1. Education - Get educated about what information security is all about, you should know what C.I.A. stands for (in infosec, not the US federal agency), you should know what a security policy is, understand risk management and mitigation, and known what criminals/attackers can do in your organization.
You can get a lot of this from several books and websites, such as Secrets and Lies by Bruce Schneier, the SANS Reading Room, if you can afford it SANS/GIAC training and/or certification may be of benefit to you and your org, the CISSP and SSCP Open Study Guides even if you don't go for CISSP or SSCP (I don't recommend paying any money to ISC^2), and Security Focus.
2. Audit - This step is critical and too many places forget to do it. You need to know what you are trying to secure, yet most organizations do not have a complete picture of their network and all the systems on it. This includes security and non-security issues (e.g. software licenses, maintenance patches, standardization)
4. Implement -- Using your education, audits and policies you can now implement decent security.
Basic principles of defence in depth, fail-safe, separation of privilege, and complexity is the enemy of security can guide you to build a practical network of secured systems that limits exposure to criminal activities, and minimizes damage from attacks.
5. Be vigilant - "Security is a process, not a product" - Bruce Schneier
Now the work begins, up to now it was the fun stuff, now you get to dig in with boring but important tasks such as analyzing log files, maintaining a accurate asset database, applying patches, maintaining user accounts, periodic audits (internal and if you can afford it and it is warranted, external), educating users, and maintaining your security posture.
There's no reason obscure code can't be commented properly, though.
But most people are not willing to read the background mathematical papers needed to understandard any resonablely terse comments.
Or have you read Discrete Weighted Transforms and Large-Integer Arithmetic by Richard Crandall and Barry Fagin? (And "How Fast Can We Multiply?" in Knuth's Art of Computer Programming vol. 2)
Re: Quantum Computers will NOT make crypto obsolet
on
Practical Cryptography
·
· Score: 1
Depends on if Quantum Computers become practical in that timeframe. If they do, RSA (and a lot of other crypto algorithms) become useless.
Q: Will quantum computers make all this crypto obsolete?
Not in our lifetimes. Quantum cryptography along a single fiber optic strand has been demonstrated, and claims to offer provable security in a certain narrow academic sense, like the one-time pad. But to be practical, it has to be combined with conventional cryptography, in which case the quantum operations do not add much.
Quantum computers threaten the future of RSA in about the same way that cold fusion threatens to solve the world's energy problems. It would require huge theoretical and practical breakthroughs. Even if that happens, people could just shift to AES-256 and other algorithms. In the meantime, Moore's Law is a bigger threat to RSA.
Isn't the very word "web-service" a marketing gimmic
Sure, it is used by marketing, but it is also a actual trend or methodology, like client/server, or thin computing. And like those methods, they work some of the time, and don't work so well in other cases.
I work in an environment providing near-time data nationally, and internationally to partners, stakeholders, and customers. Trying to make all of the global systems work the same way, and whenever one of those thousands of systems maintained by hundreds of groups (and organizations) changes, not everyone wants to have to change their systems at the exact same time. Web services help in that sort of environment. It doesn't mean web services is always a good thing (i.e. high speed or real-time data flow), but in some applications it is useful.
Web services also will hopefully let companies move beyond data dumps and screen scraping for data gathering / exchange. I hate currently having to use FTP to exchange data with partners, but our current environment that is the best way for outlying nodes push data back to the upstream centres for archiving and redistribution globally.
What web services means to me, is hopefully a better way to manage large networks of data exchange / management between a large number of stakeholders. IT/IS still sucks at day to day and long term management of information and data, perhaps this will be an evolutionary improvement.
Breaking a cipher through cryptographic analysis only works if the attacker knows or can guess the algorithm. If data is encrypted and then encrypted again with another algorithm, and in between the bytes are scrambled, no mathematical attack can ever be successful.
Wrong. Allied cryptanalysis were able to successfully attack cryptosystems without knowing what it was they were attacking. Originally they did not have a device, an Enigma, or Purple, cipher machine, and were able to attack them based on ciphertext only attacks.
Superencryption (the re-encrypting of one cipher with another) is difficult and annoying, but can be overcome with various analytic techniques. An example was The Register's crypto-contest.
No known encryption algorithm is 100% secure, though an one-time pad offers perfect secrecy and an opponent with infinite computational resources cannot be certain of the decryption beyond guessing at what the message is.
The one-time pad can be attacked by various methods such as a cut and paste attack to make undetected changes to a ciphertext.
I was most interested in your answers to "How do you think?" and "Is the Technology ahead of us?" Unfortunately I think there was some formatting problems with both of these questions, that altered your answers.
E.g. (for "How do you think?")
states can each participant be in?
e is the most complexity in the security perimeter? (Complex parts are the most likely to fail.) and (for "Is the Technology ahead of us")
dation is much more difficult than writing new code (and it's less fun), so many people avoid it.
Jon Lasser doesn't sounds like a professional programmer. He also doesn't sound like he is very familiar with software engineering.
There are no silver bullets.
That's the first rule of software engineering.
High level languages might help prevent or detect buffer overflows, but they don't prevent library function misuse, which is the cause of the format string errors. They don't prevent input validation, in fact most Perl programmers that use -T for taint also use stupid, unsafe untaint routines for user input. The OpenSSL timing attack mentioned wouldn't be prevented by using Python, Perl, or any other language.
If he is so concerned, why doesn't he publish the results of his usage of StackGuard and FormatGuard in Linux systems that administers?
I guess it is what I've come to expect from self-promoting security consultants; blame somebody else for the poor state of security, and charge lots of money to apply the same patches as any other good sys admin.
There are many stories of 802.11b (Wi-Fi) and Bluetooth suffering from interference either from another device being operated by other parties, using either the same or a different protocol.
So, when two or more networks use the same frequency, even if they are using frequency hopping (FHSS) or direct sequence (DSSS) spread spectrum techniques, there is interference that degrades the performance of the data communications, possibly to the point of no effective communications (no intelligence signal is received and decoded).
Even the use of intelligent software controlled radios, like with 802.11 and Bluetooth, interference can occur. So I do not see how SDR can be claimed to elimate interference with no demostrated evidence of it being able to elimate interference.
Neither of the specs you mention pay attention to directionality. The TECHNOLOGY treats the signal as omnipresent.
Directionality is a non-issue. Non-interference of two signals carrying data is the real goal. Unless you think I need to switch radio stations in my car ever time I turn a corner.
So we should follow David Reed's "insight" and adopt a license regime that we do not have the technology to actually put into practice?
High performance DAC's are already available in the $2.00 range. Think of the dual channel DAC's required for a sound card or Walkman. 84 dB SNR is roughly 14 bits (high performance in my book). Admittedly, the $2.00 is a component cost in a system. Stand alone devices are going to be higher.
Your concept of "high performance" isn't suffice here. DAC's for sound cards and portable CD players are audio DACs, and therefore deal with signals less than 1 MHz, whereas RF DACs in "pure software SDR (software defined radio)" needs to get into the sub GHz (say 100-400MHz) to really high even up to 10-24 GHz.
Sidebar: AFAIK most actual SDR uses a analog mixer and analog filter to output a IF around 10.7 MHz or so.
Most wi-fi devices have to accept any interference they recieve as per regulation by the fcc. That's just how it is.
But Reed is saying this "interference" isn't real. A bunch of fancy technologies (Spread Spectrum, software controllers / SDR), like found in 802.11 will cure this interference. Yet, in real life practice 802.11 suffers from interference even between two 802.11 networks.
The problem exists in two different 802.11b Wireless LANs in the same area (building) today, that is they use the same "intelligent" protocol, yet suffer performance degradation of interference, beyond being a shared transport (like 10BaseT Ethernet via a hub).
David Reed is not being completely honest, he is being overly optimistic, IMHO, and hasn't demostrated with actual experiments his claims.
Based on stories of 802.11b (Wi-Fi) and/or Bluetooth suffering from interference either from like-protocoled devices being operated by other parties, or cross-protocol interference which results in the one or both protocols not being effective in their data transmissions, and these are supposed to be advanced intelligent devices which don't suffer from interference due to their use of Spread Spectrum technology, and intelligent software controlled radios (which may or may not be software defined radio - SDR).
So unless he can demostrate experimental evidence, I'm a scepetic.
Cyber Warning Information Network (CWIN) looks to be an expensive, slower, and less effective version of CERT.
These is the group that "handled" the recent announcement of a new sendmail vulrenability. Except what they did was this: ISS, a info-security company looking for browie points reported to Office of Cyberspace Security at the White House and Homeland Security, who told FedCERT which passed that along to military and federal government IT people. Except all they could do was turn off sendmail, since a fixed wasn't yet available!
Then Sendmail (.com and.org sides, i.e. Eric Allman) and CERT was contacted. CERT alerted various Unix, Linux and BSD vendors that a new sendmail security fix was coming and to get ready to package it. Sendmail shared their fix with vendors and everyone announced a fix at roughly the same time. Thanks to the hard working people at CERT. Nobody played "I'm fixed, screw the rest of you" or other selfish self-centered games.
So the DHS made three phone calls (or emails) and spent the rest of their time writing up press releases about their great job, so the "press release == news" media could spout how great and cyber-aware DHS is. Though ISS, Sendmail Inc./ Consortium, and CERT did all the real work.
Is the extra hassle involved with deploying a completely separate network (digging?)
No digging for physically seperate cabling, but using "private lines" (ISDN, frame relay, OC-x) from telecos to interconnect between various government departments and agencies without relying on the public Internet infrastructure.
Actual companies like AT&T, WorldCom, and Sprint could use some new business, so the telecom sector will welcome this.
justified in terms of increased security when compared to simply setting up a secure tunnel over an existing long distance link?
Yes, a secure tunnel only provides confidential and integrity, it does not ensure availability. For a government secure network, it is reasonable to prevent a failure in the public Internet (root servers offline, major Internet eXchange destroyed, new Warhol worm) effecting the availability of this secure network.
The hardest part is keeping it clean while keeping it useful. There is a lot of temptation to use bridging and gateways of various technical (so called "air-gap" network NICs, which allow an insecure machine connect to both the public Internet and then switch (without connecting to both at the same time) to the "secure" federal network. Except any worms or trojans love these machines as an attack vector) and less-technical sorts (sharing files via CD-R/RW).
There are classifed networks and such already, but they are a pain to use with properitary software / interface typically on a time-sharing computer, and lack means of inputting new (read: useful) data other than to key it in by hand. Which makes for a lot of secret and top secret cleared data entry clerks, or a really big problem.
Stuart Lynn is President and CEO of ICANN. He is the one that is attempting to control ICANN through both day-to-day operations as President, and the Board as CEO. Stuart seems very intent in increases his power, and his domain of power, the role and responsibilities of ICANN.
And [R&D spending being down i]s because the economy is in the crapper, not in spite of it.
If the economy was similar to what it was a few years ago, then sure, R&D dollars would be up a lot.
The issue is whether the lack of spending on R&D will prolong the recession because there is less innovation.
Will the lack of new products prolong the stagnation of economic growth, which tends to rocket when there is new products or new ways of doing business (because of technological advancements such as railways, steamships, airliners, telephones, television, Internet)?
The root servers are the "invisible" trailing dot in
www.slashdot.org. <- that one at the end
The root DNS servers point to the top-level domains (TLDs) such as the Country Code TLD (ccTLD) and generic TLD (gTLD).
So the root server points to the servers for the 'org' domain (or subdomain), which are now handled by Internet Society and Public Interest Registry that operate several DNS authoritative DNS servers for the ORG domain. These then point to the authortative servers for slashdot.org, and we (or our ISP on our behalf) do yet another DNS request, this time to one of the authoratitive slashdot.org DNS servers, and lookup the IP address of www.slashdot.org or slashdot.org.
To reduce the number of requests, our ISP DNS server will normally cache answers for both the TLDs servers, and specific subdomains, such as slashdot.org and specific hostnames such as www.slashdot.org.
And by the way, Your Telco has a micropayment solution since ages. Your Mobile Operator also. It's called phone bill.
Really? So how to pre-paid mobile phones work? Oh, wait, there is not a bill. Gee. Next we notice that UK mobile phone network operators eliminated the lowest (5GBP) value prepay cards to help their cash flow, after the 3G auction overbiding. 10GBP is not exactly micropayments. After the fact bill (i.e. credit) is not the same a micropayments which are similar to currency (tender for $$ value).
In fact if peppercoin could get backing of the telcos and be sold to customers like prepaid phone cards / top-up service in corner stores then kids who are one of the biggest market segements on the Internet that do not directly make purchases yet, since they do not have their own credit card. AFAIK you need to 18+ in just about any country to get a credit card. I imagine a system that works for prepaid mobile phones, kids, and is return-proof has a chance of success.
Return-proof means that unlike First Virtual and to a lesser extent PayPal, the systems do not collapse with downloadable products are "returned" or the charge is disputed. Credit card payment for porn has the same problem, and AmEx has refused to deal with some billing systems (iBill I believe) that bill for porn merchants.
But my biometric identity is part of my keypair, and if the keypair is validated with each transaction, how does he fake my biometric identity?
The attacker doesn't fake your biometrics. He bribes a government clerk to produce a genuine government card with your stolen details such as SSN, bank accounts, credit card numbers, medical records, etc. and his fingerprint or retinal print. Similar to current credit card cloning, jus t a different procedure to produce the cloned card.
BTW using your biometrics as the actual public/private key data is very bad, and hopefully no system uses it. Because nearly every biometrics system is thought of as producing a small amount of random data, ie. a shared secret, which cannot withstand attacks if the validation system is compromised. A organized crime owned storefront could gather biometric data/keys as well as legimate banking details for the valid customer transaction.
More common designs involve the biometrics info as a symmetric (key-wrapping) key to protect the private key as it is stored on the smartcard. This means the biometrics never leave the smartcard if the smartcard can collect the biometrics directly itself.
There is also the issue that biometrics are harder (and limited) to revoke in the event of a compromise. You have a very small finite number of fingers and eyes.
If your argument is based on the fact that the computer system is compromisable and my entire identity record (public keys) is replaced with a fake identity record, I'll notice within the day and/or hour that this has taken place and can quickly stop it. Plus I don't believe that a public keyserver that stores biometrically authenticated data would necessarily be so easily compromisable. Not impossible, but very difficult.
The forged card is an duplicate, not a replacement. Your card is still valid, and you will be able to withdraw from the ATM as long as there is still money in your bank account / credit limit. Like a forged plastic credit card with magstrip, your card is still accepted as long as your account is less than your credit limit.
This is where I get lost in all this. The system is always attackable, always will be, but shouldn't the parts of the system make those attacks far more expensive, complicated and difficult?
Give the professional criminal some credit, they will use the path of least resistance, and often of least sophistication.
It doesn't matter if the front side of your house has reinforced armoured doors and windows, if the burgular can simply go in the unlocked patio door in the backyard. So why expect any less of the forger / identity thief?
Slashdot Mirror
1. Education - Get educated about what information security is all about, you should know what C.I.A. stands for (in infosec, not the US federal agency), you should know what a security policy is, understand risk management and mitigation, and known what criminals/attackers can do in your organization.
You can get a lot of this from several books and websites, such as Secrets and Lies by Bruce Schneier, the SANS Reading Room, if you can afford it SANS/GIAC training and/or certification may be of benefit to you and your org, the CISSP and SSCP Open Study Guides even if you don't go for CISSP or SSCP (I don't recommend paying any money to ISC^2), and Security Focus.
2. Audit - This step is critical and too many places forget to do it. You need to know what you are trying to secure, yet most organizations do not have a complete picture of their network and all the systems on it. This includes security and non-security issues (e.g. software licenses, maintenance patches, standardization)
Tools like those from IBM Tivoli or HP Openview can help here. For security specific vulnerability analyzer, open-source Nessus and eEye's Retina, ISS's Internet Scanner
3. Policy - You need a plan and a document to give you and others guidenance, and this if your infosec policy.
Large orgs should consider BS 7799 or ISO 17799 whereas smaller groups can look at Center for Internet Security for benchmarks, and SANS Reading Room - Auditing and Assessment, and Site Security Handbook - RFC 2196.
4. Implement -- Using your education, audits and policies you can now implement decent security.
Basic principles of defence in depth, fail-safe, separation of privilege, and complexity is the enemy of security can guide you to build a practical network of secured systems that limits exposure to criminal activities, and minimizes damage from attacks.
5. Be vigilant - "Security is a process, not a product" - Bruce Schneier
Now the work begins, up to now it was the fun stuff, now you get to dig in with boring but important tasks such as analyzing log files, maintaining a accurate asset database, applying patches, maintaining user accounts, periodic audits (internal and if you can afford it and it is warranted, external), educating users, and maintaining your security posture.
Other than the Handbook of Applied Crypto, the rest offer no implementation details or practical advice.
There's no reason obscure code can't be commented properly, though.
But most people are not willing to read the background mathematical papers needed to understandard any resonablely terse comments.
Or have you read Discrete Weighted Transforms and Large-Integer Arithmetic by Richard Crandall and Barry Fagin? (And "How Fast Can We Multiply?" in Knuth's Art of Computer Programming vol. 2)
Depends on if Quantum Computers become practical in that timeframe. If they do, RSA (and a lot of other crypto algorithms) become useless.
Um, no.
From the Crypto Mini-FAQ:
Q: Will quantum computers make all this crypto obsolete?
Not in our lifetimes. Quantum cryptography along a single fiber optic
strand has been demonstrated, and claims to offer provable security
in a certain narrow academic sense, like the one-time pad. But to be
practical, it has to be combined with conventional cryptography, in
which case the quantum operations do not add much.
Quantum computers threaten the future of RSA in about the same way
that cold fusion threatens to solve the world's energy problems. It
would require huge theoretical and practical breakthroughs. Even if
that happens, people could just shift to AES-256 and other algorithms.
In the meantime, Moore's Law is a bigger threat to RSA.
Isn't the very word "web-service" a marketing gimmic
Sure, it is used by marketing, but it is also a actual trend or methodology, like client/server, or thin computing. And like those methods, they work some of the time, and don't work so well in other cases.
I work in an environment providing near-time data nationally, and internationally to partners, stakeholders, and customers. Trying to make all of the global systems work the same way, and whenever one of those thousands of systems maintained by hundreds of groups (and organizations) changes, not everyone wants to have to change their systems at the exact same time. Web services help in that sort of environment. It doesn't mean web services is always a good thing (i.e. high speed or real-time data flow), but in some applications it is useful.
Web services also will hopefully let companies move beyond data dumps and screen scraping for data gathering / exchange. I hate currently having to use FTP to exchange data with partners, but our current environment that is the best way for outlying nodes push data back to the upstream centres for archiving and redistribution globally.
What web services means to me, is hopefully a better way to manage large networks of data exchange / management between a large number of stakeholders. IT/IS still sucks at day to day and long term management of information and data, perhaps this will be an evolutionary improvement.
Breaking a cipher through cryptographic analysis only works if the attacker knows or can guess the algorithm. If data is encrypted and then encrypted again with another algorithm, and in between the bytes are scrambled, no mathematical attack can ever be successful.
Wrong. Allied cryptanalysis were able to successfully attack cryptosystems without knowing what it was they were attacking. Originally they did not have a device, an Enigma, or Purple, cipher machine, and were able to attack them based on ciphertext only attacks.
Superencryption (the re-encrypting of one cipher with another) is difficult and annoying, but can be overcome with various analytic techniques. An example was The Register's crypto-contest.
No known encryption algorithm is 100% secure, though an one-time pad offers perfect secrecy and an opponent with infinite computational resources cannot be certain of the decryption beyond guessing at what the message is.
The one-time pad can be attacked by various methods such as a cut and paste attack to make undetected changes to a ciphertext.
There is no known perfect security.
E.g. (for "How do you think?")
states can each participant be in?
e is the most complexity in the security perimeter? (Complex parts are the most likely to fail.)
and (for "Is the Technology ahead of us")
dation is much more difficult than writing new code (and it's less fun), so many people avoid it.
Anyway, thanks for the interesting answers.
For Linux/Unix/BSD users:
tr 'a-zA-Z' 'n-za-mN-ZA-M'
Jon Lasser doesn't sounds like a professional programmer. He also doesn't sound like he is very familiar with software engineering.
There are no silver bullets.
That's the first rule of software engineering.
High level languages might help prevent or detect buffer overflows, but they don't prevent library function misuse, which is the cause of the format string errors. They don't prevent input validation, in fact most Perl programmers that use -T for taint also use stupid, unsafe untaint routines for user input. The OpenSSL timing attack mentioned wouldn't be prevented by using Python, Perl, or any other language.
If he is so concerned, why doesn't he publish the results of his usage of StackGuard and FormatGuard in Linux systems that administers?
I guess it is what I've come to expect from self-promoting security consultants; blame somebody else for the poor state of security, and charge lots of money to apply the same patches as any other good sys admin.
If you are so concerned about OSS, then fix it.
Is there a main verb to this "sentence"?
No, my apologies. Let's try again...
There are many stories of 802.11b (Wi-Fi) and Bluetooth suffering from interference either from another device being operated by other parties, using either the same or a different protocol.
So, when two or more networks use the same frequency, even if they are using frequency hopping (FHSS) or direct sequence (DSSS) spread spectrum techniques, there is interference that degrades the performance of the data communications, possibly to the point of no effective communications (no intelligence signal is received and decoded).
Even the use of intelligent software controlled radios, like with 802.11 and Bluetooth, interference can occur. So I do not see how SDR can be claimed to elimate interference with no demostrated evidence of it being able to elimate interference.
I'm sorry, is that clearer?
Name me a DAC that can process a 10.7 MHz (or better) input (bandwidth >1MHz) that is less than $5.00 in quantity.
That's what a SDR (software defined radio) needs today, and that isn't "pure" SDR, it requires an analog front-end.
Neither of the specs you mention pay attention to directionality. The TECHNOLOGY treats the signal as omnipresent.
Directionality is a non-issue. Non-interference of two signals carrying data is the real goal. Unless you think I need to switch radio stations in my car ever time I turn a corner.
So we should follow David Reed's "insight" and adopt a license regime that we do not have the technology to actually put into practice?
Take two polerized lasers in a vacume. Cross their paths. You will not see any photons bounce, aka no light.
Okay, but what does this demostrate in regards to RF spectrum usage?
High performance DAC's are already available in the $2.00 range. Think of the dual channel DAC's
required for a sound card or Walkman. 84 dB SNR is roughly 14 bits (high performance in my book). Admittedly, the $2.00 is a component cost in a system. Stand alone devices are going to be higher.
Your concept of "high performance" isn't suffice here. DAC's for sound cards and portable CD players are audio DACs, and therefore deal with signals less than 1 MHz, whereas RF DACs in "pure software SDR (software defined radio)" needs to get into the sub GHz (say 100-400MHz) to really high even up to 10-24 GHz.
Sidebar: AFAIK most actual SDR uses a analog mixer and analog filter to output a IF around 10.7 MHz or so.
Most wi-fi devices have to accept any interference they recieve as per regulation by the fcc. That's just how it is.
But Reed is saying this "interference" isn't real. A bunch of fancy technologies (Spread Spectrum, software controllers / SDR), like found in 802.11 will cure this interference. Yet, in real life practice 802.11 suffers from interference even between two 802.11 networks.
The problem exists in two different 802.11b Wireless LANs in the same area (building) today, that is they use the same "intelligent" protocol, yet suffer performance degradation of interference, beyond being a shared transport (like 10BaseT Ethernet via a hub).
He also thinks that everyone is going to start using $200 ADC/DAC subsystems in your $2 garage door opener or $20 walkman.
I don't think any "economy of scale" will scale far enough to drop high performance DAC prices from >$50 to $0.50.
David Reed is not being completely honest, he is being overly optimistic, IMHO, and hasn't demostrated with actual experiments his claims.
Based on stories of 802.11b (Wi-Fi) and/or Bluetooth suffering from interference either from like-protocoled devices being operated by other parties, or cross-protocol interference which results in the one or both protocols not being effective in their data transmissions, and these are supposed to be advanced intelligent devices which don't suffer from interference due to their use of Spread Spectrum technology, and intelligent software controlled radios (which may or may not be software defined radio - SDR).
So unless he can demostrate experimental evidence, I'm a scepetic.
Cyber Warning Information Network (CWIN) looks to be an expensive, slower, and less effective version of CERT.
.org sides, i.e. Eric Allman) and CERT was contacted. CERT alerted various Unix, Linux and BSD vendors that a new sendmail security fix was coming and to get ready to package it. Sendmail shared their fix with vendors and everyone announced a fix at roughly the same time. Thanks to the hard working people at CERT. Nobody played "I'm fixed, screw the rest of you" or other selfish self-centered games.
These is the group that "handled" the recent announcement of a new sendmail vulrenability. Except what they did was this: ISS, a info-security company looking for browie points reported to Office of Cyberspace Security at the White House and Homeland Security, who told FedCERT which passed that along to military and federal government IT people. Except all they could do was turn off sendmail, since a fixed wasn't yet available!
Then Sendmail (.com and
So the DHS made three phone calls (or emails) and spent the rest of their time writing up press releases about their great job, so the "press release == news" media could spout how great and cyber-aware DHS is. Though ISS, Sendmail Inc./ Consortium, and CERT did all the real work.
Is the extra hassle involved with deploying a completely separate network (digging?)
No digging for physically seperate cabling, but using "private lines" (ISDN, frame relay, OC-x) from telecos to interconnect between various government departments and agencies without relying on the public Internet infrastructure.
Actual companies like AT&T, WorldCom, and Sprint could use some new business, so the telecom sector will welcome this.
justified in terms of increased security when compared to simply setting up a secure tunnel over an existing long distance link?
Yes, a secure tunnel only provides confidential and integrity, it does not ensure availability. For a government secure network, it is reasonable to prevent a failure in the public Internet (root servers offline, major Internet eXchange destroyed, new Warhol worm) effecting the availability of this secure network.
The hardest part is keeping it clean while keeping it useful. There is a lot of temptation to use bridging and gateways of various technical (so called "air-gap" network NICs, which allow an insecure machine connect to both the public Internet and then switch (without connecting to both at the same time) to the "secure" federal network. Except any worms or trojans love these machines as an attack vector) and less-technical sorts (sharing files via CD-R/RW).
There are classifed networks and such already, but they are a pain to use with properitary software / interface typically on a time-sharing computer, and lack means of inputting new (read: useful) data other than to key it in by hand. Which makes for a lot of secret and top secret cleared data entry clerks, or a really big problem.
Hell, they KEPT DOCUMENTS FROM THEIR OWN PRESIDENT, and he eventually quit.
Karl Auerbach was elected to the Board of Directors (At-Large Representative for Canada and the United States), he was not the president.
Karl did win his case with support from the EFF.
Stuart Lynn is President and CEO of ICANN. He is the one that is attempting to control ICANN through both day-to-day operations as President, and the Board as CEO. Stuart seems very intent in increases his power, and his domain of power, the role and responsibilities of ICANN.
I am miffed that IANA was assigned by the US Dept. of Commerce to ICANN, and not the Internet Society / Internet Engineering Taskforce (IETF)
And [R&D spending being down i]s because the economy is in the crapper, not in spite of it.
If the economy was similar to what it was a few years ago, then sure, R&D dollars would be up a lot.
The issue is whether the lack of spending on R&D will prolong the recession because there is less innovation.
Will the lack of new products prolong the stagnation of economic growth, which tends to rocket when there is new products or new ways of doing business (because of technological advancements such as railways, steamships, airliners, telephones, television, Internet)?
The root servers are the "invisible" trailing dot in
www.slashdot.org. <- that one at the end
The root DNS servers point to the top-level domains (TLDs) such as the Country Code TLD (ccTLD) and generic TLD (gTLD).
So the root server points to the servers for the 'org' domain (or subdomain), which are now handled by Internet Society and Public Interest Registry that operate several DNS authoritative DNS servers for the ORG domain. These then point to the authortative servers for slashdot.org, and we (or our ISP on our behalf) do yet another DNS request, this time to one of the authoratitive slashdot.org DNS servers, and lookup the IP address of www.slashdot.org or slashdot.org.
To reduce the number of requests, our ISP DNS server will normally cache answers for both the TLDs servers, and specific subdomains, such as slashdot.org and specific hostnames such as www.slashdot.org.
And by the way, Your Telco has a micropayment solution since ages. Your Mobile Operator also.
It's called phone bill.
Really? So how to pre-paid mobile phones work? Oh, wait, there is not a bill. Gee. Next we notice that UK mobile phone network operators eliminated the lowest (5GBP) value prepay cards to help their cash flow, after the 3G auction overbiding. 10GBP is not exactly micropayments. After the fact bill (i.e. credit) is not the same a micropayments which are similar to currency (tender for $$ value).
In fact if peppercoin could get backing of the telcos and be sold to customers like prepaid phone cards / top-up service in corner stores then kids who are one of the biggest market segements on the Internet that do not directly make purchases yet, since they do not have their own credit card. AFAIK you need to 18+ in just about any country to get a credit card. I imagine a system that works for prepaid mobile phones, kids, and is return-proof has a chance of success.
Return-proof means that unlike First Virtual and to a lesser extent PayPal, the systems do not collapse with downloadable products are "returned" or the charge is disputed. Credit card payment for porn has the same problem, and AmEx has refused to deal with some billing systems (iBill I believe) that bill for porn merchants.
But my biometric identity is part of my keypair, and if the keypair is validated with each transaction, how does he fake my biometric identity?
The attacker doesn't fake your biometrics. He bribes a government clerk to produce a genuine government card with your stolen details such as SSN, bank accounts, credit card numbers, medical records, etc. and his fingerprint or retinal print. Similar to current credit card cloning, jus t a different procedure to produce the cloned card.
BTW using your biometrics as the actual public/private key data is very bad, and hopefully no system uses it. Because nearly every biometrics system is thought of as producing a small amount of random data, ie. a shared secret, which cannot withstand attacks if the validation system is compromised. A organized crime owned storefront could gather biometric data/keys as well as legimate banking details for the valid customer transaction.
More common designs involve the biometrics info as a symmetric (key-wrapping) key to protect the private key as it is stored on the smartcard. This means the biometrics never leave the smartcard if the smartcard can collect the biometrics directly itself.
There is also the issue that biometrics are harder (and limited) to revoke in the event of a compromise. You have a very small finite number of fingers and eyes.
If your argument is based on the fact that the computer system is compromisable and my entire identity record (public keys) is replaced with a fake identity record, I'll notice within the day and/or hour that this has taken place and can quickly stop it. Plus I don't believe that a public keyserver that stores biometrically authenticated data would necessarily be so easily compromisable. Not impossible, but very difficult.
The forged card is an duplicate, not a replacement. Your card is still valid, and you will be able to withdraw from the ATM as long as there is still money in your bank account / credit limit. Like a forged plastic credit card with magstrip, your card is still accepted as long as your account is less than your credit limit.
This is where I get lost in all this. The system is always attackable, always will be, but shouldn't the parts of the system make those attacks far more expensive, complicated and difficult?
Give the professional criminal some credit, they will use the path of least resistance, and often of least sophistication.
It doesn't matter if the front side of your house has reinforced armoured doors and windows, if the burgular can simply go in the unlocked patio door in the backyard. So why expect any less of the forger / identity thief?
This is covered in the archives if RISKS digest, Secrets and Lies, and Security Engineering.