Re: [Mac_crypto] MacOS X (Panther) FileVault
At 19:01 -0500 on 11/15/03, R. A. Hettinga wrote: --- begin forwarded text Status: U Date: Sat, 15 Nov 2003 13:03:33 +0100 From: "Ralf-P. Weinmann" <[EMAIL PROTECTED]> To: Nicko van Someren <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED], "R. A. Hettinga" <[EMAIL PROTECTED]> Subject: Re: [Mac_crypto] MacOS X (Panther) FileVault On Thu, Nov 13, 2003 at 01:15:03PM +, Nicko van Someren wrote: This is basically correct. FileVault uses an auto-mounting version of the encrypted disk image facility that was in 10.2, tweaked to allow the image to be opened even before your main key chain is available (since the key chain is stored inside your home directory). The standard encrypted image format uses a random key stored on your key chain, which is itself encrypted with a salted and hashed copy of the keychain pass phrase, which defaults to your login password. My suspicion is that for the FileVault there is some other key chain file in the system folder which stores the key for decrypting your home directory disk image and that the pass phrase for that is just your login password. A... So FileVault actually is just a marketing term for the encrypted disk images! Thanks for the explanation! I just hope my login password can be longer than 8 characters then. Yes/no. When your not logged in your home folder is stored as an encrypted DiskImage. In addition part of enabling FileVault was a complete rework of how login authentication was handled, part of which included removing the 8 char limitation. For the record, apple has always allowed passwords longer than 8 char, prior to 10.3, however, only the first 8 char were used to log you in, though the other characters were used to unlock your keychain. > File Vault will automatically expand or contract the disk image at > certain points. It creates a new image, copies everything over, and > deletes the old image. Yup, it essentially does an "hdiutil compact" command when you log out. Do you know whether the source code to hdiutil and hdid respectively its 10.3 kernel equivalent is available? I can't seem to find it in the Darwin 7.0 public source. No they are not. Apple considers DiskImages to be a proprietary competitive advantage. > I don't know what mode of AES-128 it uses. I believe that it uses counter mode, since it's efficient when doing random access to the encrypted data. Of course counter mode would be ideally suited for this application. The question is whether the people at Apple implementing this feature knew this :) It is a virtual certainty that Apple used Security.framework which includes a variety of algorithms (including AES) and secure/peer reviewed operation modes. I believe the security framework is open source, and in fact based on a broader standard (CDSA). If you'd like to know for certain I'd suggest you email [EMAIL PROTECTED] and/or file a bug report at bugreporter.apple.com (requires free registration) on the documentation. -- __ Arguing with an engineer is like wrestling with a pig in mud. After a while, you realize the pig is enjoying it. __ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827 AIM ID: teargo iChatAV: [EMAIL PROTECTED] (video chat available) __
Re: Privacy qua privacy (Was: Photographer Arrested For Taking Pictures...)
At 12:58 -0500 on 12/31/02, Adam Shostack wrote: On Tue, Dec 31, 2002 at 09:49:28AM -0800, Kevin Elliott wrote: | At 12:12 -0500 on 12/31/02, Adam Shostack wrote: | >Rummaging through my wallet...a grocery card in the name of Hughes, a | >credit card with the name Shostack, and an expired membership card in | >the name Doe. | | Interesting point on grocery cards... Why do they have your name at | all? Every grocery card I've ever gotten they've said "here's your | card and application, please fill out the application and mail it | in". I say "thank you ma'am", walk out the door and toss the | "application" in the trash. Not exactly strong (or any) name | linkage... Pollution. Cards without names can be purged, cards with names confuse them. Is that the same Mr. Hughes with Richard Nixon's SSN who seems to shop vegitarian in San Jose, but buys pork in large quantities in Oakland? And look, Mr. Clinton here lives at the same address... I see. I guess I'll have to fill out the damn form the next time I get a card. I don't actually visit the store now that safeway.com delivers . -- ___ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827 AIM ID: teargo ___
Re: Dossiers and Customer Courtesy Cards
At 11:02 -0800 on 12/31/02, Tim May wrote: On Tuesday, December 31, 2002, at 09:49 AM, Kevin Elliott wrote: At 12:12 -0500 on 12/31/02, Adam Shostack wrote: Rummaging through my wallet...a grocery card in the name of Hughes, a credit card with the name Shostack, and an expired membership card in the name Doe. * Dossier-compiling does not seem to be the motivation...at least not yet. The >data are too sparse, it seems to me. I don't know if people who "honestly" gave >a name and mailing address, and whose data were keypunched accurately, are >getting the "targeted mailings" for Midol, Attends, Trojans, etc. that the >technology can support. I am almost CERTAIN that at least some stores are keeping track of what's being bought and using it to encourage buying. i.e. when I still lived in the Great State of Illinois, Kroger had an interesting habit of giving out "coupons" with your receipt. They'd custom print a coupon when the printed your receipt. It didn't take much thinking to notice that the coupon they gave you was VERY closely correlated to what you bought. My favorite case was when I happened to buy 8 boxes of HotPockets and they responded with a "Buy 7 get 1 free coupon". However, this personally doesn't bother me. They don't have my name, all they have is that the person who carries this token like HotPockets, so lets give him a coupon to keep him hooked. Very sensible to me... -- ___ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827 AIM ID: teargo ___
Re: Dossiers and Customer Courtesy Cards
At 12:03 -0800 on 12/31/02, Tim May wrote: Yes. So? Notice that exactly the same type of coupon is printed out with a cash or non >courtesy card purchase. It's a purely local calculation. In programming terms, >a purely local variable situation. No. Obviously the coupon was closely linked with my buying pattern, and in at least one case I received one of these "buy several" coupons without having purchased that product that particular trip (though I'd purchased it the the past). In my normal insulting way I would say "Duh" here. But I am attempting to be >more polite, so I will say "Am I missing something in your analysis?" My oh my. Getting an early start on your new years resolution? -- ___ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827 AIM ID: teargo ___
Re: Compilers Can "Optimize" Away Security Code (fwd)
At 17:56 -0600 on 11/20/02, Jim Choate wrote: http://www.extremetech.com/article2/0,3973,717141,00.asp As if we hadn't talked the living crap out of this subject... Use the volatile keyword. That's what it's there for. Really. -- _________ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827
Re: OPPOSE THE WAR! We are going to ruin Iraq to get the oil. Who's ne
At 14:06 -0700 on 11/19/02, Mike Diehl wrote: The british got VERY upset with us because of a tendency to shoot officers which was considered very bad "form". I believe it was common practice to hang anyone found armed with a rifle for what amounted to war crimes. But again, very poor rate of fire kept them from replacing the smoothbore. This probably stemmed from the aristocratic culture of the times? It's probably partly historical as well (meaning there used to be a good reason). Think about a large conscript army, basically completely undisciplined by todays standard. Very poor communication, so the officer core on site has nearly complete autonomy. Killing a large piece of that officer core could very well remove any constraints on the soldiers behavior. Next thing you know the orderly army has turned into a marauding barbarian horde. That's not good for either side. -- _________ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827
RE: OPPOSE THE WAR! We are going to ruin Iraq to get the oil. W ho's ne
At 15:57 -0500 on 11/19/02, Trei, Peter wrote: Kevin Elliott[SMTP:[EMAIL PROTECTED]] Correction in the interest of historical accuracy. The idea that we succeeded in the revolutionary war by "inventing a new form of warfare". The reality is that the british were marching in formation for very, very good reasons. Their tactics were an early form of Napoleanic tactics (the techniques perfected by Bonaparte and used to SMASH most of the rest of Europe). They evolved from several factors notably: [snip] Actually, they were marching for quite another reason - they were in retreat back to Boston, via Lexington. The redcoats had very light casualties up to the point when Gage decided to pull back. My original point was about the more general topic of unit tactics during the revolution. Disciplined formation fighting and volley fire is THE way to win large scale musket engagements. Any other way gets you clubbed to death by weight of fire. A pet peeve of mine is the implicit assumption that seems to have been nailed into out public school children (including me) that the british tactics in the revolutionary war basically boiled down to "they were stupid idiots". A more careful reading of history shows this to be simply untrue. A retreat through hostile territory, under fire, is not the best situation to be in. Untrained at small-unit tactics (and tired - they had been on the move all the previous night marching from Boston), they marched along a road flanked by ridges, stone walls, and farmhouses - great cover for the well-rested militia who had no particular place to get to, friendly civilians, and great local knowledge. The British set out flankers to guard the line where they could, but topography sometimes made them useless. On the retreat, the Gage's men suffered 20% casualties. A retreat under fire is a recipe for disaster under any circumstances. -- _________ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827
Re: OPPOSE THE WAR! We are going to ruin Iraq to get the oil. W ho's ne
At 14:11 -0700 on 11/19/02, Mike Diehl wrote: On Tuesday 19 November 2002 01:57 pm, Trei, Peter wrote: > > Kevin Elliott[SMTP:[EMAIL PROTECTED]] > > Correction in the interest of historical accuracy. The idea that we > > succeeded in the revolutionary war by "inventing a new form of > > warfare". The reality is that the british were marching in > > formation for very, very good reasons. Their tactics were an early > > form of Napoleanic tactics (the techniques perfected by Bonaparte > > and used to SMASH most of the rest of Europe). They evolved from > > several factors notably: [snip] > > Actually, they were marching for quite another reason - they were > in retreat back to Boston, via Lexington. The redcoats had very light > casualties up to the point when Gage decided to pull back. If I might ask, if they had suffered light casualties, why were they in retreat? He hadn't expected to take any at all. He'd been surprised by the resistance (remember the british hadn't thought of themselves as being "at war" at this point) and so, being surprised and unsure of the new situation, he retreated. > Untrained at small-unit tactics (and tired - they had been on > the move all the previous night marching from Boston), > they marched along a road flanked by ridges, stone walls, > and farmhouses - great cover for the well-rested militia > who had no particular place to get to, friendly civilians, > and great local knowledge. The British set out flankers > to guard the line where they could, but topography > sometimes made them useless. This is how I remember reading about it. Home court advantage. At times certainly. But over the whole scope of the war? Not particularly. -- _ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827
Re: OPPOSE THE WAR! We are going to ruin Iraq to get the oil. Who's ne
At 10:37 -0700 on 11/19/02, Mike Diehl wrote: Unfortunately, terrorism is probably a predictable response by people who want to be able to control their own destinies, select their own leaders and forms of goivernment and so on. Yes, it's just a "new" form of warfare. During the Revolutionary War, we also deviced a new form af warfare. If you recall, the English had this habbit of marching and fighing in formation. We were able to pick them off from the hills as they marched. The wouldn't leave formation, and we slaughtered them, quite un-gentlemanlike, btw. Correction in the interest of historical accuracy. The idea that we succeeded in the revolutionary war by "inventing a new form of warfare". The reality is that the british were marching in formation for very, very good reasons. Their tactics were an early form of Napoleanic tactics (the techniques perfected by Bonaparte and used to SMASH most of the rest of Europe). They evolved from several factors notably: 1) the incredibly poor accuracy of smoothbore muskets. Rifled muskets were available, but quite costly and... 2) rifled muskets were not effective because of the ponderous reload time (I don't have precise figures, but the number 1/6th-1/10th the rate of fire of a smoothbore musket comes to mind) 3) additionally the very short effective range of 18th century firearms meant that the most effective tactic was to: Stand in lines, fire in volleys and reload as fast as possible. If you were well trained you could fire significantly faster than your opponent, and thus kill his men faster than he can kill yours. And as you kill his men, he has fewer to return fire with. Eventually he will be out of men or his line will break. Once his line breaks you can continue to volley fire into a retreating enemy and/or run his men down with cavalry. If you read between the lines of US history, you'll discover that America did not begin to succeed in the war until late in the war when the troops had become better trained and disciplined. As an aside, the slaughter of the Civil War and WW1 mainly resulted from a failure to recognize that the wide spread use of rifled muskets and minnie balls in the Civil War and smokeless powder in WW1 had completely destroyed the effectiveness of Napoleonic tactics. Technical innovations like the machine gun put the final nail in the coffin, so to speak. -- _________ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827
Re: OPPOSE THE WAR! We are going to ruin Iraq to get the oil. Who's ne
At 13:14 -0700 on 11/19/02, Mike Diehl wrote: On Tuesday 19 November 2002 01:02 pm, Kevin Elliott wrote: > Correction in the interest of historical accuracy. The idea that we > succeeded in the revolutionary war by "inventing a new form of > warfare". The reality is that the british were marching in formation > for very, very good reasons. Their tactics were an early form of > Napoleanic tactics (the techniques perfected by Bonaparte and used to > SMASH most of the rest of Europe). They evolved from several factors > notably: That is very interesting and smells true. But I have read an historical account of how we slaughtered the "Reds" from the hills as they marched. Seems to be a contradiction here that I can't resolve. Well, there nuggets and the larger truth... Rifles were widely used as sniper rifles by the Americans. They were commonly available (though expensive) because they are a far superior hunting tool than a smoothbore musket. The definition of a "Kentucky Rifle" is a long barreled _rifled_ musket. Much of their reputation came from the fact they were rifles and any rifle will shoot rings around a smoothbore. The british got VERY upset with us because of a tendency to shoot officers which was considered very bad "form". I believe it was common practice to hang anyone found armed with a rifle for what amounted to war crimes. But again, very poor rate of fire kept them from replacing the smoothbore. On the other hand, track the battles. The US lost most of the early engagements and for at least the first 2 years was doing very poorly. We succeeded in later battles because of improved training and discipline (part of the significance of Valley Forge was that it was used as a training ground that improved the general quality of troops immensely). Yorktown was a fairly traditional Napoleonic battle which we only one because French ships prevented Cornwallis from retreating. He was forced to surrender when it became clear that he couldn't break out of the American lines and that the French were more than willing to bring the whole town down around his ears from the coast. -- _ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827
Re: "Emergency Coercive Unit"
At 10:59 -0500 on 11/13/02, Tyler Durden wrote: b) Downstairs and across the street in front of Starbucks I just saw two NYC >cops holding what looked like AK-47s...on their backs it said "Emergency >Coercive Unit". I always knew New York was full of commie bastards. I thought they were smart enough to hide themselves behind good capitalist weapons. Like an AR-15 or an MP-5. 3 -- _________ Kevin Elliott <mailto:kelliott@;mac.com> ICQ#23758827
Re: Did you *really* zeroize that key?
At 19:30 + on 11/7/02, David Howe wrote: at Thursday, November 07, 2002 6:13 PM, David Honig <[EMAIL PROTECTED]> was seen to say: Wouldn't a crypto coder be using paranoid-programming skills, like *checking* that the memory is actually zeroed? That is one of the workarounds yes - but of course a (theoretical) clever compiler could realise that int myflag; myflag=0; if (myflag!=0) { do stuff } ; can be optimised away entirely as the result is constant. the problem isn't so much a question of what would work now, but "is it possible that your zeros could be optimised away by a theoretical future compiler, and how do we make portable code that nevertheless can't be optimised away?" The point is though, that according to C99 today volatile int myflag; myflag=0; if (myflag!=0) { do stuff } ; does _exactly_ what you want, per the spec. The only compilers that don't work this way are by definition out of spec, so adding new stuff isn't going to help. Having said that, most of what your talking about pragma wise is boils down to controlling the optimizer. Most compilers offer options to control this, but it's vendor specific. I can see how adding this to the spec would be worthwhile. But it's not essential to fix the problem above. -- _____ Kevin Elliott <mailto:kelliott@;mac.com> ICQ#23758827
Re: What good are smartcard readers for PCs
Hey don't forget you can still buy a smart card reader from that most cypherpunkish of babes BRITNEY SPEARS ! Only $30 ! https://www.visiblevisitors.com/mltest/order_form.asp -- _ Remember Kids- Somebody tries to kill you, you try and kill'em right back... _____ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827
Re: What good are smartcard readers for PCs
-- James A. Donald> > > Increasingly however, we see smartcard interfaces sold for > > PCs. What for, I wonder? On 24 Sep 2002 at 1:41, Bill Stewart wrote: > I'm not convinced that the number of people selling them is > closely related to the number of people buying; this could be > another field like PKIs where the marketeers and cool > business plans never succeeded at getting customers to use > them. On 24 Sep 2002 at 19:12, Peter Gutmann wrote: > Companies buy a few readers for their developers who write > software to work with the cards. [...] Eventually the > clients discover how much of a bitch they are to work with > [] users decide to live with software-only crypto until > the smart card scene is a bit more mature. > > Given that n_users >> n_card_vendors, this situation can keep > going for quite some time. I have found that the administrative costs of PKI are intolerable. End users do not really understand crypto, and so will fuck up. Only engineers can really control a PKI certificate, and for the most part they just do not. In principle the thingness of a smartcard should reduce administrative costs to a low level -- they should supposedly act like a purse, a key, a credit card, hence near zero user training required. The simulated thingness created by cryptographic cleverness should be manifested to the user as physical thingness of the card. Suppose, for example, we had working Chaumian digicash. Now imagine how much trouble the average end user is going to get into with backups, and with moving digicash from one computer to another. If all unused Chaumian tokens live in a smartcard, one might expect the problem to vanish. The purselike character of the card sustains the coin like character of Chaumian tokens. Of course if one has to supply the correct driver for the smart card, then the administration problem reappears. USB smartcard interfaces could solve this problem. Just plug them in, and bingo, it should just go. Ummh, wait a moment, go where, do what? What happens when one plugs in a USB smartcard interface? Still, making crypto embodied in smart cards intelligible to the masses would seem to be a soluble problem, even if not yet solved, whereas software only crypto is always going to boggle the masses. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG UpBeNFF1UW7r7Fw8pVMxQG+xJ3mwsngHIp62BxL6 4D+u3ZM5e1JbeYAKaQ4dhOQrlZ42vq05cfz83rnCZ -- _ Remember Kids- Somebody tries to kill you, you try and kill'em right back... _ Kevin Elliott <mailto:[EMAIL PROTECTED]> ICQ#23758827