Re: AOL Help : About AOL® PassCode

2005-01-04 Thread Ian G
R.A. Hettinga wrote:
http://help.channels.aol.com/article.adp?catId=6sCId=415sSCId=4090articleId=217623
Have questions? Search AOL Help articles and tutorials:
.
If you no longer want to use AOL PassCode, you must release your screen
name from your AOL PassCode so that you will no longer need to enter a
six-digit code when you sign on to any AOL service.
To release your screen name from your AOL PassCode
1.  Sign on to the AOL service with the screen name you want to 
release from your AOL PassCode.
OK.  So all I have to do is craft a good reason to
get people to reset their PassCode, craft it into
a phishing mail and send it out?
--
News and views on what matters in finance+crypto:
   http://financialcryptography.com/


Re: AOL Help : About AOL® PassCode

2005-01-06 Thread Ian G
Joerg Schneider wrote:
So, PassCode and similar forms of authentication help against the 
current crop of phishing attacks, but that is likely to change if 
PassCode gets used more widely and/or protects something of interest 
to phishers.

Actually I have been waiting for phishing with MITM to appear for some 
time (I haven't any yet ...

By this you mean a dynamic, immediate MITM where
the attacker proxies through to the website in real
time?
Just as a point of terms clarification, I would say that
if the attacker collects all the information by using
a copy of the site, and then logs in later at leisure
to the real site, that's an MITM.
(If he were to use that information elsewhere, so for
example creating a new credit arrangement at another
bank, then that technically wouldn't be an MITM.)
Perhaps we need a name for this:  real time MITM
versus delayed time MITM?  Batch time MITM?

Assuming that MITM phishing will begin to show up and agreeing that 
PassCode over SSL is not the solution - what can be done to counter 
those attacks?

The user+client has to authenticate the server.  Everything
that I've seen over the last two years seems to fall into
that one bucket.
Mutual authentication + establishment of a secure channel should do 
the trick. SSL with client authentication comes to my mind...

Maybe.  But that only addresses the MITM, not the
theft of user information.
--
News and views on what matters in finance+crypto:
   http://financialcryptography.com/


Re: Dell to Add Security Chip to PCs

2005-02-03 Thread Ian G
Erwann ABALEA wrote:
On Wed, 2 Feb 2005, Trei, Peter wrote:
 

Seeing as it comes out of the TCG, this is almost certainly
the enabling hardware for Palladium/NGSCB. Its a part of
your computer which you may not have full control over.
   

Please stop relaying FUD. You have full control over your PC, even if this
one is equiped with a TCPA chip. See the TCPA chip as a hardware security
module integrated into your PC. An API exists to use it, and one if the
functions of this API is 'take ownership', which has the effect of
erasing it and regenerating new internal keys.
 

So .. the way this works is that Dell  Microsoft
ship you a computer with lots of nice multimedia
stuff on it.  You take control of your chip by erasing
it and regenerating keys, and then the multimedia
software that you paid for no longer works?
I'm just curious on this point.  I haven't seen much
to indicate that Microsoft and others are ready
for a nymous, tradeable software assets world.
iang
--
News and views on what matters in finance+crypto:
   http://financialcryptography.com/


Re: Dell to Add Security Chip to PCs

2005-02-04 Thread Ian G
Ed Reed wrote:
I'm just curious on this point.  I haven't seen much
to indicate that Microsoft and others are ready
for a nymous, tradeable software assets world.
   

No, and neither are corporate customers, to a large extent.
 

Right, so my point (I think) was that without some
indication that those people are ready for a nymous,
tradeable assets world, the notion of a trusted
computing base is limited to working for the
Microsofts off the world as the owners of the
content, not to users as the owners of assets.
Accountability is, in fact, a treasured property of business computing.
Lack of accountability creates things like Enron, Anderson Consulting,
Oil-for-Food scams, and the missing 9 billion dollars or so of
reconstruction aid.  It's the fuel that propells SPAM, graft, and
identity theft.
What I've not seen is much work providing accountability for anonymous
transactions.
 

I am having trouble with tying in accountability
with the above examples.  That doesn't sound like
an accountability issue in the technical sense,
that sounds like a theft problem.  In this sense,
I see two different uses of the word, and they don't
have much of a linkage.
Nymous systems are generally far more accountable
in the technical sense, simply because they give you
the tools to be absolutely sure about your statements.
A nymous account has a an audit trail that can be
traced as far as you have access to the information,
and because the audit trail is cryptographically
secured (by usage of hash and digsigs) a complete
picture can be built up.
This stands in contraposition to systems based on
blinding formulas.  That sort of issued money is
intended to be untraceable and is thus less easily
used to 'account' for everything.  Having said that,
there's no reason why a given transaction can't be
set and stabilised in stone with a digital receipt,
which then can form part of an accounting trail.
But regardless of which system is used (nymous,
blinded or POBA - plain old bank account) the
money can be stolen, statements can be hidden
and fudged, and purposes can be misrepresented,
just like any others...  If there was a reason why
these big companies didn't get into such digital
assets, I'd say it was because they hadn't
succeeded in a form that was 'feel good' enough,
as yet for them.
In which case, I'd say that they would consider
'accountability' to mean 'my accountant won't
think it strange.'
iang
--
News and views on what matters in finance+crypto:
   http://financialcryptography.com/


Re: Identity thieves can lurk at Wi-Fi spots

2005-02-08 Thread Ian G
R.A. Hettinga wrote:
http://www.usatoday.com/tech/news/2005-02-06-evil-twin-usat_x.htm
The facility uses software and sensors to monitor 480 wireless devices used
by medical personnel at 110 access points. Last month, it stopped about 120
attempts to steal financial information from medical personnel and patients
- double the number of incidents from a few months earlier.
The recent surge in evil-twin attacks parallels phishing scams ...
Has anyone seen any case details on any of these
attacks?  The few articles I read all seemed to start
out saying it was happening, and then ended with
limp descriptions of how it *could* happen.  That is,
more FUD.
The above though seems to be a claim that it has
happened.  Now, what exactly did happen?  Was it
a hack attack?  An eavesdropping attack?  An MITM?
Was there indeed even an attack, or was it just the
software indicating a couple of funny connects?
Last year, those 2 kids were caught doing the wireless
thing in front of the hardware store - but again, what
they did was to hack (well, walk) into the systems and
install a program.
iang, still on the trail of the elusive MITM...
--
News and views on what matters in finance+crypto:
   http://financialcryptography.com/


Re: How to Stop Junk E-Mail: Charge for the Stamp

2005-02-17 Thread Ian G
Peter Gutmann wrote:
Barry Shein [EMAIL PROTECTED] writes:
 

Eventually email will just collapse (as it's doing) and the RBOCs et al will
inherit it and we'll all be paying 15c per message like their SMS services.
   

And the spammers will be using everyone else's PC's to send out their spam, 
so
the spam problem will still be as bad as ever but now Joe Sixpack will be
paying to send it.
Hmmm, and maybe *that* will finally motivate software companies, end users,
ISPs, etc etc, to fix up software, systems, and usage habits to prevent this.
 

My view - as controversial as ever - is that the problem
is unfixable, and mail will eventually fade away.  That
which will take its place is p2p / IM / chat / SMS based.
In that world, it is still reasonable to build ones own IM
system for the needs of ones own community, and not
to have to worry about standards.  Which means one can
build in the defences that are needed, when they are
needed.
Chat is already higher volume (I read somewhere) in
raw quantity of messages sent than email.
A fate for email is that as spam grows to take over more
of the share of the shrinking pie, but consumes more of
the bandwidth, the ISPs will start to charge people for
email, and not for IM.  Those left paying for it are going
to discover it is cheaper to ditch it and let the spammers
fight over the shreds.  That's just one plausible future,
tho.
iang
--
News and views on what matters in finance+crypto:
   http://financialcryptography.com/


Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread Ian G

cyphrpunk wrote:

If this is the model, my concern is that in practice it will often be
the case that there will be few intermediate exchanges. Particularly
in the early stages of the system, there won't be that much to buy.
Someone may accept epoints for payment but the first thing he will do
is convert them to real money. A typical transaction will start with
someone buying epoints from the issuer using some identified payment
system, spending them online, and then the recipient redeems them
using an identified payment system. The issuer sees exactly who spent,
how much they spent and where they spent it. The result is that in
practice the system has no anonymity whatsoever. It is just another
way of transferring value online.



That's a merchant business model.  Typically, that's
not how payment systems emerge.  Mostly, they emerge
by a p2p model, and then migrate to a merchant model
over time.  How they start is generally a varied question,
and somewhat a part of the inspiration of the Issuer.

According to the Issuer's design, he may try and force
that migration faster or slower.  In a more forced
system, there is typically only one or a few exchange
points and that is probably the Issuer himself.  If
the Issuer also pushes a merchant design, and a
triangular flow evolves, the tracing of transactions
is relatively easy regardless of the system because
time and amount give it away.  But, typically, if the
Issuer has designs on merchant business, he generally
doesn't care about the hyphed non-tracking capabilities
of the software, and also prefer the tracking to be
easy for support and segmentation purposes.

A game that Issuers often play is to pretend or market
a system as privacy protecting, but if their intention
is the merchant model then that game stops when the
numbers get serious.  (I gather they discuss that in
the Paypal book if you want a written example.)

Either way, it is kind of tough to criticise a software
system for that.  It's the Issuer and the market that
sets the tune there;  not the software system.  The
ideal software system allows the Issuer to decide
these paramaters, but it is also kind of tough to
provide all such paramaters in a big dial, and keep
the system small and tight.  (I suppose on this note,
this is a big difference between Daniel's system and
mine.  His is small and tight and he talks about being
able to audit the 5 page long central server ... mine
is relatively large and complex, but it can do bearer
and it can do fully traceable, as well as be passably
extended to imitate of his design.)  Meanwhile, the
Issuers who want to provide privacy with a bog
standard double entry online accounts system still
have a better record of doing that than any other
Issuers that might have boasted mathematical blah
blah, they just run theirs privately.  e.g., your
average Swiss bank.

iang



Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-26 Thread Ian G

John Kelsey wrote:

From: cyphrpunk [EMAIL PROTECTED]
Digital wallets will require real security in user PCs. Still I don't
see why we don't already have this problem with online banking and
similar financial services. Couldn't a virus today steal people's
passwords and command their banks to transfer funds, just as easily
as the fraud described above? To the extent that this is not
happening, the threat against ecash may not happen either.



Well, one difference is that those transactions can often be undone,
if imperfectly at times.  The whole set of transactions is logged in
many different places, and if there's an attack, there's some
reasonable hope of getting the money back.  And that said, there have
been reports of spyware stealing passwords for online banking systems,
and of course, there are tons of phishing and pharming schemes to get
the account passwords in a more straightforward way.


Right, the Microsoft operating system as host for virus
/ malware attack for stealing bank and payment systems
value has been going on for a couple of years or so
in a serious (industrial) way.


The payment system operators will surely be sued for this, because
they're the only ones who will be reachable.  They will go broke, and
the users will be out their money, and nobody will be silly enough to
make their mistake again.




They might be sued but they won't necessarily go broke. It depends on
how deep the pockets are suing them compared to their own, and most
especially it depends on whether they win or lose the lawsuit. 



I don't think so.  Suppose there's a widespread attack that steals
money from tens of thousands of users of this payment technology.


That sounds like a version of phishing, 'cept
for being 2 orders of magnitude too small.


There seem to be two choices:

a.  The payment system somehow makes good on their losses.

b.  Everyone who isn't dead or insane pulls every dime left in that
system out, knowing that they could be next.  


Er, no, that doesn't sound like any finance system I
know.  See that post to the Register which I think RAH
forwarded, with 2000 in the class.  That's just this
week's news.

As per my observations, all FC systems bubble along
with something about 1% fraud plus/minus an order of
magnitude.  The credit card people currently report
about 0.1-0.2 % although I think that might be under-
reporting on their part.

Out of that, some people might get
recovered, but enough do not that we wouldn't be able
to push proposition b. with any strength.  We know for
example that even though the banks might recover any
direct losses, they won't accept liability for any
other costs including where their fault caused problems
elsewhere.

iang