Re: Using crypto against Phishing, Spoofing and Spamming...

2004-07-18 Thread John Levine
. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be,, Mayor A book is a sneeze. - E.B. White, on the writing of Charlotte's Web

Re: $90 for high assurance _versus_ $349 for low assurance

2005-03-15 Thread John Levine
and a $350 cert is: $340. Next question? Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be,, Mayor I shook hands with Senators Dole and Inouye, said Tom, disarmingly

Re: Some companies are just asking for it.

2005-06-23 Thread John Levine
, it's worth running. It needs Powerpoint: Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be,, Mayor I dropped the toothpaste, said Tom

Re: PKI too confusing to prevent phishing, part 28

2005-09-27 Thread John Levine
In article [EMAIL PROTECTED] you write: Summary: some phishes are going to SSL-secured sites that offer up their own self-signed cert. Users see the warning and say I've seen that dialog box before, no problem, and

Re: automatic toll collection, was Japan Puts Its Money on E-Cash

2005-12-14 Thread John Levine
Some Americans, analysts note, are already using a version of e- cash to bypass toll lanes on highways. Don't take that as a sign of consumer acceptance, though. In Illinois, if you won't pre-pay your tolls in $40 increments, you will pay double the rate in cash at the toolbooth. Here in the

Re: automatic toll collection, was Japan Puts Its Money on E-Cash

2005-12-15 Thread John Levine
And, while there is a privacy issue, optical license plate readers are getting good enough that the issue may soon be moot. Seems moot now. The 407 toll road around Toronto has no toll booths at all. If you drive on it frequently, you can get a transponder but otherwise, they take a picture

Re: Get a boarding pass, steal someone's identity

2006-05-07 Thread John Levine,,1766266,00.html The story may be exaggerated but it feels quite real. Certainly I've found similar issues in the past. It sounds real to me, with an airline whose security is slightly but not greatly worse than typical. I buy a lot of online

Re: Get a boarding pass, steal someone's identity

2006-05-09 Thread John Levine
Have you noticed that airline tickets are once again de-facto transferable? If you print your own boarding pass at home, you can digitally change the name on it before you print. Lots of us have noticed that, print one version for the person at security with a name that matches the ID, print

Re: A lack of US cryptanalytic security before Midway?

2006-09-08 Thread John Levine
The conventional wisdom is that the successful US cryptanalytic efforts against Japanese naval codes was a closely-held secret. Has the conventional wisdom forgotten that it was reported in the Chicago Tribune in 1942? See, for example,

Re: signing all outbound email

2006-10-03 Thread John Levine
the list archives linked from and at least argue about something different? Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be,, Mayor More Wiener schnitzel

Re: cellphones as room bugs

2006-12-13 Thread John Levine
8Kbit/second is enough if all you need is to understand what is being said, not recognize the speaker. The processing power to do this is pretty small on today's scale of things.) With decent compression techniques, 8kbps is close to telephone quality, and 2400bps has artifacts but is still

Re: Failure of PKI in messaging

2007-02-15 Thread John Levine
Suppose we have a messaging service that, like Yahoo, is also a single signon service, ... Then you just change the attack model. There are a bunch of sites that do various things with your address book ranging from the toxic Plaxo which slurps it up and sends spam to everyone in it masquerading

Re: Failure of PKI in messaging

2007-02-15 Thread John Levine
If you can persuade everyone to use a single system, it's not hard to make communication adequately secure. ... You are making the Katrina reaction we need someone in charge. ... Oh, not at all. I guess I wasn't clear. To the extent that people use a single system it can be secure, but

Re: DNSSEC to be strangled at birth.

2007-04-05 Thread John Levine
but get people upset, but at most this is a turf battle between two cabinet departments. The war was over seven years ago. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be,, Mayor More Wiener

Re: hoofbeats of zebras, was DNSSEC to be strangled at birth.

2007-04-06 Thread John Levine
or routing or anything else, but the signing key will let them Take Control of this Vital Resource in case of National Emergency. You know, like they did in New Orleans. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be, http

Re: 0wned .gov machines (was Re: Russian cyberwar against Estonia?)

2007-05-20 Thread John Levine
I've heard nothing formal, but my strong understanding is a lot of US government machines, at least if we're talking workstations on non-classified nets, are in fact 0wn3d at this point. Well, here's an anecdote: at last year's CEAS conference, Rob Thomas of Team Cymru gave the keynote on the

Re: 307 digit number factored

2007-05-23 Thread John Levine
somewhere over the yrs the term certification authority was truncated to certificate authority ... along with some impression that certificates are being sold (as opposed to certification processes). When I pay $14.95 for a certificate, with the investigation of my bona fides limited to clicking

Re: remote-attestation is not required (Re: The bank fraud blame game)

2007-07-03 Thread John Levine
I do not believe the mentioned conflict exists. The aim of these calculator-like devices is to make sure that no malware, virus etc can create unauthorized transactions. The user should still be able to debug, and inspect the software in the calculator-like device, or virtual software

Re: unintended consequences?

2007-08-09 Thread John Levine
Does that mean that the new fiber is less tappable? Somehow, I suspect that Corning and the relevant authorities have been in touch to work out any problems. Corning is a politically very well connected company. Amory Houghton, a member of the family that has controlled the company since its

Re: PlayStation 3 predicts next US president

2007-12-14 Thread John Levine
The financial industry has actually created its own system - I forget the name, some like a Gold Bond Certification - that it requires for certain high-importance transactions (e.g., a document asserting you own some stock for which you've lost the certificates). That's a medallion signature

Re: patent of the day

2008-01-23 Thread John Levine
In article [EMAIL PROTECTED] you write: Gee, the inventor is Simson Garfinkel, who's written a bunch of books including Database Nation, published in 2000 by O'Reilly, about all the way the public and private actors are spying on us. I wonder

Re: Fixing SSL (was Re: Dutch Transport Card Broken)

2008-02-06 Thread John Levine
They can't be as anonymous as cash if the party being dealt with can be identified. And the party can be identified if the transaction is online, real-time. Even if other clues are erased, there's still traffic analysis in this case. If I show up at a store and pay cash for something every

Re: House o' Shame: Amtrak

2008-02-21 Thread John Levine Lesson for phishers: If you want your phish to seem more legit, outsource it to Bigfoot Interactive, which seems to lead back to Epsilon Agency Services, who specialise in... well, phishing, but for the good guys. I bet the Russian Business Network could do it for

Re: delegating SSL certificates

2008-03-15 Thread John Levine
Are there any options that don't involve adding a new root CA? Assuming your sites all use subdomains of your company domain, a wildcard cert for *.whatever might do the trick. It's relatively expensive, but you can use the same cert in all your servers. I would think this would be rather

Re: delegating SSL certificates

2008-03-16 Thread John Levine
their browsers, which is always a losing battle, it's easier just to pay the $15 protection money and get a CA signature. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for Dummies, Information Superhighwayman wanna-be,, ex-Mayor More Wiener schnitzel

Re: delegating SSL certificates

2008-03-19 Thread John Levine
| Presumably the value they add is that they keep browsers from popping | up scary warning messages Apple's checks certs on SSL-based mail server connections. It has the good - but also bad - feature that it *always* asks for user approval if it gets a cert it doesn't like. Good

Re: Kaminsky finds DNS exploit

2008-07-09 Thread John Levine
However, we in the security circles don't need to spread the Kaminsky finds meme. Quite right. Paul Vixie mentioned it in 1995, Dan Bernstein started distributing versions of dnscache with randomized port and sequence numbers in 2001. The take-away here is not that Dan didn't discover the

Re: Kaminsky finds DNS exploit

2008-07-14 Thread John Levine
CERT/CC mentions this: | It is important to note that without changes to the DNS protocol, such | as those that the DNS Security Extensions (DNSSEC) introduce, these | mitigations cannot completely prevent cache poisoning. Why wouldn't switching to TCP lookups solve the problem? It's arguably

Re: security questions

2008-08-10 Thread John Levine
from the Trenton P.O. so the allegedly correct answer is Trenton. It's not too hard for me to figure these out, but given the amount of plain wrong info in credit reports, this approach must lead to some pretty frustrating failures. Regards, John Levine, [EMAIL PROTECTED], Primary Perpetrator

Re: road toll transponder hacked

2008-08-26 Thread John Levine
So, I believe, at least for E-Z Pass, the attack would have to include cloning the license plate and pictures may still be available whenever a victim realizes they have been charged for trips they did not take. The 407 toll road in Toronto uses entirely automated toll collection. They

Re: road toll transponder hacked

2008-08-28 Thread John Levine
The relationship to this list may then be thin excepting that the collection and handling of such data remains of substantial interest. Actually, it points to cash settlement of road tolls. That's not unknown. On the Niagara Falls toll bridges, they have an ETC system where you buy your

Re: Bitcoin P2P e-cash paper

2008-11-03 Thread John Levine
As long as honest nodes control the most CPU power on the network, they can generate the longest chain and outpace any attackers. But they don't. Bad guys routinely control zombie farms of 100,000 machines or more. People I know who run a blacklist of spam sending zombies tell me they often

Re: Proof of Work - atmospheric carbon

2009-01-26 Thread John Levine
Can't we just convert actual money in a bank account into bitbux -- cheaply and without a carbon tax? Please? If only. People have been saying for at least a decade that all we have to do to solve the spam problem is to charge a small fee for every message sent. Unfortunately, there's a

Re: What EV certs are good for

2009-01-28 Thread John Levine
I just received a phishing email, allegedly from HSBC: Dear HSBC Member, So did the link have a EV cert? Hardly matters. HSBC has vast numbers of web servers all over the world, some with EV certs, some without. For example, their US customer site for deposit customers at

Re: Proof of Work - atmospheric carbon

2009-01-28 Thread John Levine
(Also, it's not clear that a deterministic POW works well for an application like Bitcoin; it might let the owner of the fastest computer win every POW race, giving him too much power.) Indeed. And don't forget that through the magic of botnets, the bad guys have vastly more compute power

Re: Proof of Work - atmospheric carbon

2009-01-30 Thread John Levine
You know those crackpot ideas that keep showing up in snake oil crypto? Well, e-postage is snake oil antispam. While I think this statement may be true for POW coinage, because for a bot net it grows on trees, for money that traces back to the international monetary exchange system, it may not be

Re: Proof of Work - atmospheric carbon

2009-01-30 Thread John Levine
Richard Clayton and I claim that PoW doesn't work: I bumped into Cynthia Dwork, who originallyinvented PoW, at a CEAS meeting a couple of years ago, and she said she doesn't think it works, either. R's, John

Re: UCE - a simpler approach using just digital signing?

2009-01-30 Thread John Levine
with pointers to the mailing list and other resources. One of our slow moving projects is a taxonomy of anti-spam techniques, both ones that work and ones that don't work. If you'd like to contribute, drop me a note and I'll give you a password so you can edit it. Regards, John Levine, jo

Re: UCE - a simpler approach using just digital signing?

2009-01-31 Thread John Levine
That's basically what I'm using, just without the digital signature part: each person/organisation/website/whatever gets a different email address for communicating with me (qmail makes this easy to implement) I do that too -- I bet half the people on this list do, and there's lots of free and

Re: UCE - a simpler approach using just digital signing?

2009-02-01 Thread John Levine
One idea I have not seen mentioned here (and which I have not yet encountered in RL, but only weird people send me email these days) is for the sending MTA to use pgp to encrypt mail using the recipient's public key, available on one of the key servers near you. I don't understand what problem

Re: Security through kittens, was Solving password problems

2009-02-24 Thread John Levine
of the dongle, you're still subject to MITM attacks. But a dongle with a screen big enough for my 87 year old father to read, and buttons big enough for him to push reliably would be unlikely to fit on his keychain. It's a very hard problem. Regards, John Levine,, Primary Perpetrator

Re: Security through kittens, was Solving password problems

2009-02-25 Thread John Levine
This means a site paying attention to such things could notice a change in IP address, or, if several users were attacked this way, notice repeated connections from the same IP. (Granted the MITM could distribute the queries over a botnet, but it raises the bar somewhat.) I have no idea if sites

Re: CSPRNG algorithms

2009-05-01 Thread John Levine
I have never seen a good catalog of computationally-strong pseudo-random number generators. Chapter 3 of Knuth's TAOCP is all about pseudo-random number generators, starting with a fine example of the wrong way to do it. My copy is several thousand miles away but my recollection is that his main

Re: Seizing the Enigma

2009-08-14 Thread John Levine
Speaking of seizing an Enigma, here's a picture of a handy one rotor version I got at Bletchley Park. The rotor flips over so there's two possible rotors and the determined cryptographer can use multiple rotors by making several passes manually over the data.

Re: Collection of code making and breaking machines

2009-10-20 Thread John Levine
A bit too far for a quick visit (at least for me): Bletchley Park is always worth a visit, with or without a special exhibit, as is the adjacent National Museum of Computing which houses Colossus and a lot more interesting stuff. An

Crypto dongles to secure online transactions

2009-11-08 Thread John Levine
At a meeting a few weeks ago I was talking to a guy from BITS, the e-commerce part of the Financial Services Roundtable, about the way that malware infected PCs break all banks' fancy multi-password logins since no matter how complex the login process, a botted PC can wait until you login, then

Re: Crypto dongles to secure online transactions

2009-11-17 Thread John Levine
So should or should not an embedded system have a remote management interface? In this case, heck, no. The whole point of this thing is that it is NOT remotely programmable to keep malware out. If you have a modest and well-defined spec, it is well within our abilities to produce reliable

Re: Crypto dongles to secure online transactions

2009-11-18 Thread John Levine
In this case, heck, no. The whole point of this thing is that it is NOT remotely programmable to keep malware out. Which is perhaps why it is not a good idea to embed an SSL engine in such a device. Agreed. A display and signing engine would be quite adequate. Such a device does however

Re: Crypto dongles to secure online transactions

2009-11-25 Thread John Levine
we claimed we do something like two orders magnitude reduction in fully-loaded costs by going to no personalization (and other things) ... My concern with that would be that if everyone uses the the same signature scheme and token, the security of the entire industry becomes dependent on the

Re: Five Theses on Security Protocols

2010-07-31 Thread John Levine
Nice theses. I'm looking forward to the other 94. The first one is a nice summary of why DKIM might succeed in e-mail security where S/MIME failed. (Succeed as in, people actually use it.) 2 A third party attestation, e.g. any certificate issued by any modern CA, is worth exactly as much as

Re: Has there been a change in US banking regulations recently?

2010-08-13 Thread John Levine
What on earth happened? Was there a change in banking regulations in the last few months? No, but we know that banks move in herds, and they mostly talk to each other, not anyone with outside expertise. More likely someone noticed that computers are a lot faster than they were a decade ago, you

Re: Fw: [IP] Malware kills 154

2010-08-23 Thread John Levine
Authorities investigating the 2008 crash of Spanair flight 5022 have discovered a central computer system used to monitor technical problems in the aircraft was infected with malware This was very poorly