virtualization as a threat to RNG

2007-03-21 Thread Dan Geer 


Quoting from a discussion of threat posed by software virtualization as 
found in Symantec's ISTR:xi, released today:


The second type of threat that Symantec believes could emerge is 
related to the impact that softwarevirtualized computers may have on 
random number generators that are used inside guest operating systems 
on virtual machines. This speculation is based on some initial work 
done by Symantec Advanced Threat Research in a paper on GS and ASLR in 
Windows Vista. This research showed that the method  used to generate 
the random locations employed in some security technologies would, 
under certain circumstances, differ wildly in a software-virtualized 
instance of the operating system. If this proves to  be true, it could 
have considerable implications for a number of different technologies 
that rely on good randomness, such as unique identifiers, as well as 
the seeds used in encryption.


--dan

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Question on the state of the security industry

2004-07-03 Thread geer 

I shared the gist of the question with a leader
of the Anti-Phishing Working Group, Peter Cassidy.

Specifically, I shared this fragment:

> Here's my question - is anyone in the security
> field of any sort of repute being asked about
> phishing, consulted about solutions, contracted
> to build?  Anything?
>
> Or, are security professionals as a body being
> totally ignored in the first major financial
> attack that belongs totally to the Internet?
>
> What I'm thinking of here is Scott's warning of
> last year:
>
>Subject: Re: Maybe It's Snake Oil All the Way Down
>At 08:32 PM 5/31/03 -0400, Scott wrote:
>...
>>When I drill down on the many pontifications made by computer
>>security and cryptography experts all I find is given wisdom.  Maybe
>>the reason that folks roll their own is because as far as they can see
>>that's what everyone does.  Roll your own then whip out your dick and
>>start swinging around just like the experts.
>
> I think we have that situation.  For the first
> time we are facing a real, difficult security
> problem.  And the security experts have shot
> their wad.


--- Part One

I think the reason that, to date, the security community has
been largely silent on phishing is that this sort of attack was
considered a confidence scheme that was only potent against
dim-wits - and we all know how symathetic the IT
security/cryptography community is to those with less than
powerful intellects. Also, it is true, it was considered a
sub-set of SPAM.

The reliance on broadcast spam as a vehicle for consumer data
recruitment is remaining but the payload is changing and, I
think, in that advance is room for important contributions by
the IT security/cryptography community. In a classic phishing
scenario, the mark gets a bogus e-mail, believes it and
surrenders his consumer data and then gets a big surprise on his
next bank statement. What is emerging is the use of spam to
spread trojans to plant key-loggers to intercept consumer data
or, in the future, to silently mine it from the consumer's PC.
Some of this malware is surprizingly clever. One of the APWG
committeemen has been watching the devleopment of trojans that
arrive as seemingly random blobs of ASCII that decrypt
themselves with a one-time key embedded in the message - they
all go singing straight past anti-virus.

Since phishing, when successful, can return real money the
approaches will become ever more sophisticated, relying far less
on deception and more on subterfuge.

Peter

--- Part Two


You can also tell them that the Anti-Phishing Working Group was
organized in Nov 2003 to investigate, quantify and propose
solutions (drawing from off-the-shelf technologies) to the
phishing threat. It now has 500 members from banks, ISPs,
payment processors, federal law enforcement (US, UK, Canada and
Australia) - some 300 companies and agencies in all. You'd
recognize some of the individuals involved. I am coordinating
the research effort. Among the committee chairs is Phillip
Hallam Baker who is heading up the Solutions Evaluations
subcommittee whose work is being synchronized with the FSTC and
its member banks. Description of the APWG's committee's system
follows:

The Anti-Phishing Working Group (APWG) is an industry
association focused on eliminating the identity theft and fraud
that result from the growing problem of phishing and email
spoofing. The organization provides a forum to discuss phishing
issues, to define the scope of the phishing problem in terms of
hard and soft costs, and to share information and best practices
for eliminating the problem. Where appropriate, the APWG will
also look to share this information with law enforcement.

The research and cross-disciplinary investigations into
phishing, related pre-texting scams and subterfuge schemes to
animate identity thefts and subsequent illicit transactions are
driven by seven sub-committees. Each sub-committee has its own
chairs, writes its own agenda in coordination with the APWG
executive committee and organizes its own research for
presentation to the plenary at meetings and through the APWG
members Web site: https://antiphishing.kavi.com/

Though the lion's share of the APWG is being driven by member
experts and practitioners within the committee system, the APWG
foresees many opportunities for extramural collaborations such
as the Working Group has already initialized with the Financial
Services Technology Consortium (FSTC) and others. As well, where
appropriate, the APWG will be recruiting visiting fellows and
expert practitioners to contribute research if relevant
expertise to complete it cannot be recruited from the ranks of
the APWG membership. To date, the seven standing committees to
have formed are:

- Solution Evaluation and Trial 
- Best Practices 
- Education 
- Future Threat Models and Forensics 
- Phishing Repository, Data Streams and Alerts 
- Sizing and Quantifying the Problem 
- Working with Law Enforcement

Regards

Re: The future of security

2004-05-08 Thread geer 

Would anyone there have any good predictions on how
cryptography is going to unfold in the next few years
or so?  I have my own ideas, but I would love
to see what others see in the crystal ball.


prediction: 

just as in the 1990s the commercial world caught up to
the mil world in uses of crypto, so, too, will it catch
up this decade in traffic analysis

--dan

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: Walton's Mountain notaries

2004-01-04 Thread Dan Geer 

>   Christmas season is ending - and once again I heard the readings
>   about the edict from Caesar that all people return to their home
>   towns to be counted in a census.  Maybe we can take a lesson from
>   that - and have everyone return to people who have known the
>   person, uninterrupted, from birth to the present in order to get
>   anything notarized.  Anyone who couldn't find such people just
>   couldn't get anything notarized, I guess.

Without having done anything whatsoever to assist,
I'm already pretty well documented in two different
online geneaology sites, and going back several
generations with all the extended family I never
met carefully enumerated.  I'd bet you are, too.

BTW, the guy who played the granddaddy on Walton's
Mountain was my third cousin, twice removed.

--dan

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: PKI root signing ceremony, etc.

2003-12-23 Thread Dan Geer 

One approach to securing infrequent signing or working keys from a 
corporate master certificate is to store the certificate in a bank 
safe deposit box. The certificate generation software (say on a self 
booting CD or perhaps an entire laptop) could be stored in the safe 
deposit box as well. The certificate signing would take place at the 
bank, either in one of the small rooms they provide or in a borrowed 
conference room.


Dare I mention the CertCo/Identrus threshold crypto
in this context?  CertCo certainly nailed all the
parts of this, e.g., fragment generation in abstentia.

--dan

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: yahoo to use public key technology for anti-spam

2003-12-07 Thread Dan Geer 

>   So, in capsule: this proposal assumes that you use the same machine for
>   outgoing and incoming e-mail.

I'm actually experimenting with sending mail directly,
per this little hack[1], which does have separate paths
for incoming and outgoing, but does not rely on the local
hotspot/whatever.

--dan

[1] http://www.reitter-it-media.de/software/osxpostfix.html

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: US antispam bill is death to anonymity

2003-11-24 Thread Dan Geer 

The natural consequence of zero-cost ("free") speech 
is to make freedom from speech (privacy) unquenchably
attractive.

If you would preserve anonymity, you must raise the 
costs of those who will not shut up.  We technocrats
have had years to do something and we have not; the
ball is now in other courts.

--dan

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]