You have a good point about trust of wireless access points, but I disagree that wireless link encryption is inherently a poor idea. If I understand you, you're saying that TLS should be used to encrypt packets for all protocols using IP. Even so, there may be a desire to do encryption at the packet level as well to prevent traffic analysis given that source and destination IP address are accessible to just about anyone. This is a relatively minor point for most people but important to a few.
Another point is that security is not absolute. You should be able to choose what level of security you want given what you are doing at the moment. Even if you can't trust the AP or prevent a MITM (Man In The Middle) attack, you might want to use an encrypted WI-FI link so that a low-level script kiddy can't use Firesheep to view your lunch-time session at 4-chan or out your AC identity on Techdirt.
A final point is that until all your destinations incorporate TLS, you may want to still use a promiscuous WI-FI AP to connect without exposing all your communications to the typical thief or voyeur. It's not absolute security. Without a way to authenticate APs, there is always the possibility of a MITM attack. It comes down to the level of security you are willing to accept. I might use webmail via HTTP at home but I wouldn't do that over a promiscuous WI-FI connection, encrypted or not. However, there are some things I would do, using HTTP, as long as the WI-FI link was encrypted.
Mike,
I think the problem here is that "open" can refer to an unencrypted WI-FI network as well as one that is promiscuous (i.e. allow anyone to join). I think what Rob is referring to are potential security problems when using an unencrypted WI-FI connection. The lack of security depends on what the user is doing with it. My webmail has a choice of using HTTP or HTTPS. You are right about banks though, I can't imagine any using HTTP still.
Maybe I can get people to start using the word promiscuous for these networks despite its negative connotations. There is a precedent for its use to describe NICs that did not filter received frames based on MAC address.
Close, but no cigar. What you are referring to is the Airport Extreme. The guest network is a separate WI-FI network that can be protected or unprotected. However, if it is protected, all the guests still use the same pre-shared password, just one that is different than the primary network. What is possible, but I am guessing Apple isn't doing this (I don't own any Apple equipment), is that a guest uses that pre-shared password and a, guest supplied, individual salt to generate a unique encryption key. That would allow each guest user to have a secure connection to the access point. Even with that capability, the Airport Extreme would not qualify because the guest has to know the password already or ask someone who does.
Re: Re: Re: Re: Re: Re: The TSA made me cry last week too. And wrecked my eye.
I don't think the issue of penetration of backscatter x-rays is as straightforward as you claimed or I claimed. The following excerpt, from a letter signed by several UCSF scientists to an adviser to the president, is what I based my comment on. It is a bit vague as to depth of penetration and percentages.
"Unlike other scanners, these new devices operate at relatively low beam energies (28keV). The majority of their energy is delivered to the skin and the underlying tissue. Thus, while the dose would be safe if it were distributed throughout the volume of the entire body, the dose to the skin may be dangerously high."
I hereby retain David Anthony Stebbins to exclusively represent me (Aldestrawk) in negotiations with Satan. Compensation is payable only after said negotiations are completed. The amount of compensation will be a full 50% of all funds, goods, privileges, and any other perks obtained from Satan as a result of said negotiations. There will be no compensation if such negotiations never take place. Until the day Satan appears before me, David Anthony Stebbins, will not contact me through any form whatsoever, or come to my attention in any other way.
This case is similar to the Lori Drew (cyberbullying) case. Instead of a violation of some web-site's TOS becoming a federal crime, a violation of some employer's work policy is now a federal crime. The judge who overturned her conviction stated in reference to the original decision that it:
“would convert a multitude of otherwise innocent internet users into misdemeanant criminals.”
and:
"allowing a conscious violation of website's Terms of Service to be a misdemeanor violation of the CFAA would essentially give a website owner the power to define criminal conduct."
The federal prosecutor decided not to appeal that decision. If he had, it would have ended up in the Ninth Circuit Court and Orin Kerr would have been representing the defendant.
It doesn't take much to go from a misdemeanor violation to a felony. Also, it is very easy to claim there is some sort of fraud involved (e.g stealing bandwidth from the company) which gives an extra count and a potential maximum of 10 years in a federal prison. The enhancement of penalties for using a computer is now akin to using a gun in a crime. The trouble is, computers are universally used for a multitude of reasons unlike a gun. Remember also, a cell phone has been determined to be a computer in this context. The penalties involved can now far outweigh the crime and these decision are starting to make criminals of us all. Something has to give.
Re: Re: Re: Re: The TSA made me cry last week too. And wrecked my eye.
Infrared? I don't think so. There are two different types of full body scanners in airports; the millimeter wave scanner and the backscatter x-ray scanner. There are two types of millimeter wave scanners, active and passive. Millimeter waves are not x-rays but keep in mind the common term, microwaves, is really a misnomer and refers to millimeter waves. The passive scanners do not emit radiation. You stand in front of them and are similar to how a camera operates. I don't think they are being used by the TSA. The TSA is using both active millimeter wave scanners and x-ray backscatter devices. These devices a person enters to be scanned. Are they dangerous? Maybe, maybe not. People should keep in mind that they get a lot more radiation sitting in a plane at 30,000 - 40,000 ft than on the ground. Is the comparison of scanners to such high altitude radiation valid? It does put things in perspective. The criticism is that the scanners radiation is all focused on the skin so a comparison has to take that into account. The other comparison is to the radiation received from cell phones which is at a higher intensity. At any rate, one pass through these scanners undoubtedly is not a problem. The concern is accumulation of radiation absorbed from multiple scans.
@xenomancer: For both types of scanners used by the TSA, the radiation is not penetrating, it is absorbed by the skin and so vital organs, other than the skin, are not affected.
The U.S. copyright office made a report about the problem of orphan works and copyright in 2006. Legislation was proposed but never passed by congress. The following is from the referenced article and explains why.
A major reason why these bills stalled was opposition from organizations representing professional photographers, whose works are usually published without any attribution or copyright notice. “That’s why the photographers’ refrain is that their photos are orphans from the moment they are put in the stream of commerce,” says Ralph Oman, who teaches at the George Washington University Law School in Washington, D.C., and serves on the council for the ABA Section of Intellectual Property Law. “They fear that if orphan works become the preferred means of finding photos, they won’t get new work,” Oman says.
Photographers are not the only ones fretting about the legislation. “Visual artists and textile creators are worried that their works may not be easy to search, making it hard to identify the copyright owners of these works,” says Dale Cendali, a partner at Kirkland & Ellis in New York City and vice-chair of the Copyrights Division in the IPL section. “They are worried that if orphan works legislation passes, they will be put in a worse position than if there were no legislation.”
This private collection of recordings was acquired by the National Jazz Museum in Harlem last year. Copyright law says that all sound recordings made before February 15, 1972 are under state copyright laws that existed at that time. In 2067 those recordings will finally come under federal law and, thus, enter public domain. Apparently, some state laws had no duration limit. Because of this, unless you track down the copyright holder and what state laws apply you can't reliably license it or be sure it is in the public domain.
“The potential copyright liability that could attach to redistribution of these recordings is so large—and, more importantly, so uncertain—that there may never be a public distribution of the recordings,” wrote David G. Post, a law professor at Temple University in Philadelphia, on the Volokh Conspiracy blog. “Tracking down all the parties who may have a copyright interest in these performances, and therefore an entitlement to royalty payments (or to enjoining their distribution), is a monumental—and quite possibly an impossible—task.”
Re: The TSA made me cry last week too. And wrecked my eye.
One more comment. If the TSA security personnel were allowed to act intelligently, they would have instructed you to go back a little bit away from their check point and wait while they got a colleague to bring some ice. However, they are trained to be unthinking automatons who cannot deviate in the slightest from protocol. Once you have entered the machine, there is no turning back until they spit you out.
BTW: the title of your blog post may get you special attention in the future. I used to travel all the time, I was always selected for extra questioning, by ICE, upon return to the U.S. I never knew why. This was before 9/11 and I hate to think what the process would be like for me now.
Re: The TSA made me cry last week too. And wrecked my eye.
Interesting story. I won't defend TSA's practices but I think the security personnel you asked for ice did the correct thing. It is their job TO ONLY make sure the people who get by them go through the hoops TSA requires. Your bruising and swelling is best helped by immediate application of ice but there won't be permanent damage because it was delayed by a few minutes. I would suggest, while in a security line, or at the front of the line, that you never ask the security personnel for anything. Corner any airport personnel, before you go through security. I'm sure they will have to help in acquiring first aid. If no one is around and the line is empty, call out to the security person to get someone to help with first aid without actually getting into line.
"To the best of counsel’s knowledge, the Secure Facility contains no secure computer onto which the Wikileaks
documents can be downloaded."
This makes sense because, presumably, the computer at the secure facility is not connected to the internet. However, if a document is classified, it means the U.S. has its own copy somewhere, apart, from a Wikileaks release. Again, what I am not completely sure about is if mere knowledge of a classified document, including hearsay that it involves your client, is enough to force the government to allow access to the lawyer.
Another aspect of this is that any Wikileaks document is not absolutely verified as being a legitimate and unaltered document from the government. It would be always best for the lawyer to read an original document supplied by the government.
A final observation. Don't the rules of discovery, even in a case with classified evidence, require the government to supply the lawyer with all documents pertaining to his client? If that is the case, why weren't these documents provided before Wikileaks released them?
If I was a lawyer with secure clearance I would play the absurd security rules in this way. If you have someone download a NY Times article for you, put it on a thumbdrive and take it to the secure government security and read it there. This wouldn't violate the security handling rules because you don't know the newspaper article is classified until you read it. Newspaper articles are generally not considered classified so, absurd as it seems, you have played by the rules. I think the lawyers are whining about the rules because it is horribly inconvenient and incredibly stupid. I don't think the rules actually prevent them from ever viewing Wikileaks documents.
As far as having to travel to a secure facility that is far away, surely those lawyers have to do this on occasion. Suppose, for a moment, that the lawyers became aware of one of these documents but that Wikileaks never received or released it. The lawyer would surely make the effort to travel to a secure facility to ask about and view that document. The part I am not sure about is, if knowing about a document allows them to ask for it and view, not only that document, but related ones that pertain to their clients case.
I think the title of NY Times article, and consequently yours, is incorrect. The lawyers have security clearance. They can bring their copy of the NY Times into a secure government facility and read it there. They must leave the paper there, of course, before leaving. This may be absurd but it is different than saying the lawyers have to pretend Wikileaks doesn't exist.
If a particular leak from Wikileaks is fabricated then it isn't classified. The lawyers should be able to use the Wikileaks article to get complete or further information from the government. The classification restriction isn't tying their hands in defending their client. This is in contrast to the al-Haramain case, which was truly absurd and completely injust.
AC is bringing battleships to a war in the desert. The only real resources needed to force a hash collision are a large sum total of CPU power matched with network bandwidth and a lot of time. Insiders would be very useful though.
Rainbow tables are not involved. The equivalent is already provided by a large set of deduplicated files and their hashes on Dropbox.
AC has made a couple of valid points but doesn't do the analysis needed to find out if there is a real security vulnerability in the Dropbox context.
1). if the [SHA-2] hash of a file is known, that encryption on that file can be bypassed by anyone via Dropship. You have to be careful now, to not inadvertently publish the hash of any file you want to keep private. Why would anyone publish such a hash value? One answer is: to authenticate the file. This assumes you don't encrypt the hash itself and you don't use the hash as part of a MAC (Message Authentication Code). Such uses are real and Dropbox needs to address this. One way they could do it is to add a salt and make all their SHA-2 hashes unique to Dropbox.
If the file is a publicly known file to begin with, then the ability to decrypt it doesn't matter. It does allow someone to infer the existence of a particular file on Dropbox's server and possibly use that information to initiate legal action (e.g. a subpoena) to find out the owner(s) identity.
2). Dropbox is offering security to a large multitude of cloud users. They tout their usage of AES(256) to show the files are strongly protected. A user's assumption now is that even governments with fantastic resources (e.g. NSA) cannot defeat this security. AC's point is valid, Dropbox's security must take into account the possibility of attackers armed with great resources.
What AC didn't do was the analysis needed to find out if such an attack could be successful given Dropbox's real level of security (see my post below). Dropbox's real level of security does not correspond to a level of effort of 2^255. With their deduplicating/hash scheme it is actually:
2^99 / (total number of deduplicated files within Dropbox)
However, it is still outside of NSA's ability to bypass encryption on even a random file. It would probably be much easier to brute force account passwords.
The weakest part of their security is that Dropbox knows the keys used to encrypt all their files. This allows the government to access any particular file through legal means (always justified and completely ethical of course).
There is a possibility of corruption of your file if there is a hash collision with another file under deduplication. Some people think the remoteness of this means you needn't worry about it at all. I'm not sure, but it's probably better to have a backup other than a deduplicated database. Since this requires strong collision resistance, the odds are:
(2 ^ 256/2) / (number of files in cloud)
If there are a billion files, the odds of collision are:
1 / (2 ^ 99)
It is not 1 / (2 ^ 256) but is still a very small probability. It's more likely your co-worker will go postal and then file corruption won't matter.
On the post: Is It Possible To Salvage Open WiFi?
Re: Fail!
Another point is that security is not absolute. You should be able to choose what level of security you want given what you are doing at the moment. Even if you can't trust the AP or prevent a MITM (Man In The Middle) attack, you might want to use an encrypted WI-FI link so that a low-level script kiddy can't use Firesheep to view your lunch-time session at 4-chan or out your AC identity on Techdirt.
A final point is that until all your destinations incorporate TLS, you may want to still use a promiscuous WI-FI AP to connect without exposing all your communications to the typical thief or voyeur. It's not absolute security. Without a way to authenticate APs, there is always the possibility of a MITM attack. It comes down to the level of security you are willing to accept. I might use webmail via HTTP at home but I wouldn't do that over a promiscuous WI-FI connection, encrypted or not. However, there are some things I would do, using HTTP, as long as the WI-FI link was encrypted.
On the post: Is It Possible To Salvage Open WiFi?
Re: Re: Friends don't let friends run open Wifi
I think the problem here is that "open" can refer to an unencrypted WI-FI network as well as one that is promiscuous (i.e. allow anyone to join). I think what Rob is referring to are potential security problems when using an unencrypted WI-FI connection. The lack of security depends on what the user is doing with it. My webmail has a choice of using HTTP or HTTPS. You are right about banks though, I can't imagine any using HTTP still.
Maybe I can get people to start using the word promiscuous for these networks despite its negative connotations. There is a precedent for its use to describe NICs that did not filter received frames based on MAC address.
On the post: Is It Possible To Salvage Open WiFi?
Re: One-click setup
On the post: TSA Molests Miss USA, Makes Her Cry... For Your Safety
Re: Re: Re: Re: Re: Re: The TSA made me cry last week too. And wrecked my eye.
http://www.npr.org/assets/news/2010/05/17/concern.pdf
"Unlike other scanners, these new devices operate at relatively low beam energies (28keV). The majority of their energy is delivered to the skin and the underlying tissue. Thus, while the dose would be safe if it were distributed throughout the volume of the entire body, the dose to the skin may be dangerously high."
On the post: Replying To An Email Does Not Create A Contract (And Does Not Require Walmart Pay $600 Billion)
a job for David Anthony Stebbins
sincerely,
Aldestrawk
On the post: Court: If You Use Your Computer For Anything Your Employer Doesn't Like, You May Have Committed A Crime
Re: Sure, if it was YOUR computer -- but its not.
On the post: Court: If You Use Your Computer For Anything Your Employer Doesn't Like, You May Have Committed A Crime
“would convert a multitude of otherwise innocent internet users into misdemeanant criminals.”
and:
"allowing a conscious violation of website's Terms of Service to be a misdemeanor violation of the CFAA would essentially give a website owner the power to define criminal conduct."
The federal prosecutor decided not to appeal that decision. If he had, it would have ended up in the Ninth Circuit Court and Orin Kerr would have been representing the defendant.
It doesn't take much to go from a misdemeanor violation to a felony. Also, it is very easy to claim there is some sort of fraud involved (e.g stealing bandwidth from the company) which gives an extra count and a potential maximum of 10 years in a federal prison. The enhancement of penalties for using a computer is now akin to using a gun in a crime. The trouble is, computers are universally used for a multitude of reasons unlike a gun. Remember also, a cell phone has been determined to be a computer in this context. The penalties involved can now far outweigh the crime and these decision are starting to make criminals of us all. Something has to give.
On the post: TSA Molests Miss USA, Makes Her Cry... For Your Safety
Re: Re: Re: Re: The TSA made me cry last week too. And wrecked my eye.
@xenomancer: For both types of scanners used by the TSA, the radiation is not penetrating, it is absorbed by the skin and so vital organs, other than the skin, are not affected.
On the post: The Massive Treasure Trove Of Historic Jazz Recordings That Almost No One Has Heard... Thanks To Copyright
Orphan works
A major reason why these bills stalled was opposition from organizations representing professional photographers, whose works are usually published without any attribution or copyright notice. “That’s why the photographers’ refrain is that their photos are orphans from the moment they are put in the stream of commerce,” says Ralph Oman, who teaches at the George Washington University Law School in Washington, D.C., and serves on the council for the ABA Section of Intellectual Property Law. “They fear that if orphan works become the preferred means of finding photos, they won’t get new work,” Oman says.
Photographers are not the only ones fretting about the legislation. “Visual artists and textile creators are worried that their works may not be easy to search, making it hard to identify the copyright owners of these works,” says Dale Cendali, a partner at Kirkland & Ellis in New York City and vice-chair of the Copyrights Division in the IPL section. “They are worried that if orphan works legislation passes, they will be put in a worse position than if there were no legislation.”
On the post: The Massive Treasure Trove Of Historic Jazz Recordings That Almost No One Has Heard... Thanks To Copyright
Re:
“The potential copyright liability that could attach to redistribution of these recordings is so large—and, more importantly, so uncertain—that there may never be a public distribution of the recordings,” wrote David G. Post, a law professor at Temple University in Philadelphia, on the Volokh Conspiracy blog. “Tracking down all the parties who may have a copyright interest in these performances, and therefore an entitlement to royalty payments (or to enjoining their distribution), is a monumental—and quite possibly an impossible—task.”
On the post: TSA Molests Miss USA, Makes Her Cry... For Your Safety
Re: The TSA made me cry last week too. And wrecked my eye.
BTW: the title of your blog post may get you special attention in the future. I used to travel all the time, I was always selected for extra questioning, by ICE, upon return to the U.S. I never knew why. This was before 9/11 and I hate to think what the process would be like for me now.
On the post: TSA Molests Miss USA, Makes Her Cry... For Your Safety
Re: Study
On the post: TSA Molests Miss USA, Makes Her Cry... For Your Safety
Re: The TSA made me cry last week too. And wrecked my eye.
On the post: Lawyers For Guantanamo Detainees Not Allowed To Look At Important Leaked Evidence
Re: Re: incorrect title
documents can be downloaded."
This makes sense because, presumably, the computer at the secure facility is not connected to the internet. However, if a document is classified, it means the U.S. has its own copy somewhere, apart, from a Wikileaks release. Again, what I am not completely sure about is if mere knowledge of a classified document, including hearsay that it involves your client, is enough to force the government to allow access to the lawyer.
Another aspect of this is that any Wikileaks document is not absolutely verified as being a legitimate and unaltered document from the government. It would be always best for the lawyer to read an original document supplied by the government.
A final observation. Don't the rules of discovery, even in a case with classified evidence, require the government to supply the lawyer with all documents pertaining to his client? If that is the case, why weren't these documents provided before Wikileaks released them?
On the post: Lawyers For Guantanamo Detainees Not Allowed To Look At Important Leaked Evidence
Re: Re: incorrect title
As far as having to travel to a secure facility that is far away, surely those lawyers have to do this on occasion. Suppose, for a moment, that the lawyers became aware of one of these documents but that Wikileaks never received or released it. The lawyer would surely make the effort to travel to a secure facility to ask about and view that document. The part I am not sure about is, if knowing about a document allows them to ask for it and view, not only that document, but related ones that pertain to their clients case.
On the post: Lawyers For Guantanamo Detainees Not Allowed To Look At Important Leaked Evidence
incorrect title
If a particular leak from Wikileaks is fabricated then it isn't classified. The lawyers should be able to use the Wikileaks article to get complete or further information from the government. The classification restriction isn't tying their hands in defending their client. This is in contrast to the al-Haramain case, which was truly absurd and completely injust.
On the post: Dropbox Tries To Kill Off Open Source Project With DMCA Takedown
Re: Re: Re: Re: Re: Re: Re:
Rainbow tables are not involved. The equivalent is already provided by a large set of deduplicated files and their hashes on Dropbox.
On the post: Dropbox Tries To Kill Off Open Source Project With DMCA Takedown
Re: Re: Re: Re: Re: Re: Re:
Dropbox's real level of security is:
2^128 / (total number of deduplicated files within Dropbox)
On the post: Dropbox Tries To Kill Off Open Source Project With DMCA Takedown
Re: Re: Re: Re: Re: Re:
1). if the [SHA-2] hash of a file is known, that encryption on that file can be bypassed by anyone via Dropship. You have to be careful now, to not inadvertently publish the hash of any file you want to keep private. Why would anyone publish such a hash value? One answer is: to authenticate the file. This assumes you don't encrypt the hash itself and you don't use the hash as part of a MAC (Message Authentication Code). Such uses are real and Dropbox needs to address this. One way they could do it is to add a salt and make all their SHA-2 hashes unique to Dropbox.
If the file is a publicly known file to begin with, then the ability to decrypt it doesn't matter. It does allow someone to infer the existence of a particular file on Dropbox's server and possibly use that information to initiate legal action (e.g. a subpoena) to find out the owner(s) identity.
2). Dropbox is offering security to a large multitude of cloud users. They tout their usage of AES(256) to show the files are strongly protected. A user's assumption now is that even governments with fantastic resources (e.g. NSA) cannot defeat this security. AC's point is valid, Dropbox's security must take into account the possibility of attackers armed with great resources.
What AC didn't do was the analysis needed to find out if such an attack could be successful given Dropbox's real level of security (see my post below). Dropbox's real level of security does not correspond to a level of effort of 2^255. With their deduplicating/hash scheme it is actually:
2^99 / (total number of deduplicated files within Dropbox)
However, it is still outside of NSA's ability to bypass encryption on even a random file. It would probably be much easier to brute force account passwords.
The weakest part of their security is that Dropbox knows the keys used to encrypt all their files. This allows the government to access any particular file through legal means (always justified and completely ethical of course).
On the post: Dropbox Tries To Kill Off Open Source Project With DMCA Takedown
Re: Re: Idle question…
(2 ^ 256/2) / (number of files in cloud)
If there are a billion files, the odds of collision are:
1 / (2 ^ 99)
It is not 1 / (2 ^ 256) but is still a very small probability. It's more likely your co-worker will go postal and then file corruption won't matter.
Next >>