May 26, 2004

Turing Lecture by Adi Shamir

The eponymous inventors of RSA, Drs Rivest, Shamir, and Adleman, were awarded the Turing Award for 2002 [1]. For those who don't know, the Turing Award, named after Alan Turing (the inventor of the modern computer architecture, and also the inventor of the Turing Test), is the premier prize in the computing world. It's a bit like a Nobel for software, but software was invented after dynamite.

In the three-way Turing Lectures, Professors Adleman and Rivest talked about the early days of RSA, and it was left to Professor Adi Shamir to present "A Status Report [2]" as his contribution. Three (quick) slides that leaped out, see below.

What is Prof Shamir trying to say? To me, he is confiming that the current cycle of revisionism in cryptography and software engineering is now acceptable mainstream thinking, if not complete. It is now accepted that Internet security modelling in the 90s was flawed, based on a poor understanding of the role of risk in cryptography systems.

The goal of practical cryptography is to improve the security, at a cost that is less than the benefit gained. Don't try and solve it, because you can't. As Prof. Shamir says, "absolutely secure systems do not exist.

Slide 7


Cryptographic misconceptions

  • By policy makers: crypto is dangerous, but: - weak crypto is not a solution - controls can't stop the inevitable

  • By researchers: A provably secure system is secure, but:
    - proven false by indirect attacks
    - can be based on false assumptions
    - requires careful choice of parameters

  • By implementers: Cryptography solves everything, but:
    - only basic ideas are successfully deployed
    - only simple attacks are avoided
    - bad crypto can provide a false sense of security

Slide 8


The three laws of security:

  • Absolutely secure systems do not exist
  • To halve your vulnerability, you have to double your expenditure
  • Cryptography is typically bypassed, not penetrated

Slide 16


Cryptographic predictions:

  • AES will remain secure for the forseeable future
  • Some PK schemes and key sizes will be successfully attacked in the next few years
  • Crypto will be invisibly everywhere
  • Vulnerabilities will be visibly everywhere
  • Crypto research will remain vigorous, but only its simplest ideas will become practically useful
  • Non-crypto security will remain a mess

[1] 2002 A.M. Turning Award Winners, for seminal contributions to the theory and practical applications of Public Key Cryptography, Dr. Leonard M. Adleman, Dr. Ronald L. Rivest, Dr. Adi Shamir,
http://www.acm.org/awards/turing_citations/rivest-shamir-adleman.html?code=nlsec121
[2] Dr. Adi Shamir, "Turing Lecture on Cryptology: A Status Report,"
http://www.acm.org/awards/turing_lectures_project/turing/S/s-pp/shamir_1files.html

Posted by iang at 03:30 AM | Comments (4) | TrackBack

May 25, 2004

Identity Theft - the American Disease

Identity theft is a uniquely American problem. It reflects the massive - in comparison to other countries - use of data and credit to manage Americans' lives. Other countries would do well to follow the experiences, as "what happens there, comes here." Here are two articles on the modus operandi of the identity thief [1], and the positive side of massive data collection [2].

First up, the identity thief [1]. He's not an individual, he's a gang, or more like a farm. Your identity is simply a crop to process. Surprisingly, it appears that garbage collected from the streets (Americans call it trash) is still the seed material. Further, the database nation's targetting characteristics work for the thief as he doesn't need to "qualify" the victim any. If you receive lots of wonderful finance deals, he wants your business too.

Once sufficient information is collected (bounties paid per paper) it becomes a process of using PCs and innocent address authorities to weezle ones way into the prime spot. For example, your mail is redirected to the farm, the right mails are extracted, and your proper mail is conveniently re-delivered - the classic MITM. We all know paper identity is worthless for real security, but it is still surprising to see how easily we can be brought in to harvest.

[Addendum: Lynn Wheeler reports that a new study by Professor Judith Collins of Michigan State University reveals up to 70% of identity theft starts with employee insider theft [1.b]. This study, as reported by MSNBC, directly challenges the above article.]


Next up, a surprisingly thoughtful article on how data collection delivers real value - cost savings - to the American society [2]. The surprise is in the author, Declan McCullagh, who had previously been thought to be a bit of a Barbie for his sallacious use of gossip in the paparazzi tech press. The content is good but very long.

The real use of information is to make informed choices - not offer the wrong thing. Historically, this evolved as networks of traders that shared information. To counteract fraud that arose, traders kept blacklists and excluded no-gooders. A dealer exposed as misusing his position of power stood to lose a lot, as Adam Smith argued, far more indeed than the gain on any one transaction [3].

In the large, merchants with businesses exposed to public scrutiny, or to American-style suits, can be trusted to deal fairly. Indeed, McCullagh claims, the US websites are delivering approximately the same results in privacy protection as those in Europe. Free market wins again over centralised regulations.

Yet there is one area where things are going to pot. The company known as the US government, a sprawling, complex interlinking of huge numbers of databases, is above any consumer scrutiny and thus pressure for fair dealings. Indeed, we've known for some years that the policing agencies did an endrun around Congress' prohibition on databases by outsourcing to the private sector. The FBI's new purchase of your data from Checkpoint is "so secret that even the contract number may not be disclosed." This routine dishonesty and disrespect doesn't even raise an eyebrow anymore.


Where do we go from here? As suggested, the challenge is to enjoy the benefits of massive data conglomeration without losing the benefit of privacy and freedom. It'll be tough - the technological solutions to identity frauds at all levels from financial cryptographers have not succeeded in gaining traction, probably because they are so asymmetric, and deployment is so complicated as to rule out easy wins. Even the fairly mild SSL systems the net community put in place in the '90s have been rampantly bypassed by phishing-based identity attacks, not leaving us with much hope that financial cryptographers will ever succeed in privacy protection [4].

What is perhaps surprising is that we have in recent years redesigned our strong privacy systems to add optional identity tokens - for highly regulated markets such as securities trading [5]. The designs haven't been tested in the full, but it does seem as though it is possible to build systems that are both identity strong and privacy strong. In fact, the result seems to be stronger than either approach alone.

But it remains clear that deployment against an uninterested public is a hard issue. Every company selling privacy to my knowledge has failed. Don't hold your breath, or your faith, and keep an eye on how this so-far American disease spreads to other countries.

[1] Mike Lee & Brian Hitchen, "Identity Theft - The Real Cause,"
http://www.ebcvg.com/articles.php?id=217
[1.b] Bob Sullivan, "Study: ID theft usually an inside job,"
http://www.msnbc.msn.com/id/5015565
[2] Declan McCullagh, 'The upside of "zero privacy,"'
http://www.reason.com/0406/fe.dm.database.shtml
[3] Adam Smith, "Lecture on the Influence of Commerce on Manners," 1766.
[4] I write about the embarrassment known as secure browsing here:
http://iang.org/ssl/
[5] The methods for this are ... not publishable just yet, embarrassingly.

Posted by iang at 08:34 AM | Comments (6) | TrackBack

May 24, 2004

The Myth of Systemic Risk

At a St. Louis Banking Conference, Professor George Kaufman presented a thesis of his that "systemic risk" is a myth [1]. It goes like this: Systemic Risk is that risk of contagion, whereby a failure causes a domino-like collapse of large segments of the system. Professor Kaufman makes the claim that an institution that is financially sick should fail, and that isn't a case of systemic risk. Those that are financially healthy should not fail, and if they do, it could be systemic risk.

He then goes on to challenge his listeners to find an example of an economically solvent bank that was brought down by a run, anywhere in the world. So far, no joy - he's not been presented with any such cases, although like myself and the MITM, he holds out hope.

Which leaves us rethinking the S&L scandal, the Asian crisis, and sundry other squillion dollar collapses (in another paper, he presents just how devastating these collapses are [2]). If all those countries in Asia back in the late 90s were insolvent, or at least financially unsound, then he asserts that they shouldn't have been propped up. When the Asian dominos wobbled and fell, that was an example of proper bankrupcy procedures, albeit at a national level, rather than systemic risk.

What are the consequences of this? One of the underlying justifications for central banking was that they could protect the system from systemic risk. That crutch is now removed from the Central Banks and their role as centralised regulators. Other crutches such as monopoly issuance of money, and the myth of "banking is special" have been under stress for many a year.

To some extent this has already been predicted; it's been clear for some time that the 20th century was the Golden Age of Central Banks and now everyone is posturing for, or at least fearing, a gradual waning of their influence and place in financial society.

On a more personal note, when we built Ricardo and our real time gross settlement system of trading, we used to say that we'd eliminated sources of systemic risk. Maybe we should back off from that and just claim the elimination of other classes of risk, and a reliance on the supreme savings of cheap RTGS trades (one or two orders of magnitude, but who's counting?). Or maybe not; is there a contradiction in claiming the elimination of something that doesn't exist?

[1] Professor George Kaufman, "The Myth of Systemic Risk," remarks presented at the St Louis Banking Conference,
http://www.fed-soc.org/Publications/practicegroupnewsletters/financialservices/myth-finv3i3.htm
[2] Professor George Kaufman, "Banking and currency crises and systemic risk: Lessons from recent events," Federal Reserve Bank of Chicago,
http://www1.worldbank.org/economicpolicy/managing volatility/contagion/documents/3qep2.pdf

Posted by iang at 04:22 PM | Comments (3) | TrackBack

May 23, 2004

Paypal moves further away from money

Paypal have announced their new list of "unacceptable goods" as covered by Wired [1]. It includes such odd things as human body parts, event tickets, batteries, food, medical equipment, malls, copies of software, ...

The list is 64 items long and an amazing read [2]. I'd hazard a guess that if anyone complained about some item, on the list it goes! Wired comments that postcards portraying topless subjects are permitted, as is food in the shape of genitalia, yet any other adult content must only be transacted on eBay. How long will it be before the "Mothers against evil uses of fruit" put a stop to that?

Pretty soon, the only thing left will be Paypal subscription fees.

The observation has been made (by Paypal themselves to industry conferences) that Paypal is best understood as a lower segment credit card facility for merchants. They permit small merchants to take payments. Paypal's heritage as a Palm Pilot person-to-person money is long forgotten, and now it seems that they have moved even closer to conservative values when it comes to deciding what's right and what's wrong for you to buy from approved merchants.

Luckily, over in the DGC community, there appears to be an alternate. Instead of focusing on the common carrier principle, and banning certain uses of the product, the gold issuers have adopted a customer rejection approach. Partly because of their historical background as privacy supporters, and partly due to free market leanings, the principle is that any Issuer retains the right to discharge a person's account, for any reason whatever.

I.e., the Issuer of a gold currency does not offer the service to just anyone, and you don't have your normal consumer right of equal service. This seems to have resulted in some quite fierce closures of accounts, but it also seems to have preserved the currencies as, well, currency.

[1] "PayPal Tightens Transaction Reins," By Christopher Null
http://www.wired.com/news/print/0,1294,58208,00.html
[2] "PayPal Acceptable Use Policy,"
http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/use/index_frame-outside

Posted by iang at 06:57 AM | Comments (5) | TrackBack

May 22, 2004

Peter Coffee on how to lose a security debate

Over on eWeek.com, an Internet Magazine, a blog entry of mine seems to have hit home [1], and caused a response. Peter Coffee has written an article, "Report Takes Software Processes to Task [2]," that starts with "I feel as if I could get an entire year's worth of columns, or perhaps even build my next career, out of the material in a Task Force Report[3]..." Promising stuff !

He then goes on to draw a couple of reasonable points from the report (how unprofessional security professionals are..., how security is multi-disciplinary...[4]) and then ruins his promising start by launching an ad hominem attack. Read it, it is mind bogglingly silly.

I won't respond, other than to point out that real security professionals do not do the ad hominem ("against the man") as it distracts from the real debate of security. As he rightly intimated, security is substantially complex. As he apparently missed, this makes security very vulnerable to the sort of $50 million pork barrel projects that look good in a report, but miss the point of the complexity. And, Mr Coffee definitely missed that doing the ad hominem thing signalled that someone was upset at their pork being spiked. Sorry about that!

Comments of any form are welcome, although I admit to being surprised at this one. Especially, if Mr Coffee would like to take up his claim to spend a year reading and benefitting from the report, I'll respond on the security aspects he raises.

[1] Ian Grigg, "cybersecurity FUD," 05th April, 2004,
http://www.financialcryptography.com/mt/archives/000107.html
[2] Peter Coffee, "Report Takes Software Processes to Task," 22nd April, 2004,
http://www.eweek.com/article2/0,1759,1571967,00.asp
[3] National Cyber Security Partnership, "Security Across the Software Development Life Cycle,"
http://www.cyberpartnership.org/SDLCFULL.pdf
[4] Ian Grigg, "Financial Cryptography in 7 Layers," 4th Financial Cryptography Conference, 2000,
http://iang.org/papers/fc7.html

Posted by iang at 10:11 AM | Comments (3) | TrackBack

May 21, 2004

FC05 - Dominica - March 2005

FC'05 is announced with a new title "Financial Cryptography and Data Security." Vital statistics are 28th Feb to 3rd March, 2005, in Roseau, Dominica, East Caribbean, and submissions in the Call for Papers are due by 10th September, 2004.

-------- Original Message --------
Subject: [fc-announce] CFP: FC'05 - Financial Cryptography and Data Security
Date: Tue, 18 May 2004 16:59:41 -0400
From: Stuart Schechter <stuart@eecs.harvard.edu>
Organization: Harvard University
To: <fc-announce@ifca.ai>

FC'05
Financial Cryptography and Data Security
http://www.ifca.ai/fc05/

CALL FOR PAPERS

Ninth International Conference
February 28-March 3, 2005
Roseau, The Commonwealth Of Dominica

Submissions Due Date: September 10, 2004

Financial Cryptography and Data Security (FC'05) is the premier international forum for research, advanced development, education, exploration, and debate regarding security in the context of finance and commerce. We have augmented our conference title and expanded our scope to cover all aspects of securing transactions and systems. These aspects include a range of technical areas such as: cryptography, payment systems, secure transaction architectures, software systems and tools, user and operator interfaces, fraud prevention, payment systems, secure IT infrastructure, and analysis methodologies. Our focus will also encompass legal, financial, business and policy aspects. Material both on theoretical (fundamental) aspects of securing systems and on secure applications and real-world deployments will be considered.

The conference goal is to bring together top cryptographers, data-security specialists, and scientists with economists, bankers, implementers, and policy makers. Intimate and colorful by tradition, the FC'05 program will feature invited talks, academic presentations, technical demonstrations, and panel discussions. This conference is organized annually by the International Financial Cryptography Association (IFCA).

Original papers and presentations on all aspects of financial and commerce security are invited. Submissions must have a visible bearing on financial and commerce security issues, but can be interdisciplinary in nature and need not be exclusively concerned with cryptography or security. Possible topics for submission to the various sessions include, but are not limited to:

* Anonymity and Privacy
* Auctions
* Audit and Auditability
* Authentication and Identification, including Biometrics
* Certification and Authorization
* Commercial Cryptographic Applications
* Commercial Transactions and Contracts
* Digital Cash and Payment Systems
* Digital Incentive and Loyalty Systems
* Digital Rights Management
* Financial Regulation and Reporting
* Fraud Detection
* Game Theoretic Approaches to Security
* Infrastructure Design
* Legal and Regulatory Issues
* Microfinance and Micropayments
* Monitoring, Management and Operations
* Reputation Systems
* RFID-Based and Contactless Payment Systems
* Risk Assessment and Management
* Secure Banking
* Secure Financial Web Services
* Securing Emerging Computational Paradigms
* Security and Risk Perceptions and Judgments
* Security Economics
* Smart Cards and Secure Tokens
* Trust Management
* Trustability and Trustworthiness
* Underground-Market Economics
* Usability and Acceptance of Security Systems
* User and Operator Interfaces


SUBMISSION INSTRUCTIONS
=======================

FC'05 is inviting submissions in three categories:

(1) research papers,
(2) systems and applications presentations,
(3) panel sessions.

For all accepted submissions, at least one author must attend the conference and present the work.

Research Papers
===============
Research papers should describe novel scientific contributions to the field, and they will be subject to vigorous peer review. Papers can be a maximum of 15 pages in length (including references and appendices), and accepted submissions will be published in full in the conference proceedings. Submission of previously published material and simultaneous submission of papers to other conferences or workshops with proceedings is not permitted. Authors of research papers found to be doubly submitted risk having all their submissions withdrawn from consideration as well as other appropriate sanctions.

Systems and Application Presentations
=====================================
Submissions in this category should describe novel or successful systems with an emphasis on secure digital commerce applications. Presentations may concern commercial systems, academic prototypes, or open-source projects for any of the topics listed above. Where appropriate, software or hardware demonstrations are encouraged as part of the presentations in these sessions. Contributions must reflect careful thought and effort and provide valuable, up-to-date experience that is relevant to practitioners in the fields of financial cryptography and data security. Submissions in this category should consist of a short summary of the work (1-6 pages in length) to be reviewed by the Program Committee, along with a short biography of the presenters. Accepted submissions will be presented at the conference (25 minutes per presentation), and a one-page abstract will be published in the conference proceedings.

Panel Sessions
==============
Proposals for panel sessions are also solicited, and should include a brief description of the panel as well as prospective participants. Panel proposals should be submitted via e-mail, in plain ASCII format, to the Program Chairs. Accepted panel sessions will be presented at the conference, and each participant will contribute a one-page abstract to be published in the conference proceedings.

The Rump Session
================
FC'05 will also include the popular "rump session" held on one of the evenings in an informal, social atmosphere. The rump session is a program of short (5-7 minute), informal presentations on works in progress, off-the-cuff ideas, and any other matters pertinent to the conference. Any conference attendee is welcome to submit a presentation to the Rump Session Chair (to be announced). This submission should consist of a talk title, the name of the presenter, and, if desired, a very brief abstract. Submissions may be sent via e-mail, or submitted in person through the Monday of the conference.

Preparation Instructions
========================
Submissions to the research papers and systems/application presentation categories must be received by the due date. Papers must be formatted in standard PostScript, PDF format, or MS Word. Submissions in other formats will be rejected. All papers must be submitted electronically according to the instructions and forms found on this web site. (Specific instructions for electronic submissions will be published in the near future.)

Author names and affiliations on submissions must be explicit. In other words, submitted papers should not be anonymized. Submissions must include on the first page the title of the paper, the names and affiliations of all authors, a brief abstract, and a list of topical keywords. Accepted submissions will be included in the conference proceedings to be published in the Springer-Verlag Lecture Notes in Computer Science (LNCS) series after the conference, so the submissions must be formatted in the standard LNCS format. Authors of accepted submissions will be required to complete and sign an IFCA copyright form. A pre-proceedings volume containing preliminary versions of the papers will be distributed at the conference.

Questions about all conference submissions should be directed to the Program Chairs.

IMPORTANT DATES
===============

Submission Deadline: September 10, 2004
Author Notification: November 1, 2004
Pre-Proceedings Version Due: TBA
Conference: February 28 - March 3, 2005
Final Proceedings Version Due: TBA

CONFERENCE ORGANIZERS
=====================

Conference Website: http://www.ifca.ai/fc05/

General Chair:

Stuart Schechter, stuart@eecs.harvard.edu

Program Chairs:

Andrew Patrick, Andrew.Patrick@nrc-cnrc.gc.ca

Moti Yung, moti@cs.columbia.edu

Program Committee: TBA

_______________________________________________
fc-announce mailing list
fc-announce@ifca.ai
http://mail.ifca.ai/mailman/listinfo/fc-announce

Posted by iang at 12:49 PM | Comments (0) | TrackBack

May 20, 2004

Mutual Funds - Timestamping

In a rare arisal of a useful use of cryptography in real life, the mutual funds industry is looking to digital timestamping to save its bacon [1]. Timestamping is one of those oh-so-simple applications of cryptography that most observers dismiss for its triviality.

Timestamping is simply where an institution offers to construct a hash or message digest over your document and the current time. By this, evidence is created that your document was seen at that time. There are a few details as to how to show that the time in ones receipt is the right one, but this is trivial (meaning we know how to do it, not that it is cheap to code up..) by interlinking a timestamp with the preceeding and following ones. So without even relying on the integrity of the institution, we can make strong statements such as "after this other one and before this next one."

The SEC is proposing rule changes to make the 4pm deadline more serious and proposes USPS timestamping as one way to manage this [2]. There are several things wrong with the USPS and SEC going into this venture. But there are several things right with timestamping in general, to balance this. On the whole, given the complicated panopoly of strategic issues outlined earlier, timestamping could be a useful addition to the mutual funds situation [3].

First what's wrong: timestamping doesn't need to be regulated or charged for, as it could easily be offered as a loss leader by any institution. A server can run a timestamping service and do 100,000 documents a day without noticing. If there is any feeling that a service might not be reliable, use two! And, handing this commercial service over to the USPS makes no regulatory sense in a competitive market, especially when there are many others out there already [4].

Further, timestamping is just a small technical solution. It shouldn't need to be regulated at all, as it should be treated in any forum as evidence. Either the mutual fund accepts orders with timestamps, or it doesn't. If it doesn't, then it is taking a risk of being gamed, and not having anything to cover it. An action will now be possible against it. If it does only accept timestamped orders, then it's covered. Timestamping is better seen as "best practices" not as Regulation XXX.

Especially, there are better ways of doing it. A proper RTGS transactional system has better protections built in of its nature than timestamping can ever provide, and in fact a regulation requiring timestamping will interfere with the implementation of proper solutions (see for example the NSCC solution in [1]). It will become just another useless reg that has to be complied with, at cost to all and no benefit to anyone.

Further, it should be appreciated that timestamping does not "solve the problem" (but neither does the NSCC option). What it allows for is evidence that orders were received by a certain time. As explained elsewhere, putting a late order in is simply one way of gaming the fund [5]. There are plenty of other ways.

Coming back to where we are now, though, timestamping will allow the many small pension traders to identify when they got their order in. One existing gaping loophole is that small operators are manual processors and can take a long time about what they do. Hence 4pm was something that could occur the next day, as agreed by the SEC! With timestamping, 4pm could still be permitted to occur tomorrow, as long as the pension trader has timestamped some key piece of info that signals the intent.

For this reason, timestamping helps, and it won't hinder if chosen. The SEC is to be applauded for pushing this forward with a white paper. Just as long as they hold short of regulation, and encourage mutual funds to adopt this on an open, flexible basis as we really don't want to slow down the real solutions, later on.

[1] U.S. Postal Service Wants to Deliver Fairness to Mutual Funds
http://www.wbex.com/script/headline_newsmanager.php?id=294597&pagecontent=business&feed_id=43
[2] White Paper on Mutual Fund Reform and the USPS Electronic Postmark®
http://www.sec.gov/rules/proposed/s72703/uspostal020204.htm
[3] Mutual Funds - the Softball Option
http://www.financialcryptography.com/mt/archives/000140.html
[4] E.g., DigiStamp, http://www.digistamp.com/
[5] Nesfield and Grigg, "Mutual Funds and Financial Flaws," testimony before U.S. Senate Finance Committee, 27th January 2004.
http://iang.org/papers/mutual_funds.html

Posted by iang at 04:53 AM | Comments (2) | TrackBack

Mutual Funds - the Softball Option

Reading the slew of articles in our favourite humungous financial scandal, it seems that the SEC is going for the softball option. (Recaps here [1], [2].) Congress is backing off from legislation, and the SEC's proposals - quick redemptions attract a fee, more independent boards, etc - are being treated with a yawn by some and a grumble by others [3], [4]. Indeed, the recent Fortune article (sorry, no URL) suggests that the techniques behind the scandal were discussed in a book as early as 1992 [5].

What to make of all this? First we saw the excitement of AG Elliot Spitzer's billion dollar assault on the fund managers, and now we see the regulators lack lustre response - almost as if they didn't want to do it [6].

Jim Nesfield's comment adds light [4]:

' While most analysts like the SEC's plan against late-trading, James Nesfield, a key informant in the scandal involving disgraced hedge fund Canary Capital Partners, says it fails to address structural problems in the industry. '


' "My answer to you is that they [SEC officials] are doing everything they possibly can with what they have," said Nesfield, ... [The] systems, Nesfield says, remain vulnerable to manipulation by unscrupulous traders. And none of the regulations implemented so far directly address the problem. "They need to address the way trades are processed and settled ... As long as there's a human being that can slip an order in a batch after 4 p.m., you could have late trading." '

Which is where we are: The SEC (and Congress, and the NASD, and ...) are faced with several choices. 1. create raft of legislation to "solve the problem;" 2. fix the structural problems at source. 3. wait for someone to fix them. 4. do nothing.

The issue here may be that the cost of Sarbanes-Oxley / Basle II has woken people up to the lack of success of heavy weight regulatory options [7]. Even the regulators must have wondered when the run of scandals was going to end, and wasn't the last cleanup supposed to do it?

So, 1. is out of favour - no big regulatory package this time. 2. seems obvious. If we can identify the flaws, why not fix them? Structural problems abound, and we know where they are. Further, in these pages we know all about them because we've solved them already. And in that very solution lies the trap.

The SEC cannot fix the structural problems if it is a commercial responsibility. The mere fact that this could be a purchased solution from a solution provider means that the SEC is somewhat constrained by non-interventionist policies.

Which leaves 3., waiting for someone to fix them. Which is uncommonly like 4., do nothing. Hence the desire to slap on a few bandaids and hope that we (industrially, collectively) get our transactional act together.

[1] Nesfield and Grigg, "Mutual Funds and Financial Flaws," testimony before U.S. Senate Finance Committee, 27th January 2004. http://iang.org/papers/mutual_funds.html
[2] "Governance or Regulation - You Pick?"
http://www.financialcryptography.com/mt/archives/000027.html
[3] "Jury's out on mutual fund reform,"
http://www.tdn.com/articles/2004/05/12/biz/news03.txt
[4] "SEC fund reform: Is it stalling?"
http://www.baltimoresun.com/business/bal-bz.reform11may11,0,459903.story?coll=bal-business-headlines
[5] The New Market Wizards, 1992,
in one chapter profiles the "Gil Blakes" strategy.
[6] "Mutual funds face minimal scrutiny,"
http://www.sunherald.com/mld/sunherald/business/8678286.htm
[7] "Sarbanes assails bid to dilute reforms,"
http://www.baltimoresun.com/business/investing/bal-bz.sarbanes14may14,0,1090342.story?coll=bal-investing-headlines

Posted by iang at 03:37 AM | Comments (0) | TrackBack

May 18, 2004

EU seeks quantum cryptography response to Echelon

MAY 17, 2004 (IDG NEWS SERVICE) - The European Union plans to invest $13 million during the next four years to develop a secure communication system based on quantum cryptography, using physical laws governing the universe on the smallest scale to create and distribute unbreakable encryption keys, project coordinators said today.

The goal is to create unbreakable encryption keys
News Story by Philip Willan

If successful, the project will produce the cryptographer's Holy Grail -- absolutely unbreakable code -- and thwart the eavesdropping efforts of espionage systems such as Echelon, which intercepts electronic messages on behalf of the intelligence services of the U.S., Britain, Canada, New Zealand and Australia.

"The aim is to produce a communication system that cannot be intercepted by anyone, and that includes Echelon," said Sergio Cova, a professor from the electronics department of Milan Polytechnic and one of the project's coordinators. "We are talking about a system that requires significant technological innovations. We have to prove that it is workable, which is not the case at the moment."

Major improvements in geographic range and speed of data transmission will be required before the system becomes a commercial reality, Cova said.

"The report of the European Parliament on Echelon recommends using quantum cryptography as a solution to electronic eavesdropping. This is an effort to cope with Echelon," said Christian Monyk, the director of quantum technologies at Austrian company ARC Seibersdorf Research GmbH and overall coordinator of the project. Economic espionage has caused serious harm to European companies in the past, Monyk noted.

"With this project, we will be making an essential contribution to the economic independence of Europe," he said.

Quantum cryptography takes advantage of the physical properties of light particles, known as photons, to create and transmit binary messages. The angle of vibration of a photon as it travels through space -- its polarization -- can be used to represent a zero or a one under a system first devised by scientists Charles H. Bennett and Gilles Brassard in 1984. It has the advantage that any attempt to intercept the photons is liable to interfere with their polarization and can therefore be detected by those operating the system, the project coordinators said.

An intercepted key would therefore be discarded and a new one created for use in its place.

The new system, known as SECOQC (Secure Communication based on Quantum Cryptography), is intended for use by the secure generation and exchange of encryption keys, rather than for the actual exchange of data, Monyk said.

"The encrypted data would then be transmitted by normal methods," he said. Messages encrypted using quantum mechanics can currently be transmitted over optical fibers for tens of miles. The European project wants to extend that range by combining quantum physics with other technologies, Monyk said.

"The important thing about this project is that it is not based solely on quantum cryptography but on a combination with all the other components that are necessary to achieve an economic application," he said. "We are taking a really broad approach to quantum cryptography, which other countries haven't done."

Experts in quantum physics, cryptography, software and network development from universities, research institutes and private companies in Austria, Belgium, Britain, Canada, the Czech Republic, Denmark, France, Germany, Italy, Russia, Sweden and Switzerland will be contributing to the project, Monyk said.

In 18 months, project participants will assess progress on a number of alternative solutions and decide which technologies seem most promising and merit further development, project coordinators said. The goal is to have a workable technology ready in four years, but SECOQC will probably require three to four years of work beyond that before commercial use, Monyk said.

Cova was more cautious, noting, "This is the equivalent of the first flight of the Wright brothers, so it is too early to be talking already about supersonic transatlantic travel."

The technological challenges facing the project include the creation of sensors capable of recording the arrival of photons at high speed and photon generators that produce a single photon at a time, Cova said. "If two or three photons are released simultaneously, they become vulnerable to interception," he said.

Monyk believes there will be a global market of several million users once a workable solution has been developed. A political decision will have to be made regarding who those users will be in order to prevent terrorists and criminals from taking advantage of the completely secure communication network, he said.

"In my view, it should not be limited to senior government officials and the military, but made available to all users who need really secure communications," Monyk said, citing banks, insurance companies and law firms as potential clients. A decision will have to be made as to whether and how a key could be made available to law enforcement authorities under exceptional circumstances.

"It won't be up to us to decide who uses our results," said Cova.

Reprinted with permission from For more news from IDG visit IDG.net
Story copyright 2004 International Data Group. All rights reserved.

See QC - another hype cycle for commentary

Posted by iang at 03:08 AM | Comments (0) | TrackBack

May 16, 2004

US intelligence exposed as student decodes Iraq memo

Armed with little more than an electronic dictionary and text-analysis software, Claire Whelan, a graduate student in computer science at Dublin City University in Ireland, has managed to decrypt words that had been blotted out from declassified documents to protect intelligence sources.

13 May 2004 DECLAN BUTLER

[IMAGE]It took less then a week to decipher the blotted out words.

She and one of her PhD supervisors, David Naccache, a cryptographer with Gemplus, which manufactures banking and security cards, tackled two high-profile documents. One was a memo to US President George Bush that had been declassified in April for an inquiry into the 11 September 2001 terrorist attacks. The other was a US Department of Defense memo about who helped Iraq to 'militarize' civilian Hughes helicopters.

It all started when Naccache saw the Bush memo on television over Easter. "I was bored, and I was looking for challenges for Claire to solve. She's a wild problem solver, so I thought that with this one I'd get peace for a week," Naccache says. Whelan produced a solution in slightly less than that.

Demasking blotted out words was easy, Naccache told Nature. "Optical recognition easily identified the font type - in this case Arial - and its size," he says. "Knowing this, you can estimate the size of the word behind the blot. Then you just take every word in the dictionary and calculate whether or not, in that font, it is the right size to fit in the space, plus or minus 3 pixels.
"

A computerized dictionary search yielded 1,530 candidates for a blotted out word in this sentence of the Bush memo: "An Egyptian Islamic Jihad (EIJ) operative told an XXXXXXXX service at the same time that Bin Ladin was planning to exploit the operative's access to the US to mount a terrorist strike." A grammatical analyser yielded just 346 of these that would make sense in English.

A cursory human scan of the 346 removed unlikely contenders such as acetose, leaving just seven possibilities: Ugandan, Ukrainian, Egyptian, uninvited, incursive, indebted and unofficial. Egyptian seems most likely, says Naccache. A similar analysis of the defence department's memo identified South Korea as the most likely anonymous supplier of helicopter knowledge to Iraq.

Intelligence experts say the technique is cause for concern, and that they may think about changing procedures. One expert adds that rumour-mongering on probable fits might engender as much confusion and damage as just releasing the full, unadulterated text.

Naccache accepts the criticism that although the technique works reasonably well on single words, the number of candidates for more than two or three consecutively blotted out words would severely limit it. Many declassified documents contain whole paragraphs blotted out. "That's impossible to tackle," he says, adding that, "the most important conclusion of this work is that censoring text by blotting out words and re-scanning is not a secure practice".

Naccache and Whelan presented their results at Eurocrypt 2004, a meeting of security researchers held in Interlaken, Switzerland, in early May. They did not present at the formal sessions, but at a Tuesday evening informal 'rump session', where participants discuss work in progress. "We came away with the prize for the best rump-session talk - a huge cow-bell," says Naccache.

(c) Nature News Service / Macmillan Magazines Ltd 2004

subscription required for this link

Posted by iang at 11:17 AM | Comments (3) | TrackBack

SSL secure browsing - attack tree Mindmap

Here is a work in progress Mindmap on all threats to the secure browsing process. It purports to be an attack tree, which is a technique to include and categorise all possible threats to a process. It is one possible aid to constructing a threat model, which latter is a required step to constructing a security model. The mindmap supports another work in progress on threat modelling for secure browsing.

This work was inspired by the Mozilla project's new policy on new CAs, coordinated by Frank Hecker. Unpublished as yet, it forms part of the controversial security debate surrounding the CA model.

( To recap: the secure browsing security model uses SSL as a protocol and the Certificate Authority model as the public key authentication regime, all wrapped up in HTTPS within the browser. Technically, the protocol and key regime are separate, but in practice they are joined at the hip, so any security modelling needs to consider them both together. SSL - the protocol part - has been widely scrutinised and has evolved to what is considered a secure form. In contrast the CA model has been widely criticised, and has not really evolved since its inception. It remains the weak link in security.

As part of a debate on how to address the security issues in secure browsing and other applications that use SSL/CA such as S/MIME, the threat model is required before we can improve the security model. Unfortunately, the original one is not much use, as it was a theoretical prediction of the MITM that did not come to pass. )

Posted by iang at 10:10 AM | Comments (2) | TrackBack

May 15, 2004

Open Governance Mindmap

The talk being prepared for the PaySec conference next month is now entitled Open Governance. Here's the mindmap I am using to dump all my thoughts on ... what amounts to the entire governance layer.

Be-aware - this is an applet which requires your browser to be installed with Java 1.4! Worse, the content is a draft, and will change over time. But, for the interim, this mindmap tool is quite an exciting little toy now that I've found out how to get it working across a group of people.

Check it out. The two things you can do are click on a node to fold it up and open out, and also grab the background to move around. Best seen on a big screen.

(I have another mindmap for SSL secure browsing threats which I'll also post when I've played with things.)

Posted by iang at 11:00 AM | Comments (0) | TrackBack

May 14, 2004

Ross Anderson's "Economics and Security Resource Page"

For those interested in the intersection of security and economics, Ross Anderson's page has a wealth of links.

"Do we spend enough on keeping `hackers' out of our computer systems? Do we not spend enough? Or do we spend too much? For that matter, do we spend too little on the police and the army, or too much? And do we spend our security budgets on the right things?"

"The economics of security is a hot and rapidly growing field of research. More and more people are coming to realise that security failures are often due to perverse incentives rather than to the lack of suitable technical protection mechanisms. (Indeed, the former often explain the latter.) While much recent research has been on `cyberspace' security issues - from hacking through fraud to copyright policy - it is expanding to throw light on `everyday' security issues at one end, and to provide new insights and new problems for theoretical computer scientists and `normal' economists at the other. In the commercial world, as in the world of diplomacy, there can be complex linkages between security arguments and economic ends."

"This page provides links..."

Posted by iang at 06:07 AM | Comments (0) | TrackBack

May 12, 2004

EC opens ears on e-money directive

The 1990s was characterised by a long fight to stop the Europeans from regulating eMoney out of existence (I wrote about this in my first ever paper). Invented in places like The Netherlands (service station money for truck drivers, and DigiCash's blinded tokens), eMoney always struggled against the fears of the Bundesbank that it would actually succeed and change the banking structure.

Eventually, the, European Parliament passed a compromised Directive that required issuers to seek a "like a bank" eMoney licence. This regime left all unsatisfied, and as I predicted back in 1996, the real action happened wherever the "need to regulate" was ignored.

Now it seems that they have opened a review on the eMoney Directive. Read on:

EC opens ears on e-money directive
By John Oates Published Monday 10th May 2004 15:13 GMT

The European Commission has opened a consultation period on its controversial "e-money" directive. The EC wants businesses to tell it how the directive could be improved to "avoid unnecessary burdens for industry".

Under the directive, providers of e-money will have to provide a way for people to redeem their e-money for real world money. They must also take action to ensure the system is not used for money laundering.

At present, the e-money directive could be applied to the purchase and use of pre-pay mobile phone cards. The definition of electronic money is monetary value stored on a chip card or computer memory which is accepted for payment by someone other than the issuer.

In interpreting this for use at a national level regulators have disagreed as to how the directive should apply in practice. Some countries have, for instance, decided that pre-pay mobile cards are covered by the new rules. Because of the confusion, the Commission decided last year to seek a common interpretation of the law.

That analysis concluded that mobile pre-pay cards do not qualify as e-money if they are used to buy airtime from the company which issued them. But if they are used to buy ringtones, messaging, news, tickets or other products from a third party then they should be considering e-money.

Still awake at the back? Good. Since, even by EU standards, this is an early morning snack for a four-legged pet (dog's breakfast). The Commission has decided to clarify exactly when and where the e-money directive should be applied. It is asking for comments and suggestions from those in the mobile or related industries and from ordinary punters.

Interested parties have until 20 July 2004 to respond to the proposals and more details are available here, where you can download the whole consultation document as well. ®

Posted by iang at 11:16 AM | Comments (0) | TrackBack

May 11, 2004

Sassy Teenager Stars in Virus Soap

In what is rapidly becoming an Internet soap opera, an alleged writer of the Sasser virus, 18 year old Sven Jaschan from Germany, was fingered under the Bounty program initiated by Microsoft a few months back [1]. As predicted, with $250,000 in prize money, an immediate question faces Microsoft: Are the informants in on the game [2] ?

Microsoft insists that "the informant had no connection to the virus writer's work, and say they wouldn't pay a reward to anyone who had helped author the computer virus." Others are skeptical, both of the incident and the benefit of the program [3].

Says one person: "In the last 15 years we've had 30 or 40 arrests of these people worldwide, and yet we still get 15 more of these (viruses) every week." The power of perception remains foremost here as all reporters routinely ignore the underlying structural weaknesses in the Microsoft platform that is being hit by virus after virus. Perhaps that story is stale.

The German authorities released the author immediately, when they discovered that his intentions may have been honourable [4]. He was just helping his Mom, the papers say, and he deserves a medal, not prison:

' Despite the damage to millions of computers, one leading German newspaper said in a page one commentary Monday there was a strange sense of national pride that a German student had outwitted the world's best computer experts. "Many of the (German) journalists who traveled to the province could not help but harbor clandestine admiration for the effectiveness if the worm," Die Welt daily wrote.'

American virus company NAI immediately responded with a call for new laws:

'Jimmy Kuo, a research fellow with antivirus software maker NAI .... said that additional laws may be necessary to dissuade virus writers from releasing their programs onto the Internet. "We would hope that there could be laws that would prohibit the posting of malicious code," Kuo said. "Sasser was partially written by some malicious code that was downloaded by the Internet." [5]'

They had their chance in 1945. But, there is good news - at least Microsoft announced a few years ago that security is its goal. I see no evidence in the browser market that they are serious, but I suppose we'll know more in 15 more years [6].


Addendum: It seems that a week later, Police probe Sasser informant the informant was already on the way to losing his bounty. Question is, what happens now? What's the point in informing on a virus writer if your life gets turned upside down on the suspicion that you are in cohoots? Safer to go find some other line of work...



[1] "'Sasser e' rears its head", 11 May 2004.
[2] "The Good, The Bad, and the Ugly", 09 November 2003.
[3] "Experts pessimistic on deterrent effect", 10 May 2004.
[4] "German Net Worm Writer May Have Been Helping Mom", 10 May 2004.
[5] "Fifth Sasser 'released before arrest'", 11 May 2004.
[6] "Cost of Phishing - Case in Texas", 05 May 2004.

Posted by iang at 07:07 AM | Comments (0) | TrackBack

May 10, 2004

Secret Ballot Receipts and Transparent Integrity

Professor David Chaum is working on the voting problem. On the face of it, this is an intractable problem given the requirement of voter secrecy. Yet David Chaum is one of the handful of cryptographers who have changed the game - his blinded tokens invention remains one of the half dozen seminal discoveries of the last half-century.

Of course, in financial voting, the requirement for ballot box privacy is not so stringent. Indeed votes are typically transferable as proxies, if not strictly saleable. For this reason, we can pretty much accomplish financial voting with what we know and have already (an addition of a nymous feature or a new issue would be two ways to do it).

But it is always worth following what is happening on the other side of the fence. Here's the abstract for David's paper, Secret Ballot Receipts and Transparent Integrity:

"Introduced here is a new kind of receipt. In the voting booth, it is as convincing as any receipt. And once the voter takes it out of the booth, it can readily be used to ensure that the votes it contains are included correctly in the final tally. But it cannot be used in improper influence schemes to show how the voter voted. The system incorporating the receipts can be proven mathematically to ensure integrity of the election against whatever incorrectly-behaving machines might do to surreptitiously change votes. Not only can receipts and this level of integrity enhance voter confidence, but they eliminate the need for trusted voting machines."
Posted by iang at 07:06 PM | Comments (1) | TrackBack

May 07, 2004

"How is a capability different to an object?"

A discussion on cap-talk on the definition of capabilities seems to have erupted... Here is one capabilty fan's interpretation of what a capability is, and how it relates to objects, in the sense of Java and other OO languages.

-------- Original Message --------
Subject: "How is a capability different to an object?"
Date: 6 May 2004 20:45:04
From: zooko@zooko.com
To: iang@systemics.com

You asked me that after MarkM's talk at FC'99, and I didn't know.

Nowadays, I would say this:

Think of a graph with circles connected by arrows. (I really like thinking in these terms. If you don't like thinking in terms of graphs, this probably isn't the best explanation for you.)

Now, let any "thing" in the system under consideration, whether that thing be a person, computer, process, chunk of data, computational object, etc. be one of those circles.

Now say that there are only three ways that one circle can get an arrow pointing to another circle:

  1. The first circle creates the second circle (e.g., a process spawns another process, a Java object constructs another Java object, etc.). In this case, the second circle begins life with only a single incoming arrow, coming from the first circle.

  2. There was a third circle who already had an arrow pointing to the first circle and an arrow pointing to the second circle. This third circle gives to the first circle an arrow which points to the second circle. This is the event captured in the famous Granovetter Diagram [1].

  3. A link between two objects comes in from outside of this world. Please ignore this case for now, and revisit it after you understand what capabilities are.

Okay, now suppose you want to do some access control. You're writing a program, or a policy, or something that wants to specify who can touch what. To be concrete, let's say that you want to specify whether Alice can or cannot read a certain file. If you were never going to change your mind, and if you were not going to allow other people to make their own access control decisions while interoperating with yours, then this would be easy -- just write down "Alice, File, Yes", or "Alice, File, No". That is the basis of the Access Control List approach to access control.

The Object Capabilities approach to access control is to draw a graph with a circle labelled "Alice" and an arrow pointing to a circle labelled "File". Or leave the arrow off if you don't want to grant Alice that access.

Okay, now where are we? Well, the three rules (ignoring the 3rd) above tell you how the access control state can evolve over time. The basic ACL approach that we sketched above doesn't include this notion of evolving over time, so assuming that your access control decisions evolve over time, we would have to add it.

[End of General Definition]

Okay, now I wrote this in as general a manner as I could because I know that your interests include things outside of a specific thing like "this one virtual machine running on my computer". However, to make the notion of capabilities concrete, suppose you have a Java Virtual Machine, and the circles are Java objects and the arrows are Java references. Now suppose one of the objects is under the control of Alice and can be used by her to read files. Another object represents a file.

There, now you are using capabilities for access control in that JVM.

I'll stop for now!

--Zooko

[1] "Alice captured in the instant of giving Bob an arrow to Carol." Making this image required high speed photography by professional National Geographic photographers.

Posted by iang at 07:03 PM | Comments (3) | TrackBack

May 05, 2004

Cost of Phishing - Case in Texas

Below is the first quantitative estimate of costs for phishing that I have seen - one phisher took $75,000 from 400 victims. It's a number! What is needed now is a way to estimate what the MITM attack on secure browsing has done in terms of total damages across the net.

U.S. shuts down Internet 'phishing' scam

Monday, March 22, 2004 Posted: 3:59 PM EST (2059 GMT)

WASHINGTON (Reuters) -- The U.S. government said Monday it had arrested a Texas man who crafted fake e-mail messages to trick hundreds of Internet users into providing credit card numbers and other sensitive information.

Zachary Hill of Houston pleaded guilty to charges related to a "phishing" operation, in which he sent false emails purportedly from online businesses to collect sensitive personal information from consumers, the Federal Trade Commission said.

According to the FTC, Hill sent out official-looking e-mail notices warning America Online and Paypal users to update their accounts to avoid cancellation.

Those who clicked on a link in the message were directed to a Web site Hill set up that asked for Social Security numbers, mothers' maiden names, bank account numbers and other sensitive information, the FTC said.

Phishing has emerged as a favorite tool of identity thieves over the past several years and experts say it is a serious threat to consumers.

Hill used the information he collected to set up credit-card accounts and change information on existing accounts, the FTC said. He duped 400 users out of at least $75,000 before his operation was shut down December 4, FTC attorneys said.

Hill will be sentenced on May 17, according to court documents.

A lawyer for Hill was not immediately available for comment.

Scam artists have posed as banks, online businesses and even the U.S. government to gather personal information, setting up Web pages that closely mirror official sites.

FTC officials said consumers should never respond to an e-mail asking for sensitive information by clicking on a link in the message. "If you think the company needs your financial information, it's best to contact them directly," FTC attorney Lisa Hone said.

Those who believe they may be victims of identity theft should visit the FTC's Web site (www.consumer.gov/idtheft), she said.

America Online is a division of Time Warner Inc., as is CNN. Paypal is owned by eBay Inc.



Addendum: The FTC appears to have settled with Zachary. The amount phished is now set at $125k but is unrecovered. (This is over the *two* cases charged below, who appear to be the same case.)

"Phishers" Settle Federal Trade Commission Charges

Friday, June 18 2004 @ 06:17 AM Contributed by: ByteEnable

Operators who used deceptive spam and copycat Web sites to con consumers into turning over confidential financial information have agreed to settle Federal Trade Commission charges that their scam violated federal laws.

The two settlements announced today will bar the defendants from sending spam, bar them from making false claims to obtain consumers' financial information, bar them from misrepresenting themselves to consumers, and bar them from using, selling, or sharing any of the sensitive consumer information collected.

Based on financial records provided by the defendants, the FTC agreed to consider the $125,000 judgments in each case satisfied. If the court finds that the financial documents were falsified, however, the defendants will pay $125,000 in consumer redress. One of the defendants also faces 46 months in prison on criminal charges filed by the Justice Department.

The scam, called "phishing," worked like this: Posing as America Online, the con artists sent consumers e-mail messages claiming that there had been a problem with the billing of their AOL accounts. The e-mail warned consumers that if they did not update their billing information, they risked losing their accounts. The messages directed consumers to click on a hyperlink in the body of the e-mail to connect to the "AOL Billing Center." When consumers clicked on the link they landed on a site that contained AOL's logo, AOL's type style, AOL's colors, and links to real AOL Web pages. It appeared to be AOL's Billing Center. But it was not. The defendants had hijacked AOL's identity and used it to steal consumers' identities. The defendants ran a similar scam using the hijacked identity of PayPal.

The FTC charged the defendants with violating the FTC, which bars unfair and deceptive practices, and the Gramm Leach Bliley Act, which bars using false or fictitious statements to obtain consumers' financial information.

The settlements bar the defendants from sending spam for life. They bar the defendants from:

  • Misrepresenting their affiliation with a consumer's ISP or online payment service provider;
  • Misrepresenting that consumers' information needs to be updated;
  • Using false "from" or "subject" lines; and
  • Registering Web pages that misrepresent the host or sponsor of the page.

The settlements bar the defendants from making false, fictitious, or fraudulent statements to obtain financial information from consumers. They bar the defendants from using or sharing the sensitive information collected from consumers and require that all such information be turned over to the FTC. Financial judgments were stayed based on financial disclosure documents provided by the defendants showing they currently are unable to pay consumer redress. Should the court find that the financial disclosure documents were falsified, the defendants will be required to give up $125,000 in ill-gotten gains. The settlements contain standard record keeping provisions to allow the FTC to monitor compliance with the orders.

The defendant named in one of the complaints is Zachary Keith Hill. The Hill case was filed in December 2003, in the U.S. District Court for the Southern District of Texas. The other case, filed in May 2004, charged an unnamed minor in U. S. District Court for the Eastern District of New York.

These cases were brought with the invaluable assistance of the Department of Justice Criminal Division's Computer Crimes and Intellectual Property Section, Federal Bureau of Investigation's Washington Field Office, and United States Attorney for the Eastern District of Virginia's Computer Hacking and Intellectual Property Squad.

The Commission vote to accept the settlements was 5-0.

A newly revised FTC Consumer Alert, "How Not to Get Hooked by a 'Phishing' Scam" warns consumers who receive e-mail that claims an account will be shut down unless they reconfirm their billing information not to reply or click on the link in the e-mail. Consumers should contact the company that supposedly sent the message directly. More tips to avoid phishing scams can be found at http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm.

Consumers who believe they have been scammed by a phishing e-mail can file a complaint at http://www.ftc.gov, and then visit the FTC's Identity Theft Web site at www.consumer.gov/idtheft to learn how to minimize their risk of damage from ID theft. Consumers can also visit www.ftc.gov/spam to learn other ways to avoid e-mail scams and deal with deceptive spam.

NOTE: Stipulated final judgments and orders are for settlement purposes only and do not constitute an admission by the defendant of a law violation. Consent judgments have the force of law when signed by the judge.

Copies of the complaints and stipulated final judgments and orders are available from the FTC's Web site at http://www.ftc.gov and also from the FTC's Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

Posted by iang at 07:33 PM | Comments (2) | TrackBack

May 03, 2004

Bufflets

Warren Buffet is in the news again, over on the goldmember list, and no doubt countless thousands of lesser media [1]. At the annual shareholder meeting, the 10,000 or so shareholders turn up for what amounts to a great big party. As well as a meeting where the company actually talks to the shareholders.

"Vice Chairman Charles Munger and Buffett fielded questions from the crowd for about six hours about their investment philosophy, succession plans and reaction to criticism to Buffett's board seat on Coca-Cola Co. [2]"

What other company does that? Companies I know don't hold any shareholder meetings, let alone let them ask questions. Warren Buffet, is every investor's hero, and the founders of google recently wrote him up as their God, as well.

"Shares of Berkshire, which owns energy, aviation, paint and carpet companies, have increased 28 percent in the past year compared with a 19 percent gain for the Standard & Poor's 500 Index. The shares fell $110 to $93,390 in New York Stock Exchange composite trading on Friday. [3]"

Mr. Buffet never splits, and thus the price goes higher and higher and higher ... His motive here is quite simple. Buffet, the world's best investor, wants to exclude small shareholders from his register. This price is so high that not only can no ordinary investor afford even one of his shares, but most systems cannot quote a price in it. (Check the WSJ, it's not there, last I heard.)

He has basically excluded all of the hoi polloi. In marketing terms, this is called "price discrimination." He has chosen an educated base of shareholders, using the proxy of wealth, as the tool to select his shareholders. Quite valid stuff, albeit an unusual use of an old marketing tool.

Here's how we arbitrage it. To frustrate him, we (being Ivan, a potential issuer) would buy one Berkshire-Hathaway share. One will do for now, we can always pick up another later! This share we escrow in the normal fashion with a transfer agent.

Then, we designate our one share as reserves for an issue of Ricardian instruments. Instead of issuing one derivative share backed by the one real Berkshire-Hathaway share, we would issue 100,000 microshares. These instruments I call Bufflets, and their price would be more likely around ninety three cents.

Hey presto, we arbitrage the marketing. With our 100,000 Bufflets, even your 10 year old can afford to become an investor in Berkshire-Hathaway. Mind you, only one of us gets to go to the party every year, but that's maybe the subject of a shareholder's meeting yet to come.

[1] Warren Buffett joins Kerry campaign
[2] Buffett Says He Has Increased Bet Against U.S. Dollar (Update3)
[3] Ibid.

Posted by iang at 02:57 PM | Comments (3) | TrackBack

Neu5PM

Nueclear from Pelle suggests a variant of the 5PM (which in itself is just a variant of hundreds and even thousands of years of good governance). In Pelle's model, he adds an auditor, and changes the names a bit. Here it is:

6-party model
http://neuclear.org/display/neu/6-party+model
Last changed on Apr 01, 2004 by Sandy

Ian Grigg has formulated a 5-party governance model which provides an excellent starting point for governing electronic assets. We have taken this model and added an additional party, the auditor.

  • Promoter The originator and promoter of an asset. To promote trust he contracts with the 4 following parties and does little else.
  • Issuer Issues assets into the NeuClear System. This could be a trust company or a certified auditor. The main role of the Issuer is to verify that the value implied in the above layer is actually entered into the system and that the Promotor can't falsely inflate the system.
  • Operator The operator is like an Application Service Provider. He maintains the books of the assets and responds to Transfer Orders with Transfer Receipts in such a manner that none of the other parties can interfere or otherwise modify the underlying accounting of the value system.
  • Auditor The auditors run a seperate, parallel set of books to the Operator. He listens to Transfer Orders and Transfer Receipts and is the final authority on balance of accounts.
  • Manager The manager is contracted by the Issuer to do the day-to-day management of the asset. For example, requesting that the Issuer add more assets to the system, or customer service.
  • Users The users are in many ways the real auditors of the system. As long as at least one of the 4 parties directly above is honest, they can monitor the runnings of the Asset live and instantly, to see if anything goes wrong. Users can optionally maintain their own books that can be automatically reconciled with those of the Auditor.

Note we also modified the names of two of the parties from Ian's 5-party model, as they were causing confusion to people outside of the Financial Cryptography world. Ian's Issuer became our Promoter. His Mint became our Issuer.

Examples of the 6-party model

It can be hard to understand the 6-party model without seeing practical examples. Please see the following:

Posted by iang at 12:03 PM | Comments (9) | TrackBack

May 02, 2004

Definition of Capabilities

There are several models of rights out there - nyms, capabilities, bearer, account. One observation that has been made by Jeroen van Gelderen is that nyms (especially, SOX) as a model is a case of capabilities. What that means, beyond the superficial, has always been up in the air. The somewhat presumption was that SOX is a subset, or implementation of capabilities. Or, that SOX is capabilities hard-coded, whereas E, by contrast, is capabilities in the language.

The capabilities people (them) and the nym people (us) haven't really seen eye to eye on the lucidity of each other's documentation, so distance remained. Now, Jed Donnelley has broken ranks and cast his view of a definition of an Internet capability model.

With such a definition in hand, it's now possible to compare SOX, and any other nymous system, against the capabilities model. Best case, we'll show the original observation was right, and we can get on with the life of us and them. Worst case, we'll show it as being wrong, and we'll be forced to write our own definition.

That, I'll defer. For now, here's Jed's definition :

-------- Original Message --------
Subject: [cap-talk] Re: "capabilities" as data vs. as descriptors - OS security discussion, restricted access processes, etc.
Date: Thu, 29 Apr 2004
From: Jed Donnelley <jed@nersc.gov>
To: cap-talk@mail.eros-os.org

[big snip]

1. Definition of what you might call an Internet capability model. This
could be something along the lines of:

http://www.webstart.com/jed/papers/Managing-Domains/#s13

though I think modern encryption technology would suggest a
rework. The basic idea would be to define a protocol for sending
blocks of bits that:

a. Can securely represent the right to do anything that a service
(server) process might chose to make available.

b. Can be communicated securely - hopefully without contacting
the service process except of course when it is the source or
destination of the rights communication directly.

c. Is safe from evesdropping. That is, the form that the capability takes
when it's in, say, a processes memory space or in an email message,
cannot be used by any entity other than the owner of the memory
space (a process) or the email (presumably a person).

d. Extra points for including a rights reduction mechanism that doesn't
require permission from the server.

[another big snip]

Can we agree on that much?

--Jed http://www.nersc.gov/~jed/

_______________________________________________
cap-talk mailing list
cap-talk@mail..eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk

Posted by iang at 02:21 PM | Comments (1) | TrackBack