From: Bruce Schneier
To: [log in to unmask]
Sent: 15/06/2004 10:03
Subject: CRYPTO-GRAM, June 15, 2003

                  CRYPTO-GRAM

                 June 15, 2004

               by Bruce Schneier
                Founder and CTO
       Counterpane Internet Security, Inc.
            [log in to unmask]
            <http://www.schneier.com>
           <http://www.counterpane.com>


A free monthly newsletter providing summaries, analyses, insights, and
commentaries on security: computer and otherwise.

Back issues are available at
<http://www.schneier.com/crypto-gram.html>. To subscribe, visit
<http://www.schneier.com/crypto-gram.html> or send a blank message to
[log in to unmask]

Crypto-Gram also has an RSS feed at
<http://www.schneier.com/crypto-gram-rss.xml>.


** *** ***** ******* *********** *************

In this issue:
      Breaking Iranian Codes
      Biometric IDs for Airport Employees
      Crypto-Gram Reprints
      Microsoft and SP2
      News
      Cell Phone Jamming and Terrorist Attacks
      Photographing Subways and Terrorist Attacks
      Counterpane News
      The Witty Worm
      Comments from Readers


** *** ***** ******* *********** *************

             Breaking Iranian Codes



Ahmed Chalabi is accused of informing the Iranians that the U.S. had
broken its intelligence codes. What exactly did the U.S. break? How
could the Iranians verify Chalabi's claim, and what might they do about
it?

This is an attempt to answer some of those questions.

Every country has secrets. In the U.S., the National Security Agency
has the job of protecting our secrets while trying to learn the secrets
of other countries. (Actually, the CIA has the job of learning other
countries' secrets in general, while the NSA has the job of
eavesdropping on other countries' electronic communications.)

To protect their secrets, Iranian intelligence -- like the leaders of
all countries -- communicate in code. These aren't pencil-and-paper
codes, but software-based encryption machines. The Iranians probably
didn't build their own, but bought them from a company like the
Swiss-owned Crypto AG. Some encryption machines protect telephone
calls, others protect fax and Telex messages, and still others protect
computer communications.

As ordinary citizens without serious security clearances, we don't know
which machines' codes the NSA compromised, nor do we know how. It's
possible that the U.S. broke the mathematical encryption algorithms
that the Iranians used, as the British and Poles did with the German
codes during World War II. It's also possible that the NSA installed a
"back door" into the Iranian machines. This is basically a
deliberately placed flaw in the encryption that allows someone who
knows about it to read the messages.

There are other possibilities: the NSA might have had someone inside
Iranian intelligence who gave them the encryption settings required to
read the messages. John Walker sold the Soviets this kind of
information about U.S. naval codes for years during the 1980s. Or the
Iranians could have had sloppy procedures that allowed the NSA to break
the encryption.

Of course, the NSA has to intercept the coded messages in order to
decrypt them, but they have a worldwide array of listening posts that
can do just that. Most communications are in the air-radio, microwave,
etc. -- and can be easily intercepted. Communications via buried cable
are much harder to intercept, and require someone inside Iran to tap
into. But the point of using an encryption machine is to allow sending
messages over insecure and imperceptible channels, so it is very
probable that the NSA had a steady stream of Iranian intelligence
messages to read.

Whatever the methodology, this would be an enormous intelligence coup
for the NSA. It was also a secret in itself. If the Iranians ever
learned that the NSA was reading their messages, they would stop using
the broken encryption machines, and the NSA's source of Iranian secrets
would dry up. The secret that the NSA could read the Iranian secrets
was more important than any specific Iranian secrets that the NSA could
read.

The result was that the U.S. would often learn secrets they couldn't
act upon, as action would give away their secret. During World War II,
the Allies would go to great lengths to make sure the Germans never
realized that their codes were broken. The Allies would learn about
U-boat positions, but wouldn't bomb the U-boats until they spotted the
U-boat by some other means...otherwise the Nazis might get suspicious.

There's a story about Winston Churchill and the bombing of Coventry:
supposedly he knew the city would be bombed but could not warn its
citizens. The story is apocryphal, but is a good indication of the
extreme measures countries take to protect the secret that they can
read an enemy's secrets.

And there are many stories of slip-ups. In 1986, after the bombing of
a Berlin disco, then-President Reagan said that he had irrefutable
evidence that Qadaffi was behind the attack. Libyan intelligence
realized that their diplomatic codes were broken, and changed
them. The result was an enormous setback for U.S. intelligence, all
for just a slip of the tongue.

Iranian intelligence supposedly tried to test Chalabi's claim by
sending a message about an Iranian weapons cache. If the U.S. acted on
this information, then the Iranians would know that its codes were
broken. The U.S. didn't, which showed they're very smart about
this. Maybe they knew the Iranians suspected, or maybe they were
waiting to manufacture a plausible fictitious reason for knowing about
the weapons cache.

So now the NSA's secret is out. The Iranians have undoubtedly changed
their encryption machines, and the NSA has lost its source of Iranian
secrets. But little else is known. Who told Chalabi? Only a few
people would know this important U.S. secret, and the snitch is
certainly guilty of treason. Maybe Chalabi never knew, and never told
the Iranians. Maybe the Iranians figured it out some other way, and
they are pretending that Chalabi told them in order to protect some
other intelligence source of theirs.

During the 1950s, the Americans dug under East Berlin in order to
eavesdrop on a communications cable. They received all sorts of
intelligence until the East Germans discovered the tunnel. However,
the Soviets knew about the operation from the beginning, because they
had a spy in the British intelligence organization. But they couldn't
stop the digging, because that would expose George Blake as their spy.

If the Iranians knew that the U.S. knew, why didn't they pretend not to
know and feed the U.S. false information? Or maybe they've been doing
that for years, and the U.S. finally figured out that the Iranians
knew. Maybe the U.S. knew that the Iranians knew, and are using the
fact to discredit Chalabi.

The really weird twist to this story is that the U.S. has already been
accused of doing that to Iran. In 1992, Iran arrested Hans Buehler, a
Crypto AG employee, on suspicion that Crypto AG had installed back
doors in the encryption machines it sold to Iran -- at the request of
the NSA. He proclaimed his innocence through repeated interrogations,
and was finally released nine months later in 1993 when Crypto AG paid
a million dollars for his freedom -- then promptly fired him and billed
him for the release money. At this point Buehler started asking
inconvenient questions about the relationship between Crypto AG and the
NSA.

So maybe Chalabi's information is from 1992, and the Iranians changed
their encryption machines a decade ago.

Or maybe the NSA never broke the Iranian intelligence code, and this is
all one huge bluff.

In this shadowy world of cat-and-mouse, it's hard to be sure of
anything.


Hans Buehler's story:
<http://www.aci.net/kalliste/speccoll.htm>


** *** ***** ******* *********** *************

       Biometric IDs for Airport Employees



I've written many words about ID cards and biometrics: about how they
don't work and don't improve security. It's nice to finally write
something about a biometric ID that actually does work.

Some members of Congress are pushing the TSA -- the guys who handle
airport security -- to develop biometric IDs for the one million
transportation workers at airports, seaports, and rail yards.

This is the proper way to use a biometric ID. The strong suit of
biometrics is authentication: is this person who he says he
is. Issuing ID cards to people who require access to these sensitive
areas is smart, and using biometrics to make those IDs harder to hack
is smarter. There's no broad surveillance of the population; there are
no civil liberties or privacy concerns.

And transportation employees are a weak link in airplane
security. We're spending billions on passenger screening programs like
CAPPS-II, but none of these measures will do any good if terrorists can
just go around the systems. Current TSA policy is that airport workers
can access secure areas of airports with no screening whatsoever except
for a rudimentary background check. That includes the thousands of
people who work for the stores and restaurants in airport terminals as
well as the army of workers who clean and maintain aircraft, load
baggage, and provide food service. Closing this massive security hole
is a good idea.

All of this has to be balanced with cost, however. Issuing one million
IDs, and probably tens of thousands of ID readers, isn't going to be
cheap. But it would certainly give us more security, dollar for
dollar, than yet another passenger security system.

Unfortunately, politicians tend to prefer security systems that affect
broad swaths of the population. They like security that's visible; it
demonstrates that they're serious about security and is more likely to
get them votes. A security system for transportation workers, one that
is largely hidden from view, is likely to garner less support than a
more public system.

Let's hope U.S. lawmakers do the right thing regardless.


<http://www.cnn.com/2004/TRAVEL/06/09/airport.security.ap/>


** *** ***** ******* *********** *************

              Crypto-Gram Reprints



Crypto-Gram is currently in its seventh year of publication. Back
issues cover a variety of security-related topics, and can all be found
on <http://www.schneier.com/crypto-gram.html>. These are a selection
of articles that appeared in this calendar month in other years.


The Risks Of Cyberterrorism:
<http://www.schneier.com/crypto-gram-0306.html#1>

Fixing Intelligence Failures:
<http://www.schneier.com./crypto-gram-0206.html#1>

Honeypots and the Honeynet Project
<http://www.schneier.com/crypto-gram-0106.html#1>

Microsoft SOAP:
<http://www.schneier.com/crypto-gram-0006.html#SOAP>

The Data Encryption Standard (DES):
<http://www.schneier.com/crypto-gram-0006.html#DES>

The internationalization of cryptography policy:
<http://www.schneier.com/crypto-gram-9906.html#policy>
and products:
<http://www.schneier.com/crypto-gram-9906.html#products>

The new breeds of viruses, worms, and other malware:
<http://www.schneier.com/crypto-gram-9906.html#viruses>

Timing attacks, power analysis, and other "side-channel" attacks
against cryptosystems:
<http://www.schneier.com/crypto-gram-9806.html#side>


** *** ***** ******* *********** *************

                Microsoft and SP2



The security of your computer and your network depends on two things:
what you do to secure your computer and network, and what everyone else
does to secure their computers and networks. It's not enough for you
to maintain a secure network. If everybody else doesn't maintain their
security, we're all more vulnerable to attack. When there are lots of
insecure computers connected to the Internet, worms spread faster and
more extensively, distributed denial-of-service attacks are easier to
launch, and spammers have more platforms from which to send
e-mail. The more insecure the average computer on the Internet is, the
more insecure your computer is.

It's like malaria: everyone is safer when we all work together to drain
the swamps and increase the level of hygiene in our community.

This is the backdrop from which to understand Microsoft's Windows XP
security upgrade: Service Pack 2. SP2 is a major security upgrade. It
includes features like Windows Firewall, an enhanced personal firewall
that is turned on by default, and a better automatic patching
feature. It includes a bunch of small security improvements. It makes
Windows XP more secure.

In early May, stories were written saying that Microsoft would make
this upgrade available to all XP users, both licensed and
unlicensed. To me, this was a very smart move on Microsoft's
part. Think about all the ways it benefits Microsoft. One, its
licensed users are more secure. Two, its licensed users are
happier. Three, worms that attack Microsoft products are less
virulent, which means Microsoft doesn't look as bad in the
press. Microsoft wins, Microsoft's customers win, the Internet
wins. It's the kind of marketing move that businessmen write
best-selling books about.

Sadly, the press was wrong. Soon after, Microsoft said the initial
comments were wrong, and that SP2 would not run on pirated copies of
XP. Those copies would not be upgradeable, and would remain
insecure. Only legal copies of the software could be secured.

This is the wrong decision, for all the same reasons that the opposite
decision was the correct one.

Of course, Microsoft is within its rights to deny service to those who
have pirated its products. It makes sense for them to make sure
performance or feature upgrades do not run on pirated software. They
want to deny people who haven't paid for Microsoft products the benefit
of them, and entice them to become licensed users. But security
upgrades are different. Microsoft is harming its licensed users by
denying security to its unlicensed users.

This decision, more than anything else Microsoft has said or done in
the last few years, proves to me that security is not the first
priority of the company. Here was a chance to do the right thing: to
put security ahead of profits. Here was a chance to look good in the
press, and improve security for all their users worldwide. Microsoft
claims that improving security is the most important thing, but their
actions prove otherwise.

SP2 is an important security upgrade to Windows XP, and I hope it is
widely installed among licensed XP users. I also hope it is quickly
pirated, so unlicensed XP users can also install it. In order for me
to remain secure on the Internet, I need everyone to become more
secure. And the more people who install SP2, the more we all benefit.

Original report:
<http://computertimes.asia1.com.sg/news/story/0,5104,2292,00.html>

Microsoft's revised position:
<http://zdnet.com.com/2100-1105_2-5209896.html>
<http://www.theregister.co.uk/2004/05/11/xpsp2_pirate_blocking/>

Details on SP2:
<http://www.mcpmag.com/columns/article.asp?EditorialsID=716>

A similar idea:
<http://www.securityfocus.com/printable/columnists/243>

This essay originally appeared in Network World:
<http://www.nwfusion.com/columnists/2004/0531schneier.html>


** *** ***** ******* *********** *************

                      News



Good story of social engineering used for real-world theft:
<http://lineman.net/node/view/270>

One person's experience trying to secure Windows. One interesting
point: after he does a clean install, he doesn't have time to download
all the security patches before his computer is infected by
malware. Worth reading.
<http://www.techuser.net/index.php?id=47>

A good analysis of the risks of hacking electronic voting machines:
<http://www.cs.duke.edu/~justin/voting/PrezNader.html>

Avi Rubin has proposed a very interesting challenge for the security of
electronic voting machines.
<http://avirubin.com/vote/ita.challenge.pdf>

And Barbara Simons has an excellent rebuttal to the League of Women
Voters' position on electronic voting machines:
<http://www.leagueissues.org/lwvqa.html>

It's a story of a failed attempt to manufacture a Kerry sex scandal,
but the interesting security angle is the concrete example of a
politically motivated hacker, possibly the press: "More alarmingly, my
Hotmail account had been broken into, and I couldn't access my
e-mail. Random people in my in-box whom I hadn't spoken to in months
suddenly started getting calls from reporters. My father called to
tell me someone had tried the same thing with his account, but that his
security software had intercepted them and tracked them back to a rogue
computer address in Washington, D.C."
<http://www.newyorkmetro.com/nymag/features/coverstory/9221/index.html>
or <http://tinyurl.com/3298t>

On the list of terrible ideas: music protected so that you need a valid
fingerprint to play it.
<http://www.theregister.co.uk/2004/06/04/biometric_drm/>

Sky marshals are easy to spot on airplanes.
<http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2004/06/01/MNGLL6UR

2I1.DTL>

How the identity problem makes computer security so primitive:
<http://comment.silicon.com/0,39024711,39120567,00.htm>

An article on passwords and password safety, including this neat
bit: "For additional security, she then pulls out a card that has 50
scratch-off codes. Jubran uses the codes, one by one, each time she
logs on or performs a transaction. Her bank, Nordea PLC, automatically
sends a new card when she's about to run out."
<http://www.wired.com/news/infostructure/0,1377,63670,00.html>

Figuring out where the illegal bioweapons laboratories are by analyzing
their published academic papers:
<http://www.nature.com/nsu/040531/040531-1.html>

Fictional character from computer game almost causes national terrorist
alert:
<http://www.usnews.com/usnews/issue/040517/whispers/17whisplead_2.htm>
<http://games.slashdot.org/games/04/05/10/2036258.shtml?tid=127&tid=133&

tid=186> or <http://tinyurl.com/2sce3>))

Spammers use fake PGP-signed messages to get through spam filters:
<http://smh.com.au/articles/2004/06/01/1086058836957.html >
<http://www.math.org.il/PGP-JoeJob.txt>

Interesting article on the risks of browser hijack, specifically the
risks of being framed for a crime:
<http://www.theregister.co.uk/2004/05/13/browser_hijacking_risks/>
<http://www.wired.com/news/infostructure/0,1377,63391,00.html>

Fascinating article about nuclear security. Robert McNamara, the U.S.
Secretary of Defense, added a security layer to the Minuteman missile
launch procedure by protecting them with an 8-digit "Permissive Action
Link" code. But the Strategic Air Command, fearing that the retrieval
and entry of these codes might be an impediment to speedy launching of
the missiles, quietly decreed that the code should always be 00000000.
<http://www.cdi.org/blair/permissive-action-links.cfm>

Story of a logic bomb from the Cold War, one that caused a natural gas
explosion in Siberia.
<http://www.thenation.com/outrage/index.mhtml?bid=6&pid=1292>
<http://www.fcw.com/fcw/articles/2004/0426/feat-strange-04-26-04.asp>
or <http://tinyurl.com/2pdkv>

Comparison of Indian and Diebold electronic voting machines:
<http://techaos.blogspot.com/2004/05/indian-evm-compared-with-diebold.ht

ml> or <http://tinyurl.com/ywuzc>

U.S. fake ID study "found in al Qaeda cave"
<http://www.theregister.co.uk/2004/05/20/us_airport_id_security/>

Anecdote about Kinko's internet terminals: "My sister happened to be
at a function with the CEO of Kinko's. He told her that after 9-11
(terrorists allegedly used Kinko's as well as library terminals), they
told the FBI that they could monitor all of Kinko's terminals. Said
they were proud of this."

Historians are rebuilding the WWII codebreaking machine Colossus:
<http://www.codesandciphers.org.uk/lorenz/rebuild.htm>


** *** ***** ******* *********** *************

    Cell Phone Jamming and Terrorist Attacks



Here's an idea that's so amazingly stupid that I can't even believe
it's being seriously discussed: the LA police are considering jamming
all cell phones in the event of a terrorist attack.

The idea is that because cell phones were used to blow up train bombs
in Spain, they should be jammed the next time a terrorist attack occurs.

Let's think about this in terms of trade-offs. What are the odds that
this will do any good whatsoever in thwarting a terrorist
attack? Negligible. What are the odds that this will make response
coordination harder, hamper rescue efforts, and generally increase
panic after a terrorist attack? Pretty good.

Let's not do the terrorists' job for them. Let's leave the
infrastructure that can help us respond to a terrorist attack, whatever
form it may take, in place.


<http://www.theinquirer.net/?article=15959>


** *** ***** ******* *********** *************

   Photographing Subways and Terrorist Attacks



Meanwhile, back in New York City, some transit officials are proposing
banning photography in the subways "for security purposes." Even
worse, the New York Times reports that other stupid rule changes are in
the works, such as banning walking between cars even when the train is
stopped at a station.

This is ridiculous. It security theater. It affects train
aficionados, and does nothing to prevent terrorism. Even worse, it
reinforces the culture of fear that plays directly into the terrorists'
hands.

Doesn't anyone else remember, back during the Cold War, when we used to
laugh at the Soviets for barring photography of bridges, dams, trains,
and other items of "strategic importance"? It made no sense as a
security countermeasure then, and it makes no sense as one now.

<http://www.msnbc.msn.com/id/5030104/>
<http://www.usatoday.com/tech/news/techpolicy/2004-06-02-subway-photo-ba

n_x.htm> or <http://tinyurl.com/2ut5p>
<http://www.straphangers.org/photoban/>


The MTA is accepting comments on its proposal to ban photographs,
film and video in the subway and bus system.
<http://www.mta.info/nyct/rules/proposed.htm>


** *** ***** ******* *********** *************

                Counterpane News



Conversation between Bruce Sterling and Schneier on technology and
national security:
<http://www.randomhouse.com/delrey/catalog/display.pperl?isbn=0-345-4606

1-8&view=qa> or <http://tinyurl.com/2clcc>

Another "Beyond Fear" review:
<http://www.securitymanagement.com/library/001598.html>

Counterpane wins "Red Herring 100" award:
<http://www.counterpane.com/pr-20040519.html>

Case study: Regence Group discusses Counterpane monitoring:
<http://nwc.securitypipeline.com/howto/showArticle.jhtml?articleId=19202

027> or <http://tinyurl.com/2mmcy>

Another article about Counterpane and monitoring:
<http://www.processor.com/editorial/article.asp?article=articles%2Fp2620

%2F22p20%2F22p20%2Easp&guid=466A99E2779841DDABBBAFB1E8061E0C> or
<http://tinyurl.com/377jn>

Counterpane announced Managed Security Services suite for small and
mid-sized businesses:
<http://www.counterpane.com/pr-20040520.html>

Watch the video webinar with Gartner and Counterpane:
<http://www.itworld.com/itwebcast/counterpane_msm/>


** *** ***** ******* *********** *************

                  The Witty Worm



If press coverage is any guide, then the Witty worm wasn't all that
successful. Blaster, SQL Slammer, Nimda, even Sasser made bigger
headlines. Witty only infected about 12,000 machines, almost none of
them owned by home users. It didn't seem like a big deal.

But Witty was a big deal. It represented some scary malware firsts,
and is likely a harbinger of worms to come. IT professionals need to
understand Witty and what it did.

Witty was the first worm to target a particular set of security
products -- in this case ISS's BlackICE and RealSecure. It only
infected and destroyed computers that had particular versions of this
software running.

Witty was wildly successful. Twelve thousand machines was the entire
vulnerable and exposed population, and Witty infected them all --
worldwide -- in 45 minutes. It's the first worm that quickly corrupted
a small population. Previous worms targeting small populations were
glacially slow; for example, Scalper and Slapper.

Witty was speedily written. Security company eEye discovered the
vulnerability in ISS's BlackICE/RealSecure products on March 8, and ISS
released a patched version on March 9. eEye published a high-level
description of the vulnerability on March 18. On the evening of March
19, about 36 hours after eEye's public disclosure, the Witty worm was
released into the wild.

Witty was very well written. It was less than 700 bytes long
total. It used a random-number generator to spread itself, avoiding
many of the problems that plagued previous worms. It spread by sending
itself to random IP addresses with random destination ports, a trick
that made it easier to sneak through firewalls. It was -- and this is
a very big deal -- bug free. This strongly implies that the worm was
tested before release.

Witty was released cleverly, through a bot network of about 100
infected machines. This technique has been talked about before, but
Witty marks the first time we've seen a worm do it in the wild. This,
along with the clever way it spread, helped Witty infect every
available host in 45 minutes.

Witty was exceptionally nasty. It was the first widespread worm that
destroyed the hosts it infected. And it did so cleverly. Its
malicious payload, erasing data on random accessible drives in random
64K chunks, caused immediate damage without significantly slowing the
worm's spread.

What do we make of all this? Clearly the worm writer is an intelligent
and experienced programmer; Witty is the first worm to combine this
level of skill with this level of malice. Either he had inside advance
knowledge of the vulnerability -- it is unlikely that he
reverse-engineered it from the ISS patch -- or he worked very
quickly. Maybe he had the worm written, and just dropped the
vulnerability in at the last minute. In any case, he seems to have
deliberately targeted ISS. If his goal had been maximum spread, he
could have waited for a more general vulnerability -- or series of
vulnerabilities -- to use. The one he chose was optimized to inflict
maximum damage on a specific set of targets. Was the an attack against
ISS, or against a particular user of ISS products? We don't know.

Witty represents a new chapter in malware. If it had used common
Windows vulnerabilities to spread, it would have been the most damaging
worm we have seen yet. Worm writers learn from each other, and we have
to assume that other worm writers have seen the disassembled code and
will reuse it in future worms. Even worse, Witty's author is still
unknown and at large -- and we have to assume that he's going to do
this kind of thing again.


<http://www.icsi.berkeley.edu/~nweaver/login_witty.txt>
<http://www.securityfocus.com/printable/columnists/232>

This essay originally appeared in Computerworld:
<http://www.computerworld.com/securitytopics/security/virus/story/0,1080

1,93584,00.html> or <http://tinyurl.com/ywpf2>


** *** ***** ******* *********** *************

              Comments from Readers



From: "Norman Bowley" <[log in to unmask]>
Subject: RE: CRYPTO-GRAM, May 15, 2004

A "Lacey" situation was considered a dozen years ago by the Supreme
Court of Canada in the James Henry Wise case. While it was a squeaker
(4 to 3) in allowing the evidence obtained through the tracking device,
even the majority said it was right at the limit. The dissent of La
Forest, however, is eerie and prophetic, "The long-term consequences of
admitting evidence obtained in such circumstances on the integrity of
our justice system outweigh the harm done by this accused being
acquitted. This is not a case where the police are monitoring the
roads for the purpose of regulating or observing what goes on
there. It is a case of tracking the movements of an individual. There
is an important difference between courting the risk that our
activities may be observed by other persons and the risk that agents of
the state, in the absence of prior authorization, will track our every
move... The grave threat to individual privacy posed by surreptitious
electronic tracking of one's movement is such as to require prior
judicial authorization. The issuance of a search warrant will
ordinarily call for an objective showing of reasonable and probable
cause, and this should generally be required of those seeking to employ
electronic tracking devices in the pursuit of an individual."

The decision can be found at
<http://www.lexum.umontreal.ca/csc-scc/en/pub/1992/vol1/html/1992scr1_05

27.html> or <http://tinyurl.com/2dzfb>



From: "Brian Gladman" <[log in to unmask]>
Subject: WinZip Encryption

The view that the moral to be learnt from the reported failures in
WinZip's AES-based encryption is that 'cryptography is hard' could be
taken to imply that these failures resulted from mistakes that were
made in the security design used. In respect of one relatively minor
issue I believe that this may be true.

But by far the most significant weaknesses that have been discovered
were known about during the security design process and were left in
place because of the need for backward compatibility. This suggests to
me a different moral (again not new): adding security to an existing
design as an afterthought is unlikely to be successful.



From: [log in to unmask] (Andrew Odlyzko)
Subject: "only ticketed passengers are allowed through security"

Two of the potential airport security developments you advocate are
somewhat inconsistent. Having "undercover security officers ...
roaming [airports]," which you approve of, is most effective if "only
ticketed passengers are allowed through security," which you suggest
should be phased out. The restriction to ticketed passengers serves
not only to shorten the lines at security checkpoints, but also reduces
the crowds inside, and makes the jobs of the undercover security
officers easier.



From: Christopher Bardin <[log in to unmask]>
Subject: How to turn a disposable camera into a stun gun

I've been repairing cameras for over 15 years, so I'm probably better
qualified to comment on the article than your average reader. While I
don't repair disposable cameras -- nobody does -- I have taken them
apart to see what is in them. And there are several glaring mistakes
in the web page to which your article linked.

First, I have never seen a camera with a built-in flash that had a
storage capacitor rated at more than 350 volts. Anyone who has
unexpectedly completed a circuit of 350 volts through a body part might
argue with me, but I find the difference between 350 and 600 volts to
be quite noticeable -- though 350 volts certainly cannot be ignored.

Second, having established the considerable hazard of 350 volts, it is
important to know that simply removing the battery from the camera
won't discharge the flash storage capacitor. Cameras with built-in
flashes do not have discharge resistors across the flash storage
capacitor because it wouldn't make sense. The discharge resistor would
have to be a high value (at least 10 Meg Ohms) to maximize the life of
the battery, and also physically large because of the necessary voltage
rating. Not a cheap component. Since space is at a premium and cost
is always a concern, the decision is always to leave it out.



From: Dan DeMaggio <[log in to unmask]>
Subject: Step 1: Admit you have a problem

I love your Crypto-Gram and your thoughtful analysis. But I must take
you to task for linking to Tim Mullen's Security Focus article about
Walter Mossberg (and implying that you agree with it).

Tim says "The solution is for the end user to start caring." But that
will never happen. Only computer enthusiasts care about
computers. Only car enthusiasts care about cars. Only llama
enthusiasts care about llamas. The vast majority of people in the
world will never care about any of them.

Let me tell you about three products I've bought:

- I bought a car. The locks are not much of a deterrent, but they have
kept the car perfectly secure (even in Detroit) for more than 10 years
now. I take it in for a 10-minute oil change every three months (like
it says to do in the owner's manual). When it breaks down (twice in 10
years), I make a phone call and have it fixed. To me, the car is
merely a means to an end. I do not care about my car.

- I bought a house. I expect the locks will keep my house reasonably
secure. The complex equipment in the basement may break every few
years, but a simple repairman visit will fix the problem. I care about
my house more than my car, but not by much. I would not have bought my
house if I expected it to be a high-maintenance source of problems.

- I got my wife a computer with Windows on it. Within minutes of
plugging it in, it started getting spam pop-ups. If I mistyped a
domain name, I would get a site that did so many pop-ups and re-spawns
that I had to reboot the computer. Keeping up with patches would take
hours per month. Even though I'm a techie, I refuse to babysit that
computer. If it becomes infected, I guess I'll just wipe and
re-install.

The first two examples are "whole products". (See Geoffrey A. Moore's
"Crossing The Chasm".) Almost everything I was going to need came
bundled. Those things that weren't bundled were things that I knew
about, things that were cheap (relative to the product price), and
things that do not require much time or thought.

The third product is not a whole product. I refuse to hunt down all
the services I need to turn off (but I did get a firewall). I refuse
to waste my time downloading multi-megabyte patches and wait for the
computer to reboot multiple times. I refuse to pay $100 to protect a
$500 computer, especially because no AV software protects from all new
exploits. (I know because regularly get new e-mail viruses marked
"certified virus free" by AV vendors.)

I refuse to do these things because I know they don't have to be done
(and the public will never do them anyway). Linux doesn't require any
of that. I know Linux isn't a whole product either (yet), but it's
easier to add documentation and support to Linux than security to
Windows. If I were really paranoid about security, I'd (easily)
migrate to OpenBSD. They've had one remote hole in the default install
in the last eight years, unlike Microsoft's seven exploits in one day.

Walter says "It's time somebody [shoulder the whole burden of
protecting PCs]." People want computers to be as low-maintenance as a
car. Microsoft created this problem because (as a monopoly), it's not
profitable to fix bugs (it won't generate more sales) or make things
secure (ditto). Yes, Tim, it is "wishful thinking" to expect the
problem to be solved for free. But it is even more wishful thinking to
expect the public to care about computers.


** *** ***** ******* *********** *************

CRYPTO-GRAM is a free monthly newsletter providing summaries, analyses,
insights, and commentaries on security: computer and otherwise. Back
issues are available on <http://www.schneier.com/crypto-gram.html>.

To subscribe, visit <http://www.schneier.com/crypto-gram.html> or send
a blank message to [log in to unmask] To
unsubscribe, visit <http://www.schneier.com/crypto-gram-faq.html>.

Comments on CRYPTO-GRAM should be sent to
[log in to unmask] Permission to print comments is assumed
unless otherwise stated. Comments may be edited for length and clarity.

Please feel free to forward CRYPTO-GRAM to colleagues and friends who
will find it valuable. Permission is granted to reprint CRYPTO-GRAM,
as long as it is reprinted in its entirety.

CRYPTO-GRAM is written by Bruce Schneier. Schneier is the author of
the best sellers "Beyond Fear," "Secrets and Lies," and "Applied
Cryptography," and an inventor of the Blowfish and Twofish
algorithms. He is founder and CTO of Counterpane Internet Security
Inc., and is a member of the Advisory Board of the Electronic Privacy
Information Center (EPIC). He is a frequent writer and lecturer on
security topics. See <http://www.schneier.com>.

Counterpane Internet Security, Inc. is the world leader in Managed
Security Monitoring. Counterpane's expert security analysts protect
networks for Fortune 1000 companies world-wide. See
<http://www.counterpane.com>.

Copyright (c) 2004 by Bruce Schneier.






--
This message has been scanned for viruses and dangerous
content by the NorMAN MailScanner Service and is believed
to be clean.

The NorMAN MailScanner Service is operated by Information,
Systems and Services, University of Newcastle upon Tyne.

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************