Slashdot Mirror


User: blueg3

blueg3's activity in the archive.

Stories
0
Comments
4,435
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,435

  1. Re:Something I would ask on Why Does the US Have a Civil Space Program? · · Score: 1

    It should be clear that finding evidence these developments would not have occurred is difficult and highly subjective at best.

    What you should do, as a first attempt, is compare the NASA budget to the number and impact of developments that occur as a result of the NASA budget, for an "invention efficiency". I'd also look at the amount of money they spend specifically on research with the impact of their research developments. Compare this with similar number for government-funded research, private industry in general, and industry-funded research for a measure of how useful NASA is in generating scientific and engineering developments.

  2. Re:Figures on Obama Picks RIAA's Favorite Lawyer For Top DoJ Post · · Score: 1

    You do realize that the President isn't really responsible for the regulation of banks or the federal reserve, and certainly doesn't have any influence beyond government regulation on how banks operate.

  3. Re:Bruce is wrong on Do the SSL Watchmen Watch Themselves? · · Score: 1

    SSL isn't really broken. There's one attack against it. It was already known that the attack was possible, the only question was the difficulty. As it stands, reproducing their work is fairly difficult. There's also a quite effective mitigation -- don't accept certificates where any elements of the certificate chain other than pre-trusted root certs use only MD5 as their hash algorithm.

  4. Re:Bruce is wrong on Do the SSL Watchmen Watch Themselves? · · Score: 2, Insightful

    Actually, it's mostly popular to get bank credentials directly from the user's machine via malware. Jacking SSL isn't as successful.

  5. Re:demonstrate control of the domain in question on Do the SSL Watchmen Watch Themselves? · · Score: 1

    The domain has to be registered to someone, and the path to companies who hold the "someone" information can be made trusted. You don't have to issue a whois query and hope that the information hasn't been tainted.

    For the issuing of SSL certificates, which essentially protect against network-level hacks, being susceptible to network-level hacks is a pretty big deal.

  6. Re:demontrate control of the domain in question on Do the SSL Watchmen Watch Themselves? · · Score: 2, Insightful

    Kaminsky's DNS attack -- and the BGP hack, for that matter -- demonstrate pretty clearly why being able to masquerade as a particular host to the CA is not sufficient to prove you are actually the proper owner of that domain.

  7. Re:"I Canna Change The Laws of Physics, Captain!" on Volvo Introduces a Collision-Proof Car · · Score: 1

    That was actually the stasis field they used. That was not a stock feature of the General Products hull. :-)

  8. Re:"I Canna Change The Laws of Physics, Captain!" on Volvo Introduces a Collision-Proof Car · · Score: 1

    Yes, the stasis field does fix that issue.

  9. Re:"I Canna Change The Laws of Physics, Captain!" on Volvo Introduces a Collision-Proof Car · · Score: 4, Informative

    Actually, a General Products hull won't save you. Cars already are less strong than the could be, because their squishy contents are too susceptible to high acceleration. A perfectly rigid car body would just kill its passengers.

  10. Re:All of the terms are put clearly on Google Wants You To Be Its Unpaid Muse · · Score: 1

    Wal-Mart doesn't have a suggestion box?

  11. Re:OR on Google Wants You To Be Its Unpaid Muse · · Score: 1

    I'm sure Google lawyers haven't thought to search patents and applications for submitted ideas before the company pays to implement them.

    Also, most ideas that you would put in suggestion boxes aren't sufficient to patent.

  12. Re:Love the accuracy on Security Checkpoints Predict What You Will Do · · Score: 2, Insightful

    Not at all, depending on your false positive rate and the predictability of the false negatives. If false negatives are random and you don't let people who are marked as "dangerous" leave and try again, you don't need your false negative rate to be that low -- it still presents a very significant problem to a potential attacker.

    False positives, on the other hand, are a big problem. The enormous majority of people are negatives, so with any appreciably large false positive rate, nearly all positives will be false. You then need a secondary system to separate real positives from false -- otherwise all you're doing is marking lots of random people as dangerous.

    Granted, all they cite is their "accuracy", which is ambiguous -- it's neither a false positive nor false negative rate.

  13. Re:No weakness on CCC Create a Rogue CA Certificate · · Score: 1

    Yeah, I glanced over their paper again to see if there was something convenient to quote. If you're not familiar with existing MD5 attacks, the abstract is not too clear on this point.

  14. Re:No weakness on CCC Create a Rogue CA Certificate · · Score: 1

    You really should read the original paper -- or have some understanding of developments in cryptography. They "generated" two certificates with identical MD5 hashes and got a CA to produce an MD5-only signature for the one. Since the hashes are the same, the signature's good for both. This absolutely requires being able to manipulate both certificates.

    They don't actually produce the first certificate themselves -- the CA does. However, the CA they chose generates the cert automatically from data they provide in a highly predictable fashion, which allows them to, in practice, supply the cert to be signed.

    This, incidentally, is terrible cryptographic practice -- performing functions like signature generation or encryption on arbitrarily-supplied data automatically, as it is a requirement for many attacks. If the CA introduced 128 bits of unpredictable entropy into each issued cert, their method would be completely worthless, even with the insecurity of MD5, because guessing the added message entropy is too difficult.

  15. Re:A nice piece of work on CCC Create a Rogue CA Certificate · · Score: 1

    To be more specific: if any certificate in the chain has both been issued by a CA (that is, it is not included in your list of "trusted certificates") and its signature includes only an MD5 hash, it is untrustworthy.

    So far there is no known method for creating a string with a specified MD5 hash. In this regard, the only advantage SHA1 has over MD5 is hash length.

    There are other serious problems that people seem to ignore over MD5's weakness. These CAs are not only not really doing much identity validation, they're violating a major cryptographic principle -- they are simply automatically signing data that is directly generated from user-supplied data. Having predictable serial numbers, validity times, and fields that can contain large amounts of arbitrary data is what allows this attack to work in the first place.

  16. Re:No weakness on CCC Create a Rogue CA Certificate · · Score: 1

    It depends on if you are trying to produce two strings with the same hash or trying to produce one string with a predetermined hash. The former can be done faster, but is not brute force. (This is "the weakness" of MD5.) The latter still can only be brute-forced.

  17. Re:misplaced priorities? on Oregon Governor Proposes Vehicle Mileage Tax · · Score: 1

    To answer the Orwellian concerns, it's entirely possible to implement this without telling the state when or where you are driving -- only how much in-state driving you did in between gas fillups. (Only slightly more information than they would have obtained anyway, assuming they have access to when and how much gas you purchase.) The GPS can track and sum in-state driving and report it to the gas station upon fillup. The capacity to store more information, report it to the state, or otherwise track your movements doesn't even have to be built in. On first look, that appears to be roughly their plan.

    On the other hand, they certainly could set up the future capacity to track your travel. Further, if they don't constantly track you, there's relatively little reason for the state to actually trust the output of your GPS unit. Since it's entirely under your control in between fillups, a motivated attacker could control the system. (A really motivated attacker would sell their modifications to less-clever drivers.)

    Of course, I still think the system is stupid. High-efficiency vehicles don't have enough market penetration to really worry about this, so a higher tax on low-efficiency vehicles is still reasonable. The plan sounds expensive to implement and prone to failure. It's hard to cheat a gas tax.

  18. Re:A nice piece of work on CCC Create a Rogue CA Certificate · · Score: 1

    What matters is not what hash is used in the root, but what algorithm newly-issued certificates can be hashed with. If the CA can be convinced to issue a certificate hashed with MD5, then it is susceptible to this attack. If newly-issued certs must use SHA1 or better, than it is not susceptible, even if the root certificate is hashed with MD5.

    (Moreover, one could imagine that there is a root cert signed with SHA1, but the CA issues MD5-signed certs. This would also be vulnerable.)

    Fortunately -- and not at all surprising, if you follow cryptography -- this attack requires that you craft two certs and get the CA to sign one. Computing a collision against a preexisting cert is still infeasible.

  19. Re:CA's using MD5 on CCC Create a Rogue CA Certificate · · Score: 1

    No, it needs to be a CA that is issuing certificates with MD5, not a CA whose certificate is signed by MD5. With this attack, already-created certificates are not vulnerable.

  20. Re:No one should be surprised. on CCC Create a Rogue CA Certificate · · Score: 1

    You have no clue what you're talking about. Rainbow tables are only useful for small inputs, and work regardless of the hashing function.

    MD5 collisions have been computable, but it's only really reasonable to produce two strings with the same MD5 hash -- not to produce a single string with a given MD5 hash.

  21. Re:No weakness on CCC Create a Rogue CA Certificate · · Score: 2, Informative

    Since MD5 is 128 bits, if computing a collision takes on the order of 2^128 attempts, it is indeed brute force and is not a weakness of MD5 at all. A weakness is a property that allows you to perform some undesirable action -- say, compute a collision -- faster than absolute brute force.

  22. Re:Were they made by Sony? on Walmart Photo Keychain Comes Preloaded With Malware · · Score: 1

    Compromising the security of a system isn't sufficient to classify software as malware. If it were, the majority of the software on a system, including its operating system, might be considered malware.

    Malware is generally classified as such by intent. While plenty of people may not agree with the Sony's intent, myself included, I think it's quite distinct from the intent of real malware. Malware generally does some combination of performing communications against your consent, harvesting personal data and storing or transmitting it against your consent, intentionally and maliciously rendering your computer or data unusable, and exploiting security vulnerabilities to perform actions the malware would not normally be privileged to perform.

    What a rootkit is depends on who you ask. The earlier definition is that it is software that performs privilege escalation -- so would always or almost always be malware. To my knowledge, the Sony software doesn't do this. The modern definition is that it is software that uses privileged operations to conceal itself from the user and the system. The Sony rootkit does do this, as do a number of debugging and anti-malware tools.

  23. Re:Packer on Walmart Photo Keychain Comes Preloaded With Malware · · Score: 1

    The unpacker code behaves differently if it is being monitored.

    An antivirus program cannot simply unpack the data through manipulation, as the packing can include arbitrary coding. (Technically yes, it could, but it is unreasonable to.) The antivirus program has to run the unpacking code if it wants to examine the unpacked data. It could emulate a system itself (which would really be unpacking by manipulation only), which is nearly impossible to do well enough that it is undetectable; it could simply execute the code, which makes interrupting it while it's in a state that it can be analyzed and before it's done any damage very difficult; or, it could run it while monitoring it, which is detectable, but not very easily so.

    Of course, if an antivirus could reliably block everything that would allow in-process code exploits and then consult a signature oracle to determine if the process is malicious, it should. Things aren't so simple, though.

    Frankly, static analysis, despite its popularity, sucks. It's fairly trivial to sneak unpacked malware past static analyzers.

  24. Re:Amazon's shipping rocks on Amazon.com Reporting This Holiday Season Their "Best Ever" · · Score: 1

    More to the point, in what cases has their patent actually been used against other companies?

  25. Re:Packer on Walmart Photo Keychain Comes Preloaded With Malware · · Score: 1

    Oh, they don't. But the evil unpacker can do something like check the state of the debug registers, which is one way an antivirus can examine the unpacked code without simply allowing it to execute. They can then change their behavior based on whether or not the unpacker is being debugged. They can do this in fairly subtle ways, and can do it for the common methods of inspecting executables.

    Putting your antivirus in the hypervisor and using VM introspection to do the inspection is the current silver bullet, as detecting this is rather tricky. (Currently possible only with timing attacks if your hypervisor doesn't want to be detected. Moreover, malware that won't run if it's in a VM is not so useful if VMs become more common.)