|
|
![]() |
Microsoft security bugs and exploits See also TBTF for 1999-08-30, 1998-02-02, 01-26, 01-19, 1997-11-17, 11-10, 10-20, 08-11, 06-23, 05-22, 05-08, more... |
The fix includes a provision for logging the IP address of any machine attempting this attack on a patched server.
The bug's discoverer, Todd Fast <tfast at eden dot com>, expresses extreme skepticism [5], [5a] that this bug, exploited by hackers unknown, could be largely responsible for Microsoft's recent service problems. At Microsoft's request he is not publicizing details of the bug's workings.
This is bug #11 on the TBTF Microsoft Exploit list [6].
[1] http://www.news.com/News/Item/0,4,11775,00.html
[2] ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40/hotfixes-postSP3/iis-fix/
[3] http://www.microsoft.com/misc/upgrademessage2.htm
[4] http://xp8.dejanews.com/getdoc.xp?recnum=8236488&server=db97p3&CONTEXT=866906925.6797&hitnum=0
[5] http://www.eden.com/~tfast/jihad.html
[5a] http://www.news.com/News/Item/0%2C4%2C11838%2C00.html
[6] http://www.tbtf.com/resource/ms-sec-exploits.html
![]() |
Using the Internet as a massively parallel computer See also TBTF for 2000-03-31, 1999-08-30, 07-19, 01-26, 1998-03-02, 1997-10-27, 09-08, 09-01, 06-23, 01-29, 1996-12-02 |
The secret message read:
The group got lucky: they found the secret key after checking not quite 25% of the 72 quadrillion possible keys.
Here are four graphs [11] that give a good idea of the scope of the effort. This graph generator [12] lets you explore the space of challenge participants. I discovered that MIT, with several hundred hosts participating, was consistently in the top 10 most productive domains in numbers of keys checked -- until the last four days of the challenge, when a new port of the key-ckecking code for the 64-bit UltraSPARC catapulted Sun's contribution to the top of the list.
The day before the crack succeeded, Senators John McCain and Bob Kerrey introduced legislation (see story below) that would codify the current 56-bit limit on exportable crypto products (besides its main purpose of mandating government access to private keys). DESCHALL has demonstrated unambiguously that 56 bits is no longer enough.
[7] http://www.frii.com/~rcv/deschall.htm
[8] http://www.frii.com/~rcv/despr4.txt
[9] http://www.rsa.com/rsalabs/97challenge/
[10] ftp://ftp.ox.ac.uk/pub/math/rsa129/rsa129.ps.gz
[11] http://www.cis.ohio-state.edu/~dolske/des97/deschall.html
[12] http://www.cis.ohio-state.edu/~dolske/des97/graph.html
![]() |
Cryptography export policy See also TBTF for 2000-02-06, 1999-10-05, 08-30, 08-23, 08-16, 07-26, 05-22, 05-08, 04-21, 03-01, 01-26, more... |
Declan McCullagh writes, "In the end, it was child pornography that derailed encryption legislation in the U.S. Senate and dealt a bitter defeat to crypto supporters." McCain played the kiddie-porn card and Burns's outgunned supporters could only splutter.
McCain-Kerrey mandates key recovery for any computer network that receives even partial funding from the government -- this certainly includes university networks -- despite the conclusion of 11 noted cryptographers [16] that key recovery on this scale would be unworkable and would lessen security. S.909 criminalizes certain uses of cryptography for the first time. The bill states that law enforcement would need only a subpoena to access private keys; existing federal regulations require a court order. And it links digital certificates to key recovery and grants government the authority to license digital certificates.
Unless S.909 is diverted to another committee it will be scheduled for a full Senate vote. If it passes it may run headfirst into the SAFE bill [17] proceeding through the House, whose intent is diametrically opposed to that of McCain-Kerrey. No-one can guess what might emerge from a conference committee, but I can guarantee you it would not be pretty. President Clinton has threatened to veto any bill with provisions like those of SAFE that reaches his desk.
Coverage of S.909 in the mainstream press has been nonexistent. Online media reporting the story have frequently gotten parts of it wrong. Don't embrace the conclusions of any piece that names Sen. John Kerry of Massachusetts as the bill's co-sponsor. The actual co-sponsor is Sen. Bob Kerrey of Nebraska. (Kerry does sit on the Commerce Committee and in fact voted for S.909.)
For past coverage of the debate over cryptography export policy, see TBTF Threads [18].
[13] http://pathfinder.com/netly/editorial/0,1012,931,00.html
[14] http://www.cdt.org/crypto/legis_105/mccain_kerrey/
[15] http://www.ne0ws.com/News/Item/0,4,11693,00.html
[16] http://www.crypto.com/key_study/report.shtml
[17] http://www.cdt.org/crypto/legis_105/SAFE/
[18] http://www.tbtf.com/threads.html#Tcep
![]() |
Businesses based on domain names See also TBTF for 2000-07-20, 04-19, 1999-12-16, 08-30, 07-08, 02-01, 1998-08-10, 04-20, 02-23, 02-09, 1997-12-08, more... |
Unlike Norfolk Island, the first independent top-level domain to offer services in competition with NSI (see TBTF for 1996-07-14 [22]), Tonga charges the same rates as the monopoly name grantor: $100 for two years and $50 per year thereafter. (Norfolk charges $250 to $1000 for .nf names.) And their signup form [20] is far friendlier than NSI's infamously Byzantine procedure. You get instant gratification. Once you click "Register," your credit card is debited and your domain name goes into effect. With NSI the wait for a new name to become active can stretch anywhere from weeks to months.
Better still, Tonic uses a two-level password scheme so you can edit your contact or billing information at any time and your ISP can edit the technical portion of the name-mapping form. It's rather like the "valet key" supplied with some makes of cars that unlocks the ignition but not the trunk or the glove compartment. No real-time forms when you deal with NSI -- you submit an email request and wait and hope.
The Tonga story was first published by nando.net [23]; I heard about it on Glen Macready's <glen at substance dot abuse dot blackdown dot org> 0xdeadbeef mailing list. You can learn more about Tonga at this deliciously retro site [24], featuring links such as "So what's happening on our little island!" For more on domain naming and its discontents visit TBTF Threads [25].
[19] http://www.tbtf.com/resource/tonga.jpg
[20] http://www.tonic.to/
[21] http://infolawalert.com/stories/051796b.html
[22] http://www.tbtf.com/archive/1996-07-14.html#Tdnp
[23] http://www.techserver.com/newsroom/ntn/info/061397/info19_1450.html
[24] http://www.tongatapu.net.to/
[25] http://www.tbtf.com/threads.html#Tdnp
I'll admit to a continuing fascination with the technologies of electronic cash and anonymous trust; and in that spirit I volunteered TBTF to beta test Digital's Millicent payment system [27] this summer.
Subscribers, please send me a note with your reactions to the idea that parts of the TBTF site might one day be available on a "pay-per" basis. Would you pay a nickel for the convenience of reading TBTF on the Web where the links are live? A penny? A tenth of a cent? Would you just read the email and grumble? Or would you flame me and unsubscribe in disgust? (Note that the beta test will almost certainly be conducted using scrip of no value.)
I'll publish your collected remarks in a future Tasty Bit of the Day. Let me know if you prefer anonymity.
[26] http://www.tbtf.com/archive/1997-05-22.html
[27] http://millicent.digital.com/
[28] http://www.theobvious.com/
[29] http://www.usefulcool.com/
Cryptography -- mail majordomo@c2.net without subject and with message:
subscribe cryptography [ your@email.address ] .
0xdeadbeef -- mail 0xdeadbeef-request@substance.abuse.blackdown.org
without subject and with message: subscribe .
Red Rock Eater News Service -- mail rre-request@weber.ucsd.edu
without subject and with message: subscribe . Archive at
<http://communication.ucsd.edu/pagre/archive_help.html>
(email-based). Web home at
<http://communication.ucsd.edu/pagre/rre.html>.
TBTF home and archive at <http://www.tbtf.com/>. To subscribe send the message "subscribe" to tbtf-request@world.std.com. TBTF is Copyright 1994-1997 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com- mercial use prohibited. For non-commercial purposes please forward, post, and link as you see fit. _______________________________________________ Keith Dawson dawson dot tbtf at gmail dot com Layer of ash separates morning and evening milk.
TBTF HOME |
CURRENT ISSUE |
TBTF LOG |
TABLE OF CONTENTS |
TBTF THREADS |
SEARCH TBTF |