Re: SSL/TLS passive sniffing
I wrote: If the problem is a shortage of random bits, get more random bits! Florian Weimer responded: We are talking about a stream of several kilobits per second on a busy server (with suitable mailing lists, of course). This is impossible to obtain without special hardware. Not very special, as I explained: Almost every computer sold on the mass market these days has a sound system built in. That can be used to generate industrial-strength randomness at rates more than sufficient for the applications we're talking about. How many bits per second can you produce using an off-the-shelf sound card? Your paper gives a number in excess of 14 kbps, if I read it correctly, which is surprisingly high. 1) You read it correctly. http://www.av8n.com/turbid/paper/turbid.htm#tab-soundcards 2) The exact number depends on details of your soundcard. 14kbits/sec was obtained from a plain-vanilla commercial-off-the-shelf desktop system with AC'97 audio. You can of course do worse if you try (e.g. Creative Labs products) but it is easy to do quite a bit better. I obtained in excess of 70kbits/sec using an IBM laptop mgfd in 1998. 3) Why should this be surprising? It's an interesting approach, but for a mail server which mainly sends to servers with self-signed certificates, it's overkill. Let's see -- Cost = zero. -- Quality = more than enough. -- Throughput = more than enough. I see no reason why I should apologize for that. Debian also supports a few architectures for which sound cards are hard to obtain. And we would separate desktop and server implementations because the sound card is used on desktops. I'd rather sacrifice forward secrecy than to add such complexity. As the proverb says, no matter what you're trying to do, you can always do it wrong. If you go looking for potholes, you can always find a pothole to fall into if you want. But if you're serious about solving the problem, just go solve the problem. It is eminently solvable; no sacrifices required. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
SSL/TLS passive sniffing
Florian Weimer [EMAIL PROTECTED] writes: I'm slightly troubled by claims such as this one: http://lists.debian.org/debian-devel/2004/12/msg01950.html [which says: If you're going to use /dev/urandom then you might as well just not encrypt the session at all.] That claim is totally bogus, and I doubt whether that poster has any clue about this subject. As far as we know, Linux's /dev/urandom is just fine, once it has been seeded properly. Pay no attention to those who don't know what they are talking about. (That poster wants you to believe that, since /dev/urandom uses a cryptographic-strength pseudorandom number generator rather than a true entropy source, it is useless. Don't believe it. The poster is confused and his claims are wrong.) - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Cryptography Research wants piracy speed bump on HD DVDs
Is there really that much space for marking? Any substantial number of marked bits will become obvious in the output stream, no? Is the watermarking system robust? Is it public? And how long ago has it been published? If they are only modifying some bits (in the standard representation), then one might probably be able to alter them. Also notice, that this may harm the quality of the image. Intuitively, one is expected to have a low quality of image if lots of bits are used for watermarking, and a low security if a few bits are used for watermarking. Regarding blacklists, where are they stored? If they are included in every new DVD, then one doesn't need to buy a new DVD but simply simulate an ID (which is not in the blacklist) for the DVD. So this opens another place where designers may screw up. Another attack is to attempt to delete this blacklist from the DVD. In another respect, closed p2p communities that exchange movies through secure channels would never get into this revocations lists. So here is another inconvenience for this DRM scheme. Regards and (almost) merry christmas, Ariel - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Cryptography Research wants piracy speed bump on HD DVDs
Bill Stewart wrote: At 09:08 AM 12/15/2004, Ian Grigg wrote: Let me get this right. ... ... A blockbuster worth $100m gets cracked ... and the crack gets watermarked with the Id of the $100 machine that played it. ... So the solution is to punish the $100 machine by asking them to call Disney with a CC in hand? If you're in a profit-making business of pirating DVDs for money, then having your $100 DVD burner stop being able to play DVDs from a given studio is just a business expense. But if you're a typical hobbyist pirate, file-sharing your DVDs for free to other people who are sharing their pirated DVDs, rather than spending $2 to rent them at Blockbuster, then it's probably really annoying, and you're probably out of business with that DVD burner, though your other $39 DVD player can play them just fine. John Kelsey wrote: Think about the effect on P2P systems, if having one extracted movie from your player available for sharing meant that your player would stop working for all new content I'm not saying I think this (or any other technical solution I've seen) will work. I'm saying that it's a pretty reasonable attempt to undermine participation in P2P systems. I think in comment to both Bill and John, the counter argument seems to be the same: is this likely to make a difference in practice? I can't see it. Yet. If Alice, notorious p2p pirate, has this particular DVD player in front of her, she simply factors it in. Instead of releasing her copies in dribs and drabs, she releases them in batch. Once released, the player is determined to be an old material only player. But this is no barrier as DVD players now retail for the price of 10 DVDs, so upgrading every 6 months is really no drama. Where this *does* has an effect, I think, is that when the black-booted IP police come in through the front door (and I mean, through it...) and seize all the guilty tech equipment, what they also pick up is a player that has been identified to be a source of pirated material. So before the judge, they can state that they found pirated material, the IP number was tracked, *and* they found the tools, as identified by other pirated material distributed on the net. This wipes out the defence of using Kazaa for bona fide purposes. Also, if they have a way of tracking the purchases of players, then they can more easily get warrants for their non-radial door penetration manouvers. Imagine a world where all DVD players are barcoded with serial numbers, and the sale is related to a credit card. Closed loop, easy to show sufficient to the judge to get the warrant. Which would be even nicer if we could enter a new crime onto the books to the effect of purchasing a DVD player without a credit card. iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
A Force Field in Flat Gray to Protect a Wireless Network
http://www.nytimes.com/2004/12/23/technology/circuits/23pain.html?pagewanted=printposition= The New York Times December 23, 2004 A Force Field in Flat Gray to Protect a Wireless Network Adam Baer s wireless networks have proliferated, computer security companies have come up with increasingly complex defenses against hackers: password protection, encryption, biometrics. Insulating the interior of a house, apartment or office from radio-wave interference is a simpler concept that has yet to become a popular consumer strategy, but a new product called DefendAir from Force Field Wireless could change that. Available online at forcefieldwireless.com, the product is a latex house paint that has been laced with copper and aluminum fibers that form an electromagnetic shield, blocking most radio waves and protecting wireless networks. Priced at $69 a gallon and available only in flat gray (it can be used as a primer), one coat shields Wi-Fi, WiMax and Bluetooth networks operating at frequencies from 100 megahertz to 2.4 gigahertz. Two or three coats will achieve the paint's maximum level of protection, good for networks operating at up to five gigahertz. Force Field Wireless also sells a paint additive ($34 for a 32-ounce container, enough to treat a gallon of paint) and $39 window-shield films. Harold Wray, a Force Field Wireless spokesman, said the paint must be carefully applied. Radio waves find leaks, he said. It should be applied selectively, he said, because it might hinder the performance of radios, televisions and cellphones. Our main goal is to shield your wireless radio waves from hackers and outside interference, he said. Plus, today, many people watch cable television. Adam Baer Copyrigh -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
U.S. passport privacy: Over and out?
http://www.iht.com/bin/print_ipub.php?file=/articles/2004/12/22/news/passport.html U.S. passport privacy: Over and out? By Hiawatha Bray The Boston Globe Thursday, December 23, 2004 It's December 2005 and you're all set for Christmas in Vienna. You have your most fashionable cold-weather gear, right down to Canada's national red maple leaf embroidered on your jacket and backpack, to conceal your American citizenship from hostile denizens of Europe. But your secret isn't really safe. As you stroll through the terminal, you pass a nondescript man with a briefcase. The briefcase contains a powerful radio scanner, and simply by walking past, you've identified yourself as an American. Without laying a finger on you, the man has electronically skimmed the data in your passport. Science fiction? The American Civil Liberties Union doesn't think so. Neither does Bruce Schneier, software engineer and author of multiple books on computer security, nor Katherine Albrecht, a privacy activist in Cambridge, Massachusetts. They are all worried about a State Department plan to put radio identification tags in all future U.S. passports, beginning next year. That way, American passport data can be read merely by waving it past a radio detector. But whose radio detector? That's what worries many people. Somebody can identify you as an American citizen from across the street because of the passport in your back pocket, said Albrecht, founder of a Web site concerned with the matter, spychips.com. You're a walking target. Nonsense, replies a State Department spokeswoman, Kelly Shannon. We're going to prevent the unauthorized skimming of the data, Shannon said. The U.S. government thinks the new passports will be harder to forge and easier to verify than the current model, without causing undue risk of identity theft. It is all part of the continuing debate over radio frequency identification systems, also known as RFID. Tags that let people zoom through a highway toll booth contain an RFID chip. Many American pets have them embedded under their skin and the U.S. Food and Drug Administration has approved doing the same for people, to provide reliable medical information to emergency room doctors. But privacy advocates like Albrecht contend that government agencies and big corporations want to embed RFID chips into virtually every product, giving them the ability to track almost every move that people make. The RFID chips contain a tiny bit of information that is transmitted via radio when the chip comes within range of a reading device. The chip could broadcast a simple code number, or it could contain a lot more information, like a traveler's name, nationality and digital photograph. This is what the chips planned for future U.S. passports will do, part of a plan to make the passport system more secure. But according to government documents released by the civil liberties union, early versions of the system allowed detection of personal data by a snoop 30 feet, or 9 meters, away. Shannon, of the State Department, dismissed this research, saying the equipment needed to capture the data was too complex and heavy to be used undercover. That is not much comfort to Schneier, the computer security expert. Technology only gets better, he said. It never gets worse. Schneier figures that would-be spies and snoops will find ways to pick up signals from the passport chips. The chips might be made more secure by encrypting the data they contain. That way, it would be useless even if intercepted. But the State Department opposes that idea, because immigration officials in many poor countries cannot afford the necessary decryption gear. Encryption limits the global interoperability of the passport, said Shannon. Why use a radio-based identity system at all? Smart chips, like those found in some credit cards, are plentiful and cheap, and they don't broadcast. You slide them through a chip reader that instantly scoops up the data. But the International Civil Aviation Organization, which sets global standards for passports, has decided on the use of a noncontact technology - another way of saying radio-based identification. So will Americans be stuck with high-tech passports that beam their personal data to all comers? Not necessarily. Turns out there's a simple fix: a passport cover made of aluminum foil. It would form what engineers call a Faraday cage, after Michael Faraday, the 19th-century British physicist who discovered the characteristics of electromagnetic waves. Wrap an RFID chip inside a Faraday cage, and the electromagnetic waves from the chip reader can't get in and activate the chip. The State Department says it may use the principle to give travelers an added sense of security. No, there won't be rolls of aluminum foil included with every passport. Instead, the passport cover may include a network of wires woven into the fabric. Fold the passport shut, and there's your Faraday
Re: Cryptography Research wants piracy speed bump on HD DVDs
To add a postscript to that, yesterday's LAWgram reported that $10 DVD *players* are now selling in the US. The economics of player-id-watermarking are looking a little wobbly; we can now buy a throwaway player for the same price as a throwaway disk. http://www.theinquirer.net/?article=20371 iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Banks Test ID Device for Online Security
Okay. So AOL and Banks are *selling* RSA keys??? Could someone explain this to me? No. Really. I'm serious... Cheers, RAH http://www.nytimes.com/2004/12/24/technology/24online.html?oref=loginpagewanted=printposition= The New York Times December 24, 2004 Banks Test ID Device for Online Security By JENNIFER A. KINGSON or years, banks gave away toasters to people who opened checking accounts; soon they may be distributing a more modern kind of appliance. Responding to an increase in Internet fraud, some banks and brokerage firms plan to begin issuing small devices that would help their customers prove their identities when they log on to online banking, brokerage and bill-payment programs. E*Trade Financial intends to introduce such a product in the first few months of 2005. And U.S. Bancorp says it will test a system, though it has not given a timetable. The devices, which are hand-held and small enough to attach to a keychain, are expected to cost customers roughly $10. They display a six-digit number that changes once a minute; people seeking access to their accounts would type in that number as well as a user name and password. The devices are freestanding; they do not plug into a computer. Some banks, like Wachovia of Charlotte, N.C., and Commerce Bancshares of Kansas City, Mo., already use these hardware tokens to identify employees and corporate customers, and say they are evaluating the technology for retail banking use. Others, like Fidelity Investments and Bank of America, are researching the matter. Every single major bank is considering it, said James Van Dyke, principal and founder of Javelin Strategy and Research of Pleasanton, Calif., which advises financial services companies on payments and technology issues. Although there are drawbacks in terms of cost and convenience - as well as questions about what would happen if a customer lost the device or it were stolen - there is growing pressure from bank regulators to add safeguards of this type to online financial services. In a report last week, the Federal Deposit Insurance Corporation, which insures bank deposits, said that existing authentication systems were not secure enough and that an extra layer of security should be added to the sign-in process. The financial services industry's current reliance on passwords for remote access to banking applications offers an insufficient level of security, the F.D.I.C.'s report said. Two-factor authentication, which typically includes a memorized password and a hardware security device, has the potential to eliminate, or significantly reduce, account hijacking, it said. To be sure, there are many ways to add the kind of security that the agency is seeking, and any number of technology vendors eager to supply products. The F.D.I.C. evaluated some possible alternatives, including smart cards, which are plastic cards with embedded microprocessor chips; biometrics, which identify people by their fingerprints, voice or physical characteristics; and shared secrets, in which a customer is asked a question that, in theory, only he or she could answer. But the system that has so far taken root in the market is the one that relies on number-changing hardware tokens, which have the shape and feel of the plastic security devices that people click to unlock their cars. Several large banks in Europe and Australia - including Credit Suisse, ABN Amro and Rabobank - already issue these tokens to customers, sometimes making them bear the cost of the device. In the United States in September, America Online introduced a program, AOL Passcode, that lets subscribers buy the keychain device for $9.95 and use it for authentication purposes, at a subscriber fee of $1.95 to $4.95 a month, depending on the number of screen names linked to it. Proponents of these devices are aware that they present other problems. Financial companies are concerned about making online banking less convenient and about adding fees for the hardware token. Customers with accounts at several institutions may wind up with an unwieldy number of tokens or swamp call centers with questions about the new systems. Several foreign banks have made the tokens mandatory for online customers. E*Trade, which is expected to be the first United States financial institution to introduce the program for retail customers, will make it optional and charge for the device. Joshua S. Levine, chief technology officer at E*Trade, said the technology seemed to provide the comfort that most people want. And when you have your money at stake, he said, you really want to feel comfortable. E*Trade has been testing its program for the last two months, giving the devices free to 200 interested customers. So far, the tests have attracted customers with high incomes who conduct many transactions and tend to be knowledgeable about technology, Mr. Levine said. Based on the feedback these customers have been giving us, he added, we feel it
AOL Help : About AOL® PassCode
http://help.channels.aol.com/article.adp?catId=6sCId=415sSCId=4090articleId=217623 Have questions? Search AOL Help articles and tutorials: How To: Billing Channels Communicating Online E-Mail More Subjects Products and Services AOL.COM AOL® Computer Check-Up AOL Deskbar AOL® Calendar AOL® File Backup AOL® PassCode AOL® Privacy Wall inStore Money Alerts Technical Support More Help: Help Tutorials Auto Fixes Pop-Up Controls Spam Mail Controls Anti-Virus Center AOL Help Community Safety, Security Privacy AOL Voice Services Products and Services AOL® PassCode About AOL® PassCode After purchasing and receiving your AOL® PassCode, go to AOL Keyword: PassCode and this screen appears, allowing you to secure your screen name to your AOL PassCode. On this screen you can also release your screen name from AOL PassCode, change service plans and order additional AOL PassCodes. Account Status This area lists your current AOL PassCode service plan, including the secured and unsecured screen names within the plan. If the maximum number of screen names in your service plan are secured to your AOL PassCode, the Manage Service Plan button will appear. View PassCode Account Activity Displays a screen listing a summary of your AOL PassCode account activity, such as the date you purchased your subscription, ordered AOL PassCode devices and details such as the price plan ordered and the quantity of AOL PassCodes ordered. Secure Screen Name To help protect your screen name with AOL PassCode, you need to secure your screen name to your specific AOL PassCode device. Each AOL PassCode has a unique serial number engraved on its back. By associating your screen name with a specific AOL PassCode serial number, the AOL service will know which six-digit number needs to be entered at each sign-on, helping to protect your screen name from unauthorized access. To secure a screen name to your AOL PassCode 1. Sign on to the AOL® service with the screen name you want to secure to your AOL PassCode. 2. Go to AOL Keyword: PassCode. 3. Click Secure Screen Name. 4. Type the eight-digit serial number engraved on the back of your AOL PassCode. 5. Type the six-digit number displayed on the front of your AOL PassCode. 6. Click Save. A confirmation screen appears. This change takes effect immediately and will be enforced the next time you sign on to the AOL service. Whenever you sign on to the AOL service using the screen name that you secured to AOL PassCode, you will be required to enter the six-digit number on the front of your AOL PassCode. Release Screen Name When the screen name you signed on to the AOL service with has already been secured to your AOL PassCode, the Secure Screen Name button changes to Release Screen Name. If you no longer want to use AOL PassCode, you must release your screen name from your AOL PassCode so that you will no longer need to enter a six-digit code when you sign on to any AOL service. To release your screen name from your AOL PassCode 1. Sign on to the AOL service with the screen name you want to release from your AOL PassCode. 2. Go to AOL Keyword: PassCode. 3. Click Release Screen Name. The Secure Screen Name button changes to Release Screen Name when that particular screen name is secured to AOL PassCode. 4. Enter the answer to your account security question. For more information, see What is an Account Security Question. 5. Type the eight-digit serial number engraved on the back of your AOL PassCode. 6. Type the six-digit number displayed on the front of your AOL PassCode. 7. Click Save. This change takes effect immediately, and removes the AOL PassCode protection for subsequent sign-ons. Manage Service Plan Displays a screen with AOL PassCode service plan options, allowing you to change your current service plan. Order more PassCodes Displays a screen allowing you to order additional AOL PassCodes. Live Customer Support Contact AOL 24 hours a day, seven days a week! Chat With Us: Technical SupportBilling Support Call Us: Talk to an expert. AOL Help Main | Manage Your Account | Safety Security | Anti-Virus | Upgrade Center | Feedback | Privacy Policy Copyright © 2004 America Online, Inc. All rights reserved. Back to Top AOL 9.0 SE/LE Change Version -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Scientists close to network that defies hackers
http://news.ft.com/cms/s/a0dcf3f0-5874-11d9-9940-0e2511c8.html The Financial Times Scientists close to network that defies hackers By Clive Cookson, Science Editor Published: December 28 2004 02:00 | Last updated: December 28 2004 02:00 Scientists have taken what they say is a big step towards an intrinsically secure computer network which banks and other institutions could use to transmit data without risk of hacking. Toshiba Research Europe is one of several laboratories around the world racing to commercialise quantum cryptography, a technology that uses quantum mechanics to generate unbreakable codes. The Cambridge-based company says it has produced the first system robust enough to run uninterruptedly for long periods without human intervention. The Toshiba researchers have tested the system with MCI, the international telecommunications company, and plan next year to carry out trials with financial institutions in London. Secure digital communication uses long prime numbers as keys to encode data at one end and decode at the other. Inquantum cryptography, individual photons - light particles - transmit the secret keys down optical fibres. Each photon carries a digital bit of information, depending on its polarisation. To outwit hackers, the keys are changed many times a second. The extreme delicacy of these quantum bits is both the strength and weakness of quantum cryptography. On the positive side, a hacker cannot eavesdrop on the data transmission without changing it and alerting sender and receiver to the breach of security. But the system is easily disturbed by tiny fluctuations such as temperature changes in the transmission apparatus or movements in the optical fibres. Previous quantum cryptography transmissions have lasted only for minutes and required continual adjustment by experts, says Andrew Shields, head of Toshiba's quantum information group. His laboratory managed to extend the running time to a week's entirely automated and uninterrupted session. The Cambridge researchers stabilised the system and reduced the error rate by sending a bright guardian pulse of light down the fibres immediately after each information-carrying photon. Mr Shields said: The technology is now sufficiently mature to be used in real-world situations and we are currently discussing applications with interested parties. In the first instance we expect quantum cryptography to be used in companies' private networks - for example, to provide secure traffic in a link between two sites within a metropolitan area. Besides Japanese-owned Toshiba, large electronics companies competing to commercialise quantum cryptography include NEC of Japan and Hewlett-Packard of the US. There are also two start-ups, Magiq Technologies of the US and ID Quantique of Switzerland, with first generation quantum cryptography products on the market, although sales have not been large. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
The story of Aldrich Ames and Robert Hanssen--from the KGB's point of view.
http://www.opinionjournal.com/la/?id=110006088 OpinionJournal WSJ Online BOOKSHELF The Man Who Stole the Secrets The story of Aldrich Ames and Robert Hanssen--from the KGB's point of view. BY EDWARD JAY EPSTEIN Thursday, December 30, 2004 12:01 a.m. EST Recently a number of former CIA officers received an invitation from the Spy Museum in Washington to attend a luncheon for former KGB Col. Victor Cherkashin. The event, as the invitation said, would afford a once-in-a-lifetime opportunity to dine and dish with an extraordinary spymaster. In the heyday of the Cold War, such an offer, delivered with slightly more discretion, might have been the prelude to a KGB recruitment operation. Now it's merely the notice for a book party celebrating yet another memoir by a former KGB officer recounting how the KGB duped the CIA. In this case, there is a great deal to tell. Victor Cherkashin served in the KGB from 1952, when Stalin was still in power, until the Soviet Union disintegrated in 1991. During most of that time his mission was to organize KGB operations aimed at undermining the integrity, confidence and morale of the CIA. He seems to have been good at his job. His big opportunity came when he was the deputy KGB chief at the Soviet Embassy in Washington between 1979 and 1985. Those years were the height of a ferocious spy war within the Cold War. In Spy Handler, Mr. Cherkashin describes in detail how he helped convert two American counterintelligence officers--one well-placed in the CIA's Soviet Russia Division, the other in the FBI--into moles. Their names are notorious now, but over the course of a decade Aldrich Ames and Robert Hanssen operated with anonymous stealth, compromising most of the CIA's and FBI's espionage efforts in the Soviet Union. But that wasn't the end of Mr. Cherkashin's glory. Returning to Moscow, he helped run dangle operations in which KGB-controlled diplomats feigned a willingness to be recruited by their American counterparts, only to hand over disinformation when they were finally recruited. Thus when the CIA came around to investigating why its agents were being compromised in Russia, the KGB sent the CIA a disinformation agent, for example, to paint false tracks away from its moles. This agent--Mr. X--offered to betray the Soviet Union for $5,000. When the CIA snapped up the bait, Mr. X pointed it to its own secret communication center in Warrenton, Va., falsely claiming that the KGB was electronically intercepting data from its computers. The purpose, of course, was to divert the agency away from the mole, who continued betraying CIA secrets for eight more years. Told from the KGB's vantage point, Mr. Cherkashin's story provides a gripping account of its successes in the spy war. He shows Mr. Hanssen to have been an easily managed and highly productive penetration who operated via the unusual tradecraft of dead drops, leaving material at designated locations where it could be transferred without spy and handler ever meeting. (Indeed, the KGB never knew Mr. Hanssen's identity.) Mr. Ames, for his part, was a more complex case, since he had come under suspicion and the KGB had to concern itself with throwing the CIA off his trail. That America's counterespionage apparatus allowed both men to operate as long as they did is a testament to its complacency as much as to the KGB's cleverness. And indeed, Mr. Cherkashin skillfully torments his former adversary, the CIA, by attributing a large part of the KGB's success to the incompetence of the CIA leadership, or its madness. He asserts, in particular, that the CIA had been all but paralyzed by the paranoia of James Jesus Angleton, the CIA's longtime counterintelligence chief, who suspected that the KGB had planted a mole in the CIA's Soviet Russia division. Mr. Cherkashin is right that Mr. Angleton's concern retarded, if not paralyzed, CIA operations in Russia. After all, if the CIA was indeed vulnerable to KGB penetration, as Mr. Angleton believed, it had to assume that its agents in Russia would be compromised and used for disinformation. This suspicion would recommend a certain caution or tentativeness, to say the least. Mr. Cherkashin's taunt about Mr. Angleton's paranoia echoed what was said by Mr. Angleton's critics in the CIA, who resented his influence, believing that polygraph tests and other security measures immunized the CIA against such long-term penetration. But of course Mr. Angleton was right, too. On Feb. 21, 1994, Mr. Ames, the CIA officer who had served in the Soviet Russia division, was arrested by the FBI. He confessed that he had been a KGB mole for almost a decade and had provided the KGB with secrets that compromised more than 100 CIA operations in Russia. Mr. Hanssen was caught seven years later. Since Mr. Cherkashin had managed the recruitment of Mr. Ames and helped with that of Mr. Hanssen, his accusation that Mr. Angleton was paranoid for suspecting the possibility of a mole has the
eBay Dumps Passport, Microsoft Calls It Quits
http://www.techweb.com/article/printableArticle.jhtml;jsessionid=IUVVYXUECEG4MQSNDBGCKHSCJUMEKJVN?articleID=56800077site_section=700029 eBay Dumps Passport, Microsoft Calls It Quits By TechWeb News December 30, 2004 (12:51 PM EST) URL: http://www.techweb.com/wire/ebiz/56800077 Another Online auction site eBay announced Wednesday that it will soon drop support for Microsoft's Passport for log-in to the site and discontinuing alerts sent via Microsoft's .Net alerts. Microsoft responded by saying that it will stop marketing Passport to sites outside its own stable. As of late January, eBay will no longer display the Passport button on sign-in pages nor allow users to log in using their Passport accounts. Instead, members must log-in directly through eBay. Likewise, eBay's dumping .Net alerts, which means that eBay customers who want to receive alerts -- for such things as auction closings, outbids, and auction wins -- will have to make other arrangements. The free-of-charge eBay Toolbar, for instance, can be used to set up alerts going to the desktop, while alerts to phones, PDAs, or pagers can be created from the user's My eBay page. eBay was one of the first to jump on the Passport bandwagon in 2001, but is only the latest site to leap off. Job search site Monster.com, for instance, dropped Passport in October. Microsoft has decided to stop marketing its sign-on service to other Web sites, the Los Angeles Times confirmed Thursday. The pull-back, which had been long predicted by various analysts, follows a stormy life for Passport, which among other things, suffered a pair of security breakdowns in the summer of 2003 that could have led to hackers stealing users' IDs. Microsoft also pulled its online directory of sites using Passport -- perhaps because the list would have been depressingly short -- stating in the online notice that We have discontinued our Site Directory, but you'll know when you can use your Passport to make sign-in easier. Just look for the .NET Passport Sign In button! Passport will continue to be the sign-on service for various Microsoft properties, including the Hotmail e-mail service and MSN.com. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: The Pointlessness of the MD5 attacks
Something that is interesting about this issue is that it involves transitive vulnerability. If there are only two actors there is no issue. If Alice is the user and Bob is the software maintainer and Bob is bad, then Alice will be exploited regardless of the hash function. If Alice is the user and Bob the maintainer and Bob is good then Alice will be safe, regardless. However if there is a third actor, Charles, from whom Bob accepts information that he will use in a limited way (for example an image or sound file, a patch to the source code which contains extensive comments and whitespace), then whether the hash function is collision-resistant becomes an issue. If Alice and Bob use a collision-resistant hash function, they can rest assured that any software package matching the hash is the package that Bob intended for Alice to use. If they use a hash function which is not collision-resistant they can't, even if the function is second pre-image resistant. This is interesting to me because the problem doesn't arise with only Alice and Bob nor with only Bob and Charles. It is a problem specific to the transitive nature of the relationship: Alice is vulnerable to Charles's choice of package because she trusts Bob to choose packages and Bob trusts Charles to provide image files. And because they are using a non-collision-resistant hash function. Regards, Zooko - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Where to get a Jefferson Wheel ?
Hi, does anyone know where I can get a Jefferson Wheel or a replica? regards Hadmut - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Korean Online Banks Will Be Liable for 'Hacking' Damages in 2006
--- begin forwarded text Date: Fri, 31 Dec 2004 04:30:34 -0600 (CST) From: InfoSec News [EMAIL PROTECTED] To: isn@attrition.org Subject: [ISN] Online Banks Will Be Liable for 'Hacking' Damages in 2006 Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] http://english.chosun.com/w21data/html/news/200412/200412300030.html Park Jong-se Dec. 30, 2004 Starting from 2006, financial institutions will be held responsible for any damage consumers may suffer at the hands of hackers or from malfunctioning computer systems while engaging in financial transactions on the Internet. The government adopted a financial e-transaction bill during a vice ministerial meeting Thursday. The bill will be discussed at a Cabinet meeting scheduled for Jan. 4 before being submitted to the National Assembly. According to the bill, if consumers incur damages or loss while engaging in e-banking because of an incident caused by a third factor, such as a case of hacking or computer system meltdowns, financial institutions or e-banking service providers will be liable. An exception that grants financial institutions immunity is also included in the bill. If consumers cause a problem deliberately or by their own mistakes, they will be held accountable. The bill states that consumers' identification number, secret code and certified document, all of which are essential prerequisites for e-banking, should be issued only when consumers apply for them and after their identity has been confirmed. It also mandates that transaction records should be kept. _ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/ --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: SSL/TLS passive sniffing
At 22:51 2004-12-22 +0100, Florian Weimer wrote: * John Denker: Florian Weimer wrote: Would you recommend to switch to /dev/urandom (which doesn't block if the entropy estimate for the in-kernel pool reaches 0), and stick to generating new DH parameters for each connection, No, I wouldn't. Not even for the public parameters? Am I understanding correctly? Does SSL/TLS really generate a new P and G for each connection? If so, can someone explain the rationale behind this? It seems insane to me. And not doing so would certainly ease the problem on the entropy pool, not to mention CPU load for primality testing. I must be misunderstanding. Surely. Please? Greg. Greg RoseINTERNET: [EMAIL PROTECTED] Qualcomm Incorporated VOICE: +1-858-651-5733 FAX: +1-858-651-5766 5775 Morehouse Drivehttp://people.qualcomm.com/ggr/ San Diego, CA 92121 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Banks Test ID Device for Online Security
R.A. Hettinga wrote: Okay. So AOL and Banks are *selling* RSA keys??? Could someone explain this to me? No. Really. I'm serious... Cheers, RAH The slashdot article title is really, really misleading. In both cases, this is SecurID. Peter - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: AOL Help : About AOL® PassCode
R.A. Hettinga wrote: http://help.channels.aol.com/article.adp?catId=6sCId=415sSCId=4090articleId=217623 Have questions? Search AOL Help articles and tutorials: . If you no longer want to use AOL PassCode, you must release your screen name from your AOL PassCode so that you will no longer need to enter a six-digit code when you sign on to any AOL service. To release your screen name from your AOL PassCode 1. Sign on to the AOL service with the screen name you want to release from your AOL PassCode. OK. So all I have to do is craft a good reason to get people to reset their PassCode, craft it into a phishing mail and send it out? -- News and views on what matters in finance+crypto: http://financialcryptography.com/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]