Re: [spam]::Re: [Clips] Banks Seek Better Online-Security Tools
In an earlier message, I wrote I would never use online banking, and I advise all my friends and colleagues (particularly those who _aren't_ computer-security-geeks) to avoid it. Jason Axley asked Why do you not use OLB? Basically, so far as I know the fine print in online bank service agreements basically says you (the customer) are responsible for any transactions we receive with your username and pin, and our electronic records are the final word on this. Thus if there is an a false transaction on my account, i.e. one which I did not intend to authorize (whether this happened due to insider fraud in the bank, MITM phishing, virus in my computer, or whatever other cause), the basic legal presumption is that it's my loss, not the bank's. I consider the risks of this too high. What would need to be fixed for you to use OLB in the future? I would want the same ability to refuse an unauthorized transaction that I have now with credit cards, where basically any losses over 50 Euros/dollars are the bank's problem, not mine. What is your threat model (WIYTM)? For online banking, any/all of (a) insider fraud at the bank and/or anyone else to whom they've outsourced relevant processing (b) computer breakin/theft at the bank and/or anyone else to whom they've outsourced relevant processing (c) MITM phishing or DNS hijacking (d) viruses/worms in my computer What risks are present in OLB that are not present in the offline world? (c) and (d) above. Also liability for problems is mine, not the bank's (see above). Also there are few paper records that I can use to help document problems. In the offline world, (a) and (b) are mitigated by paper records (and forms with my written signature) which crooks usually don't bother forging. What about the risks of the offline financial world? If I wire-transfer money from my bank in Germany to my credit union in Canada, my written signature is (supposed to be) required to verify that I did in fact authorize the transaction. If the bank sends my money off to a crook's account (whether by mistake or due to deliberate fraud), the next time I get a statement I'll notice, and I'll ask them what happened. If the bank can't show me a piece of paper with my signature on it, my understanding is that (if I complain enough) I can force them to refund the money to me (so it's then their problem to try to recover it from wherever it went). For example, all of the information that someone needs to put money in, or take it out, of your checking account via ACH is nicely printed in magnetic ink on your checks in the US. And you give it out to anyone when you write them a check. Where I live now (Germany) people don't use cheques, they do bank transfers which the *payer* gives direct to her bank. These (are supposed to) have the written signature of the payer (the account-holder). If someone forges one of these and takes money out of my account, I can refuse the transaction and (I understand) the bank is legally required to refund the money to me (and it's their problem to recover it from whoever got it). When I lived in Canada (where people use cheques in the same way as in the US), my understanding is that (a) Even with the transit/routing numbers, noone is supposed to be able to take money out of an account without prior written permission. A cheque constitutes such permission _for_a_specific_transaction_, but not for any other transaction(s). (b) If someone forges another cheque (eg scans my signature etc), and my bank honors it and takes the money out of my account. then since I didn't actually sign that cheque, legally it's the bank's fault for honoring it, and (if I complain enough) I can force the bank to refund the money to me (so it's then the bank's problem to try to recover it from the crook). This reminded me of how I laughed when I saw an interview with a local security person where he said that he didn't even connect a computer to the Internet at home due to the risk. To me, this seems akin to deciding to not leave your house because you can't be sure someone won't shoot you dead. Well, in certain places that's basically what people do. For example, many foreign people in Bhagdad don't venture out of the green zone. My point is that when substantial amounts of money are involved, IMHO the internet is basically a red zone where I don't feel safe venturing. ciao, -- -- Jonathan Thornburg [EMAIL PROTECTED] Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut), Golm, Germany, Old Europe http://www.aei.mpg.de/~jthorn/home.html Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral. -- quote by Freire / poster by Oxfam - The Cryptography Mailing List Unsubscribe by sending
Live Tracking of Mobile Phones Prompts Court Fights on Privacy
[See the details at EFF: http://www.eff.org/legal/cases/USA_v_PenRegister/ including the three court orders, and EFF's argument to the first court. The real story is that for years prosecutors have been asking magistrates to issue court orders to track cellphones in real time WITHOUT WARRANTS. They're tracking people for whom they can't get warrants because they have no probable cause to believe there's any crime. They're fishing. The public never knew, because it all happens under seal. One judge who had previously issued such orders got an attack of conscience, and surprisingly PUBLISHED a decision against such a secret DoJ request. EFF noticed and offered legal analysis, and that judge and two others started publicly refusing such requests. DoJ won't appeal, because without an appeals court precedent against them, they can keep secretly pulling the wool over the eyes of other magistrates, and keep tapping the locations of ordinary people in realtime without warrants. --gnu] No cookies or login required: http://www.theledger.com/apps/pbcs.dll/article?AID=/20051210/ZNYT01/512100416/1001/BUSINESS Published Saturday, December 10, 2005 Live Tracking of Mobile Phones Prompts Court Fights on Privacy By MATT RICHTEL New York Times Most Americans carry cellphones, but many may not know that government agencies can track their movements through the signals emanating from the handset. In recent years, law enforcement officials have turned to cellular technology as a tool for easily and secretly monitoring the movements of suspects as they occur. But this kind of surveillance - which investigators have been able to conduct with easily obtained court orders - has now come under tougher legal scrutiny. In the last four months, three federal judges have denied prosecutors the right to get cellphone tracking information from wireless companies without first showing probable cause to believe that a crime has been or is being committed. That is the same standard applied to requests for search warrants. The rulings, issued by magistrate judges in New York, Texas and Maryland, underscore the growing debate over privacy rights and government surveillance in the digital age. With mobile phones becoming as prevalent as conventional phones (there are 195 million cellular subscribers in this country), wireless companies are starting to exploit the phones' tracking abilities. For example, companies are marketing services that turn phones into even more precise global positioning devices for driving or allowing parents to track the whereabouts of their children through the handsets. Not surprisingly, law enforcement agencies want to exploit this technology, too - which means more courts are bound to wrestle with what legal standard applies when government agents ask to conduct such surveillance. Cellular operators like Verizon Wireless and Cingular Wireless know, within about 300 yards, the location of their subscribers whenever a phone is turned on. Even if the phone is not in use it is communicating with cellphone tower sites, and the wireless provider keeps track of the phone's position as it travels. The operators have said that they turn over location information when presented with a court order to do so. The recent rulings by the magistrates, who are appointed by a majority of the federal district judges in a given court, do not bind other courts. But they could significantly curtail access to cell location data if other jurisdictions adopt the same reasoning. (The government's requests in the three cases, with their details, were sealed because they involve investigations still under way.) It can have a major negative impact, said Clifford S. Fishman, a former prosecutor in the Manhattan district attorney's office and a professor at the Catholic University of America's law school in Washington. If I'm on an investigation and I need to know where somebody is located who might be committing a crime, or, worse, might have a hostage, real-time knowledge of where this person is could be a matter of life or death. Prosecutors argue that having such information is crucial to finding suspects, corroborating their whereabouts with witness accounts, or helping build a case for a wiretap on the phone - especially now that technology gives criminals greater tools for evading law enforcement. The government has routinely used records of cellphone calls and caller locations to show where a suspect was at a particular time, with access to those records obtainable under a lower legal standard. (Wireless operators keep cellphone location records for varying lengths of time, from several months to years.) But it is unclear how often prosecutors have asked courts for the right to obtain cell-tracking data as a suspect is moving. And the government is not required to report publicly when it makes such requests. Legal experts say that such live tracking has tended to happen in drug-trafficking cases.
Crypto and UI issues
(Hopefully this is sent as ascii, as I had previously set my gmail to send in utf-8 encoding, as I often send email in french as well as english. -djm) On 12/11/05, James A. Donald [EMAIL PROTECTED] wrote: It is not my position that inability to sign means that the chairman of the board is stupid. It is that cryptographic signatures are too @#$%^* hard and need to be made user friendly. First write software that is easy enough for your mother. Then we can work on making it easy enough for the marketing department. And then we can work on making it easy enough for realtors! Seriously, that long ago became my off the cuff usability test: they seem to have a harder time figuring out user interfaces that my 75 year old grandmother, or the marketing folks for that reason. Sales people are actually fairly easy to train on any given UI, so long as you instill the proper fear into them (if you don't do this right, your competitor will steal your customer list, and there go all your commisions). It's harder to get marketing people on board like that, as they don't have the same direct financial levels to attack with pavlovian fear conditioning, and CEO's are really bad, as they are used to having secretaries do everything 'hard' with their communications gear, even in the pre-computer era, and also are accustomed to a coterie of handlers and PR people going around and cleaning up any messes they inadvertently make. But realtors, that's been my personal acid test to see if a UI is truly easy to use. Seriously. And my appologies to Ben Laurie and friends, but why after all these years is the UI interaction in ssh almost exactly the same when accepting a key for the first time as overriding using a different one when it changed on the other end, whether from mitm or just a key/IP/hostname change? Horrible, horrible UI, and I'm not sure what's worse, that or trying to USE pgp (gpg, whatever) from a command line, or getting it integrated into a gui mail client. /ui rant - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: crypto wiki -- good idea, bad idea?
On Mon, 12 Dec 2005, Paul Hoffman wrote: Or should we just stick to wikipedia? Is it doing a satisfactory job? Also check out the Cryptography Reader: http://en.wikipedia.org/wiki/Wikipedia:WikiReader/Cryptography Matt Crypto set up an article (to clean up) of the day replete with a bar graph of how done he thinks it is. As to accuracy, there are several authors I respect who keep many of the crypto articles on their watchlists, so that we notice when people make changes. I'm quite happy with a number of the pages in the reader, enough that I point my students to them and use the figures in my lecture slides. I like the intersecting planes in the secret sharing article particularly: http://en.wikipedia.org/wiki/Secret_sharing of work. I proposed a few weeks ago (in the meta-discussion) to do it, but was concerned that doing so would step on toes and seem invasive. No one has responded to that, not even the people who flagged the article as needing work. An old wikipedia saying is be bold in updating pages: http://en.wikipedia.org/wiki/WP:BBIUP -J - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: another feature RNGs could provide
On Mon, 12 Dec 2005, Travis H. wrote: One thing I haven't seen from a PRNG or HWRNG library or device is an unpredictable sequence which does not repeat; in other words, a [cryptographically strong?] permutation. This could be useful in all Rich Schroeppel tells me his Hasty Pudding cipher can be used to create PRPs (pseudorandom permutations) of arbitrary size. It even has the ability to let you define external functions to help define set membership (for sets which aren't just composed of the natural numbers). http://scholar.google.com/scholar?q=schroeppel+hastyie=UTF-8oe=UTF-8hl=enbtnG=Search -J - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: crypto wiki -- good idea, bad idea?
Travis H wrote: Would a wiki specifically for crypto distribute the burden enough to be useful? Or should we just stick to wikipedia? Is it doing a satisfactory job? The English Wikipedia's crypto coverage is a mixed bag. Out of the 800+ articles, there's a handful of fairly-good entries (e.g. Data Encryption Standard), yet more than a few abysmal entries. It's typically more current than HAC or Applied Cryptography, yet not as comprehensive or consistent in quality. My advice is to think of Wikipedia as collection of draft articles that you can watch being constructed live. I would propose that improving Wikipedia's cryptography articles would be a better bet than starting a new crypto wiki from scratch (or even importing articles from Wikipedia, as they're available under a free license). Wikipedia has a lot of visibility and momentum behind it, and new specialist topic wikis tend to fizzle out quite quickly, in my experience. One example is http://www.infosecpedia.org If anyone's interested in helping out on Wikipedia, people are *very* welcome. There's a Cryptography WikiProject, dedicated to improving crypto articles: http://en.wikipedia.org/wiki/Wikipedia:WikiProject_Cryptography http://en.wikipedia.org/wiki/Wikipedia:Wikiportal/Cryptography Also, Wikipedia is a multilingual project. I believe the German, and more recently the French Wikipedia editions have been quite active in this area. For example, the French Crypto Portal: http://fr.wikipedia.org/wiki/Wikip%C3%A9dia:Portail_Cryptologie -- Matt Wikipedia: http://en.wikipedia.org/wiki/User:Matt_Crypto Blog: http://cipher-text.blogspot.com ___ To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Japan Puts Its Money on E-Cash
On Dec 12, 2005, at 18:14, R. A. Hettinga wrote: But would it work in a place like the United States, where 24 percent of transactions are made on credit? Some Americans, analysts note, are already using a version of e- cash to bypass toll lanes on highways. Don't take that as a sign of consumer acceptance, though. In Illinois, if you won't pre-pay your tolls in $40 increments, you will pay double the rate in cash at the toolbooth. And the electronic system is anything but anonymous. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: [Clips] Hacker attacks in US linked to Chinese military: researchers
On Mon, 12 Dec 2005, R. A. Hettinga wrote: --- begin forwarded text [...] These attacks come from someone with intense discipline. No other organization could do this if they were not a military organization, Paller said in a conference call to announced a new cybersecurity education program. In the attacks, Paller said, the perpetrators were in and out with no keystroke errors and left no fingerprints, and created a backdoor in less than 30 minutes. How can this be done by anyone other than a military organization? Sounds really convincing :-) Of course, only a military can type for 30 minutes without a single keystroke error. (I would rather guess that this was a script.) Left no fingerprints is even more revealing :-) -- Regards, ASK - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: [Clips] Banks Seek Better Online-Security Tools
On Mon, Dec 05, 2005 at 07:29:11PM +0100, Florian Weimer wrote: For those of you who haven't rolled out a national ID scheme in time, there's still the general identity theft problem, but this affects you even if you don't use online banking. Hmm. What's the evidence that national ID schemes reduce credit fraud (what people normally mean when they say ID theft)? How does it vary with the different types of scheme? I've been opposing the UK scheme recently on the grounds of unreliable biometrics and the bad idea of putting everyone's information in a basket from which it can be stolen (in addition to the civil liberties reasons). My solution to the credit fraud problem is simple: raise the burden of proof for negative credit reports and pursuing people for money. Pete -- Peter Clay | Campaign for _ _| .__ | Digital / / | | | Rights! \_ \_| | | http://www.ukcdr.org - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: [Clips] Banks Seek Better Online-Security Tools
Peter Clay wrote: Hmm. What's the evidence that national ID schemes reduce credit fraud (what people normally mean when they say ID theft)? How does it vary with the different types of scheme? I've been opposing the UK scheme recently on the grounds of unreliable biometrics and the bad idea of putting everyone's information in a basket from which it can be stolen (in addition to the civil liberties reasons). My solution to the credit fraud problem is simple: raise the burden of proof for negative credit reports and pursuing people for money. some number of organizations have come up with the term account fraud ... where fraudulent transactions are done against existing accounts ... to differentiate from other forms of identity theft which involves things like using a stolen identity to establish new accounts. account fraud just requires strong authentication applied consistently ... doesn't require identification ... although there are cases where identification is confused and is used as a supstitute for authentication. part of the issue of confusing identification for authentication ... is that it is typically quite a bit more privacy evasive than pure authentication. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]