Re: [cryptography] Password non-similarity?
On 2 January 2012 03:01, ianG i...@iang.org wrote: When I was a rough raw teenager doing this, I needed around 2 weeks to pick up 5 letters from someone typing like he was electrified. The other 3 were crunched in 4 hours on a vax780. how many samples? (distinct shoulder surf events) About 1 a day, say 10, without making it obvious. The trick to counter-acting shoulder surfing is to touch type and hold the shoulder suffers gaze so you know they are not looking at your key-presses. Computer teacher in high school used to do that I noticed. Seperately and relatedly I was thinking of having a go at designing a human computable challenge response for occasional when you know or believe your typing is being observed. eg Human remembers single digit numeric coefficients to a 8 mod 10 simultaneous equations (16 digits): r1 = a.x1+b.x2 mod 10 r2 = c.x3+d.x4 mod 10 ... r8 = o.x15+p.x16 mod 10 computer generates x1 - x16 at random between -9 and +9. Now a shoulder surfer sees less than 8 challenges responded to and they have only 1 equation for each pair of unknowns. The challenges are one use. The response (what is typed to login) are r1.. r8 an 8 digit number. That was just the rough idea, no calculations done yet, maybe one can reduce the number of terms and safely allow more than one use with a bit of tinkering. I was thinking it might be interesting for encrytped file systems also. Normally you login with your passphrase when you are confident you are not being shoulder surfed, or no public video surveillance in place (eg airport). But this way you have a second login mechanism with limited number of logins that are safe to use. The challenges and the disk key encrypted with salted, iterated hash of the challenge response can be stored separately, one per login, and over-written after use, preventing hostile reuse. After login they can be replaced with a new one. Adam ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Password non-similarity?
Bernie Cosell ber...@fantasyfarm.com writes: On 31 Dec 2011 at 15:30, Steven Bellovin wrote: Yes, ideally people would have a separate, strong password, changed regularly for every site. This is the very question I was asking: *WHY* changed regularly? What threat/vulnerability is addressed by regularly changing your password? I know that that's the standard party line [has been for decades and is even written into Virginia's laws!], but AFAICT it doesn't do much of anything other than encourage users to be *LESS* secure with their passwords. I was discussing this question of why regularly force password changes of a colleague who was responsible for security at a large University and his answer was you want to force undergraduates to change their passwords at a frequency that approximately matches the length of the average undergraduate romantic relationship. The implication being they tended to share the passwords with their boy/girlfriend and the forced change reduced the post-break up issues IT had to deal with. That anecdote aside, I agree this is a piece of advice that needs to go (along with password masking and other carry overs from the days of computers being rare and solely in centralized labs). Von On Dec 31, 2011, at 5:02 PM, Peter Gutmann wrote: Bernie Cosell ber...@fantasyfarm.com writes: On 31 Dec 2011 at 15:30, Steven Bellovin wrote: Yes, ideally people would have a separate, strong password, changed regularly for every site. This is the very question I was asking: *WHY* changed regularly? What threat/vulnerability is addressed by regularly changing your password? I know that that's the standard party line [has been for decades and is even written into Virginia's laws!], but AFAICT it doesn't do much of anything other than encourage users to be *LESS* secure with their passwords. This requires an answer that's waaay too long to post here, I've made an attempt (with lots of references to historical docs) in the chapter Passwords in http://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf (it's easier to post the link than to post large extracts here, since the discussion is fairly in-depth). If there's anything I've missed or overlooked in that, let me know. Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] CAPTCHA as a Security System?
Hi All, I was reading CAPTCHA: Using Hard AI Problems For Security by Ahn, Blum, Hopper, and Langford (www.captcha.net/captcha_crypt.pdf). I understand how recognition is easy for humans and hard for computer programs. Where is the leap made that CAPTCHA is a [sufficient?] security device to protect things like web accounts, email accounts, and blog comments? It seems to me that a threat model in which bots (ie, programs) are the only adversary is flawed. Would a security system that does not model a human attacker really qualify as a security system? Or is the system only adequate for low value targets, such as email accounts and blog comments? I'm kind of inclined to the latter. The reason I ask is Wiseguy Tickets Inc and their gaming of Ticketmaster's CAPTCHA system to buy tickets [1]. Eventually, Wiseguy Tickets was indicted, and the indictment included a an assertion, [Wiseguy Tickets Inc] defeated online ticket vendors' security mechanisms [2]. I'm not convinced CAPTCHA is a security system, and I definitely don't consider it a system to protect multi-million dollar assets. Jeff [1] http://www.wired.com/threatlevel/2010/03/wiseguys-indicted/ [2] http://www.wired.com/images_blogs/threatlevel/2010/03/wiseguys-indictment-filed.pdf ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On 01/02/2012 06:58 PM, Jeffrey Walton wrote: I was reading CAPTCHA: Using Hard AI Problems For Security by Ahn, Blum, Hopper, and Langford (www.captcha.net/captcha_crypt.pdf). I understand how recognition is easy for humans and hard for computer programs. But is that really true? My personal experience with CAPTCHAs is that they are increasingly hard to decipher for humans. Has the scale already tipped over in favor of computer programs? Computer programs today are limited by attention of experts (programmers, researchers). What does hard for computer programs actually mean then? Is there a theoretical boundary that limits the abilities of computer programs to recognize captures, or is Ahn just exploiting a temporary lack of economic incentive to realize the full capabilities of computer systems for these kind of problems? IMO, the problems that computers are really (as opposed to currently) bad at often turn out to be the problems that defy objective solutions. Many recaptcha (OCR) problems are ambiguous. If there is no objective solution to a problem, how can performance be evaluated? Where is the leap made that CAPTCHA is a [sufficient?] security device to protect things like web accounts, email accounts, and blog comments? It seems to me that a threat model in which bots (ie, programs) are the only adversary is flawed. Louis von Ahn's favorite subject is human computation. A separation between (the capabilities of) humans and computers is axiomatic to his research, otherwise his whole subject would evaporate. There are two fundamental assumptions made: First, there are problems that are hard for computers to solve but easy for computers to generate. Second, the bad guys can muster huge computational resources but few human resources. The first assumption is a, at least for the time being, a rejection of the Church-Turing conjecture. The second assumption is an extrapolation of past experiences into the future, and as such very optimistic/naive. I don't know about any justification offered for either dogma. Ahn's Phd thesis[1] is surprisingly void of a theoretical underpinning of his work, in fact, it does not even contain the phrase Church-Turing. It is also completely void of any security analysis. You'd think that a phd thesis about human computation applied to security problems would at least contain something on either, but if there is, I can't find it. [1] http://www.scribd.com/doc/2533967/Human-Computation-PhD-Thesis-Luis-von-Ahn Thanks, Marcus ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On Mon, Jan 02, 2012 at 08:03:07PM +0100, Marcus Brinkmann wrote: Computer programs today are limited by attention of experts (programmers, researchers). What does hard for computer programs actually mean then? Is there a theoretical boundary that limits the abilities of computer programs to recognize captures, or is Ahn just exploiting a temporary lack of economic incentive to realize the full capabilities of computer systems for these kind of problems? That was a pretty explicit aspect to the whole proposal. It adds incentives to solve supposedly difficult AI problems. (Or incentives to build very efficient mechanical turk systems, which is of course what mostly happened because that's cheaper and more reliable than funding AI research). Quoting from the paper Much like research in cryptography has had a positive impact on algorithms for factoring and discrete log, we hope that the use of hard AI problems for security purposes allows us to advance the field of Artificial Intelligence. We introduce two families of AI problems that can be used to construct captchas and we show that solutions to such problems can be used for steganographic communication. captchas based on these AI problem families, then, imply a win-win situation: either the problems remain unsolved and there is a way to differentiate humans from computers, or the problems are solved and there is a way to communicate covertly on some channels. and A primary goal of the captcha project is to serve as a challenge to the Artificial Intelligence community. -Jack ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
The reason I ask is Wiseguy Tickets Inc and their gaming of Ticketmaster's CAPTCHA system to buy tickets [1]. Eventually, Wiseguy Tickets was indicted, and the indictment included a an assertion, [Wiseguy Tickets Inc] defeated online ticket vendors' security mechanisms [2]. I'm not convinced CAPTCHA is a security system, and I definitely don't consider it a system to protect multi-million dollar assets. Law is not software. Ticketmaster's CAPTCHA is a security system in the sense that it is obviously meant to keep out robo-purchasers. It doesn't matter that CAPTCHAs are not impossible to defeat, it matters that any reasonable person can understand what's going on. To draw a rough analogy, if I'm arrested for breaking into your house, it is not a defense that I couldn't have done it if you had a stronger lock on the door. R's, John ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On 2012-01-02, Marcus Brinkmann wrote: My personal experience with CAPTCHAs is that they are increasingly hard to decipher for humans. Has the scale already tipped over in favor of computer programs? On this one I'm not ready to take any sides, but I'd like to remind you, too, that a given form of CAPTCHA, as in its success or failure, is not a measure of how the overarching principle behind such validation can do at best. Instead it's a measure of how well somebody out there was able to capture the essence of the methodology. There, it's pretty much equivalent to how well any single designer can capture the essence of biometrics (which by extension include all of your cognitive, unusual computational capabilities as well). Those things aren't being captured too well, as you can see from the contrary, hacker side: http://cvdazzle.com/ . Computer programs today are limited by attention of experts (programmers, researchers). What does hard for computer programs actually mean then? Pretty much anything where Fourier-like methods don't apply, I think. -- Sampo Syreeni, aka decoy - de...@iki.fi, http://decoy.iki.fi/front +358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2 ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
Would a security system that does not model a human attacker really qualify as a security system? If it's man-controlled it certainly does, like a ballistic missile blocking device is also security/safety. In real life security is also an analog kind of thing. Something becomes more secure. Passwords (at any complexity) always have a chance to be random guessed, yet they're security. Bottom line security is usually considered to be something of added safety. The foolish thing here was to think it'd really help. Yet other will always be so foolish to misunderstand what CAPTCHA's mean and meant. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
I'd like to add to this conversation, as a side note, that a new type of security has (fairly) recently emerged: legal security. It's illegal to break in, so we don't need security. Quite common in convenience stores, people's homes and now, the Internet. Some will find that this sort of security sucks. That it doesn't protect them very well. They won't care though, because even though the window was open, no one should've entered. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Password non-similarity?
The reason for regular change is very good. It's that the low-intensity brute forcing of a password requires a certain stretch of time. Put the change interval low enough and you're safer from them. We've had someone talk on-list about a significant amount of failed remote ssh login attempts. Should he chose not to force user to change their passwords they wouldn't. And the likelyhood of a successfull login would improve with the years (given coordination) to somewhere above the admin's comfort zone. The timeframe in which a password has to change also limits the maximum time exposed once someone has cracked it. This is relevant when the adversary needs multiple opportunity's to coincide. The amount of time it'll have access without triggering resource-counting or other suspicious behavior alarms becomes limited, as changing a password would either lock him or the legitimate user out. For most systems though, it's a complete waste of time. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
From: lodewijk andré de la porte lodewijka...@gmail.com I'd like to add to this conversation, as a side note, that a new type of security has (fairly) recently emerged: legal security. It's illegal to break in, so we don't need security. Quite common in convenience stores, people's homes and now, the Internet. Some will find that this sort of security sucks. That it doesn't protect them very well. They won't care though, because even though the window was open, no one should've entered. My neighborhood Wal*Mart has pretty much eliminated cashiers in favor of self-checkouts. Anyone so inclined could walk in, load up a cart, walk up to a self-checkout, check maybe half the items in the cart, pay for them and leave, with no one the wiser until the physical inventory didn't match up with the computer inventory. Wal*Mart is not stupid. They know full well that a certain percent of shoppers will indeed walk out with a certain amount of goods, every day. They have a very good idea of the dollar value of this shrinkage, and they have decided that the shrinkage costs less than the eight or so dollars an hour that it would cost to put clerks in place. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
My neighborhood Wal*Mart has pretty much eliminated cashiers in favor of self-checkouts. Anyone so inclined could walk in, load up a cart, walk up to a self-checkout, check maybe half the items in the cart, pay for them and leave, with no one the wiser until the physical inventory didn't match up with the computer inventory. Wal*Mart is not stupid. They know full well that a certain percent of shoppers will indeed walk out with a certain amount of goods, every day. They have a very good idea of the dollar value of this shrinkage, and they have decided that the shrinkage costs less than the eight or so dollars an hour that it would cost to put clerks in place. Our cozy dutch supermarkets are trying self-checkout systems themselves. They sometimes check carts with what's scanned. My dad's theory was that people are so afraid to have forgotten that they'd most likely scan their products multiple times more often than they forgot, and that relatively little people steal anyway. The self-checkouts are also faster, and thus more convenient. Not to mention more consistent, even on holidays they'll work. The vector on security is getting thinner though. Although this is certainly connected to not needing security, mostly due to legality. You seem to agree. Good. Crypto list. Right. Sorry. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On 3/01/12 09:06 AM, lodewijk andré de la porte wrote: I'd like to add to this conversation, as a side note, that a new type of security has (fairly) recently emerged: legal security. It's illegal to break in, so we don't need security. Right. But it needs to be a break in, not a trespass. So there needs to be a security method to be broken -- no matter how weak. From what I recall of this, there needs to be a reasonable notice and a security system for the breaking of. This is why WAP, etc, works ... because it is a security system, and even though it can be broken with a boltcutter, it's illegal to break in. So the end result is that you can commit the crime, and you'll leave your trails, and you'll be in jurisdiction. Quite common in convenience stores, people's homes and now, the Internet. Some will find that this sort of security sucks. That it doesn't protect them very well. They won't care though, because even though the window was open, no one should've entered. It somewhat depends on who the attacker is. If they are law-abiding citizens and they happen to be in the same jurisdiction, a legal mechanism works reasonably well. Indeed, if one of them is true, it can help. This also happens to align well with online banks which only permit transfers inside the country. As the mule who receives the money has done so without permission, she has participated in fraud and the money can be yanked right back out again. (Never mind that she already sent the money to another jurisdiction...) The thing is, just because a security mechanism doesn't seem to translate to technological space doesn't mean it doesn't have legs. iang ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On Mon, Jan 2, 2012 at 4:25 PM, Randall Webmail rv...@insightbb.com wrote: My neighborhood Wal*Mart has pretty much eliminated cashiers in favor of self-checkouts. [...] Wal*Mart is not stupid. They know full well that a certain percent of shoppers will indeed walk out with a certain amount of goods, every day. Yes, but this is not the same situation as with Ticketmaster. The equivalent for Ticketmaster would be scalpers who go through the captcha many times, by hand, *slowly*, and who adhere to per-person purchase limits or who make minimal efforts to get on a bit past such limits -- something Ticketmaster may be willing to tolerate. To do much better than slow down the scalpers Ticketmaster would have to either do a lot of work (with payments system providers' help) to ensure that payments are not anonymous and that the there is one person per ticket purchase for any one event, or else they'd have to auction off the tickets so as to find the market price for them. I'm not sure as to the feasibility of the former, particularly when Ticketmaster can probably get the law to help, but I'd prefer the latter. (Perhaps because I'm not going to bother camping out for bracelets and I can probably afford free market rates for the events I want to attend!) Nico -- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Password non-similarity?
On 2012/1/2 lodewijk andré de la porte lodewijka...@gmail.com: The reason for regular change is very good. It's that the low-intensity brute forcing of a password requires a certain stretch of time. Put the change interval low enough and you're safer from them. This may make sense in specific cases, but in the general case, say for web sites that have a large # of public users, there are other things that this has to be weighed against. Specifically consider cases where users might only login once a month to pay a bill. If you require those users to change their passwords every 30, 60, or 90 days, they probably will never actually have time to learn it. And since we've tried to teach people not to write down their passwords on PostIt notes, etc. many of these users don't write them down at all. So the end result is that many of these types of users frequently forget their passwords, because they only use them 2 or 3 times before they have to change them again. So that has the undesirable effect of increasing calls to the helpdesk to have users' passwords reset. To drive this additional helpdesk cost down, IT then decides to implement a I forgot my password mechanism that is generally based one some set of trivial Q A such as What is your favorite sports team? or Where did you attend elementary school?, etc. thus causing over major security issues. So I would conjecture, at least in cases like this where users only login infrequently, that the password change policy every N days be done away with, or at the very least, we make N something reasonably long, like 365 or more days. That's why I've said and will say again, that your security policies should be driven by your specific threat model. Unfortunately, most companies don't do this. Instead that they just perpetuate the myth that everyone should be required to change their password every N days because this is obviously best security practice for everyone. It may be for your specific threat model, but it also might not be. We've had someone talk on-list about a significant amount of failed remote ssh login attempts. Should he chose not to force user to change their passwords they wouldn't. And the likelyhood of a successfull login would improve with the years (given coordination) to somewhere above the admin's comfort zone. The timeframe in which a password has to change also limits the maximum time exposed once someone has cracked it. This is relevant when the adversary needs multiple opportunity's to coincide. The amount of time it'll have access without triggering resource-counting or other suspicious behavior alarms becomes limited, as changing a password would either lock him or the legitimate user out. Although requiring the use of SSH public/private keys probably would be better way to go here. The big problem here is for *nix systems at least, even if you remember your password and could change it, trying to remember 20+ ferent passwords for 20+ different servers, all which expire at different times is, at a minimum, a major pain in the ass, and generally will cost you in terms of requiring a password having to be reset by some system administrator plus all the helpdesk overhead. For most systems though, it's a complete waste of time. Agree. -kevin -- Blog: http://off-the-wall-security.blogspot.com/ The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents. -- Nathaniel Borenstein ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Password non-similarity?
On Sun, Jan 01, 2012 at 03:16:39AM -, John Levine wrote: Well, on more than a few occasions, I've observed cases where users have accidentally entered their password into the username field (either alone, or with the username preprended). Of course, the login attempt fails and, more to the point, the invalid user name is logged. The users almost immediately realize their mistakes, and then login correctly. Unfortunately, most users don't realize that their password has just been logged as an invalid user name and their logged subsequent successful login makes it rather trivial to associate that password with the actual username of the user. Where's this log? Wherever it is, it's on a system that also has their actual password. If I wanted to reverse engineer passwords, this doesn't strike me as a particularly efficient way to do so. R's, John Well, the log is presumedly unencrypted on the same machine that has a *hash* of their actual password. It takes a lot longer to crack against the hashed password list than it does to scan the log for these type of log messages, which they can then check against the hashed password database quickly and easily. I agree with Kevin that this scenario isn't enough justification for the overhead and user annoyance that is forced password rotation, but it's not an unreasonable scenario to want to mitigate. Some web servers even make it easy to accidentally export the logs, since often HTTP is the access method of choice for the people who actually should be able to review the logs... -Craig ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Password non-similarity?
On Mon, Jan 2, 2012 at 7:12 PM, Craig B Agricola cr...@theagricolas.org wrote: On Sun, Jan 01, 2012 at 03:16:39AM -, John Levine wrote: Where's this log? Wherever it is, it's on a system that also has their actual password. If I wanted to reverse engineer passwords, this doesn't strike me as a particularly efficient way to do so. R's, John Well, the log is presumedly unencrypted on the same machine that has a *hash* of their actual password. It takes a lot longer to crack against the hashed password list than it does to scan the log for these type of log messages, which they can then check against the hashed password database quickly and easily. I agree with Kevin that this scenario isn't enough justification for the overhead and user annoyance that is forced password rotation, but it's not an unreasonable scenario to want to mitigate. Some web servers even make it easy to accidentally export the logs, since often HTTP is the access method of choice for the people who actually should be able to review the logs... Agree that cracking effort far exceeds the effort of scanning the logs, but keep in mind that in most cases, if you can break in and have the password hash readable, then you likely already have admin permissions and it's game over. (E.g., consider that /etc/shadow usually only readable by root and group 'shadow'.) OTOH, depending on where you log such failures, that may or may not be word readable. (It really shouldn't be, but many times it is.) And even if you are using syslog and a remote log server and sending this to some SIEM product, keep in mind that those monitoring these logs via a SIEM usually do not have superuser access on those servers. But, please understand that I was not trying to imply that this means that periodically requiring password changes is a good idea. Generally, it's a bad idea when we try to enforce a one-size-fits-all security policy to everything. One needs to evaluate this on a risk basis on a case by case basis. -kevin -- Blog: http://off-the-wall-security.blogspot.com/ The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents. -- Nathaniel Borenstein ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Password non-similarity?
On Mon, 2 Jan 2012, lodewijk andr?? de la porte wrote: The reason for regular change is very good. It's that the low-intensity brute forcing of a password requires a certain stretch of time. Put the change interval low enough and you're safer from them. We've had someone talk on-list about a significant amount of failed remote ssh login attempts. Should he chose not to force user to change their passwords they wouldn't. And the likelyhood of a successfull login would improve with the years (given coordination) to somewhere above the admin's comfort zone. I just don't buy this argument; am I missing something? Say passwords are chosen uniformly from a space of size N. If you never change your password, then an adversary is guaranteed to guess your password in N attempts, and in expectation guesses your password in N/2 attempts. If you change passwords constantly, and an adversary guesses a random password (with replacement) each password-guessing attempt, then in expectation the adversary guesses your password in N attempts. Not much of an advantage. (This seems like such a trivial point I hesitated to post it, but I haven't seen it come up explicitly at any point in this thread.) The point you raise below (about limiting exposure once a password *is* guessed) remains valid, though for common-use passwords (where an adversary can simply lock the legitimate user out of the account once the password is guessed) I wonder how much benefit there really is. The timeframe in which a password has to change also limits the maximum time exposed once someone has cracked it. This is relevant when the adversary needs multiple opportunity's to coincide. The amount of time it'll have access without triggering resource-counting or other suspicious behavior alarms becomes limited, as changing a password would either lock him or the legitimate user out. For most systems though, it's a complete waste of time. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
Ticket sellers and scalpers have been been fighting since long before there was an Internet. To do much better than slow down the scalpers Ticketmaster would have to either do a lot of work (with payments system providers' help) to ensure that payments are not anonymous and that the there is one person per ticket purchase for any one event They already do that -- the only way to pay on their web site is with a credit card, and you can't use the same card for a lot of purchases in a row. I'm pretty sure you can't use another card with the same mailing address, either. or else they'd have to auction off the tickets so as to find the market price for them. For a variety of business reasons they usually don't want to do that, and they don't want brokers to do it for them. Sports teams want it to be at least somewhat possible for fans to get tickets. That's why they let people wait in long lines, since that's correlated with fanly devotion rather than wealth, and sends the message to the rest of the fans that if they were equally devoted, they too could get tickets. Ticketmaster wants to make it as easy as possible for individuals to buy tickets, while making it as hard as possible for scalpers pretending to be individuals, or individuals working for scalpers, to buy them. CAPTCHAs keep out the less determined scalpers, but there is no reliable mechanical way to tell a nice human from a nasty one. Scalping can be very profitable, with markups of $100 per ticket not unsusual, so if I were a scalper, I'd have a network of web proxies, to make it hard to tell that they're all me, a farm of human CAPTCHA breakers in Asia who cost maybe 5c per CAPTCHA, a large set of employees, friends, and relatives who will let me use their names and credit cards (for a small commission) and scripts that blast through Ticketmaster's web pages as fast as they can, so they can buy the tickets the moment they go on sale, before real humans can. At some point, since there aren't that many large scalping operations, rather than playing an endless game of jumping through hoops and crypto cat and mouse which will certainly have the side-effect of losing some legit purchases, it is perfectly sensible to go after them legally. One of the advantages of having a working legal system is so that we can live reasonable lives with $20 locks in our doors, rather than all having to spend thousands to armor all the doors and windows, like they do in some other parts of the world. R's, John ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Password non-similarity?
On Mon, Jan 02, 2012 at 09:40:36PM -0500, Jonathan Katz wrote: Say passwords are chosen uniformly from a space of size N. If you never change your password, then an adversary is guaranteed to guess your password in N attempts, and in expectation guesses your password in N/2 attempts. If you change passwords constantly, and an adversary guesses a random password (with replacement) each password-guessing attempt, then in expectation the adversary guesses your password in N attempts. Not exactly. In N attempts, assuming that N is very large, their chance will be more like 1-1/e, which is around 63%. For a 50% chance, I think they need to try merely N*ln(2) passwords, or about 69% of N. Not much of an advantage. Right. About 39% of extra effort for the attacker (50% to 69% of the keyspace to test) for a 50% chance. Alexander ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On Mon, Jan 2, 2012 at 9:08 PM, John Levine jo...@iecc.com wrote: [...]. One of the advantages of having a working legal system is so that we can live reasonable lives with $20 locks in our doors, rather than all having to spend thousands to armor all the doors and windows, like they do in some other parts of the world. Indeed! I'm not sure that this translates so well to online security though, where one must defend against attackers that the law can't reach. You make a good case that it does translate well to the Ticketmaster case though. Nico -- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On Mon, 3 Jan 2012, John Levine wrote: Scalping can be very profitable, with markups of $100 per ticket not unsusual, so if I were a scalper, I'd have a network of web proxies, to make it hard to tell that they're all me, a farm of human CAPTCHA breakers in Asia who cost maybe 5c per CAPTCHA, [[...]] According to http://www.nytimes.com/2010/04/26/technology/26captcha.html?hpw the going rate for paying humans to break CAPTCHAs is around $1 per 1000 CAPTCHAS, i.e., around 0.1 cent per CAPTCHA. -- -- Jonathan Thornburg [remove -animal to reply] jth...@astro.indiana-zebra.edu Dept of Astronomy IUCSS, Indiana University, Bloomington, Indiana, USA Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral. -- quote by Freire / poster by Oxfam ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
Randall Webmail rv...@insightbb.com writes: My neighborhood Wal*Mart has pretty much eliminated cashiers in favor of self-checkouts. Anyone so inclined could walk in, load up a cart, walk up to a self-checkout, check maybe half the items in the cart, pay for them and leave, with no one the wiser until the physical inventory didn't match up with the computer inventory. Don't they have minders that watch the self-checkouts? The way they're set up here your chances of sneaking an item out is probably about as good as it would be with a human-controlled checkout, and for anything more than one or two small items there's not much chance. (The self-checkouts are arranged in such a way that one or two people can supervise all of them, if they simply replaced the human in each row with a barcode scanner then it wouldn't be so easy). Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
=?UTF-8?Q?lodewijk_andr=C3=A9_de_la_porte?= lodewijka...@gmail.com writes: Our cozy dutch supermarkets are trying self-checkout systems themselves. They sometimes check carts with what's scanned. My dad's theory was that people are so afraid to have forgotten that they'd most likely scan their products multiple times more often than they forgot, and that relatively little people steal anyway. The way it's done here, the checkout system knows the approximate weight of each item that you scan, and if you don't add an item of that weight to the shopping next to the scanner, they complain. This acts as an auditing system for the scanning, if you accidentally double-scan or accidentally miss a scan they'll catch it. Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
From: Peter Gutmann pgut...@cs.auckland.ac.nz To: cryptography@randombit.net, rv...@insightbb.com Sent: Tue, 03 Jan 2012 01:51:26 -0500 (EST) Subject: Re: [cryptography] CAPTCHA as a Security System? Randall Webmail rv...@insightbb.com writes: My neighborhood Wal*Mart has pretty much eliminated cashiers in favor of self-checkouts. Don't they have minders that watch the self-checkouts? The way they're set up here your chances of sneaking an item out is probably about as good as it would be with a human-controlled checkout, and for anything more than one or two small items there's not much chance. There is one girl (and it is always a girl) who is at the control center. She comes to the checkout station to override the system when the shopper scans beer. No one watches to see if you scan every item in your cart.Most people don't steal, and it's cheaper for Wal*Mart to allow the thieves to ply their trade than it is to put $8.00/hour girls in place to (mostly) stop those who do. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
On Tue, Jan 03, 2012 at 01:57:10AM -0500, Randall Webmail wrote: There is one girl (and it is always a girl) who is at the control center. She comes to the checkout station to override the system when the shopper scans beer. No one watches to see if you scan every item in your cart. Most people don't steal, and it's cheaper for Wal*Mart to allow the thieves to ply their trade than it is to put $8.00/hour girls in place to (mostly) stop those who do. You have more faith in human nature (or perhaps a considerably less sophisticated understanding of the costs of inventory shrinkage) than Walmart does. Look up. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] CAPTCHA as a Security System?
From: Thor Lancelot Simon t...@panix.com To: Randall Webmail rv...@insightbb.com Cc: Crypto List cryptography@randombit.net Sent: Tue, 03 Jan 2012 01:58:46 -0500 (EST) Subject: Re: [cryptography] CAPTCHA as a Security System? On Tue, Jan 03, 2012 at 01:57:10AM -0500, Randall Webmail wrote: There is one girl (and it is always a girl) who is at the control center. She comes to the checkout station to override the system when the shopper scans beer. No one watches to see if you scan every item in your cart. Most people don't steal, and it's cheaper for Wal*Mart to allow the thieves to ply their trade than it is to put $8.00/hour girls in place to (mostly) stop those who do. You have more faith in human nature (or perhaps a considerably less sophisticated understanding of the costs of inventory shrinkage) than Walmart does. Look up. Yes, of course there are the black hemisphere cameras on the ceiling. They're videotaping everytihng that goes on. The checkouts are thirty feet from the exit doors. What are the odds that anyone is going to be watching the live video AND that they will notice the shopper who does not scan the $30 ham AND that they will alert security AND that security will intercept the shopper before he leaves the store? I don't know about Wal*Mart, but the policy in Rite Aid stores here (Louisville, KY) is that people who are caught shoplifting are told not to come back to Rite Aid. There is no prosecution - because it costs money to send witnesses to court, and the only thing the court is going to do is fine them and charge them court costs totaling around $200 - and tell them to stay out of Rite Aid. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography