I used Xgobi (http://www.research.att.com/areas/stat/xgobi/) for a lot of things back in the day. It gave me the ability to 'see' and understand high dimensional data sets quite easily when I was looking at computer vision research.
It's very simple. The sort of people who will be the targets of cold boot attacks want absolute security. This "solution" is trying to prevent cold boot attacks.
Your average Joe Blow doesn't care. Truecrypt protects his business secrets and photos of his family if his laptop ever gets nicked. It is unlikely that your average laptop thief will do anything more than reinstall Windows on it (if even that) and try and flog it off for a few quid. Joe Blow also does let his laptop work while the screen is locked; downloading, recomputing a spreadsheet, tagging his photos in Picassa, etc.
Your average terrorist/drug dealer/etc cares, and he is the target of the attack. If someone is going to raid him all they need to is watch to see when he unlocks his screen and this "solution" is defeated.
The middle ground is me, and most other computer-tech types. I frequently lock my screen while the computer is busy and I'm off for coffee, even when I'm using the laptop at home. Perhaps I'm receiving a large file. Perhaps compiling software, who cares. The computer still does work while I'm not there. I don't use full disk encryption for anything either; I'm not too fussed about my laptop being stolen 'cos there's not much on it and I am always physically within a few feet of it unless I'm at home.
In any case, if the computer needs to do any work the key is in RAM with this solution. If that task takes a while then you have the key in RAM for a long time. Even if you're sitting in front of it that's a reasonable window for someone to raid you and seize control.
Your other options is cripple the cache and basically basically kneecap the machine, making all your nasty operations take hundreds of times longer.
You've either got the security risk of key in RAM or the performance overhead of crippled cache. This "solution" doesn't solve any problem; Joe Blow and Computer-Geek don't care all that much, and Osama-Bin-Terrorist still has exactly the same security issues as he always had when he was accessing his encrypted files.
Doesn't unmounting the encrypted volume and zeroing the keyspace in RAM when the user locks the screen solve this same problem anyway?
I haven't even touched on the fact: if you have the volume mounted and opened a few files then there is likely residue of those files in RAM. Preventing access to the encrypted volume may stop someone accessing the remainder of the files, but a scan of RAM could very well reveal incriminating evidence anyway.
The scenario is that someone steals a running, but locked laptop
Let's assume a REAL scenario. The real scenario is not everyone runs Windows and not everyone runs laptops, and not everyone uses X86 architecture. Just because the screen is locked doesn't mean the encrypted volume is not in use. Come to think of it, Windows + Laptop + Locked doesn't even mean it's not in use. The cold boot attack is also more useful against desktop machines because it's much easier to freeze up the memory good because you usually have unrestricted access to most of its surface area.
Example: I leave my computer calculating possible attack vectors for that exhaust port and lock the screen while I go make a coffee; it's going to take a couple of hours to compute, you see. I'm in the next room but it's possible that I am raided and the computer seized before I can get back to it and kill it off. In this case the key is very certainly loaded on the machine - either in RAM or cache, we can't be 100% sure. The key is also very certainly required to be there, and we can't cripple the machine with cache tricks because it's actually working on sensitive calculations. I'd suggest this is a likely scenario for most users of encrypted volumes.
Sure, if you were 250% paranoid you wouldn't walk away from your computer without first ensuring the key space in RAM was DoD wiped, but find me someone _that_ paranoid.
... so the solution to a cold boot attack is make your computer so damned slow that you don't want to use it. Therefore you won't want to create encrypted volumes to store your world domination plans anymore.
For obvious reasons, he wants to have administrator access to all of our systems (we are small enough that that is reasonable). At one point our info@ account started spewing spam and got our IP blacklisted for a couple of days. The reason? the boss had changed the stmp password to 4. He regularly demands that his employees give him their email passwords and proceeds to send email in their names. In general he is just a walking nightmare.
He doesn't need their email passwords to send email as them... all he needs is an open SMTP relay and a basic knowledge of his email settings. Of course I think he probably doesn't have that either.
Small business is all the same. I've colleagues who have been in similar scenarios at small companies.
I came from a company that was exactly the same. There was no IT security. The boss invited all his mates round on the weekends to thrash the high speed Internet connection and play games. They brought virus and spyware ridden Windows PCs in and just plugged them into the network. There wasn't a lot I could do about that. I made policy to stop him doing it, but he was the CEO and figured that policy doesn't apply to him. He wouldn't spring for a fully managed switch so I couldn't lock out unauthorized hardware addresses that way. You know what stopped it in the end? I turned off DHCP and put static IPs on all the machines in the building, including his laptop. Clueless enough that they couldn't figure it out.
This very same boss made it mandatory company policy to write your password down so he could access all your stuff. I ended up telling all the staff to not do that and all but one actually listened to me; until he threatened to fire everyone who didn't give him their password.
This was a company where the CEO was so paranoid about security, was totally clueless about how to get it but thought he knew everything (the most dangerous type of person) like most clueless users and completely ignored everything that I'd tell him about how to achieve it because he thought he knew better and it was also an inconvenience (like not being able to invite all his virus infected mates to work). Same CEO had a password that was the first one to come out of John... actually I've never seen a password come out in less than a minute before... until this guy.
Where I am now is better, but still not perfect. There's a lot of talk about putting half finished web application live on the Internet for all to see just so the customer can access it from wherever they are and show it off... security nightmare. I've got a bunch of Centos boxes that haven't been updated in months - nobody's even read the logs. I just picked up that mess to audit and patch. It's very slow going work.
And, like most corporations the people least able to make good decisions regarding IT/Engineering always rise to the top and those of us who are capable of making decisions are left sitting at the bottom "advising" and mostly being ignored by those who don't want to be inconvenienced by security. If you can find a company with a decent manager who is all about making GOOD decisions then stick with them.
y philosophy with this is always buy the extra drive/s when building the RAID/whatever.
The problem with that is some manager droid will see "6-drive array" on an inventory and see 8 drives on the purchase order for the 6 drive array. Said manager droid will snafu spare drives for some other application when you're not looking.
Failing that some bean counter will see 8 drives on the purchase order for a 6 drive array and request that you reduce the cost by removing all the "spare parts" because they can be ordered only if they are needed...
Don't believe me, try ordering more than you need and see if you get them or if they aren't snafu'd by a manager bot.
"Oh if it crashes and takes your primary business machine offline just email use the serial number and we'll email you a keygen^H^H^H^H^H^Hdetection tool then email us the output of the tool and well email you some other shit that only runs on X86 windows... oh you're running PPC Linux on an embedded appliance... too bad, so sad."
It gets messy. IRS issuing guidelines could clear up a lot of the messy details.
It's a freaking game!!! The guideline should be simple: There are no business expenses you can write off because it's a game, and if you do sell game stuff for real dollars we'll tax your non-virtual ass for it.
Where I live you can claim all losses and costs incurred as a result of actually attending court. Also, there is an industry regulator which oversees such matters free of charge to me.
Not being allowed to see the closing statement for your account is quite a big deal if you are unsure of the balance they want paying.
I am still going through this with my phone company. They didn't send me the final bill then dropped the account with debt collectors. When I called up to request a bill they added a $5 charge and posted it to the wrong address, after putting me on hold for about an hour. A full day of my time later I finally got a correct payout figure from them; and it was worth a lot less than the lost income.
Suffice to say, it's going to court this year to recover my lost income for spending a full day chasing the issue and not being able to work, for having to avoid getting listed on the bad credit register.
My keyboard speaks SSL and my computer only trusts its cert. Any keylogger is useless against my keyboard because the data is encrypted in the middle and I would be warned if anyone was intercepting the data.
Well, It doesn't really but it's not such a bad idea given the current arms race between gumbiments with their power lust and the otherwise innocent people who they want to spy on.
"Is it illegal to take photos?" If they claim it is, then ask why they want you to delete evidence. If not ask them why they want you to delete lawfully taken photos.
the whole field of Web hangouts may be skittish about anything that might expose kids to nudity, said Lee Tien,
I think that's funny. They're so scared that kids might be exposed to nudity. I have one kid (boy, pre-school age). We went to the local pool yesterday. What do you think he sees in the changing room while we're showering and getting ready to go home? He'd certainly see a lot of boobs if his mother took him to the ladies change room instead of the men's.
He barely bats an eyelid and never says a word... he doesn't even notice it; nudity is natural and harmless to kids. It's adults who train them out of it and make them scared of it/excited by it.
I'm not sure which will be the bigger headache when my internet breaks: waiting in line at the new government internet office, or the feds knocking down my door when I visit a site that promotes something against their good christian morals.
Now, I have seen P2P look like all sorts of things. It was very hard to block. Technical users keep finding the latest and greatest patches to different clients. I had P2P traffic that definitely looked like simple HTTP access passing through my proxy at my last job. It's hard to tell that application/octet-stream is a poorly configured web server or a torrent chunk without looking into it. Encrypted transfers make it even harder. It's designed to be hard to block, and the designers are constantly working hard to keep it that way.
That said, restricting it to passing via the proxy was actually enough to save our bandwidth costs because it was too hard for most of the Sector-L users to figure out. That's not to say that a block-all then allow HTTP access proxy was effective, but it worked well enough.
Let's not forget that, if a big important router was compromised (such as the one in charge of the carrier pigeon link between Downunderland and the rest of the world), the same things could be done.
Let's not forget that I use SSL to protect my banking and other details when logging into sites. The (dis)honourable Conroy wants to MITM SSL connections. Your average schmuck won't think twice about the certificate warnings when that happens. They'll take the path of least resistance ("let me in") and have their bank details decrypted in the proxy (not that they know that). Of course Joe Hacker has leveraged a known security exploit that went un patched because the proxy vendor charges for updates and is sniffing traffic. Joe Hacker has banking details, uses them, profits.
That's not even considering if they MITM in the proxy then the proxy is making the SSL request and could just as easily connect to a spoof site (DNS poisoning, anyone) and the user wouldn't receive a single warning before keying in their details.
I see this as pretty serious stuff here.
To add insult to injury, these pricks _could_ try and block access to legit downloads of browsers and SSL root certs; substituting them with their own root certs so nobody is any the wiser and all those pesky warnings that make SSL so useful go away. Of course we know that's impossible in practice, but I'm sure they'll get the bright idea.
Time to teach your friends GPG and get your public key outside of the country so you can securely receive root certs from time to time.
That's great if you're using Lookout. It's also great if your sysadmin didn't make a point of stripping receipt headers out of emails in transit.
I had a troublesome boss. He'd request receipts for every email he sent. He'd time the responses and use the delay as an excuse to yell at the staff (or suppliers, etc). I got the shits one day and just stripped out all the receipt headers in the MTA. Never got another receipt prompt and never heard another thing about it.
1. Keep everything locally on a mirrored or striped RAID for reliability. That helps get back up quickly in the case of a single disk failure (most common failure mode). Periodically I copy everything from one array to a new one as I increase my available space.
2. Keep a removable hard disk on site and about once a week plug it in and back up to it. That helps secure your data in the case of power supply or controller failure of your main rig.
3. I am building a low power box to leave at a mate's place. We both have decent Internet connections and a new Wireless connection is on the way. Leave said box at mate's place and connect to it with a VPN. Write a bunch of scripts to encrypt everything that's changed since the last backup with my public GPG key (ie encrypt it to me) and upload the changed.gpg files to the remote server. This keeps my data safe in the case of theft from my house or fire or some other bad thing. The only thing I need to keep out of the backup regime and ensure that I don't lose is my GPG private key, which can be stored on 2 or more USB sticks and carried around with you on your key ring. It also pretty much negates the need for step 2.
Slashdot Mirror
I suppose that Texas schools should teach the "strengths and weaknesses" of the Theory of Gravity, too.
I guess it could go something like "gravity is stronger for fat computer nerds because they weigh more than fit healthy people"
I used Xgobi (http://www.research.att.com/areas/stat/xgobi/) for a lot of things back in the day. It gave me the ability to 'see' and understand high dimensional data sets quite easily when I was looking at computer vision research.
It's very simple. The sort of people who will be the targets of cold boot attacks want absolute security. This "solution" is trying to prevent cold boot attacks.
Your average Joe Blow doesn't care. Truecrypt protects his business secrets and photos of his family if his laptop ever gets nicked. It is unlikely that your average laptop thief will do anything more than reinstall Windows on it (if even that) and try and flog it off for a few quid. Joe Blow also does let his laptop work while the screen is locked; downloading, recomputing a spreadsheet, tagging his photos in Picassa, etc.
Your average terrorist/drug dealer/etc cares, and he is the target of the attack. If someone is going to raid him all they need to is watch to see when he unlocks his screen and this "solution" is defeated.
The middle ground is me, and most other computer-tech types. I frequently lock my screen while the computer is busy and I'm off for coffee, even when I'm using the laptop at home. Perhaps I'm receiving a large file. Perhaps compiling software, who cares. The computer still does work while I'm not there. I don't use full disk encryption for anything either; I'm not too fussed about my laptop being stolen 'cos there's not much on it and I am always physically within a few feet of it unless I'm at home.
In any case, if the computer needs to do any work the key is in RAM with this solution. If that task takes a while then you have the key in RAM for a long time. Even if you're sitting in front of it that's a reasonable window for someone to raid you and seize control.
Your other options is cripple the cache and basically basically kneecap the machine, making all your nasty operations take hundreds of times longer.
You've either got the security risk of key in RAM or the performance overhead of crippled cache. This "solution" doesn't solve any problem; Joe Blow and Computer-Geek don't care all that much, and Osama-Bin-Terrorist still has exactly the same security issues as he always had when he was accessing his encrypted files.
Doesn't unmounting the encrypted volume and zeroing the keyspace in RAM when the user locks the screen solve this same problem anyway?
I haven't even touched on the fact: if you have the volume mounted and opened a few files then there is likely residue of those files in RAM. Preventing access to the encrypted volume may stop someone accessing the remainder of the files, but a scan of RAM could very well reveal incriminating evidence anyway.
I lol'd
secure user practices
You do that on a separate server under physical lockdown
Are you so naive to assume that the user will actually follow secure practice all of the time?
Are you so naive to believe that physical lockdown will save you from an invasion by the feds/rival drug dealers/etc?
The scenario is that someone steals a running, but locked laptop
Let's assume a REAL scenario. The real scenario is not everyone runs Windows and not everyone runs laptops, and not everyone uses X86 architecture. Just because the screen is locked doesn't mean the encrypted volume is not in use. Come to think of it, Windows + Laptop + Locked doesn't even mean it's not in use. The cold boot attack is also more useful against desktop machines because it's much easier to freeze up the memory good because you usually have unrestricted access to most of its surface area.
Example: I leave my computer calculating possible attack vectors for that exhaust port and lock the screen while I go make a coffee; it's going to take a couple of hours to compute, you see. I'm in the next room but it's possible that I am raided and the computer seized before I can get back to it and kill it off. In this case the key is very certainly loaded on the machine - either in RAM or cache, we can't be 100% sure. The key is also very certainly required to be there, and we can't cripple the machine with cache tricks because it's actually working on sensitive calculations. I'd suggest this is a likely scenario for most users of encrypted volumes.
Sure, if you were 250% paranoid you wouldn't walk away from your computer without first ensuring the key space in RAM was DoD wiped, but find me someone _that_ paranoid.
... so the solution to a cold boot attack is make your computer so damned slow that you don't want to use it. Therefore you won't want to create encrypted volumes to store your world domination plans anymore.
For obvious reasons, he wants to have administrator access to all of our systems (we are small enough that that is reasonable). At one point our info@ account started spewing spam and got our IP blacklisted for a couple of days. The reason? the boss had changed the stmp password to 4. He regularly demands that his employees give him their email passwords and proceeds to send email in their names. In general he is just a walking nightmare.
He doesn't need their email passwords to send email as them... all he needs is an open SMTP relay and a basic knowledge of his email settings. Of course I think he probably doesn't have that either.
Small business is all the same. I've colleagues who have been in similar scenarios at small companies.
I came from a company that was exactly the same. There was no IT security. The boss invited all his mates round on the weekends to thrash the high speed Internet connection and play games. They brought virus and spyware ridden Windows PCs in and just plugged them into the network. There wasn't a lot I could do about that. I made policy to stop him doing it, but he was the CEO and figured that policy doesn't apply to him. He wouldn't spring for a fully managed switch so I couldn't lock out unauthorized hardware addresses that way. You know what stopped it in the end? I turned off DHCP and put static IPs on all the machines in the building, including his laptop. Clueless enough that they couldn't figure it out.
This very same boss made it mandatory company policy to write your password down so he could access all your stuff. I ended up telling all the staff to not do that and all but one actually listened to me; until he threatened to fire everyone who didn't give him their password.
This was a company where the CEO was so paranoid about security, was totally clueless about how to get it but thought he knew everything (the most dangerous type of person) like most clueless users and completely ignored everything that I'd tell him about how to achieve it because he thought he knew better and it was also an inconvenience (like not being able to invite all his virus infected mates to work). Same CEO had a password that was the first one to come out of John... actually I've never seen a password come out in less than a minute before... until this guy.
Where I am now is better, but still not perfect. There's a lot of talk about putting half finished web application live on the Internet for all to see just so the customer can access it from wherever they are and show it off... security nightmare. I've got a bunch of Centos boxes that haven't been updated in months - nobody's even read the logs. I just picked up that mess to audit and patch. It's very slow going work.
And, like most corporations the people least able to make good decisions regarding IT/Engineering always rise to the top and those of us who are capable of making decisions are left sitting at the bottom "advising" and mostly being ignored by those who don't want to be inconvenienced by security. If you can find a company with a decent manager who is all about making GOOD decisions then stick with them.
y philosophy with this is always buy the extra drive/s when building the RAID/whatever.
The problem with that is some manager droid will see "6-drive array" on an inventory and see 8 drives on the purchase order for the 6 drive array. Said manager droid will snafu spare drives for some other application when you're not looking.
Failing that some bean counter will see 8 drives on the purchase order for a 6 drive array and request that you reduce the cost by removing all the "spare parts" because they can be ordered only if they are needed...
Don't believe me, try ordering more than you need and see if you get them or if they aren't snafu'd by a manager bot.
"Oh if it crashes and takes your primary business machine offline just email use the serial number and we'll email you a keygen^H^H^H^H^H^Hdetection tool then email us the output of the tool and well email you some other shit that only runs on X86 windows... oh you're running PPC Linux on an embedded appliance... too bad, so sad."
If you can't fumigate, masturbate... and it seems that's exactly what they're doing. Bloody wankers.
It gets messy. IRS issuing guidelines could clear up a lot of the messy details.
It's a freaking game!!! The guideline should be simple: There are no business expenses you can write off because it's a game, and if you do sell game stuff for real dollars we'll tax your non-virtual ass for it.
Seems pretty simple to me.
You're just jealous because you don't have a tank.
I'm jealous because I don't have a toxic waste dump!
Where I live you can claim all losses and costs incurred as a result of actually attending court. Also, there is an industry regulator which oversees such matters free of charge to me.
Not being allowed to see the closing statement for your account is quite a big deal if you are unsure of the balance they want paying.
I am still going through this with my phone company. They didn't send me the final bill then dropped the account with debt collectors. When I called up to request a bill they added a $5 charge and posted it to the wrong address, after putting me on hold for about an hour. A full day of my time later I finally got a correct payout figure from them; and it was worth a lot less than the lost income.
Suffice to say, it's going to court this year to recover my lost income for spending a full day chasing the issue and not being able to work, for having to avoid getting listed on the bad credit register.
My keyboard speaks SSL and my computer only trusts its cert. Any keylogger is useless against my keyboard because the data is encrypted in the middle and I would be warned if anyone was intercepting the data.
Well, It doesn't really but it's not such a bad idea given the current arms race between gumbiments with their power lust and the otherwise innocent people who they want to spy on.
"Is it illegal to take photos?" If they claim it is, then ask why they want you to delete evidence. If not ask them why they want you to delete lawfully taken photos.
And poof the police vanished in a puff of logic!
From the article:
the whole field of Web hangouts may be skittish about anything that might expose kids to nudity, said Lee Tien,
I think that's funny. They're so scared that kids might be exposed to nudity. I have one kid (boy, pre-school age). We went to the local pool yesterday. What do you think he sees in the changing room while we're showering and getting ready to go home? He'd certainly see a lot of boobs if his mother took him to the ladies change room instead of the men's.
He barely bats an eyelid and never says a word... he doesn't even notice it; nudity is natural and harmless to kids. It's adults who train them out of it and make them scared of it/excited by it.
I'm not sure which will be the bigger headache when my internet breaks: waiting in line at the new government internet office, or the feds knocking down my door when I visit a site that promotes something against their good christian morals.
Fixed that for you.
You're school's admins were morons
Um... they're school admins...
Now, I have seen P2P look like all sorts of things. It was very hard to block. Technical users keep finding the latest and greatest patches to different clients. I had P2P traffic that definitely looked like simple HTTP access passing through my proxy at my last job. It's hard to tell that application/octet-stream is a poorly configured web server or a torrent chunk without looking into it. Encrypted transfers make it even harder. It's designed to be hard to block, and the designers are constantly working hard to keep it that way.
That said, restricting it to passing via the proxy was actually enough to save our bandwidth costs because it was too hard for most of the Sector-L users to figure out. That's not to say that a block-all then allow HTTP access proxy was effective, but it worked well enough.
Let's not forget that, if a big important router was compromised (such as the one in charge of the carrier pigeon link between Downunderland and the rest of the world), the same things could be done.
Let's not forget that I use SSL to protect my banking and other details when logging into sites. The (dis)honourable Conroy wants to MITM SSL connections. Your average schmuck won't think twice about the certificate warnings when that happens. They'll take the path of least resistance ("let me in") and have their bank details decrypted in the proxy (not that they know that). Of course Joe Hacker has leveraged a known security exploit that went un patched because the proxy vendor charges for updates and is sniffing traffic. Joe Hacker has banking details, uses them, profits.
That's not even considering if they MITM in the proxy then the proxy is making the SSL request and could just as easily connect to a spoof site (DNS poisoning, anyone) and the user wouldn't receive a single warning before keying in their details.
I see this as pretty serious stuff here.
To add insult to injury, these pricks _could_ try and block access to legit downloads of browsers and SSL root certs; substituting them with their own root certs so nobody is any the wiser and all those pesky warnings that make SSL so useful go away. Of course we know that's impossible in practice, but I'm sure they'll get the bright idea.
Time to teach your friends GPG and get your public key outside of the country so you can securely receive root certs from time to time.
I have no knowledge in the subject and have no idea what I'm talking about but that should make this a good enough Slashdot comment.
You're going to fit in well here!
I want one, please deposit your financial donations on the plate. If 41,999,999 people each give me one dollar... and I chip in the remainder...
Tools > Options > E-mail Options > Tracking Options.
That's great if you're using Lookout. It's also great if your sysadmin didn't make a point of stripping receipt headers out of emails in transit.
I had a troublesome boss. He'd request receipts for every email he sent. He'd time the responses and use the delay as an excuse to yell at the staff (or suppliers, etc). I got the shits one day and just stripped out all the receipt headers in the MTA. Never got another receipt prompt and never heard another thing about it.
You could do what I am setting up.
1. Keep everything locally on a mirrored or striped RAID for reliability. That helps get back up quickly in the case of a single disk failure (most common failure mode). Periodically I copy everything from one array to a new one as I increase my available space.
2. Keep a removable hard disk on site and about once a week plug it in and back up to it. That helps secure your data in the case of power supply or controller failure of your main rig.
3. I am building a low power box to leave at a mate's place. We both have decent Internet connections and a new Wireless connection is on the way. Leave said box at mate's place and connect to it with a VPN. Write a bunch of scripts to encrypt everything that's changed since the last backup with my public GPG key (ie encrypt it to me) and upload the changed .gpg files to the remote server. This keeps my data safe in the case of theft from my house or fire or some other bad thing. The only thing I need to keep out of the backup regime and ensure that I don't lose is my GPG private key, which can be stored on 2 or more USB sticks and carried around with you on your key ring. It also pretty much negates the need for step 2.