can't host their own web pages, they can't get email delivered directly to their computer, they can't make a voice call directly to another computer etc. There are tons of application that could be written if everything was on the net directly. Anyone for syncing all their computers (files, bookmarks, etc?) without having to copy them via a remotely located server? We need to start writing these applications and tell the people hiding behind NAT boxes that they are SOL till they get themselves real, routable addresses.
GPS's don't use UTC for the simple reason that using a discontinuous time system at the low-level is insane. The Russian GLONASS does have leap seconds, and every time a leap second get applied the system has hiccups (as expected). The GPS system simply keeps its own true seconds-since-the-GPS-epoch counter and never steps this for leap seconds. Adding the leap seconds is left for the display routines in the individual end-user GPS devices.
As I see it, it really doesn't matter what UTC does as long as computers implement the low-level (internal) timekeeping correctly. If un*x/linux were to have a true seconds-since-the-epoch counter in the kernel with no leap seconds then time difference calculations would be trivial. Each program wouldn't have to have special (and probably largely untested) logic to deal with the time discontinuity around leap second time. Leap seconds (just like daylight-savings-time/normal-time) could be added by the display routines that map seconds-since-the-epoch into a human readable time. There is no need to muck up the low-level timekeeping for these oddities. Only programs that print out the time would need to even know that a leap second occurred, and in most cases that would all be done by the library routines.
Dan Bernstein first tried to get this low-level stuff straightened out, but folks largely didn't care to fix the problem because POSIX essentially mandated one do things in the more complicated fashion. http://cr.yp.to/proto/utctai.html
You are assuming the powering down or removing of the SIM doesn't wipe the decryption key. If I were designing a more secure cell phone that's what I'd do. I'd keep the key on an internet server and send it to the phone after it powers up. If the phone got stolen / confiscated I'd send a wipe command that wiped the key from the phone if the power were still on, and simultaneously wiped the key from the server.
The question then becomes, why is some isolated ipv6-capable router not sending an ipv6 "host unreachable" message to the host that is attempting the off-site ipv6 connection attempt? Wouldn't a correctly written application see this "host unreachable" and then try an ipv4 connection?
If you want to route things at speed why use something based on an anemic ARM chip running a few hundred megahertz when you have a multi gigahertz cpu at your disposal? I just dual-port my main computer and have it route and nat things. Routing works at least to 700 Mbits/sec. If I ever move to a country where gigabit ethernet to the home is available at a reasonable price (like in Japan where it is ~$100), then I'll have to revisit the routing situation.
(My setup is an athlon64 at 2Ghz, two linksys pci gigabit ethernet cards, fedora and iptables doing the NAT-ing. The computer is on 24/7 anyway because it serves web pages and accepts my email, so having it do the routing doesn't really increase my power bill. If power ever becomes an issue, I'll just move the server to an old laptop which will cut my power from 80watts to 20watts. That admittedly still isn't as low as an ARM chip, but you do get quite a bit more performance for your money.)
I owned a GM car that was prone to a stuck throttle at wide-open-throttle. The damn throttle-lever was never tightened at the factory and the lever would get stuck over the top of some parts hanging on the side of the carb. The factory trained monkeys they have doing warranty repairs never found the problem. It only got fixed when I finally decided to have a look myself.
The stuck throttle was pretty exciting. There is nothing like accelerating down city streets watching the slow traffic in front of you getting larger in your windshield. I can see why some people might panic. There is a part of you that just screams NOOOOOOO! On the other hand there is hopefully also the part of you that says, time to turn off the ignition, which is what I did.
The inclination to anyone that is used to driving a stick and likes their engine is to never hit the clutch when the engine is at WOT. It will almost certainly over-rev and destroy itself. I just turned the ignition off, coasted to a stop and then waited for my blood pressure to return to normal.
I find these claims of failed brakes etc very hard to take. Just how is the brake supposed to fail? The brakes are also much stronger than the engine, so would always win a tug of war. Which production car can do 0-60 faster than it can do 60-0?
I've never had a problem with the lid closed as long as I put the laptop on end with the exhaust port facing up. You do want to allow convection to cool the thing. Keeping it flat with the lid closed is going to be the worst possible orientation.
I second the laptop idea. My athlon-64 laptop running 64-bit linux sitting around lightly loaded takes about 15 watts as measured by the "kill-a-watt" power meter. I've often thought it would make more sense to run it as the server and save ~$200/year.
Slashdot Mirror
Google's security people aren't thinking straight. They believe there is state sponsored hacking and they then recommend their silly phone pin nonsense ("two factor authentication")? Did they think that the phone channel was secure? They don't believe someone could watch them send the PIN over a text message? If they really cared about security they'd ween people off of passwords and only use computer generated RSA/DSA keys. I believe that browsers already allow client certificates for setting up https connections. Using computer generated and invoked keys would solve the phishing and guessing attacks. The keys would have a high enough search space that guessing would be impossible. The connections would be authenticated in a way that wouldn't expose the private key itself, so phishing wouldn't work. 1) the google server key would be checked in a secure crypto manner and a MITM attack wouldn't be possible. 2) the user's key would be checked in they standard public key crypto manner also, which wouldn't expose the private key in the process of authentication. Crap, I know practically nothing about crypto and can punch holes in Googles stuff. They don't think the equivalent of some evil country's NSA could do much better?ï
I never understand these "standards" bodies. Why didn't they just go with a microsd card format and as a bonus one could stick a microsd card in there for more storage if one was using wifi and didn't need cell coverage.
If terahertz wifi cards become generally available, how long before we see articles about people repurposing the hardware to do terahertz reflective imagery like the security guys already do for looking through walls to spot people in a room or look through cloths to see "weapons"?
http://www.dailymail.co.uk/sciencetech/article-2131932/The-REAL-X-Ray-spex--new-terahertz-scanner-lets-mobile-phones-walls.html
Their ads claim that it has similar efficiency to a CFL, but that is far from true for the CFL's one finds at Home Depot or similar.
The company's VU1 is 600 Lumens and uses 19.5 watts. (ref: http://www.jetsongreen.com/2011/11/vu1-esl-r30-light-bulb-lowes.html ) This comes out to 30 Lumens per watt.
A typical under $4 CFL from home depot puts out 1500 Lumens using 23 watts for 65 Lumens per watt or more than twice as much light for the same input power. (ref: http://www.homedepot.com/h_d1/N-5yc1v/R-100686995/h_d2/ProductDisplay?catalogId=10053&langId=-1&keyword=100%20watt%20cfl&storeId=10051 )
Google needs to add wear and tear to the clothes so that as time goes on they look rattier and rattier. After a few months the clothes finally develop holes and fall off on their own accord. After all the clothes have disintegrated they can shut down the servers. ;-) It is sure to be cheaper than paying out 5 megabucks.
Not being able to grep the logs would suck. It would break every hack script I have for checking things in the logs.
Furthermore, I'm not sure what problem the binary file with crypto signing would solve vs. just also logging to a secure log machine. Syslog already allows one to duplicate the logging to any number of off-machine syslog daemons.
For figuring out how a breaking was done woudln't it be better to just log all IP traffic (say with "tcpdump -w ...") on a dedicated logging machine and perhaps have a pruning mechanism that trims any TCP stream to a few megabytes. That way large file transfers wouldn't fill up the logging disk unnecessarily. Add to that some off-machine logging built into sshd or perhaps the pty driver and one can get a pretty good picture of how any breakin was done.
Is this plant built where one can extract some geothermal energy from the ground? 1 MegaWatt isn't all that much to scam. The only problem would be getting rid of all the sulfur and mercury that comes up with the steam without anyone noticing.
chromium + ghostery
The groups trying to enforce security in government systems are no doubt smiling.
It is sad how the TLA's in charge of security standards are regularly ignored. Maybe these embarrassing break-ins will give them the power to force other government agencies to take security a bit more seriously.
Shared networks work best if they are unsaturated. Having a very fast network is a simple way to achieve that without having to sweat bullets over how to enforce fairness in the sharing algorithms.
"you should consider the passwords and SSH keys that you have used on these sites compromised."
How the heck can ssh keys compromised by this breakin? Doesn't the site just have access to the developer's public key? With a sufficiently large ssh key (say 1k or 2k) how is anyone going to derive the ssh private key from the public key? The fact that if is effectively impossible is supposed to be the whole point of public key encryption.
How long before browsers automatically low-pass filter these broken jpegs? If not, then the browser is going to have a hard time resizing the jpeg if this high frequency noise is so large in amplitude that it causes clipping in the jpeg calculations.
People need to stop using non-random passwords for WPA2-PSK. This attack sounds like a dictionary attack, because there is no way at only 400k passwords per second that he could map more than a minuscule fraction of the 2^256 key keyspace. We are talking 1e77 potential passwords. At 400k/sec that only amounts to 1e13 passwords per year. It will still take 1e64 years to break. Since the universe is only ~1.5e10 years old, I think we are safe enough from a true brute force attack.
Of course that assumes people do turn off WEP and WPA1 and all the WPA1 crap in WPA2 (like turning off TKIP and only allowing CCMP).
This incident underscores how little influence the NSA really has when it comes up against lobbyists and morally-corrupt senators trying to ingratiate themselves to the same lobbyists. It is shameful that this country has a group that is very, very good at analyzing security issues yet it isn't allowed force use of a secure operating system within the government.
The G2 is also available for $500 from T-Mobile free and clear with no contract. It will be interesting to see what justification T-Mobile comes out with for locking down the bootloader on the G2 when it is bought outright like this.
What is needed is a compelling reason for people to get out from under NAT. Most people are so used to the Microsoft way of doing things with their desktop computer being so functionless that they can only work in conjunction with a remote server to do anything of significance. They can't host their own web pages, they can't get email delivered directly to their computer, they can't make a voice call directly to another computer etc. There are tons of application that could be written if everything was on the net directly. Anyone for syncing all their computers (files, bookmarks, etc?) without having to copy them via a remotely located server? We need to start writing these applications and tell the people hiding behind NAT boxes that they are SOL till they get themselves real, routable addresses.
Hynix just feels bad about being too young and missing the Bubble Memory Revolution.
GPS's don't use UTC for the simple reason that using a discontinuous time system at the low-level is insane. The Russian GLONASS does have leap seconds, and every time a leap second get applied the system has hiccups (as expected). The GPS system simply keeps its own true seconds-since-the-GPS-epoch counter and never steps this for leap seconds. Adding the leap seconds is left for the display routines in the individual end-user GPS devices.
As I see it, it really doesn't matter what UTC does as long as computers implement the low-level (internal) timekeeping correctly. If un*x/linux were to have a true seconds-since-the-epoch counter in the kernel with no leap seconds then time difference calculations would be trivial. Each program wouldn't have to have special (and probably largely untested) logic to deal with the time discontinuity around leap second time. Leap seconds (just like daylight-savings-time/normal-time) could be added by the display routines that map seconds-since-the-epoch into a human readable time. There is no need to muck up the low-level timekeeping for these oddities. Only programs that print out the time would need to even know that a leap second occurred, and in most cases that would all be done by the library routines.
Dan Bernstein first tried to get this low-level stuff straightened out, but folks largely didn't care to fix the problem because POSIX essentially mandated one do things in the more complicated fashion. http://cr.yp.to/proto/utctai.html
You are assuming the powering down or removing of the SIM doesn't wipe the decryption key. If I were designing a more secure cell phone that's what I'd do. I'd keep the key on an internet server and send it to the phone after it powers up. If the phone got stolen / confiscated I'd send a wipe command that wiped the key from the phone if the power were still on, and simultaneously wiped the key from the server.
The question then becomes, why is some isolated ipv6-capable router not sending an ipv6 "host unreachable" message to the host that is attempting the off-site ipv6 connection attempt? Wouldn't a correctly written application see this "host unreachable" and then try an ipv4 connection?
Is this going to be the new asbestos? Inhaling short silicon nanotubes doesn't sound like a very good idea.
If you want to route things at speed why use something based on an anemic ARM chip running a few hundred megahertz when you have a multi gigahertz cpu at your disposal? I just dual-port my main computer and have it route and nat things. Routing works at least to 700 Mbits/sec. If I ever move to a country where gigabit ethernet to the home is available at a reasonable price (like in Japan where it is ~$100), then I'll have to revisit the routing situation.
(My setup is an athlon64 at 2Ghz, two linksys pci gigabit ethernet cards, fedora and iptables doing the NAT-ing. The computer is on 24/7 anyway because it serves web pages and accepts my email, so having it do the routing doesn't really increase my power bill. If power ever becomes an issue, I'll just move the server to an old laptop which will cut my power from 80watts to 20watts. That admittedly still isn't as low as an ARM chip, but you do get quite a bit more performance for your money.)
I owned a GM car that was prone to a stuck throttle at wide-open-throttle. The damn throttle-lever was never tightened at the factory and the lever would get stuck over the top of some parts hanging on the side of the carb. The factory trained monkeys they have doing warranty repairs never found the problem. It only got fixed when I finally decided to have a look myself.
The stuck throttle was pretty exciting. There is nothing like accelerating down city streets watching the slow traffic in front of you getting larger in your windshield. I can see why some people might panic. There is a part of you that just screams NOOOOOOO! On the other hand there is hopefully also the part of you that says, time to turn off the ignition, which is what I did.
The inclination to anyone that is used to driving a stick and likes their engine is to never hit the clutch when the engine is at WOT. It will almost certainly over-rev and destroy itself. I just turned the ignition off, coasted to a stop and then waited for my blood pressure to return to normal.
I find these claims of failed brakes etc very hard to take. Just how is the brake supposed to fail? The brakes are also much stronger than the engine, so would always win a tug of war. Which production car can do 0-60 faster than it can do 60-0?
I've never had a problem with the lid closed as long as I put the laptop on end with the exhaust port facing up. You do want to allow convection to cool the thing. Keeping it flat with the lid closed is going to be the worst possible orientation.
I second the laptop idea. My athlon-64 laptop running 64-bit linux sitting around lightly loaded takes about 15 watts as measured by the "kill-a-watt" power meter. I've often thought it would make more sense to run it as the server and save ~$200/year.
Watts
47 compaq dv5000z laptop (bios, booting)
22 compaq dv5000z laptop (fc5, yum update, login screen, 1Ghz w. ath0 ubiquiti card)
18 compaq dv5000z laptop (fc5, idle, login screen, 1Ghz, ath0 ubiquiti card)
15 compaq dv5000z laptop (fc5, idle, login screen, 1Ghz, screen blanked, ath0 ubiquiti card)
(Yes, these measurements are from many years ago. I expect similar or slightly better numbers for fedora-11/12.