Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-08 Thread Ben Laurie
Perry E. Metzger wrote: Have a look, for example, at http://www.americanexpress.com/ which encourages users to type in their credentials, in the clear, into a form that came from lord knows where and sends the information lord knows where. Spoof the site, and who would notice? Every company

Re: AmEx unprotected login site

2005-06-08 Thread Perry E. Metzger
Amir Herzberg [EMAIL PROTECTED] writes: Perry makes a lot of good points, but then gives a wrong example re Amex site (see below). Amex is indeed one of the unprotected login sites (see my `I-NFL Hall of Shame`, http://AmirHerzberg.com/shame.html). However, Amex is one of the few companies

RE: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-08 Thread Ken Buchanan
Steven M. Bellovin wrote: The bigger issue, though, is more subtle: keeping track of the keys is non-trivial. These need to be backed up, too, and kept separate from (but synchronized with) the tapes. Worse yet, they need to be kept secure. That may mean storing the keys with a different

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
Ben Laurie [EMAIL PROTECTED] writes: Perry E. Metzger wrote: Have a look, for example, at http://www.americanexpress.com/ which encourages users to type in their credentials, in the clear, into a form that came from lord knows where and sends the information lord knows where. Spoof the site,

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
james hughes [EMAIL PROTECTED] writes: There are large institution with 1000s of tape drives and 1,000,000 or more cartridges. Even simple solutions are huge to implement. This is a non-trivial matter. The technical solutions are possible, there are vendors out there that are already doing

Re: AmEx unprotected login site (was encrypted tapes, was Re: Papersabout Algorithm hiding ?)

2005-06-08 Thread Ben Laurie
Amir Herzberg wrote: 3. They did not actually spell out the problem in using SSL in the homepage (like eTrade, for instance). But I think I know the reason (they didn't confirm or deny). I think the reason is that they host their site; in particlar, when I tried accessing it via https, I got

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-08 Thread astiglic
Perry wrote: In case you think the answer is regulation, by the way, let me note that most of the regulatory pressure I've seen on security policy results in people finding extremely well documented ways to do exactly what the regulators ask, to no actual effect. This is generally because the

Re: Digital signatures have a big problem with meaning

2005-06-08 Thread Peter Gutmann
Ben Laurie [EMAIL PROTECTED] writes: Anne Lynn Wheeler wrote: Peter Gutmann wrote: That cuts both ways though. Since so many systems *do* screw with data (in insignificant ways, e.g. stripping trailing blanks), anyone who does massage data in such a way that any trivial change will be

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
[EMAIL PROTECTED] writes: One thing that irritates me is that most security audits (that verify compliance with regulations) are done by accountants. No disrespect for accountants here, they are smart people, but most of them lack the security knowledge needed to really help with the

Re: AmEx unprotected login site (was encrypted tapes, was Re: Papersabout Algorithm hiding ?)

2005-06-08 Thread Jerrold Leichter
| Perry makes a lot of good points, but then gives a wrong example re Amex site | (see below). Amex is indeed one of the unprotected login sites (see my `I-NFL | Hall of Shame`, http://AmirHerzberg.com/shame.html). However, Amex is one of | the few companies that actually responded seriously to my

Re: AmEx unprotected login site

2005-06-08 Thread Perry E. Metzger
Jerrold Leichter [EMAIL PROTECTED] writes: If you look at their site now, they *claim* to have fixed it: The login box has a little lock symbol on it. Click on that, and you get a pop-up window discussing the security of the page. It says that although the page itself isn't protected,

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-08 Thread Adam Shostack
On Wed, Jun 08, 2005 at 01:33:45PM -0400, [EMAIL PROTECTED] wrote: | | Ken Buchanan wrote: | There are a number of small companies making products that can encrypt | data in a storage infrastructure, including tape backups (full disclosure: | I work for one of those companies). The solutions

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-08 Thread Dan Kaminsky
2) The cost in question is so small as to be unmeasurable. Yes, because key management is easy or free. Also, reliability of encrypted backups is problematic: CBC modes render a single fault destructive to the entire dataset. Counter mode is sufficiently new that it's not supported by

RE: AmEx unprotected login site

2005-06-08 Thread Lance James
Protected or not, AmericanExpress.com has multiple web vulnerabilities - I wouldn't log into it with a ten-foot pole :) -Lance -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Perry E. Metzger Sent: Wednesday, June 08, 2005 12:16 PM To: Jerrold Leichter

de-identification

2005-06-08 Thread dan
Ladies and Gentlemen, I'd like to come up to speed on the state of the art in de-identification (~=anonymization) of data especially monitoring data (firewall/hids logs, say). A little googling suggests that this is an academic subspeciality as well as a word with many interpretations. If

The encrypt everything problem

2005-06-08 Thread Ian G
On Wednesday 08 June 2005 18:33, [EMAIL PROTECTED] wrote: Ken Buchanan wrote: Another area where I predict vendors will (should) offer built in solutions is with database encryption. Allot of laws require need-to-know based access control, and with DBA's being able to see all entries that is

Re: encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-08 Thread astiglic
| Oracle, for example, provides encryption functions, but the real problem | is the key handling (how to make sure the DBA can't get the key, cannot | call functions that decrypt the data, key not copied with the backup, | etc.). | There are several solutions for the key management, but the

Re: AmEx unprotected login site

2005-06-08 Thread Steven M. Bellovin
In message [EMAIL PROTECTED], Perry E. Metzger writes: Jerrold Leichter [EMAIL PROTECTED] writes: If you look at their site now, they *claim* to have fixed it: The login box has a little lock symbol on it. Click on that, and you get a pop-up window discussing the security of the page. It

Re: AmEx unprotected login site

2005-06-08 Thread Perry E. Metzger
Steven M. Bellovin [EMAIL PROTECTED] writes: They're still doing the wrong thing. Unless the page was transmitted to you securely, you have no way to trust that your username and password are going to them and not to someone who cleverly sent you an altered version of the page. They're doing

Re: AmEx unprotected login site

2005-06-08 Thread Steven M. Bellovin
In message [EMAIL PROTECTED], Perry E. Metzger writes: Steven M. Bellovin [EMAIL PROTECTED] writes: They're still doing the wrong thing. Unless the page was transmitted to you securely, you have no way to trust that your username and password are going to them and not to someone who cleverly sent

encrypted tapes (was Re: Papers about Algorithm hiding ?)

2005-06-08 Thread David Wagner
Ben Laurie writes: Why is it bad for the page to be downloaded clear? What matters is the destination is encrypted, surely? Because the page you downloaded in the clear contains the https: URL in the post method. How do you know that this is the right URL? If you got the page in the clear, you

Re: encrypted tapes

2005-06-08 Thread Perry E. Metzger
Dan Kaminsky [EMAIL PROTECTED] writes: 2) The cost in question is so small as to be unmeasurable. Yes, because key management is easy or free. In this case it is. As I've said, even having all your tapes for six months at a time use the same key is better than putting the tapes in the clear.