I wonder how this'll affect older PCs? Aren't SSL communications with larger keys more processor-intensive than when using a smaller key?
It is just in initial RSA operations and does not effect cost to encrypt underlying data itself. Most everyone else had already upgraded to 2048 years ago.
I think it's time for a revision to the L2C, L1C and L5 civilian GPS specifications. It seems to me that messages on those signals should use public cryptography techniques to verify the authenticity and integrity of navigational data.... It should be sufficient to pretty much end spoofing once and for all.
You don't need to be able to generate false signals to defeat GPS. Fixes are based on time of flight of signals. Simply altering propogation delay is sufficient.
Not a skipper, but I do fly. If I was on the bridge, at some point I would have noticed that the Magnetic compass heading was not matching the GPS heading.
With currents and winds pushing yer ship around it rarely does. If done subtly enough it may well have been difficult to catch even if someone had been paying attention.
This seems to be about politics and or irrational fear. Components for modern laptops are sourced from all over the world any number of which could be capable of any number of wicked things. If your goal is to mitigate risk from foreign governments then simply picking a new laptop vendor is not an effective solution.
Why not produce your own computers on the NSA fab? You know...put it to use use for something other than spying on your own people.
I remember the good old days
on
Windows NT Turns 20
·
· Score: 3, Insightful
When every new release of NT brought with it new and useful features at least I was always excited to upgrade from 3.5 on till about 2K8.
Now nobody seems to care about technology anymore... It is all politics, marketeering and guarding the table to ensure no excess value is ever left upon it. Innovation is now measured by games with shells, errecting walled gardens and fresh paint of questionable quality. Sad to see so much potential go to waste.
Right now they have to hook directly into the odb plug to do this, the same person with that kind of physical access can do any number of nasty things to your car.
TFA asserts otherwise. Apparently onstar and integrated infotainment systems can obtain same access to CAN bus access as the OBD port.
They are more warning about the lack of security when this stuff becomes accessible remotely (cellular or otherwise wireless) that there are going to be serious security issues as anyone breaking into that remote access path can do serious things
Can the FBI or a spooktacular TLA simply request a US based CA hand over private keys used to generate an intermediate signing key?
If not why? Is the CA's "private key" not a "tangable thing" and I could imagine it would be quite helpful to a great number of "authorized investigations".
Planet scale trust anchors are an oxymoron anyway I suppose.
Every telecommunication company that operates within the United States is required by law to provide law enforcement access to communication streams on demand. It's called CALEA and all telecommunications companies are required by law to follow it.
CALEA applies to ISPs not content. Content was explicitly EXCLUDED from CALEA using the "information services" language.
CALEA also requires that encrypted communications be decrypted. This includes
It does no such thing. It requires ISP to hand over encryption keys it possesses to decrypt but there is no obligation if the ISP does not possess the key. Further CALEA applies to Access not Content. The FBI and others have been pushing to change that but such legislation is currently dead.
services like Skype(specifically). CALEA requires that Microsoft provide law enforcement access to the UNENCRYPTED streams of Skype communications, on demand.
Skype != website. A web site operator is providing an "information service" which is exempt from CALEA.
This is not new and, in light of the House vote yesterday, is not likely to change.
Except what the NSA is doing is blatently illegal even under the goddamn patriot act and government is currently being sued for it.
Collecting everyones information everywhere cannot possibly be relevant to an "authorized investigation". That would be like the police having reson to search everyones home without cause simply because based on only on global crime statistics statistically there is some probability the owner may in possession of illegal or stolen goods.
Bullshit. If the US government wants to break standard encryption, they have the resources to do so. At best, the telecoms crumbling under this demand would only reduce the required resources to spy on us.
There is no evidence NSA or anyone else posses any such technology to defeat high security cipher suites in SSL.
In many cases crypto is not the weakest link of the system and the other weaker links in the chain will be explioted first because they are easier to break.
People are sloppy, commonly used software libraries, operating systems, random number generators may contain subtle flaws. We have seen Internet wide SSL surveys with evidence of key collisions way more than what would be expected given the birthday paradox.
"Someone is trying to cut in front of you" or "The car in front of you seems to be getting too close too quickly".
Sometimes it feels like I'm living on a different planet. Isn't the above what eyeballs are meant for? Do I need a machine to tell me someone is cutting in front of me or getting too close?
If it is difficult to judge rate of change of speed and break lights are not enough you could always augment break lights to provide more information..make them flash or change color or something whenever someone decides to test their breaks.
Particularly when the driver is falling asleep either in your car, or the one coming right at you.
If a car is capable of detecting the asshole behind the wheel is falling asleep it is also capable of not letting that same asshole drive.
That's where you have to know that it's important to KNOW, but not necessarily to REACT to those events.
Every time you are warned about something you should have and would have known had you been paying attention the more your ability to drive is degraded. Idiot proofing often just yields better idiots.
A) Pay attention to the road? B) Pay attention to a beeping gadget? C) Not drive a bus full of little kids while sleepy?
Next question when NTSB calls for connected vechicle the following could reasonably be expected to result:
A) Unnecessary enrichment of industry lobbies B) Hacking or denial of technology for fun or mischief C) More regulation and costs for all D) Reduced emphasis on paying attention to WTF it is your doing. E) Enhanced surveillance state F) No actual improvement in safety G) All of the above
Does the NSA really have a problem decrypting SSL/TLS? I find it hard to believe that they do not have dedicated hardware with specialized processors that have been custom built to crack SSL/TLS.
SSL/TLS is not a single thing. There are literally hundreds of cipher suites defined that can be negotiated under the umbrella of "SSL/TLS".
Some are quite insecure by design, have known weaknesses while others have no known weaknesses and are cleared for use by NSA to protect US Secret and TS material.
There have been patches for TLS-SRP in chrome and firefox for years and they continue to sit for BS/political reasons.
Any site you can login may use TLS-SRP to establish a secure channel leveraging access credentials to establish trust rather than or in addition to PKI.
It does not solve everything but it does help to protect users not only from CA infrastructure compromise but also phishing attacks against users credentials. TLS-SRP derived session encryption keys provide PFS out of the box.
BUT under the latest SSL / TLS standard (only presently client side supported by Chrome) the encryption half of the secure connection can be performed by Diffie-Hellman key exchange and that would offer perfect forward security.
ECDH works on all current major browsers using only SSL3/TLSv1. It is web servers not setting temporary DH keys or failing to insist on their own cipher order rather than the browsers expressed preference which are the weak links.
Meaning that all a government with the private key can do is a MITM attack, and it is possible to spot that by using multiple IP path checking and other tests.
While the bar is certainly raised when PFS is used WRT wholesale easedropping activities...the above is not something one should count on being the case.
SO - Put pressure on your providers to support TLS with Diffie-Hellman, like Gmail and OpenSSL!!
When I think about management problems we have today they are almost entirely caused by unaddressed suckage in various layers of existing stack. Rather than fixing underlying problem people insist on adding new layers of complexity to workaround them.
It started with virtualization. Operating systems lacked the management and isolation features users needed. Rather than fixing the operating system just virtualize everything and run a whole shitload of images on one machine. Now instead of one system image to maintain you have a shitton of them and you have wasted great sums of storage, memory, management and compute resources all because you were too lazy to ask vendors to solve your origional problem.
Next we have capwap/openflow complex specifications intended to normalize configuration of all your network things. A lot of this is caused by IT chasing architectural fallacies such as "network security" and "redundancy". Layers upon layers of IDS, firewall and god knows what to "secure the network". The very concept of things like "internal network" or load balancers used for application redundancy are flawed, stupid and dangerous. What part of "insider threat" do people not understand?
Routers should be stupid devices which punt packets between interfaces. The error is placing complexity where it does not belong and then go have to go mask the repercussions of a poor choice with SDN cuz otherwise it is all just too hard to manage.
What would happen if for example rather than an expensive load balancer for a web farm browsers simply implemented a hueristic to pull multiple IPs out of DNS and use a delay timer to make make multiple connection attempts with term memory of failed requests and RTT feedback. You could effectivly mask a failure in the string group with little to no noticable delay until the failed system can be repaired or yanked from DNS.
The most detremental error I see repeated constantly is this notion the data tier, the network or the operating system is somehow responsible for the lack of scalability or availability of an application. This is fundementally bullshit. Systems must be DESIGNED to scale. Smoke and magic by a vendor only delay or mask underlying problems. We need smarter software not software defined gimmicks.
why defund the NSA, the NSA actually has a legimate mission which of course has nothing to do with spying on U.S. citizens. The job it is supposed to be doing is securing the communications of the U.S. government
There are two types of people in this world. Those who RTFA'd and those who did not.
"We do not use our foreign intelligence collection capabilities to steal the trade secrets of foreign companies in order to give American companies a competitive advantage."
No you just spy on friendly foreign governments to give American companies a competitive advantage. Nobody gives two shits about the moral difference.
"Thus, sifting through third party data doesnâ(TM)t qualifyâ"on a constitutional levelâ"as invasive to our personal privacy."
The very idea a constitutional protection would no longer be effectivly applicable to society simple because the particulars of technology which very few people understand or recognize has changed is illegitimate and unacceptable.
It is not just people fed up it is the second order effects upon large corporations who stand to lose business due to increase in numbers of customers much less willing to participate in a technological environment which imparts the same rights and expectation of privacy as a police state.
Your argument holds true for a special effects fest movie or video. This was neither. It was video of the aftermath of an actual, honest to God someone died MURDER
While I'm not wild about being tracked, I simply don't feel that I have an assumption of privacy while driving around on a public road.
I think this misses the point.
There seems to be a difference between being noticed in a public space where anyone including a LEO may note your presence and storing and aggregating records of all of your movements in "public" for all of time. Stalking for example is illegal in every state of the union.
What must be going through the minds of this poor woman's parents? Is that pain worth a shock to an increasingly cynical population? This was beyond the pale, and does corrupt public morals by desensitizing people to murder. The owner of the site deserves these charges.
See the problem here is others get to use the very same words to justify banning of a great number of tasteless things such as horror flicks, gratuitious violence in every movie worth seeing and public service announcements consisting of little kids taking great joy in dismembering a certain purple dinosaur.
It always comes down to your personally shocked by obscene behavior of others therefore you feeling justified in taking that logical leap therefore such behavior ought to be illegal.
I personally would feel better if rotton.com and every fucked up chick who digs that shit where fed to sharks... except the price of freedom is such that I must tolerate all manner of distasteful assholes in this country. When you take tolerance away the cure is worse than the disease. There are plenty of countries which enforce decency and respect thru state sanctioned violence you could move to if you felt so compelled.
You shouldn't have several concurrent TCP connections to the same host. Most browsers won't open more than two.
I disagree. I think you should have several concurrent connections to the same host to address HOL blocking over shitty links. With fast open the cost of doing this is cheaper.
Fast Open is an experimental draft with security flaws and packet duplication problems.
Most everything out of TCPM is experimental. HTTP 2.0 is also a draft so whats the difference? Fast open has been implemented.
As for duplicate connection/transmit possibility on data processed before handshake this is fine for http as transactional systems have to be able to deal with condition of dropped TCP session during exchange or presentation failure after receipt. This does not introduce any new problems http did not already have to deal with anyway.
TCP is a walking security issue so I'm left to guess what you are referring to. The cookie is stronger than existing id/syn protections. Any additional amplification or exhaustion attacks can be mitigated with hueristics like everything else.
Fast Start hasn't taken off since it was demonstrated 15 years ago.
Ditto for IPv6.
CRIME also applied to plain old HTTPS. That's been fixed. HTTP 2.0 has different header compression than SPDY that is explicitly designed to counter this attack.
What SPDY did was significantly more egregious than well known HTTPS information leakage vulnerabilities.
As long as it is limited to formatting, deduplication and prebaked key dictionaries I'm all for it. Any use of compression on key values gives away information about contents of the encrypted channel.
Slashdot Mirror
I wonder how this'll affect older PCs? Aren't SSL communications with larger keys more processor-intensive than when using a smaller key?
It is just in initial RSA operations and does not effect cost to encrypt underlying data itself. Most everyone else had already upgraded to 2048 years ago.
And what is an NM? I'll assume it's not nanometers.
A nautical mile (NM) represents one minute of arc on the planet of interest (POI).
1 degree longitude = 60 minutes of arc = 60 nautical miles. Latitude is all over the map except at the equator where it works the same as longitude.
On earth a nautical mile is 1.15 statute miles. .61 statute miles.
On mars a nautical mile is
Clearly he learned so much from his last flight
Mr Low loves his TOGA parties
I think it's time for a revision to the L2C, L1C and L5 civilian GPS specifications. ...
It seems to me that messages on those signals should use public cryptography techniques to verify the authenticity and integrity of navigational data.
It should be sufficient to pretty much end spoofing once and for all.
You don't need to be able to generate false signals to defeat GPS. Fixes are based on time of flight of signals. Simply altering propogation delay is sufficient.
Not a skipper, but I do fly. If I was on the bridge, at some point I would have noticed that the Magnetic compass heading was not matching the GPS heading.
With currents and winds pushing yer ship around it rarely does. If done subtly enough it may well have been difficult to catch even if someone had been paying attention.
This seems to be about politics and or irrational fear. Components for modern laptops are sourced from all over the world any number of which could be capable of any number of wicked things. If your goal is to mitigate risk from foreign governments then simply picking a new laptop vendor is not an effective solution.
Why not produce your own computers on the NSA fab? You know...put it to use use for something other than spying on your own people.
When every new release of NT brought with it new and useful features at least I was always excited to upgrade from 3.5 on till about 2K8.
Now nobody seems to care about technology anymore... It is all politics, marketeering and guarding the table to ensure no excess value is ever left upon it. Innovation is now measured by games with shells, errecting walled gardens and fresh paint of questionable quality. Sad to see so much potential go to waste.
Right now they have to hook directly into the odb plug to do this, the same person with that kind of physical access can do any number of nasty things to your car.
TFA asserts otherwise. Apparently onstar and integrated infotainment systems can obtain same access to CAN bus access as the OBD port.
They are more warning about the lack of security when this stuff becomes accessible remotely (cellular or otherwise wireless) that there are going to be serious security issues as anyone breaking into that remote access path can do serious things
"When this stuff" ??? This is 2013.
Can the FBI or a spooktacular TLA simply request a US based CA hand over private keys used to generate an intermediate signing key?
If not why? Is the CA's "private key" not a "tangable thing" and I could imagine it would be quite helpful to a great number of "authorized investigations".
Planet scale trust anchors are an oxymoron anyway I suppose.
What I wish....
FED, "Give us your encryption keys"
CORP: "EAD, DIAF!"
I have a dream...
CORP:(A)EAD, ECDH!
Every telecommunication company that operates within the United States is required by law to provide law enforcement access to communication streams on demand. It's called CALEA and all telecommunications companies are required by law to follow it.
CALEA applies to ISPs not content. Content was explicitly EXCLUDED from CALEA using the "information services" language.
CALEA also requires that encrypted communications be decrypted. This includes
It does no such thing. It requires ISP to hand over encryption keys it possesses to decrypt but there is no obligation if the ISP does not possess the key. Further CALEA applies to Access not Content. The FBI and others have been pushing to change that but such legislation is currently dead.
services like Skype(specifically). CALEA requires that Microsoft provide law enforcement access to the UNENCRYPTED streams of Skype communications, on demand.
Skype != website. A web site operator is providing an "information service" which is exempt from CALEA.
This is not new and, in light of the House vote yesterday, is not likely to change.
Except what the NSA is doing is blatently illegal even under the goddamn patriot act and government is currently being sued for it.
Collecting everyones information everywhere cannot possibly be relevant to an "authorized investigation". That would be like the police having reson to search everyones home without cause simply because based on only on global crime statistics statistically there is some probability the owner may in possession of illegal or stolen goods.
Bullshit. If the US government wants to break standard encryption, they have the resources to do so. At best, the telecoms crumbling under this demand would only reduce the required resources to spy on us.
There is no evidence NSA or anyone else posses any such technology to defeat high security cipher suites in SSL.
In many cases crypto is not the weakest link of the system and the other weaker links in the chain will be explioted first because they are easier to break.
People are sloppy, commonly used software libraries, operating systems, random number generators may contain subtle flaws. We have seen Internet wide SSL surveys with evidence of key collisions way more than what would be expected given the birthday paradox.
"Someone is trying to cut in front of you" or "The car in front of you seems to be getting too close too quickly".
Sometimes it feels like I'm living on a different planet. Isn't the above what eyeballs are meant for? Do I need a machine to tell me someone is cutting in front of me or getting too close?
If it is difficult to judge rate of change of speed and break lights are not enough you could always augment break lights to provide more information..make them flash or change color or something whenever someone decides to test their breaks.
Particularly when the driver is falling asleep either in your car, or the one coming right at you.
If a car is capable of detecting the asshole behind the wheel is falling asleep it is also capable of not letting that same asshole drive.
That's where you have to know that it's important to KNOW, but not necessarily to REACT to those events.
Every time you are warned about something you should have and would have known had you been paying attention the more your ability to drive is degraded. Idiot proofing often just yields better idiots.
Should a sleepy bus driver...
A) Pay attention to the road?
B) Pay attention to a beeping gadget?
C) Not drive a bus full of little kids while sleepy?
Next question when NTSB calls for connected vechicle the following could reasonably be expected to result:
A) Unnecessary enrichment of industry lobbies
B) Hacking or denial of technology for fun or mischief
C) More regulation and costs for all
D) Reduced emphasis on paying attention to WTF it is your doing.
E) Enhanced surveillance state
F) No actual improvement in safety
G) All of the above
Does the NSA really have a problem decrypting SSL/TLS? I find it hard to believe that they do not have dedicated hardware with specialized processors that have been custom built to crack SSL/TLS.
SSL/TLS is not a single thing. There are literally hundreds of cipher suites defined that can be negotiated under the umbrella of "SSL/TLS".
Some are quite insecure by design, have known weaknesses while others have no known weaknesses and are cleared for use by NSA to protect US Secret and TS material.
There have been patches for TLS-SRP in chrome and firefox for years and they continue to sit for BS/political reasons.
Any site you can login may use TLS-SRP to establish a secure channel leveraging access credentials to establish trust rather than or in addition to PKI.
It does not solve everything but it does help to protect users not only from CA infrastructure compromise but also phishing attacks against users credentials. TLS-SRP derived session encryption keys provide PFS out of the box.
BUT under the latest SSL / TLS standard (only presently client side supported by Chrome) the encryption half of the secure connection can be performed by Diffie-Hellman key exchange and that would offer perfect forward security.
ECDH works on all current major browsers using only SSL3/TLSv1. It is web servers not setting temporary DH keys or failing to insist on their own cipher order rather than the browsers expressed preference which are the weak links.
Meaning that all a government with the private key can do is a MITM attack, and it is possible to spot that by using multiple IP path checking and other tests.
While the bar is certainly raised when PFS is used WRT wholesale easedropping activities...the above is not something one should count on being the case.
SO - Put pressure on your providers to support TLS with Diffie-Hellman, like Gmail and OpenSSL!!
Ahmen.
When I think about management problems we have today they are almost entirely caused by unaddressed suckage in various layers of existing stack. Rather than fixing underlying problem people insist on adding new layers of complexity to workaround them.
It started with virtualization. Operating systems lacked the management and isolation features users needed. Rather than fixing the operating system just virtualize everything and run a whole shitload of images on one machine. Now instead of one system image to maintain you have a shitton of them and you have wasted great sums of storage, memory, management and compute resources all because you were too lazy to ask vendors to solve your origional problem.
Next we have capwap/openflow complex specifications intended to normalize configuration of all your network things. A lot of this is caused by IT chasing architectural fallacies such as "network security" and "redundancy". Layers upon layers of IDS, firewall and god knows what to "secure the network". The very concept of things like "internal network" or load balancers used for application redundancy are flawed, stupid and dangerous. What part of "insider threat" do people not understand?
Routers should be stupid devices which punt packets between interfaces. The error is placing complexity where it does not belong and then go have to go mask the repercussions of a poor choice with SDN cuz otherwise it is all just too hard to manage.
What would happen if for example rather than an expensive load balancer for a web farm browsers simply implemented a hueristic to pull multiple IPs out of DNS and use a delay timer to make make multiple connection attempts with term memory of failed requests and RTT feedback. You could effectivly mask a failure in the string group with little to no noticable delay until the failed system can be repaired or yanked from DNS.
The most detremental error I see repeated constantly is this notion the data tier, the network or the operating system is somehow responsible for the lack of scalability or availability of an application. This is fundementally bullshit. Systems must be DESIGNED to scale. Smoke and magic by a vendor only delay or mask underlying problems. We need smarter software not software defined gimmicks.
why defund the NSA, the NSA actually has a legimate mission which of course has nothing to do with spying on U.S. citizens. The job it is supposed to be doing is securing the communications of the U.S. government
There are two types of people in this world. Those who RTFA'd and those who did not.
"We do not use our foreign intelligence collection capabilities to steal the trade secrets of foreign companies in order to give American companies a competitive advantage."
No you just spy on friendly foreign governments to give American companies a competitive advantage. Nobody gives two shits about the moral difference.
"Thus, sifting through third party data doesnâ(TM)t qualifyâ"on a constitutional levelâ"as invasive to our personal privacy."
The very idea a constitutional protection would no longer be effectivly applicable to society simple because the particulars of technology which very few people understand or recognize has changed is illegitimate and unacceptable.
It is not just people fed up it is the second order effects upon large corporations who stand to lose business due to increase in numbers of customers much less willing to participate in a technological environment which imparts the same rights and expectation of privacy as a police state.
Shoot at these things enough and they will get equipped to shoot back. And their aim's a lot better
I can think of no better way to get all drone programs shut down post-haste.
Your argument holds true for a special effects fest movie or video.
This was neither.
It was video of the aftermath of an actual, honest to God someone died MURDER
What about rotton.com?
While I'm not wild about being tracked, I simply don't feel that I have an assumption of privacy while driving around on a public road.
I think this misses the point.
There seems to be a difference between being noticed in a public space where anyone including a LEO may note your presence and storing and aggregating records of all of your movements in "public" for all of time. Stalking for example is illegal in every state of the union.
What must be going through the minds of this poor woman's parents? Is that pain worth a shock to an increasingly cynical population? This was beyond the pale, and does corrupt public morals by desensitizing people to murder. The owner of the site deserves these charges.
See the problem here is others get to use the very same words to justify banning of a great number of tasteless things such as horror flicks, gratuitious violence in every movie worth seeing and public service announcements consisting of little kids taking great joy in dismembering a certain purple dinosaur.
It always comes down to your personally shocked by obscene behavior of others therefore you feeling justified in taking that logical leap therefore such behavior ought to be illegal.
I personally would feel better if rotton.com and every fucked up chick who digs that shit where fed to sharks... except the price of freedom is such that I must tolerate all manner of distasteful assholes in this country. When you take tolerance away the cure is worse than the disease. There are plenty of countries which enforce decency and respect thru state sanctioned violence you could move to if you felt so compelled.
You shouldn't have several concurrent TCP connections to the same host. Most browsers won't open more than two.
I disagree. I think you should have several concurrent connections to the same host to address HOL blocking over shitty links. With fast open the cost of doing this is cheaper.
Fast Open is an experimental draft with security flaws and packet duplication problems.
Most everything out of TCPM is experimental. HTTP 2.0 is also a draft so whats the difference? Fast open has been implemented.
As for duplicate connection/transmit possibility on data processed before handshake this is fine for http as transactional systems have to be able to deal with condition of dropped TCP session during exchange or presentation failure after receipt. This does not introduce any new problems http did not already have to deal with anyway.
TCP is a walking security issue so I'm left to guess what you are referring to. The cookie is stronger than existing id/syn protections. Any additional amplification or exhaustion attacks can be mitigated with hueristics like everything else.
Fast Start hasn't taken off since it was demonstrated 15 years ago.
Ditto for IPv6.
CRIME also applied to plain old HTTPS. That's been fixed. HTTP 2.0 has different header compression than SPDY that is explicitly designed to counter this attack.
What SPDY did was significantly more egregious than well known HTTPS information leakage vulnerabilities.
As long as it is limited to formatting, deduplication and prebaked key dictionaries I'm all for it. Any use of compression on key values gives away information about contents of the encrypted channel.