Re: [atlas] RIPE measurement Credits required

2021-10-28 Thread Dario Ciccarone 
Paul, I think you should now go into business as a RIPE ATLAS credit broker ;)

Talk about Dogecoin - this is the next bubble ! ;)


> On Oct 28, 2021, at 7:59 AM, Rick Havern  wrote:
> 
> GEANT is always ready to help researchers, no repayment required.  We’ve 
> transferred 100M credits to your account.
>  
>  
> Richard Havern
> Head of Network Engineering
> GÉANT
> Tel: +44 (0) 1223 371398
>  
> Networks • Services • People  
> Learn more at www.geant.org​  
> ​ 
> GÉANT Vereniging (Association) is registered with the Chamber of Commerce in 
> Amsterdam with registration number 40535155 and operates in the UK as a 
> branch of GÉANT Vereniging. Registered office: Hoekenrode 3, 1102BR 
> Amsterdam, The Netherlands. UK branch address: City House, 126-130 Hills 
> Road, Cambridge CB2 1PQ, UK.  
>  
>  
>  
> From: ripe-atlas  On Behalf Of Mccherry, Paul 
> (Student)
> Sent: 27 October 2021 21:02
> To: ripe-atlas@ripe.net
> Subject: [atlas] RIPE measurement Credits required
>  
> Dear All
>  
> I have applied and been granted to install an Anchor at my University to 
> generate credits to make measurements, this is taking some time to prepare 
> the equipment etc.  In the meantime I need to carry out some measurement 
> tests for a paper I am working on. Would anybody be able to kindly send me 
> some RIPE credits which I will hopefully pay back once I have the anchor up 
> and running ?
>  
> Regards
>  
> Paul McCherry
> Phd Student
>  
> From: ripe-atlas-requ...@ripe.net 
> Sent: 25 October 2021 23:07
> To: ripe-atlas@ripe.net 
> Subject: [External] ripe-atlas Digest, Vol 122, Issue 6
>  
> This email originated outside the University. Check before clicking links or 
> attachments.
> 
> Send ripe-atlas mailing list submissions to
> ripe-atlas@ripe.net 
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 
> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.ripe.net%2Fmailman%2Flistinfo%2Fripe-atlas&data=04%7C01%7Cmccherry%40live.lancs.ac.uk%7C4d37438bbc3b4cc2083e08d99803ccea%7C9c9bcd11977a4e9ca9a0bc734090164a%7C0%7C0%7C637707964350278127%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=9Igjc2006lt4cpX0l4HT%2B1kH0V0Fs0daWtkJkLOOTY8%3D&reserved=0
>  
> 
> or, via email, send a message with subject or body 'help' to
> ripe-atlas-requ...@ripe.net 
> 
> You can reach the person managing the list at
> ripe-atlas-ow...@ripe.net 
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of ripe-atlas digest..."
> 
> 
> Today's Topics:
> 
>1.  RIPE Atlas Virtual Anchor Application (tnaum...@telekom.de 
> )
> 
> 
> --
> 
> Message: 1
> Date: Mon, 25 Oct 2021 22:06:40 +
> From: mailto:tnaum...@telekom.de>>
> To: mailto:ripe-atlas@ripe.net>>
> Subject: [atlas] RIPE Atlas Virtual Anchor Application
> Message-ID:
> 
>   
> >
> 
> Content-Type: text/plain; charset="iso-8859-1"
> 
> Dear Ripe Atlas Team,
> 
> 
> 
> Could we have any estimation about our application for the first virtual 
> anchor in New York? We would like to have a physical and virtual probe at the 
> same time and recycle/reuse the physical later this Year somewhere else in 
> U.S.
> 
> 
> [cid:image001.png@01D7C9FD.22665680 ]
> 
> Kind Regards
> Thomas Naumann
> 
> Deutsche Telekom Technik GmbH
> Network Infrastructure (T-NWI)
> Thomas Naumann
> Ginnheimer Stadtweg 88, 60431 Frankfurt am Main
> +49 69 20060 4042 (Phone)
> +49 170 3374602 (Mobil)
> E-Mail: tnaum...@telekom.de >
> https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.telekom.de%2F&data=04%7C01%7Cmccherry%40live.lancs.ac.uk%7C4d37438bbc3b4cc2083e08d99803ccea%7C9c9bcd11977a4e9ca9a0bc734090164a%7C0%7C0%7C637707964350278127%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=AXo7fW7WhCXMc9UssS4NI%2FYz5Bv7voSkzOF%2F2RoVihU%3D&reserved=0

Re: [atlas] RIPE measurement Credits required

2021-10-27 Thread Dario Ciccarone 
4.9 millions from me - have fun.

And eventually send us all a link to your paper :^)

> On Oct 27, 2021, at 4:02 PM, Mccherry, Paul (Student) 
>  wrote:
> 
> Dear All
>  
> I have applied and been granted to install an Anchor at my University to 
> generate credits to make measurements, this is taking some time to prepare 
> the equipment etc.  In the meantime I need to carry out some measurement 
> tests for a paper I am working on. Would anybody be able to kindly send me 
> some RIPE credits which I will hopefully pay back once I have the anchor up 
> and running ?
>  
> Regards
>  
> Paul McCherry
> Phd Student
>  
> From: ripe-atlas-requ...@ripe.net 
> Sent: 25 October 2021 23:07
> To: ripe-atlas@ripe.net 
> Subject: [External] ripe-atlas Digest, Vol 122, Issue 6
>  
> This email originated outside the University. Check before clicking links or 
> attachments.
> 
> Send ripe-atlas mailing list submissions to
> ripe-atlas@ripe.net 
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 
> https://eur02.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.ripe.net%2Fmailman%2Flistinfo%2Fripe-atlas&data=04%7C01%7Cmccherry%40live.lancs.ac.uk%7C4d37438bbc3b4cc2083e08d99803ccea%7C9c9bcd11977a4e9ca9a0bc734090164a%7C0%7C0%7C637707964350278127%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=9Igjc2006lt4cpX0l4HT%2B1kH0V0Fs0daWtkJkLOOTY8%3D&reserved=0
>  
> 
> or, via email, send a message with subject or body 'help' to
> ripe-atlas-requ...@ripe.net 
> 
> You can reach the person managing the list at
> ripe-atlas-ow...@ripe.net 
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of ripe-atlas digest..."
> 
> 
> Today's Topics:
> 
>1.  RIPE Atlas Virtual Anchor Application (tnaum...@telekom.de 
> )
> 
> 
> --
> 
> Message: 1
> Date: Mon, 25 Oct 2021 22:06:40 +
> From: mailto:tnaum...@telekom.de>>
> To: mailto:ripe-atlas@ripe.net>>
> Subject: [atlas] RIPE Atlas Virtual Anchor Application
> Message-ID:
> 
>   
> >
> 
> Content-Type: text/plain; charset="iso-8859-1"
> 
> Dear Ripe Atlas Team,
> 
> 
> 
> Could we have any estimation about our application for the first virtual 
> anchor in New York? We would like to have a physical and virtual probe at the 
> same time and recycle/reuse the physical later this Year somewhere else in 
> U.S.
> 
> 
> [cid:image001.png@01D7C9FD.22665680 ]
> 
> Kind Regards
> Thomas Naumann
> 
> Deutsche Telekom Technik GmbH
> Network Infrastructure (T-NWI)
> Thomas Naumann
> Ginnheimer Stadtweg 88, 60431 Frankfurt am Main
> +49 69 20060 4042 (Phone)
> +49 170 3374602 (Mobil)
> E-Mail: tnaum...@telekom.de 
>  >
> https://eur02.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.telekom.de%2F&data=04%7C01%7Cmccherry%40live.lancs.ac.uk%7C4d37438bbc3b4cc2083e08d99803ccea%7C9c9bcd11977a4e9ca9a0bc734090164a%7C0%7C0%7C637707964350278127%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=AXo7fW7WhCXMc9UssS4NI%2FYz5Bv7voSkzOF%2F2RoVihU%3D&reserved=0
>  
>

Re: [atlas] integrity checks for the Atlas software?

2016-01-12 Thread Dario Ciccarone 
What Micha said :)

DISCLAIMER: I work for a vendor, but the following aren¹t in any way, shape
or form my current employer views. It¹s my personal opinion, based, however,
on many years of doing IRT.

Micha is absolutely right ­ unless you start w/ a TPM-kind of hardware
support, there¹s no way to have 100% confidence in that ³what I¹m running is
what I¹m supposed to be running². Regrettably, getting trusted boot and
execution right is expensive in money and time, and hard to get it
absolutely right. I honestly don¹t think the Atlas project would be able to
continue w/ the existing business model of using cheap, off-the-shelf
hardware, and give it away for free ­ and provide a secure boot/trusted
execution kind of probe. RIPE just doesn¹t have that kind of money lying
around, AFAIK.

Of course, it all depends on who your adversary is, and the kind of
resources it has available. While a trusted anchor in hardware, hardware
TPM, digital signatures and strong crypto/hardware entropy source and RNG
would be needed for a full blown solution (plus all the associated build
environment, developers, testers, etc) you can achieve a ³not-too-shabby²
middle ground ­ a two-step boot process, a first stage loader checking the
signature on the main image before loading & launching it.

Of course ­ an attacker could come up w/ a modified binary that doesn¹t even
perform this check, and just launches whatever . . . Move the first stage
loader to a ROM ­ more expensive, better.

But again, it¹s about who you¹re up against ­ based on risk/benefit, RIPE
ATLAS may (a) do it all, (b) middle ground, (c) nothing at all

From:  ripe-atlas  on behalf of Micha Bailey

Date:  Tuesday, January 12, 2016 at 1:16 PM
To:  Tanner Ryan 
Cc:  Wilfried Woeber , "ripe-atlas@ripe.net"

Subject:  Re: [atlas] integrity checks for the Atlas software?

> No, this isn't possible. Or rather, it's not feasible with currently-existing
> software. The *only* way to have any kind of remote assurance of specific
> software running is through remote attestation, meaning that you have trusted
> hardware (e.g. a TPM) that can sign a statement that the machine m is running
> a certain trusted BIOS/EFI/whatever, that signs a statement that the computer
> is running a certain trusted bootloader, and so on, creating a chain of
> trusted signatures all the way through the OS and hypervisor certifying that a
> specific VM is running and can't be interfered with. As far as I know that
> full software stack doesn't exist at this point, and it arguably shouldn't
> exist/be used in most cases (see Google results for «remote attestation»).
> Short of that, there's no way to guarantee that certain code is running
> unmodified. As soon as the user/owner/hacker/rogue datacenter employee is able
> to modify anything below the VM in the stack without being detected, they can
> falsify whatever they want (for example, the hypervisor could be programmed
> such that certain instructions are stored correctly in memory correctly, but
> when executing the code it's silently swapped out). It may be possible to make
> this hard, and even hard enough to be considered acceptable for Atlas (though
> said protection may not even be considered necessary -- what's our threat
> model here?), but it can't be made impossible for a determined-enough
> attacker.
> 
> On Tuesday, January 12, 2016, Tanner Ryan  wrote:
>> I think that is completely possible.
>> 
>> The only issue is that it will take up far more resources validating the
>> integrity of the code (which could be used for measurements).
>> 
>> On Tuesday, 12 January 2016, Wilfried Woeber >  > wrote:
>>> 
>>> While thinking about options or mechanisms to make virtual probes
>>> "tamper-proof"
>>> I had this question coming up:
>>> 
>>> Is the probe software capable to "verify" (check-sum or digital sig) the
>>> bootstrap
>>> kit and then, during run-time, verify that the code in memory is still
>>> genuine?
>>> 
>>> Thanks,
>>> Wilfried
>>> 
>>>