Re: An attack on paypal --> secure UI for browsers
At 04:29 PM 6/14/03 -0400, Sunder wrote: ... If the day comes where MS Office DRM only works with MS Office DRM, how many people will switch to it? If your company is willing to switch to it, then they'll give you a PC with it on it. If they don't, then they can't expect you to interact with them via such formats and can't require you to do so. So, have you ever tried doing substantial revisions on a large document that's going back and forth between two or more versions of Word? It's in MS' interest to get everyone using the same version, so it's not really in their interest to spend great amounts of time debugging their version translation functions. It shows. If you need to coordinate working on a big Word document with several other people (e.g., clients or coworkers who are most comfortable with Word), you pretty-much will need to use not just Word, but the same version of Word. That doesn't need any secure hardware to enforce, just buggy software. You can sometimes work around this, but it's a pain to do. You sound like someone's holding a gun to your head and requiring you to have MS Office. Well, let's distinguish between: a. The sort of network monopoly situation Microsoft is in, where the world has more-or-less settled on a bunch of their products, and so they can do a lot of irritating things before they actually lose their dominant market position. (Note that this doesn't mean they are unassailable; Word Perfect and Lotus -123 were once in similarly dominant positions.) b. Eventual laws requiring that every new computer contain a secure processing unit to enforce the dictates of the government, the record companies, or whomever else on your computers. I think a lot of the objection to TCPA is the worry that it will be mandated eventually, and that it will then be used to cement the network monopoly held by MS forever. And Vinge's description of "ubiquitous governance" comes to mind here--whether it's MS or the US federal government or the UN or the Catholic Church, if someone can put themselves in control of all computer equipment you own in some secure way, they look a heck of a lot like the government. Either way, you can ask them to export to other document formats which you can read. Even now Office will export to HTML for example which is readable by Mozilla and other browsers. Sure. Or you can often translate their documents, or open them with OpenOffice. I do this when I just need to read and comment on a Word document. But if you are going to be revising and sending back the document a few times, this will not work--you will lose some formatting, you will probably introduce weird formatting bugs, you may mess up the file format, etc. It's just not worth the pain. Though I have a legitimate copy of Word on my machine, when given a choice, I always do everything in ASCII text until the very end, and then paste the text into Word and do formatting last. But again, this isn't too helpful if it's a document I'm working on with someone else. ... Either way, how much a revolt do you think there will be if Microsoft decides to lock down their tools (such as word) to the point where they can no longer export to HTML, plain text, RTF should the author wish it to do so and provides whatever passphrases or ID's needed to unlock the document and export it out? Who would buy such a dog of a product? Do you think businesses are so stupid that they'd put up with a product that jails them in? Get real son, you're howling at the moon! Mainframe customers used to put up with this kind of treatment routinely, so it's not impossible. Whether it will fly these days is an interesting question, but I don't think the answer is obvious. Someone might ask the same rhetorical question about whether customers would sit still for buggy, insecure software. But nobody would ask that question these days, as the answer is so painfully obvious. ... --John Kelsey, [EMAIL PROTECTED] PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259
Re: MS Format Flames Re: An attack on paypal --> secure UI for browsers
> Oh get over it. There are other formats. You ever heard of XML? HTML? RTF? There are output formats and input formats. It's easy to output data in formats other people can read - if you want something prettier than ASCII, HTML is usually fine, though there's not much support for embedded pictures as opposed to separate files. XML is a meta-format - you can't really guarantee that anybody else's XML tool can read your XML tool's documents, because they may not have all the same objects. If you want to give them something quasi-immutable, there's always PDF. That lets you be rude _and_ proprietary :-) Postscript is more flexible, but too many people don't have tools to read it with. Input formats are harder, because Microsoft keeps adding backwards-incompatibility every time they upgrade Office, just to force everybody else to upgrade. OpenOffice can often help, but not always. Microsoft does make free readers for Word and Powerpoint. They're only intended for running on Windows, but perhaps they work on WINE?
Re: An attack on paypal --> secure UI for browsers
On Sat, 14 Jun 2003, Sunder wrote: > Oh get over it. There are other formats. You ever heard of > XML? HTML? RTF? Yes, as a matter of fact. RTF is an MS format, BTW. They do change it sometimes, breaking various attempts at interoperability. They don't do it much; it seems like something they forget to break much of the time. > If the day comes where MS Office DRM only works with MS Office DRM, how > many people will switch to it? If your company is willing to switch to > it, then they'll give you a PC with it on it. If they don't, then they > can't expect you to interact with them via such formats and can't require > you to do so. > > You sound like someone's holding a gun to your head and requiring you to > have MS Office. No, there's no gun to anyone's head. However, as part of negotiating my current contract (I'm a partner in a small software development company), we recieved lots of MS Word/Excel docs. When you're negotiating new business, saying "erm, I don't do windows. Can you give me something else" is a bit of a show stopper. By comparison, if you're selling someone a car, are you going to stop them mid-sale and ask that they please haggle in Euros? (And in case you're curious, our project is entirely open source driven.) > Microsoft is not the DMV. You don't need to use their software. For that matter, one can drive without a license. I see your distinction, however it is very difficult to do business without MS software. I'm typing this on a Linux-running laptop, which is my primary user-level machine, and in order to do business, have to run Crossover. (And I do own my MS Office license.) All of my proposals are written in plain text and sometimes, done in Postgres when I need spreadsheet-like behavior. They have to be rendered in Word format for client consumption. (Open source spreadsheets still suck, in my opinion.) > And no, I will never be part of your problem because the documents I will > create for non work use will be made with Open Office or will be plain > text, html, or xml files. That's a rather fine point to put on it. There isn't much difference between work and non-work for me. Rather, there is, but nonwork choices directly impact my work choices. You seem to offload a lot of your choices onto your company. > If I'm required to use a DRM'ed Office for work, then fine, my company > owns those documents anyway and they can do whatever the fuck they like > with them either way. It doesn't matter to me at all -- it's their call, > it's their company, it's their documents. Just workin' for the man, eh? > Either way, how much a revolt do you think there will be if Microsoft > decides to lock down their tools (such as word) to the point where they > can no longer export to HTML, plain text, RTF should the author wish > it to do so and provides whatever passphrases or ID's needed to unlock > the document and export it out? Honestly, this is supposition, entirely unsupported by anything other than my intuition about how companies I've worked for in the past behave. Feel free to ignore. I think they'll lap it up. Along with expensive and annoying licensing terms, companies get no-forward emails and expiring spreadsheets. Think about what Enron would have done with that. Hell, I suspect MS probably evaluated what they did wrong in the antitrust trial in order to avoid similar outcomes in the future. There's a market there. > Who would buy such a dog of a product? Do you think businesses are so > stupid that they'd put up with a product that jails them in? Get real > son, you're howling at the moon! Um. Who owns the market in "desktop productivity software"? > You want to make a difference? Go ahead, wipe every bit of Microsoft > wares off all your machines and burn the CD's you've installed them > from. Go all open source and show others the right way. At least I'd > have some respect for you for voting with your wallet and practicing what > you preach. > > Right now all you're doing is bitching that you're forced to buy and use > Microsoft Office. I say that's bullshit, and you know it. I use MS software for interoperability testing (much like I use Quickbooks, some Oracle wares, etc.), and for client communication. Everything else in my company is open source. Everything we deploy is open source, unless the client asks for something else. They typically pay for that choice, not only because I'm frequently not familiar with the software they choose, but also because it's a bitch to work with (anyone else ever have to deal with Adobe Distiller under unix?) It isn't bullshit that to operate as a business entity, one needs MS software. I can certainly dick around with my personal website and write my memoirs without it, and 98% of what I do for a living is MS free, getting business without it (read aloud as "public interfaces") is nearly impossible. Perhaps you can ignore that, becuase you're just working for the man, and it isn't your fault that y
Re: An attack on paypal --> secure UI for browsers
A charming naivete. *Plonk* On Sat, Jun 14, 2003 at 04:29:23PM -0400, Sunder wrote: | Oh get over it. There are other formats. You ever heard of | XML? HTML? RTF? | | If the day comes where MS Office DRM only works with MS Office DRM, how | many people will switch to it? If your company is willing to switch to | it, then they'll give you a PC with it on it. If they don't, then they | can't expect you to interact with them via such formats and can't require | you to do so. | | You sound like someone's holding a gun to your head and requiring you to | have MS Office. | | Either way, you can ask them to export to other document formats which you | can read. Even now Office will export to HTML for example which is | readable by Mozilla and other browsers. | | Microsoft is not the DMV. You don't need to use their software. | | And no, I will never be part of your problem because the documents I will | create for non work use will be made with Open Office or will be plain | text, html, or xml files. | | If I'm required to use a DRM'ed Office for work, then fine, my company | owns those documents anyway and they can do whatever the fuck they like | with them either way. It doesn't matter to me at all -- it's their call, | it's their company, it's their documents. | | But, for personal use, I won't buy any upgrades or new Microsoft | software. End of story. | | Either way, how much a revolt do you think there will be if Microsoft | decides to lock down their tools (such as word) to the point where they | can no longer export to HTML, plain text, RTF should the author wish | it to do so and provides whatever passphrases or ID's needed to unlock | the document and export it out? | | Who would buy such a dog of a product? Do you think businesses are so | stupid that they'd put up with a product that jails them in? Get real | son, you're howling at the moon! | | On one hand you're bitching that you have to use Microsoft software on the | other you're complaining that I'm using it while I'm telling you I don't | want to and don't care to and won't upgrade to it. | | You want to make a difference? Go ahead, wipe every bit of Microsoft | wares off all your machines and burn the CD's you've installed them | from. Go all open source and show others the right way. At least I'd | have some respect for you for voting with your wallet and practicing what | you preach. | | Right now all you're doing is bitching that you're forced to buy and use | Microsoft Office. I say that's bullshit, and you know it. | | | --Kaos-Keraunos-Kybernetos--- | + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ | \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ | <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ | /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ | + v + : The look on Sadam's face - priceless! | [EMAIL PROTECTED] http://www.sunder.net | | On Sat, 14 Jun 2003, Adam Shostack wrote: | | > Sure. And I'm glad you work with a small group of people who | > understand that you don't read their documents. After many years of | > refusal, I finally gave up. I work with lots of customers who expect | > documents in MS formats, and look at you askance for giving them | > anything else. You only get so many explanations before customers go | > elsewhere, and I chose not to spend them on this. Similarly, I could | > choose to speak to everyone I meet in, say, Russian. And some folks | > would understand. Others would walk away. So, you can argue that | > you're effectively required to speak English to do business in North | > America. I would argue that you're similarly required to use MS | > Office. | > | > | > You'll be part of the problem when Nogsuccob is apon us, because the | > documents you create won't be readable in OpenOffice, and Crossover | > won't run. | > | > | > Office Nogsuccob will only interoperate with itself. Companies will end | > up deploying it to interact with other versions, not for any real | > feature. | > | > You don't like the word force, I suggest quitting all use of .DOC, | > .PPT, and .XLS formats. Please educate the world on how much better | > the alternatives are. Me, I'll pay my $200 to not bother today, and | > regret it tomorrow. | > | > And by the way, do you have a driver's license, or other state-issued | > ID card? | -- "It is seldom that liberty of any kind is lost all at once." -Hume
Re: An attack on paypal --> secure UI for browsers
Oh get over it. There are other formats. You ever heard of XML? HTML? RTF? If the day comes where MS Office DRM only works with MS Office DRM, how many people will switch to it? If your company is willing to switch to it, then they'll give you a PC with it on it. If they don't, then they can't expect you to interact with them via such formats and can't require you to do so. You sound like someone's holding a gun to your head and requiring you to have MS Office. Either way, you can ask them to export to other document formats which you can read. Even now Office will export to HTML for example which is readable by Mozilla and other browsers. Microsoft is not the DMV. You don't need to use their software. And no, I will never be part of your problem because the documents I will create for non work use will be made with Open Office or will be plain text, html, or xml files. If I'm required to use a DRM'ed Office for work, then fine, my company owns those documents anyway and they can do whatever the fuck they like with them either way. It doesn't matter to me at all -- it's their call, it's their company, it's their documents. But, for personal use, I won't buy any upgrades or new Microsoft software. End of story. Either way, how much a revolt do you think there will be if Microsoft decides to lock down their tools (such as word) to the point where they can no longer export to HTML, plain text, RTF should the author wish it to do so and provides whatever passphrases or ID's needed to unlock the document and export it out? Who would buy such a dog of a product? Do you think businesses are so stupid that they'd put up with a product that jails them in? Get real son, you're howling at the moon! On one hand you're bitching that you have to use Microsoft software on the other you're complaining that I'm using it while I'm telling you I don't want to and don't care to and won't upgrade to it. You want to make a difference? Go ahead, wipe every bit of Microsoft wares off all your machines and burn the CD's you've installed them from. Go all open source and show others the right way. At least I'd have some respect for you for voting with your wallet and practicing what you preach. Right now all you're doing is bitching that you're forced to buy and use Microsoft Office. I say that's bullshit, and you know it. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Sat, 14 Jun 2003, Adam Shostack wrote: > Sure. And I'm glad you work with a small group of people who > understand that you don't read their documents. After many years of > refusal, I finally gave up. I work with lots of customers who expect > documents in MS formats, and look at you askance for giving them > anything else. You only get so many explanations before customers go > elsewhere, and I chose not to spend them on this. Similarly, I could > choose to speak to everyone I meet in, say, Russian. And some folks > would understand. Others would walk away. So, you can argue that > you're effectively required to speak English to do business in North > America. I would argue that you're similarly required to use MS > Office. > > > You'll be part of the problem when Nogsuccob is apon us, because the > documents you create won't be readable in OpenOffice, and Crossover > won't run. > > > Office Nogsuccob will only interoperate with itself. Companies will end > up deploying it to interact with other versions, not for any real > feature. > > You don't like the word force, I suggest quitting all use of .DOC, > .PPT, and .XLS formats. Please educate the world on how much better > the alternatives are. Me, I'll pay my $200 to not bother today, and > regret it tomorrow. > > And by the way, do you have a driver's license, or other state-issued > ID card?
Re: An attack on paypal --> secure UI for browsers
On Sat, Jun 14, 2003 at 03:30:47PM -0400, Sunder wrote: | Um, how's that agin? How does Ballmer and Gates force you, Adam Shostack | to run Microsoft Office? Did they put a gun to your head? Did they | manage to twist Congress's arms to put a gun to your head? | | Compatibility you say? Well, that's your choice. You can decide if it's | important enough to you and act accordingly. I personally think MSFT is | evil, and provides nothing but mediocre software. So I vote with my | wallet by not paying them for their junk and I won't buy upgrades of their | software if the previous versions do what I needed, and install Linux and | OpenBSD on new machines. Sure. And I'm glad you work with a small group of people who understand that you don't read their documents. After many years of refusal, I finally gave up. I work with lots of customers who expect documents in MS formats, and look at you askance for giving them anything else. You only get so many explanations before customers go elsewhere, and I chose not to spend them on this. Similarly, I could choose to speak to everyone I meet in, say, Russian. And some folks would understand. Others would walk away. So, you can argue that you're effectively required to speak English to do business in North America. I would argue that you're similarly required to use MS Office. | Yes, my work machine runs win2k, but I didn't pay for it, and I didn't | have much choice in it - actually I could either quit and find a new job | (really lots of fun in this economy) or reinstall Linux over it and live | with Open Office and other open tools or have paid for Crossover office | out of my pocket, etc. Wasn't worth the trouble and we already have a | site license for win2k + office 2k, so that's the path I went. Not my | money, the company's money. They chose to pay the Redmond Beast, so what | do I care? You'll be part of the problem when Nogsuccob is apon us, because the documents you create won't be readable in OpenOffice, and Crossover won't run. | So why do you feel it's required of you to either pay Microsoft for, or | pirate Office XP and Server 2003 and TCPA enabled junkware? What's so | important that you can't live without them. Office Nogsuccob will only interoperate with itself. Companies will end up deploying it to interact with other versions, not for any real feature. You don't like the word force, I suggest quitting all use of .DOC, .PPT, and .XLS formats. Please educate the world on how much better the alternatives are. Me, I'll pay my $200 to not bother today, and regret it tomorrow. And by the way, do you have a driver's license, or other state-issued ID card? Adam | On Sat, 14 Jun 2003, Adam Shostack wrote: | | > Well, sure. And no one forces me to run Microsoft office, either, | > except Microsoft's monoploy. And when the document format can phone | > home to prevent piracy or openoffice from running, no one will be | > 'obligating' me to pay monopoly rents to Microsoft. | | | | > In the same way, no one forces me to have a drivers license. But its | > damned hard living life without one. | > | | | -- "It is seldom that liberty of any kind is lost all at once." -Hume
Re: An attack on paypal --> secure UI for browsers
Um, how's that agin? How does Ballmer and Gates force you, Adam Shostack to run Microsoft Office? Did they put a gun to your head? Did they manage to twist Congress's arms to put a gun to your head? Compatibility you say? Well, that's your choice. You can decide if it's important enough to you and act accordingly. I personally think MSFT is evil, and provides nothing but mediocre software. So I vote with my wallet by not paying them for their junk and I won't buy upgrades of their software if the previous versions do what I needed, and install Linux and OpenBSD on new machines. Yes, some of the older shittier machines I have run Windows, but that's because I'm either too lazy to track down drivers for Linux or want them to continue running what they run. Doesn't mean I have to go to XP or 2003. Yes, my work machine runs win2k, but I didn't pay for it, and I didn't have much choice in it - actually I could either quit and find a new job (really lots of fun in this economy) or reinstall Linux over it and live with Open Office and other open tools or have paid for Crossover office out of my pocket, etc. Wasn't worth the trouble and we already have a site license for win2k + office 2k, so that's the path I went. Not my money, the company's money. They chose to pay the Redmond Beast, so what do I care? But for home use, I have no real use for much more than OpenOffice and Linux. There's no need for me to pirate garbage from Microsoft. I can live without it. These are some old pentium1- 100Mhz notebook machines I have that came with Windows 95 and 98 - turd OS's really, but they serve a purpose - mp3 players and light web surfing in my living room and other places for example. And before you ask, no, I didn't pirate the mp3's. They're all ripped from CD's that I owned, and I still have the CD's as proof of ownership. Yes, I could go to linux on them, but why bother wasting half a day tracking down drivers and tuning kernels for them when they're already built and working the way I want them to? So why do you feel it's required of you to either pay Microsoft for, or pirate Office XP and Server 2003 and TCPA enabled junkware? What's so important that you can't live without them. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Sat, 14 Jun 2003, Adam Shostack wrote: > Well, sure. And no one forces me to run Microsoft office, either, > except Microsoft's monoploy. And when the document format can phone > home to prevent piracy or openoffice from running, no one will be > 'obligating' me to pay monopoly rents to Microsoft. > In the same way, no one forces me to have a drivers license. But its > damned hard living life without one. >
Re: An attack on paypal --> secure UI for browsers
Adam Lydick wrote: >The faq (see attached) claims that "anyone can write a nexus" and that >"users control which nexus(s) run". > >I certainly didn't see anything that suggests that anyone can force you >to run arbitrary code, regardless of who has signed it. "Force", maybe not. No one can "force" me to turn my machine on, for instance. But take a look at one line you quoted from the FAQ: "Only one nexus at a time will be able to run on a machine." That looks to me like an important sentence.
Re: An attack on paypal --> secure UI for browsers
On Sat, Jun 14, 2003 at 11:20:16AM -, a Microsoft employee wrote: | Adam Shostack writes: | | > Actually, most of the features of Nogsuccob are features that I | > want, like integrity protected, authenticated boot. The problem, | > bundled with those features, is the ability of the system to attest to | > its secure boot. This can be fixed by not letting the host know if | > you've exported its host key or not, which makes it possible to run a | > virtualized, trusted copy in your emulation environment. | | Nothing forces you to tell anyone else that you booted securely. At most | someone may offer to give you something in exchange for such a proof, | but you're not obligated to take them up on it. Well, sure. And no one forces me to run Microsoft office, either, except Microsoft's monoploy. And when the document format can phone home to prevent piracy or openoffice from running, no one will be 'obligating' me to pay monopoly rents to Microsoft. In the same way, no one forces me to have a drivers license. But its damned hard living life without one. | It's not clear what you're getting at about exporting the host key. | These systems (TCs) are generally designed to make that difficult or | impossible to accomplish. The security of the whole system is built on | that assumption. If you actually did manage to pull out the host key | then you could make it attest to any falsehood you wanted, although you | might get caught eventually. The security of the system to make attestations is built on that assumption. However, there are other values that a TBC can offer, like secure key storage or trusted boot of a known OS image, that I might like. My ability to attest to any falsehood is limited by the statements the key is expected to sign. How broad are those? I thought they were quite limited. | Trusted Computing lets people convincingly tell the truth about what | software they are running. This is seen as a horrific threat in certain | circles. It's easy to see why liars wouldn't like it. What does an | honest man have to lose? Interoperability. Fair use. Market Choice. Archives. Control over their own computers. Ability to decide when to patch. The ability to run purchased software.. ... privately. ... when there are bugs in the license code. ... when the license server or the network is unavailable. That's off the top of my head. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Re: An attack on paypal --> secure UI for browsers
Adam Shostack writes: > Actually, most of the features of Nogsuccob are features that I > want, like integrity protected, authenticated boot. The problem, > bundled with those features, is the ability of the system to attest to > its secure boot. This can be fixed by not letting the host know if > you've exported its host key or not, which makes it possible to run a > virtualized, trusted copy in your emulation environment. Nothing forces you to tell anyone else that you booted securely. At most someone may offer to give you something in exchange for such a proof, but you're not obligated to take them up on it. It's not clear what you're getting at about exporting the host key. These systems (TCs) are generally designed to make that difficult or impossible to accomplish. The security of the whole system is built on that assumption. If you actually did manage to pull out the host key then you could make it attest to any falsehood you wanted, although you might get caught eventually. Trusted Computing lets people convincingly tell the truth about what software they are running. This is seen as a horrific threat in certain circles. It's easy to see why liars wouldn't like it. What does an honest man have to lose?
Re: An attack on paypal --> secure UI for browsers
The faq (see attached) claims that "anyone can write a nexus" and that "users control which nexus(s) run". I certainly didn't see anything that suggests that anyone can force you to run arbitrary code, regardless of who has signed it. I also find it absurd to worry about what code Microsoft is running on your system. If you are running their operating system, you are already running arbitrary code from them. If you install a security or functional patch, you are running arbitrary code from them. How would this be different? My only real concern is that once this becomes widespread, having the correct "nexus" + DRM software installed will be the only way to get play digital media. I have a feeling I won't be playing any of that content from the MythTv box in my living room... AdamL -- http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/NGSCB.asp Q: What is the "nexus" component of NGSCB? A: The nexus is a new Windows OS component that will be introduced as part of NGSCB. The nexus, what we used to refer to as a "nub" or "trusted operating root," is essentially the kernel of an isolated software stack that runs alongside the existing software stack. The nexus provides a limited set of APIs and services for applications, including sealed storage and attestation functions. Think of nexus-aware applications as residing in the user mode space of the parallel execution environment and the nexus as residing in the kernel mode space. Anyone can write a nexus for use with nexus-aware systems. The user always has the ultimate authority over what nexuses are allowed to run. Only one nexus at a time will be able to run on a machine. Q: What is the privacy model associated with NGSCB? A: The user is always in control of whether or not nexus-aware technology is enabled on his or her PC and what nexuses have access to specific functions. The technology being developed as part of NGSCB provides a fine-grained access control model that allows users to specify (by hash) whether an individual nexus has the right to invoke a specific security operation. In addition, SSC functions that reveal potentially machine-identifying information, such as the RSA public key, can only be performed once per SSC reset (and the SSC cannot be reset from software; you have to power-cycle the PC). -- Adam Lydick <[EMAIL PROTECTED]>
Re: An attack on paypal
The problem with these stop crackers and hackers by law is that it allows software developers to get away with leaving huge gaping security holes unfixed. Anecodatal evidence: The classic well known Robin Hood and Friar Tuck "hack". These days, the bug wouldn't get fixed and the guys reporting it would wind up in jail because they "convinced" the OS authors to fix the bug. IMHO, not the right way to go at all. from http://ftp.arl.mil/ftp/unix-wizards/V16%23017 scroll down a bit more than half way down the page (also available from most other GNU sources) Back in the mid-1970s, several of the system support staff at Motorola discovered a relatively simple way to crack system security on the Xerox CP-V timesharing system. Through a simple programming strategy, it was possible for a user program to trick the system into running a portion of the program in `master mode' (supervisor state), in which memory protection does not apply. The program could then poke a large value into its `privilege level' byte (normally write-protected) and could then proceed to bypass all levels of security within the file-management system, patch the system monitor, and do numerous other interesting things. In short, the barn door was wide open. Motorola quite properly reported this problem to Xerox via an official `level 1 SIDR' (a bug report with an intended urgency of `needs to be fixed yesterday'). Because the text of each SIDR was entered into a database that could be viewed by quite a number of people, Motorola followed the approved procedure: they simply reported the problem as `Security SIDR', and attached all of the necessary documentation, ways-to-reproduce, etc. The CP-V people at Xerox sat on their thumbs; they either didn't realize the severity of the problem, or didn't assign the necessary operating-system-staff resources to develop and distribute an official patch. Months passed. The Motorola guys pestered their Xerox field-support rep, to no avail. Finally they decided to take direct action, to demonstrate to Xerox management just how easily the system could be cracked and just how thoroughly the security safeguards could be subverted. They dug around in the operating-system listings and devised a thoroughly devilish set of patches. These patches were then incorporated into a pair of programs called `Robin Hood' and `Friar Tuck'. Robin Hood and Friar Tuck were designed to run as `ghost jobs' (daemons, in UNIX terminology); they would use the existing loophole to subvert system security, install the necessary patches, and then keep an eye on one another's statuses in order to keep the system operator (in effect, the superuser) from aborting them. One fine day, the system operator on the main CP-V software development system in El Segundo was surprised by a number of unusual phenomena. These included the following: * Tape drives would rewind and dismount their tapes in the middle of a job. * Disk drives would seek back and forth so rapidly that they would attempt to walk across the floor (see {walking drives}). * The card-punch output device would occasionally start up of itself and punch a {lace card}. These would usually jam in the punch. * The console would print snide and insulting messages from Robin Hood to Friar Tuck, or vice versa. * The Xerox card reader had two output stackers; it could be instructed to stack into A, stack into B, or stack into A (unless a card was unreadable, in which case the bad card was placed into stacker B). One of the patches installed by the ghosts added some code to the card-reader driver... after reading a card, it would flip over to the opposite stacker. As a result, card decks would divide themselves in half when they were read, leaving the operator to recollate them manually. Naturally, the operator called in the operating-system developers. They found the bandit ghost jobs running, and X'ed them... and were once again surprised. When Robin Hood was X'ed, the following sequence of events took place: !X id1 id1: Friar Tuck... I am under attack! Pray save me! id1: Off (aborted) id2: Fear not, friend Robin! I shall rout the Sheriff of Nottingham's men! id1: Thank you, my good fellow! Each ghost-job would detect the fact that the other had been killed, and would start a new copy of the recently slain program within a few milliseconds. The only way to kill both ghosts was to kill them simultaneously (very difficult) or to deliberately crash the system. Finally, the system programmers
Re: An attack on paypal --> secure UI for browsers
On Fri, Jun 13, 2003 at 11:04:42PM +0200, Thomas Shaddack wrote: | > The problem (among others) is that this allows a virus to steal the | > client cert. If it is protected by a password, the malware must hang | > around long enough for the user to unlock the cert (perhaps because the | > malware sent a spoofed email calling for the user to visit the site, | > even the real site!). It can then read the user's keystrokes and acquire | > the password. Now it has the cert and password and can impersonate the | > user at will. | > | > The solution to this is Palladium (NGSCB). | | BAH! *shudders* | | All we need for this is an external cryptographic token - a smartcard with | a keypad, an USB device, a Bluetooth-enabled thingy. You plug it into the | machine, the server you connect to sends its certificate name and | challenge to the browser, which passes it unchanged to your token. The ... | get as low as few dollars, can easily interface with just about any OS | including PDAs, and doesn't require The Megacorp Whose Name Shouldn't Be | Spoken to take over your machine. Actually, most of the features of Nogsuccob are features that I want, like integrity protected, authenticated boot. The problem, bundled with those features, is the ability of the system to attest to its secure boot. This can be fixed by not letting the host know if you've exported its host key or not, which makes it possible to run a virtualized, trusted copy in your emulation environment. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Re: An attack on paypal --> secure UI for browsers
> The problem (among others) is that this allows a virus to steal the > client cert. If it is protected by a password, the malware must hang > around long enough for the user to unlock the cert (perhaps because the > malware sent a spoofed email calling for the user to visit the site, > even the real site!). It can then read the user's keystrokes and acquire > the password. Now it has the cert and password and can impersonate the > user at will. > > The solution to this is Palladium (NGSCB). BAH! *shudders* All we need for this is an external cryptographic token - a smartcard with a keypad, an USB device, a Bluetooth-enabled thingy. You plug it into the machine, the server you connect to sends its certificate name and challenge to the browser, which passes it unchanged to your token. The token asks you for a PIN, and calculates a response. The browser then transparently relays the response back. There is nothing in the unit that's accessible from the computer, and because of a physically different keypad nothing can be sniffed from the computer. The cost of the unit can get as low as few dollars, can easily interface with just about any OS including PDAs, and doesn't require The Megacorp Whose Name Shouldn't Be Spoken to take over your machine.
Re: An attack on paypal
At 03:39 PM 6/10/03 -0700, Bill Frantz wrote: >At 5:12 PM -0700 6/8/03, Anne & Lynn Wheeler wrote: >>somebody (else) commented (in the thread) that anybody that currently >>(still) writes code resulting in buffer overflow exploit maybe should be >>thrown in jail. Not a very friendly bug-submission mechanism :-) >IMHO, the problem is that the C language is just too error prone to be used >for most software. In "Thirty Years Later: Lessons from the Multics >Security Evaluation", Paul A. Karger and Roger R. Schell > credit the use of PL/I for >the lack of buffer overruns in Multics. However, in the Unix/Linux/PC/Mac >world, a successor language has not yet appeared. What about Java? Apart from implementation bugs, its secure by design. --- "and then you go to jail" is a bad error-handler for a protocol.
Re: An attack on paypal --> secure UI for browsers
On Fri, 13 Jun 2003, Nomen Nescio wrote: > Apparently you neglected to read > http://www.microsoft.com/resources/ngscb/NGSCB_Overview.mspx, where > Microsoft says (as they have repeated many times) "Customers and partners > need reliable ways to ensure the quality of technology that addresses > the critical needs met by NGSCB. That's why Microsoft will make available > for public review the source code of the core piece of enabling software > in NGSCB, called the 'nexus,' so it can be evaluated and validated by > third parties for both security and privacy considerations." So why isn't it open for review *before* it's finalized? Might it give too many people an idea of what's really wrong with it? > Therefore some educated person (obviously not you, at least not yet) > will in fact be able to perform their own examination of the trusted part > of the OS, since it will have its source code published for exactly this > sort of review. Let's see it now. Not after it's finisihed. > Microsoft's legacy software is all extremely complex. Palladium is > taking a different approach, aiming at simplicity and transparency. I want the drugs you are on dude. You have a very rosy picture, and it seems all your inputs have been hijacked by supreme chemicals! > The Nexus, which is the micro-kernel for the trusted components (NCAs), > will be published for review. Its tasks are relatively few and well > defined, nothing like the massive Windows OS. That is what Microsoft has > gained by architecting Palladium as they did, with the new "trusted" > CPU mode, which allows side-by-side operating systems to run. On the > left hand side (LHS) we find the legacy Windows OS and applications. > On the right hand side (RHS) we find the Nexus acting as the OS, and > the NCAs acting as the applications. And in the mean time the user can't control their own computer. > The brilliance of Palladium is that the LHS can't touch the RHS, > because of hardware protection. At one stroke, the new trusted mode is > insulated from bugs in the Windows OS, device drivers and applications. > It in effect allows the designers to start with a clean piece of paper > and produce a simple micro-kernel (the Nexus) whose only job is to > service the NCAs. This is a manageable task and, in conjunction with > public review, there is good reason to hope and expect that the Nexus > will be secure. If so then NCAs will indeed run in a mode where they > are protected from other software components (including other NCAs). Very nice drug induced rant. Too bad reality doesn't work that way. Who owns the hardware? The user or the RIAA? True hardware protection means the user is protected from Microsoft, not the other way around. > Your comments above make it clear that you are not at all acquainted > with the material in those documents. If you're going to pretend to > be a security expert (remember when you advocated ECB mode for the XML > encryption effort?!!), you could do worse than spending a few hours > studying these documents closely. It's very likely that NGSCB will > be a central technology for security in the next two to ten years or > even longer. This is undoubtedly an area where security consulting > could be lucrative. Sadly, even "experts" of your caliber can probably > be very successful in this area. But you'll have to do your homework. Palladium changed to NGSCB and will morph to something else and something after that. It won't ever fly because the user can't control their own machine. Trust is a two way street. Until Microsoft learns to trust their customers, nobody will trust Microsoft. What we do in person we can do on a computer. We can con each other in person, so we'll be able to con each other with computers. That's how reality works, and no hardware or laws is going to change that. Instead of trying to wave a magic wand while everyone is on lsd, it'd be better if Microsoft and the RIAA came out with their own hardware for the specific purpose of DRM sales. Everyone would know who owns the hardware because they'd just rent it instead of buying it. IBM is already on the right track for this. Microsoft has yet to get it. Patience, persistence, truth, Dr. mike
Re: An attack on paypal --> secure UI for browsers
Joe Ashwood writes: > From: "Anonymous" > > You clearly know virtually nothing about Palladium. > I still stand by, "Arbitrarily trusting anyone to write a secure program > simply doesn't work" regardless of how many times MS says "trust us" any > substantially educated person should as well be prepared to either trust a > preponderance of evidence, or perform their own examination, neither of > these options is available. Apparently you neglected to read http://www.microsoft.com/resources/ngscb/NGSCB_Overview.mspx, where Microsoft says (as they have repeated many times) "Customers and partners need reliable ways to ensure the quality of technology that addresses the critical needs met by NGSCB. That's why Microsoft will make available for public review the source code of the core piece of enabling software in NGSCB, called the 'nexus,' so it can be evaluated and validated by third parties for both security and privacy considerations." Therefore some educated person (obviously not you, at least not yet) will in fact be able to perform their own examination of the trusted part of the OS, since it will have its source code published for exactly this sort of review. > The information available does not cover the > technical information, in fact their "Technical FAQ" about it actually has > the following: > > "Q: Does this technology require an online connection to be used? > > A: No. " > > That is just so enlightening, and is about as far from a useful answer > as possible. Very few of the Technical FAQ answers are so brief. In this case, it is a stupid question and deserves a trivial answer. The only reason it is in there is because of the lies spread by Lucky Green and Ross Anderson, all about how Palladium will connect to a central server and refuse to let you work with your own documents, or delete files that Microsoft or the U.S. Government don't like. > > NCAs do not have > > "complete access to private information". Quite the opposite. Rather, > > NCAs have the power to protect private information such that no other > > software on the machine can access it. They do so by using the Palladium > > software and hardware to encrypt the private data. The encryption is > > done in such a way that it is "sealed" to the particular NCA, and no other > > software is allowed to use the Palladium crypto hardware to decrypt it. > > This applies only under the condition that the software in Palladium is > perfectly secure. Again I point to the issues with ActiveX, where a wide > variety of hoels have been found, I point to the newest MS operating system > which has it even been out a month yet? and already has a security patch > available, in spite of their "secure by default" process. Again I don't > believe this is because MS is inherently bad, it is because writing secure > programs is extremely difficult, MS just has the most feature bloat so they > have the most problems. Microsoft's legacy software is all extremely complex. Palladium is taking a different approach, aiming at simplicity and transparency. The Nexus, which is the micro-kernel for the trusted components (NCAs), will be published for review. Its tasks are relatively few and well defined, nothing like the massive Windows OS. That is what Microsoft has gained by architecting Palladium as they did, with the new "trusted" CPU mode, which allows side-by-side operating systems to run. On the left hand side (LHS) we find the legacy Windows OS and applications. On the right hand side (RHS) we find the Nexus acting as the OS, and the NCAs acting as the applications. The brilliance of Palladium is that the LHS can't touch the RHS, because of hardware protection. At one stroke, the new trusted mode is insulated from bugs in the Windows OS, device drivers and applications. It in effect allows the designers to start with a clean piece of paper and produce a simple micro-kernel (the Nexus) whose only job is to service the NCAs. This is a manageable task and, in conjunction with public review, there is good reason to hope and expect that the Nexus will be secure. If so then NCAs will indeed run in a mode where they are protected from other software components (including other NCAs). > If the Palladium software is actually secure > (unlikely), then there is the issue of how the (foolishly trusted) NCAs are > determined to be the same, this is an easy problem to solve if no one ever > added features, but a hard one to solve where the program evolves, once MS > shows the solution for this, I will point to the same information and show > you a security hole. Read the documents! Actually you claim you already read them, but obviously you are lying or you would know that this question has been answered. I wrote a long posting about this last month explaining how it worked. The mechanism is called a Manifest and is described in section 9 of http://www.microsoft.com/resources/ngscb/documents/ngscb_tcb.doc
Re: Re: An attack on paypal --> secure UI for browsers
- Original Message - From: "Anonymous" <[EMAIL PROTECTED]> Subject: CDR: Re: An attack on paypal --> secure UI for browsers > You clearly know virtually nothing about Palladium. Actually, properly designed Palladium would be little more than a smart card welded to the motherboard. As currently designed it is a complete second system that is allowed to take over the main processor. It has a few aspects of what it should be, but not many. It does include the various aspects of the smart card, but it also makes room for those aspects to take over the main system, properly designed this would not be an option, of course properly designed it could also be a permanently attached $1 smart card that internally hangs off the USB controller instead of a mammoth undertaking. I still stand by, "Arbitrarily trusting anyone to write a secure program simply doesn't work" regardless of how many times MS says "trust us" any substantially educated person should as well be prepared to either trust a preponderance of evidence, or perform their own examination, neither of these options is available. The information available does not cover the technical information, in fact their "Technical FAQ" about it actually has the following: "Q: Does this technology require an online connection to be used? A: No. " That is just so enlightening, and is about as far from a useful answer as possible. > NCAs do not have > "complete access to private information". Quite the opposite. Rather, > NCAs have the power to protect private information such that no other > software on the machine can access it. They do so by using the Palladium > software and hardware to encrypt the private data. The encryption is > done in such a way that it is "sealed" to the particular NCA, and no other > software is allowed to use the Palladium crypto hardware to decrypt it. This applies only under the condition that the software in Palladium is perfectly secure. Again I point to the issues with ActiveX, where a wide variety of hoels have been found, I point to the newest MS operating system which has it even been out a month yet? and already has a security patch available, in spite of their "secure by default" process. Again I don't believe this is because MS is inherently bad, it is because writing secure programs is extremely difficult, MS just has the most feature bloat so they have the most problems. If the Palladium software is actually secure (unlikely), then there is the issue of how the (foolishly trusted) NCAs are determined to be the same, this is an easy problem to solve if no one ever added features, but a hard one to solve where the program evolves, once MS shows the solution for this, I will point to the same information and show you a security hole. > In the proposed usage, an NCA associated with an ecommerce site would seal > the data which is used by the user to authenticate to the remote site. After running unattended on your computer, a brilliant idea, hasn't anyone learned? > The authentication data doesn't actually have to be a certificate with > associated key, but that would be one possibility. Only NCAs signed by > that ecommerce site's key would be able to unseal and access the user's > authentication credentials. This prevents rogue software from stealing > them and impersonating the user. Not in the slightest, a single compromise of a single ecommerce site (remember they're "trusted") will remove all this pretend security. Let's use a particularly popular example on here right now www.e-go1d.com, they could easily apply to be an ecommerce site, they collect money, they offer a service, clearly they are an ecommerce site. Are you really gullible enough to believe that they won't do everything in their power to exploit the data transfer problem above, as well as any other holes in Palladium? I should hope not. > Seriously, have you read any > of the documents linked from http://www.microsoft.com/resources/ngscb/? Yes I have, in fact at this point I think it is safe to say that you have not, or you didn't understand the implications of the small amount of information it actually contains. Joe
Re: An attack on paypal
At 10:56 AM 6/11/2003 -0400, Sunder wrote: In either case, we wouldn't need to worry about paying Verisign or anyone else if we had properly secured DNS. Then you could trust those pop-up self-signed SSL cert warnings. actually, if you had a properly secured DNS then you could trust DNS to distribute public keys bound to a domain name in the same way they distribute ip-addresses bound to a domain name. the certificates serve two purposes: 1) is the server that we think we are talking to really the server we are talking to and 2) key-exchange for establishing an encrypted channel. a properly secured DNS would allow information distributed by DNS to be trusted including a server's public key and given the public key it would be possible to do the rest of the SSL operation (w/o requiring certificates) which is establishing an agreed upon session secret key. -- Anne & Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Re: An attack on paypal
In message <[EMAIL PROTECTED]>, "Matt Crawford" writ es: >> The worst trouble I've had with https is that you have no way to use host >> header names to differentiate between sites that require different SSL >> certificates. > >True as written, but Netscrape ind Internet Exploder each have a hack >for honoring the same cert for multiple server names. Opera seems to >honor at least one of the two hacks, and a cert can incorporate both >at once. > > /C=US/ST=Illinois/L=Batavia/O=Fermilab/OU=Services > /CN=(alpha|bravo|charlie).fnal.gov/CN=alpha.fnal.gov > /CN=bravo.fnal.gov/CN=charlie.fnal.gov You can also use *.fnal.gov --Steve Bellovin, http://www.research.att.com/~smb (me) http://www.wilyhacker.com (2nd edition of "Firewalls" book)
Re: An attack on paypal
Sunder <[EMAIL PROTECTED]> writes: > The worst trouble I've had with https is that you have no way to use host > header names to differentiate between sites that require different SSL > certificates. > > i.e. www.foo.com www.bar.com www.baz.com can't all live on the same IP and > have individual ssl certs for https. :( This is because the cert is > exchanged before the http 1.1 layer can say "I want www.bar.com" > > So you need to waste IP's for this. Since the browser standards are > already in place, it's unlikely to be to find a workaround. i.e. be able > to switch to a different virtual host after you've established the ssl > session. :( This is being fixed. See draft-ietf-tls-extensions-06.txt -Ekr -- [Eric Rescorla [EMAIL PROTECTED] http://www.rtfm.com/
Re: An attack on paypal
"Matt Crawford" <[EMAIL PROTECTED]> writes: >True as written, but Netscrape ind Internet Exploder each have a hack for >honoring the same cert for multiple server names. Opera seems to honor at >least one of the two hacks, and a cert can incorporate both at once. > > /C=US/ST=Illinois/L=Batavia/O=Fermilab/OU=Services > /CN=(alpha|bravo|charlie).fnal.gov/CN=alpha.fnal.gov > /CN=bravo.fnal.gov/CN=charlie.fnal.gov Just to clarify this, so you need a multivalued CN, with one containing the expression "(a|b|c)" and the remaining containing each of "a", "b", and "c"? Is it multiple AVAs in an RDN, or multiple RDNs? (Either of these could be hard to generate with a lot of software, which can't handle multiple AVAs in an RDN or multiple same-type RDNs). Which hack is for MSIE and which is for Netscape? Peter.
Re: An attack on paypal
> "Matt Crawford" <[EMAIL PROTECTED]> writes: > >... Netscrape ind Internet Exploder each have a hack for > >honoring the same cert for multiple server names. Opera seems to honor at > >least one of the two hacks, and a cert can incorporate both at once. > > > > /C=US/ST=Illinois/L=Batavia/O=Fermilab/OU=Services > > /CN=(alpha|bravo|charlie).fnal.gov/CN=alpha.fnal.gov > > /CN=bravo.fnal.gov/CN=charlie.fnal.gov > > Just to clarify this, so you need a multivalued CN, with one containing the > expression "(a|b|c)" and the remaining containing each of "a", "b", and "c"? > Is it multiple AVAs in an RDN, or multiple RDNs? (Either of these could be > hard to generate with a lot of software, which can't handle multiple AVAs in > an RDN or multiple same-type RDNs). Which hack is for MSIE and which is for > Netscape? Each CN is in a single-element RDN as usual. Netscape honors only the first CN in the SubjectDN, but will treat it as a restricted regex (shell-like * wildcard, alternation and grouping). IE checks the server name against each CN's individually. This was mainly determined by experimentation. I think we did find a limit on how long that first regex could be, but I don't remember what it was. Longer than my example, but short enough that some of our bigger virtual-hosting servers were inconvenienced by it. Openssl has no qualms about multiple same-type components. You just have to use the somewhat documented 0.commonName = ... 1.commonName = ... 2.commonName = ... in the configuration file.
Re: An attack on paypal
> You can also use *.fnal.gov Yes, we know, but our in-house CA operator (me) won't issue such a certificate.
Re: An attack on paypal
At 11:01 AM -0700 6/11/03, Major Variola (ret) wrote: >At 03:39 PM 6/10/03 -0700, Bill Frantz wrote: >>IMHO, the problem is that the C language is just too error prone to be >used >>for most software. In "Thirty Years Later: Lessons from the Multics >>Security Evaluation", Paul A. Karger and Roger R. Schell >> credit the use of PL/I >for >>the lack of buffer overruns in Multics. However, in the >Unix/Linux/PC/Mac >>world, a successor language has not yet appeared. > >What about Java? Apart from implementation bugs, its secure by design. Java is certainly an improvement for buffer overruns. (The last estimate I heard was that 1/3 of the penetrations were due to buffer overruns.) Java is still semi-intrepreted, so it is probably too slow for some applications. However Java is being used for server-side scripting with web servers, where the safety of the language is a definite advantage. Of course, when you cover one hole, people move on to others. Server-side Java is succeptable to SQL injection attacks for example. Cheers - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the | 16345 Englewood Ave. [EMAIL PROTECTED] | American way. | Los Gatos, CA 95032, USA
Re: An attack on paypal
The worst trouble I've had with https is that you have no way to use host header names to differentiate between sites that require different SSL certificates. i.e. www.foo.com www.bar.com www.baz.com can't all live on the same IP and have individual ssl certs for https. :( This is because the cert is exchanged before the http 1.1 layer can say "I want www.bar.com" So you need to waste IP's for this. Since the browser standards are already in place, it's unlikely to be to find a workaround. i.e. be able to switch to a different virtual host after you've established the ssl session. :( Personally I find thawte certs to be much cheaper than verisign and they work just as well. In any case, anyone is free to do the same thing AlterNIC did - become your own free CA. You'll just have to convince everyone else to add your CA's cert into their browser. You might be able to get the Mozilla guys to do this, good luck with the beast of Redmond though. Either way, having a pop-up isn't that big deal so long as you're sure of the site you're connecting to. In either case, we wouldn't need to worry about paying Verisign or anyone else if we had properly secured DNS. Then you could trust those pop-up self-signed SSL cert warnings. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Tue, 10 Jun 2003, James A. Donald wrote: > The most expensive and inconvenient part of https, getting > certificates from verisign, is fairly useless. > > The useful part of https is that it has stopped password > sniffing from networks, but the PKI part, where the server, but > not the client, is supposedly authenticated, does not do much > good.
Re: An attack on paypal
James A. Donald wrote: > How many attacks have there been based on automatic trust of > verisign's feckless ID checking? Not many, possibly none. I imagine if there exists a https://www.go1d.com/ site for purposes of fraud, it won't be using a self-signed cert. Of course it is possible that the attackers are using http:// instead, but more people are likely to notice that. > That is not the weak point, not the point where the attacks > occur. If the browser was set to accept self signed > certificates by default, it would make little difference to > security. I don't think any currently can be - but regardless, an attacker wishing to run a fraudulent https site must have a certificate acceptable to the majority of browsers without changing settings - That currently is the big name CAs and nobody else.
RE: An attack on paypal
> the lack of buffer overruns in Multics. However, in the > Unix/Linux/PC/Mac > world, a successor language has not yet appeared. Work on the existing C/C++ language will have a better chance of actually being used earlier. Not that it removes the problem entirely, but it should catches a lot of easy stack smashing bugs. http://gcc.gnu.org/projects/bp/main.html -- Vincent Penquerc'h
Re: Re: An attack on paypal --> secure UI for browsers
- Original Message - From: "Anonymous" <[EMAIL PROTECTED]> Subject: CDR: Re: An attack on paypal --> secure UI for browsers > In short, if Palladium comes with the ability to download site-specific > DLLs that can act as NCAs Ok what flavor of crack are you smoking? Because I can tell from here that's some strong stuff. Downloading random DLLs that are given complete access to private information is one of the worst concepts that anyone has ever come up with, even if they are signed by a "trusted" source. Just look at the horrifically long list of issues with ActiveX, even with WindowsXP (which hasn't been around that long) you're already looking at more than half a dozen, and IIRC win95 had about 50. This has less to do with "windows is bad" than with "secure programming is hard." Arbitrarily trusting anyone to write a secure program simply doesn't work, especially when it's something sophisticated. Now for the much more fundamental issue of your statement. Palladium will never "download site-specific" anything. Palladium is a hardware technology, not a web browser. I will refrain from saying Paladium is a bad idea, simply because I see some potentially very lucrative (for me) options for it's use. Joe
Re: An attack on paypal --> secure UI for browsers
> The solution to this is Palladium (NGSCB). > > You'd want each ecommerce site to download a Nexus Computing Agent into > the client. This should be no more difficult than downloading an Active-X > control or some other DLL. The NCA has a manifest file associated with it No shit? This is moronic. But then it reflects the impaired cognitive abilities of corpdrones in mintel. I pay for the "computer", and then all these corporations start downloading shit to my "computer" in order to make it safe for me to use it, right ? I am lay person and need to trust these people, as I am clueless about stuff they download. But their web page says it's good. This all happens *after* I buy the computer. So, to recap, I pay several $K for the "computer" and then have to customize it so that it becomes "safe". The computer, as malladium authenticates the computer. Why do I want $3,000 authentication token ? No, mintel making money is not the right answer. Try again. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com
Re: An attack on paypal --> secure UI for browsers
The problem to be solved is this. Spoofed sites can acquire user credentials, especially passwords, and then use those to impersonate the user on the real sites. With paypal and e-gold, this allows stealing real money. Using client certificates to authenticate would solve this, because even if the user got fooled and authenticated to the spoofed site, the attacker wouldn't learn the client cert secret key and so would not be able to masquerade as the user. The problem (among others) is that this allows a virus to steal the client cert. If it is protected by a password, the malware must hang around long enough for the user to unlock the cert (perhaps because the malware sent a spoofed email calling for the user to visit the site, even the real site!). It can then read the user's keystrokes and acquire the password. Now it has the cert and password and can impersonate the user at will. The solution to this is Palladium (NGSCB). You'd want each ecommerce site to download a Nexus Computing Agent into the client. This should be no more difficult than downloading an Active-X control or some other DLL. The NCA has a manifest file associated with it that contains the ecommerce site's signing key. This allows the NCA to be effectively locked to that key. The user's site-specific client certificate would be sealed to this NCA. That means that no other NCA could get access to the client cert for that site, nor could any legacy software. All this is protected by the Palladium hardware and software. If a password is used for further security, to unlock the client cert (in addition to the NCA-specific encryption), it can use a secure channel to the NCA so that no keystroke loggers can steal the password. (However, as mentioned in a previous mail, this may not stop rogue NCA's from fooling the user by pretending to be the ecommerce site's NCA and picking up the password. It's not clear that adding a password really increases security. Fortunately the NCA security itself is already vastly stronger than anything available on a PC today.) In short, if Palladium comes with the ability to download site-specific DLLs that can act as NCAs, it should allow for solving the spoofed-site problem once and for all. When you login to paypal or e-gold, you would authenticate yourself using a cert that only those sites could see. This can be done in the framework of standard SSL, but would require a Palladium-aware browser.
Re: An attack on paypal --> secure UI for browsers
Adam Lydick writes: > I'd guess that no applications (besides the secure nexus) would > have access to your "list of doggie names", just the ability to display > it. The list just indicates that you are seeing a window from one of > your partitioned and verified applications. I would also assume the > window would get decorated with the name of the trusted application (not > just your secret list). Thus you only need a single secret list to > handle all of your "authorized" applications. That makes sense. However it puts the burden onto the user to closely inspect his window frames in order to make sure that he is talking to the program (or NCA in Palladium) that he thinks he is talking to. It also introduces the problem of program-name spoofing; you might be given a dialog to enter your password for Paypa1 or E-Go1d. If users were that careful, we wouldn't have these kinds of problems in the first place.
Re: An attack on paypal
At 5:12 PM -0700 6/8/03, Anne & Lynn Wheeler wrote: >somebody (else) commented (in the thread) that anybody that currently >(still) writes code resulting in buffer overflow exploit maybe should be >thrown in jail. A nice essay, partially on the need to include technological protections against human error, included the above paragraph. IMHO, the problem is that the C language is just too error prone to be used for most software. In "Thirty Years Later: Lessons from the Multics Security Evaluation", Paul A. Karger and Roger R. Schell credit the use of PL/I for the lack of buffer overruns in Multics. However, in the Unix/Linux/PC/Mac world, a successor language has not yet appeared. YMMV - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the | 16345 Englewood Ave. [EMAIL PROTECTED] | American way. | Los Gatos, CA 95032, USA
Re: An attack on paypal
-- On 9 Jun 2003 at 2:09, Dave Howe wrote: > The problem is here, we are blaming the protective device for > not being able to protect against the deliberate use of an > attack that bypasses, not challenges it - by exploiting the > gullibility or tendency to take the path of least resistance > of the user. The real weakness in HTTPS is the tendency of > certificates signed by Big Name CAs to be automagically > trusted - even if you have never visited that site before. > yes, you can fix this almost immediately by untrusting the > root certificate - but then you have to manually verify each > and every site at least once, and possibly every time if you > don't mark the cert as "trusted" for future reference. To > blame HTTPS for an attack where the user fills in a web form > received via html-rendering email (no https involved at all) > is more than a little unfair though. How many attacks have there been based on automatic trust of verisign's feckless ID checking? Not many, possibly none. That is not the weak point, not the point where the attacks occur. If the browser was set to accept self signed certificates by default, it would make little difference to security. A wide variety of ways of getting big name certificates that one should not have, have been discovered. Attackers never showed much interest. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG uJuAm4Xwyo4xTn0ozjBmW2ZqpI8Z3ru25WDmB7iw 43PXj2QDpBfcahqs2aOleapJYsqtA6S36+hOdVkpR
Re: An attack on paypal
-- On 8 Jun 2003 at 20:00, Anne & Lynn Wheeler wrote: > that is why we coined the term merchant "comfort" > certificates some time ago. my wife and I having done early > work for payment gateway with small client/server startup in > menlo park ... that had this thing called SSL/HTTPS ... and > then having to perform due diligence on the major issuers of > certificates we recognized 1) vulnerabilities in the > certificate process and 2) information hiding of transaction > in flight only addressed a very small portion of the > vulnerabilities and exploits. https is like a strong fortress wall that only goes half way around the fortress. The most expensive and inconvenient part of https, getting certificates from verisign, is fairly useless. The useful part of https is that it has stopped password sniffing from networks, but the PKI part, where the server, but not the client, is supposedly authenticated, does not do much good. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 9ZQw+0/xh1y28CkGulSQSVxewfy71qzXGHI8KJbN 4osBv1veq07jaMVh2zVetZVKqIRfQjiwJaKu99GqM
Re: An attack on paypal --> secure UI for browsers
Yes, >NOW< if you can load yourself into kernel space, you can do anything and everything - Thou Art God to quote Heinlein. This is true of every OS. Except if you add that nice little TCPA bugger which can verify the kernel image you're running is the right and approved one. Q.E.D. Look at the XBox hacks for ideas as to why it's not a trival issue, but even so, one James Bond like buffer overflow in something everyone will have marked as trusted (say IE 8.0, or a specially crafted Word 2005 macro), and the 3v1l h4x0r party is back on and you iz ownz0red once more. It's not enough to fear Microsoft, you must learn to love it. Give us 2 minutes of hate for Linux now brother! --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Tue, 10 Jun 2003, Rich Salz wrote: > But if the system is rooted, then the attacker merely has to find the > "today's secret word" entry in the registry and do the same thing. > Unless Windows is planning on getting real kernel-level kinds of protection. > > > It was none other than Microsoft's NGSCB, nee Palladium. See > > http://news.com.com/2100-1012_3-1000584.html?tag=fd_top: > > See previous sentence. :)
Re: An attack on paypal --> secure UI for browsers
It's simple. It solves the problem that Microsoft Salesmen have. In order to sell shit, you have to make it look like gold. Cee Eee Ohs have heard it said that Microsoft software is insecure crap. Now the Microsoft Salesmen can do fancy demos with pretty colors and slick Operators Are standing By, Act Now, *New*, Don't Delay, Improved, Secure, Bells Whistles and Coolness demos and sign the suckers up. Just like the wonderful ads that peppered NYC when Ex-Pee came out saying "Reliable, and Secure." --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ <--*-->:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Tue, 10 Jun 2003, Nomen Nescio wrote: > I don't see how this is going to work. The concept seems to assume > that there is a distinction between "trusted" and "untrusted" programs. > But in the NGSCB architecture, Nexus Computing Agents (NCAs) can be > written by anyone. If you've loaded a Trojan application onto your > machine, it can create an NCA, which would presumably be eligible to > put up a "trusted" window. > > So either you have to configure a different list of doggie names for > every NCA (one for your banking program, one for Media Player, one for > each online game you play, etc.), or else each NCA gets access to your > Secret Master List of Doggie Names. The first possibility is unmanageable > and the second means that the trustedness of the window is meaningless. > > So what good is this? What problem does it solve?
Re: An attack on paypal --> secure UI for browsers
> For example, a proposal I saw recently which > would have the OS decorate the borders of "trusted" windows with facts or > images that an attacker wouldn't be able to predict: the name of your > dog, or whatever. But if the system is rooted, then the attacker merely has to find the "today's secret word" entry in the registry and do the same thing. Unless Windows is planning on getting real kernel-level kinds of protection. > It was none other than Microsoft's NGSCB, nee Palladium. See > http://news.com.com/2100-1012_3-1000584.html?tag=fd_top: See previous sentence. :) /r$ -- Rich Salz Chief Security Architect DataPower Technology http://www.datapower.com XS40 XML Security Gateway http://www.datapower.com/products/xs40.html XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
Re: An attack on paypal --> secure UI for browsers
Nomen Nescio <[EMAIL PROTECTED]> writes: >I don't see how this is going to work. The concept seems to assume that >there is a distinction between "trusted" and "untrusted" programs. But in the >NGSCB architecture, Nexus Computing Agents (NCAs) can be written by anyone. >If you've loaded a Trojan application onto your machine, it can create an NCA, >which would presumably be eligible to put up a "trusted" window. > >So either you have to configure a different list of doggie names for every >NCA (one for your banking program, one for Media Player, one for each online >game you play, etc.), or else each NCA gets access to your Secret Master List >of Doggie Names. The first possibility is unmanageable and the second means >that the trustedness of the window is meaningless. Maybe MS will implement something like the secure attention key in the old VAX A1 VMM (Ctrl-Alt-Del already serves this purpose for logins) which gives you a guaranteed non-spoofed interface to the kernel (see for example "A Retrospective on the VAX VMM Security Kernel" by Karger et al for more information on this). They certainly have the VMS knowhow :-). Peter.
Re: An attack on paypal --> secure UI for browsers
Tim Dierks wrote: > - Get browser makers to design better ways to communicate to users that > UI elements can be trusted. For example, a proposal I saw recently which > would have the OS decorate the borders of "trusted" windows with facts or > images that an attacker wouldn't be able to predict: the name of your > dog, or whatever. (Sorry, can't locate a link right now, but I'd > appreciate one.) It was none other than Microsoft's NGSCB, nee Palladium. See http://news.com.com/2100-1012_3-1000584.html?tag=fd_top: NEW ORLEANS--Microsoft is trying to make security obvious. The software giant plans to visually alter document or application windows that contain private information that's secured through Microsoft's Next-Generation Secure Computing Base (NGSCB), formerly known as Palladium. Secure windows will look different than regular, unsecured windows in order to remind users that they are looking at confidential material, Peter Biddle, product unit manager for Microsoft, said Thursday at the Windows Hardware Engineering Conference (WinHEC) here. ... The border of a secured page may contain information--such as the names of all the dogs that someone has ever owned--to make the data instantly recognizable as sound to the individual owner, as well as difficult to replicate. A hacker can create a spoof page with dogs' names running along the border but, in all likelihood, not one reading "Buffy, Skip and Jack Daniels--and in that order," Biddle said. ... Information on secured windows will vanish if another window is placed on top of it or shifted to the background. Erasing the information will prevent certain types of attacks and remind people that they're dealing with confidential material, Biddle said. When the secure window returns to the top of the stack, the information will reappear, he said. I don't see how this is going to work. The concept seems to assume that there is a distinction between "trusted" and "untrusted" programs. But in the NGSCB architecture, Nexus Computing Agents (NCAs) can be written by anyone. If you've loaded a Trojan application onto your machine, it can create an NCA, which would presumably be eligible to put up a "trusted" window. So either you have to configure a different list of doggie names for every NCA (one for your banking program, one for Media Player, one for each online game you play, etc.), or else each NCA gets access to your Secret Master List of Doggie Names. The first possibility is unmanageable and the second means that the trustedness of the window is meaningless. So what good is this? What problem does it solve?
Re: An attack on paypal --> secure UI for browsers
Amir Herzberg <[EMAIL PROTECTED]> writes: >Ka Ping Yee, User Interface Design for Secure System, ICICS, LNCS 2513, 2002. Ka-Ping Yee has a web page at http://zesty.ca/sid/ and a lot of interesting things to say about secure HCI (and HCI in general), e.g. a characterisation of safe systems vs. general-purpose systems: In order for Alice to use her computer usefully, she has to be able to instruct programs to do things for her. In order for those programs to carry out tasks, she has to trust those programs with some authority. So every useful operation involves making the system a little bit less safe. In order to keep the system from becoming unboundedly unsafe, Alice must also be able to make her system more safe. A system in an ultimately safe state is one that can't do anything other than what was planned ahead of time. General-purpose computing is useful to Alice only because she can make unpredictable inputs into the system, asking it to do new things. Peter.
Re: An attack on paypal
James A. Donald wrote: > Attached is a spam mail that constitutes an attack on paypal similar > in effect and method to man in the middle. > > The bottom line is that https just is not working. Its broken. HTTPS works just fine. The problem is - people are broken. At the very least, verisign should say "ok so '..go1d..' is a valid server address, but doesn't it look suspiously similar to this '..gold..' site over here?" for https://pseudo-gold-site/ - but really, if users are going to fill in random webforms sent by email, they aren't going to be safe under any circumstances; the thing could send by unsecured http to any site on the planet, then redirect to the real gold site for a generic "transaction completed" or even "failed" screen A world where a random paypal hack like this one doesn't work is the same as the world where there is no point sending out a Nigerian as you will never make a penny on it - and yet, Nigerian is still profitable for the con artists.
Re: An attack on paypal
At 02:55 PM 6/8/2003, James A. Donald wrote: Attached is a spam mail that constitutes an attack on paypal similar in effect and method to man in the middle. The bottom line is that https just is not working. Its broken. The fact that people keep using shared secrets is a symptom of https not working. The flaw in https is that you cannot operate the business and trust model using https that you can with shared secrets. I don't think it's https that's broken, since https wasn't intended to solve the customer authentication / authorization problem (you could try to use SSL's client certificates for that, but no one ever intended client certificate authentication to be a generalized transaction problem). When I responded to this before, I thought you were talking about the server auth problem, not the password problem. I continue to feel that the server authentication problem is a very hard problem to solve, since there's few hints to the browser as to what the user's intent is. The password problem does need to be solved, but complaining that HTTPS or SSL doesn't solve it isn't any more relevant than complaining that it's not solved by HTML, HTTP, and/or browser or server implementations, since any and all of these are needed in producing a new solution which can function with real businesses and real users. Let's face it, passwords are so deeply ingrained into people's lives that nothing which is more complex in any way than passwords is going to have broad acceptance, and any consumer-driven company is going to consider "easy" to be more important that "secure". Right now, my best idea for solving this problem is to: - Standardize an HTML input method for which does an SPEKE (or similar) mutual authentication. - Get browser makers to design better ways to communicate to users that UI elements can be trusted. For example, a proposal I saw recently which would have the OS decorate the borders of "trusted" windows with facts or images that an attacker wouldn't be able to predict: the name of your dog, or whatever. (Sorry, can't locate a link right now, but I'd appreciate one.) - Combine the two to allow sites to provide a user-trustable UI to enter a password which cannot be sucked down. - Evangelize to users that this is better and that they should be suspicious of any situation where they used such interface once, but now it's gone. I agree that the overall architecture is broken; the problem is that it's broken in more ways than can just be fixed with any change to TLS/SSL or HTTPS. - Tim