Re: Fw: [IP] Malware kills 154

>> "Authorities investigating the 2008 crash of Spanair flight 5022 >> have discovered a central computer system used to monitor technical >> problems in the aircraft was infected with malware" >> >> http://www.msnbc.msn.com/id/38790670/ns/technology_and_science-security/?gt1=43001 This was v

Re: Has there been a change in US banking regulations recently?

>What on earth happened? Was there a change in banking regulations in >the last few months? No, but we know that banks move in herds, and they mostly talk to each other, not anyone with outside expertise. More likely someone noticed that computers are a lot faster than they were a decade ago, yo

Re: Five Theses on Security Protocols

Nice theses. I'm looking forward to the other 94. The first one is a nice summary of why DKIM might succeed in e-mail security where S/MIME failed. (Succeed as in, people actually use it.) >2 A third party attestation, e.g. any certificate issued by any modern > CA, is worth exactly as much as

Re: Crypto dongles to secure online transactions

>we claimed we do something like two orders magnitude reduction in >fully-loaded costs by going to no personalization (and other things) >... My concern with that would be that if everyone uses the the same signature scheme and token, the security of the entire industry becomes dependent on the le

Re: Crypto dongles to secure online transactions

>> In this case, heck, no. The whole point of this thing is that it is >> NOT remotely programmable to keep malware out. > >Which is perhaps why it is not a good idea to embed an SSL engine in such >a device. Agreed. A display and signing engine would be quite adequate. >Such a device does howe

Re: Crypto dongles to secure online transactions

> So should or should not an embedded system have a remote management > interface? In this case, heck, no. The whole point of this thing is that it is NOT remotely programmable to keep malware out. If you have a modest and well-defined spec, it is well within our abilities to produce reliable co

Crypto dongles to secure online transactions

At a meeting a few weeks ago I was talking to a guy from BITS, the e-commerce part of the Financial Services Roundtable, about the way that malware infected PCs break all banks' fancy multi-password logins since no matter how complex the login process, a botted PC can wait until you login, then sen

Re: Collection of code making and breaking machines

>A bit too far for a quick visit (at least for me): >http://news.bbc.co.uk/2/hi/uk_news/england/8241617.stm Bletchley Park is always worth a visit, with or without a special exhibit, as is the adjacent National Museum of Computing which houses Colossus and a lot more interesting stuff. An importa

Re: Seizing the Enigma

Speaking of seizing an Enigma, here's a picture of a handy one rotor version I got at Bletchley Park. The rotor flips over so there's two possible rotors and the determined cryptographer can use multiple rotors by making several passes manually over the data. http://www.taugh.com/enigma.jpeg You

Re: Kahn's "Seizing the Enigma" back in print -- with a catch

>David Kahn's "Seizing the Enigma" is back in print. However, it's >only available from Barnes and Noble -- their publishing arm is doing >the reprint. According to the preface, the new edition corrects >minor errors, but didn't give any details. http://search.barnesandnoble.com/Seizing-the-Enig

Re: CSPRNG algorithms

>I have never seen a good catalog of computationally-strong >pseudo-random number generators. Chapter 3 of Knuth's TAOCP is all about pseudo-random number generators, starting with a fine example of the wrong way to do it. My copy is several thousand miles away but my recollection is that his main

Re: Security through kittens, was Solving password problems

>This means a site paying attention to such things could notice a >change in IP address, or, if several users were attacked this way, >notice repeated connections from the same IP. (Granted the MITM >could distribute the queries over a botnet, but it raises the bar >somewhat.) > >I have no idea if

Re: Security through kittens, was Solving password problems

itself. Unless the screen and the buttons are physically part of the dongle, you're still subject to MITM attacks. But a dongle with a screen big enough for my 87 year old father to read, and buttons big enough for him to push reliably would be unlikely to fit on his keychain. It's a v

Re: UCE - a simpler approach using just digital signing?

>One idea I have not seen mentioned here (and which I have not yet >encountered in RL, but only weird people send me email these days) is >for the sending MTA to use pgp to encrypt mail using the recipient's >public key, available on one of the key servers near you. I don't understand what problem

Re: UCE - a simpler approach using just digital signing?

>That's basically what I'm using, just without the digital signature >part: each person/organisation/website/whatever gets a different email >address for communicating with me (qmail makes this easy to implement) I do that too -- I bet half the people on this list do, and there's lots of free an

Re: UCE - a simpler approach using just digital signing?

ars we'd have started using it. You're all welcome in the ASRG, which has a wiki at http://wiki.asrg.sp.am with pointers to the mailing list and other resources. One of our slow moving projects is a taxonomy of anti-spam techniques, both ones that work and ones that don't work. If

Re: Proof of Work -> atmospheric carbon

>Richard Clayton and I claim that PoW doesn't work: >http://www.cl.cam.ac.uk/~rnc1/proofwork.pdf I bumped into Cynthia Dwork, who originallyinvented PoW, at a CEAS meeting a couple of years ago, and she said she doesn't think it works, either. R's, John --

Re: Proof of Work -> atmospheric carbon

>>You know those crackpot ideas that keep showing up in snake oil crypto? >>Well, e-postage is snake oil antispam. > >While I think this statement may be true for POW coinage, because for a bot >net it "grows on trees", for money that traces back to the international >monetary exchange system, it m

Re: Proof of Work -> atmospheric carbon

>(Also, it's not clear that a deterministic POW works well for an >application like Bitcoin; it might let the owner of the fastest computer >win every POW race, giving him too much power.) Indeed. And don't forget that through the magic of botnets, the bad guys have vastly more compute power avai

Re: What EV certs are good for

>> I just received a phishing email, allegedly from HSBC: >> >>Dear HSBC Member, >So did the link have a EV cert? Hardly matters. HSBC has vast numbers of web servers all over the world, some with EV certs, some without. For example, their US customer site for deposit customers at https://w

Re: Proof of Work -> atmospheric carbon

>Can't we just convert actual money in a bank account into bitbux -- >cheaply and without a carbon tax? Please? If only. People have been saying for at least a decade that all we have to do to solve the spam problem is to charge a small fee for every message sent. Unfortunately, there's a varie

Re: Bitcoin P2P e-cash paper

> As long as honest nodes control the most CPU power on the network, > they can generate the longest chain and outpace any attackers. But they don't. Bad guys routinely control zombie farms of 100,000 machines or more. People I know who run a blacklist of spam sending zombies tell me they often

Re: road toll transponder hacked

>> The relationship to this list may then be thin >> excepting that the collection and handling of >> such data remains of substantial interest. > >Actually, it points to cash settlement of road tolls. That's not unknown. On the Niagara Falls toll bridges, they have an ETC system where you buy yo

Re: road toll transponder hacked

>> > So, I believe, at least for E-Z Pass, the attack would have to include >> > cloning the license plate and pictures may still be available whenever >> > a victim realizes they have been charged for trips they did not take. The 407 toll road in Toronto uses entirely automated toll collection. T

Re: security questions

t's in Lawrenceville, but I guess it gets mail delivered from the Trenton P.O. so the allegedly correct answer is Trenton. It's not too hard for me to figure these out, but given the amount of plain wrong info in credit reports, this approach must lead to some pretty frustrating failures. Regards

Re: Kaminsky finds DNS exploit

>CERT/CC mentions this: > >| It is important to note that without changes to the DNS protocol, such >| as those that the DNS Security Extensions (DNSSEC) introduce, these >| mitigations cannot completely prevent cache poisoning. Why wouldn't switching to TCP lookups solve the problem? It's arguab

Re: Kaminsky finds DNS exploit

>However, we in the security circles don't need to spread the >"Kaminsky finds" meme. Quite right. Paul Vixie mentioned it in 1995, Dan Bernstein started distributing versions of dnscache with randomized port and sequence numbers in 2001. >The take-away here is not that "Dan didn't discover the

Re: the joy of "enhanced" certs

>An object lesson in this just fell in my lap -- I just got my first >email from a spammer that links to a web site that uses such a cert, >certified by a CA I've never heard of ("Starfield Technologies, Inc.") Oh, you've heard of them, just not under that name. It's GoDaddy. The green bar certs

Re: delegating SSL certificates

>| Presumably the value they add is that they keep browsers from popping >| up scary warning messages >Apple's Mail.app checks certs on SSL-based mail server connections. >It has the good - but also bad - feature that it *always* asks for >user approval if it gets a cert it doesn't like. Good

Re: delegating SSL certificates

question to adjust their browsers, which is always a losing battle, it's easier just to pay the $15 protection money and get a CA signature. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.john

Re: delegating SSL certificates

>Are there any options that don't involve adding a new root CA? Assuming your sites all use subdomains of your company domain, a wildcard cert for *.whatever might do the trick. It's relatively expensive, but you can use the same cert in all your servers. >I would think this would be rather comm

Re: House o' Shame: Amtrak

> http://amtrak.bfi0.com/. >Lesson for phishers: If you want your phish to seem more legit, outsource it >to Bigfoot Interactive, which seems to lead back to Epsilon Agency Services, >who specialise in... well, phishing, but for the good guys. I bet the Russian >Business Network could do it

Re: Fixing SSL (was Re: Dutch Transport Card Broken)

>They can't be as "anonymous as cash" if the party being dealt with >can be identified. And the party can be identified if the >transaction is "online, real-time". Even if other clues are erased, >there's still traffic analysis in this case. If I show up at a store and pay cash for something eve

Re: patent of the day

In article <[EMAIL PROTECTED]> you write: > >http://www.google.com/patents?vid=USPAT6993661 Gee, the inventor is Simson Garfinkel, who's written a bunch of books including Database Nation, published in 2000 by O'Reilly, about all the way the public and private actors are spying on us. I wonder wh

Re: PlayStation 3 predicts next US president

>The financial industry has actually created its own system - I forget >the name, some like a Gold Bond Certification - that it requires for >certain "high-importance" transactions (e.g., a document asserting you >own some stock for which you've lost the certificates). That's a medallion signature

Re: Hushmail in U.S. v. Tyler Stumbo

>In practice, the larger danger with email is that the high-profile >threats to email security are on the client side. Right. I haven't used the end to end Java stuff, but I believe that it works. Unfortunately, when you go to sign up, what you get by default is a version that is little more tha

Re: Hushmail in U.S. v. Tyler Stumbo

>I'm sorry, but that's a slur. Hushmail is not a scam. They do a very >good job of explaining what they do, what they cannot do, and against >which threats they protect. Have you looked at Hushmail lately? Before I sent that note, I signed up for an account and sent myself a few messages to b

Re: Hushmail in U.S. v. Tyler Stumbo

>Since email between hushmail accounts is generally PGPed. (That is >the point, right?) Hushmail is actually kind of a scam. In its normal configuration, it's in effect just webmail with an HTTPS connection and a long password. It will generate and verify PGP signatures and encryption for mail

Re: flavors of reptile lubricant, was Another Snake Oil Candidate

I always understood snake oil crypto to refer to products that were of no value to anyone, e.g., products that claim to have secret unbreakable encryption, million bit keys, or "one time pads" produced by PRNGs. What we have here is something else, a product that is reasonable for one kind of thre

Re: unintended consequences?

> Does that mean that the new fiber is less tappable? Somehow, I suspect that Corning and the relevant authorities have been in touch to work out any problems. Corning is a politically very well connected company. Amory Houghton, a member of the family that has controlled the company since its f

Re: remote-attestation is not required (Re: The bank fraud blame game)

>I think you misread what I said about "BIOS jumper required install". > >Ie this is not a one click install from email. It is something one >user in 10,000 would even install at all! If only. If you can e-mail me a cool widget with directions I can follow to install it, a virus can e-mail a mil

Re: remote-attestation is not required (Re: The bank fraud blame game)

>I do not believe the mentioned conflict exists. The aim of these >calculator-like devices is to make sure that no malware, virus etc can >create unauthorized transactions. The user should still be able to >debug, and inspect the software in the calculator-like device, or >virtual software compar

Re: 307 digit number factored

>somewhere over the yrs the term "certification authority" was truncated >to "certificate authority" ... along with some impression that >certificates are being sold (as opposed to certification processes). When I pay $14.95 for a certificate, with the investigation of my bona fides limited to cl

Re: 0wned .gov machines (was Re: Russian cyberwar against Estonia?)

>I've heard nothing formal, but my strong understanding is a lot of US >government machines, at least if we're talking workstations on >non-classified nets, are in fact "0wn3d" at this point. Well, here's an anecdote: at last year's CEAS conference, Rob Thomas of Team Cymru gave the keynote on the

Re: hoofbeats of zebras, was DNSSEC to be strangled at birth.

27;t understand zones or delegation or the root servers or routing or anything else, but the signing key will let them Take Control of this Vital Resource in case of National Emergency. You know, like they did in New Orleans. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "T

Re: DNSSEC to be strangled at birth.

out a press release that can accomplish nothing but get people upset, but at most this is a turf battle between two cabinet departments. The war was over seven years ago. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhig

Re: Failure of PKI in messaging

> >> Suppose we have a messaging service that, like Yahoo, > >> is also a single signon service, ... > > John Levine wrote: > > Then you just change the attack model. >My proposal closes off the major attack path, and leaves the trojan >and virus attack pat

Re: Failure of PKI in messaging

> > If you can persuade everyone to use a single system, > > it's not hard to make communication adequately secure. > ... >You are making the Katrina reaction "we need someone in >charge". ... Oh, not at all. I guess I wasn't clear. To the extent that people use a single system it can be secure,

Re: Failure of PKI in messaging

>Suppose we have a messaging service that, like Yahoo, is >also a single signon service, ... Then you just change the attack model. There are a bunch of sites that do various things with your address book ranging from the toxic Plaxo which slurps it up and sends spam to everyone in it masqueradin

Re: Failure of PKI in messaging

>Banks [use] a web interface, after the user logs in to their account. >So, what's missing in the email PKI model is two-sidedness. >Fairness. Not really. What's missing is, if you'll pardon the phrase, a central point of failure. If you can persuade everyone to use a single system, it's not ha

Re: cellphones as room bugs

>8Kbit/second is enough if all you need is to understand what is being >said, not recognize the speaker. The processing power to do this is >pretty small on today's scale of things.) With decent compression techniques, 8kbps is close to telephone quality, and 2400bps has artifacts but is still qu

Re: signing all outbound email

me old arguments yet again, how about reading the list archives linked from http://www.mipassoc.org/dkim/ietf-dkim.htm and at least argue about something different? Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be

Re: A lack of US cryptanalytic security before Midway?

>The conventional wisdom is that the successful US cryptanalytic efforts >against Japanese naval codes was a closely-held secret. Has the conventional wisdom forgotten that it was reported in the Chicago Tribune in 1942? See, for example, http://www.newseum.org/warstories/essay/secrecy.htm Fortu

Re: Get a boarding pass, steal someone's identity

>Have you noticed that airline tickets are once again de-facto >transferable? If you print your own boarding pass at home, you can >digitally change the name on it before you print. Lots of us have noticed that, print one version for the person at security with a name that matches the ID, pri

Re: Get a boarding pass, steal someone's identity

> http://www.guardian.co.uk/idcards/story/0,,1766266,00.html > >The story may be exaggerated but it feels quite real. Certainly I've >found similar issues in the past. It sounds real to me, with an airline whose security is slightly but not greatly worse than typical. I buy a lot of online tic

Re: automatic toll collection, was Japan Puts Its Money on E-Cash

> And, while there is a privacy issue, optical license plate readers > are getting good enough that the issue may soon be moot. Seems moot now. The 407 toll road around Toronto has no toll booths at all. If you drive on it frequently, you can get a transponder but otherwise, they take a picture

Re: automatic toll collection, was Japan Puts Its Money on E-Cash

>> Some Americans, analysts note, are already using a version of e- >> cash to bypass toll lanes on highways. >Don't take that as a sign of consumer acceptance, though. In >Illinois, if you won't pre-pay your tolls in $40 increments, you will >pay double the rate in cash at the toolbooth. Here i

Re: 'Virtual Card' Offers Online Security Blanket

>Offered to holders of Citi, Discover and MBNA cards, these "virtual >credit cards," or single-use card numbers, are designed to give some >peace of mind to consumers concerned about credit card fraud. I've been using MBNA's Shopsafe virtual cards for years. They're issued by a small flash applic

Re: PKI too confusing to prevent phishing, part 28

In article <[EMAIL PROTECTED]> you write: > > >Summary: some phishes are going to SSL-secured sites that offer up >their own self-signed cert. Users see the warning and say "I've seen >that dialog box before, no problem",

Re: Why Blockbuster looks at your ID.

>| Not having to show ID may save annoyance, but it doesn't significantly >| improve privacy. > >Most credit card issuers will happily give you extra cards, so your >friends can spend your money. In whatever name you want. If you need >to show ID, this can become, umm, complicated. I dunno about

Re: Why Blockbuster looks at your ID.

>Why does the clerk at Blockbuster want to see your driver's license? >Because his management has been told, by their bank, that if they do >not attempt to verify the identity of credit card users they will >risk their business relationship with the bank. It's been my impression that the way you'r

Re: Some companies are just asking for it.

to the voiceover, but if you have a fast web connection, it's worth running. It needs Powerpoint: http://www.radixlabs.com/idtheft/aaron-emigh-education.pps Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be

Re: $90 for high assurance _versus_ $349 for low assurance

ot; But it seems to me a reasonable approach to more credible online identity for often-faked targets. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor "More Wiener s

Re: $90 for high assurance _versus_ $349 for low assurance

usiness to see if anything is there. So the short answer to what's the difference between a ten dollar cert and a $350 cert is: $340. Next question? Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman

Re: Using crypto against Phishing, Spoofing and Spamming...

s than millions. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor "A book is a sneeze." - E.B. White, on the