> If we want to work together, we can take the option of using the same CA, which means one of us has to go through the process of forming a new trust relationship. Instead, we can have a cross-certfied CA set up.
Wouldn't that actually be a very dangerous thing to do for Thawte and Verisign? As far as I know, CA certificates (i.e. certificates granting the right to operate a CA) have no "scoping" information (such as *.yourcorp.com), only a maximal chain length (meaning that can make sure that your CA doesn't cross-certificate yet another CA). As there is no scoping, your "private" CA would be allowed to certify just about any site, not just the ones under your jurisdiction. And because of the cross-certificate, any browser trusting Thawte or Verisign would trust your CA too! Given how dangerous this is, I doubt that Thawte or Verisign ever would do that.
Rumors are that Equifax hands out these cross-certificates rather easily. Interestingly enough, Thawte's cross certificate for Equifax has a chain-length of 1, meaning that a browser trusting Thawte also trusts any identity certificates directly issued by Equifax but (fortunately) not certificates issued by CA's cross-certified by Equifax...
> I don't know whether that's just coincidence or not -- most people don't live long enough to run enough companies to draw statistically valid conclusions
Depends on just how good they are at ruining companies. Apparently, these guys just needed slightly over a year. With only a year needed to wreck a company, you can wreck lots of them in a career...
> Does that mean that browsers looking at the website go into https: mode as smoothly as if the browser was IE?
Installing a new CA root certificate in your browser should be a concious choice. By doing so, you say that you trust the CA to properly verify the identities of parties to whom it grants identity certificates, that it appropriately manages its own security, and that it doesn't lightly delegate its CA authority to untrusted parties. There are some doubts about this last point, as it seems.
If your browser now doesn't warn you about potential security breaches caused by Equifax' carelessness, this doesn't mean that your browser is no more secure than IE, it just means that you, the user made a bad judgment by including Equifax's CA certificate in it.
> In summary, the bootstrap issue is a big deal, although you are mistaken that you need a CA cert in the browser to verify subsequent CA certs; they aren't related.
Very often, CA's certify each other. So Thawte could for example certify Verisign's certificate or vice-versa. That way, you'd only need one of them installed on bootstrap, whereas the other could be loaded dynamically in a 100% secure fashion.
> Finding a program that factors large prime numbers (or determines if a number is prime)
These are not the same thing. There are algorithms (based on exponents) which allow to determine (with a certain degree of confidence) whether a number is prime or not without having to factor it. This is by the way the reason why those encryption algorithms are practicable: in order to generate keys, you need prime numbers. Now, the algorithm would not be very useful if it was as difficult to generate a (legitimate) keypair than it would to break one...
> A CA will just have to convince the open source projects (possibly by donating money and/or servers and/or people contributing to the browser code) to get their cert in the default setup.
Errm, wouldn't it be more appropriate if the CA convinced the projects by showing that it takes its job seriously? Does the do reliable identity checks, or does it hand certificates out (in any name) to anybody who pays the fee? Is its network secure, or is its private CA key available to any 'leet script kiddie off the street? Just watching the size of the bribe^H^H^H^H^Hdonation seems to be awfully dangerous to me...
Btw, what do the current browsers companies do? Do they just make sure the payment is in, or do they also consider who the CA is? I'd date to hope it's the latter...
That wouldn't work, because that large prime unzips to exactly one source, which would very likely not do anything useful. Think about it...
However, altering the source, zipping, and testing for primality takes advantage of the fact that there are very many primes around, so it's highly probably that you will eventually hit one of them. However, the probability of hitting a very specific prime is incredibly small.
> Are their employees trustworthy, is their network trustworthy, whats the difference between seeing a "Trust-E" certificate and "Vendor Company" certificate?
For all the customer knows, the "Vendor Company" CA could actually be run by a malicious hacker trying to eavesdrop on his communications with your site.
> when was the last time those who did know check the validity of a cert or the company that issued it?
A long time ago... Indeed, most of the times, the browser does it for me. However, it can only do this automatically if the cert is signed by a CA recognized by the browser.
> No thank you I would rather create, monitor, and control our own certs in house, and ensure that our information is to be used by our company solely.
This is ok as long as you only care about in-house communication, but what if you sell to outside consumers who have no way of doublechecking your certificates? First they'd somehow need to get your public key, or a fingerprint of it via a secure channel (telephone? postal mail? Neither is 100% secure), which would cost you lots of processing costs.
Next, if you're really so worried about whether Verisign and Trust-E are able to guarantee the security of their infrastructure, why should your customer believe that you are able to properly secure your private key?
There are some situations where you don't need to bother with CA-signed certificates:
In-house use: install your own CA certificate in all user's browsers
Customers with whom you deal in meatspace: hand them floppy disks with your certificate or public key, or hand them cards with your certificate fingerprint
You just want to stop the casual eavesdropper, but are not concerned about sophisticated man-in-the-middle attacks
However, in the general case of e-commerce with customers that you never met physically, and where you care about security, certificates are indeed very useful.
While it costs almost nothing to make the certificate per se, checking the identity of the requestor, and maintaining the security of your certificate DB and CA private keys does have a cost. And what happens if somehow somebody tricks the CA into issuing him a fraudulent certificate which will then be used for hacking? Would the CA be liable for damages? Does it have to take out an insurance to cover these kinds of risks? What is the price of this insurance?
Or else, somebody could just say: Hey, look at the sequence of digits of pi starting at mumble mumble bazillions mumble mumble and ending 137142 characters later... and he would be in the clear, because Pi exists naturally, and just "happens" to contain the source code of DeCSS at that place. Truth is, by linking to that place, you revealed the code, which formerly wasn't distinguished from the zillion other code-snippets also contained in Pi...
> I'm guessing that the gzip format allows extraneous bytes at the end of the file that don't affect the unzipped output.
That would be cheating... A more elegant way would have been to include padding in the uncompressed output: add a space here and there, it doesn't change the meaning of the program, however it does change its gzipped representation... Write a small program that arbitrarily varies spacing of DeCSS in various places, gzips it and checks primality. Stop once a prime number is found. Or try the same with other, less "artificial" changes: choice of variable names, instruction reordering (where it doesn't affect meaning), etc.
Next exercise would be to take the largest known prime number, add gzipped DeCSS to it, and attempt to find one DeCSS variant where the new number is prime as well. As this is now the new largest known prime number, it will suddenly appear all over the place, and there's nothing the MPAA could do about it... Now, those numbers are so large that traditional primality tests are not practicable. It'll take a math genius to come up with a program that's fast enough for the purpose. But this is actually a blessing: if the primality check algorithm will be sufficiently novel, the whole stunt will be worthy of a peer-reviewed article in a math journal, causing the MPAA yet another headache. Does anybody in the audience have the math background to take up the challenge?
> each of those people probably have say a circle of 50 acquaintances/family/coworkers
Hrmmph! Just as if geeks had much of a "say" in anything not directly related to their field. They'll get flamed by said acquaintances/family/coworkers for being such a bigoted jerk against other religions before they even get to the word "cult"... There's no gain in having the better arguments and being able to cite references either, if as soon as you open your mouth the whole rest of the party cuts you off with their inane "four legs good two legs bad" chants.
> while the Church of Scientology primarily takes money from rich stupid people.
I beg to differ on this one. Scientology preys on the shy, insecure and rejected people, those people that feel outcast in the normal society, by making them believe that somehow within Scientology they will be given more respect.
Having much money is not a requirement, as long as you can "borrow" from family, from the few friends you have, from your employer, etc. After these sources are exhausted, you can still sell what little worldly belongings you have (your modest house, your car, etc.) and go live somewhere in a Scientology camp. At that point you cease to exist for the real-world society, but you are still not useless for the clams: Can you say slave-labor?
The clams don't target the ultra-rich, they're just very good at milking stones. They don't target the lucky and wealthy, but those that are already destroyed, and rob them of what little they have left.
Oh, maybe you were thinking about the "celibrity scientologists", a la Tom Cruise, John Travolta, etc? Nope, these are not "used" for the money, but rather as endorsments & whitnesses in favor of Scientology. In general the "celibrities" are much better treated than the average members, and won't see any of the nastyness that the common members see.
Yes, but is the DMCA constitutional? Unfortunately, AFAIK, the only way to get a law overturned for unconstitutionality is to violate it, have yourself sued, and then fight all the way to the top until Supreme Court. Looks like Slashdot passed an excellent opportunity of toppling the DMCA.
By its very nature, Slashdot is a site which often hosts controversial items. So far, they have brilliantly resisted against any attempt of censorship. This tradition has now been broken. Now, the next time the MPAA comes knocking, Slashdot no longer can say "Sorry, we won't take down any comments, as a matter of principle". They have done it for the clams, and now it will be pretty hard to convince the MPAA's and the Microsofts of the world why the clams intellectual property deserves protection, while somehow theirs doesn't. I fear that we'll see a lot more of these incidents in the future.
From the artile: Bellovin added that in light of Newsham's discovery, the only reliable ways to guard the integrity of TCP sessions are cryptography or his fix, which involves basing the ISN on a complex combination of a random number generated by each machine, an administratively installed secret phrase and the machine's IP address.
Isn't this basically what Linux is already doing right now? Except that the pass phrase is not installed manually by the administrator, but rather generated randomly every 5 minutes. At least that was what I understood from a couple of mailing list messages a few years back, when the problem was first considered, and from th function secure_tcp_sequence_number in/usr/src/linux/drivers/char/random.c.
Well, that's because there was no flaw in the proof of his theorem. And he didn't even use the dreaded "choice axiom" nor the sacred number 18. You have to remember that the kids in yesterday's story only got into trouble because they used list context in a situation where it wasn't appropriate.
> he committed crimes and was punished proportionately.
In the old days, the word "crime" was reserved for actions such as murder, armed robbery, high treason, etc. Nowadays, putting an extra pair of parenthesis around a variable apparently qualifies too...
The situation I was thinking about is the following:
The app runs at a central site, where it controls machinery/other installations physically located there.
Maintainance personnel on call connect to the app from home, to check on the system. They do so via a Laptop connecting via ISDN to the central site.
Problem: the app is an X app, which is very bandwidth (and latency) hungry, and to which no source is available. Moreover, as the institution is not in the business of doing software development, rewriting it to a different protocol would be out of question even if source was available. Your suggestion (of using binary SCO emulation) looks good, except for the fact that we'd still be running X over a slow ISDN line... Only difference: the app would run on a nice shiny Linux box rather than an old SCO iron, but the bandwidth/latency problem would still stay the same... So far, the only viable solution seems to be a dxpc-like X compressor, and in this context, the mlview-dxpc is indeed godsent.
> Not Taiwan. They do way too much trade with us and you can bet if they disregarded our IP laws like that there would be sanctions.
Not only that, but Taiwan also depends on the US's protection for its survival as an "independant" nation. The US would only need to hint to China that they no longer care about Taiwan's independance, and that'd be the end of the story.
> If you took a metal bunker and put a flag on it and declared it "land land", would that make it independent ?
Sure, as long as that land is still unclaimed. Only problem: nowadays every single square inch of charted land is claimed by some nation or other. Your only hope is to find a yet unknown island somewhere remote in the Pacific, or whereever.
Slashdot Mirror
Wouldn't that actually be a very dangerous thing to do for Thawte and Verisign? As far as I know, CA certificates (i.e. certificates granting the right to operate a CA) have no "scoping" information (such as *.yourcorp.com), only a maximal chain length (meaning that can make sure that your CA doesn't cross-certificate yet another CA). As there is no scoping, your "private" CA would be allowed to certify just about any site, not just the ones under your jurisdiction. And because of the cross-certificate, any browser trusting Thawte or Verisign would trust your CA too! Given how dangerous this is, I doubt that Thawte or Verisign ever would do that.
Rumors are that Equifax hands out these cross-certificates rather easily. Interestingly enough, Thawte's cross certificate for Equifax has a chain-length of 1, meaning that a browser trusting Thawte also trusts any identity certificates directly issued by Equifax but (fortunately) not certificates issued by CA's cross-certified by Equifax...
Depends on just how good they are at ruining companies. Apparently, these guys just needed slightly over a year. With only a year needed to wreck a company, you can wreck lots of them in a career...
Installing a new CA root certificate in your browser should be a concious choice. By doing so, you say that you trust the CA to properly verify the identities of parties to whom it grants identity certificates, that it appropriately manages its own security, and that it doesn't lightly delegate its CA authority to untrusted parties. There are some doubts about this last point, as it seems.
If your browser now doesn't warn you about potential security breaches caused by Equifax' carelessness, this doesn't mean that your browser is no more secure than IE, it just means that you, the user made a bad judgment by including Equifax's CA certificate in it.
Why would they care what OS you run and how you are connected? Oh, they don't, they even list Apache + ssleay in their list of supported servers.
Very often, CA's certify each other. So Thawte could for example certify Verisign's certificate or vice-versa. That way, you'd only need one of them installed on bootstrap, whereas the other could be loaded dynamically in a 100% secure fashion.
Videos can be doctored too. This has even been proved in a court of law...
These are not the same thing. There are algorithms (based on exponents) which allow to determine (with a certain degree of confidence) whether a number is prime or not without having to factor it. This is by the way the reason why those encryption algorithms are practicable: in order to generate keys, you need prime numbers. Now, the algorithm would not be very useful if it was as difficult to generate a (legitimate) keypair than it would to break one...
Errm, wouldn't it be more appropriate if the CA convinced the projects by showing that it takes its job seriously? Does the do reliable identity checks, or does it hand certificates out (in any name) to anybody who pays the fee? Is its network secure, or is its private CA key available to any 'leet script kiddie off the street? Just watching the size of the bribe^H^H^H^H^Hdonation seems to be awfully dangerous to me...
Btw, what do the current browsers companies do? Do they just make sure the payment is in, or do they also consider who the CA is? I'd date to hope it's the latter...
However, altering the source, zipping, and testing for primality takes advantage of the fact that there are very many primes around, so it's highly probably that you will eventually hit one of them. However, the probability of hitting a very specific prime is incredibly small.
For all the customer knows, the "Vendor Company" CA could actually be run by a malicious hacker trying to eavesdrop on his communications with your site. > when was the last time those who did know check the validity of a cert or the company that issued it?
A long time ago... Indeed, most of the times, the browser does it for me. However, it can only do this automatically if the cert is signed by a CA recognized by the browser.
> No thank you I would rather create, monitor, and control our own certs in house, and ensure that our information is to be used by our company solely.
This is ok as long as you only care about in-house communication, but what if you sell to outside consumers who have no way of doublechecking your certificates? First they'd somehow need to get your public key, or a fingerprint of it via a secure channel (telephone? postal mail? Neither is 100% secure), which would cost you lots of processing costs.
Next, if you're really so worried about whether Verisign and Trust-E are able to guarantee the security of their infrastructure, why should your customer believe that you are able to properly secure your private key?
There are some situations where you don't need to bother with CA-signed certificates:
- In-house use: install your own CA certificate in all user's browsers
- Customers with whom you deal in meatspace: hand them floppy disks with your certificate or public key, or hand them cards with your certificate fingerprint
- You just want to stop the casual eavesdropper, but are not concerned about sophisticated man-in-the-middle attacks
However, in the general case of e-commerce with customers that you never met physically, and where you care about security, certificates are indeed very useful.While it costs almost nothing to make the certificate per se, checking the identity of the requestor, and maintaining the security of your certificate DB and CA private keys does have a cost. And what happens if somehow somebody tricks the CA into issuing him a fraudulent certificate which will then be used for hacking? Would the CA be liable for damages? Does it have to take out an insurance to cover these kinds of risks? What is the price of this insurance?
Or else, somebody could just say: Hey, look at the sequence of digits of pi starting at mumble mumble bazillions mumble mumble and ending 137142 characters later... and he would be in the clear, because Pi exists naturally, and just "happens" to contain the source code of DeCSS at that place. Truth is, by linking to that place, you revealed the code, which formerly wasn't distinguished from the zillion other code-snippets also contained in Pi...
That would be cheating... A more elegant way would have been to include padding in the uncompressed output: add a space here and there, it doesn't change the meaning of the program, however it does change its gzipped representation... Write a small program that arbitrarily varies spacing of DeCSS in various places, gzips it and checks primality. Stop once a prime number is found. Or try the same with other, less "artificial" changes: choice of variable names, instruction reordering (where it doesn't affect meaning), etc.
Next exercise would be to take the largest known prime number, add gzipped DeCSS to it, and attempt to find one DeCSS variant where the new number is prime as well. As this is now the new largest known prime number, it will suddenly appear all over the place, and there's nothing the MPAA could do about it... Now, those numbers are so large that traditional primality tests are not practicable. It'll take a math genius to come up with a program that's fast enough for the purpose. But this is actually a blessing: if the primality check algorithm will be sufficiently novel, the whole stunt will be worthy of a peer-reviewed article in a math journal, causing the MPAA yet another headache. Does anybody in the audience have the math background to take up the challenge?
Hrmmph! Just as if geeks had much of a "say" in anything not directly related to their field. They'll get flamed by said acquaintances/family/coworkers for being such a bigoted jerk against other religions before they even get to the word "cult"... There's no gain in having the better arguments and being able to cite references either, if as soon as you open your mouth the whole rest of the party cuts you off with their inane "four legs good two legs bad" chants.
I beg to differ on this one. Scientology preys on the shy, insecure and rejected people, those people that feel outcast in the normal society, by making them believe that somehow within Scientology they will be given more respect. Having much money is not a requirement, as long as you can "borrow" from family, from the few friends you have, from your employer, etc. After these sources are exhausted, you can still sell what little worldly belongings you have (your modest house, your car, etc.) and go live somewhere in a Scientology camp. At that point you cease to exist for the real-world society, but you are still not useless for the clams: Can you say slave-labor?
The clams don't target the ultra-rich, they're just very good at milking stones. They don't target the lucky and wealthy, but those that are already destroyed, and rob them of what little they have left.
Oh, maybe you were thinking about the "celibrity scientologists", a la Tom Cruise, John Travolta, etc? Nope, these are not "used" for the money, but rather as endorsments & whitnesses in favor of Scientology. In general the "celibrities" are much better treated than the average members, and won't see any of the nastyness that the common members see.
But wouldn't the poster himself play the role of an ISP, and thus be liable under the DMCA for any posts performed by his body thetans?
Yes, but is the DMCA constitutional? Unfortunately, AFAIK, the only way to get a law overturned for unconstitutionality is to violate it, have yourself sued, and then fight all the way to the top until Supreme Court. Looks like Slashdot passed an excellent opportunity of toppling the DMCA.
By its very nature, Slashdot is a site which often hosts controversial items. So far, they have brilliantly resisted against any attempt of censorship. This tradition has now been broken. Now, the next time the MPAA comes knocking, Slashdot no longer can say "Sorry, we won't take down any comments, as a matter of principle". They have done it for the clams, and now it will be pretty hard to convince the MPAA's and the Microsofts of the world why the clams intellectual property deserves protection, while somehow theirs doesn't. I fear that we'll see a lot more of these incidents in the future.
Bellovin added that in light of Newsham's discovery, the only reliable ways to guard the integrity of TCP sessions are cryptography or his fix, which involves basing the ISN on a complex combination of a random number generated by each machine, an administratively installed secret phrase and the machine's IP address.
Isn't this basically what Linux is already doing right now? Except that the pass phrase is not installed manually by the administrator, but rather generated randomly every 5 minutes. At least that was what I understood from a couple of mailing list messages a few years back, when the problem was first considered, and from th function secure_tcp_sequence_number in /usr/src/linux/drivers/char/random.c.
Well, that's because there was no flaw in the proof of his theorem. And he didn't even use the dreaded "choice axiom" nor the sacred number 18. You have to remember that the kids in yesterday's story only got into trouble because they used list context in a situation where it wasn't appropriate.
In the old days, the word "crime" was reserved for actions such as murder, armed robbery, high treason, etc. Nowadays, putting an extra pair of parenthesis around a variable apparently qualifies too...
Then at least you could shoot into the cameras if they bothered you so much.
- The app runs at a central site, where it controls machinery/other installations physically located there.
- Maintainance personnel on call connect to the app from home, to check on the system. They do so via a Laptop connecting via ISDN to the central site.
Problem: the app is an X app, which is very bandwidth (and latency) hungry, and to which no source is available. Moreover, as the institution is not in the business of doing software development, rewriting it to a different protocol would be out of question even if source was available. Your suggestion (of using binary SCO emulation) looks good, except for the fact that we'd still be running X over a slow ISDN line... Only difference: the app would run on a nice shiny Linux box rather than an old SCO iron, but the bandwidth/latency problem would still stay the same... So far, the only viable solution seems to be a dxpc-like X compressor, and in this context, the mlview-dxpc is indeed godsent.Not only that, but Taiwan also depends on the US's protection for its survival as an "independant" nation. The US would only need to hint to China that they no longer care about Taiwan's independance, and that'd be the end of the story.
Sure, as long as that land is still unclaimed. Only problem: nowadays every single square inch of charted land is claimed by some nation or other. Your only hope is to find a yet unknown island somewhere remote in the Pacific, or whereever.