Schneier on Security
A blog covering security and security technology.
« A Link between Altruism and Fairness |
| Hack Against SCADA System »
November 18, 2011
Friday Squid Blogging: Squid Camouflage
Some squid can switch their camouflage instantly.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Posted on November 18, 2011 at 4:41 PM
• 35 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
@Daniel - "Finally, as a follow-up to the issue of using fake Facebook profiles. Turns out that's illegal."
I disagree. The generally accepted definition of a fake Facebook profile is a profile of a fictitious person.
The first link has to do with posting on someone else's actual Facebook profile.
The second link deals with creating a Facebook profile that impersonates an actual person.
What are your thoughts about quantum-ready asymmetric encryption? There was a Slashdot story on it a few days ago (http://ask.slashdot.org/story/11/11/10/1748242/ask-slashdot-post-quantum-asymmetric-key-exchange) that revealed we're not at all prepared to start migrating to a secure post-quantum world. Crypto researchers like to pride themselves on having the chances of losing privacy at less than one in a million, but if the chances of a quantum computer being invented in the next few decades are about 10% then RSA is at best 90% effective.
We're on a sinking ship. Why are there no good, implemented, open and tested post-quantum key exchange methods? Where is the outrage?
I remember a “virus” that played a silly song on the original IBM PC. Those of us who owned or used the original IBM PC (or clone) might remember the “magic mushroom advert”.
The IBM PC didn’t have a sound card (it could only beep). However some inventive person managed to get real audio to play on the speaker and converted the quirky advert that was popular at the time.
Although it first appeared at the time of the original dreaded “stoned virus”, the magic mushroom virus wasn’t a real computer virus in the sense that we know them. It was spread by people in the office modifying the autoexec.bat of their victim’s PC to play the tune on start-up
So while it caused some consternation it was coupled with great hilarity as no-one had ever heard anything other than a beep emanating from their PC’s. At the peak of its reign the song could be heard all around the offices in the morning when PC’s were booted up.
I found myself humming the tune recently and … aarrg …it got stuck in my head as silly tunes often do! Well it never ceases to amaze me what you can find on the net. The first URL below describes the little program and the second is a video of the original advert:
@ A blog reader,
With regards the Stop Online Piracy Act (SOPA)
Have a look at,
Put simply SOPA is a messy mish mash of ideas thrown into a pot and stirred and boild down to an unpalatable mess.
Most of the ideas appear at first sight to be there to appease IP rights holders, but on closer examination actually come out as extreamly heavy handed Government desperatly trying to find ways to stuff the Internet genie back in the bottle.
Like a lot of proposed and current Internet legislation from around the world it is likley to do considerably more harm than good.
An article from CIO Online indicates that US (and presumably other countries) LEA's are not even close to recognizing the extent let alone dealing with a fraction of cyber-crime,
It contains all the usual excuses and arm waving, but is notably lacking in suggestions to resolve the problem. In the main it is suggesting draconian punishments of the perpetrators and early moral guidance about "music downloads".
It is notable in that it talks about the perpetrators and individual victims (such as credit card holders, Sahra Palin, Milly Cyrus, etc) what it does not mention (possibly understandably) is the third party enablers who aggregate valuable data in extreamly vulnarable systems.
As was once observed,
"The King does not hang the Crown Jewels on a tree outside the castle for all to touch and take, he's a strong room deep within and guards to keep ne'er do wells at bay, and he keeps them sharp with the headsman's axe."
Perhaps if a few corperate "heads were to roll" with five or ten years Federal time and fines equivalent to the prosecuters claims of total individual loss or of a quater of the annual group turnover taken directly from the shareholders at the likes of Sony, RSA, et al, then maybe other organisations who store our personal data would be a little sharper with it's security.
Not suprising. It was only a matter of time. See Frank Stajano's things.
Surveillance Catalog project at WSJ
Parsing fraud via the phone would be easy to do if you chop up vowels.
Also, counting spam as real correspondence could create quite a social network couldn't it?
One wonders if the police are trained to find insider fraud on these surveillance techniques that they are given? Considering the number of contractors used who know the ins and outs of software weaknesses, one wonders.
More on Stop Online Piracy Act (SOPA).
Apparently the congressional hearing was a complete joke. They prevented nearly all the anti-SOPA folks from testifying, leaving only GOOGLE as the voice of sanity. (No, I don't think the RIAA's position is sane!)
I am afraid I am too ignorant about technology to even state a sensible question here, but I would very much like to hear about the possibilities of FPGA computing for the consumer market, and if this could be important for security and privacy for every computer user.
I imagine that one could design ones own processor, based on open source data.
The idea I had in mind (which might not be a sensible one) revolved around a processor that could be reprogrammed and reconfigured, perhaps on the fly.
I remember reading about Skybridge systems over 10 years ago on the internet. Their mission statement expressed something along the lines of wishing for this technology to lead to cheap desktop sized supercomputers with a low power requirement.
Some time later though, it seemed to me as if the difficulties regarding reconfigurable computing was too difficult for them, and the mission statement had obviously been changed and the idea of desktop supercomputers had disappeared.
I now remember that the company I had in mind, was in fact not named "Skybridge Systems" as I have been writing in my earlier comment above, but it was named "Starbridge Systems". My bad. :P
I looked into that stuff a while back. There's not really a technical obstacle: the FPGA's and tools for working on them are awesome. FPGA technology was also beating Moore's Law, at one point. There are numerous processor, crypto, etc. designs out there, many free. If anything, I think it's an industry issue: the x86 vendors and an x86-based OS dominate the desktop industry. They don't want anything competing with their integrated solutions.
There are many interesting things one can do with FPGAs, and some astonishing speed boosts
to be had if you have a well-defined simple (for some value of "simple") problem. However, as with the general lack of free lunches, the highly optimized and in some cases hand-laid-out circuitry of the hard-wired processor has major speed/power advantages of its own. Someone who claims they can take a large hunk of software (say, Apache, or Word) and magically map it into an FPGA that competes on speed/power is trying to sell you something akin to a lease on the Brooklyn Bridge.
You can't escape Fischer's Fundamental Theorem, as modifed by Gerald Weinberg: "The better adapted an organism is to its environment, the worse it is at adapting to changes in that environment, and vice versa"
SQUID (Superconducting quantum interference device)
As an alternative to FPGAs for building a desktop supercomputer, you can use GPUs. Over the past several years NVIDIA has become a big player in this space by repurposing their graphics cards as massively parallel processors, easily programmed in C, C++, or Fortran with their CUDA toolset.
Massively parallel GPU supercomputers are all the rage now in scientific computing. Having worked with CUDA, I see no barrier to GPU supercomputing in the consumer space. All you need is a CUDA-capable NVIDIA graphics card, which you probably already have, plus the ability to program in C or C++ (or Fortran for you old-timers), and you're good to go.
@ Alan Kaminsky
Yeah, many of the big supercomputers are loading up on GPU's. There are already desktop applications that are using GPU's for a speedup. One of them is a password cracker. :)
I figure I should also mention RapidMind. Their toolkit allows you to use the same programming model to produce applications for CPU's, GPU's and Cell processor. It's for data-parallel applications.
"Why are there no good, implemented, open and tested post-quantum key exchange methods?"
Academically, post-quantum crypto is already here. Multivariate Equation based crypto (MQ crypto) and Lattice-based crypto are the strongest avenues, with some great results. Many cryptosystems (including one developed by myself, Plantard and Susilo) are now better than RSA in terms of operational speed/throughput on conventional processors. Many have been implemented and libraries are available.
I'll put your mind at ease a little by saying that you don't need to be too concerned with national security at least; without going into too much detail, there are some government organisations already using post quantum crypto. The lack of uptake in the private sector is what worries me though.
"Where is the outrage?"
Direct your enthusiasm towards the standards committees, please. Academia has been saying for over a decade now that there are credible, secure post-quantum alternatives, however until there is a standard, what business wants to invest in a cryptosystem that may become out-dated/obsolete tomorrow, by some cryptosystem with slightly higher performance?
A line must be drawn in the sand. Yes, there are plenty of asymmetric-key cryptosystems that perform better than RSA, but RSA is the standard. A de-facto post-quantum standard is not going to emerge from academia, because there are constant, incremental improvements being made to post-quantum cryptosystems. A de-jure standard must be agreed on quickly, or the private sector is not going to invest and long-term information security will be compromised. From my admittedly limited experience, academia seems to be notoriously bad at 'pushing' standards. Unfortunately, we need a 'pull' from the standards committees before anything is going to happen.
That being said, I have heard rumblings on the grapevine that Voltage Security (founded by the near-legendary Dan Boneh, co-creator of the Boneh-Franklin IBE scheme) are looking into post-quantum crypto, but perhaps someone more knowledgeable could provide commentary.
Perhaps ISO/ANSI/IETF etc. should start a few competitions along the lines of AES/SHA-3 to find an open standard. :-)
"Many cryptosystems (including one developed by myself, Plantard and Susilo) are now better than RSA in terms of operational speed/throughput on conventional processors."
I was a little alarmed at how this sounds when I read it back. Given that RSA-practicality seems to be the holy-grail of post-quantum crypto, I don't mean to state that any post-quantum cryptosystem is objectively better than RSA. A robust comparison/analysis of security parameters is still missing and there are still some shortcomings in many post-quantum cryptosystems hindering adoption in some use-cases (such as long key-setup times or large memory requirements). In particular, assumptions have to be made over equivalent key-lengths, and any comparison based on such assumptions is tenuous at best.
Please take my statement only to mean that there are practical post-quantum cryptosystems out there in academia, roughly on-par with RSA in terms of performance. Based on some (possibly flawed) assumptions about equivalent key-lengths, some post-quantum cryptosystems even exceed the speed of RSA. :-)
FPGAs are simultaneously both overrated by some, and underrated by others. There's a lot of superlatives being thrown around with FPGAs.
Think of FPGAs as being mind-blowingly better than general purpose processors for an extremely small subset of problems. You can quite easily build a CPU inside a FPGA based on open standards, but it will run far slower than the original CPU, as not only are there significant overheads in the use of FPGAs, but (among other things) they can't sustain the clock-rates of modern CPUs.
Notwithstanding, to get the most computation power out of a FPGA, you'd have to design the circuit like you would code, extremely specific for the application it's performing. As far as I'm aware, like coding, this is a job to be done by hand, as computers are not great at doing it automatically. There are the equivalent of 'libraries' in FPGAs, where you can copy across some pre-designed circuit structures to use in your own design, but without some kind of automated circuit creation algorithms, or at lease a well-defined, high-level 'programming language', I doubt FPGAs are going to be the holy grail of computing power any time soon.
@Alan Kaminsky, Nick P
CUDA is great, but for an open, platform-agnostic toolkit, try OpenCL. I believe RapidMind already abstracts OpenCL for its GPU operations, while using it's own interface for x86 and CELL. I wonder why anyone would use it then, given that OpenCL also works with x86 and CELL natively anyway. Then again, I have been asking myself the same thing about DirectX for a good decade now.
@ Mike Rose,
"Direct your enthusiasm towards the standards committees, please."
Yes they need a darn good shake up in a lot of cases they have become "fat and lazy resting on their laurels from times past". Worse still many appear to be on "job creation schemes" to make National and International standards where standards are just not required, and in the process introduce petty bits in National standards to get one up on International standards...
Hence some of the jokes such as "Standards are like a toothbrush, everyone agrees you should have and use one, but nobody wants to use yours".
Which brings me onto what I see as the "big fail" in Crypto Standards as seen by your comment,
"Perhaps ISO/ANSI/IETF etc. should start a few competitions along the lines of AES/SHA-3 to find an open standard"
Whilst usefull it does not solve the real issue you identify,
"... however until there is a standard, what business wants to invest in a cryptosystem that may become out-dated/ obsolete tomorrow, by some cryptosystem with slightly higher performance"
This is the real issue for businesses in that they need to start designing crypto into very price sensitive designs with very long life times, which also are increadibly expensive to "rip out and replace". Two such areas are "medical implants" and "smart utility meters".
What the standards organisations need to be doing is designing the "cart" not the "load". That is they need to develop "Crypto Framework Standards" to carry many "Crytpo Mode Standards" such as CBC CTR etc which in turn carry "Base Crypto Standards" such as for AES-X and HASH-X.
Whilst designing individual items such as AES-X and HASH-X may be fun and provide greate sport to be discussed in the "crypto lounge" likewise mode standards they are generaly of little or no interest to system designers other than as "building blocks".
What the business community wants is "plug and play" which requires a standardized interface into which these building blocks can be dropped and seamlessly replaced as required.
However there is a serious "Gottcha" with crypto which is insecurity and the resulting fall back attacks. So any Crypto Framework Standard needs to address this correctly which has many many not immediatly obvious complications ( including specifing the minimum size of mutable memory, comms protocols, coms hardware, to carry revocation and upgrade information, etc, etc).
And importantly not just for PC and other systems with an ultra short life expectancy and very easy upgrade/replace path, but also for very long life expecancy products that have very difficult and thus extreamly costly upgrade/replace paths.
After all as we have seen certain insulin pumps can be hacked, although they are expensive, because they are outside the body the "replace" path is relatively easy, which would not be the case for the likes of a pacemaker, where the "replace" path is "rip your chest open yet again".
However because the insulin pumps are expensive and extreamly cost sensitive the "upgrade path" is not simple. Due to the cost sensitive nature the electronics were made for the minimum possible manufacture price, and the upgrade issue was probably not even considered during the design process except as a factory default setup.
Price sensitive markets are almost always a cost cutting race for the bottom, unless there is some legal requirment for a minimum standard with which the device must be compliant (and independantly tested as so) before it can br placed on the market.
This is a critical issue in "embbeded products" especialy when they have no realistic replacment path (think your pacemaker again).
Further with security there is also a "time window" thus you can not just go around having a "hardware upgrade" the planning and time scales are absolutly enormous. For instance in the UK we are replacing Analog TV with Digital TV a process that has been in the planning for considerably over ten years and we have not actually started getting to reigonal "switch over" yet, and that is expected to take several years. Now imagine as some Politico's have been pushing we all have "Smart electricity meters" and a serious security fault is discovered (that makes the latest water pump scare look trivial) how long and at what cost is it going to take to replace them for the 25million UK households and small businesses, and for the 150million in the US?
Thus any Security Framework Standard would have to mandate a fast way to do this in an acceptable way. There is no way otherwise that it would be built in in an open free market.
But there are other considerations, there are now over two hundred embbeded implant products on the active surgical market. Most of these need "Emergancy Control Panels" for ER / A&E to be used in the "golden hour" or now the "platinum ten minutes" to prevent the patient being killed / dying. No hospital on this planet could have them all for the "golden hour" and thus no ambulance or first responder team for the "platinum ten minutes". The only way this could be done and it needs to be done is via a very very standard protocol that all implants follow, this in turn mandates a standard communications system all of which needs to be securly upgradable...
The only way this can be done is with "Security Framework Standards" that incorporate "Communication Protocol Standards" that in turn incorporate "Crypto Framework Standards" that in turn incorporate "Crypto Mode Standards" that in turn incorporate "Crypto Primative Standards" such as AES-X and HASH-X. The top level standard needs to be such that it allows for all the lowerlevel standards to be plug&play in all devices.
Without this we are coming to "sleep walk" into an unresolvable mess where people will be hurt, injured or killed in both the "Smart Utility Meter" and "Medical Electronics" markets.
And all our politico's currently, can barely wake upa and smell the coffee on the likes of "China APT"...
Article in Sunday's Washington Post on the network of license plate readers scattered throughout the DC area.
"...police agencies have begun storing the information from the cameras, building databases that document the travels of millions of vehicles.
Nowhere is that more prevalent than in the District, which has more than one plate-reader per square mile, the highest concentration in the nation. Police in the Washington suburbs have dozens of them as well, and local agencies plan to add many more in coming months, creating a comprehensive dragnet that will include all the approaches into the District."
For those in the uk, Ch4 tonight 9pm (Mon 21st Nov) interesting looking program on Turing and Enigma
@ Mike Rose
". I wonder why anyone would use it then, given that OpenCL also works with x86 and CELL natively anyway"
Early on, it was better than the alternatives. That was a while back. Checking up on it recently, I found that Intel acquired them & essentially merged their work into the Intel Array Building Blocks project. The ABB descriptions & lingo sound almost identical to the RapidMind marketing I read a while back. The old RapidMind company link I had bookmarked goes straight to that Intel site. Guess another vendor bites the dust... OpenCL & ABB is its then. ;)
Paper on improving AES by implementing a 512-bit key length. Not sure if the benefit is more than theoretical at the moment.
Just to wish all of you in the US a peacefull and enjoyable thanksgiving.
@ Nick P,
On the assumption you've had your thanks giving dinner by now ;)
This little snipet might be of interest,
Though I must warn you that the last paragraph might make your blood preasure rise.
A presedential hopefull from Texas (Rick Perry) apparently said in comment to a question about threats the US had to face up to, stated,
... his belief that China was destined for the "ash heap" of history, Perry said that the People's Liberation Army's (PLA) involvement with cybersecurity is a major issue that the U.S. has to deal with now.
Now the question is is he that ill imformed or was he just trying to "one up" to please the crowd.
If anything China is like the Phoenix of legend, currently rising from the hot ashes after being born again and spreading it's wings. Yes they are a serious threat but the cybersecurity angle is small potatoes compared to what else they are upto (as I've commented in the past using rare earth metals as but one example).
@ Clive Robinson
He was probably just talking crap as we call it. It's an American tradition. We also dont dress it up quite like Brits. ;) The second point he made was ill-informed. The Chinese threat is well-understood and their success is largely due to lax security practices. Govt just made the wrong tradeoff back in the day.
And i agree china's economic moves are their main weapon. The side effects from US outsourcing alone have been immensely damaging.
I noticed that Slashdot brings a story today about researchers using a FPGA board to break copy protection: "$350 Hardware Cracks HDMI Copy Protection"
Source: http://aktuell.ruhr-uni-bochum.de/pm2011/... (english)
I don't know if this is really interesting, but found it amusing since I asked a question about FPGA the other day.
The german article also mention that:
"The scientists do, however, envisage a real threat to security-critical systems, for example at authorities or in the military."
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.