2004 Newsgroup postings (08/09 - 08/21) Lynn Wheeler

2004 Newsgroup Postings (08/09 - 08/21)

New Method for Authenticated Public Key Exchange without Digital Certificates
New Method for Authenticated Public Key Exchange without Digital Certificates
Authenticated Public Key Exchange without Digital Certificates?
New Method for Authenticated Public Key Exchange without Digital Certificates
Authenticated Public Key Exchange without Digital Certificates?
Authenticated Public Key Exchange without Digital Certificates?
New Method for Authenticated Public Key Exchange without Digital Certificates
New Method for Authenticated Public Key Exchange without Digital Certificates
New Method for Authenticated Public Key Exchange without Digital Certificates
Smart card Authentification
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Wars against bad things
Wars against bad things
Wars against bad things
The Reincarnation of Virtual Machines
Methods of payment
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of
Wars against bad things
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of
Wars against bad things
Losing colonies
US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father
Vintage computers are better than modern crap !
Vintage computers are better than modern crap !
Many engineers lack even a four-year degree
Many engineers lack even a four-year degree
Vintage computers are better than modern crap !
A quote from Crypto-Gram
Vintage computers are better than modern crap !
A quote from Crypto-Gram
A quote from Crypto-Gram
Vintage computers are better than modern crap !
Vintage computers are better than modern crap !
Methods of payment
Many engineers lack even a four-year degree
Vintage computers are better than modern crap !
Vintage computers are better than modern crap !
Methods of payment
Methods of payment
A quote from Crypto-Gram
Vintage computers are better than modern crap !
Vintage computers are better than modern crap !
Losing colonies
Losing colonies
SSL question 128bit, 1024,2048 key lengths?
Looking for pointers to get started with e-signature
Losing colonies
history books on the development of capacity planning (SMF and RMF)
Losing colonies
history books on the development of capacity planning (SMF and RMF)
RFCs that reference MD5
Monster(ous) sig (was Re: Vintage computers are better
Vintage computers are better than modern crap !

New Method for Authenticated Public Key Exchange without Digital Certificates

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New Method for Authenticated Public Key Exchange without Digital Certificates
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 07:42:58 -0600

amicrypt@amishare.com (Allen Pulsifer) writes:
Fourth, if an attacker does happen to miss a communication using the public keys, the parties might perceive this simply as a communication failure. It does not necessarily mean the attacker's subterfuge will be detected, as you seem to assume.

sorry, i was making short-hand reference to the chance also that some sort of key validation information come via some non-standard text route ... or out-of-band process; not only does the MITM need to maintain logical consistency of the actual text communication with the substituted keys ... but also being able to manage all other communication that might indicate a key substitution had taken place ....

• keys eventually exchanged out of band
• key fingerprint eventually transmitted out of band
• transmission of key fingerprint in band ... but difficult for MTIM to detect ... non-standard encoding for key fingerprint .. key fingerprint encoded in audio transmission, key fingerprint encoded in graphics

i've been to websites that have graphic obfuscating technigues as countermeasures for automated web harvesters ... some text is presented in an obfuscated graphics and a request for the human to type in the repeated text.

however, w/o a great deal of trouble, you have countermeasures to key substitution that can defeat most automated technigues and increase the effort for human-based operations.

so the majority of the situations we are talking about ... are running extremely weakly secured machines. the people that would have strongly secured machines ... would also be using stronger out-of-band processes for key exchange already.

so for the remaining set ... that would tend to be sloppy about their key exchange technologies which might be susceptible to key substitution, they would also tend to have relatively insecure machines.

so the assertion is that for this set, the incremental cost for catching even relatively trivial key fingerprint obfuscation techniques would be more expensive than direct attack on their end-point machines ... having a virus/trojan horse installed so they control the end-point machines. I've seen some reference yesterday stating that the number of zombie machines out there now is on the order of 40 million.

this is somewhat security proportional to risk ... as well as the attacker typically goes for the weakest link. i'm not suggesting that trivial obfuscation techniques aren't impossible for an attacker to deal with ... just that the cost of dealing with even trivial obfuscation will make other targets/mechanisms more attractive. Say, in addition ... i publish a picture on my website where i'm standing beside a sign of my key fingerprint. I'm no longer limited to the text-based email environment from the 60s.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

New Method for Authenticated Public Key Exchange without Digital Certificates

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New Method for Authenticated Public Key Exchange without Digital Certificates
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 08:00:07 -0600

Mok-Kong Shen <mok-kong.shen@t-online.de> writes:
A graphologist also can only testify whether a handwritten name on a piece of paper stems from a particular person and nothing more. What's the difference from the case of digital signature? I don't yet see any. The motivation of the said German law is to render the two cases equivalent in the legal sense, thus enabling better practical exploitation of modern communication technologies (in particular for e-commerce, though that law as such certainly has general applications).

the ca & fed electronic signature laws actually had some contract lawyers involved .... the issue isn't whether or not the signatures are forgeable (either electronic or digital) ... the issue is whether there was clear intent as to agrees, approves, and/or authorizes what is being signed.

digital signatures weren't designed to be legal signatures ... digital signatures were designed to provide strong authentication and indicate whether or not the bits have been modified.

the important part in legal signatures isn't whether or not the person's signatures can be forged ... even large X is acceptable as legal signature ... as long as human intent was demonstrated.

The issue isn't whether or not a digital signature can be considered a legal signature ... and/or whether it can be easier to forge or not forge a digital signature. The issue is does the application of a digital signature show intent that the human agrees, approves, and/or authorizes the contents.

digital signatures were designed for strong authentication ... and there are lots of protocols floating around which use digital signatures in just that way ... where digital signatures are applied to stuff where the human has never seen the bits. If there is a convential use of a human's private key for applying digital signatures to things that a human has never read ... then you can be compromising the use of the same private key for applying digital signatures to things which are to be treated as legal signatures.

doesn't really have a whole lot to do with technology ... it has to do with expectations ... and does a human believe that every time some specific thing happens does it involve them demonstrating intent, agrees, approves, and/or authorizes.

it is one of the reasons for the point-of-sale and the EU FINREAD standard treating the device generating a digital signature as an authentication event and that there is a separate sequence/process used for demonstrating intent, agrees, approves, and/or authorizes.

The act of pressing the YES button is trivially comparable to a person writing an X. It isn't an issue of the form that it takes ... it is an issue that it requires a human to demonstrate intent, agrees, approves, and/or authorizes.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Authenticated Public Key Exchange without Digital Certificates?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Authenticated Public Key Exchange without Digital Certificates?
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 08:45:06 -0600

Guy Macon <http://www.guymacon.com> writes:
I do not share your confidence that "it is practically impossible for the private key to ever leave the hardware token." If I have physical access to your hardware token, it is very likely that I can extract anything that you have inside of it with an Atomic Force Microscope - technology that can be found in any CD replication plant. With an AFM, I can measure electrostatic, magnetic, capillary, ionic repulsion and Van der Waals forces on the surface of the die, scanning back and forth and mapping the bits of information.

http://www.cl.cam.ac.uk/~rnc1/descrack/
documents the extracting of a 3DES key from an IBM 4758. Do you know of a hardware token that is believed to be more secure than an IBM 4758?

To have a secure key, you must have a physically secure location where the key is stored. An EAL4-high hardware token won't help you if the attacker has physical access.

absolutely ... there is a 5-6 year old thread on this ... all i've got to do is make the security proporitional to the risk.

so the original story was i wanted to take a $500 (at the time) milspec part, cost reduce it so that it was both more secure and still cost effective to deploy on all magstripe cards ... and all i needed was that it would

a) cost the attacker more to extract the key than they could ever benefit from having the key

b) take the attacker longer to extract the key than it typically takes to process a lost/stolen card report and deactivate the registered public key

some number of chipcards have had infrastructure shared-secret keys ... and therefor extracting the shared-secret key places the whole infrastructure under attack.

this was targeted at being deployed in the magstripe enhancement scenario ... i had to make it cheap enuf that it was deployable in magstripe ... and still be more secure than the original $500 milspec part.

so the issue is that targeting it for an online authentication mode paradigm ... so we start with the card being lost/stolen and the clock starts ticking.

first issue is does the attacker get the key extracted before the public key has been deactivated in the account record ... and therefor having the private key is of no value.

second issue is even if the attacker marginally wins the race and is able to possibly execute a single $100 atm financial transaction before the public key is deactivated ... would the attacking organization believe it is worthwhile to them.

so in the security world you have threats and countermeasures and is the possible cost of the attack worth the possible return.

in the financial world you have risks and risk management/mitigation.

risk mitigation is not having any sort of infrastructure shared-secret ... the scope of any compromise is strictly bounded w/o impacting the whole infrastructure

risk mitigation is having a something you have authentication device that is relatively difficult to compromise/counterfeit.

risk mitigation is online authentication mode infrastructure ... so that as soon as device is reported lost/stolen ... all transactions for that specific public key is immediately deactivated.

risk mitigation is online authentication mode infrastructure ... where it is possible to make the bounds on the possible total value of active transactions strictly proportional to the assurance level of the specific device ... where the assurance of any specific device includes whether it is lost or stolen and/or whether there is real-time knowledge of emerging technology exploits that will immediately downgrade the assurance level of subject devices in real time (possibly change from a $100k credit limit to a $1k credit limit in real time based on all real time knowledge about assurance level of the specific devices and/or classes of devices).

one i had to select the different chip pieces that met a broad range of cost and benefit requirements ... and architect an infrastructure where there was real-time control over the risk (financial exposure) proportional to assurance. For instance, having a card lost/stolen significantly lowered its assurance. Also architect an infrastructure that eliminated systemic risks .... things like system-wide infrastructure shared-secrets that would put the whole infrastructure at risk

note that the chip chosen for $300 credit limit accounts ... might not be the same one chose for $1million credit limit accounts ... or that the credit limit associated with a specific chip could change in real-time as circumstances changed.

how many ibm 4758s would you be willing to carry around in your wallet ... especially if you could only do $300 transactions.

the original AADS chip strawman posting from 98
https://www.garlic.com/~lynn/aadsm2.htm#straw

somebody cross-posted and it ran concurrently on some list in the UK that involved people actively doing attacks.

actually i have another problem with eal4-high ... the problem is that most chips with eal5/eal6 evaluations have it done on the bare-bones infrastructure and the crypto loaded later. the problem if you burn in the crypto as part of silicon manufacturing and have a chip where the programming can't be changed, then the evaluation has to be done against the complete chip ... including the burned in crypto. you may otherwise have a chip that has been evaluated at eal5 or eal6 ... but if you have a chip that can't be changed and the crypto has been burned it as part of silicon manufacturing (i.e. before the wafer has been sliced and diced) ... then the crypto has to be part of the chip evaluation. just try finding semi-formal or formal evaluation criteria for fips186-2, ecdsa in order to do an eal5/eal6 evaluation. there was a conformance specification that existing momentarily but was almost immediately withdrawn and they've been promising a replacement any day now.

also if you look at the published protection profile for smartcards, almost the while thing is about how do you provide assurance for loading programming on the chip. if the programming is hardwired and can't be changed the majority of the protection profile becomes N/A.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

New Method for Authenticated Public Key Exchange without Digital Certificates

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New Method for Authenticated Public Key Exchange without Digital Certificates
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 09:12:44 -0600

Mok-Kong Shen <mok-kong.shen@t-online.de> writes:
Whether digital signatures were originally designed to be legal signatures or not, at least in Germany the FACT is that digital signatures have become legal signatures (the two are equivalent, if the digital signature scheme satisfies certain quality requirements). So what would you say (in the face of that fact) of the utility/value of digital signatures and (in connection with that) of CAs for e-commerce and other potential applications of digital signatures? Thanks.

countries can make all sorts of laws ... i have very little control over that.

"so what would i say the utility/value of digital signatures"

... i will append URLs of what i've already said in this thread

"and CAs for e-commerce and other potential applications of digital signatures"

what i've continuing been saying.

we help put together the business process that utilizes the SSL domain name server certificates ... for what is now being called ecommerce
https://www.garlic.com/~lynn/aadsm5.htm#asrn2
https://www.garlic.com/~lynn/aadsm5.htm#asrn3

so i've described what we did originally, how it actually works and what it actually accomplishes
https://www.garlic.com/~lynn/subpubkey.html#sslcert

i've also described various things that it doesn't accomplish and work to address some of those things. some number of the improvements to accomplish what SSL domain name server certificates don't address ... turns out to make the use of certificates redundant and superfluous. Its like if you had a bank with piles of money in the middle of the floor and scores of armed guards constantly running around. Someday you installed a bank vault with six foot thick walls and six foot thick door. It might occur to you that you might not need all of those armed guards.

lots of people seem to automatically equate digital signatures and public keys with certificates and CAs.

my assertion has simply been that digital signatures and public keys aren't the same as certificates and CAs ... and there are lots of environments where digital signatures and public keys could be used and for those environments, certificates are redundant and superfluous.

there are reams and reams of things written by hundreds of people regarding the uses of certificates and CAs. furthermore, my wife and I were instrumental in making many of the current CAs viable by helping create the stuff now called ecommerce.

so rather than ad nauseum repeating the same points ... here is a URL with pointers to collection of posts on naked public key and/or certificate-less operation
https://www.garlic.com/~lynn/subpubkey.html#certless

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Authenticated Public Key Exchange without Digital Certificates?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Authenticated Public Key Exchange without Digital Certificates?
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 10:18:43 -0600

there was also some amount of process engineering. as a young innocent i got indoctrinated in every additional step in the manufacturing process increases costs.

keygen is integrated with original chip power on/test while it is still in the wafer. public key is appended to the results of the initial power on/test results that is already being exported ... and is carried as part of the existing chip q/a infrastructure (i.e. public key in some sense is integrated into the power on/test results as an indication of valid chip).

other issue was making sure that the power requirements were such that it could function in a iso 14443 proximity environment ... so there were some close power consumption requirements ... and the possibility of using it in transit applications with turnstyles, etc ... also created some time constraints (couldn't make a lot of power/time trade-offs).

recent posting in this n.g. on some of the other issues
https://www.garlic.com/~lynn/2004h.html#30 ECC Encryption

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Authenticated Public Key Exchange without Digital Certificates?

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Authenticated Public Key Exchange without Digital Certificates?
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 13:29:47 -0600

... also ... if you don't have a CA-oriented trust hierarchy ... there is no system risk issues with some keys needing more protection than others because it would could bring the whole infrastructure tumbling down. there was once some government financial infrastructure statement that they would never use CA-oriented trust hierarchies because the possibility root key vulnerabilities simply represented an excessive systemic risk problem.

you compartmentalize each key pair ... and therefor you bound systemic risk issues. also if you are talking about online authentication based model .... where the verification of digital signature is used to functionally imply something you have authentication ... then by definition if you loose physical control of the token ... then you have already violated the something you have authentication infrastucture and you have to disable the associated public key.

if you have to take physical control to extract the private key ... the infrastructure countermeasure is actually no different whether or not you can extract the private key once physical control has been lost. the infrastructure is oriented towards something you have authentication and simple loss of physical control activates the countermeasures ... and we no longer actually care whether you can physical extract the private key ... or can use the stolen token w/o extracting the private key ... or whatever.

The obvious threat to a something you have infrastructure is loss of physical control ... and the countermeasures are in place to handle that.

the real threat to the infrastructure is can the private key be duplicated/extracted w/o anybody realizing there has been loss of physical control (and/or there not need to be loss of physical control in order to duplicate the private key).

this is effective the exploit and vulnerabilities that the existing magstripe infrastructure is dealing with. there can be duplicate something you have authentication w/o the card owner realizing it (at least until they see the statement or the fraud detection recognizes some pattern violation).

in fact, that turns out to be another argument against the offline credential based model ... with the online authentication based model, some responsible party is seeing the transactions/events ... and be able to detect additional kinds of fraud patterns and security violations .... that is not possible in the offline credential scenario.

Of course the fraud risk needs to be high enough to support not only the cost of online authentication based model ... but the additional real-time fraud detection. However, as online and data processing in general turns into commodity ... the threshold trade-off for that has been dropping.

this continues to relegate the offline credential based model to smaller and smaller, as well as lower and lower value niche applications.

as the nich market value continues to decline for the offline credential based model ... there can be a severe downward pressure on what can be charge/invested for the credentials, with extreme downward pressure on what can be charged for credentials ... it would tend to also create a cash-flow problem for the certification authority operator to maintain high integrity and high assurance operation. Any cutback in the level of integrity of the certification authority operation would also place extreme downward pressure on the going price for the credential .... since any integrity reduction in a certification authority operation would also tend to preclude higher value market niches requiring high integrity operations.

at some point, you may reach discontinuity where online authentication based model has become so ubiquitous and the cost has declined to the point where there are no viable market niches left to support various kinds of commercial certification authority operation.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

New Method for Authenticated Public Key Exchange without Digital Certificates

Refed: **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New Method for Authenticated Public Key Exchange without Digital Certificates
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 15:54:01 -0600

Mok-Kong Shen <mok-kong.shen@t-online.de> writes:
If you want really to establish your opinion that digital signatures and CAs are redundant, I sincerely suggest that instead of having bunch of pointers on your web page you propagate your opinion with clearly formulated papers in the crypto conferences and have an effective debate with the many real experts there. For our group, like all internet groups, is apparently not in a position to deliver any significant influences to the diverse professions or practices in real-life (unfortunate but a fact in my humble view).

i continue to be totally amazed at the number of times that you can repeatedly misquote me ... and the number of times that it needs correcting.

i repeatedly stated that when the relying party has direct access to the real information ... then certificates are redundant and superfluous.

i've NEVER said that digital signatures are redundant.

I have observed that there are some people who seem to believe that CAs and certificates are equavalent and identical to asymmetric cryptography, digital signatures, public keys, etc. In such situations, there seems to be an extremely noisy channel that any mention of certificates being redundant and superfluous comes out as digital signatures are such.

I'm co-author of x9.59 financial standard that uses digital signatues
https://www.garlic.com/~lynn/x959.html#x959
https://www.garlic.com/~lynn/subpubkey.html#privacy
which is some path on its way to ISO

in this scenario not only can certificates be redundant and superfluous ... but they can actually represent a payload bloat of a factor of one hundred times.

There is an alternative explanation that I sometime have to resort to which some people seem to find more palatable.

It derives from the X9F standards work on certificate compression; attempting to address the horrible payload bloat that standard certificates cause. The two standard compression techniques

1) take the bit patterns and looks to see if there is redundant information and use a much more efficient encoding mechanism to represent the bit pattern

2) analyse the logical information content and determine if the relying party already has a copy of particular field values. if the relying party is known to always have a copy of the specific field value, then the field can be removed from the certificate, aka it is redundant and superfluous to transmit to the relying party fields of information that the relying party already possessed.

so as part of the detailed investigation of payment infrastructures as part of the x9.59 standards work ... was that the relying parties (consumer's financial institution that would be receiving the digitally signed payment instruction) would already have all fields that were part of the certificate.

as a result we could eliminate all fields from the certificate and were left with extremely efficient zero-byte certificates to append to x9.59 transactions for transmission to the relying party.

In this case, the zero-byte certificates weren't redundant and superfluous, it was just that every field in the certificates were redundant and superfluous. We faithly manage the zero-byte certificates and made sure that the zero-byte certificates are appended to every x9.59 transaction.

we had made the remarkable accomplishment of infinite compression for certificates.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

New Method for Authenticated Public Key Exchange without Digital Certificates

Refed: **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New Method for Authenticated Public Key Exchange without Digital Certificates
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 17:22:35 -0600

Mok-Kong Shen <mok-kong.shen@t-online.de> writes:
But would be trivial, wouldn't it? If I know (by some other means) that some 'real information' is authentic, then I don't need 'any' signature (whether digital or conventional), neither even PK itself. So what's your point? I don't yet understand, sorry.

maybe repeat for the 10th time ...

consumer goes to their bank and registers their public key.

the public key is stored in account record (this is even specified in the definition for PKI CA registration authorities).

the bank issues them a relying-party-only certificate ....
https://www.garlic.com/~lynn/subpubkey.html#rpo

even german banks started doing this in the mid-90s when it was realized the privacy issues with an identity certificate. there was presentation by somebody from one of the big german banks on the issue at conference in 1998:
https://csrc.nist.gov/publications/detail/conference-paper/1998/10/08/proceedings-of-the-21st-nissc-1998

the purpose of the certificate is for digitally signed communication and digitally signed transactions with the consumer's bank. however, we subsequently were doing some payload bloat studies about the serious payload bloat of certifications on the standard payment infrastructure. as part of the study on compressing certificates we formulated the information theory that it was redundant and superfluous for a bank customer to be repeatedly transmitting fields in an relying-party-only certificate back to their financial institution which involved fields that the their financial institution already possessed. that was when we realized that all fields in a relying-party-only certificate could be compressed from a relying-party-only certificate resulting in the infinitly compressed zero-byte relying-party-only certificate.

if it makes you feel better ... we haven't gotten rid of the certificates as being redundant and superfluous ... we have just eliminated all redundant and superfluous fields in a relying-party-only certificate, resulting in an infinitly compressed zero-byte relying-party-only certificates; and in fact we faithfully attach zero-byte relying-party-only certificates to all of our communication with the relying-party ... the consumer's financial institution.

we made the discovery of the astounding infinite compression technique and the benefits of zero-byte relying-party-only certificates when we were investigating the severe payload bloat the standard certificates placed on the payment infrastructure with digitally signed payment transactions.

we got the idea of the infinitly compressed zero-byte relying-party-only compression from the relying-party-only certificate presentation that was given at the referenced conference by member(s) of the german banking community describing what they were doing with relying-party-only certificates.

so I actually misspoke, we haven't gotten rid of redundant and superfluous relying-party-only certificates ... we have just infinitly compressed the relying-party-only certificates to zero-bytes by eliminating all fields that are redundant and superfluous.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

New Method for Authenticated Public Key Exchange without Digital Certificates

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New Method for Authenticated Public Key Exchange without Digital Certificates
Newsgroups: sci.crypt
Date: Mon, 09 Aug 2004 17:58:42 -0600

Mok-Kong Shen <mok-kong.shen@t-online.de> writes:
O.k. The bank is then a CA, isn't it? Are CAs then redundant/useless (which you seemed to argue)?

you repeatedly misquote me ... which continue to find absolutely amazing ... to constantly and repeatedly the same things wrong time and time again is extremely remarkable. maybe we can get in the guiness book of records.

i've said that in situations where the relying party already has all the information (either directly or via online connectivity) then the certificate is redundant and superfluous.

however if it makes you feel better ... the certificate isn't actually redundant and superfluous to the relying party ... it is just all the fields in the certificate are redundant and superfluous that are redundant to the relying party ... and therefor we are actually using these infinitly compressed, zero-byte certificates.

however, for you to understand when a relying party already has access to all the fields that might be contained in a certificate ... you might actually also have to understand something about the business process.

i'm making an assertion that if somebody possesses a piece of information ... then it is redundant and superfluous to send the same information to that person.

now you repeatedly stated numerous times that you know absolutely nothing about the subject and therefore you have no basis on which to make any judgement about what fields any particular relying party in any particular business operation might already possess.

so given that you don't know anything at all about the subject ... will you at least acknowledge there might be some situations where if I already know something, then it might just be possible for it to be redundant and superfluous to keep sending me the same information over and over again.

is there any general situation at all that you can conceive of where if somebody might possibly know and/or learn something .... would it then be redundant and superfluous to repeatedly provide them with that same identical information again and again?

lets make a hypothetical assumption that you might have learned the alphabet in grade school ... and possibly might even still remember what the alphabet is. Would it possibly be redundant and superfluous to make you go back and repeat grade school .... lets say the same grade for the next 12 years ... in order that you could repeatedly relearn the alphabet.

in any case, and while you possibly still can't comprehend the concept that somebody might just possibly have some piece of information and that it would be redundant and superfluous to repeatedly send them the same information over and over again ...

i assert that we've actually made a study of some number of situations and made lists of information that specific types of relying parties have access to in various business operations. We've also been able to match of several of these pieces of information ... with types of information that might be found in a certificate. We've been able to design optimally compressed certificates for specific business environments ... by eliminating the fields in certificates that relying parties would already possess.

so based on you repeatedly statements that you actually have no knowledge at all of the subject ... i'm simple making the assertion that there can be situations where if somebody already has some piece of information ... then it can be redundant and superfluous to repeatedly provide them with the same information over and over again.

it doesn't actually matter who the CA is ... what matters is whether the relying-party already has access to information (directly or via any other means) to information in a certificate ... in which case ... for that specific business operations ... and for those certificates such pieces of information can be eliminated from certificates used in those business operations. Furthermore, if some relying parties have access to all information in a certificate ... then all information can be eliminated from such certificates used in those business operations ... achieving infinitly compressed, zero-byte certificates.

i don't know whether you can't comprehend the concept that relying parties might have information via means other than certificates ... or you can't comprehend the concept that it is possible to do business process analysis of information on certificates and figure out if there is actually usefull for any specific business operation.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Smart card Authentification

Refed: **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Smart card Authentification
Newsgroups: sci.crypt
Date: Tue, 10 Aug 2004 07:50:59 -0600

"lyal" writes:
Finally, there are several certificate transfers occurring here. With a guaranteed speed of 2400 bits/sec, usually 9600 bps, and sometimes 115kbps, each 5-10kbyte cert transfer may take several seconds, plus processing time. I, for one have better things to do than wait more than a couple of seconds for machines to trust each other. Custom-specifc readers and smartcards will guarantee higher transfer (i.e smartcard I/O) speeds, but they may no long conform to all requirements of, say the ISO 7816 smartcard spec.

... if any of the certificate gorp has to leave the local terminal there is real issues. they have tested some number of normal dial-up point-of-sale terminals at higher than 2400 baud ... and found that the nominal modem synch times greatly exceeded any benefit of having higher transfer rate (for stuff not having heavy payload bloat from certificate stuff) ... and in fact there were several places where the nominal modem synch times (for higher rates) exceeded current average total elapsed time.

so the whole design point of the original offline credential based model stuff ... assumes that the operation doesn't have to propagate past the local environment. however, in the point-of-sale ... you even get into circular logic ... if you are using certificate based paradigm ... it can't leave the local environment w/o causing enormous payload bloat and elapsed time impact on overall processing.

another issue then at the point-of-sale is that any mutual authentication ... has the chipcard doing public key operations on the certificate from the point-of-sale terminal ... because/since it is going to be offline, the chipcard has to also trust the point-of-sale terminal before it does some of its operations.

it is possible to beef up chipcards to do RSA public key operations to get the elapsed time within acceptable bounds ... but it involves putting in lot more circuts and drawing a lot more power. the power profile are within the acceptable bounds of 7816/contact infrastructures .... but the transition to 14443 contactless represents a real challenge since it significantly exceeds available power/time specifications.

as long as you have (7816) physical contact ... there is a lot more latitude in protocols .... but the transition to 14443 puts a lot of limitations on the amount of power/time that is drawn from the air as well as the bits/time that can be transferred.

this changes in the online scenario ... having both the chipcard and the terminal simply digitally sign the transaction and send it up to the relying party (the consumer's financial institution) using an online authentication based model operation ... the relying party can verify the pair of the digital signatures (terminal and card) before approving the transactions. there is no issue of the card or the terminal having to trust the other .... since the transaction isn't offline.

There is a significant reduction in the chatter that has to occur in the local point-of-sale environment ... and effectively all of the authentication checking operations are pushed up to the relying party (the consumer's financial institution). There is not the requirement that the chipcard and the terminal have to establish trust in each other as a condition of performing an offline transactions. With simple digital signature going on at point-of-sale ... it is possible to get the power/time and elapsed time profile well within what is available in a proximity/14443 environment (at least if you are talking fips186-2, ecdsa).

You also get out of the circular logic with the offline credential based model of it having to be offline because the infrastructure can't tolerate the payload bloat of the certificates. Going to online authentication based model, the payload bloat of normal certificates disappears (i.e. it is possible to use infinite compression and achieve zero-byte certificates).

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Wed, 11 Aug 2004 10:15:25 -0600

Alan Balmer writes:
The current MIT Technology Review has an article about the Japanese cellphone industry. They are adding what sounds like "smart card" technology to their i-mode phones. A rep from the DoCoMo company says most of their customers will not be carrying wallets in five years. Not just their money, but all their personal information, pictures of the grandkids, etc., will be on this personal appliance.

they are adding more like virtual wallets ... slightly related thread(s) from sci.crypt
https://www.garlic.com/~lynn/2004h.html#30 ECC Encryption
https://www.garlic.com/~lynn/2004j.html#2 Authenticated Public Key Exchange without Digital Certificates
https://www.garlic.com/~lynn/2004j.html#9 smart card authentication

there was some effort mapping virtual wellets from the 1980s-era into smart cards because they were the availble consumer convenient portable computing state-of-the-art.

a big issue in the 80s ... was that the technology wasn't there for portable input/output to go along with the consumer convenient portable computing state-of-the-art ... and as a result there was big push in ISO 7816 standards so that you could have ubiquitous fixed input/output stations that would (physical) interoperate with the available portable computing (smartcard) technology.

starting in the early 90s, you started to see emerging portable input/output technology penetrate the market with PDAs and cellphones.

as consumer convenient portable computing devices with their own, builtin input/output capability, you should start to see the shift from physical format specific interoperability ... to primarily communication protocol interoperationaly.

you've already seen the shift away from the purely physical format interoperability of iso 7816 "smartcards" .... to a variety of physical formats that utilize USB for the physical connections.

also, once you have broken with iso 7816 for physical interoperability, ... like iso 14443 proximity ... you also have opened up numerous physical format operation.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Wed, 11 Aug 2004 12:02:19 -0600

Alan Balmer writes:
While there are still card readers that phone for verification, they're becoming rare. Both credit and debit transactions are handled over always-on high-speed networks, LAN, WAN, or Internet.

(It happens that I'm working at a company which makes the readers and the software to process the transactions.)

sales of new dial-up terminals may be rare ... but about 1/3rd of my card transactions in the past two weeks were at shops that you could actually listen to the modem sync.

however, majority of total transactions are done by high-volume merchants ... who tend to have concentrators ... and in fact, there was some number from two years ago that a single merchant accounted for 1/4 to 1/3rd of all retail store transactions in the us.

... there are same terminals handling credit, debit, pre-paid, gift, loyalty, etc. part of the problem is somewhat chicken and egg and trying to roll any kind of infrastructure change that requires physical swap at lot of different locations.

slightly related post concerning point-of-sale technology in at least this same titled subject ... if not the actual subthread
https://www.garlic.com/~lynn/2004j.html#10

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Thu, 12 Aug 2004 08:05:37 -0600

"Helmut P. Einfalt" writes:
Such a thing is known as "Electronic Cash" or "Electronic Purse" over here and it is incorporated in any Maestro Card, which is the card your bank will issue to you to access account balance printers, cash dispensers, etc.

Besides stores accepting the Maestro card (known as "EC-Card" in Germany or "Bankomat" in Austria), there are quite a few appliances where you can pay with "Electronic Cash", such as parking lots; bus, tram or underground tickets, phone boxes etc. It is a pretty convenient way to avoid not having change when you park your car in the city...

there was a lot of work on chipcards for doing offline electronic cash ... basically offline transaction between chipcard and point-of-sale terminal ... basically the introduction of chipcards were cost/benefit to the high cost (and/or non-availability) of online connectivity.

in the US, in the early 90s ... it was realized that with the rapidly declining cost & ubiquitous availability of online support ... they could deploy online electronic cash much less expensively than what was done in other parts of the world (the expense of chipcards was being viewed as overcoming the higher cost .. and/or lack of online connectivity). I believe the first one was in '95 by a company called first financial and the first customer was blockbuster.

basically it has been the same magstripe technology and leverages the existing massive deployment of magstripe point-of-sale and ubiquitous online network. the relationship between the merchant, the merchant terminal, the merchant connectivity to the merchant financial institution processor stays effectively the same ... but at the merchant financial institution processor ... the magstripe info gets routed to a different backend transaction processor.

these are the gift/stored-value cards that you see at many check-out places like starbucks, major department stores, grocery stores, etc.

a big component of all the gift/stored-value cards have always been the float.

one business analysis of the mondex electronic chip stored-value card was that it was almost all float. you could see that when mondex international began picking up licensees in different countries once they offered to split the float. also at one point, several european central banks told mondex international that they would be given a couple years grace on the float ... effectively in order to help subsidize deployment ... but if by an off-chance they ever become successful ... they would have to start crediting client accounts with the interest on unspent balances.

a couple random refs ... quickly pulled from search engine using "mondex" and "float"
http://www.aci.net/kalliste/smartcards.htm
http://www.dreamscape.co.in/kb-ips.html

mondex international was based on an infrastructure-wide shared-secret(s) (relying on the chips to guarantee that the secret was never exposed) ... but they sponsored an internet standards payment group ... which eventually morphed into the current ietf working group doing ECML (electronic commerce markup language) ... currently with RFCs 3505, 3106, and 2706.

having a chip-based protection of infrastructure-wide shared-secrets is the basis for at least some of the publicity for chipcard exploits ... the effort to attack any specific chip ... results in having the means for compromising the whole infrastructure.

other more recent payment chipcard attacks are what has been descriped in the UK press as YES card. couple past refs to yes cards
https://www.garlic.com/~lynn/2003o.html#37 Security of Oyster Cards
https://www.garlic.com/~lynn/2004g.html#45 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Thu, 12 Aug 2004 10:10:36 -0600

Alan Balmer writes:
For mag-stripe type cards, (as apposed to "smart cards" with info on card) the main function of the card is to identify itself, or itself and you if there's a PIN number. The database is actually still at the bank, the card provides only an index into that database.

That's one of the objections to "smart cards." Actual information and monetary value is embedded in the card itself.

chipcards

1) may be much harder to counterfeit than magstripe for authentication 2) can be used for offline transactions

the second/#2 was somewhat viewed that the increased cost of chipcards (vis-a-vis magstripe) to address #1, could be offset by eliminating the need for an online infrastructure.

however, if exploits do occur in #1 (like counterfeits) ... they may be much more difficult to deal with in a #2 (offline) environment. this became an issue with the (counterfeit) yes cards.

it isn't actually necessary to use chipcards for (#2) offline transactions ... but it was one way of justifying the cost for #1. as the cost of online infrastructures and online processing has come down ... this becomes less & less of an issue.

as other forms of consumer convenient portable computing devices become more pervasive (PDAs, cellphones) ... wireless based protocols for point-of-sale are becoming more attractive as alternatives (and can also be designed to address #1, since to some extent, a similar counterfeiting issue already exists for cellphones).

the issue of offline/online for chipcards is somewhat orthogonal to their use as purely strong authentication (difficult to counterfeit) device ... other than the issue of it being intrastructure cost offset (which is being significantly mitigated by dropping costs of ubiquitous online infrastructures).

a debit card at point-of-sale basically is two-factor authentication
• something you have (card)
• something you know (pin)

there has been a number of recent UK news stories about confusion that may showup with the pending switchover to chip&pin for credit

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Thu, 12 Aug 2004 14:28:25 -0600

... in the debit/matstripe case, the magstripe value and the pin are transmitted to online infrastructure and both verified ... achieving two-factor authentication:
• something you have
• something you know

the pin is basically first level countermeasure for lost/stolen card.

in the chip&pin case ... with offline operation ... there is no outside entity to verify the pin ... so business rules are installed in the chip and certified. the chip is certified as not working as it should w/o the correct pin ... that based on the response from a trusted chip, something you know authentication can be inferred.

in the yes card scenario ... the chip has the online banking business rules installed regarding correct pin, credit limit and some number of other characteristics. the offline terminals ... once they believe they have verified a valid banking chip ... then rely on the consumer specific business rules in each chip.

sometime in 1999 or 2000, the first yes card appeared in nice (france, basically a chip&pin application for more secure credit card operation), and then spread thru the rest of europe. the yes card reference comes from the fact that once the yes card has convinced the terminal that it is a valid bank card with valid business rules ... then it always answers yes to

• was the correct pin entered (yes card will say yes regardless of PIN entered)

• is the purchase within the consumer's credit limit

• should this be an offline transaction

so once yes cards exist ... they are difficult to make go away ... becuase they are all offline transactions and won't be discovered until much later.

now in the following post:
https://www.garlic.com/~lynn/2004j.html#2

there is reference that one of ibm's top of the line, most secure security device could be compromised with relatively modest amount of effort.

the systemic risk in something like the mondex scenario .... is once you have extracted the infrastructure shared-secret ... you can manufacture a large number of counterfeit cards ... with basically unlimited values.

in the original yes card scenario ... it simply required skimming the terminal for card transactions ... and injecting the skimmed value in the counterfeit cards.

the newer generation of chip&pin cards are going to challenge/response type communication .... but the chips are still susceptable to extracting secrets ... as per the above mention of attacks on truely high-end crypto hardware.

so lets say that it costs as much as $50k to attack a chip card and extract its information (compared to possibly even more expensive attacks on high end devices).

a criminal organization extracts the necessary information to convince infrastructure point-of-sale terminals that they have a valid card ... inject the information into 5000 yes cards and sell them on the black market for $100 each. They'll still clear over $400k.

the issue is that the systemic risks have shifted from infrastructure shared-secrets (as in the mondex case) to all the point-of-sale terminals in the world being programmed for offline transactions and to trust that chip cards correctly implement the banking infrastructure business rules (the systemic risk is all those point-of-sale terminals trusting chips to correctly implement the bank infrastructure business rules).

the countermeasure for counterfeit yes cards with trusted business rules is to go to online, checking if the card has been deactivated. however, if you go to online transactions ... then you can simply utilize business rules in the backend banking system .... and any programming and business rules in the chip card become redundant and superfluous.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Thu, 12 Aug 2004 14:44:27 -0600

Alan Balmer writes:
Our security system works nicely off-line, but we have a restricted set of users (university environments). An individual reader can hold schedules and access parameters for some tens of thousands of users, and the database is updated whenever it's online. POS is another matter, of course.

a lot of the door badge systems are migrating to online .... in part because the technology costs have come done.

basically it is security proportional to risk issue ... and cost/beneift of risk mitigation.

if the value of what is at risk is low enuf ... then it is harder to justify more expensive online door badge systems .... however, the online door badge system can mitigate a lot of risks that offline systems have trouble with.

Many of the door badge systems at higher value commercial infrastructures were purely offline in the 60s & 70s ... but you started seeing migration to online door badge systems in the 80s ... including things like extremely detailed audit activity being securely recorded (possibly integrated with online surveilllance cameras). This is comparedwith some number of the low-value infrastructures that were still possibly key-based in the 60s (or had nothing) ... moving up to offline door badge systems.

one of the things you started to see starting in the early 80s was serious insider and collusion countermeasures (i.e. it isn't a matter of only letting the insiders in and keeping the outsiders out). The 90s somewhat defocused that with lots of concern in the press about outsider attacks (via the internet). However, even at that, a recent study found that at least 77 percent of possibly internet related fraud involved an insider somehow.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Thu, 12 Aug 2004 15:22:04 -0600

Anne & Lynn Wheeler writes:
now in the following post:
https://www.garlic.com/~lynn/2004j.html#2

random trivia related the above reference which eventually references discussion of various techniques used to attack chips and other crypto devices.

for some time, i had half dozen offices, a lab and other stuff in the los gatos lab ... which was primarily a chip design and chip design tool operation. one of its claims to fame was to have been the first to use scanning electronic microscope on a live running chip. in their case the technique was used as part of chip debugging and development. it was also responsible for the LSM logic simulator.

at one time it was considered the most beautiful lab in the company ... you could have deer or possibly wild boar outside your window. in the 90s they finally closed the lab, tore down the building and sold off the grounds (couple hundred acres) for housing development.

Wars against bad things

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wars against bad things
Newsgroups: alt.folklore.computers
Date: Sat, 14 Aug 2004 09:26:52 -0600

"Gary A. Gorgen" writes:
That was the only advantage that Interdata had over most vendors. Had to find a customer that had a specific problem, then the sale was easy. If all the customer wanted, was a computer, they usually bought DEC.

as an undergraduate, i worked on project with interdata/3 ... i had stumbled across something that I wanted to do with mainframe terminal controller and it wouldn't do it. the project involved reverse engineering the ibm channel interface and building a mainframe channel adapter board for the interdata/3 and programming the interdata/3 to emulate the mainframe controller. it was later enhanced to use a interdata/4 as controller emulation interface with a collection of interdata/3s as dedicated line scanners

there were some write-ups blaming the project for starting the plug compatible manufacture controller business.
https://www.garlic.com/~lynn/submain.html#360pcm

which, in turn, supposedly spawed the (aborted) FS project:
https://www.garlic.com/~lynn/submain.html#futuresys

which in turn was supposedly one of the reasons Amdahl left and started plug compatable processor business.

i ran into somebody 6-7 years ago who said they had been selling the p/e boxes into NASA in the 80s (they had been bought by perkin-elmer by then) ... but claimed that the wire-wrap channel adapter board was possibly the original design. there was some comment that they never saw any justification that any redesign would result in incremental sales that would justify the redesign.

In the late 90s, i ran across one such box still handling large communication load in a big mainframe datacenter.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Wars against bad things

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wars against bad things
Newsgroups: alt.folklore.computers
Date: Sat, 14 Aug 2004 09:29:09 -0600

"Gary A. Gorgen" writes:
IIRC, that was called "R*" (R star) rounding. When was it introduced?

there was also R* (R-star) which was the follow-on to system/r ... the original relational database ... which was then followed by starburst misc. past refs:
https://www.garlic.com/~lynn/submain.html#systemr

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Wars against bad things

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wars against bad things
Newsgroups: alt.folklore.computers
Date: Sat, 14 Aug 2004 13:34:06 -0600

"Gary A. Gorgen" writes:
Oh great, 2 things with the same name, & nothing in common. :-)

there is also R-something? (which i think is star but may be plus) ... an industry service that collects detailed erep logs from customers and publishes detailed reliability and availability statistics for various machines and configurations.

i had done this software support for channel extender ... allowing local controllers & devices to operate at the end of some telco link. for various reasons, i had chosen to simulate "channel check" when various telco errors occurred ... in order to kick-off various operating system recovery/retry routines.

along came the 3090 ... which was designed to have something like 3-5 channel check errors per annum (not per annum per machine ... but per annum across all machines).

After 3090s had been out a year ... R-something? was reporting that there had been an aggregate of something like 15-20 channel check errors in the first year across all machines .... which launched a detailed audit of what had gone wrong.

they finally found me ... and after a little bit additional investigation, i decided that for all intents and purposes, simulating an IFCC (interface control check) instead of a CC (channel check) would do as well from the standpoint of the error retry/recovery procedures activated.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

The Reincarnation of Virtual Machines

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: The Reincarnation of Virtual Machines
Newsgroups: alt.folklore.computers
Date: Sat, 14 Aug 2004 14:26:16 -0600

ACM Queue - The Reincarnation of Virtual Machines - Like the best of the 1970s and 1980s, VMs have returned to the scene -- and they're a lot cooler than polyester pants.
http://acmqueue.com/modules.php?name=Content&pa=showpage&pid=168

i was still an undergraduate but I got to go to the spring '68 Houston share meeting announcement of cp/67. three people from the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

had come out to the university at the end of jan. '68 to install cp/67. posting on 35th anniversary announcement of cp/67
https://www.garlic.com/~lynn/2003d.html#72

photo from the 30th b'day party for vm/370 at share 99 in san fran:
https://www.garlic.com/~lynn/LynnWheeler023.jpg

vm b'day picture

it was one of the main stays of personal computing in the '70s ... not only being offered from corporate datacenters .... including the majority of the computers on the internal network ... minor reference
https://www.garlic.com/~lynn/99.html#112
other references to the internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet

but was also offered as timesharing platform by a number of commercial timesharing companies
https://www.garlic.com/~lynn/submain.html#timeshare

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Methods of payment

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Methods of payment
Newsgroups: alt.folklore.computers
Date: Sun, 15 Aug 2004 08:28:47 -0600

rogblake10@iname10.com (Roger Blake) writes:
So they won't do business with anyone who does not have a bank account?

one solution ... it was either commerce or treasury that pioneered for 2000 census workers ... the objective was electronic funds transfer and the worker could acess it like an ATM debit (but w/o the fees and other infrastructure costs)

some overview
http://www.eta-find.gov/ETADepositHow.cfm
faq
http://www.eta-find.gov/ETAFactsPage1.cfm
home page
http://www.eta-find.gov/Index.htm

overview of some of the issues:
http://www.fdic.gov/consumers/community/unbanked/tum05.html

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of
ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Sun, 15 Aug 2004 08:40:11 -0600

jmfbahciv writes:
You can do that?! So cash registers are turning into bank terminals? I'll have to think about this one. I don't think I'd like to be one of those clerks; they still do have to balance their cash drawer at the end of shift...don't they? HEH. That job ain't as simple-minded as it looks.

one of the issues is that banks charge commercial entities a service fee for handling cash. cash-back can minimize the night's deposits.

in theory the debit fee discount payed by the retailer (on the cash back amount) is less than overhead costs for managing the actual cash (in part, since the customer is already doing the debit transaction, the merchant is already taking the hit on the per transaction fee).

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Wars against bad things

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wars against bad things
Newsgroups: alt.folklore.computers
Date: Sun, 15 Aug 2004 09:45:28 -0600

"Gary A. Gorgen" writes:
What we called loosely-coupled, were machines connected together via an I/O device, (much like ethernet or hyper-channel). Tightly-coupled, were machines connected together via shared-memory, with an inter-processor interupt system. Each system could be independant, or dependant depending on the configuration. There was no requirement that each machine even ran the same monitor. The largest system I did was 9 processors, with dual redundant shared-memory. One 4 processor system I did made a 2 second appearance in the movie, "Top Gun". My 2 seconds of fame. :-)

anne was con'ed into going to POK to serve stint where she was responsible for loosely-coupled architecture. while there she originated Peer-Coupled Shared Data
https://www.garlic.com/~lynn/submain.html#shareddata

possibly the largest production loosely-coupled operation in the late 70s was the HONE system.
https://www.garlic.com/~lynn/subtopic.html#hone

HONE was originally deployed in the US as support vehicle for all the sales, field, and customer support people. It was then replicated at numerous places around the world ... and in the late '70s the US HONE datacenters were consolidated in california ... where we got to put together a massive single-system operation configuration (single site loosely coupled, load balancing and fall-over) with a large disk farm. As possibly the largest vm-based time-sharing service
https://www.garlic.com/~lynn/submain.html#timeshare

... it was pushing 40,000 userids (US sales, field, and customer support people).

in the early 80s, partially as a result of earthquake disaster scenarios, it had replicated operations installed in Dallas and Boulder ... with load-balancing and fall-over across the three site complex.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of
ASCII,Invento
Newsgroups: alt.folklore.computers
Date: Sun, 15 Aug 2004 21:42:43 -0600

magstripe gift/pre-paid news (from the future: 16th):
http://www.heraldsun.news.com.au/common/story_page/0,5478,10459001%255E462,00.html

mentions the current US giftcard market is worth $90b ($125b aust)

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Wars against bad things

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wars against bad things
Newsgroups: alt.folklore.computers
Date: Mon, 16 Aug 2004 07:45:28 -0600

jmfbahciv writes:
This was something that JMF and CDO wrote an architect spec for. I'm assuming that HONE was transaction processing in addition to an information provider.?

a lot of HONE use was packaged APL environment that delivered various services & applications written in APL (APL was used to implement a lot of things you see today delivered in spreadsheets).

A major HONE/APL application was the configurators .... you entered in what the customer wanted .... it might ask some additional questions ... and it came back with the exact specifications that the salesman were to put in the order form (there are an enormous number of detailed feature codes, co-dependency features, inter-dependency features, mutually exclusive features, etc).

Some number of the configurators frequently also had some level of performance specification (& even analytical models) ... messages per second, etc.

360s were starting to get complex enough for the salesman to correctly specify all the appropriate feature codes for a customer order. starting with 370s, it was requirement that HONE configurators be run for order preparation.

in part because of the APL environment ... a lot of HONE use was extremely CPU intensive operation.

another major use was customer proposals, bid responses, etc ... basicly document edit and preparation. originally HONE was cp/67 with CMS (and cms\apl) ... and then transitioned to VM/370 and CMS (with the various flavors of apl\cms, apl\sv, apl2, etc). Original CMS had SCRIPT ... with run-off like commands for document formating (soemwhat dating back to common heritage with CTSS). "G", "M", and "L" had invented GML (precursor to SGML, HTML, XML, etc) and early in vm/370 time-frame, script was extended with GML document formating capability (you could actually intermix GML tags and "dot" commands in the same document).

for the most part, hone
https://www.garlic.com/~lynn/subtopic.html#hone
was a personal computing, time-sharing, application delivery platform
https://www.garlic.com/~lynn/submain.html#timeshare

in part because of the cpu intensive APL operation ... the merged HONE cluster in cal. might only have a couple thousand simultaneous/concurrent users at any moment in time. during the 70s, (typically smaller) clones of the US HONE operation were replicated in many parts of the rest of the world.

in the early '80s, the marketing & sales division also started program of installing 4341 vm/370 systems, first in regional and then larger branch offices. this offloaded some amount of the more traditional interactive work (and non-configurator stuff) .... email, document editing, etc.

cp/67, cms, vm/370, internal network, cms\apl, GML, tightly-coupled smp support, compare&swap instruction, a lof of HONE stuff, ... all came out of 545 tech sq.
https://www.garlic.com/~lynn/subtopic.html#545tech

C&S instruction is the initial of the inventor at 545tech. misc. c&s and/or smp references:
https://www.garlic.com/~lynn/subtopic.html#smp

GML are the initials of the inventors at 545tech. misc. posts on invention of GML at 545tech sq:
https://www.garlic.com/~lynn/submain.html#sgml

internal network refs
https://www.garlic.com/~lynn/subnetwork#internalnet

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Losing colonies

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Losing colonies
Newsgroups: alt.folklore.computers
Date: Mon, 16 Aug 2004 09:50:33 -0600

Bernd Felsche writes:
Far from being intrinsically useless, competence at a native-language level is extremely useful; not only for interaction with other people, research, etc; but also for being able to think about things differently.

If you were only able to programme in COBOL, then you'd have to solve all problems in COBOL.

If OTOH, you were very competent in half a dozen languages and had a passing familiarity with a dozen others, then you'd be able to choose the most-appropriate tool for the particular job.

Human languages are not entirely unlike that. Each language carries with it idioms and nuances that do not translate directly to other languages. Moreover, the power of terminology in specific languages imposes a cultural under-current and makes some ideas easier to "implement".

Indeed, being able to speak more than one language has the potential to make one more understanding of the difficulty others may have in expressing their ideas in any formal language; even their native tongue.

slightly related is language literacy ... sometimes referred to as thinking & dreaming in the language. a lot of people writing programs and using programming languages are frequently still laboriously translating .... i.e. they don't actually think & dream in the programming language that they are using.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father
Newsgroups: alt.folklore.computers
Date: Mon, 16 Aug 2004 13:18:36 -0600

Alan Balmer writes:
I'm also curious to know how you know that only some of the overcharges were caught. If you know of more, you really should be a good fellow and tell the GAO.

and the military/industrial complex issues from forever.

i remember being told tales about various financial activities in the US during WW-II

boyd helped orchestrate an 18-page newsweek article in the early 80s on military/industrial complex issues during the 60s & 70s ... misc boyd:
https://www.garlic.com/~lynn/subboyd.html#boyd
https://www.garlic.com/~lynn/subboyd.html#boyd2

there was news article this morning about GAO evaluation of the new armored, rapid deployment vehicle .... which may have weight issues and problems being rapidly deployed.

does anybody remember the stories about $500 hammers and toilet seats?

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Mon, 16 Aug 2004 14:34:39 -0600

Morten Reistad writes:
neither Tops10 or Tops20 had any really good security; and wouldn't have lasted long when connected to the Internet of today. Original UNIX didn't have networking, but the versions that had it bolted on didn't have adequate security.

cp/67 had partitioning ... which is also a security technique. starting in the '70s there was an extensive network of the machines on the internal network .... which doesn't exactly have the hostility and adversary flavor that today's internet can represent.

however, the timesharing service at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

first with cp/67 and then morphing to vm/370 .... had significant number of MIT, BU and other students with general logins ... and it also started remote cms\apl service for people from corporate hdqtrs where they loaded the most valuable and closely guarded corporate secrets and used the data in all sorts of business modeling applications. The student population were known for some number of exploit attempts ... but I know of no situation where corporate secrets leaked out via that avenue.

lots of the internet vulnerabilities have been

1) buffer related exploits specifically associated w/C-language characteristics

2) some number of production services grew out of student/university applications which were never designed from the standpoint of business critical dataprocessing; including extremely simple & trivial debug/testing features that allowed complete remote take-over of the application.

there were a significant number of secure cp/67 and then vm/370 operations. the platforms were used for general commercial time-sharing service offerings ... where you might actually have business competitors using the same platform with the possibility of corporate secrets leaking if things weren't secure
https://www.garlic.com/~lynn/submain.html#timeshare

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Mon, 16 Aug 2004 17:45:02 -0600

Brian Inglis writes:
Poor programmers blame their tools, and poor programming practices should not be blamed on the language, rather blame the programmers who don't understand what they're doing, and the library functions they're using. I really don't understand how these problems can still occur, as they were known about in the 1980s, and the functions that allow them were strongly deprecated even then, although they are still around for backward compatability. If the code had been written in a different language, that language would have been blamed, but it would be unlikely to happen, as most other languages don't allow that level of functionality to be developed. Had the code been written in assembler, it would just be called a bug, but I'm sure there would also have been plenty of other, bigger issues to worry about. If people have problems with a language, they shouldn't use that language, they should switch to another one instead of complaining.

the multics scenario with PLI have substantiated claim of doing operating system and not having any buffer exploits.

the issue wasn't so much the language per se ... but the language conventions for length handling.

the PLI language supported length handling conventions that were explicit ... and interfaces used them as such.

by comparison cp/67 and vm/370 was all assembler language .... but they also had convention of everything having explicit lengths and some number of the standard functions all did validity checking on the explicit lengths as a matter of course. Explicit lengths were always carried and always used.

It is as much a system convention as a language thing ... since it would be possible to have assembler with totally different conventions.

in the 360 genre case ... it was carried into the hardware i/o interface. all input/output operations involved explicit lengths ... and completions indicated resididual counts (if any). the i/o routines as a matter convention tended to consistently pass the original length minus residual length as part of all input/output (i.e. input string carried with it the actual length read .... buffers tended to have max size of buffer and current actual length in buffer. in addition to explicit programming that was validating all the lengths appropriately, most of the library functions were also always explicitly validating operations with respect to length.

so technically .... it isn't c language per se .... it is standard c programming conventions, c programming libraries, c programming practices. it is somewhat like saying that cars don't cause automobile accidents ... people cause automobile accidents .... and if people would stop driving ... we would stop having traffic fatalities. however, I recently saw something about safer cars and possibly 40 some percent of traffic fatalities involve not having seatbelt on. i would assert that not having explicit lengths permeate the whole infrastructure is a lot like not wearing seatbelt.

one of the things we did when we started ha/cmp
https://www.garlic.com/~lynn/subtopic.html#hacmp

was detailed vulnerability analysis of whole lot off issues. one of the things that we predicted was something like at least a two order magnitude increase in buffer related exploits/vulnerabilities than what we were use to in non-C-based implementations.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Many engineers lack even a four-year degree

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Many engineers lack even a four-year degree
Newsgroups: alt.folklore.computers
Date: Mon, 16 Aug 2004 20:56:49 -0600

More than one-fifth of U.S. science and engineering workers have less than a bachelor's degree, according to a new report from the National Science Foundation.
http://news.com.com/Many+engineers+lack+even+a+four-year+degree/2100-1022_3-5312309.html?tag=nefd.top
.... The number of science and engineering doctorate degrees produced in the United States dropped from 27,300 in 1998 to 24,550 in 2002. And that figure may decline further thanks to fewer educational visas issued and fewer applications to graduate schools from international candidates, who earn a large portion of tech-related doctorates at U.S. schools

<snip>

some past related threads in this n.g.
https://www.garlic.com/~lynn/2002e.html#1 More on Aging Legacy Workforce
https://www.garlic.com/~lynn/2002k.html#41 How will current AI/robot stories play when AIs are real?
https://www.garlic.com/~lynn/2003g.html#48 Lisp Machines
https://www.garlic.com/~lynn/2003i.html#28 Offshore IT
https://www.garlic.com/~lynn/2003i.html#45 Offshore IT
https://www.garlic.com/~lynn/2003p.html#33 [IBM-MAIN] NY Times editorial on white collar jobs going
https://www.garlic.com/~lynn/2004b.html#2 The SOB that helped IT jobs move to India is dead!

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Many engineers lack even a four-year degree

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Many engineers lack even a four-year degree
Newsgroups: alt.folklore.computers
Date: Mon, 16 Aug 2004 21:13:26 -0600

and a related article from last Dec.

What's up, Doc? Not the number of science Ph.D.s
http://news.com.com/What%27s+up%2C+Doc%3F+Not+the+number+of+science+Ph.D.s/2100-7337_3-5113634.html?tag=nl
A sizable chunk of the science and engineering doctorates went to non-U.S. citizens, according to the NSF. Of 23,152 doctorates awarded to students whose citizenship was known, 8,839 went to non-U.S. citizens. In engineering alone, foreign-born persons receiving doctoral degrees last year represented more than 60 percent of the total, according to the NSF. Between 1993 and 2002, foreign citizens earned just more than 57 percent of all engineering doctorates, the NSF said.

<snip>

and ten days ago:

Brain drain in tech's future?
http://news.com.com/Brain+drain+in+tech%27s+future%3F/2100-1008_3-5299249.html?tag=st.rn

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Tue, 17 Aug 2004 07:34:25 -0600

Brian Inglis writes:
Change the local convention to only use the explicit length interfaces, and disallow using the zero terminated interfaces. Good C programming practices require honouring both interfaces, by using explicit lengths, and also providing a nul character terminator in text strings, to support legacy code that might be used by other routines, until that code can be replaced.

various efforts to make that happen has been going on for possibly 15 years ... whole new generations of programmers have come on the scene during that time ... and it is still happening.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

A quote from Crypto-Gram

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A quote from Crypto-Gram
Newsgroups: sci.crypt
Date: Tue, 17 Aug 2004 07:56:36 -0600

Jeff Williams writes:
Back in the 70s and 80s, some computers (not so much micros as mainframes, minis, and special purpose machines) had the microcode in ROM, so microcode was modifiable. Note that it was a serious, hands-on process. Modifications were typically done by the designers/maintainers of the machines, not the users (having been both a designer and a user, I distinguish between the two terms).

When I was in university (early 80s), I heard of machines (at Xerox PARC, IIRC) that had downloadable microcode for the purpose of modifying the instruction set on the fly. Never saw such machines - just heard about them from my profs.

lots of posts about designing and implementing various mcode, 60s, 70s, 80s
https://www.garlic.com/~lynn/submain.html#mcode

some number of the ones i worked on were designed as enhancements for operating system performance assists. the low-end machines typically had vertical mcode that typically is similar to familiar machine code programming paradigm. the high-end machines frequently were horizontal mcode ... wide words, where bits on/off activated specific machine functions like fetch to register. single instruction might activate several functions simulataneously ... although programming had to explicitly know about latencies in various functions .... i.e. fetching a value to register might take several machine word cycles and from the start of the fetch to the actual use of the value had to be separated by several instructions.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Tue, 17 Aug 2004 09:56:39 -0600

Alan Balmer writes:
That's because there are good reasons to use zero-terminated strings. They're only dangerous if not properly used.

this is like the line from somebody about
in theory, there is no difference between theory and practice, but in practice there is.

in general .... implicit anything almost always results in some number of glitches. i assert that there is fundamental threat model associated with implicit lengths ... and the countermeasure is explicit lengths.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

A quote from Crypto-Gram

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A quote from Crypto-Gram
Newsgroups: sci.crypt
Date: Tue, 17 Aug 2004 10:27:06 -0600

Michael Amling writes:
The nefarious aspect is that once the black hat has the microcode in place, it would still work after the victim had run virus scans, re-installed the OS, reformatted all disks, etc. The microcode might be triggered by an instruction sequence that occurs normally. Perhaps it could recognize when some authorization routine is running and do something that would cause BH to be authorized.

there is the famous story about hack on the c-compiler that would put backdoor in unix logon (the compiler would recognize the module and insert backdoor in the code).

a similar ... but different tale (from 30+ years ago)
https://www.garlic.com/~lynn/2004g.html#45

except i manually flipped a bit in instruction from the front panel and voila no matter what you did ... it was treated as correctly authenticated. this isn't unlike the counterfeit yes cards that have started showing up (also referenced in above URL).

the trusted computing platform/module stuff had defined some number of protected secure hash locations that can be initialized. one is for the bios ... and on boot the secure processor calculates the secure hash on the bios and verifies against the saved value (to try and catch corruption).

this isn't unlike the tripwire methodology for periodically checking the integrity of files.

mainframes have tended to have various kinds of ECC (not the crypto kind) for recognizing microcode corruption (regardless of the source).

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

A quote from Crypto-Gram

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A quote from Crypto-Gram
Newsgroups: sci.crypt
Date: Tue, 17 Aug 2004 10:52:20 -0600

remember shugart's original invention of the floppy disk was for loading mcode into the 3830 disk controller. it was then also used for mcode loading on a number of mainframe machines ... in addition to other controllers

random shugart past posts
https://www.garlic.com/~lynn/2000.html#9 Computer of the century
https://www.garlic.com/~lynn/2002.html#17 index searching
https://www.garlic.com/~lynn/2002l.html#50 IBM 2311 disk drive actuator and head assembly
https://www.garlic.com/~lynn/2004.html#5 The BASIC Variations

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 06:54:48 -0600

Steve O'Hara-Smith writes:
There are indeed such languages, however they are a lot less efficient than C code that assumes the buffer will not be overflowed. In these days of processors with clocks running at microwave frequencies this is less important than it used to be just as in these days of script kiddies and widespread viral attacks protecting against buffer overflow is more important than it used to be.

in addition to reports that say there are other systems/infrastructures that are almost buffer exploit free.

in the late 90s ... there was a report that said that the majority of all exploit/vulnerabilities were buffer exploits (almost unique to the c language programming environment).

last year, i was on panel discussion with some fbi cyber forensic guy who said that exploit/vulnerabilities they had been seeing were 1/3rd buffer overflow, 1/3rd virus/trojanhorse/email, 1/3rd social engineering. the social engineering issue has always been around. lots of exploit & vulnerability related posts
https://www.garlic.com/~lynn/subintegrity.html#fraud

to some extent the virus/email it taking something that was pretty much infrastructures that had original design point of stand-alone (say running games on kitchen table) or small departmental groups ... and hooking them up to the internet environment that involve large numbers of people with very different and diverse objectives. somewhat the closest similar environment from earlier ages with diverse groups with different objectives were some of the large commercial time-sharing systems ....
https://www.garlic.com/~lynn/submain.html#timeshare

also, note that to some extent the 1/3rd distribution numbers are probably specifically with respect to outsider attacks. in the past (before all the internet oriented attention) the frequent number was that 90 percent of the fraud involved insiders (not specified whether that was in terms of incidents or total dollar value). there is recent study that for identity theft fraud ... at least 77 percent of the incidents involved insiders.

as part of trying to add some more to the exploit & vulnerability taxonomy that i've got in my merged security taxonomy & glossary ...
https://www.garlic.com/~lynn/index.html#glosnote

i've looked at the cve database to see what exploit & vulnerability structural information i could pull out of it. the entries and notes in the cve database are pretty free form ... so what i've mostly come up with is word count & word-pair counts on the entries.

in any case, if you have some number of environments (that range from machine language coding to very high level languages) where certain kind of exploit & vulnerability has almost never been known to occur ... and another specific environment ... where a specific kind of exploit & vulnerability is extremely pervasive .... one might come to believe that the difference is more than simply quality of the programming.

at this point ... one might believe that the infrastructure costs because of buffer exploit and vulnerability is significantly larger than any possible programming productivity that might come from implicit length paradigm ... which is somewhat unique characteristic of the c language environment ... compared to some number of other environments that have almost never seen a buffer exploit/vulnerability.

misc. posts related to cve database analysis
https://www.garlic.com/~lynn/aadsm18.htm#10 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
https://www.garlic.com/~lynn/2004e.html#43 security taxonomy and CVE
https://www.garlic.com/~lynn/2004f.html#20 Why does Windows allow Worms?
https://www.garlic.com/~lynn/2004h.html#2 Adventure game (was:PL/? History (was Hercules))

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 06:59:40 -0600

Anne & Lynn Wheeler writes:
in the late 90s ... there was a report that said that the majority of all exploit/vulnerabilities were buffer exploits (almost unique to the c language programming environment).

last year, i was on panel discussion with some fbi cyber forensic guy who said that exploit/vulnerabilities they had been seeing were 1/3rd buffer overflow, 1/3rd virus/trojanhorse/email, 1/3rd social engineering. the social engineering issue has always been around. lots of exploit & vulnerability related posts

... the change from majority of all exploits & vulnerabilities being buffer/length related to only 1/3rd ... isn't so much a reduction in the number of buffer/length exploits (which one might possibly attribute to better programming practices) ... but to a large increase in the other types of exploits & vulnerabilities (i.e. the absolute quality of the programming with respect to buffer/length exploits doesn't seem to have changed).

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Methods of payment

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Methods of payment
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 12:37:23 -0600

Alan Balmer writes:
But then you don't need the smart card. That's the way ordinary mag-stripe debit cards work.

there are both chip (offline) and magstripe-based (online) stored value cards ... as well as chip cards designed to do "offline" debit and/or credit operations. an example of the chip "offline" debit/credit card problem is the yes cards previously referenced.

the yes card exploits the fact that the (smartcard) offline (stored-valued, debit, credit, etc) environment is effectively peer-to-peer with business rules installed in the offline components ... once adequate authentication has been performed ... then both parties rely on the integrity of the business rules deployed in the offline units. the attack then is the offline authentication infrastructure with counterfeited devices and bogus implementation of the business rules.

the online magstripe-based systems (debit, credit, stored-value) effectively use the magstripe as a something you have authentication and share common online network. debit tends to do two-factor authentication, augmenting the magstripe something you have authenticaiton with a something you know PIN. the business rules are in the online transaction system.

the magstripe vulnerability is the readily available technology for counterfeiting magstripe. it is possible to use chipcards in an online system ... purely for authentication purposes (as opposed to combination of authentication and business rules needed in offline systems). use of pure authentication in a chip online environment is countermeasure to the ease of counterfeiting magstripe.

in theory, the same exact chips can be used in both an online authentication implementation as well as a offline authentication plus business rule implementation ... which would lead to the conclusion that the costs to compromise a single chip is approximately the same (at least for some specific types of compromise).

the issue is that well designed chip implementation can require physical possession and destruction of the chip ... which is a time-consuming processing. the countermeasure in the online case is a lost/stolen report that deactives that specific chip ... potentially in much shorter time than it takes to do a physical chip compromise (which could mean that there would be no fraud). The offline issue is that deactivation can be quite difficult, if provided for at all (leading to much larger fraud opportunities).

somewhat related is Are Merchant-controlled debit networks the next big thing?
http://www.banktech.com/story/enews/showArticle.jhtml;jsessionid=HD4GXYY53MC32QSNDBCCKHY?articleID=29100853

from purely technical standpoint ... the merchant end of the infrastrucutre supporting credit, debit and magstripe stored-value is effectively the same (same kind of card, same terminal, same communication connection, etc).

misc. past yes card references
https://www.garlic.com/~lynn/aadsm15.htm#25 WYTM?
https://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card
https://www.garlic.com/~lynn/aadsm17.htm#25 Single Identity. Was: PKI International Consortium
https://www.garlic.com/~lynn/aadsm17.htm#42 Article on passwords in Wired News
https://www.garlic.com/~lynn/aadsm18.htm#20 RPOW - Reusable Proofs of Work
https://www.garlic.com/~lynn/2003o.html#37 Security of Oyster Cards
https://www.garlic.com/~lynn/2004g.html#45 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]
https://www.garlic.com/~lynn/2004j.html#12 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
https://www.garlic.com/~lynn/2004j.html#13 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
https://www.garlic.com/~lynn/2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
https://www.garlic.com/~lynn/2004j.html#35 A quote from Crypto-Gram

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Many engineers lack even a four-year degree

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Many engineers lack even a four-year degree
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 12:41:36 -0600

somewhat related to the various referenced earlier posts

High School graduation tests have little tie to college, report finds.
http://www.usatoday.com/news/education/2004-08-18-tests_x.htm
.... With 20 states now withholding diplomas from students who don't pass tests in English and math, if not other subjects, the common assumption is that the tests measure college readiness, said Keith Gayler, the lead author of the report. That's wrong, he said.

... snip ...

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 18:10:50 -0600

Peter Flass writes:
"Thirty Years Later: Lessons from the Multics Security Evaluation"
http://domino.watson.ibm.com/library/cyberdig.nsf/papers?SearchView&Query=(multics)&SearchMax=10

yes, there was prepub in fall of 2002 .... from posting 09sep2002
https://www.garlic.com/~lynn/2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
https://www.garlic.com/~lynn/2002l.html#43 another 30 year thing
https://www.garlic.com/~lynn/2002l.html#44 Thirty Years Later: Lessons from the Multics Security Evaluation
https://www.garlic.com/~lynn/2002l.html#45 Thirty Years Later: Lessons from the Multics Security Evaluation

the original URL went 404:
http://domino.watson.ibm.com/library/cyberdig.nsf/papers/FDEFBEBC9DD3E35485256C2C004B0F0D/$File/RC22534.pdf

but the paper was being presented at acsac meeting
http://www.acsac.org/2002/papers/classic-multics.pdf

your referenced watson url is title & authors
http://domino.watson.ibm.com/library/cyberdig.nsf/papers?SearchView&Query=(multics)&SearchMax=10
that points to abstract
http://domino.watson.ibm.com/library/cyberdig.nsf/1e4115aea78b6e7c85256b360066f0d4/fdefbebc9dd3e35485256c2c004b0f0d?OpenDocument&Highlight=0,multics

some topic drift ... during a lot of that era ... multics was on 5th floor, 545 tech sq .... i was at the cambridge science center on the 4th floor of the same bldg.
https://www.garlic.com/~lynn/subtopic.html#545tech

there was some cross-fertilization in both directions ... &/or some number of people on both 4th and 5th floors had all worked on ctss as common ancestor. there was sometimes even friendly rivalry at the bar (after work) on the first floor.

the work on the 4th floor not only showed up at some accounts with some pretty stringent integrity requirements (similar to multics) but also showed up in commerical time-sharing services
https://www.garlic.com/~lynn/submain.html#timeshare

where you could have a mix of different customers with totally different and possibly even conflicting objectives (something that didn't happen with multics that i'm aware of).

while multics was primarily pli (with some stuff recoded in assembler for performance), cp/67, vm/370, cms and large percentage of the applications were all assembler.

another multics security item from earlier in 2002 that was cross-posted to both a.f.c. and alt.os.multics
https://www.garlic.com/~lynn/2002e.html#47

total topic drift ... the 9.0.0.0 class-a subnet was obtained at SJR well before interop '88 ... minor thread drifts:
https://www.garlic.com/~lynn/internet.htm
https://www.garlic.com/~lynn/subnetwork.html#interop

sometime later some of the other sites obtained their own class-b subnet addresses.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 18:39:02 -0600

Anne & Lynn Wheeler writes:
there was some cross-fertilization in both directions ... &/or some number of people on both 4th and 5th floors had all worked on ctss as common ancestor. there was sometimes even friendly rivalry at the bar (after work) on the first floor.

however, it wasn't fair for the rivalry to be done on basis of number of customers. the external customer machines far exceeded the internal corporate machines running the 4th floor system. I had a hobby of building custom systems ... and shipping tapes directly to some number of internal corporate machines (which was a small subset of total internal corporate machines running the 4th floor system) .... however during one period the small subset of systems that i directly supported was about the same as the total aggregate number of systems that ever ran multics ... aka, in terms of systems supported, it was much more fair to just compare what i did against what the multics group did.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Methods of payment

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Methods of payment
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 20:18:52 -0600

Giles Todd writes:
The ChipKnip is not a direct debit system. It is electronic cash; no more, no less. It offers the convenience of cash without having to carry a pocketful of spare change in the correct and sufficient denominations for whatever machines you might want to use. It also bears the same risks as carrying a walletful of cash, which is why it doesn't do to load the card with more than you expect to spend in a day or two.

basically the various magstripe stored value cards work similarly, except they are online instead of offline. the current difference with the online stored value ... is that the current value is held in merchant specific account (rather than on the card itself) ... and so the current infrastructure results in having a unique merchant gift/stored-value card for each merchant. however that is starting to change ... this reference
http://www.visabuxx.com/moneytools/tools_payment.cfm#storedvalue things like insurance companies are sending out stored value cards (in place of checks) for things like car repairs.

things like the starbucks magstripe stored-value card still appears to be quite popular. in talking to the people behind the counter, the slight difference (from cash) ... is that there tends to be fewer tips when somebody is paying with the stored-value card than if they paid with cash.

as previously mentioned, the first (magstripe, online) one that i was aware of in the states was a program for blockbuster.

They are frequently also being used in place of store coupons or promotions ... get a promotion $50 stored value card for use at some fancy restaurant (cuts manual processing costs at point-of-sale compared to coupon ... also may provide better tracking of incentive program use, in theory they could code the promotion card identifier with the address it was mailed to).

quicky use of google on stored value cards turns up
http://www.paymentech.com/sol_stovalcar_page.jsp
http://www.discoverbiz.com/merchant/resources/data/GiftCards_splash.html

i had previously posted references to new kind that i believe was pioneered for temporary US census workers for the year 2000 census where it is also good for getting cash at ATM machines ... which then starts to take on more of the characteristics of debit card. another of these expanded function programs (some additional references turned up with search engine):
http://www.dhs.state.mn.us/main/groups/children/documents/pub/dhs_id_001413.hcsp
http://corp.ecount.com/pr/press04_21_04.html

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Methods of payment

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Methods of payment
Newsgroups: alt.folklore.computers
Date: Wed, 18 Aug 2004 20:28:50 -0600

Giles Todd writes:
This is the flaw with ChipKnip (an offline system). Lose the card and you lose whatever value you have loaded into it. There's no authentication once you have loaded it with whatever value you choose. The same flaw applies to cash in wallets, of course.

the bigger flaw ... with respect to previously posted yes card references and descriptions is that counterfeit (offline chip) cards with fraudulent value. I believe they first appeared in the south of France sometime in the 99 or 2000 time-frame. The yes card name I believe was coined by the UK press some time in 2002.

the yes cards have the business rules (supposedly) correctly implemented in the chip ... and will correctly debit and manage value. In the counterfeit, yes card case, the business rules are bogus and the card always has sufficient funds (and never runs out of value).

the is another kind of stored-value chip card that is more characteristic of transit systems. these are effectively purely memory cards ... where the value stored in the chip is read-out, decrypted, updated, re-encrypted and rewritten back to the chip by highly secure terminals. basically the whole infrastructure has a common shared-secret encryption key that has been preloaded into all terminals.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

A quote from Crypto-Gram

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A quote from Crypto-Gram
Newsgroups: sci.crypt
Date: Thu, 19 Aug 2004 07:43:04 -0600

"David Eather" writes:
It *can't* be done. It seems that the role and scope of microcode is misunderstood. Microcode controls what the binary input to the processor means - you could for example reprogram an ADD instruction to be a SUB instruction and vice-a-versa. Microcode also controls the timing of data movement within the chip. You might remember the i386 chip, which was followed by the i386DX. The "DX" was simply a tweak to the microcode. In the i386 case the tweak was done with the photomasks in the CPU construction.

Microcode is the very lowest level of programming language. It is lower than binary machine code and is just the smallest step up from hardwired connections.

The most you could do is write a malicious instruction. For example one that forces two data sources (within the microchip) to fight for the same data buss and hence causes the chip outputs to overheat and self destruct. Even so, having succeeded in creating such an instruction you can't deliver your "payload" - as no main boards provide the necessary hardware support to update the CPU microcode.

lots of machines have allowed for loadable microcode.

1) apl assist ... back in the early 70s, one of the guys in the palo alto science center implemented apl microcode for the 145 ... where apl programs on the 370/145 would ran approximately as fast as on 370/168 (unassisted)

2) thru-out the 70s there were a whole series of new microcode performance assists for virtual machine operation ... which depending on the situation would change how the execution of various instructions behaved.

3) for "ECPS" what we did was examine the highest frequency used 6k bytes of kernel instruction execution ... and re-implemented those instruction sequences in custom microcode. then there was some dynamic boot code that would test if the kernel was running on a processor with the ECPS microcode ... and patch strategic kernel instructions "on the fly" to activate the ECPS microcode operation options (as opposed to the normal instruction options).

4) most machines tended to have microcode loaded into fixed storage. when the 3081 came out the total amount of possible microcode exceeded the available fixed storage. the 3081 had a service processor and its own operating system and hard disk. they used this to implement pageable microcode. for some less frequently used microcode ... it might not exist on in fixed memory and the 3081 would indicate to the service processor that it needed to be paged in from the service processor's fixed disks.

5) current generation of mainframes have a greatly expanded implementation of #2 ... where they implement virtual machines called "logical partitions". The machine microcode can be configured such that there is a single execution entity that maps all the real hardware. However, it is also possible to set-up the microcode to partition the machine into multiple logical machines or partitions. Some number of the instructions will operate differently in logical machine mode ... in part to enforce the partitioning/separation of different operating systems running in the different partitions. The microcode not only includes modified instruction execution, primarily to preserve partition boundaries ... but also things like a microcode dispatcher and time-slicing ... in order to share processor execution between partitions. In that sense the microcode implements sort of mini-kernel monitor for sharing processor(s) between partitions. The real machine have 8 real processors, and there might be 8-10 logical partitions (or virtual machines) ... where each logical partition is defined as having one to eight virtual processors ... and some target percentage of total processing power per unit time.

6) it would appear that some of the virtual machine partitioning logic is starting to bleed into other processor lines .... having hardware/microcode support for logical machine partitioning. In some number of such cases, the actual execution of some instructions are different whether the processor complex is operating in non-partitioned or partitioned mode.

7) some of this support for virtual machine mode can be seen in various of the software virtual machine support offerings; where the code executing in the virtual machine kernel logically becomes the "micrcode" for the virtual machine; aka the virtual machine kernel implementation (aka like vmware) is transparently modifying how various instructions in the virtual machine execute (with the objective of preserving the partitioining transparency).
http://www.vmware.com/

A trivial exercise is to work out modifications to the vmware software that conditionally changes how execution of certain instruction sequences in the virtual machine happens. Then see if it is possible to modify bios &/or microcode of the real machine to accomplish the same thing.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Thu, 19 Aug 2004 10:07:10 -0600

Alan Balmer writes:
Theoretically, yes. Practically, no way. You should have some concept of how many millions (billions?) of lines of code you're talking about, and the cost of making several releases of it. In addition to that, new bugs would surely be introduced in the process.

Programmers should be working on real bugs, not wasting their time on converting code to a new standard which broke perfectly good existing code.

the issue is value trade-off ... in some cases we may have buffer exploits spread across tens of millions of machines ... where the aggregate exploit costs far exceeds the actually value of the software. part of the problem is those exploit costs are sort of sweaped under the rug. if there was a better way of charging back the true exploit costs to the authors ... (like reverse payments or penalties) ... there might be more attention paid to addressing such issues.

if there is an upside to just cranking code as fast as possible with not a lot of downside to penalty/costs related to exploits from that code .... then there is little economic incentive to turn out code w/o buffer exploits.

i once wrote a short piece about the coalition that opposed the ten mile new section of 101 between bernel and cochran being six lanes ... so it was only built as four lanes ... while the rest of the new 101 construction was six lanes (both north and south). as a result there were horrible rush hour traffic jams both in the morning and the evening when the traffic flow went from six to four lanes. It possibly added something like 30 minutes per day for commuting for possibly ten thousand people ... or about 5,000 person hrs/day, or something over 14,000 person days per month. So in theory, with responsibility accounting .... even at $5/hr ... that would imply that the coalition should be billed $25,000/day ... little over half million per month for being accountable for being directly responsible for the communters loss of time.

so another issue is whether or not buffer problems .... accounting for the majority of all exploits in the 90s ... and at least 1/3rd of all exploits currently ... might be considered real bugs; especially when it has been repeatedly demonstrated that non-C-based implementations have not been subject to similar rate of buffer exploit problems (it isn't impossible to have written code with buffer problems in these other environments ... it just is that it has possibly been two orders of magnitude less likely).

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Thu, 19 Aug 2004 10:43:31 -0600

Anne & Lynn Wheeler writes:
so another issue is whether or not buffer problems .... accounting for the majority of all exploits in the 90s ... and at least 1/3rd of all exploits currently ... might be considered real bugs; especially when it has been repeatedly demonstrated that non-C-based implementations have not been subject to similar rate of buffer exploit problems (it isn't impossible to have written code with buffer problems in these other environments ... it just is that it has possibly been two orders of magnitude less likely).

even tho cp/67 was all assembler ... it wasn't impossible to write code with buffer length flaws ... but it was terribly unlikely ... in part because explicit length paradigms were so prevalent.

an axample is tale from the multicians web site about cp/67 system at the mit urban systems lab. there were four bldgs. in tech sq. ... polaroid two story that had land's office and three 8-9(?) story bldgs. 545 was closest to kendall sq., i recollect the urban system lab being across the court ... harvard trust was on the first floor of that bldg.
https://www.multicians.org/thvv/360-67.html

the particular story is about cp/67 crashed 27 times in one day.

the problem was that as an undergraduate i was playing around a lot with terminals and other stuff ... and added the tty/ascii terminal support to cp/67 ... also playing around with terminal stuff eventually resulted in the plug compatible controller stuff
https://www.garlic.com/~lynn/submain.html#360pcm

however, the tty/ascii terminal stuff that i did was picked up and deployed in the standard product. since the longest length stuff that tty devices could do was 80 bytes .... i did a couple of the length operations using one byte. so the way i remember it, a tty graphics device was hooked up and some (cp/67) system tables modified to indicate something like max of 1200 bytes transfers (or some such).

in any case, the longer lines broke my one byte stuff involved in length calculations ... resulting in really incorrect buffer length calculations.

so the post script in the above ... from the above URL ...
But on that day, a user at Harvard School of Public Health had connected a plotter to a TTY line and was sending graphics to it, and every time he did, the whole system crashed. (It is a tribute to the CP/CMS recovery system that we could get 27 crashes in a single day; recovery was fast and automatic, on the order of 4-5 minutes. Multics was also crashing quite often at that time, but each crash took an hour to recover because we salvaged the entire file system. This unfavorable comparison was one reason that the Multics team began development of the New Storage System.)

https://www.multicians.org/nss.html

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Losing colonies

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Losing colonies
Newsgroups: alt.folklore.computers
Date: Thu, 19 Aug 2004 12:35:34 -0600

Steve O'Hara-Smith writes:
Some years ago I had the fun of watching a team having no end of trouble translating systems which I had designed by thinking and dreaming in data structures and C code into SSADM, it seems that SSADM is rather less expressive than C :)

here is one that i've seen kicked around quite a bit ... but frequently with quite a bit of dissenting arguments ...

Language may shape human thought
http://www.newscientist.com/news/news.jsp?id=ns99996303
... Experts agree that the startling result provides the strongest support yet for the controversial hypothesis that the language available to humans defines our thoughts. So-called linguistic determinism was first proposed in 1950 but has been hotly debated ever since.

... snip ...

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Losing colonies

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Losing colonies
Newsgroups: alt.folklore.computers
Date: Thu, 19 Aug 2004 13:12:44 -0600

re:
https://www.garlic.com/~lynn/2004j.html#48

slightly related .... boyd had conversational mode
https://www.garlic.com/~lynn/subboyd.html#boyd
https://www.garlic.com/~lynn/subboyd.html#boyd2

that i've characterized as carrying on several simulataneously viewpoints & threads .... somewhat analogous to some of his OODA-loop analogies attempting to simultaneously view a subject from a large number of different perspectives (including attempting to compress the time dimension in attempt to obtain multiple nearly simultaneous views/perspectives).

he wouldn't necessarily give any cues when the words being spoken switched between threads/viewpoints ... any extended one-on-one discussions with him could be challenging since you frequently had to infer the specific thread.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

SSL question 128bit, 1024,2048 key lengths?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: SSL question 128bit, 1024,2048 key lengths?
Newsgroups: comp.security.misc
Date: Thu, 19 Aug 2004 13:35:12 -0600

"G Libc" <no-spam@sbfleury.fastmail.fm> writes:
Just wondering where in the SSL handshake and/or communication that the 128 bit comes in. On one end browsers and certificates are quoted as being 128bit encryption yet when preparing a CSR (certificate signing request) you specify key sizes ranging anywhere from 512 to 4096. My assumption is that the larger key would be used for asymetric encryption of the symetric key using PKE and that the symetric key would be the smaller 128 bit... Am I on the wrong track here?

from a brute force standpoint a symmmetric key can be any of the possible 2**128 values. a RSA key is a prime number with special characteristics .... so in a brute force checking all possible values ... the number or possible prime numbers less than 2**128 is a lot fewer than 2**128.

because public key encryption is so expensive ... and because there is process problem exchanging symmetric keys .... a session symmetric key is generated which is used to encrypt the actual data ... and the public key is just used to encrypt the symmetric key (for key exchange).

supposedly the key size of the symmetric key is basically chosen proportional to the required security data ... then it is desireable to have a public keys that has at least as strong security as the chosen symmetric key (since the public key operations are protecting the symmetric key ... which protects the actual data).

reference to ietf document (determining strengths for public keys used for exchanging symmetric keys) that gives numbers of approximate equivalent security strength
https://www.garlic.com/~lynn/2004b.html#11

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Looking for pointers to get started with e-signature

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Looking for pointers to get started with e-signature
Newsgroups: comp.security.misc
Date: Thu, 19 Aug 2004 15:03:48 -0600

daaa@rock.com (DaaaDaaa) writes:
Starting from current standard and practice. DOC web site has not proved much of value in this regard.

e-signatures or digital signatures? ... they aren't identical

at its basics digital signatures are a process based on asymmetric cryptography for authenticating a message or document hasn't been tampered with (possibly in transit).

e-signatures tend to involve an electronic environment where there has been some process that demonstrates human intent with respect to agreeing and/or approving the meaning of some document or transaction (i.e. trying to approach the concept and meaning of a physical, manual, human signature).

there are a number of instances where you may have digital signatures being used in authentication protocols .... w/o any requirement that a human has seen, read, understood, agrees, approves, and/or authorizes the contents of what was digitally signed. a lot of digital signature technology has to do with authentication ... and possibly little or nothing to doing with agreeing and/or approving.

it is possible to have an e-signature infrastructure .... demonstrating intent, agrees, approves, and/or authorizes ... w/o involving any digital signature technology.

there sometines has been confusion about the two possibly distinctly different operations .... possibly because the term "digital signature" includes the word "signature" ... even tho "digital signature" can have absolutely nothing to do with traditional human signature process.

some random past postings mentioning e-signature
https://www.garlic.com/~lynn/aepay10.htm#2 German federal employees get digital signatures
https://www.garlic.com/~lynn/aepay10.htm#7 UNCITRAL Electronic Contracting Project
https://www.garlic.com/~lynn/aepay10.htm#19 Misc. payment, security, fraud, & authentication GAO reports (long posting)
https://www.garlic.com/~lynn/aepay10.htm#71 Invisible Ink, E-signatures slow to broadly catch on
https://www.garlic.com/~lynn/aepay10.htm#72 Invisible Ink, E-signatures slow to broadly catch on
https://www.garlic.com/~lynn/aepay10.htm#73 Invisible Ink, E-signatures slow to broadly catch on
https://www.garlic.com/~lynn/aepay10.htm#74 Invisible Ink, E-signatures slow to broadly catch on (addenda)
https://www.garlic.com/~lynn/aepay10.htm#75 Invisible Ink, E-signatures slow to broadly catch on (addenda)
https://www.garlic.com/~lynn/aepay10.htm#76 Invisible Ink, E-signatures slow to broadly catch on (addenda)
https://www.garlic.com/~lynn/aepay10.htm#77 Invisible Ink, E-signatures slow to broadly catch on (addenda)
https://www.garlic.com/~lynn/aepay10.htm#80 Invisible Ink, E-signatures slow to broadly catch on (addenda)
https://www.garlic.com/~lynn/aepay10.htm#84 Invisible Ink, E-signatures slow to broadly catch on (addenda)
https://www.garlic.com/~lynn/aadsm12.htm#59 e-Government uses "Authority-stamp-signatures"
https://www.garlic.com/~lynn/aadsm12.htm#64 Invisible Ink, E-signatures slow to broadly catch on (addenda)
https://www.garlic.com/~lynn/aadsm13.htm#12 Antwort: Re: Real-time Certificate Status Facility for OCSP - (RTCS)
https://www.garlic.com/~lynn/aadsm14.htm#43 PKI "not working"
https://www.garlic.com/~lynn/aadsm14.htm#47 UK: PKI "not working"
https://www.garlic.com/~lynn/aadsm15.htm#32 VS: On-line signature standards
https://www.garlic.com/~lynn/aadsm15.htm#33 VS: On-line signature standards
https://www.garlic.com/~lynn/aadsm15.htm#34 VS: On-line signature standards (slight addenda)
https://www.garlic.com/~lynn/aadsm15.htm#35 VS: On-line signature standards
https://www.garlic.com/~lynn/aadsm15.htm#36 VS: On-line signature standards
https://www.garlic.com/~lynn/aadsm15.htm#38 FAQ: e-Signatures and Payments
https://www.garlic.com/~lynn/aadsm15.htm#39 FAQ: e-Signatures and Payments
https://www.garlic.com/~lynn/aadsm15.htm#40 FAQ: e-Signatures and Payments
https://www.garlic.com/~lynn/aadsm16.htm#1 FAQ: e-Signatures and Payments
https://www.garlic.com/~lynn/2001g.html#25 Root certificates
https://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking
https://www.garlic.com/~lynn/2001g.html#60 PKI/Digital signature doesn't work
https://www.garlic.com/~lynn/2001g.html#61 PKI/Digital signature doesn't work
https://www.garlic.com/~lynn/2001h.html#7 PKI/Digital signature doesn't work
https://www.garlic.com/~lynn/2002g.html#69 Digital signature
https://www.garlic.com/~lynn/2004i.html#17 New Method for Authenticated Public Key Exchange without Digital Certificates
https://www.garlic.com/~lynn/2004j.html#1 New Method for Authenticated Public Key Exchange without Digital Certificates

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Losing colonies

Refed: **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Losing colonies
Newsgroups: alt.folklore.computers
Date: Thu, 19 Aug 2004 20:12:39 -0600

Larry Elmore <ljelmore_@_comcast_._net> writes:
I tend to think a "weak" form may have some validity. Any human natural language is capable of expressing any concept (with enough effort), but some languages require more work and effort to coin new words and differentiate shades of meaning to adequately discuss a newly conceived idea. This raises the entry costs for speakers of some languages to enter some areas of thought, thereby _tending_ to discourage the effort. If neighbors are already using such terms, then they'll be borrowed wholesale rather than purely invented (for example a nomadic people taking up agriculture will adopt a great many loan words for agricultural terms from agricultural neighbors).

i wasn't thinking in terms of natural language ... but in terms of computer languages ... and the reference post about possibly differences in computer languages with respect to addressing specific problems.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

history books on the development of capacity planning (SMF and RMF)

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: history books on the development of capacity planning (SMF and RMF)
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 19 Aug 2004 22:39:47 -0600

"John F. Regus" writes:
I am working on a graduate degree in CS and I am being given a lot of latitude in taking "special interest" courses, that is, things I think up and work on my own.

I have read a lot of university's computer science curricula, and not one of them offer any courses in capacity planning and/or performance management.

I would like to know the history of when performance management and later capacity planning taking historical performance information and creating a view of how well things are going, system throughput, application throughput, network throughput, etc.

If you can direct me to some historical information on this topic and its evolution, I would like to hear from you.

i believe some amount of the early transition from performance monitoring to performance management and then to beginnings of capacity planning occurred at the cambridge science center.

there was quite a bit of work an dynamic adaptive performance management algorithms ... but there were also extensive monitoring data from possibly thousands of systems. this was used to characterize workloads and configurations ... and a great deal of work was done on workload profiling and synthetic workloads for performance validation. We had collected relatively detailed workload and operational activity data on tens and then hundreds of a wide-variety of mostly interactive, batch, and mixed-mode batch/interactive systems. profiles of operational charateristics were built of from this detailed activity data ... which was used to characterize operations .... like peak observed activity under a broad range of different characteristics. a lot of this was in the early to mid 70s time-frame.

in conjunction with this an analytical model was developed in APL that eventually evolved into a sales & marketing tool on HONE.

HONE was the online, interactive system that supported world wide sales & marketing ... and the majority of the applications were implemented in CMS\APL and then later APL\CMS. Many of the earliest applications were "configurators" (apl was being used for a lot of applications that you see done today with spreadsheets). For 360s, a salesman could still fill out the order form ... but with 370s, the multitude of feature codes (and their interdependencies)for processors, controllers, etc ... got so complex that salesman needed to use a HONE configurator application for completing order specifications. Some number of the configurators included some ability to specify some amount of thruput information ... especially for some of the controllers ... like the 3705 terminal controller.

however, the much more detailed processor & workload analytical model developed and made available on HONE was called the performance predictor. marketing people could enter existing configuration, workload, and even performance information ... and then ask what-if questions .... aka what is the effect of adding more memory, disks, processors, .... and/or what is the effect of increasing and/or changing workload characteristics.

Nore recently, I've run into an extremely sophisticated system configuration and thruput modeling application. The claim was that the person had obtained the rights to the IBM apl performance model in the early 90s and ran it thru an APL to c-language converter and then subsequently made numerous enhancements.

much of this early work was done at the cambridge science center; random past posts about science center
https://www.garlic.com/~lynn/subtopic.html#545tech

random past posts about HONE
https://www.garlic.com/~lynn/subtopic.html#hone

some past posts about some of the benchmarking and workload profiling done at the science center
https://www.garlic.com/~lynn/submain.html#bench

for the calibration of the resource manager product .... we took all of the workload and configuration characterization information and defined a series of approximately (automated) 1000 benchmarks that had statistical coverage of most observed workload and operational characteristics. the analytical model was then modified to specify variations on workload and operational characteristics ... and the first 1000 benchmarks results were fed in ... and the whole thing automated .... with the model picking the workload and operational characteristics for approximately another 1000 benchmarks (iteratively, select a benchmark workload & configuation, run it, get the results, select the next). In total there were approximately 2000 benchmarks (taking 3 months elapsed time) done as part of preparing the resource manager for product release.

some discussions about pieces of the dynamic adaptive resource manager
https://www.garlic.com/~lynn/subtopic.html#fairshare
https://www.garlic.com/~lynn/subtopic.html#wsclock

some early articles by yon bard who had done a lot of the (apl & other) performance modeling at cambridge
Performance criteria and measurement for a time-sharing system, Y. Bard, IBM Systems Journal, v10n3, 1971

Experimental evaluation of system performance, Y. Bard, IBM Systems Journal, v12n3, 1973

IBM Contributions to Computer Performance Modeling, Y. Bard, C. Sauer, IBM Journal R&D, 25th annv. issue, v25n5, 1981

this is a posting discussing an old comparison of 3725s and series/1s for large network configurations .... that used hone configurators to get performance, thruput, and costs for the two boxes:
https://www.garlic.com/~lynn/99.html#67

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Losing colonies

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Losing colonies
Newsgroups: alt.folklore.computers
Date: Fri, 20 Aug 2004 07:50:56 -0600

Anne & Lynn Wheeler writes:
i wasn't thinking in terms of natural language ... but in terms of computer languages ... and the reference post about possibly differences in computer languages with respect to addressing specific problems.

and a little closer to computer business ... slashdot has picked it up
http://science.slashdot.org/science/04/08/20/0354222.shtml?tid=134

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

history books on the development of capacity planning (SMF and RMF)

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: history books on the development of capacity planning (SMF and RMF)
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 20 Aug 2004 17:22:19 -0600

"John F. Regus" writes:
Thanks Anne and Lynn. I have some questions. The early algorithms developed in APL and put on Hone and used by marketing to tell the customer they needed a new machine...was it all IBM driven, or did UNIVAC, RCA, Honeywell, also have something up their sleeve? Thanks, JR

HONE was purely for (eventually worldwide) ibm sales & marketing ... initially US ... but I hand carried several HONE installations overseas ... when EMEA (europe, middle east, africa) hdqtrs moved from US to Paris ... I hand carried a HONE installation to the new hdqtrs in Paris.

I don't know of anything comparable at the other vendors at that time frame.

I mentioned running into somebody in the past couple years that had acquired rights to the detailed APL system & performance model sometime in the early 90s ... and converted it to C and enhanced it. He said that he had done various performance analysis for very large datacenter operations ... initially in Europe and then many other countries ... and it was generalized to handle more than IBM processors.

some of the others that hang out in a.f.c. n.g. may have some knowledge of the other vendors ... in the late 60s and early 70s.

RFCs that reference MD5

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: RFCs that reference MD5
Newsgroups: sci.crypt
Date: Sat, 21 Aug 2004 00:14:35 -0600

I've made a number of updates to my rfc index.

if you go to the main url
https://www.garlic.com/~lynn/rfcietff.htm

you'll see a new note about list of RFCs that have some MD5 references in their text (i.e. greped on "md5" with some number of eliminations)

the display is my standard summary format; if you click on the ".txt=nnnn" field it retrieves the actual RFC

removed from the list are Obsoleted and/or Historic RFCs.

In the past, you could select Term (term->RFC#) in the RFCs listed by section; then select "MD5" in the Acronym fastpath. That got you all RFCs that had MD2, MD4, MD5, and/or "message digest" in the title or abstract.

I've have also tried to add References & ReferenceBy information. I've scanned (actually some gawk) all the RFCs attempting to recognize any References section and pull out list of referenced RFCs.

That information is now added to the RFC summary listings ... in manner similar to the obsoletes/obsoletedby and updated/updatedby fields ... i.e. RFCs that are referenced by other RFCs now show the list of "Ref'ed By").

the summary listing for 1321 now looks like:
1321 I
The MD5 Message-Digest Algorithm, Rivest R., 1992/04/16 (21pp) (.txt=35222) (Refs 1320) (Ref'ed By 1320, 1334, 1352, 1423, 1446, 1479, 1544, 1751, 1828, 1910, 1964, 1994, 2002, 2025, 2040, 2058, 2059, 2065, 2069, 2085, 2104, 2107, 2110, 2138, 2139, 2165, 2178, 2202, 2246, 2264, 2274, 2286, 2311, 2328, 2385, 2403, 2409, 2444, 2537, 2557, 2570, 2574, 2617, 2630, 2693, 2748, 2777, 2792, 2801, 2802, 2803, 2831, 2845, 2865, 2866, 2898, 2924, 2938, 2945, 2961, 3012, 3036, 3041, 3075, 3110, 3161, 3174, 3208, 3220, 3224, 3230, 3259, 3261, 3275, 3315, 3344, 3410, 3414, 3451, 3452, 3520, 3550, 3576, 3579, 3580, 3631, 3652, 3723, 3797)

note that the RFCs mentioning md5 are more than the ones that include RFC 1321 in their references section (and/or I wasn't able to correctly recognize some references sections).

I was prompted to do this by one of the people at Crypto 2004 ... who was wondering all the possible internet RFCs that might be affect by the new hash exploits (some number of papers and talks about attacks on hash algorithms).

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Monster(ous) sig (was Re: Vintage computers are better

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Monster(ous) sig (was Re: Vintage computers are better ...
Newsgroups: alt.folklore.computers
Date: Sat, 21 Aug 2004 12:49:33 -0600

"Jack Peacock" writes:
Granted VAXes never replaced 370/168s in data centers but in terms of feature set VMS was not a small computer OS. Once VMS was converted to 64 bit and the Alpha it could hold it's own against any IBM mainframe in the same price range. Unfortunately it looks like the same design goals that made it work so well are now responsible for its demise. It's not Windows, and it's not Linux, so it's a poor stepchild for HP these days, the victim of small computer mindset.

just this past week, HP announced end-of-life for alpha ... i.e. "End of the line for HP's Alpha"
http://www.zdnet.com.au/news/hardware/0,2000061702,39156753,00.htm

VAXes and 4341s got explosive growth out of the emerging departmental and distirbuted computing environments (in several cases 4341s were sold hundreds at a time) ... VAXes and 4341s then became vulnerable (in the market segment) to higher end workstations and PCs.

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

Vintage computers are better than modern crap !

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Vintage computers are better than modern crap !
Newsgroups: alt.folklore.computers
Date: Sat, 21 Aug 2004 15:48:02 -0600

cstacy@news.dtpq.com (Christopher C. Stacy) writes:
I would take issue with the characterization that critial parts of the networking environment, required to use the system in the way it is intended, are not "part of the operating system". Moreover, there have been thousands of similar bugs fixed.

note also ... at a meta level ... if it represents an exploit on the infrastructure ... then it is part of the infrastructure system ... regardless of any other arbritrary distinctions regarding "system".

as previously mentioned ... analysis of cve descriptions earlier this year ... didn't turn up any particular structural consistency ... but in the free form descriptions ...

520 mentioned overflow
105 of the overflow also had "denial of service"
76 of the overflow also had "gain root"

original post
https://www.garlic.com/~lynn/2004e.html#43 security taxonomy and CVE

this is sample from that investigation where the descriptions actually start with the charcter string Buffer overflow (as opposed to having buffer &/or length problem be described in some other way, may be somewhat biased since we had predicted this 15-some years ago):


Buffer overflow and denial of service in
Buffer overflow in /usr/bin/cu in Solari
Buffer overflow in AIX and Solaris ""get
Buffer overflow in AIX dtterm program fo
Buffer overflow in AIX ftpd in the libc
Buffer overflow in AIX lchangelv gives r
Buffer overflow in AIX lquerylv program
Buffer overflow in AIX rcp command allow
Buffer overflow in AIX writesrv command
Buffer overflow in AIX xdat gives root a
Buffer overflow in AOL Instant Messenger
Buffer overflow in AOL Instant Messenger
Buffer overflow in AOLserver 3.0 allows
Buffer overflow in ASP Server-Side Inclu
Buffer overflow in ASP.NET Worker Proces
Buffer overflow in Accept command in Net
Buffer overflow in Analog before 4.16 al
Buffer overflow in AnalogX SimpleServer:
Buffer overflow in AnalogX SimpleServer:
Buffer overflow in AnalogX SimpleServer:
Buffer overflow in AspUpload.dll in Pers
Buffer overflow in AuthFilter ISAPI filt
Buffer overflow in AuthFilter ISAPI filt
Buffer overflow in BEA WebLogic server p
Buffer overflow in BFTelnet allows remot
Buffer overflow in BIND 8.2 via NXT reco
Buffer overflow in BNC IRC proxy allows
Buffer overflow in BNU UUCP daemon (uucp
Buffer overflow in BSD and linux lpr com
Buffer overflow in BSD line printer daem
Buffer overflow in BSD-based lpr package
Buffer overflow in BSD-based telnetd tel
Buffer overflow in Berkeley automounter
Buffer overflow in BitchX IRC client all
Buffer overflow in CDE Calendar Manager
Buffer overflow in CProxy 3.3 allows rem
Buffer overflow in CSAdmin module in Cis
Buffer overflow in CSM mail server allow
Buffer overflow in CamShot WebCam HTTP s
Buffer overflow in Canna input system al
Buffer overflow in Cisco 7xx routers thr
Buffer overflow in Cisco TACACS+ tac_plu
Buffer overflow in CiscoSecure ACS Serve
Buffer overflow in Common Desktop Enviro
Buffer overflow in CommuniGatePro via a
Buffer overflow in Compaq Management Age
Buffer overflow in CrackLib 2.5 may allo
Buffer overflow in Dalnet IRC server 4.6
Buffer overflow in Darxite 0.4 and earli
Buffer overflow in Dosemu Slang library
Buffer overflow in EFTP allows remote at
Buffer overflow in EFTP allows remote at
Buffer overflow in Elm 2.5.5 and earlier
Buffer overflow in Embedded Support Part
Buffer overflow in Eterm of Enlightenmen
Buffer overflow in Exim allows local use
Buffer overflow in Flash OCX for Macrome
Buffer overflow in FreeBSD angband allow
Buffer overflow in FreeBSD fts library r
Buffer overflow in FreeBSD libmytinfo li
Buffer overflow in FreeBSD lpd through l
Buffer overflow in FreeBSD setlocale in
Buffer overflow in FreeBSD xmindpath all
Buffer overflow in Frox transparent FTP
Buffer overflow in Fujitsu Chocoa IRC cl
Buffer overflow in FuseMAIL POP service
Buffer overflow in Getkey in the protoco
Buffer overflow in Gnomelib in SuSE Linu
Buffer overflow in GoodTech Telnet Serve
Buffer overflow in GuildFTPd Server 0.97
Buffer overflow in HP Openview Network N
Buffer overflow in HP-UX newgrp program
Buffer overflow in HPUX passwd command a
Buffer overflow in HTML parser of the Lo
Buffer overflow in HTTP Proxy for Symant
Buffer overflow in Half Life dedicated s
Buffer overflow in Hilgraeve, Inc. Hyper
Buffer overflow in HylaFAX faxgetty befo
Buffer overflow in IBM HomePagePrint 1.0
Buffer overflow in IBM Net.Data db2www C
Buffer overflow in IBM WebSphere web app
Buffer overflow in ICQ before 2001B Beta
Buffer overflow in IIS 4.0 allows remote
Buffer overflow in IMAP server in Netsca
Buffer overflow in INN 2.2.1 and earlier
Buffer overflow in INN inews program.
Buffer overflow in IPSEC authentication
Buffer overflow in IPSwitch IMail SMTP s
Buffer overflow in ISAPI extension (idq.
Buffer overflow in ISS BlackICE Defender
Buffer overflow in ITHouse mail server 1
Buffer overflow in InetServ 3.0 allows r
Buffer overflow in Infopulse Gatekeeper
Buffer overflow in Infoseek Ultraseek se
Buffer overflow in Intel InBusiness eMai
Buffer overflow in Internet Explorer 4.0
Buffer overflow in Internet Explorer 4.0
Buffer overflow in Internet Explorer 5 a
Buffer overflow in Internet Explorer 5 d
Buffer overflow in Internet Information
Buffer overflow in Internet Mail Connect
Buffer overflow in Internet Mail Service
Buffer overflow in Internet Printing ISA
Buffer overflow in IrDA driver providing
Buffer overflow in KDE Kmail allows a re
Buffer overflow in KDE kdesud on Linux a
Buffer overflow in Kerberos 4 KDC progra
Buffer overflow in Kermit communications
Buffer overflow in Korn Shell (ksh) suid
Buffer overflow in L0pht AntiSniff allow
Buffer overflow in Linux Slackware crond
Buffer overflow in Linux cdrecord allows
Buffer overflow in Linux mount and umoun
Buffer overflow in Linux splitvt 1.6.3 a
Buffer overflow in Linux splitvt command
Buffer overflow in Linux xinetd 2.1.8.9p
Buffer overflow in Lotus Domino HTTP ser
Buffer overflow in Lotus Domino Mail Ser
Buffer overflow in Lotus Notes LDAP (NLD
Buffer overflow in Lynx 2.x allows remot
Buffer overflow in MDBMS database server
Buffer overflow in MDaemon POP server al
Buffer overflow in MERCUR SMTP server 3.
Buffer overflow in Mediahouse Statistics
Buffer overflow in Mercury MTA POP3 serv
Buffer overflow in Microsoft Clip Art Ga
Buffer overflow in Microsoft FrontPage S
Buffer overflow in Microsoft Index Serve
Buffer overflow in Microsoft MSN Chat Ac
Buffer overflow in Microsoft Outlook and
Buffer overflow in Microsoft Phone Book
Buffer overflow in Microsoft Phone Diale
Buffer overflow in Microsoft Rich Text F
Buffer overflow in Microsoft Telnet clie
Buffer overflow in Microsoft Terminal Se
Buffer overflow in Microsoft Visual Stud
Buffer overflow in Microsoft Windows Med
Buffer overflow in Microsoft Windows Med
Buffer overflow in Microsoft Windows Med
Buffer overflow in Microsoft command pro
Buffer overflow in Multiple UNC Provider
Buffer overflow in NCSA HTTP daemon v1.3
Buffer overflow in NFS mountd gives root
Buffer overflow in NFS server on Linux a
Buffer overflow in NIS+, in Sun's rpc.ni
Buffer overflow in NLS (Natural Language
Buffer overflow in NetMeeting allows den
Buffer overflow in NetScreen Firewall We
Buffer overflow in Netscape Communicator
Buffer overflow in Netscape Communicator
Buffer overflow in Netscape Directory Se
Buffer overflow in Netscape Enterprise S
Buffer overflow in Netscape Enterprise S
Buffer overflow in Netsnap webcam HTTP s
Buffer overflow in Netwin WebNews CGI pr
Buffer overflow in Norton Antivirus for
Buffer overflow in Novell GroupWise 6.0.
Buffer overflow in Novell iManager (eMFr
Buffer overflow in OSF Distributed Compu
Buffer overflow in OmniHTTPd CGI program
Buffer overflow in OpenBSD ping.
Buffer overflow in OpenBSD procfs and fd
Buffer overflow in OpenLink 3.2 allows r
Buffer overflow in OpenSSH before 2.9.9,
Buffer overflow in Oracle9iAS Web Cache
Buffer overflow in OverView5 CGI program
Buffer overflow in PHP cgi program, php.
Buffer overflow in POP servers based on
Buffer overflow in PerlIS.dll in Actives
Buffer overflow in Platinum Policy Compl
Buffer overflow in Pragma Systems Telnet
Buffer overflow in Qpopper (popper) 4.0.
Buffer overflow in RSAREF2 via the encry
Buffer overflow in Real Networks RealPla
Buffer overflow in RealJukebox 2 1.0.2.3
Buffer overflow in RealNetworks RealServ
Buffer overflow in RegAPI.DLL used by Wi
Buffer overflow in Remote Access Service
Buffer overflow in Remote Access Service
Buffer overflow in SCO scohelp program a
Buffer overflow in SGI IRIX mailx progra
Buffer overflow in SLmail 3.x allows att
Buffer overflow in SMTP service of Lotus
Buffer overflow in SNMP daemon (snmpd) o
Buffer overflow in Samba smbd program vi
Buffer overflow in SeaNox Devwex allows
Buffer overflow in Sendmail before 8.12.
Buffer overflow in Serv-U FTP 2.5 allows
Buffer overflow in Serv-U FTP server whe
Buffer overflow in Simple Network Time S
Buffer overflow in Skyfull mail server v
Buffer overflow in Small HTTP Server all
Buffer overflow in SmartDesk WebSuite al
Buffer overflow in SmartMax MailMax POP3
Buffer overflow in Solaris 7 lp allows l
Buffer overflow in Solaris dtprintinfo p
Buffer overflow in Solaris fdformat comm
Buffer overflow in Solaris getopt in lib
Buffer overflow in Solaris kcms_configur
Buffer overflow in Solaris lpset program
Buffer overflow in Solaris netpr program
Buffer overflow in Solaris sadmind allow
Buffer overflow in Solaris snmpXdmid SNM
Buffer overflow in Solaris snoop allows
Buffer overflow in Solaris snoop program
Buffer overflow in Solaris x86 mkcookie
Buffer overflow in Source Code Browser P
Buffer overflow in StarOffice StarSchedu
Buffer overflow in Sun ONE / iPlanet Web
Buffer overflow in Sun's ping program ca
Buffer overflow in SunFTP build 9(1) all
Buffer overflow in SunOS/Solaris ps comm
Buffer overflow in SysVInit in Red Hat L
Buffer overflow in TNS Listener for Orac
Buffer overflow in TT_SESSION environmen
Buffer overflow in Thomas Boutell's cgic
Buffer overflow in Tinyproxy HTTP proxy
Buffer overflow in ToxSoft NextFTP clien
Buffer overflow in Trend Micro Virus Bus
Buffer overflow in Trivial HTTP (THTTPd)
Buffer overflow in TrollFTPD 1.26 and ea
Buffer overflow in Universal Plug and Pl
Buffer overflow in University of Minneso
Buffer overflow in University of Washing
Buffer overflow in University of Washing
Buffer overflow in University of Washing
Buffer overflow in UnixWare i2odialogd d
Buffer overflow in UnixWare ppptalk comm
Buffer overflow in UnixWare rtpm program
Buffer overflow in UnixWare xauto progra
Buffer overflow in VB-TSQL debugger obje
Buffer overflow in VDO Live Player allow
Buffer overflow in VMWare 1.0.1 for Linu
Buffer overflow in VMware Authorization
Buffer overflow in Van Dyke SecureCRT SS
Buffer overflow in Vixie Cron library up
Buffer overflow in Vixie Cron on Red Hat
Buffer overflow in Vixie cron 3.0.1-56 a
Buffer overflow in Voyager web administr
Buffer overflow in WFTPD FTP server allo
Buffer overflow in WS_FTP FTP Server 3.1
Buffer overflow in WU-FTPD and related F
Buffer overflow in WU-FTPD and related F
Buffer overflow in War FTP allows remote
Buffer overflow in War FTPd 1.6x allows
Buffer overflow in WebActive HTTP Server
Buffer overflow in WebBBS 1.15 allows re
Buffer overflow in WebShield SMTP 4.5.44
Buffer overflow in Webfind CGI program i
Buffer overflow in Webstar HTTP server a
Buffer overflow in WinZip 8.0 allows att
Buffer overflow in Winamp 2.64 and earli
Buffer overflow in WindowMaker (aka wmak
Buffer overflow in Windows 2000 event vi
Buffer overflow in Windows NT 4.0 help f
Buffer overflow in Windows Shell (used a
Buffer overflow in Winhlp32.exe allows r
Buffer overflow in X server (Xsco) in Op
Buffer overflow in X11 dissector in Ethe
Buffer overflow in XFree86 3.3.x allows
Buffer overflow in Xi Graphics Accelerat
Buffer overflow in Xshipwars xsw program
Buffer overflow in Xsun X server in Sola
Buffer overflow in Xsun in Solaris 8 and
Buffer overflow in Xt library of X Windo
Buffer overflow in Yamaha MidiPlug via a
Buffer overflow in ZBServer Pro allows r
Buffer overflow in a legacy ActiveX cont
Buffer overflow in a system function tha
Buffer overflow in aVirt Rover POP3 serv
Buffer overflow in arp command in Solari
Buffer overflow in bash 2.0.0, 1.4.17, a
Buffer overflow in bftp daemon (bftpd) 1
Buffer overflow in bing allows remote at
Buffer overflow in bootpd 2.4.3 and earl
Buffer overflow in calserver in SCO Open
Buffer overflow in catopen() function in
Buffer overflow in cb_reset in the Syste
Buffer overflow in cfingerd allows local
Buffer overflow in chkey in Solaris 2.5.
Buffer overflow in cmctl program in Orac
Buffer overflow in cpr for the eoe.sw.cp
Buffer overflow in curl earlier than 6.0
Buffer overflow in dc20ctrl before 0.4_1
Buffer overflow in digest command in IBM
Buffer overflow in dlvr_audit for Calder
Buffer overflow in dmplay in IRIX 6.2 an
Buffer overflow in dsh in dqs 3.2.7 in S
Buffer overflow in dtterm in HP-UX 11.0
Buffer overflow in dvtermtype in Tridia
Buffer overflow in eDonkey 2000 35.16.60
Buffer overflow in eeprom in Solaris 2.5
Buffer overflow in efingerd 1.5 and earl
Buffer overflow in enq command in IBM AI
Buffer overflow in exrecover in Solaris
Buffer overflow in fdmount on Linux syst
Buffer overflow in ffbconfig in Solaris
Buffer overflow in free internet chess s
Buffer overflow in glob function of glib
Buffer overflow in gnuplot in Linux vers
Buffer overflow in healthd for FreeBSD a
Buffer overflow in httpGets function in
Buffer overflow in hybrid-6 IRC server c
Buffer overflow in iMesh 1.02 allows rem
Buffer overflow in imwheel allows local
Buffer overflow in index.cgi administrat
Buffer overflow in innd 2.2.2 allows rem
Buffer overflow in ippRead function of C
Buffer overflow in ircII 4.4 IRC client
Buffer overflow in ja-xklock 2.7.1 and e
Buffer overflow in jaZip Zip/Jaz drive m
Buffer overflow in kdc_reply_cipher of l
Buffer overflow in krb425_conv_principal
Buffer overflow in krb_rd_req function i
Buffer overflow in krshd in Kerberos 5 a
Buffer overflow in ksu in Kerberos 5 all
Buffer overflow in libi18n library in IB
Buffer overflow in licq 1.0.4 and earlie
Buffer overflow in line printer daemon (
Buffer overflow in linuxconf 1.11r11-rh2
Buffer overflow in listmanager earlier t
Buffer overflow in listserv allows arbit
Buffer overflow in logging functions of
Buffer overflow in login in various Syst
Buffer overflow in lpstat in IRIX 6.2 an
Buffer overflow in lukemftp FTP client i
Buffer overflow in mail command in Solar
Buffer overflow in mail included with Su
Buffer overflow in mailx in Solaris 8 an
Buffer overflow in man program in various
Buffer overflow in mana in OpenServer 5.
Buffer overflow in mhshow in the Linux n
Buffer overflow in micq client 0.4.6 and
Buffer overflow in mopd (Maintenance Ope
Buffer overflow in mtr 0.46 and earlier,
Buffer overflow in mutt mail client allo
Buffer overflow in ncurses 5.0, and the
Buffer overflow in ndcfg command for Uni
Buffer overflow in newt.c of newt window
Buffer overflow in nftp FTP client versi
Buffer overflow in nnrpd program in INN
Buffer overflow in nslookupComplain func
Buffer overflow in nss_nisplus.so.1 libr
Buffer overflow in ntpd ntp daemon 4.0.9
Buffer overflow in ntping in scotty 2.1.
Buffer overflow in otrcrep in Oracle 8.0
Buffer overflow in pam_localuser PAM mod
Buffer overflow in ping in AIX 4.2 and e
Buffer overflow in piobe command in IBM
Buffer overflow in pioout command in IBM
Buffer overflow in pks PGP public key we
Buffer overflow in ppp program in FreeBS
Buffer overflow in procmail before versi
Buffer overflow in ptexec in the Sun Val
Buffer overflow in qpopper (aka qpop or
Buffer overflow in remote web administra
Buffer overflow in rpc.yppasswdd (yppass
Buffer overflow in rpc.yppasswdd allows
Buffer overflow in rwcgi60 CGI program f
Buffer overflow in sccw allows local use
Buffer overflow in search.cgi in mnoGoSe
Buffer overflow in setclock command in I
Buffer overflow in setsenv command in IB
Buffer overflow in ssh 1.2.26 client wit
Buffer overflow in sshd in OpenSSH 2.3.1
Buffer overflow in ssinc.dll in IIS 5.0
Buffer overflow in statd allows root pri
Buffer overflow in strong.exe program in
Buffer overflow in su in Tru64 Unix 5.x
Buffer overflow in sudo earlier than 1.6
Buffer overflow in suidperl (sperl), Per
Buffer overflow in syslog utility allows
Buffer overflow in tab expansion capabil
Buffer overflow in telnet daemon tgetent
Buffer overflow in telnet server in Wind
Buffer overflow in the ""Super"" utility
Buffer overflow in the ASP data transfer
Buffer overflow in the AddSuLog function
Buffer overflow in the CyberPatrol daemo
Buffer overflow in the ESMTP service of
Buffer overflow in the FTP client in the
Buffer overflow in the GUI authentication
Buffer overflow in the HTML interpreter
Buffer overflow in the HTML library used
Buffer overflow in the HTML parser for N
Buffer overflow in the HTML parsing code
Buffer overflow in the HTTP proxy server
Buffer overflow in the ISAPI DLL filter
Buffer overflow in the InterAccess telne
Buffer overflow in the LDAP component of
Buffer overflow in the Linux binary comp
Buffer overflow in the Linux mail progra
Buffer overflow in the Mail-Max SMTP ser
Buffer overflow in the NetWare remote we
Buffer overflow in the NetWin DSMTP 2.7q
Buffer overflow in the Office Web Compon
Buffer overflow in the OpenDataSource fu
Buffer overflow in the POP server POProx
Buffer overflow in the SHTML logging fun
Buffer overflow in the SMTP gateway for
Buffer overflow in the SQLXML ISAPI exte
Buffer overflow in the Still Image Servi
Buffer overflow in the System Monitor Ac
Buffer overflow in the Transact-SQL (T-S
Buffer overflow in the Web Archives comp
Buffer overflow in the Web Messaging dae
Buffer overflow in the Window.External f
Buffer overflow in the Xview library as
Buffer overflow in the automatic mail ch
Buffer overflow in the chunked encoding
Buffer overflow in the chunked encoding
Buffer overflow in the client connection
Buffer overflow in the conversion utilit
Buffer overflow in the dump utility in t
Buffer overflow in the dvwssr.dll DLL in
Buffer overflow in the huh program in th
Buffer overflow in the implementation of
Buffer overflow in the ism.dll ISAPI ext
Buffer overflow in the kcsSUNWIOsolf.so
Buffer overflow in the kdc_reply_cipher
Buffer overflow in the libauth library i
Buffer overflow in the line printer daem
Buffer overflow in the logging feature o
Buffer overflow in the man program in Li
Buffer overflow in the parsing mechanism
Buffer overflow in the pop-2d POP daemon
Buffer overflow in the preprocessor in g
Buffer overflow in the web administratio
Buffer overflow in the web archive compo
Buffer overflow in the web interface for
Buffer overflow in the web interface for
Buffer overflow in the web server for No
Buffer overflow in the wmcdplay CD playe
Buffer overflow in traffic_manager for I
Buffer overflow in transaction signature
Buffer overflow in ufsrestore in Solaris
Buffer overflow in uidadmin in Caldera O
Buffer overflow in ultimate_source funct
Buffer overflow in uuq in AIX 4 could al
Buffer overflow in various Microsoft app
Buffer overflow in various decoders in E
Buffer overflow in vchkpw/vpopmail POP a
Buffer overflow in vqSoft vqServer 1.4.4
Buffer overflow in w3-msql CGI program i
Buffer overflow in w3m 0.2.1 and earlier
Buffer overflow in wconsole.dll in Rockl
Buffer overflow in webd in Network Fligh
Buffer overflow in wmcube-gdk for WMCube
Buffer overflow in ximp40 shared library
Buffer overflow in xlib in XFree 3.3.x p
Buffer overflow in xlock program allows
Buffer overflow in xlockmore xlock progr
Buffer overflow in xmcd 2.0p12 allows lo
Buffer overflow in xpilot-server for XPi
Buffer overflow in ypbind 3.3 possibly a
Buffer overflow in ypserv in Mandrake Li
Buffer overflow of rlogin program using
Buffer overflows in (1) php_mime_split i
Buffer overflows in HP Software Distribu
Buffer overflows in Linux cdwtools 093 a
Buffer overflows in Mars NetWare Emulati
Buffer overflows in Sun libnsl allow roo
Buffer overflows in Windows NT 4.0 print
Buffer overflows in lpspooler in the fil
Buffer overflows in muxatmd in AIX 4 all
Buffer overflows in ntop running in web
Buffer overflows in wuarchive ftpd (wu-f

--
Anne & Lynn Wheeler | https://www.garlic.com/~lynn/

previous, next, index - home