Podcast: Crypto-Gram 15 January 2006: The security of pseudo-anonymity inherently depends on how trusted that "trusted third party" is.
from the Jan 15, 2006 Crypto-Gram Newsletter
by Bruce Schneier
* Anonymity and Accountability
Anonymous systems are inherently easier to abuse and harder to secure
The problem isn't anonymity; it's accountability. If someone isn't accountable, then knowing his name doesn't help.
History is filled with bandits and pirates who amass reputations without anyone knowing their real names.
eBay's feedback system doesn't work because there's a traceable identity behind that anonymous nickname. EBay's feedback system works because each anonymous nickname comes with a record of previous transactions attached, and if someone cheats someone else then everybody knows it.
Historically, accountability has been tied to identity, but there's no reason why it has to be so.
pseudo-anonymity: you hand your identity to a trusted third party that promises to respect your anonymity to a limited degree.
The security of pseudo-anonymity inherently depends on how trusted that "trusted third party" is.
* Cell Phone Companies and Security
There seems be some evidence that Telco decides whether or not to shut off a suspicious phone after a fraud has been detected based on the customer's ability to pay.
Telco should not be able to charge its customers for telephone calls they did not make. If customer's phone is cloned; there is no possible way he/she could notify Telco of this before she saw calls he/she did not make on his/her bill.
Customer is also completely powerless to affect the anti-cloning. To make customer liable for the fraud is to ensure that the problem never gets fixed.
* Dutch Botnet
Dutch police arrested three people who created a large botnet and used it to extort money from U.S. companies. Authorities said that the botnet consisted of about 100,000 computers. The actual number was 1.5 million computers.
* Internet Explorer Sucks
The researchers tracked three browsers (MSIE, Firefox, Opera) in 2004 and counted which days they were "known unsafe"
Their definition of "known unsafe" = a remotely exploitable security vulnerability had been publicly announced and no patch was yet available.
MSIE was 98% unsafe. There were only 7 days in 2004 without an unpatched publicly disclosed security hole.
Firefox was 15% unsafe. There were 56 days with an unpatched publicly disclosed security hole. 30 of those days were a Mac hole that only affected Mac users. Windows Firefox was 7% unsafe.
Opera was 17% unsafe: 65 days. That number is accidentally a little better than it should be, as two of the unpatched periods happened to overlap.
This underestimates the risk, because it doesn't count vulnerabilities known to the bad guys but not publicly disclosed.
length: 31:29m
PS: this is my cheat sheet of Bruce Schneier's Podcast:
http://www.schneier.com/crypto-gram-0601.html
by Bruce Schneier
* Anonymity and Accountability
Anonymous systems are inherently easier to abuse and harder to secure
The problem isn't anonymity; it's accountability. If someone isn't accountable, then knowing his name doesn't help.
History is filled with bandits and pirates who amass reputations without anyone knowing their real names.
eBay's feedback system doesn't work because there's a traceable identity behind that anonymous nickname. EBay's feedback system works because each anonymous nickname comes with a record of previous transactions attached, and if someone cheats someone else then everybody knows it.
Historically, accountability has been tied to identity, but there's no reason why it has to be so.
pseudo-anonymity: you hand your identity to a trusted third party that promises to respect your anonymity to a limited degree.
The security of pseudo-anonymity inherently depends on how trusted that "trusted third party" is.
* Cell Phone Companies and Security
There seems be some evidence that Telco decides whether or not to shut off a suspicious phone after a fraud has been detected based on the customer's ability to pay.
Telco should not be able to charge its customers for telephone calls they did not make. If customer's phone is cloned; there is no possible way he/she could notify Telco of this before she saw calls he/she did not make on his/her bill.
Customer is also completely powerless to affect the anti-cloning. To make customer liable for the fraud is to ensure that the problem never gets fixed.
* Dutch Botnet
Dutch police arrested three people who created a large botnet and used it to extort money from U.S. companies. Authorities said that the botnet consisted of about 100,000 computers. The actual number was 1.5 million computers.
* Internet Explorer Sucks
The researchers tracked three browsers (MSIE, Firefox, Opera) in 2004 and counted which days they were "known unsafe"
Their definition of "known unsafe" = a remotely exploitable security vulnerability had been publicly announced and no patch was yet available.
MSIE was 98% unsafe. There were only 7 days in 2004 without an unpatched publicly disclosed security hole.
Firefox was 15% unsafe. There were 56 days with an unpatched publicly disclosed security hole. 30 of those days were a Mac hole that only affected Mac users. Windows Firefox was 7% unsafe.
Opera was 17% unsafe: 65 days. That number is accidentally a little better than it should be, as two of the unpatched periods happened to overlap.
This underestimates the risk, because it doesn't count vulnerabilities known to the bad guys but not publicly disclosed.
length: 31:29m
PS: this is my cheat sheet of Bruce Schneier's Podcast:
http://www.schneier.com/crypto-gram-0601.html
posted by omarg at
6:00 PM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home