More From Cambridge
A week ago, I received this strange e-mail, purportedly from Markus Kuhn, via his gmail e-mail address. It is weird, and I cannot think why he would think that, after 12 years, I would recall tiny details about my work at the Computer Laboratory.
Perhaps it is some veiled criticism of something stupid that I did, to show that I don't know anything about practical computer security. If so, then he doesn't need to tell me that. I know that I don't know anything about practical computer security! I couldn't know anything about something of which I have no evidence is even possible!
Ross Anderson, on the other hand, knows better:
At 4 minutes 6 seconds "Some markets do safety better than others." Then he goes on to cite civil aviation as one of those markets that do better. I presume he is excluding the US civil aviation market, which is (or was) principally Boeing Aircraft Corp. See Al Jazeera Investigating the Boeing 767 crash in 1999, What Is Wrong With Corporate America, The Incredible Boeing Aircraft Corporation and Al Jazeera on the FAA and Boeing Failures.
At 6 minutes 29 seconds Ross describes how some NSA guys hacked Chrysler vehicles in 2015, and could remotely control them while they were on public roads. All they needed was the car's IP address! That sort of shit is useful if you want to assassinate a cyclist on his way home over the Gog Magog one night. Or you might be able to save his life, if you knew the driver was planning something similar. Fortunately all that was necessary to fix this was a firmware reflashing, so the NSA/CIA or any partner organisations of theirs, could always revert the firmware of any vehicles they were particularly interested in having this facility. See also Shadow TCP stacks in OpenBSD and Policing the Traffic Cops
Note though, that in 2017 Ross' focus on sustainability of security was safety. Particularly of the user interfaces of things like electronic medical equipment which kill as many people worldwide as die in road accidents, according to Ross. See from 22 minutes 8 seconds:
Since he was focused on safety, I guess, he neglected to remember that in 2015, when Chrysler cars had IP addresses, they were controllable remotely, so here he said that cars are not connected to the Internet. And his comment about the uniformity of user interfaces in aviation is pretty ironic. He does say 757 and 767, not 737 MAX and 737 MAX, so that gets him off the hook, pick it! (I typed luckily, but the auto-correct knew better, apparently, and so I must've really intended to type pick it.)
That's all I have the patience to listen to of this crap. Maybe he is trying to terrorise people at CSIS, telling them "Ve haf vays of making you pork!" (because Ross speaks Deutsch, you know) but really, who gives a shit? Only pork! If you want more, read the book:
Nice to see Ross doesn't suffer from colour-blindness, like poor mad Billie Eilish and I:
Perhaps it is to tell me that I have been charged in absentia with some offence of hacking the Computer Laboratory systems, presumably by Ross Anderson and his team of hacker prosecutors. Well, what am I supposed to do about that?
Perhaps it is to tell me that despite Martyn Johnson's reported loath to change any aspect of that system which I set up thirteen years or so ago, Graham Titmus moved the principal LDAP servers over to Microsoft Active Directory servers on Windows systems? Well, there may be good reasons for doing that, if GNU LDAP has been back-doored by the FSF, or the NSA or someone, and you know MS AD hasn't! Again, what am I supposed to do about that?
Here's my response to all that, and more, and it includes a summary of my thirty-three-year-long career in practical telecommunications security engineering:
Anybody really interested in economics of security should focus on identifying progressive research programs as distinct from degenerative research programs. That is the knub of Cambridge's problem, I think. See DW on Rethinking Growth and Sustainability
Thanks for getting in touch! I was just admiring your past work here
on deploying Kerberos on Linux over a decade ago. I have one question
on that (just in case you can remember, I hear you are still interested
in security ...):
When you added lab-managed Linux machines to our Active Directory
LDAP tree, was it you who decided to create *two* separate LDAP objects
for each machine under OU=krb5ServicePrincipals, one for the Kerberos
ServicePrincipalName nfs/hostname@domain (needed by fileservers and mount)
and one for host/hostname@domain (needed by sshd)?
If yes, was there any particular reason?
I'm asking because in Active Directory, a single computer object can have
multiple ServicePrincipalNames. I would like to add more (e.g. to get Kerberos
authentication over HTTP and SQL), and therefore I want to convince
Graham to merge these objects into one, so it is then easier to add
new Kerberos service names.
Cheers,
Markus
Here is my reply:
I cannot remember that level of detail. It was around twelve years ago. Perhaps I or someone else added sshd service principals, at some later point, but I don't recall doing so, and I am not even clear about what they are. I do remember that I stopped and restarted the servers with a fresh database because I didn't trust updating live servers from LDIF files, but I can't remember why. It was partly an attempt to reduce the attack surface though.
Perhaps it is some veiled criticism of something stupid that I did, to show that I don't know anything about practical computer security. If so, then he doesn't need to tell me that. I know that I don't know anything about practical computer security! I couldn't know anything about something of which I have no evidence is even possible!
Ross Anderson, on the other hand, knows better:
Here's Ross' talk, which seems to be partly about the sustainability of in-car security systems:After I gave a talk on the sustainability of Safety, Security and Privacy at 36C3, the audience voted to select the cover art for the 3rd edition of Security Engineering: https://t.co/IGkRvBtCTc— Ross Anderson (@rossjanderson) December 29, 2019
At 4 minutes 6 seconds "Some markets do safety better than others." Then he goes on to cite civil aviation as one of those markets that do better. I presume he is excluding the US civil aviation market, which is (or was) principally Boeing Aircraft Corp. See Al Jazeera Investigating the Boeing 767 crash in 1999, What Is Wrong With Corporate America, The Incredible Boeing Aircraft Corporation and Al Jazeera on the FAA and Boeing Failures.
At 6 minutes 29 seconds Ross describes how some NSA guys hacked Chrysler vehicles in 2015, and could remotely control them while they were on public roads. All they needed was the car's IP address! That sort of shit is useful if you want to assassinate a cyclist on his way home over the Gog Magog one night. Or you might be able to save his life, if you knew the driver was planning something similar. Fortunately all that was necessary to fix this was a firmware reflashing, so the NSA/CIA or any partner organisations of theirs, could always revert the firmware of any vehicles they were particularly interested in having this facility. See also Shadow TCP stacks in OpenBSD and Policing the Traffic Cops
Note though, that in 2017 Ross' focus on sustainability of security was safety. Particularly of the user interfaces of things like electronic medical equipment which kill as many people worldwide as die in road accidents, according to Ross. See from 22 minutes 8 seconds:
Since he was focused on safety, I guess, he neglected to remember that in 2015, when Chrysler cars had IP addresses, they were controllable remotely, so here he said that cars are not connected to the Internet. And his comment about the uniformity of user interfaces in aviation is pretty ironic. He does say 757 and 767, not 737 MAX and 737 MAX, so that gets him off the hook, pick it! (I typed luckily, but the auto-correct knew better, apparently, and so I must've really intended to type pick it.)
That's all I have the patience to listen to of this crap. Maybe he is trying to terrorise people at CSIS, telling them "Ve haf vays of making you pork!" (because Ross speaks Deutsch, you know) but really, who gives a shit? Only pork! If you want more, read the book:
Here's a link to Ross' Big Green Book on Security Engineering:Here's my new Security Engineering book chapter on Signal, Tor, enclaves and blockchains. Likely to be controversial! https://t.co/PSnvpt1ivv— Ross Anderson (@rossjanderson) February 28, 2020
Perhaps it is to tell me that I have been charged in absentia with some offence of hacking the Computer Laboratory systems, presumably by Ross Anderson and his team of hacker prosecutors. Well, what am I supposed to do about that?
Perhaps it is to tell me that despite Martyn Johnson's reported loath to change any aspect of that system which I set up thirteen years or so ago, Graham Titmus moved the principal LDAP servers over to Microsoft Active Directory servers on Windows systems? Well, there may be good reasons for doing that, if GNU LDAP has been back-doored by the FSF, or the NSA or someone, and you know MS AD hasn't! Again, what am I supposed to do about that?
Here's my response to all that, and more, and it includes a summary of my thirty-three-year-long career in practical telecommunications security engineering:
Anybody really interested in economics of security should focus on identifying progressive research programs as distinct from degenerative research programs. That is the knub of Cambridge's problem, I think. See DW on Rethinking Growth and Sustainability
On 19/02/2020 20:53, Ian Grant wrote:
> I would very much appreciate an opportunity to discuss various issues
> with you and others and Cambridge in a frank, forthright and
> transparent manner.
Hi Ian,> I would very much appreciate an opportunity to discuss various issues
> with you and others and Cambridge in a frank, forthright and
> transparent manner.
Thanks for getting in touch! I was just admiring your past work here
on deploying Kerberos on Linux over a decade ago. I have one question
on that (just in case you can remember, I hear you are still interested
in security ...):
When you added lab-managed Linux machines to our Active Directory
LDAP tree, was it you who decided to create *two* separate LDAP objects
for each machine under OU=krb5ServicePrincipals, one for the Kerberos
ServicePrincipalName nfs/hostname@domain (needed by fileservers and mount)
and one for host/hostname@domain (needed by sshd)?
If yes, was there any particular reason?
I'm asking because in Active Directory, a single computer object can have
multiple ServicePrincipalNames. I would like to add more (e.g. to get Kerberos
authentication over HTTP and SQL), and therefore I want to convince
Graham to merge these objects into one, so it is then easier to add
new Kerberos service names.
Cheers,
Markus
Here is my reply:
I cannot remember that level of detail. It was around twelve years ago. Perhaps I or someone else added sshd service principals, at some later point, but I don't recall doing so, and I am not even clear about what they are. I do remember that I stopped and restarted the servers with a fresh database because I didn't trust updating live servers from LDIF files, but I can't remember why. It was partly an attempt to reduce the attack surface though.
The really clever part of that system is the macro preprocessor, which expands @@ref@@ and @ref@ and which, by removing checks for recursive calls, can, I think, be used to prototype a parser which could, I think, parse arbitrary grammars from SQL query results, and parse the languages those grammars define which can parse from SQL query results, etc. And if you add that function to the functionality in my guile-pg PostgreSQL interface for Guile scheme, then you get a very powerful distributed development environment with indefinitely extensible semantics.
And another later reply, sent the next day:
See https://logicafterthought.
Comments
Post a Comment