As the recently re-trial of the case brought by Oracle against Google (over use of JAVA structures in Android) shows, intellectual property is and will remain hot property. One of the interesting things about intellectual property and languages, however, is how much of the syntax of supposedly different languages is remarkably similar (with a lot of inheritance from C).
May I ask for your views with respect to firstly protecting the intellectual property that you have invested in Perl as a language, but then perhaps also the wider challenge of IP with respect to programming languages and actual software packages?
[ Profound apologies to the moderators if that is two questions; I think they are too tightly linked to separate out ]...
In 1998 the UK Government enacted national legislation in support of an EU directive regarding data privacy. Whilst data privacy is being reviewed by the EU, the DPA (1998) still applies in this instance. Among the provisions of the Act are a series of Data Protection Principles, including this one:-
"Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes."
Now the only problem here is that the provision exists as a relationship between the private individual and the company that is given their data. In this case that would be, for example Facebook. The data, however, was given for the expressed purpose of "social networking" [for example]. Unfortunately, there is no clear indication of how the law would read this: "Score Assured" are going to argue that any information made publicly available, with the consent of the user, is therefore "fair game". I'm not aware of a legal test case that challenges this, but in addition to principle #2, how about principle 7:-
"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."
The question is: would the actions of "Score Assured" amount to unauthorised or unlawful processing? Even if a Court were to rule that this was the case and adjudge the actions of "Score Assured" to be unlawful, the private individual is likely to only have a grievance against whichever social network posted the data.
However, one possible avenue that the social networking site could take to protect against this might be the simple addition of language on their site that says, "Individual Users of this site post information which is offered with strict terms and conditions applied. Viewers are cautioned to check the terms and conditions associated with each user profile before attempting to extract, reproduce, store, transmit, process, re-use, sell or otherwise attempt to manipulate data from this site..."
This - or something similar - if placed on a social network site, would be sufficient to make it clear to parasitic companies like this that they can't simply harvest data and use it any way they like.
Launching a missile from a mile down doesn't depend upon specific performance requirements from the submarine [well, Ok, they are there, of course] but from the missile. If you launch from a mile down, then the missile has to have the internal strength and structural integrity to survive the pressure from that depth, all the way through it's ascent.
I will now make an over-simplification, but you'll see the point: all of the additional structural integrity that the missile would require (for example to stop it's fuel containment tanks from being crushed, or it's warhead being damaged) would add a very significant mass to the rocket itself. So if you designed the entire rocket assembly to withstand that deep see pressure, it's mass at take-off would contain a much higher percentage of "structure" than with a conventional missile. This would lead to a massively reduced effective range, possibly lower speed-in-flight (making it easier to shoot down) and possibly reduced agility whilst airborne (impacting accuracy).
One alternative might be to release a buoyant "missile container" from one mile down, then have pressure-sensing mechanisms within that assembly launch the missile once the assembly broke surface. Again, however, this seems to be making the whole process not only needlessly complicated, but adding a whole new set of componentry that can introduce the possibility of failure to the process.
I'm actually entirely opposed to any form of nuclear armament myself, but reckon your idea won't float (sorry!) on technical grounds...
I'd be inclined to agree with you but for one thing... A few years ago Tesla let BBC Top Gear test a Roadster, and Jeremy Clarkson lampooned the vehicle in a way that annoyed Elon Musk. Ever since then Tesla have put a *lot* of data capture capability and performance monitoring into all of their vehicles, specifically to stop these sorts of claims.
If Tesla are saying that the telemetry from the black box shows 100% throttle, then at this juncture, I'd be inclined to believe them.
Years ago I spent my spare time helping a friend run his garage business, which included running a contract with a local Police force to recover accident-damaged vehicles. I saw numerous examples of situations in which drivers of automatic cars [and all Teslas are automatic by default] encountered something unexpected on the road. Their first instinct was to slam down on the brake pedal, but you would be amazed at how many managed to hit the throttle by mistake. In the panic and shock of an event, the body can lock up involuntarily, especially, if you think about it, if your car suddenly shot forward under the full acceleration that a Tesla is capable of...
It's way too early to say without more concrete data, but based on the above two points [knowledge of Tesla's extensive telemetry and personal experience of real-world examples like this] my "Occam's Razor" punt would suggest that something happened, the driver panicked, hit the wrong pedal, and the rest is history...
Have we reached the point where the concept of the password itself is no longer either appropriate, or adequately secure? For example, should we be recommending use of multi-factor and/or multi-channel solutions?
A useful question to ask is, "Where do you have to place your trust?" For example, many respondents to this thread recommend using a password manager.cOK, but how many of those people are aware of the emergence of specific threats targeting password managers, or that some solutions have been found to be insecure? How many people come to rely more and more heavily on a smartphone or similar personal device - a single object that can give access to web, email and voice authentication vectors - yet which is one of the most heavily-targeted platforms from a threat perspective?
I am not trying to denigrate the many excellent answers given here, but I wish to point out the risk that we are taking by asking this as a closed question ("How do you create a highly-secure password?") when changing the question slightly (for example, to "What are the most pragmatic and reliable secure authentication mechanisms available?").
As technology consumers, maybe we should be a bit more demanding about the solutions we are offered. Maybe it would be nice if we had a trustworthy and independent third party that offered a security audit rating system for commonly used service providers, like banks? This alone would drive down a lot of the risk, because to so e extent breaches can be facilitated by bad practices on the part of the service providers...
But other options could consider available variation on the themes of something you have, something you are and something you know. Services should allow us to set our security based on a selection of two or more of that trinity, with a range of options for each... Here's a bad example... Suppose that the fingerprint reader on new Apple iDevices had an exposed API. Then suppose that a web site authentication engine integrated with this, over a secure SSL channel. You go to the site, you tap the option for fingerprint reader, then you put your pinky on the sensor.... What would it take to engineer that securely? In a combination with even the most basic of known passwords, wouldn't that be much more secure?
Or what about something you have? How many people drive a vehicle with a remote control unlock mechanism? One German manufacturer uses a supposedly very secure rotating key mechanism that never sends the same release code twice... What if we used the same principle and allowed people to connect their car key to their keyboard via Bluetooth, using the same or similar principle to integrate an everyday object like a car key as a "something you have" factor?
Both of these are spur-of-the-moment suggestions and likely flawed, but I just wanted to push us past the idea that the right solution is still a password. Respectfully, that's still only single-factor and thus still implicitly weak.
Whilst I am prepared to accept the findings of this research and happy to accept that in principle it is possible to infer the calculations being performed by a computer system using nothing more than the "background noise", they produce, I have to believe that there are a myriad of easier ways that the same information could be obtained:-
It is likely that these attacks may be attempted by government agencies looking to crack encryption operated by foreign powers. However, in the majority of the cases I've personally looked at, I see poorly-implemented surrounding controls. Issues include having passphrase data stored on a computer so that an application can decrypt traffic without human intervention, only to have that passphrase file left protected by nothing more than local file system permissions. Let's be honest, owning the file with root and setting permissions to rw-/---/--- aren't going to pose much of a problem to a determined attacker, are they?
This is one of the fundamental issues with encryption: people believe that because they are using high strength key lengths that they are secure; no thought is given to local protection of critical data, to PRNG entropy, to side channel data.
Too many people get blinded by, "Oh, it's OK, it's encrypted", when that means squat if the related safeguards are compromised...
For a relatively small Nordic country, Norway have been pretty smart. When the North Sea Oil business started up, Norway taxed the profits just like the UK did, but unlike the UK, which squandered the proceeds in the 1980s and 1990s, Norway invested all their tax revenue in a Sovereign Wealth Fund (basically like an investment portfolio for the entire country). That fund is no performing so well that the per-capita tax burden in Norway is much lower than it would. Have been had Norway followed the UK's short-sighted approach.
They have excellent roads and infrastructure and the potential for cheap renewable energy. If anyone in Europe can make that happen, Norway can....
I'm not disagreeing with you. In fact, my difficulty with Elon's point of view is actually his perspective.
Specifically, if we were to agree that our context was a single universe [i.e. the one we observe today], then there are a bunch of properties in this observable universe that are utterly remarkable - the rate of the universe's expansion, the precise value of various forces including gravity, the mass/energy values of most of the fundamental particles - which, if any one of which was even slightly different, would mean that this universe could not have come into being in the first place.
Elon looks at that and thinks, "Wait up, the odds of this happening, just like this, are just too extreme... This has to be a simulation - one that is too advanced for us mere 3-dimensional, carbon-based life forms to comprehend..."
A spiritual person may look at that and think, "No, that's not it. This is proof of the existence of {the supreme Deity of that faith, as appropriate}. Clearly, without the invisible hand of the All Powerful, we would not be. Therefore, our very existence is proof of the existence of the Deity..."
I was respectfully suggesting at least one more alternative - specifically, that it is inappropriate to take the universe we observe as a single frame of reference. If we compare this universe to a coin toss that has resulted in an "edge landing", then yes, absolutely, the universe we see is an incredibly rare and precious event. But it is still entirely possible with nothing more than the equivalent of a single coin and an awful lot of coin-flips...
The only difference here is, effectively, perspective. The probability is the same. The scale, inputs, time, *everything* remains unchanged. The only difference is that what seems completely implausible as a "try this once and get this one result" becomes a bit more realistic if we take as a "try this a gazillion times and you might get this one result"...
But one of the nice things about this specific topic is that [scientific breakthrough notwithstanding] we have no realistic way of figuring out the truth of it, but, best of all, it largely makes absolutely no difference to our lives... Which means that we can enjoy an intelligent, informative and thought provoking debate, absorb new perspectives and points of view, without the outcome having to be some stressful, life-or-death situation.
I can't, personally, say that I have enough information on which to agree with Elon. I find his conclusions a little implausible to my personal world-view, but at the same time I'd relish the chance to sit and debate it with him, and better understand his reasoning [which, while briefly covered, is sadly lacking from the original article]. Good topic though!
Maybe there are two sides to this argument... On the one side, the progress of technology over the last few years means that companies can squeeze ever more bandwidth out of existing infrastructure, whilst the profits they make would allow for re-investment in more bandwidth if really required. On the other hand, as with any "open access" to a resource, there will always be a greedy and abusive minority that consume considerably more data than average.
The challenge for an ISP or telco is to strike that balance between reasonable pricing and protecting the reasonable majority from a handful of excessive users.
Part of our challenge as consumers is that our society has become one in which companies are so fixated on profits over service - because "the market" expects it, that this forces companies to make short-sighted investment decisions. So when a telco digs up the road to lay new fiber, they might put in say 50-pair instead of 500 pairs because the latter would have cost 6-7 times more in material cost. But the labor would have been the same, and would have been a huge chunk of the cost. But companies today are no longer prepared to invest for the long term. Any investment for more than 5 years out is considered to be frivolous by the short-terming city traders, who expect a return on their investment tomorrow, not five years out.
Sad that we are being technologically crippled by the money men...
Exactly,
and if you are willing to consider the idea that the instance of the universe which we find ourselves could be one of many, either because it is cyclical, or because it is one entity within a multiverse...
Taking just the cyclical universe to start with... If the universe ultimately ends with a "big crunch", what is to say that it cannot "rebound" back out with a new "big bang", forming an entirely new universe (one which perhaps varies in some small way from it's predecessors) as it does so?
Alternately, if the universe is part of a multiverse, could there be parallel alternates with various differences between them?
Ultimately, any of these scenarios seem potentially as likely as the one Mr Musk suggests...
Elon's argument has a lot of integral logic, but I wonder if it has one significant gap - a failure to demonstrate a causal relationship between what we know with certainty due to historical evidence or current measurement, and a potentially uncertain future.
Put another [entirely inaccurate] way: "From Earth, the moon looks to be pale blue and crumbly with craters. Blue cheese in pale blue and crumbly, with craters. Therefore, the moon is made of blue cheese..."
Even if the first two statements are correct and factual, there is no demonstrable causal relationship that links the third statement in an irrefutable way.
As evidence for an alternative, I would suggest "the coin toss". If you take a coin and toss it a bunch of time, in the vast majority of cases it will result in a coin landing with heads or tails uppermost. But there is an (incredibly narrow) realm in which the coin may land and balance, perfectly, on it's edge. So if we extrapolate that to the observable universe and if we look at all the "coincidences" [such as the rate of the expansion of the universe], for a bunch of reasons what we see might be the equivalent of the universe's coin landing on it's edge.
Problem is, we just don't know how many times that universal coin could have been flipped *before* it landed on it's edge - i.e. before it generated a set of universal laws that has resulted in the mostly-stable universe we occupy. I'm not for one moment suggesting that Elon is wrong and we are living in an extremely-low-probability iteration of a universe, just wanting to make the observation that there are a range of different "configurations" that could result in what we observe today.
I am not sure if it is entirely relevant to the topic [or, if it is, how best to apply it] but perhaps Occam's Razor [given two broadly competing explanations for the same observed phenomena, the simplest explanation is usually correct] has a role to play here. Or, if that doesn't work, how about Bloore's Corollary to Occam's Razor [given two broadly competing explanations for the same observed phenomena, pick the one which is funnier]...
Lovely theoretical debate, just not sure how knowledge of the actual truth is going to affect us as we believe we exist today...
I guess we've known this problem would come along at some point...
With absolutely no knowledge of the technical feasibility of them, how about applying these two solutions?
1. Split Water Into Hydrogen and Oxygen
Could they use the electricity to store energy in the form of hydrogen? This could then be burned in fuel cells to generate electricity more readily, i.e. on demand, perhaps through the night when solar doesn't work? I guess the two issues with this are (i) the volatility/inflammability of hydrogen; and (ii) the fact that burning the hydrogen is exothermic and therefore contributes to warming...
2. Potential Energy Pumps
In the UK we have some minor success, with power stations like Loch Awe in Scotland, in which the turbines can be reversed into electric motors and can be used to pump water up a gradient. To make this work you need 2 lakes, one above the other [i.e. on sides of a mountain]. With a solar surplus in the day you use the energy to pump water from the lower lake to the higher one. When you have an electricity shortfall you allow the process to reverse, using gravity and falling water to generate electricity via hydroelectric power.
Both of these solutions are flawed and, to variable extents, inefficient. But they do work. If we put investment into good R&D on these sorts of challenges today, then they will become more refined with time...
I guess (and I am by no means qualified to say) that as a secure appliance, this sort of solution might have something going for it. However, if you think about the threat landscape that a mobile phone has by definition to operate in, then isn't this an awful lot of money to pay for a minimal reduction in exposure? For example, here is a hastily-thought-up list of threats/attacks that even the most perfectly secure handset cannot shield you from:-
1. The remote phone numbers that you call, or, if themselves for mobile devices, send SMS messages to.
2. Potentially, the phone numbers that call you.
3. Your location, as determined by triangulation from cell towers [assuming that you don't have a compromised GPS sensor in the handset.
4. The duration of the calls you make and/or receive, plus your location, time of day, etc, whilst those conversations happen.
5. The superset of data relating to you - that is: the location and activities of the counter-parties you communicate with, the on-chain communications that *they* participate in...
6. All of your web and email activity [unless you have an effective S/MIME solution, and/or have a remote proxy server that you can configure into your phone browser.
In other words, it is trivially easy to gather so much additional data from even the most secure handset that it simply isn't possible to disguise the activities you perform through a handset. EVEN IF YOUR OBSERVER CAN'T CRACK YOUR HANDSET.
I would be very reluctant to dismiss this handset as the mobile phone equivalent of snake oil, but I wonder if clients are fully aware of the inherent limitations of the solution they are being offered, and if they think it's still worth $14,000?
I'm not a US citizen, so the law relating to tenancy is likely quite different from the State in this story, but perhaps the principles are similar.
It seems highly unlikely (conceded, we don't know all the relevant facts in this case) the the landlord would have written their own tenancy agreement without some form of legal support. For one thing, the landlord would have wanted/needed to ensure that they had adequate protections in case a tenant turns out to be a criminal (say drug dealer), or causes damage to the property - that sort of thing. So let's give the landlord the benefit of the doubt and assume they consulted a lawyer on that tenancy agreement...
If that lawyer was worth their salt then they would have told the landlord that they would need to be consulted before making changes to the agreement, that it was not possible to make unilateral changes to the agreement and impose them on existing tenants without the agreement of those tenants. So whilst, in this case, the landlord is rightly being castigated for an ill-thought-out idea, it's possible the trouble runs even deeper.
Then again, as a friend of mine quips in the face of stories like this: "Always bet on stupidity - the odds will be in your favour."
I think the legal term that would apply there would be an "unconscionable contract", meaning "a doctrine in contract law that describes terms that are so extremely unjust, or overwhelmingly one-sided in favor of the party who has the superior bargaining power, that they are contrary to good conscience".
It's another way of saying that one party (Samsung) try to push another party (their customers) into a contract which is completely one-sided.
But even the basics of contract law should defend us here. A company could equally easily put in the small print of their contract that anyone purchasing one of their products must give up their first-born child to go and work in some factory in the far east for no pay, working as child slave labour. I am NOT suggesting that any company would do such a thing, but technically they can put what they like in their terms and conditions. Fortunately, if they try to *exercise* rights they grant themselves under that contract, then if those rights are unreasonable the law defends everyone else against their intent...
I purchased a new Samsung TV in December 2015 and this was not discussed as even a possibility when I chatted through options and scenarios with the store. I chose an internet-connected TV because I live in an apartment building that cannot get satellite TV, so my best option for a wider set of programming was for a net-connected TV... I took a NetFlix subscription and already had Amazon Prime.
However, for Samsung to start injecting commercials into the non-program parts of the TV [for example in the menus] would be a complete breach of the terms and conditions under which the set was purchased. It would be a bit like you purchasing a car, running it for 6 months, then being told by the manufacturer that, "Hey, we've decided your car is now a taxi. You'll have to take fee-paying passengers about when you drive. We won't ask you to change the route, but we will keep all the proceeds of the free rides you need to give."
Not happening.
In the UK at least I think this would fall fall of the "Goods and Services Act", might likely be "false advertising" [for failing to disclose the intent to push adverts], etc, etc.
Interestingly, this isn't the first time that Samsung have tried this. They did it a couple of years ago in Australia and New Zealand, where subscribers to paid network services [like NetFlix] suddenly saw crude, badly-formatted adverts appearing in the middle of (paused) Amazon Prime streaming content. There was uproad, and Samsung pulled the firmware update, hastily claiming it was pushed in error...
We might need to get ready for the same level of uproar if they try again...
In the same time frame that Edward Snowden leaked a set of documents to Glenn Greenwald and Laura Poitras, so General David Patreus leaked a set of confidential documents to his biographer and then lover / mistress, Paul Broadwell.
These two events share something in common: they involve the leaking of confidential documents.
However, the consequences of the two events could not have been more different. Patreus was let off with a "naughty, naughty boy!" style of finger wagging, whilst Edward Snowden is in self-enforced exile in Russia because his alternative would be to spend the bulk of the rest of his life rotting in a US prison.
I'm Ok with the general principles that Eric Holder seems to be saying, but the US Government, from the President down, might need to reflect that they have already set the precendent, with Patreus. They can't argue different circumstances, unless they can *prove* that Patreus went the whistleblower route and told his superiors that he intended to leak confidential documentation to his lover. [ Somehow I doubt they would step up to *that* argument ].
Good to keep the debate going, but even more important to be fair, impartial and avoid some of the hypocrisy we've got in this debate at the moment...
"I wonder if some of the issue with self-signed certificates is due to somebody at some point deciding that the CA model was better than the federated, partial trust model of PGP keys and that makes it conceptually difficult to use x.509 certificates in the same way that PGP keys are used."
Either that or the companies running commercial CAs put a lot of effort into that meme... There is a *lot* of money in Certificate Authorities... Mark Shuttleworth sold his CA business to Verisign back in the day for $750 Million... If you think about it in those terms, peer-to-peer trust models such a PGP and GPG would always undercut commercial solutions.
What's really interesting, however, is to see how the certificate market has evolved. We still rely on a relatively small number of Commercial CAs, who in turn make a lot of money. But look at what we've done with DNS [massively federated], Email SPF (Sender Policy Framework) [massively federated] and you realise that the CA model is actually the odd one out.
It actually wouldn't be that difficult for us to set up a mechanism in which institutions could set up and host their own publicly-facing, self-signed certificates, with a simple on-line checking mechanism that would allow us to decide whether or not to trust that CA as part of our train-of-trust process. In fact, if we linked that with a version of OCSP it might even make things much stronger...
"Why is it easier to work with signatures than encryption?"
Here's a wild guess... If I prepare a file to send to you that I then decide I want to sign, I will typically send you a combined payload that consists of the original file, a signed digest of the file [SHA2 hash] and then my public certificate that contains the asymmetric portion of my signing key... In other words, I would, by convention, send you everything that you need to know in order to validate my signed message [working on the loose assumption that you have the root cert for my CA cached locally]. It's a neat, packaged payload that requires no negotiation and which contains some pretty tightly-specified files...
I think what we're describing for encryption [OK, specifically S/MIME] is an example of a loosely-specified definition which, through permitting flexibility in the model, has allowed so much "movement" that the flexibility has brought incompatibility with it. But, that's a wild guess...
I call bullshit on Symantec's claim that they know what BlueCoat did with the suspected Intermediate Certificate Symantec gave BlueCoat.
It is entirely possible [it's just software and a bunch of data files, after all] to create a certificate and then wipe all evidence from any generated log files. The only log or record of certificates that I am aware that current processing demands is the list of *revoked* certificates that is maintained by the CA and used for OCSP (Online Certificate Status Protocol), which is a common method of ensuring that a certificate you have just been presented has not been revoked by the CA... Even that is imperfect, because the moment you create Intermediate certificates, you create an assimilation/aggregation challenge for yourself...
I'm not sure if I'd attribute that claim by Symantec to ignorance or malice, but I really don't believe it. There is no way for them to know [short of having an observer watching all the time] what BlueCoat did with the intermediate certificate...
I definitely agree with your observation about the way that self-signed certificates are becoming more trustworthy. I especially like the federated trust model in GPG, for example, with the idea that rather than having a single, central and therefore vulnerable point of trust, your trust is accrued gradually by your interaction with the community.
Is it really a conspiracy, or is it that certificate management in browsers is hard? I recall, a few years ago, when someone spotted that there was a bug in the certificate validation logic in two browsers. Basically, when a certificate is created, various flags are set that describe what the certificate is permitted to do. A logic error in the browser code meant that someone could obtain a certificate and then use it to sign *another* certificate so that the second, produced certificate looked as though it was signed by the CA root certificate. That was a *huge* gaff in browser security and it was quickly patched. The failing browsers were Konqueror, which was fully open-source at the time, and MS Internet Explorer, which is proprietary... There are two possible explanations for that: either two completely different developers in two completely different projects both managed to craft the exact same error that worked the exact same way. Or a developer working for Microsoft stole the certificate-validation code from the Konqueror source and passed it off as their own work... Like I say, there is some complex logic there.
I have to say, though, that I slightly disagree with your theory that this is a conspiracy among the browser developers. Firstly, the default mechanisms are actually pretty excellent: all modern browsers come with a complete selection of root certificates bundled, so the effort to keep your browser certificate-aware is zero for 99.9-nines of the population. Secondly, I think that [and this is going to cause offence for which I am sorry] 95%+ of the population should not be trusted to mess around with the certificate store in their browsers at all. The chances of making a mistake and either wrecking your browser - or trusting something that should not be trusted - is too great. So on balance I think we should be happy with where we are in this regard.
I would also be very nervous about having certificate stores as configurable as you suggest... The moment that someone makes it too easy to "configure" a certificate store, someone else will integrate that with some scripting mechanism and the next thing you know, we'll have watering-hole attacks in web sites that will poison the cert store of any browser that visits the site. This in turn will be used to MitM the browser remotely, which will give an attacker the ability to harvest passwords, email addresses, maybe even access to secure on-line services such as banking details.
Totally, totally, totally agree with your comments around S/MIME, however. The current state of encryption in that space is atrocious. I ran tests by setting up dedicated mail accounts for each email client, then attempting to exchange encrypted emails between them. I used clients like Thunderbird, Outlook, Claws-Mail, KMail and so on. Less than a third of the connections worked... That's shameful... I'd kinda hoped that Snowden's revelations would have prompted the mail client developers to go and take another look at this, but it hasn't happened yet (that I'm aware of). Maybe time for some more testing...
The linked article in the OP is a little vague, but based on my knowledge of the way that Symantec's certificate business is configured, I suspect it might actually be an Intermediate Certificate.
Basically the way this works is that Symantec have one single "Master" certificate, aka the "Root Certificate" for the CA. However, instead of using this one single digital key to sign all the certificates that all of Symantec's clients request, they actually use a series of "Intermediate Certificates". Think of this like a directory hierarchy with a root folder, some Top Level Directories, then a bunch of directories below that. Same deal.
This structure allows Symantec to grant the right to sign certificates based on logical groups or clusters; it also allows them to "bulk disallow" everything signed by the intermediate certificate by revoking that one file. Obviously, as the OP pointed out, an Intermediate is still allowed to "sign" certificates, with those produced having the full authority of being produced by Symantec.
What this would allow BlueCoat to do would be to sign any number of certificates as if they were signed by Symantec themselves. Bearing in mind, as others have pointed out, that BlueCoat sell filtering proxy servers and SSL interceptors, what this would allow them to do would be to effectively run "official" MitM (Man in the Middle) interceptions, in a pretty-much indetectable way, against any web site that uses Symantec Certificates.
There's quite rightly a fair bit of alarm in many posts here, suggesting that this would allow BlueCoat to spy on end users. However, the most likely scenario is that BlueCoat are using the certificates to upgrade the capabilities of their corporate proxy/filter/accelerator products for their large corporate clients. Big companies have a major issue with the leakage of proprietary information being sent off-network under the guise of SSL traffic; there are all sorts of malware packages that use SSL to communicate with their CNC hosts... In other words, there are many companies that want to have the ability to monitor even the SSL-protected traffic generated by their employees when those individuals access the web. I love a good conspiracy theory as much as the next tekkie, but in this case I suspect the actual implementation is only really of interest to you if you work for a large corporate and they haven't actually *told* you that they are doing this.
However, as other posters have pointed out, this isn't the whole story; this technology can be placed elsewhere in the network, for example within an ISP infrastructure, so it can equally easily be used to monitor private individuals.
So, if you don't want your colleagues in SecOps [at work] to know what you've got in your bank account, don't log into your online banking from work...
I'm not entirely sure of this, but because this specific story relates to Symantec certificates [i.e. the old Verisign business] I don't think the impact would be quite so relevant if you use certs from elsewhere. For maximum security, of course, I guess you could simply download OpenCA, build an air-gapped machine, install and run the OpenCA on something not connected to any other network, and get your signed certificates to the outside world by installing a CD-R burner on your CA hardware and then cutting a CD or DVD each time you create a certificate. Yes, you could use a USB key if you really wanted to, but since we all know how easy it is to infect a thumb drive, that doesn't make any sense.
Whilst I agree with your first statement, in that some knowledge of how to create a fake card would be required, the rest of your theory may not follow. In the UK, the big retail supermarkets do not validate every card transaction with the issuing bank in real time. Instead they sample a smaller number of transactions through their trading day, then batch and bulk submit the majority of transactions every few days. Obviously they can keep a history of card numbers previously used successfully and may use historical transaction data to decide which cards to trust.
They do this because banks charge fees per transaction. The system works for the retailers because the amount of fraud they suffer is less than the reduction in fees they are charged by the banks.
The OP and article mention that the accounts were South African and used in Japan. This strikes me as exactly the sort of scenario where the chain of processing agents would attach fees, including currency conversion. With everyone taking their cut, you can understand how there would be an incentive to minimize those fees. So maybe another way of describing this heist would be to say that the card issuer and processing banks might have been stung by their own greed.
You are quite right to point out the widespread use of encryption. However, SMTP is not encrypted by default, so ISPs would have the ability to grab unencrypted copies of email if they wanted to.
Yes, there are solutions for secure email (S/MIME) but these are not yet widely implemented and (in my personal experience) are not implemented in an entirely transparent, consistent manner. In other words, S/MIME may not work if you're using a different email client to your mail counter-party...
In other words, KMail KMail might be fine, but Outlook KMail might not...
You ask a good question, but the answer is pretty straightforward.
If you have a PC with a regular email client (i.e. Outlook, KMail, Thunderbird, etc) then, as you quite rightly point out, all email traffic between your PC and the internet will be between your client and your nominated mail server[s], using ports such as 110 [POP] and 143 [IMAP].
However, if you computer has been infected by malware and is being used to send SPAM, then the spammer likely would not want you to know that they were doing that. So one effective way to do this would be to download some code on to your PC that emulates a mail gateway - i.e. a device that sends email using the Simple Mail Transfer Protocol (SMTP) on TCP Port 25. SMTP is the protocol used for forwarding email from one mail server to another. Using SMTP in the malware means that the infected code on your PC can hide it's activities from you.
However, the activity can be detected, simply by having ISPs to (1), block all Port 25 traffic from "regular clients" unless specifically requested, and/or (2) pay much more attention (archive) mail traffic send by "regular clients"...
Slashdot Mirror
As the recently re-trial of the case brought by Oracle against Google (over use of JAVA structures in Android) shows, intellectual property is and will remain hot property. One of the interesting things about intellectual property and languages, however, is how much of the syntax of supposedly different languages is remarkably similar (with a lot of inheritance from C).
May I ask for your views with respect to firstly protecting the intellectual property that you have invested in Perl as a language, but then perhaps also the wider challenge of IP with respect to programming languages and actual software packages?
[ Profound apologies to the moderators if that is two questions; I think they are too tightly linked to separate out ]...
In 1998 the UK Government enacted national legislation in support of an EU directive regarding data privacy. Whilst data privacy is being reviewed by the EU, the DPA (1998) still applies in this instance. Among the provisions of the Act are a series of Data Protection Principles, including this one:-
"Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes."
Now the only problem here is that the provision exists as a relationship between the private individual and the company that is given their data. In this case that would be, for example Facebook. The data, however, was given for the expressed purpose of "social networking" [for example]. Unfortunately, there is no clear indication of how the law would read this: "Score Assured" are going to argue that any information made publicly available, with the consent of the user, is therefore "fair game". I'm not aware of a legal test case that challenges this, but in addition to principle #2, how about principle 7:-
"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."
The question is: would the actions of "Score Assured" amount to unauthorised or unlawful processing? Even if a Court were to rule that this was the case and adjudge the actions of "Score Assured" to be unlawful, the private individual is likely to only have a grievance against whichever social network posted the data.
However, one possible avenue that the social networking site could take to protect against this might be the simple addition of language on their site that says, "Individual Users of this site post information which is offered with strict terms and conditions applied. Viewers are cautioned to check the terms and conditions associated with each user profile before attempting to extract, reproduce, store, transmit, process, re-use, sell or otherwise attempt to manipulate data from this site..."
This - or something similar - if placed on a social network site, would be sufficient to make it clear to parasitic companies like this that they can't simply harvest data and use it any way they like.
Do you happen to know if any of the release notes with the early-preview code disclose the fact that the builds include this telemetry?
Launching a missile from a mile down doesn't depend upon specific performance requirements from the submarine [well, Ok, they are there, of course] but from the missile. If you launch from a mile down, then the missile has to have the internal strength and structural integrity to survive the pressure from that depth, all the way through it's ascent.
I will now make an over-simplification, but you'll see the point: all of the additional structural integrity that the missile would require (for example to stop it's fuel containment tanks from being crushed, or it's warhead being damaged) would add a very significant mass to the rocket itself. So if you designed the entire rocket assembly to withstand that deep see pressure, it's mass at take-off would contain a much higher percentage of "structure" than with a conventional missile. This would lead to a massively reduced effective range, possibly lower speed-in-flight (making it easier to shoot down) and possibly reduced agility whilst airborne (impacting accuracy).
One alternative might be to release a buoyant "missile container" from one mile down, then have pressure-sensing mechanisms within that assembly launch the missile once the assembly broke surface. Again, however, this seems to be making the whole process not only needlessly complicated, but adding a whole new set of componentry that can introduce the possibility of failure to the process.
I'm actually entirely opposed to any form of nuclear armament myself, but reckon your idea won't float (sorry!) on technical grounds...
I'd be inclined to agree with you but for one thing... A few years ago Tesla let BBC Top Gear test a Roadster, and Jeremy Clarkson lampooned the vehicle in a way that annoyed Elon Musk. Ever since then Tesla have put a *lot* of data capture capability and performance monitoring into all of their vehicles, specifically to stop these sorts of claims.
If Tesla are saying that the telemetry from the black box shows 100% throttle, then at this juncture, I'd be inclined to believe them.
Years ago I spent my spare time helping a friend run his garage business, which included running a contract with a local Police force to recover accident-damaged vehicles. I saw numerous examples of situations in which drivers of automatic cars [and all Teslas are automatic by default] encountered something unexpected on the road. Their first instinct was to slam down on the brake pedal, but you would be amazed at how many managed to hit the throttle by mistake. In the panic and shock of an event, the body can lock up involuntarily, especially, if you think about it, if your car suddenly shot forward under the full acceleration that a Tesla is capable of...
It's way too early to say without more concrete data, but based on the above two points [knowledge of Tesla's extensive telemetry and personal experience of real-world examples like this] my "Occam's Razor" punt would suggest that something happened, the driver panicked, hit the wrong pedal, and the rest is history...
Is there a more interesting question to ask here?
Have we reached the point where the concept of the password itself is no longer either appropriate, or adequately secure? For example, should we be recommending use of multi-factor and/or multi-channel solutions?
A useful question to ask is, "Where do you have to place your trust?" For example, many respondents to this thread recommend using a password manager.cOK, but how many of those people are aware of the emergence of specific threats targeting password managers, or that some solutions have been found to be insecure? How many people come to rely more and more heavily on a smartphone or similar personal device - a single object that can give access to web, email and voice authentication vectors - yet which is one of the most heavily-targeted platforms from a threat perspective?
I am not trying to denigrate the many excellent answers given here, but I wish to point out the risk that we are taking by asking this as a closed question ("How do you create a highly-secure password?") when changing the question slightly (for example, to "What are the most pragmatic and reliable secure authentication mechanisms available?").
As technology consumers, maybe we should be a bit more demanding about the solutions we are offered. Maybe it would be nice if we had a trustworthy and independent third party that offered a security audit rating system for commonly used service providers, like banks? This alone would drive down a lot of the risk, because to so e extent breaches can be facilitated by bad practices on the part of the service providers...
But other options could consider available variation on the themes of something you have, something you are and something you know. Services should allow us to set our security based on a selection of two or more of that trinity, with a range of options for each... Here's a bad example... Suppose that the fingerprint reader on new Apple iDevices had an exposed API. Then suppose that a web site authentication engine integrated with this, over a secure SSL channel. You go to the site, you tap the option for fingerprint reader, then you put your pinky on the sensor.... What would it take to engineer that securely? In a combination with even the most basic of known passwords, wouldn't that be much more secure?
Or what about something you have? How many people drive a vehicle with a remote control unlock mechanism? One German manufacturer uses a supposedly very secure rotating key mechanism that never sends the same release code twice... What if we used the same principle and allowed people to connect their car key to their keyboard via Bluetooth, using the same or similar principle to integrate an everyday object like a car key as a "something you have" factor?
Both of these are spur-of-the-moment suggestions and likely flawed, but I just wanted to push us past the idea that the right solution is still a password. Respectfully, that's still only single-factor and thus still implicitly weak.
Whilst I am prepared to accept the findings of this research and happy to accept that in principle it is possible to infer the calculations being performed by a computer system using nothing more than the "background noise", they produce, I have to believe that there are a myriad of easier ways that the same information could be obtained:-
https://xkcd.com/538/
It is likely that these attacks may be attempted by government agencies looking to crack encryption operated by foreign powers. However, in the majority of the cases I've personally looked at, I see poorly-implemented surrounding controls. Issues include having passphrase data stored on a computer so that an application can decrypt traffic without human intervention, only to have that passphrase file left protected by nothing more than local file system permissions. Let's be honest, owning the file with root and setting permissions to rw-/---/--- aren't going to pose much of a problem to a determined attacker, are they?
This is one of the fundamental issues with encryption: people believe that because they are using high strength key lengths that they are secure; no thought is given to local protection of critical data, to PRNG entropy, to side channel data.
Too many people get blinded by, "Oh, it's OK, it's encrypted", when that means squat if the related safeguards are compromised...
For a relatively small Nordic country, Norway have been pretty smart. When the North Sea Oil business started up, Norway taxed the profits just like the UK did, but unlike the UK, which squandered the proceeds in the 1980s and 1990s, Norway invested all their tax revenue in a Sovereign Wealth Fund (basically like an investment portfolio for the entire country). That fund is no performing so well that the per-capita tax burden in Norway is much lower than it would. Have been had Norway followed the UK's short-sighted approach.
They have excellent roads and infrastructure and the potential for cheap renewable energy. If anyone in Europe can make that happen, Norway can....
I'm not disagreeing with you. In fact, my difficulty with Elon's point of view is actually his perspective.
...
...
Specifically, if we were to agree that our context was a single universe [i.e. the one we observe today], then there are a bunch of properties in this observable universe that are utterly remarkable - the rate of the universe's expansion, the precise value of various forces including gravity, the mass/energy values of most of the fundamental particles - which, if any one of which was even slightly different, would mean that this universe could not have come into being in the first place.
Elon looks at that and thinks, "Wait up, the odds of this happening, just like this, are just too extreme... This has to be a simulation - one that is too advanced for us mere 3-dimensional, carbon-based life forms to comprehend..."
A spiritual person may look at that and think, "No, that's not it. This is proof of the existence of {the supreme Deity of that faith, as appropriate}. Clearly, without the invisible hand of the All Powerful, we would not be. Therefore, our very existence is proof of the existence of the Deity..."
I was respectfully suggesting at least one more alternative - specifically, that it is inappropriate to take the universe we observe as a single frame of reference. If we compare this universe to a coin toss that has resulted in an "edge landing", then yes, absolutely, the universe we see is an incredibly rare and precious event. But it is still entirely possible with nothing more than the equivalent of a single coin and an awful lot of coin-flips
The only difference here is, effectively, perspective. The probability is the same. The scale, inputs, time, *everything* remains unchanged. The only difference is that what seems completely implausible as a "try this once and get this one result" becomes a bit more realistic if we take as a "try this a gazillion times and you might get this one result"
But one of the nice things about this specific topic is that [scientific breakthrough notwithstanding] we have no realistic way of figuring out the truth of it, but, best of all, it largely makes absolutely no difference to our lives... Which means that we can enjoy an intelligent, informative and thought provoking debate, absorb new perspectives and points of view, without the outcome having to be some stressful, life-or-death situation.
I can't, personally, say that I have enough information on which to agree with Elon. I find his conclusions a little implausible to my personal world-view, but at the same time I'd relish the chance to sit and debate it with him, and better understand his reasoning [which, while briefly covered, is sadly lacking from the original article]. Good topic though!
Maybe there are two sides to this argument... On the one side, the progress of technology over the last few years means that companies can squeeze ever more bandwidth out of existing infrastructure, whilst the profits they make would allow for re-investment in more bandwidth if really required. On the other hand, as with any "open access" to a resource, there will always be a greedy and abusive minority that consume considerably more data than average. The challenge for an ISP or telco is to strike that balance between reasonable pricing and protecting the reasonable majority from a handful of excessive users. Part of our challenge as consumers is that our society has become one in which companies are so fixated on profits over service - because "the market" expects it, that this forces companies to make short-sighted investment decisions. So when a telco digs up the road to lay new fiber, they might put in say 50-pair instead of 500 pairs because the latter would have cost 6-7 times more in material cost. But the labor would have been the same, and would have been a huge chunk of the cost. But companies today are no longer prepared to invest for the long term. Any investment for more than 5 years out is considered to be frivolous by the short-terming city traders, who expect a return on their investment tomorrow, not five years out. Sad that we are being technologically crippled by the money men...
Exactly, and if you are willing to consider the idea that the instance of the universe which we find ourselves could be one of many, either because it is cyclical, or because it is one entity within a multiverse... Taking just the cyclical universe to start with... If the universe ultimately ends with a "big crunch", what is to say that it cannot "rebound" back out with a new "big bang", forming an entirely new universe (one which perhaps varies in some small way from it's predecessors) as it does so? Alternately, if the universe is part of a multiverse, could there be parallel alternates with various differences between them? Ultimately, any of these scenarios seem potentially as likely as the one Mr Musk suggests...
Elon's argument has a lot of integral logic, but I wonder if it has one significant gap - a failure to demonstrate a causal relationship between what we know with certainty due to historical evidence or current measurement, and a potentially uncertain future.
Put another [entirely inaccurate] way: "From Earth, the moon looks to be pale blue and crumbly with craters. Blue cheese in pale blue and crumbly, with craters. Therefore, the moon is made of blue cheese..."
Even if the first two statements are correct and factual, there is no demonstrable causal relationship that links the third statement in an irrefutable way.
As evidence for an alternative, I would suggest "the coin toss". If you take a coin and toss it a bunch of time, in the vast majority of cases it will result in a coin landing with heads or tails uppermost. But there is an (incredibly narrow) realm in which the coin may land and balance, perfectly, on it's edge. So if we extrapolate that to the observable universe and if we look at all the "coincidences" [such as the rate of the expansion of the universe], for a bunch of reasons what we see might be the equivalent of the universe's coin landing on it's edge.
Problem is, we just don't know how many times that universal coin could have been flipped *before* it landed on it's edge - i.e. before it generated a set of universal laws that has resulted in the mostly-stable universe we occupy. I'm not for one moment suggesting that Elon is wrong and we are living in an extremely-low-probability iteration of a universe, just wanting to make the observation that there are a range of different "configurations" that could result in what we observe today.
I am not sure if it is entirely relevant to the topic [or, if it is, how best to apply it] but perhaps Occam's Razor [given two broadly competing explanations for the same observed phenomena, the simplest explanation is usually correct] has a role to play here. Or, if that doesn't work, how about Bloore's Corollary to Occam's Razor [given two broadly competing explanations for the same observed phenomena, pick the one which is funnier]...
Lovely theoretical debate, just not sure how knowledge of the actual truth is going to affect us as we believe we exist today...
I guess we've known this problem would come along at some point...
With absolutely no knowledge of the technical feasibility of them, how about applying these two solutions?
1. Split Water Into Hydrogen and Oxygen
Could they use the electricity to store energy in the form of hydrogen? This could then be burned in fuel cells to generate electricity more readily, i.e. on demand, perhaps through the night when solar doesn't work? I guess the two issues with this are (i) the volatility/inflammability of hydrogen; and (ii) the fact that burning the hydrogen is exothermic and therefore contributes to warming...
2. Potential Energy Pumps
In the UK we have some minor success, with power stations like Loch Awe in Scotland, in which the turbines can be reversed into electric motors and can be used to pump water up a gradient. To make this work you need 2 lakes, one above the other [i.e. on sides of a mountain]. With a solar surplus in the day you use the energy to pump water from the lower lake to the higher one. When you have an electricity shortfall you allow the process to reverse, using gravity and falling water to generate electricity via hydroelectric power.
Both of these solutions are flawed and, to variable extents, inefficient. But they do work. If we put investment into good R&D on these sorts of challenges today, then they will become more refined with time...
I guess (and I am by no means qualified to say) that as a secure appliance, this sort of solution might have something going for it. However, if you think about the threat landscape that a mobile phone has by definition to operate in, then isn't this an awful lot of money to pay for a minimal reduction in exposure? For example, here is a hastily-thought-up list of threats/attacks that even the most perfectly secure handset cannot shield you from:-
1. The remote phone numbers that you call, or, if themselves for mobile devices, send SMS messages to.
2. Potentially, the phone numbers that call you.
3. Your location, as determined by triangulation from cell towers [assuming that you don't have a compromised GPS sensor in the handset.
4. The duration of the calls you make and/or receive, plus your location, time of day, etc, whilst those conversations happen.
5. The superset of data relating to you - that is: the location and activities of the counter-parties you communicate with, the on-chain communications that *they* participate in...
6. All of your web and email activity [unless you have an effective S/MIME solution, and/or have a remote proxy server that you can configure into your phone browser.
In other words, it is trivially easy to gather so much additional data from even the most secure handset that it simply isn't possible to disguise the activities you perform through a handset. EVEN IF YOUR OBSERVER CAN'T CRACK YOUR HANDSET.
I would be very reluctant to dismiss this handset as the mobile phone equivalent of snake oil, but I wonder if clients are fully aware of the inherent limitations of the solution they are being offered, and if they think it's still worth $14,000?
I'm not a US citizen, so the law relating to tenancy is likely quite different from the State in this story, but perhaps the principles are similar.
It seems highly unlikely (conceded, we don't know all the relevant facts in this case) the the landlord would have written their own tenancy agreement without some form of legal support. For one thing, the landlord would have wanted/needed to ensure that they had adequate protections in case a tenant turns out to be a criminal (say drug dealer), or causes damage to the property - that sort of thing. So let's give the landlord the benefit of the doubt and assume they consulted a lawyer on that tenancy agreement...
If that lawyer was worth their salt then they would have told the landlord that they would need to be consulted before making changes to the agreement, that it was not possible to make unilateral changes to the agreement and impose them on existing tenants without the agreement of those tenants. So whilst, in this case, the landlord is rightly being castigated for an ill-thought-out idea, it's possible the trouble runs even deeper.
Then again, as a friend of mine quips in the face of stories like this: "Always bet on stupidity - the odds will be in your favour."
I think the legal term that would apply there would be an "unconscionable contract", meaning "a doctrine in contract law that describes terms that are so extremely unjust, or overwhelmingly one-sided in favor of the party who has the superior bargaining power, that they are contrary to good conscience".
It's another way of saying that one party (Samsung) try to push another party (their customers) into a contract which is completely one-sided.
But even the basics of contract law should defend us here. A company could equally easily put in the small print of their contract that anyone purchasing one of their products must give up their first-born child to go and work in some factory in the far east for no pay, working as child slave labour. I am NOT suggesting that any company would do such a thing, but technically they can put what they like in their terms and conditions. Fortunately, if they try to *exercise* rights they grant themselves under that contract, then if those rights are unreasonable the law defends everyone else against their intent...
I purchased a new Samsung TV in December 2015 and this was not discussed as even a possibility when I chatted through options and scenarios with the store. I chose an internet-connected TV because I live in an apartment building that cannot get satellite TV, so my best option for a wider set of programming was for a net-connected TV... I took a NetFlix subscription and already had Amazon Prime.
However, for Samsung to start injecting commercials into the non-program parts of the TV [for example in the menus] would be a complete breach of the terms and conditions under which the set was purchased. It would be a bit like you purchasing a car, running it for 6 months, then being told by the manufacturer that, "Hey, we've decided your car is now a taxi. You'll have to take fee-paying passengers about when you drive. We won't ask you to change the route, but we will keep all the proceeds of the free rides you need to give."
Not happening.
In the UK at least I think this would fall fall of the "Goods and Services Act", might likely be "false advertising" [for failing to disclose the intent to push adverts], etc, etc.
Interestingly, this isn't the first time that Samsung have tried this. They did it a couple of years ago in Australia and New Zealand, where subscribers to paid network services [like NetFlix] suddenly saw crude, badly-formatted adverts appearing in the middle of (paused) Amazon Prime streaming content. There was uproad, and Samsung pulled the firmware update, hastily claiming it was pushed in error...
We might need to get ready for the same level of uproar if they try again...
In the same time frame that Edward Snowden leaked a set of documents to Glenn Greenwald and Laura Poitras, so General David Patreus leaked a set of confidential documents to his biographer and then lover / mistress, Paul Broadwell.
These two events share something in common: they involve the leaking of confidential documents.
However, the consequences of the two events could not have been more different. Patreus was let off with a "naughty, naughty boy!" style of finger wagging, whilst Edward Snowden is in self-enforced exile in Russia because his alternative would be to spend the bulk of the rest of his life rotting in a US prison.
I'm Ok with the general principles that Eric Holder seems to be saying, but the US Government, from the President down, might need to reflect that they have already set the precendent, with Patreus. They can't argue different circumstances, unless they can *prove* that Patreus went the whistleblower route and told his superiors that he intended to leak confidential documentation to his lover. [ Somehow I doubt they would step up to *that* argument ].
Good to keep the debate going, but even more important to be fair, impartial and avoid some of the hypocrisy we've got in this debate at the moment...
"I wonder if some of the issue with self-signed certificates is due to somebody at some point deciding that the CA model was better than the federated, partial trust model of PGP keys and that makes it conceptually difficult to use x.509 certificates in the same way that PGP keys are used."
Either that or the companies running commercial CAs put a lot of effort into that meme... There is a *lot* of money in Certificate Authorities... Mark Shuttleworth sold his CA business to Verisign back in the day for $750 Million... If you think about it in those terms, peer-to-peer trust models such a PGP and GPG would always undercut commercial solutions.
What's really interesting, however, is to see how the certificate market has evolved. We still rely on a relatively small number of Commercial CAs, who in turn make a lot of money. But look at what we've done with DNS [massively federated], Email SPF (Sender Policy Framework) [massively federated] and you realise that the CA model is actually the odd one out.
It actually wouldn't be that difficult for us to set up a mechanism in which institutions could set up and host their own publicly-facing, self-signed certificates, with a simple on-line checking mechanism that would allow us to decide whether or not to trust that CA as part of our train-of-trust process. In fact, if we linked that with a version of OCSP it might even make things much stronger...
"Why is it easier to work with signatures than encryption?"
Here's a wild guess... If I prepare a file to send to you that I then decide I want to sign, I will typically send you a combined payload that consists of the original file, a signed digest of the file [SHA2 hash] and then my public certificate that contains the asymmetric portion of my signing key... In other words, I would, by convention, send you everything that you need to know in order to validate my signed message [working on the loose assumption that you have the root cert for my CA cached locally]. It's a neat, packaged payload that requires no negotiation and which contains some pretty tightly-specified files...
I think what we're describing for encryption [OK, specifically S/MIME] is an example of a loosely-specified definition which, through permitting flexibility in the model, has allowed so much "movement" that the flexibility has brought incompatibility with it. But, that's a wild guess...
Oh, one other thing.
I call bullshit on Symantec's claim that they know what BlueCoat did with the suspected Intermediate Certificate Symantec gave BlueCoat.
It is entirely possible [it's just software and a bunch of data files, after all] to create a certificate and then wipe all evidence from any generated log files. The only log or record of certificates that I am aware that current processing demands is the list of *revoked* certificates that is maintained by the CA and used for OCSP (Online Certificate Status Protocol), which is a common method of ensuring that a certificate you have just been presented has not been revoked by the CA... Even that is imperfect, because the moment you create Intermediate certificates, you create an assimilation/aggregation challenge for yourself...
I'm not sure if I'd attribute that claim by Symantec to ignorance or malice, but I really don't believe it. There is no way for them to know [short of having an observer watching all the time] what BlueCoat did with the intermediate certificate...
I definitely agree with your observation about the way that self-signed certificates are becoming more trustworthy. I especially like the federated trust model in GPG, for example, with the idea that rather than having a single, central and therefore vulnerable point of trust, your trust is accrued gradually by your interaction with the community.
... I'd kinda hoped that Snowden's revelations would have prompted the mail client developers to go and take another look at this, but it hasn't happened yet (that I'm aware of). Maybe time for some more testing...
Is it really a conspiracy, or is it that certificate management in browsers is hard? I recall, a few years ago, when someone spotted that there was a bug in the certificate validation logic in two browsers. Basically, when a certificate is created, various flags are set that describe what the certificate is permitted to do. A logic error in the browser code meant that someone could obtain a certificate and then use it to sign *another* certificate so that the second, produced certificate looked as though it was signed by the CA root certificate. That was a *huge* gaff in browser security and it was quickly patched. The failing browsers were Konqueror, which was fully open-source at the time, and MS Internet Explorer, which is proprietary... There are two possible explanations for that: either two completely different developers in two completely different projects both managed to craft the exact same error that worked the exact same way. Or a developer working for Microsoft stole the certificate-validation code from the Konqueror source and passed it off as their own work... Like I say, there is some complex logic there.
I have to say, though, that I slightly disagree with your theory that this is a conspiracy among the browser developers. Firstly, the default mechanisms are actually pretty excellent: all modern browsers come with a complete selection of root certificates bundled, so the effort to keep your browser certificate-aware is zero for 99.9-nines of the population. Secondly, I think that [and this is going to cause offence for which I am sorry] 95%+ of the population should not be trusted to mess around with the certificate store in their browsers at all. The chances of making a mistake and either wrecking your browser - or trusting something that should not be trusted - is too great. So on balance I think we should be happy with where we are in this regard.
I would also be very nervous about having certificate stores as configurable as you suggest... The moment that someone makes it too easy to "configure" a certificate store, someone else will integrate that with some scripting mechanism and the next thing you know, we'll have watering-hole attacks in web sites that will poison the cert store of any browser that visits the site. This in turn will be used to MitM the browser remotely, which will give an attacker the ability to harvest passwords, email addresses, maybe even access to secure on-line services such as banking details.
Totally, totally, totally agree with your comments around S/MIME, however. The current state of encryption in that space is atrocious. I ran tests by setting up dedicated mail accounts for each email client, then attempting to exchange encrypted emails between them. I used clients like Thunderbird, Outlook, Claws-Mail, KMail and so on. Less than a third of the connections worked... That's shameful
The linked article in the OP is a little vague, but based on my knowledge of the way that Symantec's certificate business is configured, I suspect it might actually be an Intermediate Certificate.
Basically the way this works is that Symantec have one single "Master" certificate, aka the "Root Certificate" for the CA. However, instead of using this one single digital key to sign all the certificates that all of Symantec's clients request, they actually use a series of "Intermediate Certificates". Think of this like a directory hierarchy with a root folder, some Top Level Directories, then a bunch of directories below that. Same deal.
This structure allows Symantec to grant the right to sign certificates based on logical groups or clusters; it also allows them to "bulk disallow" everything signed by the intermediate certificate by revoking that one file. Obviously, as the OP pointed out, an Intermediate is still allowed to "sign" certificates, with those produced having the full authority of being produced by Symantec.
What this would allow BlueCoat to do would be to sign any number of certificates as if they were signed by Symantec themselves. Bearing in mind, as others have pointed out, that BlueCoat sell filtering proxy servers and SSL interceptors, what this would allow them to do would be to effectively run "official" MitM (Man in the Middle) interceptions, in a pretty-much indetectable way, against any web site that uses Symantec Certificates.
There's quite rightly a fair bit of alarm in many posts here, suggesting that this would allow BlueCoat to spy on end users. However, the most likely scenario is that BlueCoat are using the certificates to upgrade the capabilities of their corporate proxy/filter/accelerator products for their large corporate clients. Big companies have a major issue with the leakage of proprietary information being sent off-network under the guise of SSL traffic; there are all sorts of malware packages that use SSL to communicate with their CNC hosts... In other words, there are many companies that want to have the ability to monitor even the SSL-protected traffic generated by their employees when those individuals access the web. I love a good conspiracy theory as much as the next tekkie, but in this case I suspect the actual implementation is only really of interest to you if you work for a large corporate and they haven't actually *told* you that they are doing this.
However, as other posters have pointed out, this isn't the whole story; this technology can be placed elsewhere in the network, for example within an ISP infrastructure, so it can equally easily be used to monitor private individuals.
So, if you don't want your colleagues in SecOps [at work] to know what you've got in your bank account, don't log into your online banking from work...
I'm not entirely sure of this, but because this specific story relates to Symantec certificates [i.e. the old Verisign business] I don't think the impact would be quite so relevant if you use certs from elsewhere. For maximum security, of course, I guess you could simply download OpenCA, build an air-gapped machine, install and run the OpenCA on something not connected to any other network, and get your signed certificates to the outside world by installing a CD-R burner on your CA hardware and then cutting a CD or DVD each time you create a certificate. Yes, you could use a USB key if you really wanted to, but since we all know how easy it is to infect a thumb drive, that doesn't make any sense.
Whilst I agree with your first statement, in that some knowledge of how to create a fake card would be required, the rest of your theory may not follow. In the UK, the big retail supermarkets do not validate every card transaction with the issuing bank in real time. Instead they sample a smaller number of transactions through their trading day, then batch and bulk submit the majority of transactions every few days. Obviously they can keep a history of card numbers previously used successfully and may use historical transaction data to decide which cards to trust.
They do this because banks charge fees per transaction. The system works for the retailers because the amount of fraud they suffer is less than the reduction in fees they are charged by the banks.
The OP and article mention that the accounts were South African and used in Japan. This strikes me as exactly the sort of scenario where the chain of processing agents would attach fees, including currency conversion. With everyone taking their cut, you can understand how there would be an incentive to minimize those fees. So maybe another way of describing this heist would be to say that the card issuer and processing banks might have been stung by their own greed.
You are quite right to point out the widespread use of encryption. However, SMTP is not encrypted by default, so ISPs would have the ability to grab unencrypted copies of email if they wanted to. Yes, there are solutions for secure email (S/MIME) but these are not yet widely implemented and (in my personal experience) are not implemented in an entirely transparent, consistent manner. In other words, S/MIME may not work if you're using a different email client to your mail counter-party... In other words, KMail KMail might be fine, but Outlook KMail might not...
You ask a good question, but the answer is pretty straightforward. If you have a PC with a regular email client (i.e. Outlook, KMail, Thunderbird, etc) then, as you quite rightly point out, all email traffic between your PC and the internet will be between your client and your nominated mail server[s], using ports such as 110 [POP] and 143 [IMAP].
However, if you computer has been infected by malware and is being used to send SPAM, then the spammer likely would not want you to know that they were doing that. So one effective way to do this would be to download some code on to your PC that emulates a mail gateway - i.e. a device that sends email using the Simple Mail Transfer Protocol (SMTP) on TCP Port 25. SMTP is the protocol used for forwarding email from one mail server to another. Using SMTP in the malware means that the infected code on your PC can hide it's activities from you.
However, the activity can be detected, simply by having ISPs to (1), block all Port 25 traffic from "regular clients" unless specifically requested, and/or (2) pay much more attention (archive) mail traffic send by "regular clients"...
Hope I'm explaining myself clearly...