It seems that most cryptographic methods depend on one of a number of hard to solve problems, such as the factoring of large numbers, elliptic curve discrete log, etc. These kinds of methods suffer catastrophic failure when the problems on which they depend are no longer hard. In the foreseeable future, it seems that factoring large primes will become less hard (especially with the help of quantum computers).
What contingency plans are you aware of? What sort of research is being done to avoid this single point of failure problem in future solutions? Are we just hoping for quantum encryption to save us?
Of course, the real solution is to not depend solely on crypto for security, as crypto it self will never be perfect (implementation problems, etc). Security organizations, who haven't already, need to update their risk assessments to include risks to crypto solutions. It's still interesting to look at crypto in a more narrow scope than the real world:)
Aside from avoiding long distance charges and facilitating better sound quality, what's the point of voice over IP for consumers? We have a huge infrastructure in place for the faciltiation of voice over a switched telephone network that works fairly well and comes at a fairly low cost. I can reach a remote village in central America, over the phone, but in many of those places, you'd be hard pressed to get electricity for a computer, let alone an ISP.
For carriers, there's an advantage of a unified infrastructure; any service can be provided over the same network. In that sense, the regulation issues arise; what services should be regulated, how, and why?
If the same network is being used for telephone, radio, TV, etc, what regulations apply? Frankly, does anything really need to change from a regulatory perspective? Today we have a shared network for these services (the electromagnetic spectrum); in the future, we may have a time division multiplexed packet switched network over which those services travel.
Even today, regulations of the telephone network impact data communications - you use the telephone network to connect to the Internet. You use the cable network to connect to the Internet (depending on your access method).
Why do we have regulation of these services anyway? What are the regulations that are imposed on telephone carriers?
It's funny how everyone is hyping up Slammer. Slammer was a poorly written worm. It could have done a lot more damage had it targeted more vulnerabilities, caused damage to data, been smarter about what IPs it tried to attack (it would be smart for the virus to attack VPN attached networks first, networks deemed close, etc), etc. I'm not too worried about worms like Slammer, but I am worried about worms designed by smart people with bad ambitions.
The bigger problem is that the principle of least privilege is not adhered to in world of Unix. Programmers will always write bugs and applications will always have vulnerabilities that can be manipulated. Manipulation of services should only effect the service being manipulated, not the whole system. For example, services should have NO access to anything by default. When you install a service you should set up the specific permissions that it requires (this can be made easy - the app, upon install, can recommend the permissions and you can just say, "okay"). If the app tries to do something that it doesn't normally need to do (like access/home/me/mysecretfile), the system should log an access denied message; the Linux kernel right now can't even audit denied access to files! CHUID permissions to deliver mail to people? A much cleaner mechanism is for the mail server to create the files under its own name and give permission to the user to take ownership of the files.
Linux, and Unix in general, tends to have pretty limited access controls. Even with ACL support, the distros still need to ship with restrictive settings and manage them. A lot can be done to provide a framework under which compromises can be limited and can be audited. Right now we don't have that. Without detection and reaction, how do you know that your prevention is effective?
Yesterday I querried the root servers once a minute to see if they had been updated. Why? Because Network Solutions screwed up and transferred a domain that I manage to their own name servers; I had to put a request in to change it back to our name servers and wait, wait wait. I wonder how common that is:)
Actually, our PM is, in his last year in office, trying to pass a law that would limit corporate, private and union party donations to about a thousand bucks. The days of big corporate contributions may be comming to an end.
Effectiveness of the corrections system.
on
Ask Kevin Mitnick
·
· Score: 2
Would you say that the corrections system was successful in your case? Has jail time curbed your desire to compromise other people's machines? Has it taught you right from wrong? If yes, how was that acheived? If no, how could the system have better, "helped" you (helped society)?
You can move or delete a file while it is open and being written to/read from by any application with no negative results. Once the file is open, the application will address the file by file handle, not file name. The actual file is not deleted until all references to it are removed (including file handles).
Problems WILL arrise if the application attempts to close the file then rename it or something like that.
Linux is terrible at enforcing least privilige. With kernel changes, such as those provided by RSBAC or LIDS, you have the power to enforce much better privilige control, but it's all up to the user. What we really need is a mainstream kernel that supports ACLs and auditing on failed reads and a distribution that ships packages that have nice restrictive ACLs by default, for daemon users. That way, access can be given to only those files that they require and you can find out when they try to access a file that they shouldn't. Given proper default ACLs, a SINGLE deny read in your logs should indicate a compromise. That simple level of auditing would improve the security of Linux by at least an order of magnitude (well, assuming that someone's watching the logs, of course:)
I use a computer at work to code. I use my computer at home to learn (web, email, linux) and to play music. I could use a cell phone, sometimes, but most of the time, it's cheaper to use a normal land line. I got rid of my cell because I hated having to worry about how many minutes I was using, even for local calls.
From a pure function point of view, I'd like a mobile device that lets me schedule apointments, take notes, do some calculator type things, chat on the phone, chat online, and play music from my music collection (by this I mean remotely - the files would be streamed). However, it would have to cost only about US $30 a month (including unlimited local airtime) or else it would raise my expenses and I would realize that I didn't need it.
I really don't have any use for a web pad, but a laptop would be cool (really only to allow me to move around in my own house while computing). I would go for a laptop as my primary computing device (with an external monitor or projector for when I want a big display) and a mobile unit for the above described activities.
When it comes down to it, if these features raised my monthly costs much (over 5%), I would not pay. I'm cheap, and all of that mobile stuff doesn't really improve my life (it would probably hurt it by making me work more)
With regards to kernel config, there should be an option to compile EVERYTHING possibly compiled as a module, as a module. This way, you compile once, then just config your modules nicely. Also, configuring modules is easier, as you do it on module install, instead of at boot (it gives you a chance to try again)
Cool. I hope that you didn't take my comment to mean that the tools weren't neat, or useful, because they are. Have you ever read Gibson Research's 'nanoprobe' papers? Goto grc.com and see why some people are sensitive to that kind of vague, buzzword laden, hype generating writing:)
I agree, the description looked like it was written by a marketing deptartment. It sounded like these tools were too good to be true, which they're not. I was totally reminded of Gibson Research Corporation;) The tools are indeed clever, and not to play down the interesting accomplishment, but there are a lot of other neat tools out there too. The tools aren't really revolutionary; they're solutions to specific problems that were identified with some current solutions. Performance, firewall restrictions, etc. Nice work, but hardly the work of 'gods' as some would suggest (and I'm sure that the authors would agree).
I wasn't saying that pragmatism is useless. I was saying that spending a lot of time trying to do something neat is worth it. You, as a user, don't need to use it for it to be a worthwhile exercise, just as every person on earth doesn't need to use Linux for it to be a worthwhile exercise.
I wish that fewer people would be so damned hardline pragmatic. It's worth putting time into stuff that could be cool and to try to do things in ways that are nice. Maybe it'll fail, but it's worth the attempt, even if it only serves as an example of what doesn't work.
News really should be new. The behavior of the sun and the 'weather' that it generates is relatively predictable. When sensitive things are built to be sent into space, or even built for use here on earth, they are built to take solar radiation into account. There are procedures in place to cope with larger solar events (X class solar flares and the like). The only real impact that most people see is aurora borealis (if only news outlets would start reporting on POSITIVE things). Yes, if you're out in space, flying in a jet for long periods at high alititudes, building sensitive electronics, or are an astronomer (amature or otherwise) you should worry about solar activity. If something happens that's major, you'll be sure to hear about it on the 7 oclock news, just like you always do when there's a potential for doom (even then, don't bet on doom, of course)
Actually, as another response indicated, they got a level 4, which is pretty high. However, they were only certifying, "the Active directory service, Windows 2000's virtual private network (VPN) capability, the single sign-on function, its implementation of network security standard Kerberos, and the Windows 2000 encrypted file system". This means that a whole bunch of other stuff in the OS was left out. This is still good though; it is fairly hard for a company to get a common criteria cert.
Common criteria does not mean secure. There are multiple levels of the common criteria that mean different things. It doesn't appear that the article states the level achieved.
Common criteria is quite complicated - to understand what common criteria really means, you'll need to read some things that are NOT posted at Microsoft. This may mean that they basically implement what they have documented, or that they implement a specific feature set.
Slashdot Mirror
Woops :) I was careful to avoid saying that in the first instance.
What contingency plans are you aware of? What sort of research is being done to avoid this single point of failure problem in future solutions? Are we just hoping for quantum encryption to save us? Of course, the real solution is to not depend solely on crypto for security, as crypto it self will never be perfect (implementation problems, etc). Security organizations, who haven't already, need to update their risk assessments to include risks to crypto solutions. It's still interesting to look at crypto in a more narrow scope than the real world :)
Aside from avoiding long distance charges and facilitating better sound quality, what's the point of voice over IP for consumers? We have a huge infrastructure in place for the faciltiation of voice over a switched telephone network that works fairly well and comes at a fairly low cost. I can reach a remote village in central
America, over the phone, but in many of those places, you'd be hard pressed to get electricity for a computer, let alone an ISP.
For carriers, there's an advantage of a unified infrastructure; any service can be provided over the same network. In that sense, the regulation issues arise; what services should be regulated, how, and why?
If the same network is being used for telephone, radio, TV, etc, what regulations apply? Frankly, does anything really need to change from a regulatory perspective? Today we have a shared network for these services (the electromagnetic spectrum); in the future, we may have a time division multiplexed packet switched network over which those services travel.
Even today, regulations of the telephone network impact data communications - you use the telephone network to connect to the Internet. You use the cable network to connect to the Internet (depending on your access method).
Why do we have regulation of these services anyway? What are the regulations that are imposed on telephone carriers?
It's funny how everyone is hyping up Slammer. Slammer was a poorly written worm. It could have done a lot more damage had it targeted more vulnerabilities, caused damage to data, been smarter about what IPs it tried to attack (it would be smart for the virus to attack VPN attached networks first, networks deemed close, etc), etc. I'm not too worried about worms like Slammer, but I am worried about worms designed by smart people with bad ambitions.
ACLs are not the be all and end all of access control. Check out rsbac.org for examples.
The bigger problem is that the principle of least privilege is not adhered to in world of Unix. Programmers will always write bugs and applications will always have vulnerabilities that can be manipulated. Manipulation of services should only effect the service being manipulated, not the whole system. For example, services should have NO access to anything by default. When you install a service you should set up the specific permissions that it requires (this can be made easy - the app, upon install, can recommend the permissions and you can just say, "okay"). If the app tries to do something that it doesn't normally need to do (like access /home/me/mysecretfile), the system should log an access denied message; the Linux kernel right now can't even audit denied access to files! CHUID permissions to deliver mail to people? A much cleaner mechanism is for the mail server to create the files under its own name and give permission to the user to take ownership of the files.
Linux, and Unix in general, tends to have pretty limited access controls. Even with ACL support, the distros still need to ship with restrictive settings and manage them. A lot can be done to provide a framework under which compromises can be limited and can be audited. Right now we don't have that. Without detection and reaction, how do you know that your prevention is effective?
Yesterday I querried the root servers once a minute to see if they had been updated. Why? Because Network Solutions screwed up and transferred a domain that I manage to their own name servers; I had to put a request in to change it back to our name servers and wait, wait wait. I wonder how common that is :)
Actually, our PM is, in his last year in office, trying to pass a law that would limit corporate, private and union party donations to about a thousand bucks. The days of big corporate contributions may be comming to an end.
F 5- 4ED8-97C0-137EF8880510
http://canada.com/news/story.asp?id=42BA92AC-FB
Would you say that the corrections system was successful in your case? Has jail time curbed your desire to compromise other people's machines? Has it taught you right from wrong? If yes, how was that acheived? If no, how could the system have better, "helped" you (helped society)?
Thanks,
Mathew Johnston
You can move or delete a file while it is open and being written to/read from by any application with no negative results. Once the file is open, the application will address the file by file handle, not file name. The actual file is not deleted until all references to it are removed (including file handles).
Problems WILL arrise if the application attempts to close the file then rename it or something like that.
Linux is terrible at enforcing least privilige. With kernel changes, such as those provided by RSBAC or LIDS, you have the power to enforce much better privilige control, but it's all up to the user. What we really need is a mainstream kernel that supports ACLs and auditing on failed reads and a distribution that ships packages that have nice restrictive ACLs by default, for daemon users. That way, access can be given to only those files that they require and you can find out when they try to access a file that they shouldn't. Given proper default ACLs, a SINGLE deny read in your logs should indicate a compromise. That simple level of auditing would improve the security of Linux by at least an order of magnitude (well, assuming that someone's watching the logs, of course :)
Remember, domains are not only for the web. They're for email, jabber, et c., as well.
I use a computer at work to code. I use my computer at home to learn (web, email, linux) and to play music. I could use a cell phone, sometimes, but most of the time, it's cheaper to use a normal land line. I got rid of my cell because I hated having to worry about how many minutes I was using, even for local calls.
From a pure function point of view, I'd like a mobile device that lets me schedule apointments, take notes, do some calculator type things, chat on the phone, chat online, and play music from my music collection (by this I mean remotely - the files would be streamed). However, it would have to cost only about US $30 a month (including unlimited local airtime) or else it would raise my expenses and I would realize that I didn't need it.
I really don't have any use for a web pad, but a laptop would be cool (really only to allow me to move around in my own house while computing). I would go for a laptop as my primary computing device (with an external monitor or projector for when I want a big display) and a mobile unit for the above described activities.
When it comes down to it, if these features raised my monthly costs much (over 5%), I would not pay. I'm cheap, and all of that mobile stuff doesn't really improve my life (it would probably hurt it by making me work more)
With regards to kernel config, there should be an option to compile EVERYTHING possibly compiled as a module, as a module. This way, you compile once, then just config your modules nicely. Also, configuring modules is easier, as you do it on module install, instead of at boot (it gives you a chance to try again)
Cool. I hope that you didn't take my comment to mean that the tools weren't neat, or useful, because they are. Have you ever read Gibson Research's 'nanoprobe' papers? Goto grc.com and see why some people are sensitive to that kind of vague, buzzword laden, hype generating writing :)
I agree, the description looked like it was written by a marketing deptartment. It sounded like these tools were too good to be true, which they're not. I was totally reminded of Gibson Research Corporation ;) The tools are indeed clever, and not to play down the interesting accomplishment, but there are a lot of other neat tools out there too. The tools aren't really revolutionary; they're solutions to specific problems that were identified with some current solutions. Performance, firewall restrictions, etc. Nice work, but hardly the work of 'gods' as some would suggest (and I'm sure that the authors would agree).
Mr. Shatner played in the Stratford Festival Theatre in Ontario Canada early in his career.
Yikes, if that's not flaimbait, I don't know what is. Not through the content, but rather through the tone.
Anywhere in the world? You mean anywhere in space and time. :)
I wasn't saying that pragmatism is useless. I was saying that spending a lot of time trying to do something neat is worth it. You, as a user, don't need to use it for it to be a worthwhile exercise, just as every person on earth doesn't need to use Linux for it to be a worthwhile exercise.
At least they're trying to do something neat.
I wish that fewer people would be so damned hardline pragmatic. It's worth putting time into stuff that could be cool and to try to do things in ways that are nice. Maybe it'll fail, but it's worth the attempt, even if it only serves as an example of what doesn't work.
News really should be new. The behavior of the sun and the 'weather' that it generates is relatively predictable. When sensitive things are built to be sent into space, or even built for use here on earth, they are built to take solar radiation into account. There are procedures in place to cope with larger solar events (X class solar flares and the like). The only real impact that most people see is aurora borealis (if only news outlets would start reporting on POSITIVE things). Yes, if you're out in space, flying in a jet for long periods at high alititudes, building sensitive electronics, or are an astronomer (amature or otherwise) you should worry about solar activity. If something happens that's major, you'll be sure to hear about it on the 7 oclock news, just like you always do when there's a potential for doom (even then, don't bet on doom, of course)
Actually, as another response indicated, they got a level 4, which is pretty high. However, they were only certifying, "the Active directory service, Windows 2000's virtual private network (VPN) capability, the single sign-on function, its implementation of network security standard Kerberos, and the Windows 2000 encrypted file system". This means that a whole bunch of other stuff in the OS was left out. This is still good though; it is fairly hard for a company to get a common criteria cert.
Sometimes, maintainers will even fix the bugs themselves, and work to have the patch merged with upstream source.
Common criteria does not mean secure. There are multiple levels of the common criteria that mean different things. It doesn't appear that the article states the level achieved.
Common criteria is quite complicated - to understand what common criteria really means, you'll need to read some things that are NOT posted at Microsoft. This may mean that they basically implement what they have documented, or that they implement a specific feature set.