so your saying that just because you are reducing the number of CA's (global trusted CA's now to the domain registrars) that while it makes the # of targets less does not remove the single point of failure?
i'd like to point out to you your own "Microsoft" example.. VeriSign who is Both a CA and a registrar has already in the past, before we had nearly as many registrars and ca's, given a code signing cert to unknown people for "Microsoft Corporation".
it's happened before and it will happen again, also note that while yes the mixed existing CA and DNSSEC is a hazard - DHSSEC will be very easy to bypass as long as clients support traditional DNS.
DNSEC is nice - it is helpful - it is useful - it is by no means a perfect answer to the current CA problem, and it does have the same single point of failure problem just of a different scale.
well there is one very really advantage to optics over wires.. and that is that there is an unlimited potential bandwidth - single mode fiber > any electrical conductor (excluding supper conductors)
from what i've seen in how they are doing copper cables vs using fiber.. this is nothing that new - it reminds me almost exactly of using SFP's/Mini-GBIC which for networking and the san world allow for both copper and fiber connections - and while not always cheap, that is mainly an attribute to the market they belong (enterprise class equipment).
i might be wrong but while i'm sure developing the underlying protocol and controller isn't cheap - it should have a simple interface to the cable. the controller should not have to care if it is going to travel over fiber or copper - that is the job of the transceivers..
I will say Chromes implementation seems a little harder to break out of than IE's.
personally i'll be happy when all of it goes away. My original response was to someone saying this is a step backwards in browser customization and function - to which i pointed to extensions filling the holes.
it isn't - DNSSEC in it's current incarnation has the exact same single point of failure as the current CA system.
Also DNSSEC is useless to a local MITM as long as clients support normal DNS as you can arp poison clients to believe you are their DNS server and respond with no DNSSEC records for the host and use your faked CA cert.
the point of the p2p traffic is that for a MITM to work they would have to intercept all points of trust, which while not impossible is far more difficult than exploiting a single point of failure.
i do agree with you that this about objects not extensions. but the person i was replying to was making it sound like it was a step backwards in making browsers have more freedom (i assume for the user). which falls into the extensions category.
my comment about raw code was more that adobe in IE works via activex.. something that never should have happened.. and i'm glad it's going away.
i'm sorry but do you not understand the basics of a Man In The Middle attack? and the value of a fake cert in that scenario?
in any decent MITM attack - if i'm trying to spoof google for you - then any request from you for google will go through me and i will respond with the right answer, currently under this scenario the 3rd party trusted CA on your local machine is the only way an end user has to verify that what i say is true or false.. compromising the CA in this case allows me to make a cert that your local machine will think what i say is true.
what you are wanting is something that Moxie Marlinspike thought up called convergence
Basically moving away from a single CA signing and allowing for more than one verification path. In this case the only way to MITM would be to compromise all of your trusts.
if you have successfully created a fake cert from a CA - the only people who can verify that it is rouge are:
A) the CA via audit on what they have issued (which might not show it as fake as it might be in their logs) B) the domain it says it's for, who ever owns it should be able to audit against their requested certs (for some places this might take awhile) C) the person who faked it.
Notice NONE of the people are the end users, a actual faked cert from a CA is indistinguishable from an authentic cert from the same CA to the end client. Hence the very real danger and very severe problem we are faced with.
But it is two (A LOT) and/. doesn't let you edit posts..
I'm so glad that a single missing space is more important to you then the discussion of weather the CA's we use to trust transactions on the internet are, well trustworthy.
problem is - for the people who break the CA's there is ALOT of money to be made. Very few people who that that chance would pass up the money to show the world that xCorp is corrupt.
yeap - and this is Intel - a company that knows how to play for the future (to an extent).. an example is Hyper Threading.. most people pass it off but honestly if you expect for it and optimize some things for it you can see ~80% increase in performance. Now the group that came up with it and started designing it - started their research in i believe 1992.
some companies know how to do R&D and some don't, Intel is one that does.
i can't seem to remember the name or find them via Google right now - but ~4 years ago i remember Intel launched a line of small HPC chassis that let you add up to 6-8 nodes in a custom made rack system (like blades but not as dense and allowed them to be cheaper). the benefit of them was that for about the same price as a home built 1-2u per node setup you got in a single box that came with built in networking/interconnect/back-plane and shared sas based san storage in the unit.
i remember we almost bought one here for a VM cluster but we found out after we had ordered a dedicated can unit.
i seem to remember it being priced fairly well, not sure if it would work for this person, but i'm mainly wondering if someone else can remember the product name/# because i'm drawing a blank.
there is a big difference between add-ons & gadgets & plugins.
if you look at FF & Chrome their extensions/add-ons work in a predefined and hopefully secure environment. IE"s "plug-ins" work at raw executable code level at the users permission level and there for can not easily be contained by the browser, hence how easy it is to use a hole in flash to infect the system.
MS would be stupid not to allow extensions/add-ons in the same manner that FF and Chrome and i believe Opera does. But killing "plug-ins" is by far a great decision for security and overall long-term usage.
ok i agree that slash advertisements are bad.. but to be fair.. Most of the desktop world runs Windows which is MS. and any news of an actual difference between current and expected version is actual news when it can effect ~2-4 billion people.
The only legit argument you have is doing a large-scale bios update in a corp/enterprise environment.
and to be fair with that, some vendors (i'm familiar with Intel on this one) already support it in a secure manner that does not require the user to do anything and isn't done at the OS level. Please look into Intel's AMT work.
even if it was smaller blade chassis the comment of dual gige ports per node is a cue in that theses are more than likely 1u boxes rather than even small blade units.
one thing i see all too often on the cheaper high density switches is a very real and too low limit on the switch fabric, too many people forget to look at that closely, also on some of them you have to look at it not just the total switch fabric rate but also at the switch block rate and the interlock rate (different than port to port speeds).
if the equipment is new then you are looking at ~2k per box (could be cheaper if they where using blades but as he is asking about interconnects it isn't)
1200 * 2k = $2.4m not counting the space to house it. because they aren't blades best case is 1u so ~30 racks if you can handle an incredible heat and power load per sqr/ft.,. more than likely need to double that or at least 1.5 it.. so 45-60 racks to house it and the associated data-center cost.
assuming it's an HPC it shouldn't need external bandwidth - if they where to rend space in a data center - the prices range from 35-75$ a month per U for the space and power no bandwidth. so 1200*[35-75] = 42k-90k a month in hosting/operating costs.
"Any boss without knowledge of IT but with an interest in 'cool stuff'" who authorizes $2.4m build and ~0.5-1m$ a year in operating costs on something that has no plan, has zero business being able to authorize purchases and should be removed from his job.
agreed - was just about to ask who was stupid enough to let someone buy that much hardware without an existing project/plan in place. and how can i get them to fund me and my start-up (don't have one now but you bring the cash i'll figure out something to do with it)
in this context perjury might also be part of the existing agreement between hotfile and WB.
in the normal process WB sends notice to hotfile who then has to look at content and make a judgement to pull or counter.
in this process it looks like WB pushed hotfile and hotfile made a tool so WB could pull them at will without hotfile having to review and make a judgement, in this agreement i can see hotfile putting all of the liability for falsely pulled files on WB.
till we see what comes out no one knows.. but it will defiantly be interesting based on what the article claims.
Slashdot Mirror
so your saying that just because you are reducing the number of CA's (global trusted CA's now to the domain registrars) that while it makes the # of targets less does not remove the single point of failure?
i'd like to point out to you your own "Microsoft" example.. VeriSign who is Both a CA and a registrar has already in the past, before we had nearly as many registrars and ca's, given a code signing cert to unknown people for "Microsoft Corporation".
http://technet.microsoft.com/en-us/security/bulletin/ms01-017
it's happened before and it will happen again, also note that while yes the mixed existing CA and DNSSEC is a hazard - DHSSEC will be very easy to bypass as long as clients support traditional DNS.
DNSEC is nice - it is helpful - it is useful - it is by no means a perfect answer to the current CA problem, and it does have the same single point of failure problem just of a different scale.
well there is one very really advantage to optics over wires.. and that is that there is an unlimited potential bandwidth - single mode fiber > any electrical conductor (excluding supper conductors)
from what i've seen in how they are doing copper cables vs using fiber.. this is nothing that new - it reminds me almost exactly of using SFP's/Mini-GBIC which for networking and the san world allow for both copper and fiber connections - and while not always cheap, that is mainly an attribute to the market they belong (enterprise class equipment).
i might be wrong but while i'm sure developing the underlying protocol and controller isn't cheap - it should have a simple interface to the cable. the controller should not have to care if it is going to travel over fiber or copper - that is the job of the transceivers..
I will say Chromes implementation seems a little harder to break out of than IE's.
personally i'll be happy when all of it goes away. My original response was to someone saying this is a step backwards in browser customization and function - to which i pointed to extensions filling the holes.
it isn't - DNSSEC in it's current incarnation has the exact same single point of failure as the current CA system.
Also DNSSEC is useless to a local MITM as long as clients support normal DNS as you can arp poison clients to believe you are their DNS server and respond with no DNSSEC records for the host and use your faked CA cert.
the point of the p2p traffic is that for a MITM to work they would have to intercept all points of trust, which while not impossible is far more difficult than exploiting a single point of failure.
do you see me saying that's a good idea?
just because one thing that should have never happened, happened, it doesn't justify the existence of something else that functions the same.
i do agree with you that this about objects not extensions. but the person i was replying to was making it sound like it was a step backwards in making browsers have more freedom (i assume for the user). which falls into the extensions category.
my comment about raw code was more that adobe in IE works via activex.. something that never should have happened.. and i'm glad it's going away.
i'm sorry but do you not understand the basics of a Man In The Middle attack? and the value of a fake cert in that scenario?
in any decent MITM attack - if i'm trying to spoof google for you - then any request from you for google will go through me and i will respond with the right answer, currently under this scenario the 3rd party trusted CA on your local machine is the only way an end user has to verify that what i say is true or false.. compromising the CA in this case allows me to make a cert that your local machine will think what i say is true.
what you are wanting is something that Moxie Marlinspike thought up called convergence
http://convergence.io/
Basically moving away from a single CA signing and allowing for more than one verification path. In this case the only way to MITM would be to compromise all of your trusts.
yes there is "protected mode" but has some flaws and relies on UAC to protect the user, that doesn't exactly work well.
if you have successfully created a fake cert from a CA - the only people who can verify that it is rouge are:
A) the CA via audit on what they have issued (which might not show it as fake as it might be in their logs)
B) the domain it says it's for, who ever owns it should be able to audit against their requested certs (for some places this might take awhile)
C) the person who faked it.
Notice NONE of the people are the end users, a actual faked cert from a CA is indistinguishable from an authentic cert from the same CA to the end client. Hence the very real danger and very severe problem we are faced with.
But it is two (A LOT) and /. doesn't let you edit posts..
I'm so glad that a single missing space is more important to you then the discussion of weather the CA's we use to trust transactions on the internet are, well trustworthy.
problem is - for the people who break the CA's there is ALOT of money to be made. Very few people who that that chance would pass up the money to show the world that xCorp is corrupt.
yeap - and this is Intel - a company that knows how to play for the future (to an extent).. an example is Hyper Threading.. most people pass it off but honestly if you expect for it and optimize some things for it you can see ~80% increase in performance. Now the group that came up with it and started designing it - started their research in i believe 1992.
some companies know how to do R&D and some don't, Intel is one that does.
personally i love that in the pictures of the box with the cards - they used a WD drive instead of an Intel drive in an Intel box..
i can't seem to remember the name or find them via Google right now - but ~4 years ago i remember Intel launched a line of small HPC chassis that let you add up to 6-8 nodes in a custom made rack system (like blades but not as dense and allowed them to be cheaper). the benefit of them was that for about the same price as a home built 1-2u per node setup you got in a single box that came with built in networking/interconnect/back-plane and shared sas based san storage in the unit.
i remember we almost bought one here for a VM cluster but we found out after we had ordered a dedicated can unit.
i seem to remember it being priced fairly well, not sure if it would work for this person, but i'm mainly wondering if someone else can remember the product name/# because i'm drawing a blank.
look at their GPU instances..
there is a big difference between add-ons & gadgets & plugins.
if you look at FF & Chrome their extensions/add-ons work in a predefined and hopefully secure environment. IE"s "plug-ins" work at raw executable code level at the users permission level and there for can not easily be contained by the browser, hence how easy it is to use a hole in flash to infect the system.
MS would be stupid not to allow extensions/add-ons in the same manner that FF and Chrome and i believe Opera does. But killing "plug-ins" is by far a great decision for security and overall long-term usage.
ok i agree that slash advertisements are bad.. but to be fair.. Most of the desktop world runs Windows which is MS. and any news of an actual difference between current and expected version is actual news when it can effect ~2-4 billion people.
The only legit argument you have is doing a large-scale bios update in a corp/enterprise environment.
and to be fair with that, some vendors (i'm familiar with Intel on this one) already support it in a secure manner that does not require the user to do anything and isn't done at the OS level. Please look into Intel's AMT work.
even if it was smaller blade chassis the comment of dual gige ports per node is a cue in that theses are more than likely 1u boxes rather than even small blade units.
one thing i see all too often on the cheaper high density switches is a very real and too low limit on the switch fabric, too many people forget to look at that closely, also on some of them you have to look at it not just the total switch fabric rate but also at the switch block rate and the interlock rate (different than port to port speeds).
if the equipment is new then you are looking at ~2k per box (could be cheaper if they where using blades but as he is asking about interconnects it isn't)
1200 * 2k = $2.4m not counting the space to house it. because they aren't blades best case is 1u so ~30 racks if you can handle an incredible heat and power load per sqr/ft.,. more than likely need to double that or at least 1.5 it.. so 45-60 racks to house it and the associated data-center cost.
assuming it's an HPC it shouldn't need external bandwidth - if they where to rend space in a data center - the prices range from 35-75$ a month per U for the space and power no bandwidth. so 1200*[35-75] = 42k-90k a month in hosting/operating costs.
"Any boss without knowledge of IT but with an interest in 'cool stuff'" who authorizes $2.4m build and ~0.5-1m$ a year in operating costs on something that has no plan, has zero business being able to authorize purchases and should be removed from his job.
looks like someone forgot to lock the marketing monkey back in his cage before they left the office.
agreed - was just about to ask who was stupid enough to let someone buy that much hardware without an existing project/plan in place. and how can i get them to fund me and my start-up (don't have one now but you bring the cash i'll figure out something to do with it)
in this context perjury might also be part of the existing agreement between hotfile and WB.
in the normal process WB sends notice to hotfile who then has to look at content and make a judgement to pull or counter.
in this process it looks like WB pushed hotfile and hotfile made a tool so WB could pull them at will without hotfile having to review and make a judgement, in this agreement i can see hotfile putting all of the liability for falsely pulled files on WB.
till we see what comes out no one knows.. but it will defiantly be interesting based on what the article claims.