Re: [Cryptography] Today's XKCD is on password strength.
On Aug 10, 2011, at 10:12 AM, Perry E. Metzger wrote: Today's XKCD is on password strength. The advice it gives is pretty good in principle... http://xkcd.com/936/ You still need a password manager to remember which of the dozens of easily-remembered passwords you used, so you might as well just use the 20-character random generator they all have. Not bad for a stopgap if you're caught needing to make one up on the fly though. ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
Re: Haystack redux
On Wed, Sep 15, 2010 at 03:16:34AM -0700, Jacob Appelbaum wrote: [...] What Steve has written is mostly true - though I was not working alone, we did it in an afternoon. It took quite a bit of effort to get Haystack to take this seriously. Eventually, there was an internal mutiny because of a serious technical disconnect between the author Daniel Colascione and the supposed author, Austin Heap. Daniel has been a stand up guy about the issues discovered and he really the problem space that the tool created. Sadly, most of the issues discovered do not have easy fixes - this includes even discussing some of the very simple but serious design flaws discovered. This has to be the worst disclosure issue that I've ever had to ponder - generally, I'm worried about being sued by some mega corp for speaking some factual information to their users. In this case, I guess the failure mode for being open about details is ... much worse for those affected. :-( An interesting unintended consequence of the original media storm is that no one in the media enjoys being played; it seems that now most of the original players are lining up to ask hard questions. It may be too little and too late, frankly. I suppose it's better than nothing but it sure is a great lesson in popular media journalism failures. I'm wondering if someone could shed a little light on how this service acquired any real users in the first place, and whether anyone thinks that anyone in danger of death-should-the-service-be-compromised is actually (still) using it. I find it hard to believe that even the most uninformed dissidents would be using an untested, unaudited, _beta_, __foreign__ new service for anything. Is there any reason to believe otherwise? My first guess would have been that it was a government-sponsored honeypot, and I bet they're far more suspicious than I am. -- - Adam -- If you liked this email, you might also like: Here's a little bookmarklet for turning github into rdoc -- http://workstuff.tumblr.com/post/1036575859 Making Sous Vide Custard -- http://www.aquick.org/blog/2010/09/02/making-sous-vide-custard/ Sous Vide Custard -- http://www.flickr.com/photos/fields/4951823152/ fields: Storm Troopers and Red Shirts: http://www.shoeboxblog.com/?p=18747; -- http://twitter.com/fields/statuses/24586133537 -- ** I design intricate-yet-elegant processes for user and machine problems. ** Custom development project broken? Contact me, I can help. ** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff [ http://www.adamfields.com/resume.html ].. Experience [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Five Theses on Security Protocols
On Sat, Jul 31, 2010 at 12:32:39PM -0400, Perry E. Metzger wrote: [...] 3 Any security system that demands that users be educated, i.e. which requires that users make complicated security decisions during the course of routine work, is doomed to fail. [...] I would amend this to say which requires that users make _any_ security decisions. It's useful to have users confirm their intentions, or notify the user that a potentially dangerous action is being taken. It is not useful to ask them to know (or more likely guess, or even more likely ignore) whether any particular action will be harmful or not. -- - Adam -- If you liked this email, you might also like: Some iPad apps I like -- http://workstuff.tumblr.com/post/680301206 Sous Vide Black Beans -- http://www.aquick.org/blog/2010/07/28/sous-vide-black-beans/ Sous Vide Black Beans -- http://www.flickr.com/photos/fields/4838987109/ fields: Readdle turns 3: Follow @readdle, RT to win an #iPad. $0.99 for any ap... -- http://twitter.com/fields/statuses/20072241887 -- ** I design intricate-yet-elegant processes for user and machine problems. ** Custom development project broken? Contact me, I can help. ** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff [ http://www.adamfields.com/resume.html ].. Experience [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: GSM eavesdropping
On Mon, Aug 02, 2010 at 04:55:04PM +0100, Adrian Hayter wrote: In a related story, hacker Chris Paget created his own cell-phone base station that turned off encryption on all devices connecting to it. The station then routes the calls through VoIP. http://www.wired.com/threatlevel/2010/07/intercepting-cell-phone-calls/ Apropos the theses thread, this article contains mention of an interesting security feature: 'Although the GSM specifications say that a phone should pop up a warning when it connects to a station that does not have encryption, SIM cards disable that setting so that alerts are not displayed' That would be an example of a bad security tradeoff with the intended result of not bugging the user about something over which they have neither control nor recourse, but with the actual result of opening a significant security hole. The incentives are also all misaligned here. Presumably the right thing to do is refuse to connect to any unencrypted towers, but assuming that there are some legitimate ones out in the wild, the net effect is probably just worse service for the end user. The user has no way to tell the difference, which is of course the point of using encryption in the first place. -- - Adam -- If you liked this email, you might also like: Some iPad apps I like -- http://workstuff.tumblr.com/post/680301206 Sous Vide Black Beans -- http://www.aquick.org/blog/2010/07/28/sous-vide-black-beans/ Sous Vide Black Beans -- http://www.flickr.com/photos/fields/4838987109/ fields: Readdle turns 3: Follow @readdle, RT to win an #iPad. $0.99 for any ap... -- http://twitter.com/fields/statuses/20072241887 -- ** I design intricate-yet-elegant processes for user and machine problems. ** Custom development project broken? Contact me, I can help. ** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff [ http://www.adamfields.com/resume.html ].. Experience [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Best practices for storing and using 3rd party passwords?
I'm looking for a best practices guide (for a system architecture) or case studies for how best to handle storing and using 3rd party passwords. Specifically, I'm interested in the case where a program or service needs to store a password in such a way that it can be used (presented to another service on behalf of the user), which precludes using a hash or other obfuscated password. Obviously this is a security risk, but I'm looking for ways to minimize that risk, and tips on how to design a system that can use those passwords as it needs to but still minimize the chances of passwords being compromised. (I understand that storing passwords is not in itself a great idea, but in practice it's still required to access some web services where OAuth or the like is not yet supported.) Does anyone have a good reference for this? -- - Adam -- If you liked this email, you might also like: HTML5 presentation in HTML5 -- http://workstuff.tumblr.com/post/535889471 Cooking at home is different -- http://www.aquick.org/blog/2009/10/15/cooking-at-home-is-different/ Brooklyn Botanic Garden -- http://www.flickr.com/photos/fields/4520236537/ fields: @jacqui Get an ez-pay metrocard and never worry about refilling or los... -- http://twitter.com/fields/statuses/12888949847 -- ** I design intricate-yet-elegant processes for user and machine problems. ** Custom development project broken? Contact me, I can help. ** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff [ http://www.adamfields.com/resume.html ].. Experience [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: FileVault on other than home directories on MacOS?
On Mon, Sep 21, 2009 at 04:57:56PM -0400, Steven Bellovin wrote: Is there any way to use FileVault on MacOS except on home directories? I don't much want to use it on my home directory; it doesn't play well with Time Machine (remember that availability is also a security property); besides, different directories of mine have different sensitivity levels. I suppose I could install TrueCrypt (other suggestions or comments on TrueVault?), but I prefer to minimize the amount of extra software I have to maintain. You can just create a regular encrypted disk image using Disk Utility (and set it to auto-mount using Finder if you want). - Adam -- ** I design intricate-yet-elegant processes for user and machine problems. ** Custom development project broken? Contact me, I can help. ** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff [ http://workstuff.tumblr.com ] ... Technology Blog [ http://www.aquick.org/blog ] Personal Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.twitter.com/fields ].. Twitter [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Tue, Mar 03, 2009 at 12:26:32PM -0500, Perry E. Metzger wrote: Quoting: A federal judge has ordered a criminal defendant to decrypt his hard drive by typing in his PGP passphrase so prosecutors can view the unencrypted files, a ruling that raises serious concerns about self-incrimination in an electronic age. http://news.cnet.com/8301-13578_3-10172866-38.html The privacy issues are troubling, of course, but it would seem trivial to bypass this sort of compulsion by having the disk encryption software allow multiple passwords, each of which unlocks a different version of the encrypted partition. When compelled to give out your password, you give out the one that unlocks the partition full of kitten and puppy pictures, and who's to say that's not all there is on the drive? Is there any disk encryption software for which this is common practice? -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://workstuff.tumblr.com ] ... Technology Blog [ http://www.aquick.org/blog ] Personal Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.twitter.com/fields ].. Twitter [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Tue, Mar 03, 2009 at 01:20:22PM -0500, Perry E. Metzger wrote: Adam Fields cryptography23094...@aquick.org writes: The privacy issues are troubling, of course, but it would seem trivial to bypass this sort of compulsion by having the disk encryption software allow multiple passwords, each of which unlocks a different version of the encrypted partition. This sort of thing has been discussed for a long time, but I doubt that would work in practice. Law is not like software. Judges operate on reasonableness, not on literal interpretation. If it was reasonably obvious that you were using software like that and probably not cooperating, the judge would just throw you in jail for contempt of court anyway. I don't see how it would be reasonably obvious, especially if lots of disk encryption packages started offering multiple partitions as a transparent option. All you'd see is a bunch of random bits on the disk and a password prompt. They ask you for the password, you put up a fight, and then ultimately relent and give it to them when they insist. When compelled to give out your password, you give out the one that unlocks the partition full of kitten and puppy pictures, and who's to say that's not all there is on the drive? Well, it should be clear that any such scheme necessarily will produce encrypted partitions with less storage capacity than one with only one set of cleartext. You can't magically store 2N bytes in an N byte drive -- something has to give. It should therefore be reasonably obvious from partition sizes that there is something hidden. I don't see how you could tell the difference between a virtual 40GB encrypted padded partition and 2 virtual 20GB ones. Many virtual disk implementations will pre-allocate the space. Is there some reason why filling the empty space with random garbage wouldn't mask the fact that there were actually multiple partitions in there? There's no law that says your empty disk space has to actually be empty. (Yet.) In any case, unless you're really very energetic about it, it will be obvious from things like access times and other content clues (gee, why is there nothing in the browser cache from the current year?) that what is there is not the real partition you use day to day. I think we're talking about a straight data storage partition here. It doesn't seem to hard to have something touch random files on a regular basis. Regardless, that seems like a weak complaint - all you have to do is log into the other partition once a week and use it to browse cuteoverload or something. But, most importantly, you haven't given a good reason not to offer this as a standard option. Maybe it wouldn't work, but maybe it would. -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://workstuff.tumblr.com ] ... Technology Blog [ http://www.aquick.org/blog ] Personal Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.twitter.com/fields ].. Twitter [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: NSA offering 'billions' for Skype eavesdrop solution
On Fri, Feb 13, 2009 at 11:24:35AM -0500, Steven M. Bellovin wrote: Counter Terror Expo: News of a possible viable business model for P2P VoIP network Skype emerged today, at the Counter Terror Expo in London. An industry source disclosed that America's supersecret National Security Agency (NSA) is offering billions to any firm which can offer reliable eavesdropping on Skype IM and voice traffic. http://www.theregister.co.uk/2009/02/12/nsa_offers_billions_for_skype_pwnage/ Of course, this could just be a smokescreen to try to convince people that they can't already do it. The voice traffic may be hard to break, but the fact that every client can download my entire IM history when logging into a new machine kind of kills the it's p2p so we can't track it argument. Those messages are stored somewhere. -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://workstuff.tumblr.com ] ... Technology Blog [ http://www.aquick.org/blog ] Personal Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.twitter.com/fields ].. Twitter [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Voting machine security
On Mon, Aug 18, 2008 at 10:16:02AM -0700, Paul Hoffman wrote: [...] Essentially no one would argue that is is quite expensive. I suspect that nearly everyone in the country would be happy to pay an additional $1/election for more reliable results. Without seeing all of the expense (and likely inability) of securing and ensuring the proper count from the machine, people look at the problem and go computers are good at counting things fast and people aren't, so it must therefore be massively cheaper to have a computer do the count. If you're just talking about summing a few lists, that's true. But of course, no one who doesn't work for a voting machine company is just talking about summing a few lists. The idea that after you factor in everything, it might actually be cheaper to have people do it after all, is a very difficult one for many people to even conceptualize. Progress demands that computers do all menial tasks. -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder [ http://www.aquick.org/blog ] Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].Wiki - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Exploiting network card firmware
I didn't see Ben forward this himself, but it's definitely relevant to the discussion of malware hiding in hardware: Without needlessly boring everyone with the various steps allow me to share an interesting observation: drivers often assume the hardware is misbehaved but never malicious. It is fascinating to discover what can be done by making the hardware malicious. [...] 3) from 1 2 above, after about two years, I've reached my goal of writing a totally transparent firewall bypass engine for those firewalls which are PC-based: you simply overwrite the firmware in both NICs and then perform PCI-to-PCI transfers between the two cards for suitably formatted IP packets (modern NICs have IP offload engines in hardware and therefore can trigger on incoming and outgoing packets). The Jedi Packet Trick (sorry, couldn't resist) fools, amongst others, CheckPoint FW-1, Linux-based Strongwall, etc. This is of course obvious as none of them check PCI-to-PCI transfers, 4) I have extended the technique to provide VM escape support: one writes packets from a bridged guest into the network which initiates the NIC firmware update, updates the firmware and then the NIC firmware is used to inject code into the underlying VM host. The requirement to write to the network is then dropped as all that is required is the pivoting in the NIC firmware. http://www.links.org/?p=330 -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder [ http://www.aquick.org/blog ] Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].Wiki - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Designing and implementing malicious hardware
On Sat, Apr 26, 2008 at 02:33:11AM -0400, Karsten Nohl wrote: [...] Assuming that hardware backdoors can be build, the interesting question becomes how to defeat against them. Even after a particular triggering string is identified, it is not clear whether software can be used to detect malicious programs. It almost appears as if the processor would need a hardware-based virus-scanner or sorts. This scanner could be simple as it only has to match known signatures, but would need have access to a large number of internal data structures while being developed by a completely separate team of designers. Wouldn't it be fun to assume that these are already present in all sorts of devices? -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder [ http://www.aquick.org/blog ] Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].Wiki - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Interesting bit of a quote
On Tue, Jul 11, 2006 at 01:02:27PM -0400, Leichter, Jerry wrote: [...] Business ultimately depends on trust. There's some study out there - I don't recall a reference - that basically finds that the level of trust is directly related to the level of economic success of an economy. There are costs associated with verification, some of them easily quantifiable, some of them much harder to pin down. The difficulty is in making the tradeoffs. We're now pushing way over on the verification side, in a natural reaction to a series of major frauds and scandals. Trust is not quite the opposite of security (in the sense of an action, not as a state of being), but certainly they're mutually exclusive. If you have trust, you have no need for security. Personally, given the choice, I'd rather have trust. I think that this is a distinction that could be made more often when deciding on how to implement a security system. -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://www.aquick.org/blog ] Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].Wiki - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Greek officials were tapped using law enforcement back door
On Thu, Mar 23, 2006 at 09:30:30AM -0500, Perry E. Metzger wrote: A while ago, you may recall that members of the Greek government were wiretapped, and at the time, I speculated that the bad guys may have abused the built in CALEA software in the switch to do it. Well, it now appears that that was precisely what happened. Unfortunately, the article below is short on detail -- anyone have access to primary sources? (I know there are at least a couple of Greek cryptographers on this list...) http://www.deccanherald.com/deccanherald/mar162006/update71652006316.asp Schneier posted this a few weeks ago: http://www.schneier.com/blog/archives/2006/03/more_on_greek_w.html -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://www.aquick.org/blog ] Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].Wiki - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: thoughts on one time pads
On Thu, Jan 26, 2006 at 06:09:52PM -0800, bear wrote: [...] Of course, the obvious application for this OTP material, other than text messaging itself, is to use it for key distribution. Perhaps I missed something, but my impression was that the original post asked about how a CD full of random data could be used as a key distribution mechanism. -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.everylastounce.com ] [ http://www.aquick.org/blog ] Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].Wiki [ http://del.icio.us/fields ] . Links - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: A small editorial about recent events.
On Sun, Dec 18, 2005 at 07:55:57PM -0500, Steven M. Bellovin wrote: [...] The Court also noted that Congress rejected an amendment which would have authorized such governmental seizures in cases of emergency. Given that the Patriot Act did amend various aspects of the wiretap statute, it's hard to understand how the administration's reading is justified in any way, shape, or form. There's some speculation that FISA could not have provided authorization for the wiretaps, because what they were doing were not actually directed wiretaps, but instead search-and-discard-negatives. Josh Marshall has some analysis: http://www.talkingpointsmemo.com/archives/007286.php http://www.talkingpointsmemo.com/archives/007290.php and discussion here: http://www.tpmcafe.com/story/2005/12/19/20530/546 Here's Rockefeller's handwritten letter to Cheney, in which he says As I reflected on the meeting today, and the future we face, John Poindexter's TIA project sprung to mind. http://talkingpointsmemo.com/docs/rock-cheney1.html -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.everylastounce.com ] [ http://www.aquick.org/blog ] Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.aquicki.com/wiki ].Wiki [ http://del.icio.us/fields ] . Links - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: spyware targets bank customers. news at 11.
On Wed, Aug 10, 2005 at 04:11:31PM +0200, Florian Weimer wrote: * Perry E. Metzger: A major identity theft ring has been discovered that affects up to 50 banks, according to Sunbelt Software, the security company that says it uncovered the operation. The operation, which is being investigated by the FBI, is gathering personal data from thousands of machines using keystroke-logging software, Sunbelt said Monday. http://news.com.com/ID+theft+ring+hits+50+banks%2C+firm+says/2100-7349_3-5823591.html I should point out that most players in the field don't rush to the press with their findings, in order not to impact a pending law enforcement investigation. They stated on their blog that they only did so because they couldn't get anyone's attention in law enforcement, and now that the FBI is involved, they're not saying anything else (and yes, their actions are being questioned in the comments). http://sunbeltblog.blogspot.com/2005/08/massive-identity-theft-ring.html http://sunbeltblog.blogspot.com/2005/08/more-on-identity-theft-ring.html Except that while I've written the above I've noticed a followup which has more details and says they're going to have a fix today: http://sunbeltblog.blogspot.com/2005/08/keylogger-from-hell.html -- - Adam ** I can fix your database problems: http://www.everylastounce.com/mysql.html ** Blog... [ http://www.aquick.org/blog ] Links.. [ http://del.icio.us/fields ] Photos. [ http://www.flickr.com/photos/fields ] Experience. [ http://www.adamfields.com/resume.html ] Product Reviews: .. [ http://www.buyadam.com/blog ] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: NY Times article on biometrics and border control
On Wed, Aug 10, 2005 at 01:24:07PM -0400, Perry E. Metzger wrote: Thought this would be of some interest. Unfortunately, the article will not be visible after a few days, thanks to the NY Times' policies, and can only be viewed if you register. :( WASHINGTON | August 10, 2005 Hurdles for High-Tech Efforts to Track Who Crosses Borders By ERIC LIPTON The government's effort to collect biometric data to track foreigners visiting the U.S. has fallen far short of its goals. http://www.nytimes.com/2005/08/10/politics/10biometrics.html This link will continue to work: http://www.nytimes.com/2005/08/10/politics/10biometrics.html?ex=1281326400en=42aa99a66a58b368ei=5090partner=rssuserlandemc=rss (From the NYT link generator: http://nytimes.blogspace.com/genlink ) -- - Adam ** I can fix your database problems: http://www.everylastounce.com/mysql.html ** Blog... [ http://www.aquick.org/blog ] Links.. [ http://del.icio.us/fields ] Photos. [ http://www.flickr.com/photos/fields ] Experience. [ http://www.adamfields.com/resume.html ] Product Reviews: .. [ http://www.buyadam.com/blog ] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: New Credit Card Scam (fwd)
On Mon, Jul 11, 2005 at 09:37:36PM +, Jason Holt wrote: I remember the first time a site asked for the number on the back of my credit card. It was a Walmart or Amazon purchase, and with no warning they redirected me to some site with a questionable domain. I thought for sure my session was being hijacked, and my bank had given me no idea what the number was for or whether it was something I was supposed to give out. The 3-digit code is stupid. It protects against one thing and one thing only - someone getting an imprint of the card without copying down the 3-digit number. But only if you never give it out. According to at least several credit card companies, it's supposed to be okay for you to give this code out to vendors when you make a purchase. To me, this is closely related to the discussions we have here about web browser security semantics. With a very good understanding of the underlying PKI, we can usually sort out secure from suspicious site behaviors with some discussion, but how is the average user (or even the average engineer) supposed to cope? Is there a standard or even just a document somewhere that defines best practices for both server and user behavior with respect to SSL web sites and credit card transactions? Or are we leaving them to forward emails to each other warning them not to give out their 3-digit codes over the phone, and that they had better make sure their Dell doesn't have a DHS keylogger installed... But it's so much worse than that. Not only is there no standard behavior, the credit companies themselves have seemingly gone out of their way to make it impossible for there to be any potential for a standard. -- - Adam ** I can fix your database problems: http://www.everylastounce.com/mysql.html ** Blog... [ http://www.aquick.org/blog ] Links.. [ http://del.icio.us/fields ] Photos. [ http://www.flickr.com/photos/fields ] Experience. [ http://www.adamfields.com/resume.html ] Product Reviews: .. [ http://www.buyadam.com/blog ] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Why Blockbuster looks at your ID.
On Fri, Jul 08, 2005 at 12:19:38PM -0400, Perry E. Metzger wrote: [...] Actually, the people who would have to pay the investment -- the banks and merchants -- have an excellent incentive. The loss because of fraud is stunningly large. The real issue is that *consumers* have little incentive to cooperate with such a system, because thanks to the regulations, they suffer virtually no losses if their accounts are hijacked. As I understand it, the merchants bear the entire cost of fraud - the banks bear almost none - and thus the consumers end up paying for it indirectly through higher prices. The merchants, however, have very little control over the infrastructure, which is provided by the banks, who have little incentive to actually control fraud because they would bear all of the costs of such, and none of the risk is theirs. So the assertion is that consumers and banks have little incentive to cooperate with such a system, but (some of***) the merchants REALLY WANT it. However, the system is useless if the consumers don't have it, and the banks have no incentive to give something to consumers that's better, because it would cost them money and save them money that they can currently simply charge the merchants for (fraud). *** The merchants can be divided into two groups - most of them who have not been bitten by fraud and will continue to try to pay as little as possible for credit processing services regardless of the risk because every little bit eats more into their profit, and those who have been bitten by fraud, understand the risks, and will go for paying for for a service that frees them from additional liability. Consumers, on the other hand, still have limited incentive to participate. I'd suspect the NewBanks(TM) would simply have to lure them with lower interest rates, which they'd find hard to do because it would cut into their profits, making it difficult to pay for all of the additional infrastructure they'd need to build. The system is, of course, pretty much worthless if it's not in the hands of the vast majority of consumers. As I said, any sea change like this has to either replace the traditional credit granting/honoring agencies, or take away enough of their business that they have no choice but to go along with it. Assuming that they don't use their considerable existing wealth and influence to simply make the new products illegal from the get go. -- - Adam ** I can fix your database problems: http://www.everylastounce.com/mysql.html ** Blog... [ http://www.aquick.org/blog ] Links.. [ http://del.icio.us/fields ] Photos. [ http://www.aquick.org/photoblog ] Experience. [ http://www.adamfields.com/resume.html ] Product Reviews: .. [ http://www.buyadam.com/blog ] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Citibank discloses private information to improve security
On Sat, May 28, 2005 at 10:47:56AM -0700, James A. Donald wrote: [..] With bank web sites, experience has shown that only 0.3% of users are deterred by an invalid certificate, probably because very few users have any idea what a certificate authority is, what it does, or why they should care. (And if you have seen the experts debating what a certificate authority is and what it certifies, chances are that those few who think they know are wrong) Moreover, in my experience (as I've mentioned before on this list), noticing an invalid certificate is absolutely useless if the banks won't verify via another channel a) that it changed, b) what the new value is or c) what the old value is. I've tried. They won't/can't. Do we have any comparable experience on SSH logins? Existing SSH uses tend to be geek oriented, and do not secure stuff that is under heavy attack. Does anyone have any examples of SSH securing something that was valuable to the user, under attack, and then the key changed without warning? How then did the users react? Every time this has happened to someone I know who uses SSH, it's been immediate cause for alarm, causing a phone call to the person who administers the box asking what the? did you reinstall the OS again?. -- - Adam ** I can fix your database problems: http://www.everylastounce.com/mysql.html ** Blog... [ http://www.aquick.org/blog ] Links.. [ http://del.icio.us/fields ] Photos. [ http://www.aquick.org/photoblog ] Experience. [ http://www.adamfields.com/resume.html ] Product Reviews: .. [ http://www.buyadam.com/blog ] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Encryption plugins for gaim
On Tue, Mar 15, 2005 at 12:54:19PM -0600, Peter Saint-Andre wrote: Why not help us make Jabber/XMPP more secure, rather than overloading AIM? With AIM/MSN/Yahoo your account will always exist at the will of Unfortunately, I already have a large network of people who use AIM, and they all each have large networks of people who use AIM. Many of them still use the AIM client. Getting them to switch to gaim is feasible. Getting them to switch to Jabber is not. However, getting them to switch to gaim first, and then ultimately Jabber might be an option. Frankly, the former is more important to me in the short term. AOL, whereas with XMPP you can run your own server etc. Unfortunately Does can == have to? From what I remember of trying to run Jabber a few years ago, it did. the original Jabber developers did not build encryption in from the beginning and the existing methods have not been implemented widely (OpenPGP over Jabber) or are not very Jabberish (RFC 3923), so we need to improve what we have. Contributions welcome. See here for pointers: http://www.saint-andre.com/blog/2005-03.html#2005-03-15T11:23 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Encryption plugins for gaim
On Tue, Mar 15, 2005 at 02:47:35PM -0500, Ian Goldberg wrote: this is actually a very good solution for me. The only thing I don't like about it is that it stores the private key on your machine. I understand why that is, but it also means that if you switch machines with the same login (home/work), you have to reverify the fingerprint out of band (assuming you care enough to do that in the first place). You can also just copy your otr.private_key file around. See, for example, http://chris.milbert.com/AIM_Encryption/ It would be helpful if you could specify the location of the private key file, so then it could be on a thumb drive or something similar. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
On Thu, Feb 10, 2005 at 06:24:46PM -0500, Steven M. Bellovin wrote: [...] One member of this mailing list, in a private exchange, noted that he had asked his bank for their certificate's fingerprint. My response was that I was astonished he found someone who knew what he was talking about. [...] I wrote on this list, in June 2003, the last time we had this conversation (regarding a similar plugin called SSLBar): Maybe this is a stupid question, but exactly how are you supposed to use this information to verify a cert? I've done an informal survey of a few financial institutions whose sites use SSL, and the number of them that were able to provide me with a fingerprint over the phone was exactly zero. Which bank was that person you mention talking to? -- - Adam - ** My new project -- http://www.visiognomy.com/daily ** Flagship blog -- http://www.aquick.org/blog Hire me: [ http://www.adamfields.com/Adam_Fields_Resume.htm ] Links: [ http://del.icio.us/fields ] Photos: [ http://www.aquick.org/photoblog ] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Passwords can sit on disk for years
Tal Garfinkel (related to Simpson?) is a Stanford PHD student who has put together a working model for tracking tainted data stored in RAM in various popular applications. This is the first mention I've seen of this - interesting stuff. http://www.newscientist.com/news/news.jsp?id=ns5064 Abstract here: http://forum.stanford.edu/events/workshop/security/abstract/garfinkel.html -- - Adam - http://www.adamfields.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Article on passwords in Wired News
On Sat, Jun 05, 2004 at 10:06:20AM +0530, Udhay Shankar N wrote: Citibank in India experimented with a special case of this a few years ago - online credit cards - basically, a credit card number valid for one use only, which would be ideal for online purchasing. IIRC, the offering was withdrawn because there weren't enough takers. American Express still does this, although it's difficult to find and use. They call it Private Payments. -- - Adam - http://www.adamfields.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Yahoo releases internet standard draft for using DNS as public key server
On Thu, May 20, 2004 at 10:07:43AM -0400, R. A. Hettinga wrote: [...] yahoo draft internet standard for using DNS as a public key server http://www.ietf.org/internet-drafts/draft-delany-domainkeys-base-00.txt This sounds quite a lot like the ideas outlined in a paper I co-authored in 1995, proposing the idea of a trustmaster for each domain, keyed to the DNA hierarchy. http://www.hedge.net/fields/projects/trust/trust.pdf http://www.hedge.net/fields/projects/trust/trustfig.pdf -- - Adam - http://www.adamfields.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: voting, KISS, etc.
On Fri, Apr 09, 2004 at 12:46:47PM -0400, Perry E. Metzger wrote: I think that those that advocate cryptographic protocols to ensure voting security miss the point entirely. [...] I'm a technophile. I've loved technology all my life. I'm also a security professional, and I love a good cryptographic algorithm. Please keep technology as far away as possible from the voting booth -- it will make everyone a lot safer. Hear, hear! As the supposed experts, how do we get the idea out of people's heads that making everything electronic and automated is somehow intrinsically better, regardless of the actual risks and benefits of doing so? -- - Adam - http://www.adamfields.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: New toy: SSLbar
On Fri, Jun 27, 2003 at 12:56:24AM +1000, Mister Lee wrote: Regarding the usefulness of SSLbar itself, its immediate purpose was fingerprint display, as a (theoretically) easy means of checking a cert's validity yourself, rather than relying on a third party signing. That list of officially sanctioned CAs that comes with browsers just keeps getting longer and longer. I don't know who the hell any of those organizations are, or what their policies are... Anyway, SSLbar could be made much more useful if I were to have it (somehow) cache fingerprints or certs, and a flag to indicate whether the user has validated them. Implementing this requires further investigation however, and I've just been pointed at this list and it's archive, so I have some more reading to do :) Maybe this is a stupid question, but exactly how are you supposed to use this information to verify a cert? I've done an informal survey of a few financial institutions whose sites use SSL, and the number of them that were able to provide me with a fingerprint over the phone was exactly zero. -- - Adam - Adam Fields, Managing Partner, [EMAIL PROTECTED] Surgam, Inc. is a technology consulting firm with strong background in delivering scalable and robust enterprise web and IT applications. http://www.adamfields.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
