[Clips] Sony suspends copy-protection scheme on CDs
--- begin forwarded text Delivered-To: [EMAIL PROTECTED] Date: Fri, 11 Nov 2005 18:13:46 -0500 To: Philodox Clips List [EMAIL PROTECTED] From: R. A. Hettinga [EMAIL PROTECTED] Subject: [Clips] Sony suspends copy-protection scheme on CDs Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] http://www.siliconvalley.com/mld/siliconvalley/business/technology/personal_technology/13143693.htm?template=contentModules/printstory.jsp The San Jose Mercury News Posted on Fri, Nov. 11, 2005? Sony suspends copy-protection scheme on CDs WASHINGTON (AP) - Stung by continuing criticism, the world's second-largest music label, Sony BMG Music Entertainment, promised Friday to temporarily suspend making music CDs with antipiracy technology that can leave computers vulnerable to hackers. Sony defended its right to prevent customers from illegally copying music but said it will halt manufacturing CDs with the ``XCP'' technology as a precautionary measure. ``We also intend to re-examine all aspects of our content protection initiative to be sure that it continues to meet our goals of security and ease of consumer use,'' the company said in a statement. The antipiracy technology, which works only on Windows computers, prevents customers from making more than a few copies of the CD and prevents them from loading the CD's songs onto Apple Computer's popular iPod portable music players. Some other music players, which recognize Microsoft's proprietary music format, would work. Sony's announcement came one day after leading security companies disclosed that hackers were distributing malicious programs over the Internet that exploited the antipiracy technology's ability to avoid detection. Hackers discovered they can effectively render their programs invisible by using names for computer files similar to ones cloaked by the Sony technology. A senior Homeland Security official cautioned entertainment companies against discouraging piracy in ways that also make computers vulnerable. Stewart Baker, assistant secretary for policy at DHS, did not cite Sony by name in his remarks Thursday but described industry efforts to install hidden files on consumers' computers. ``It's very important to remember that it's your intellectual property, it's not your computer,'' Baker said at a trade conference on piracy. ``And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days.'' Sony's program is included on about 20 popular music titles, including releases by Van Zant and The Bad Plus. ``This is a step they should have taken immediately,'' said Mark Russinovich, chief software architect at Winternals Software who discovered the hidden copy-protection technology Oct. 31 and posted his findings on his Web log. He said Sony did not admit any wrongdoing, nor did it promise not to use similar techniques in the future. Security researchers have described Sony's technology as ``spyware,'' saying it is difficult to remove, transmits without warning details about what music is playing, and that Sony's notice to consumers about the technology was inadequate. Sony executives have rejected the description of their technology as spyware. Some leading antivirus companies updated their protective software this week to detect Sony's antipiracy program, disable it and prevent it from reinstalling. After Russinovich criticized Sony, it made available a software patch that removed the technology's ability to avoid detection. It also made more broadly available its instructions on how to remove the software permanently. Customers who remove the software are unable to listen to the music CD on their computer. -- On the Web: Sony's XCP Page: http://cp.sonybmg.com/xcp Russinovich's Blog: www.sysinternals.com/Blog Symantec warning: http://securityresponse.symantec.com/avcenter/venc/data/securityrisk.aries.html Computer Associates warning: http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=76345 -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' ___ Clips mailing list [EMAIL PROTECTED] http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward
Re: Fermat's primality test vs. Miller-Rabin
- Original Message - From: Charlie Kaufman [EMAIL PROTECTED] Subject: FW: Fermat's primality test vs. Miller-Rabin In practice, the probability of randomly choosing a Carmichael number of size 250 bits is vanishingly small. I would say that finding any Carmichael number without deliberately looking for it is vanishingly small. The probability of a single run of Miller-Rabin or Fermat not detecting that a randomly chosen number is composite is almost vanishingly small. I've heard but not confirmed a figure of one failure in 20 million. I've never heard an estimate of the probability that two runs would fail to detect the composite. It couldn't be better than one failure is 20 million squared or worse than one in 80 million. I can confirm that that number of completely wrong. I just implemented a small Java program to test exactly that. Each number was vetted by a single pass of Miller-Rabin (iterations = 1). With 512-bit numbers the first 52 random guesses that pass the first test resulted in 26 numbers that failed to pass 128 iterations. I find it rather odd that this is exactly half, and I also notice that of those that failed they almost all seem to have failed at least half of them. It appears that the minimum estimate of 1/2 probability is necessary, but that 1/4 is more likely. Joe - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: [EMAIL PROTECTED]: Skype security evaluation]
Do you have some articles about these protocols? The authoritative reference for TLS is the TLS RFC (http://www.ietf.org/rfc/rfc2246.txt). The authoritative reference for IPsec is of course the IPsec RFC (http://www.ietf.org/rfc/rfc2401.txt). As to why they wouldn't use these as they stand, synchronized protocols often require finer control over the data block size than these offer, but modification is easy enough, and would certainly have caused fewer concerns than a roll your own. [Marcel] Thanks, and appreciated, but I haven't made myself clear. I meant: is there a page by one of the known names in the field saying something like: if you want to do this, then you should use these protocols? Like Peter said: they should have used TLS or YASSL for the handshake and IPSEC + ESP for the transport. Is there a place where one trying to implement a secure system could go and find out the basic components he needs? With pros and cons, preferably? [Marcel] Maybe this is too much to ask, I don't know. That's pretty much the point :) Thanks, Marcel - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: [Clips] [EMAIL PROTECTED]: [IP] Apple tries to patent 'tamper-resistant software']
R. A. Hettinga wrote: In its application, Apple describes a means of securing code using either a specific hardware address or read-only memory (ROM) serial number. Apple also talks about securing the code while interchanging information among multiple operating systems. Mac OS X, Windows and Linux are called out specifically in the filing. I'd normally suggest finding prior art for this, since its a technique that's been in use for decades, at least, but in this case I'm quite happy to see the whole field become a morass of patents. This invention relates generally to the field of computer data processing and more particularly to techniques for creating tamper- resistant software, Apple says in its patent filing. Specifically, Apple refers to the technique of code obfuscation, in which software makers employ techniques that make it harder for those using debuggers or emulators to figure out how a particular block of code is working. Will they never learn? -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Pseudorandom Number Generator in Ansi X9.17
Terence Joseph wrote: Hi, The Pseudorandom Number Generator specified in Ansi X9.17 used to be one of the best PRNGs available if I am correct. It was? When? I had to replace the OpenSSL PRNG with X9.31 (as has been discussed elsewhere, this is the same PRNG) for the FIPS-140 certification, and in my opinion it was a large step backwards. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[Clips] Feds mull regulation of quantum computers
--- begin forwarded text Delivered-To: [EMAIL PROTECTED] Date: Sat, 12 Nov 2005 12:34:00 -0500 To: Philodox Clips List [EMAIL PROTECTED] From: R. A. Hettinga [EMAIL PROTECTED] Subject: [Clips] Feds mull regulation of quantum computers Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] http://news.com.com/2102-11395_3-5942445.html?tag=st.util.print CNET News Feds mull regulation of quantum computers By Declan McCullagh http://news.com.com/Feds+mull+regulation+of+quantum+computers/2100-11395_3-5942445.html Story last modified Wed Nov 09 14:18:00 PST 2005 WASHINGTON--Quantum computers don't exist outside the laboratory. But the U.S. government appears to be exploring whether it should be illegal to ship them overseas. A federal advisory committee met Wednesday to hear an IBM presentation about just how advanced quantum computers have become--with an eye toward evaluating when the technology might be practical enough to merit government regulation. I like to say we're back in 1947 at the time transistors were invented, David DiVincenzo, an IBM researcher who focuses on quantum computing, told the committee. Only rough prototypes of quantum computers presently exist. But if a large-scale model can be built, in theory it could break codes used to scramble information on the Internet, in banking, and within federal agencies. A certain class of encryption algorithms relies for security on the near-impossibility of factoring large numbers quickly. But quantum computers, at least on paper, can do that calculation millions of times faster than a conventional microprocessor. It's clear there are promising avenues for doing this, DiVincenzo said of quantum computing research. There's lots and lots of work done at the basic research level and a sense of progress in the community. The technology industry has been long bedeviled by federal export regulations, which were born during the Cold War and renewed by executive order. And although the highly regulatory approach of the mid-'90s has been relaxed, the export of high-performance computers is still subject to several rules, as is encryption software. It's not clear what steps the federal government might take next, and no proposals were advanced during the meeting. The charter of the panel, called the Information Systems Technical Advisory Committee, calls for the panel to advise the Commerce Department on export regulations and what technology is presently available. A practical quantum computer may still be far off, but the use of quantum physics already appears in some commercially-available technology. An approach known as quantum cryptography provides encryption that is theoretically impossible to crack--and, at the moment, carries a hefty price tag. The federal advisory committee didn't address quantum cryptography in its open session. A closed session was scheduled for Thursday. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' ___ Clips mailing list [EMAIL PROTECTED] http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: [Clips] Feds mull regulation of quantum computers
WASHINGTON--Quantum computers don't exist outside the laboratory. But the U.S. government appears to be exploring whether it should be illegal to ship them overseas. A federal advisory committee met Wednesday to hear an IBM presentation about just how advanced quantum computers have become--with an eye toward evaluating when the technology might be practical enough to merit government regulation. Suppose that quantum computers work and the NSA has them. What steps can or should they take to try to stop the propagation of this technology? If they come out too openly with restrictions, it sends a signal that there's something there, which could drive more research into the technology by the NSA's adversaries, the opposite of the desired outcome. If they leave things alone then progress may continue towards this technology that the NSA wants to suppress. Something like the present action isn't a bad compromise. Work towards restrictions on technology exports, but in a studiously casual fashion. There's nothing to see here, folks. We're just covering our bases, in the outside chance that something comes out of this way down the road. Meanwhile we'll just go ahead and stop exports of related technologies. But we certainly don't think that quantum computers are practical today, heavens no! CP - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: [EMAIL PROTECTED]: Skype security evaluation]
Marcel Popescu [EMAIL PROTECTED] writes: From: [EMAIL PROTECTED] [mailto:owner- [EMAIL PROTECTED] On Behalf Of Peter Gutmann I can't understand why they didn't just use TLS for the handshake (maybe YASSL) and IPsec sliding-window + ESP for the transport (there's a free minimal implementation of this whose name escapes me for use by people who want to avoid the IKE nightmare). Established, proven protocols and implementations are there for the taking, but instead they had to go out and try and assemble something with their own three hands (sigh). Do you have some articles about these protocols? I can't find anything on your webpage, and a newbie (like myself) can't distinguish between well designed and badly designed protocols. Can you recommend such a collection of well designed protocols for various purposes? With implementation caveats if possible? Well, the above text mentions the recommended protocols. You can get YASSL from http://yassl.com, and the IPsec ESP implementation from http://ringstrom.mine.nu/ipsec_tunnel/ (although it looks like it hasn't been updated for awhile, Freshmeat, http://osx.freshmeat.net/projects/ipsec_tunnel/, seems to have newer info). My article on problems I found in homebrew VPN implementations is at http://www.linux-magazine.com/issue/39. If you want to save yourself the effort of building your own TLS + ESP combination, you can use OpenVPN, http://openvpn.net/ (and if you've ever had to struggle with IPsec, you should also consider OpenVPN - unlike IPsec, you can just point it at your target system and that's it, you don't have to start a new career in network and server reconfiguration :-). (actually To be precise OpenVPN doesn't use the ESP format directly (which is rather IPsec-specific), only the general protocol design: OpenVPN's security model can be summarized as such: Use the IPSec ESP protocol for tunnel packet security, but then drop IKE in favor of SSL/TLS for session authentication. This allows for a lightweight, portable VPN implementation that draws on IPSec's strengths, without introducing the complexity of IKE. Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: FW: Fermat's primality test vs. Miller-Rabin
* Charlie Kaufman: The probability of a single run of Miller-Rabin or Fermat not detecting that a randomly chosen number is composite is almost vanishingly small. How do you chose a random integer, that this, based on which probability distribution? 8-) Anyway, one can show that for some fixed number, the probability that one run of the Miller-Rabin algorithm fails (i.e. reports potentially prime for a composite) does not exceed 1/4. Knuth gives a proof in an exercise in Volume 2 of The Art of Computer Programming, including an example that the 1/4 bound is pretty good. However, this answers a slightly different question. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[Clips] Spies in the Server Closet
If this most recent darknet-as-IP-bogeyman meme persists, Hollywood et al. is probably going to make Tim May famous. *That* should be interesting. :-) Cheers, RAH --- --- begin forwarded text Delivered-To: [EMAIL PROTECTED] Date: Sun, 13 Nov 2005 12:59:42 -0500 To: Philodox Clips List [EMAIL PROTECTED] From: R. A. Hettinga [EMAIL PROTECTED] Subject: [Clips] Spies in the Server Closet Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] http://www.cio.com/archive/110105/tl_filesharing.html?action=print NOVEMBER 1, 2005 | CIO MAGAZINE FILE SHARING Spies in the Server Closet BY MICHAEL JACKMAN The Supreme Court might have stirred up a bigger problem than it settled when it ruled last June that file-sharing networks such as Grokster could be sued if their members pirated copyrighted digital music and video. Since then, some programmers have announced they would pursue so-called darknets. These private, invitation-only networks can be invisible to even state-of-the-art sleuthing. And although they're attractive as a way to get around the entertainment industry's zeal in prosecuting digital piracy, they could also create a new channel for corporate espionage, says Eric Cole, chief scientist for Lockheed Martin Information Technology. Cole defines a darknet as a group of individuals who have a covert, dispersed communication channel. While file-sharing networks such as Grokster and even VPNs use public networks to exchange information, with a darknet, he says, you don't know it's there in the first place. All an employee has to do to set one up is install file-sharing software written for darknets and invite someone on the outside to join, thus creating a private connection that's unlikely to be detected. The Internet is so vast, porous and complex, it's easy to set up underground networks that are almost impossible to find and take down, says Cole. He advises that the best-and perhaps only-defense against darknets is a combination of network security best practices (such as firewalls, intrusion detection systems and intrusion prevention systems) and keeping intellectual property under lock and key. In addition, he says, companies should enact a security policy called least privilege, which means users are given the least amount of access they need to do their jobs. Usually if a darknet is set up it's because an individual has too much access, Cole says. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' ___ Clips mailing list [EMAIL PROTECTED] http://www.philodox.com/mailman/listinfo/clips --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA When I was your age we didn't have Tim May! We had to be paranoid on our own! And we were grateful! --Alan Olsen - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]