Re: Death of antivirus software imminent
Alex Alten wrote: Generally any standard encrypted protocols will probably eventually have to support some sort of CALEA capability. For example, using a Verisign ICA certificate to do MITM of SSL, or possibly requiring Ebay to provide some sort of legal access to Skype private keys. And all the criminals will of course obey the law. Why not just require them to set an evil flag on all their packets? If there is a 2nd layer of encryption then this would require initial key exchanges that may be vulnerable to interception or after-the-fact analysis of the decrypted SSL payloads. I guarantee I can make any payload look like any other payload. If the only permitted communications are prayers to Allah, I can encode key exchange in prayers to Allah. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Death of antivirus software imminent
On Fri, 2008-01-18 at 02:31 -0800, Alex Alten wrote: At 07:35 PM 1/18/2008 +1000, James A. Donald wrote: And all the criminals will of course obey the law. Why not just require them to set an evil flag on all their packets? These are trite responses. Of course not. My point is that if the criminals are lazy enough to use a standard security protocol then they can't expect us not to put something in place to decrypt that traffic at will if necessary. I see your point, but I can't help feeling that it's a lot like requiring all houses to be designed and built with a backdoor that the police have a key to, in order to guarantee that the police can come in to investigate crimes. The problem is that the existence of that extra door, and the inability of people to control their own keys to lock it, makes crimes drastically easier to commit. You think police don't use DMV records to harass ex-girlfriends or make life hard for people they don't like? You think Private investigators and other randoms who somehow finesse access to that data all have the best interests of the public at heart? You think the contractor who builds the house will somehow forget where the door is, or will turn over *all* copies of the keys? And stepping away from quasi-legit access used for illegitimate purposes, you think there're no locksmiths whose services the outright criminals can't buy? You think the existence of a backdoor won't inspire criminal efforts to get the key (by reading a binary dump if need be) and go through it? I guarantee I can make any payload look like any other payload. If the only permitted communications are prayers to Allah, I can encode key exchange in prayers to Allah. Look, the criminals have to design their security system with severe disadvantages; they don't own the machines they attack/take over so they can't control its software/hardware contents easily, they can't screw around too much with the IP protocol headers or they lose communications with them, and they don't have physical access to the slave/owned machines. That is a very petty class of criminal. While the aggregate thefts (of computer power, bandwidth, etc) are impressive, they're stealing nothing that isn't a cheap commodity anyway and the threat to lives and real property that would justify the kind of backdoors we're talking about just isn't there. Being subject to botnets and their ilk is more like the additional cost of doing business in bad weather, than it is like being the victim of a planned and premeditated crime with a particular high-value target. Moreover, we know how to weatherproof our systems. Seriously. We know where the vulnerabilities are and we know how to create systems that don't have them. And we don't need to install backdoors or allocate law enforcement budget to do it. More than half the servers on the Internet - the very most desirable machines for botnet operators, because they have huge storage and huge bandwidth - run some form of Unix, and yet, since 1981 and the Morris Worm, you've never heard of a botnet composed of Unix machines! Think about that! They do business in the same bad weather as everyone else, but it costs them very little, because they have ROOFS! I submit that the sole reason Botnet operation even exists is because so many people are continuing to use an operating system and software whose security is known to be inferior. A(nother) backdoor in that system won't help. The criminals whose activities do justify the sort of backdoors you're talking about - the bombers, the kidnappers, the extortionists, even the kiddie porn producers and that ilk - won't be much affected by them, because they *do* take the effort to get hard crypto working in addition to standard protocols, they *do* own their own machines and get to pick and choose what software goes on them, and if they're technically bent they can roll their own protocols. Bear - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Emissions security
http://www.technologynewsdaily.com/node/8965 (for those of you who don't take TEMPEST seriously) --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Death of antivirus software imminent
Alex Alten wrote: Generally any standard encrypted protocols will probably eventually have to support some sort of CALEA capability. For example, using a Verisign ICA certificate to do MITM of SSL, or possibly requiring Ebay to provide some sort of legal access to Skype private keys. I can certainly imagine various countries legislating such backdoors, and other countries quietly installing them (assuming they aren't already there for Skype). And that will certainly help in catching some fraction of unsophisticated crooks. But botnets-for-rent are currently making pretty substantial amounts of money (eg for sending spam, or ddos attacks, or as phishing hosts), and are increasingly using professionally written malware. (http://www.cs.auckland.ac.nz/~pgut001/pubs/malware_biz.pdf) Given the lure of this much easy money, I think it's much more likely that the cleverer bad guys will just wrap an un-backdoored ssh or ssl or ipsec or other good crypto protocol that's already widely available layer inside the backdoored one(s), giving them (continued) full security. For better or worse, I think the bad buys can use strong crypto horse left the barn a long time ago. In a more recent message, Alex Alten wrote: the criminals have to design their security system with severe disadvantages; they don't own the machines they attack/take over so they can't control its software/hardware contents easily I don't see your point -- surely once a machine is recruited into a botnet, the botnet herder can and does load any software s/he wants onto the new recruit. they can't screw around too much with the IP protocol headers or they lose communications with them, and they don't have physical access to the slave/owned machines. In what way has this stopped (or even slowed) the Storm worm, to name one notorious example? -- -- Jonathan Thornburg (remove -animal to reply) [EMAIL PROTECTED] School of Mathematics, U of Southampton, England Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral. -- quote by Freire / poster by Oxfam - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Death of antivirus software imminent
At 07:35 PM 1/18/2008 +1000, James A. Donald wrote: Alex Alten wrote: Generally any standard encrypted protocols will probably eventually have to support some sort of CALEA capability. For example, using a Verisign ICA certificate to do MITM of SSL, or possibly requiring Ebay to provide some sort of legal access to Skype private keys. And all the criminals will of course obey the law. Why not just require them to set an evil flag on all their packets? These are trite responses. Of course not. My point is that if the criminals are lazy enough to use a standard security protocol then they can't expect us not to put something in place to decrypt that traffic at will if necessary. If there is a 2nd layer of encryption then this would require initial key exchanges that may be vulnerable to interception or after-the-fact analysis of the decrypted SSL payloads. I guarantee I can make any payload look like any other payload. If the only permitted communications are prayers to Allah, I can encode key exchange in prayers to Allah. Yeah and you can only communicate with Allah with that type of design. Look, the criminals have to design their security system with severe disadvantages; they don't own the machines they attack/take over so they can't control its software/hardware contents easily, they can't screw around too much with the IP protocol headers or they lose communications with them, and they don't have physical access to the slave/owned machines. And, last I heard, they must obey Kerckhoff's law, despite using prayers to Allah for key exchanges. Given all this, I'm not saying its easy to do, but it should be quite possible to crack open some or all of their encrypted comms and/or trace back to the original source attack machines. - Alex -- Alex Alten [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Death of antivirus software imminent
Alex Alten wrote: [snip] These are trite responses. Of course not. My point is that if the criminals are lazy enough to use a standard security protocol then they can't expect us not to put something in place to decrypt that traffic at will if necessary. [snip] Look, the criminals have to design their security system with severe disadvantages; they don't own the machines they attack/take over so they can't control its software/hardware contents easily, they can't screw around too much with the IP protocol headers or they lose communications with them, and they don't have physical access to the slave/owned machines. And, last I heard, they must obey Kerckhoff's law, despite using prayers to Allah for key exchanges. Given all this, I'm not saying its easy to do, but it should be quite possible to crack open some or all of their encrypted comms and/or trace back to the original source attack machines. However, we do know that criminals are not always lazy. The trite comment often said is that if they used the same level of effort in a legal enterprise they would have done quite well. The other proof that they are not lazy is looking at the evolution of the sophistication of malware like Storm and Nugache. It takes some serious effort to overcome the real handicaps that you point out as well as the ratio of the power and numbers that are hunting to put them out of business to their own numbers. In many ways it is similar to a guerrilla war where many of the advantages are actually held by the tiny band of insurgents, who, greatly outnumbered and out-gunned, can in fact change history. The Swiss know this and train their military based on this. Do not be surprised if the dissidents of all stripes use improvisation based on malware and other tools like onion routing to further their causes and evade suppression. BTW, while I do not think all dissidents are righteous or fighting for righteous causes this does negate the general idea. A hammer is a hammer. Good or evil is independent of the tools, it depends on what one is pounding, nails or heads. Best, Allen - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]