Re: [Cryptography] Today's XKCD is on password strength.

[Adam Fields]

On Aug 10, 2011, at 10:12 AM, Perry E. Metzger wrote:

> Today's XKCD is on password strength. The advice it gives is pretty
> good in principle...
> 
> http://xkcd.com/936/

You still need a password manager to remember which of the dozens of 
easily-remembered passwords you used, so you might as well just use the 
20-character random generator they all have. Not bad for a stopgap if you're 
caught needing to make one up on the fly though.

___
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Re: Haystack redux

[Adam Fields]

On Wed, Sep 15, 2010 at 03:16:34AM -0700, Jacob Appelbaum wrote:
[...]
> What Steve has written is mostly true - though I was not working alone,
> we did it in an afternoon. It took quite a bit of effort to get Haystack
> to take this seriously. Eventually, there was an internal mutiny because
> of a serious technical disconnect between the author Daniel Colascione
> and the supposed author, Austin Heap. Daniel has been a stand up guy
> about the issues discovered and he really the problem space that the
> tool created.
> 
> Sadly, most of the issues discovered do not have easy fixes - this
> includes even discussing some of the very simple but serious design
> flaws discovered. This has to be the worst disclosure issue that I've
> ever had to ponder - generally, I'm worried about being sued by some
> mega corp for speaking some factual information to their users. In this
> case, I guess the failure mode for being open about details is ... much
> worse for those affected. :-(
> 
> An interesting unintended consequence of the original media storm is
> that no one in the media enjoys being played; it seems that now most of
> the original players are lining up to ask hard questions. It may be too
> little and too late, frankly. I suppose it's better than nothing but it
> sure is a great lesson in popular media journalism failures.

I'm wondering if someone could shed a little light on how this service
acquired any real users in the first place, and whether anyone thinks
that anyone in danger of death-should-the-service-be-compromised is
actually (still) using it.

I find it hard to believe that even the most uninformed dissidents
would be using an untested, unaudited, _beta_, __foreign__ new service
for anything. Is there any reason to believe otherwise? My first guess
would have been that it was a government-sponsored honeypot, and I bet
they're far more suspicious than I am.

--

- Adam
--
If you liked this email, you might also like:
"Here's a little bookmarklet for turning github into rdoc" 
-- http://workstuff.tumblr.com/post/1036575859
"Making Sous Vide Custard" 
-- http://www.aquick.org/blog/2010/09/02/making-sous-vide-custard/
"Sous Vide Custard" 
-- http://www.flickr.com/photos/fields/4951823152/
"fields: Storm Troopers and Red Shirts: http://www.shoeboxblog.com/?p=18747"; 
-- http://twitter.com/fields/statuses/24586133537
--
** I design intricate-yet-elegant processes for user and machine problems.
** Custom development project broken? Contact me, I can help.
** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff

[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Re: GSM eavesdropping

[Adam Fields]

On Mon, Aug 02, 2010 at 04:55:04PM +0100, Adrian Hayter wrote:
> In a related story, hacker Chris Paget created his own cell-phone base 
> station that turned off encryption on all devices connecting to it. The 
> station then routes the calls through VoIP.
> 
> http://www.wired.com/threatlevel/2010/07/intercepting-cell-phone-calls/

Apropos the theses thread, this article contains mention of an
interesting security "feature":

'Although the GSM specifications say that a phone should pop up a
warning when it connects to a station that does not have encryption,
SIM cards disable that setting so that alerts are not displayed'

That would be an example of a bad security tradeoff with the intended
result of not bugging the user about something over which they have
neither control nor recourse, but with the actual result of opening a
significant security hole. The incentives are also all misaligned
here. Presumably the right thing to do is refuse to connect to any
unencrypted towers, but assuming that there are some legitimate ones
out in the wild, the net effect is probably just worse service for the
end user. The user has no way to tell the difference, which is of
course the point of using encryption in the first place.

-- 
- Adam
--
If you liked this email, you might also like:
"Some iPad apps I like" 
-- http://workstuff.tumblr.com/post/680301206
"Sous Vide Black Beans" 
-- http://www.aquick.org/blog/2010/07/28/sous-vide-black-beans/
"Sous Vide Black Beans" 
-- http://www.flickr.com/photos/fields/4838987109/
"fields: Readdle turns 3: Follow @readdle, RT to win an #iPad. $0.99 for any 
ap..." 
-- http://twitter.com/fields/statuses/20072241887
--
** I design intricate-yet-elegant processes for user and machine problems.
** Custom development project broken? Contact me, I can help.
** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff

[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Re: Five Theses on Security Protocols

[Adam Fields]

On Sat, Jul 31, 2010 at 12:32:39PM -0400, Perry E. Metzger wrote:
[...]
> 3 Any security system that demands that users be "educated",
>   i.e. which requires that users make complicated security decisions
>   during the course of routine work, is doomed to fail.
[...]

I would amend this to say "which requires that users make _any_
security decisions".

It's useful to have users confirm their intentions, or notify the user
that a potentially dangerous action is being taken. It is not useful
to ask them to know (or more likely guess, or even more likely ignore)
whether any particular action will be harmful or not.

-- 
- Adam
--
If you liked this email, you might also like:
"Some iPad apps I like" 
-- http://workstuff.tumblr.com/post/680301206
"Sous Vide Black Beans" 
-- http://www.aquick.org/blog/2010/07/28/sous-vide-black-beans/
"Sous Vide Black Beans" 
-- http://www.flickr.com/photos/fields/4838987109/
"fields: Readdle turns 3: Follow @readdle, RT to win an #iPad. $0.99 for any 
ap..." 
-- http://twitter.com/fields/statuses/20072241887
--
** I design intricate-yet-elegant processes for user and machine problems.
** Custom development project broken? Contact me, I can help.
** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff

[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Best practices for storing and using 3rd party passwords?

[Adam Fields]

I'm looking for a best practices guide (for a system architecture) or
case studies for how best to handle storing and using 3rd party
passwords.

Specifically, I'm interested in the case where a program or service
needs to store a password in such a way that it can be used (presented
to another service on behalf of the user), which precludes using a
hash or other obfuscated password. Obviously this is a security risk,
but I'm looking for ways to minimize that risk, and tips on how to
design a system that can use those passwords as it needs to but still
minimize the chances of passwords being compromised.

(I understand that storing passwords is not in itself a great idea,
but in practice it's still required to access some web services where
OAuth or the like is not yet supported.)

Does anyone have a good reference for this?


-- 
- Adam
--
If you liked this email, you might also like:
"HTML5 presentation in HTML5" 
-- http://workstuff.tumblr.com/post/535889471
"Cooking at home is different" 
-- http://www.aquick.org/blog/2009/10/15/cooking-at-home-is-different/
"Brooklyn Botanic Garden" 
-- http://www.flickr.com/photos/fields/4520236537/
"fields: @jacqui Get an ez-pay metrocard and never worry about refilling or 
los..." 
-- http://twitter.com/fields/statuses/12888949847
--
** I design intricate-yet-elegant processes for user and machine problems.
** Custom development project broken? Contact me, I can help.
** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff

[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Re: FileVault on other than home directories on MacOS?

[Adam Fields]

On Mon, Sep 21, 2009 at 04:57:56PM -0400, Steven Bellovin wrote:
> Is there any way to use FileVault on MacOS except on home  
> directories?  I don't much want to use it on my home directory; it  
> doesn't play well with Time Machine (remember that availability is  
> also a security property); besides, different directories of mine have  
> different sensitivity levels.
> 
> I suppose I could install TrueCrypt (other suggestions or comments on  
> TrueVault?), but I prefer to minimize the amount of extra software I  
> have to maintain.

You can just create a regular encrypted disk image using Disk Utility
(and set it to auto-mount using Finder if you want).

- Adam

--
** I design intricate-yet-elegant processes for user and machine problems.
** Custom development project broken? Contact me, I can help.
** Some of what I do: http://workstuff.tumblr.com/post/70505118/aboutworkstuff

[ http://workstuff.tumblr.com ] ... Technology Blog
[ http://www.aquick.org/blog ]  Personal Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.twitter.com/fields ].. Twitter
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Re: Judge orders defendant to decrypt PGP-protected laptop

[Adam Fields]

On Tue, Mar 03, 2009 at 01:20:22PM -0500, Perry E. Metzger wrote:
> Adam Fields  writes:
> > The privacy issues are troubling, of course, but it would seem trivial
> > to bypass this sort of compulsion by having the disk encryption
> > software allow multiple passwords, each of which unlocks a different
> > version of the encrypted partition.
> 
> This sort of thing has been discussed for a long time, but I doubt
> that would work in practice. Law is not like software. Judges operate
> on reasonableness, not on literal interpretation. If it was reasonably
> obvious that you were using software like that and probably not
> cooperating, the judge would just throw you in jail for contempt of
> court anyway.

I don't see how it would be reasonably obvious, especially if lots of
disk encryption packages started offering multiple partitions as a
transparent option. All you'd see is a bunch of random bits on the
disk and a password prompt.

They ask you for the password, you put up a fight, and then ultimately
relent and give it to them when they insist.

> > When compelled to give out your password, you give out the one that
> > unlocks the partition full of kitten and puppy pictures, and who's to
> > say that's not all there is on the drive?
> 
> Well, it should be clear that any such scheme necessarily will produce
> encrypted partitions with less storage capacity than one with only one
> set of cleartext. You can't magically store 2N bytes in an N byte
> drive -- something has to give. It should therefore be reasonably
> obvious from partition sizes that there is something hidden.

I don't see how you could tell the difference between a virtual 40GB
encrypted padded partition and 2 virtual 20GB ones. Many virtual disk
implementations will pre-allocate the space. Is there some reason why
filling the empty space with random garbage wouldn't mask the fact
that there were actually multiple partitions in there? There's no law
that says your empty disk space has to actually be empty. (Yet.)

> In any case, unless you're really very energetic about it, it will be
> obvious from things like access times and other content clues ("gee,
> why is there nothing in the browser cache from the current year?")
> that what is there is not the "real" partition you use day to day.

I think we're talking about a straight data storage partition here. It
doesn't seem to hard to have something touch random files on a regular
basis. Regardless, that seems like a weak complaint - all you have to
do is log into the other partition once a week and use it to browse
cuteoverload or something. 

But, most importantly, you haven't given a good reason not to offer
this as a standard option. Maybe it wouldn't work, but maybe it
would.

--
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://workstuff.tumblr.com ] ... Technology Blog
[ http://www.aquick.org/blog ]  Personal Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.twitter.com/fields ].. Twitter
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Re: Judge orders defendant to decrypt PGP-protected laptop

[Adam Fields]

On Tue, Mar 03, 2009 at 12:26:32PM -0500, Perry E. Metzger wrote:
> 
> Quoting:
> 
>A federal judge has ordered a criminal defendant to decrypt his
>hard drive by typing in his PGP passphrase so prosecutors can view
>the unencrypted files, a ruling that raises serious concerns about
>self-incrimination in an electronic age.
> 
> http://news.cnet.com/8301-13578_3-10172866-38.html

The privacy issues are troubling, of course, but it would seem trivial
to bypass this sort of compulsion by having the disk encryption
software allow multiple passwords, each of which unlocks a different
version of the encrypted partition.

When compelled to give out your password, you give out the one that
unlocks the partition full of kitten and puppy pictures, and who's to
say that's not all there is on the drive?

Is there any disk encryption software for which this is common
practice?

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://workstuff.tumblr.com ] ... Technology Blog
[ http://www.aquick.org/blog ]  Personal Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.twitter.com/fields ].. Twitter
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Re: NSA offering 'billions' for Skype eavesdrop solution

[Adam Fields]

On Fri, Feb 13, 2009 at 11:24:35AM -0500, Steven M. Bellovin wrote:
> Counter Terror Expo: News of a possible viable business model for P2P
> VoIP network Skype emerged today, at the Counter Terror Expo in London.
> An industry source disclosed that America's supersecret National
> Security Agency (NSA) is offering "billions" to any firm which can
> offer reliable eavesdropping on Skype IM and voice traffic.
> 
> 
> 
> http://www.theregister.co.uk/2009/02/12/nsa_offers_billions_for_skype_pwnage/

Of course, this could just be a smokescreen to try to convince people
that they can't already do it.

The voice traffic may be hard to break, but the fact that every client
can download my entire IM history when logging into a new machine kind
of kills the "it's p2p so we can't track it" argument. Those messages
are stored somewhere.

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://workstuff.tumblr.com ] ... Technology Blog
[ http://www.aquick.org/blog ]  Personal Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.twitter.com/fields ].. Twitter
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Re: Voting machine security

[Adam Fields]

On Mon, Aug 18, 2008 at 09:24:33AM -0700, Eric Rescorla wrote:
[...]
> Without directly addressing the question of the quality of Diebold's
> offerings, I actually don't think the criticism implied here is
> entirely fair. If you're going to have voting machines, even precinct
> count optical scanners (and because of the complexity of US elections,
> hand counting is quite expensive), you likely want to machine
> tabulate, and that means an EMS. Though you certainly should make
> serious attempts to keep the EMS from coming in contact with outside
> data (see [HRS+08] for some discussion of how difficult this actually
> is), there is always some chance that there will be some
> contact. Generic AV probably isn't that great at detecting or stopping
> this, but it may well be better than nothing, and it's certainly an
> arguable point.
[...]

This raises the very real question of what exactly went wrong that
caused the AV software to freak out and "lose" votes. Did the vote
data have a virus signature pattern and get quarantined?!?

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder
[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Voting machine security

[Adam Fields]

On Mon, Aug 18, 2008 at 10:16:02AM -0700, Paul Hoffman wrote:
[...]
> Essentially no one would argue that is is "quite expensive". I 
> suspect that nearly everyone in the country would be happy to pay an 
> additional $1/election for more reliable results.

Without seeing all of the expense (and likely inability) of securing
and ensuring the proper count from the machine, people look at the
problem and go "computers are good at counting things fast and people
aren't, so it must therefore be massively cheaper to have a computer
do the count".

If you're >just< talking about summing a few lists, that's true. But
of course, no one who doesn't work for a voting machine company is
just talking about summing a few lists.

The idea that after you factor in everything, it might actually be
cheaper to have people do it after all, is a very difficult one for
many people to even conceptualize. "Progress" demands that computers
do all menial tasks.

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder
[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Exploiting network card firmware

[Adam Fields]

I didn't see Ben forward this himself, but it's definitely relevant to
the discussion of malware hiding in hardware:

"Without needlessly boring everyone with the various steps allow me to
share an interesting observation: drivers often assume the hardware is
misbehaved but never malicious. It is fascinating to discover what can
be done by making the hardware malicious.

[...]

3) from 1 & 2 above, after about two years, I've reached my goal of
   writing a totally transparent firewall bypass engine for those
   firewalls which are PC-based: you simply overwrite the firmware in
   both NICs and then perform PCI-to-PCI transfers between the two
   cards for suitably formatted IP packets (modern NICs have IP
   "offload engines" in hardware and therefore can trigger on incoming
   and outgoing packets). The "Jedi Packet Trick" (sorry, couldn't
   resist) fools, amongst others, CheckPoint FW-1, Linux-based
   Strongwall, etc. This is of course obvious as none of them check
   PCI-to-PCI transfers,

4) I have extended the technique to provide VM escape support: one
   writes packets from a bridged guest into the network which
   initiates the NIC firmware update, updates the firmware and then
   the NIC firmware is used to inject code into the underlying VM
   host. The requirement to write to the network is then dropped as
   all that is required is the pivoting in the NIC firmware.
"

http://www.links.org/?p=330

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder
[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: "Designing and implementing malicious hardware"

[Adam Fields]

On Sat, Apr 26, 2008 at 02:33:11AM -0400, Karsten Nohl wrote:
[...]
> Assuming that hardware backdoors can be build, the interesting question 
> becomes how to defeat against them. Even after a particular triggering 
> string is identified, it is not clear whether software can be used to 
> detect malicious programs. It almost appears as if the processor would 
> need a hardware-based virus-scanner or sorts. This scanner could be 
> simple as it only has to match known signatures, but would need have 
> access to a large number of internal data structures while being 
> developed by a completely separate team of designers.

Wouldn't it be fun to assume that these are already present in all
sorts of devices?

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ]  Founder
[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Interesting bit of a quote

[Adam Fields]

On Tue, Jul 11, 2006 at 01:02:27PM -0400, Leichter, Jerry wrote:
[...]
> Business ultimately depends on trust.  There's some study out there -
> I don't recall a reference - that basically finds that the level of
> trust is directly related to the level of economic success of an
> economy.  There are costs associated with verification, some of them
> easily quantifiable, some of them much harder to pin down.  The
> difficulty is in making the tradeoffs.  We're now pushing way over
> on the verification side, in a natural reaction to a series of major
> frauds and scandals.

Trust is not quite the opposite of security (in the sense of an
action, not as a state of being), but certainly they're mutually
exclusive. If you have trust, you have no need for security.

Personally, given the choice, I'd rather have trust. I think that this
is a distinction that could be made more often when deciding on how to
implement a security system.

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Greek officials were tapped using law enforcement back door

[Adam Fields]

On Thu, Mar 23, 2006 at 09:30:30AM -0500, Perry E. Metzger wrote:
> A while ago, you may recall that members of the Greek government were
> wiretapped, and at the time, I speculated that the bad guys may have
> abused the built in CALEA software in the switch to do it. Well, it
> now appears that that was precisely what happened. Unfortunately, the
> article below is short on detail -- anyone have access to primary
> sources? (I know there are at least a couple of Greek cryptographers
> on this list...)
> 
> http://www.deccanherald.com/deccanherald/mar162006/update71652006316.asp

Schneier posted this a few weeks ago:

http://www.schneier.com/blog/archives/2006/03/more_on_greek_w.html

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.adamfields.com ]

[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

FWD: [IP] Encrypting Bittorrent to take out traffic shapers

[Adam Fields]

This item was posted to the IP list today about some efforts to add
encryption to bittorrent for the sole purpose of disguising the
traffic.

A side note is that they're using known insecure encryption methods as
a cpu tradeoff because it doesn't matter if the traffic is decrypted
eventually, as long as it can't be revealed in realtime. That's
possibly shortsighted, but still interesting.



- Forwarded message from Dave Farber <[EMAIL PROTECTED]> -
 Original Message 
Subject:[Dewayne-Net] Encrypting Bittorrent to take out traffic 
shapers
Date:   Mon, 06 Feb 2006 17:22:21 -0800
From:   Dewayne Hendricks <[EMAIL PROTECTED]>
Reply-To:   [EMAIL PROTECTED]
To: Dewayne-Net Technology List <[EMAIL PROTECTED]>

[Note:  The comments posted to this blog entry are worth reading.  DLH]

Encrypting Bittorrent to take out traffic shapers

Over the past months more Bittorrent users noticed that their ISP is  
killing all Bittorrent traffic . ISP?s like Rogers are using bit- 
shaping applications to throttle the traffic that is generated by  
Bittorrent.

But, at the same time two of the most popular Bittorrent clients are  
working together to implement header and message stream encryption in  
order to take out these traffic shapers.

Currently both Azureus and µTorrent included this new form of  
encryption (specs) in their latest Beta?s. The fact that these two  
clients are actively working together to implement this new feature  
is promising and will make this form of encryption the new standard  
since the users of these two clients cover the majority of all  
Bittorrent users.

There are two ?encryption modes? available.

The 2 different payload encryption methods plaintext transmission and  
RC4 provide a different degree of protocol obfuscation, security and  
speed. Where the plaintext mode only provides basic anti-shaping  
obscurity, no security and low CPU usage the RC4 encryption  
obfuscates the entire stream and not only the header and adds some  
cryptographic security at the price of spent CPU cycles.

[snip]
Weblog at: 


-

Archives at: http://www.interesting-people.org/archives/interesting-people/


- End forwarded message -

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.everylastounce.com ]

[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki
[ http://del.icio.us/fields ] . Links




-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: thoughts on one time pads

[Adam Fields]

On Thu, Jan 26, 2006 at 06:09:52PM -0800, bear wrote:
[...]
> Of course, the obvious application for this OTP material,
> other than text messaging itself, is to use it for key
> distribution.

Perhaps I missed something, but my impression was that the original
post asked about how a CD full of random data could be used as a key
distribution mechanism.

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.everylastounce.com ]

[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki
[ http://del.icio.us/fields ] . Links




-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: A small editorial about recent events.

[Adam Fields]

On Sun, Dec 18, 2005 at 07:55:57PM -0500, Steven M. Bellovin wrote:
[...]
> The Court also noted that "Congress rejected an amendment which would
> have authorized such governmental seizures in cases of emergency."
> Given that the Patriot Act did amend various aspects of the wiretap
> statute, it's hard to understand how the administration's reading is
> justified in any way, shape, or form.

There's some speculation that FISA could not have provided
authorization for the wiretaps, because what they were doing were not
actually directed wiretaps, but instead search-and-discard-negatives.

Josh Marshall has some analysis:

http://www.talkingpointsmemo.com/archives/007286.php
http://www.talkingpointsmemo.com/archives/007290.php

and discussion here:

http://www.tpmcafe.com/story/2005/12/19/20530/546

Here's Rockefeller's handwritten letter to Cheney, in which he says
"As I reflected on the meeting today, and the future we face, John
Poindexter's TIA project sprung to mind".

http://talkingpointsmemo.com/docs/rock-cheney1.html

-- 
- Adam

** Expert Technical Project and Business Management
 System Performance Analysis and Architecture
** [ http://www.everylastounce.com ]

[ http://www.aquick.org/blog ]  Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].Wiki
[ http://del.icio.us/fields ] . Links




-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: NY Times article on biometrics and border control

[Adam Fields]

On Wed, Aug 10, 2005 at 01:24:07PM -0400, Perry E. Metzger wrote:
> 
> 
> Thought this would be of some interest. Unfortunately, the article
> will not be visible after a few days, thanks to the NY Times'
> policies, and can only be viewed if you register. :(
> 
> 
> WASHINGTON | August 10, 2005
> Hurdles for High-Tech Efforts to Track Who Crosses Borders
> By ERIC LIPTON
> The government's effort to collect biometric data to track foreigners
> visiting the U.S. has fallen far short of its goals.
> 
> http://www.nytimes.com/2005/08/10/politics/10biometrics.html

This link will continue to work:

http://www.nytimes.com/2005/08/10/politics/10biometrics.html?ex=1281326400&en=42aa99a66a58b368&ei=5090&partner=rssuserland&emc=rss

(From the NYT link generator: http://nytimes.blogspace.com/genlink )

-- 
- Adam

** I can fix your database problems: http://www.everylastounce.com/mysql.html **

Blog... [ http://www.aquick.org/blog ]
Links.. [ http://del.icio.us/fields ]
Photos. [ http://www.flickr.com/photos/fields ]
Experience. [ http://www.adamfields.com/resume.html ]
Product Reviews: .. [ http://www.buyadam.com/blog ]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: spyware targets bank customers. news at 11.

[Adam Fields]

On Wed, Aug 10, 2005 at 04:11:31PM +0200, Florian Weimer wrote:
> * Perry E. Metzger:
> 
> >"A major identity theft ring has been discovered that affects up to 50
> > banks, according to Sunbelt Software, the security company that says
> > it uncovered the operation. The operation, which is being
> > investigated by the FBI, is gathering personal data from
> > "thousands of machines" using keystroke-logging software, Sunbelt
> > said Monday."
> >
> > http://news.com.com/ID+theft+ring+hits+50+banks%2C+firm+says/2100-7349_3-5823591.html
> 
> I should point out that most players in the field don't rush to the
> press with their findings, in order not to impact a pending law
> enforcement investigation.

They stated on their blog that they only did so because they couldn't
get anyone's attention in law enforcement, and now that the FBI is
involved, they're not saying anything else (and yes, their actions are
being questioned in the comments).

http://sunbeltblog.blogspot.com/2005/08/massive-identity-theft-ring.html
http://sunbeltblog.blogspot.com/2005/08/more-on-identity-theft-ring.html

Except that while I've written the above I've noticed a followup which
has more details and says they're going to have a fix today:

http://sunbeltblog.blogspot.com/2005/08/keylogger-from-hell.html

-- 
- Adam

** I can fix your database problems: http://www.everylastounce.com/mysql.html **

Blog... [ http://www.aquick.org/blog ]
Links.. [ http://del.icio.us/fields ]
Photos. [ http://www.flickr.com/photos/fields ]
Experience. [ http://www.adamfields.com/resume.html ]
Product Reviews: .. [ http://www.buyadam.com/blog ]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: New Credit Card Scam (fwd)

[Adam Fields]

On Mon, Jul 11, 2005 at 09:37:36PM +, Jason Holt wrote:
> I remember the first time a site asked for the number on the back of my 
> credit card.  It was a Walmart or Amazon purchase, and with no warning they 
> redirected me to some site with a questionable domain. I thought for sure 
> my session was being hijacked, and my bank had given me no idea what the 
> number was for or whether it was something I was supposed to give out.

The 3-digit code is stupid. It protects against one thing and one
thing only - someone getting an imprint of the card without copying
down the 3-digit number. But only if you never give it out.

According to at least several credit card companies, it's supposed to
be okay for you to give this code out to vendors when you make a
purchase.

> To me, this is closely related to the discussions we have here about web 
> browser security semantics.  With a very good understanding of the 
> underlying PKI, we can usually sort out "secure" from "suspicious" site 
> behaviors with some discussion, but how is the average user (or even the 
> average engineer) supposed to cope?  Is there a standard or even just a 
> document somewhere that defines best practices for both server and user 
> behavior with respect to SSL web sites and credit card transactions?  Or 
> are we leaving them to forward emails to each other warning them not to 
> give out their 3-digit codes over the phone, and that they had better make 
> sure their Dell doesn't have a DHS keylogger installed...

But it's so much worse than that. Not only is there no standard
behavior, the credit companies themselves have seemingly gone out of
their way to make it impossible for there to be any potential for a
standard.

-- 
- Adam

** I can fix your database problems: http://www.everylastounce.com/mysql.html **

Blog... [ http://www.aquick.org/blog ]
Links.. [ http://del.icio.us/fields ]
Photos. [ http://www.flickr.com/photos/fields ]
Experience. [ http://www.adamfields.com/resume.html ]
Product Reviews: .. [ http://www.buyadam.com/blog ]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Why Blockbuster looks at your ID.

[Adam Fields]

On Fri, Jul 08, 2005 at 12:19:38PM -0400, Perry E. Metzger wrote:
[...]
> Actually, the people who would have to pay the investment -- the banks
> and merchants -- have an excellent incentive. The loss because of
> fraud is stunningly large. The real issue is that *consumers* have
> little incentive to cooperate with such a system, because thanks to
> the regulations, they suffer virtually no losses if their accounts are
> hijacked.

As I understand it, the merchants bear the entire cost of fraud - the
banks bear almost none - and thus the consumers end up paying for it
indirectly through higher prices. The merchants, however, have very
little control over the infrastructure, which is provided by the
banks, who have little incentive to actually control fraud because
they would bear all of the costs of such, and none of the risk is
theirs.

So the assertion is that consumers and banks have little incentive to
cooperate with such a system, but (some of***) the merchants REALLY
WANT it. However, the system is useless if the consumers don't have
it, and the banks have no incentive to give something to consumers
that's better, because it would cost them money and save them money
that they can currently simply charge the merchants for (fraud).

*** The merchants can be divided into two groups - most of them who
have not been bitten by fraud and will continue to try to pay as
little as possible for credit processing services regardless of
the risk because every little bit eats more into their profit, and
those who have been bitten by fraud, understand the risks, and
will go for paying for for a service that frees them from
additional liability.

Consumers, on the other hand, still have limited incentive to
participate. I'd suspect the NewBanks(TM) would simply have to lure
them with lower interest rates, which they'd find hard to do because
it would cut into their profits, making it difficult to pay for all of
the additional infrastructure they'd need to build.

The system is, of course, pretty much worthless if it's not in the
hands of the vast majority of consumers.

As I said, any sea change like this has to either replace the
traditional credit granting/honoring agencies, or take away enough of
their business that they have no choice but to go along with
it. Assuming that they don't use their considerable existing wealth
and influence to simply make the new products illegal from the get go.

--
- Adam

** I can fix your database problems: http://www.everylastounce.com/mysql.html **

Blog... [ http://www.aquick.org/blog ]
Links.. [ http://del.icio.us/fields ]
Photos. [ http://www.aquick.org/photoblog ]
Experience. [ http://www.adamfields.com/resume.html ]
Product Reviews: .. [ http://www.buyadam.com/blog ]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Why Blockbuster looks at your ID.

[Adam Fields]

On Fri, Jul 08, 2005 at 10:42:02AM -0400, Perry E. Metzger wrote:
[...]
> A system in which the credit card was replaced by a small, calculator
> style token with a smartcard style connector could effectively
> eliminate most of the in person and over the net fraud we experience,
> and thus get rid of large costs in the system and get rid of the need
> for every Tom, Dick and Harry to see your drivers license when you
> make a purchase. It would both improve personal privacy and help the
> economy by massively reducing transaction costs.

Haven't we been saying this for years?

The standard argument I hear against it is "the people who would have
to pay for the very large initial investment have no economic
incentive to do so". They obviously don't think they have a long-term
need to do so now, and in the short term, this only replaces fraud
costs (a relatively known entity) with infrastructure costs (a
completely unknown one).

I don't see it happening. This is the same industry that convinced
people it was a good idea to give out their ATM pin number to make
purchases with a debit card... for what exactly?

I think that you made the explicit point of talking about replacing
the credit card infrastructure, when what you really meant was
replacing the credit card companies with others that would make more
rational business decisions in favor of consumer security and privacy.

-- 
- Adam

** I can fix your database problems: http://www.everylastounce.com/mysql.html **

Blog... [ http://www.aquick.org/blog ]
Links.. [ http://del.icio.us/fields ]
Photos. [ http://www.aquick.org/photoblog ]
Experience. [ http://www.adamfields.com/resume.html ]
Product Reviews: .. [ http://www.buyadam.com/blog ]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Citibank discloses private information to improve security

[Adam Fields]

On Sat, May 28, 2005 at 10:47:56AM -0700, James A. Donald wrote:
[..]
> With bank web sites, experience has shown that only 0.3% 
> of users are deterred by an invalid certificate, 
> probably because very few users have any idea what a 
> certificate authority is, what it does, or why they 
> should care.  (And if you have seen the experts debating 
> what a certificate authority is and what it certifies, 
> chances are that those few who think they know are 
> wrong)

Moreover, in my experience (as I've mentioned before on this list),
noticing an invalid certificate is absolutely useless if the banks
won't verify via another channel a) that it changed, b) what the new
value is or c) what the old value is.

I've tried. They won't/can't.

> Do we have any comparable experience on SSH logins? 
> Existing SSH uses tend to be geek oriented, and do not 
> secure stuff that is under heavy attack.  Does anyone 
> have any examples of SSH securing something that was 
> valuable to the user, under attack, and then the key 
> changed without warning?  How then did the users react? 

Every time this has happened to someone I know who uses SSH, it's been
immediate cause for alarm, causing a phone call to the person who
administers the box asking "what the? did you reinstall the OS
again?".

-- 
- Adam

** I can fix your database problems: http://www.everylastounce.com/mysql.html **

Blog... [ http://www.aquick.org/blog ]
Links.. [ http://del.icio.us/fields ]
Photos. [ http://www.aquick.org/photoblog ]
Experience. [ http://www.adamfields.com/resume.html ]
Product Reviews: .. [ http://www.buyadam.com/blog ]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Encryption plugins for gaim

[Adam Fields]

On Tue, Mar 15, 2005 at 02:47:35PM -0500, Ian Goldberg wrote:
> > this is actually a very good solution for
> > me. The only thing I don't like about it is that it stores the private
> > key on your machine. I understand why that is, but it also means that
> > if you switch machines with the same login (home/work), you have to
> > reverify the fingerprint out of band (assuming you care enough to do
> > that in the first place).
> 
> You can also just copy your otr.private_key file around.  See, for
> example, http://chris.milbert.com/AIM_Encryption/

It would be helpful if you could specify the location of the private
key file, so then it could be on a thumb drive or something similar.

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Encryption plugins for gaim

[Adam Fields]

On Tue, Mar 15, 2005 at 12:54:19PM -0600, Peter Saint-Andre wrote:
> Why not help us make Jabber/XMPP more secure, rather than overloading
> AIM? With AIM/MSN/Yahoo your account will always exist at the will of

Unfortunately, I already have a large network of people who use AIM,
and >they< all each have large networks of people who use AIM. Many of
them still use the AIM client. Getting them to switch to gaim is
feasible. Getting them to switch to Jabber is not. However, getting
them to switch to gaim first, and then ultimately Jabber might be an
option. Frankly, the former is more important to me in the short
term.

> AOL, whereas with XMPP you can run your own server etc. Unfortunately

Does "can" == "have to"? From what I remember of trying to run Jabber
a few years ago, it did.

> the original Jabber developers did not build encryption in from the
> beginning and the existing methods have not been implemented widely
> (OpenPGP over Jabber) or are not very Jabberish (RFC 3923), so we need
> to improve what we have. Contributions welcome. See here for pointers:
> 
> http://www.saint-andre.com/blog/2005-03.html#2005-03-15T11:23

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Encryption plugins for gaim

[Adam Fields]

Given what may or may not be recent ToS changes to the AIM service,
I've recently been looking into encryption plugins for gaim. 

Specifically, I note gaim-otr, authored by Ian G, who's on this list.

Ian - would you care to share some insights on this? Is it ready for
prime time or just a proof-of-concept? Any known issues?

Thanks...

-- 
- Adam

** Optimize your Database! http://www.everylastounce.com/mysql.html **

Blog [ http://www.aquick.org/blog ]
Links... [ http://del.icio.us/fields ]
Photos.. [ http://www.aquick.org/photoblog ]
Experience.. [ http://www.adamfields.com/Adam_Fields_Resume.htm ]


-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)

[Adam Fields]

On Thu, Feb 10, 2005 at 06:24:46PM -0500, Steven M. Bellovin wrote:
[...]
> One member of this mailing list, in a private exchange, noted that
> he had asked his bank for their certificate's fingerprint.  My
> response was that I was astonished he found someone who knew what
> he was talking about.
[...]

I wrote on this list, in June 2003, the last time we had this
conversation (regarding a similar plugin called SSLBar):

"Maybe this is a stupid question, but exactly how are you supposed to
use this information to verify a cert? I've done an informal survey of
a few financial institutions whose sites use SSL, and the number of
them that were able to provide me with a fingerprint over the phone
was exactly zero."

Which bank was that person you mention talking to?


-- 
- Adam

-
** My new project --> http://www.visiognomy.com/daily
   **  Flagship blog --> http://www.aquick.org/blog
Hire me: [ http://www.adamfields.com/Adam_Fields_Resume.htm ]
Links:   [ http://del.icio.us/fields ]
Photos:  [ http://www.aquick.org/photoblog ]



-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Passwords can sit on disk for years

[Adam Fields]

Tal Garfinkel (related to Simpson?) is a Stanford PHD student who has
put together a working model for tracking tainted data stored in RAM
in various popular applications.

This is the first mention I've seen of this - interesting stuff.

http://www.newscientist.com/news/news.jsp?id=ns5064

Abstract here:

http://forum.stanford.edu/events/workshop/security/abstract/garfinkel.html


-- 
- Adam

-
http://www.adamfields.com

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Article on passwords in Wired News

[Adam Fields]

On Sat, Jun 05, 2004 at 10:06:20AM +0530, Udhay Shankar N wrote:
> Citibank in India experimented with a special case of this a few years ago 
> - "online credit cards" - basically, a credit card number valid for one use 
> only, which would be ideal for online purchasing.
> 
> IIRC, the offering was withdrawn because there weren't enough takers.

American Express still does this, although it's difficult to find and use.

They call it "Private Payments".

-- 
- Adam

-
http://www.adamfields.com

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Yahoo releases internet standard draft for using DNS as public key server

[Adam Fields]

On Fri, May 28, 2004 at 03:20:52PM -0400, [EMAIL PROTECTED] wrote:
[...]
> How soon will the spammers get into the business of hosting free mailboxes
> for people who actually buy spamvertized products. Much easier to send the
> spam to their own users, let them indicate their preferences, set up
> forwarded notifications, ...

Er, doesn't this describe Gmail?

> What things brings us to is that a major part of the problem are of course
> the people who buy the spamvertized products. So long as there is a new
> sucker born every minute, there will also be someone ready to take
> advantage of same.

Yeah...

I'm curious about who these suckers actually are. I've never heard of
anyone buying any spam crap except journalists researching whether or
not you can actually buy spam crap.

Does >anyone< personally know someone who's bought something from a
spammer, for real?

> Can spam be solved through end-user education? "Do not buy spammed
> products" campaign signs right next to the public health signs against
> smoking? "How to not be this minute's sucker" education in schools? :-)

Put that sign right next to the Snapple machine.

> Is spam really that important a societal ill, if the spammers had better
> parenting, schooling and better career prospects would they still spam or
> litter the sidewalk? Are human societies free of spam and more serious
> ills possible or even desirable (what is the cost of eliminating the
> ills)?
> 
> We get too carried away with spam, as threats to our way of life there are
> far more serious problems...


-- 
- Adam

-
http://www.adamfields.com

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Yahoo releases internet standard draft for using DNS as public key server

[Adam Fields]

On Thu, May 20, 2004 at 10:07:43AM -0400, R. A. Hettinga wrote:
[...]
> yahoo draft internet standard for using DNS as a public key server
> http://www.ietf.org/internet-drafts/draft-delany-domainkeys-base-00.txt

This sounds quite a lot like the ideas outlined in a paper I
co-authored in 1995, proposing the idea of a "trustmaster" for each
domain, keyed to the DNA hierarchy.

http://www.hedge.net/fields/projects/trust/trust.pdf
http://www.hedge.net/fields/projects/trust/trustfig.pdf


-- 
- Adam

-
http://www.adamfields.com

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: voting, KISS, etc.

[Adam Fields]

On Fri, Apr 09, 2004 at 12:46:47PM -0400, Perry E. Metzger wrote:
> I think that those that advocate cryptographic protocols to ensure
> voting security miss the point entirely.
[...]
> I'm a technophile. I've loved technology all my life. I'm also a
> security professional, and I love a good cryptographic
> algorithm. Please keep technology as far away as possible from the
> voting booth -- it will make everyone a lot safer.

Hear, hear!

As the supposed experts, how do we get the idea out of people's heads
that making everything electronic and automated is somehow
intrinsically better, regardless of the actual risks and benefits of
doing so?

-- 
- Adam

-
http://www.adamfields.com

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Speaking of RFIDs [Was: Re: Call for Participation: RFID Privacy and Security Workshop at MIT, November 15th]

[Adam Fields]

On Mon, Sep 01, 2003 at 12:04:55PM -0400, Simson Garfinkel wrote:
>   RFID PRIVACY AND SECURITY
>   -WORKSHOP @ MIT-
>CALL FOR PARTICIPATION

I'd like to develop a consumer application using RFIDs, but I've been
having trouble finding relatively basic information such as what kind
of a radio transceiver is needed to read them. Can the bluetooth
radios that seem to have very little other purpose be used for this?

Any good pointers for where to get started on RFID development, and
more importantly, how to secure such products (other than the
workshop, which I will not be able to attend)?

-- 
    - Adam

-
Adam Fields, Managing Partner, [EMAIL PROTECTED]
Surgam, Inc. is a technology consulting firm with strong background in
delivering scalable and robust enterprise web and IT applications.
http://www.adamfields.com

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: New toy: SSLbar

[Adam Fields]

On Fri, Jun 27, 2003 at 12:56:24AM +1000, Mister Lee wrote:
> Regarding the usefulness of SSLbar itself, its immediate purpose was 
> fingerprint display, as a (theoretically) easy means of checking a cert's 
> validity yourself, rather than relying on a third party signing.  That list 
> of "officially sanctioned CAs" that comes with browsers just keeps getting 
> longer and longer.  I don't know who the hell any of those organizations are, 
> or what their policies are...  Anyway, SSLbar could be made much more useful 
> if I were to have it (somehow) cache fingerprints or certs, and a flag to 
> indicate whether the user has validated them.  Implementing this requires 
> further investigation however, and I've just been pointed at this list and 
> it's archive, so I have some more reading to do :)

Maybe this is a stupid question, but exactly how are you supposed to
use this information to verify a cert? I've done an informal survey of
a few financial institutions whose sites use SSL, and the number of
them that were able to provide me with a fingerprint over the phone
was exactly zero.

-- 
- Adam

-
Adam Fields, Managing Partner, [EMAIL PROTECTED]
Surgam, Inc. is a technology consulting firm with strong background in
delivering scalable and robust enterprise web and IT applications.
http://www.adamfields.com

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]