Mac's moment of truth is arriving:
"We are approaching a tipping point, where it will soon be financially viable for cybercriminals to target their efforts at Mac users," says Ivan Fermon, senior vice president of product management, Panda Security. "When Apple reaches 15 percent market share worldwide, which Panda expects will happen very soon, we predict that hackers will begin to aggressively target attacks against this platform. The rapid increase in use of Apple-powered devices--iPhones, iPods, iPads--is also making the Mac platform a much more attractive target."
Not just any tipping point, the one where crooks target the platform. It is an interesting phenomena when such a large user base as Macs aren't an appealing target, but what can one say? It's a theory... More numbers:
"We receive an average of 55,000 new threats every day at PandaLabs. .... Panda has identified approximately 5,000 malware variants that specifically target Apple systems, and claims to see an average of 500 new samples each month. The Mac has been getting more security research and attention as well. There were only 34 vulnerabilities identified for the Mac in 2009, but with two months to go that number is already at 175 for 2010.
I'm not sure what to make of 55,000 new threats per day, does that mean PandaLabs has a factory of 1000 people with targets to qualify 55 threats per day? Outstanding productivity! But I know what to make of this:
So, the short answer to the question of whether or not your Mac needs malware protection is "Yes". Or, at least, it will soon need malware protection if the Apple platform continues to grow as a lucrative target. Consider it a badge of honor in recognition of gaining enough market share for cyber criminals to care. That is why Panda Security is launching Panda Antivirus for Macintosh.
Ahhh... So all the rest is in support of a sales call from our friendly silver bullet salesman. Well, of course :)
Zooko writes to SHA-3 designers for the NIST hash competition:.
Folks:
If a hash has 32-bit pre-image-resistance then this means an attacker might spend about 2^32 resources to find a pre-image.
If a hash has 64-bit pre-image-resistance then this means an attacker might spend about 2^64 resources to find a pre-image.
What if a hash has 512-bit collision-resistance? What would that mean? That an attacker might spend about 2^512 resources to find a collision in it? That is a meaningless possibility to discuss since 2^512 resources will never exist in the life of this universe, so it can't mean that, or if it does mean that then there is no use in talking about "512-bit collision-resistance". Maybe it means something else?
By analogy, suppose you considered the construction of a bridge that withstood 10^3 tons of pressure. You could also consider a bridge that could withstand 10^6 tons of pressure. If the bridge were to be deployed in a situation where more than 10^3 tons but less than 10^6 tons might rest on it, then this would be a very important distinction to make.
But what would it mean to discuss a design for a bridge that could withstand 10^150 tons of pressure? Such an amount of pressure could never be applied to the bridge. Would there be any value in a distinction between one bridge design that would withstand 10^150 tons of pressure and another that would withstand 10^300? Even though neither of them could ever experience as much as 10^150 tons of pressure, perhaps the latter bridge would still be safer against some other threat -- an error on the part of the builders or designers or a stressful event that was not included in the model which we used to evaluate our bridges in the first place.
Or perhaps not. Perhaps the bridge which is designed to withstand 10^300 tons of pressure is actually *more* likely to fail than the other one when hit by this unpredicted, unmodelled event. Who can tell?
One reasonable position to take is that it was a mistake for NIST to specify that some of the SHA-3 hashes had to have 512-bit preimage resistance. (If it *was* a mistake the I really have no idea what to do about it at this juncture!)
That position says that there *is* a need for a hash function which takes much more CPU time than SHA-3-256 does in order to provide much less likelihood that an attacker will be able to find a pre-image in it than in SHA-3-256, but that this "much less likelihood" is not in any meaningful sense correlated with the idea of having "512-bit pre-image resistance".
Another reasonable position to take is that a hash function which is known to have at most 384-bit pre-image resistance is *more likely to fail* than one which is known to have at most 512-bit pre-image resistance. This is where my limited understanding of hash function cryptanalysis comes to an end. Is that plausible? If I give you two hash functions like that, are you confident that you could learn how to find pre-images in the former before they find pre-images in the latter? How sure are you? Is it possible that it would be the other way around--that you would discover a method of finding pre-images in the latter before discovering a method of finding pre-images in the former?
If someone who has real hash function cryptanalysis expertise and who takes the latter position could explain what they mean by "more likely to fail", then I would be fascinated to hear it.
In any case, I'm pretty sure that as a *user* of hash functions what I care about is "more likely to fail" (and efficiency), not about "bits of security" for any bit-level greater than about 128 (including consideration of quantum attacks, multi-target attacks, etc.)
Thank you for taking the time to read this.
Regards,
Zooko Wilcox-O'Hearn
In terms of value at risk, this has to be the winner in the monthly "most outrageous post across my desk" competition:
According to attorney Ellen Brown, author of "Web of Debt", a California bankruptcy court has followed what are now being called "landmark cases in other jurisdictions" in ruling that as many as 62 million mortgages may not be foreclosed on.The result could force the biggest banks into bankruptcy because having millions of homeowners get title to their homes with no further mortgage payment would decimate the asset portfolio. As pointed out in a San Francisco Chronicle article in 2007:
"The loans at issue dwarf the capital available at the largest U.S. banks combined, and investor lawsuits would raise stunning liability sufficient to cause even the largest U.S. banks to fail...."
This is an issue that I knew about. We tried to solve it. Blame me. Which makes it much harder to write about.
What's going on here? And why the chicken-little panic? How much truth is in this? Unfortunately, some:
The problem is that at the height of the real estate bubble, mortgages were sliced and diced into investment products -- securities -- that changed hands frequently.
Whoa! Stop right there! This was not a problem constrained to the height of the bubble, but a structural innovation that has dominated the last 30-40 years. Permit me to set the record straight:
The problem is thatat the height of the real estate bubblesince the invention of securitization in the 1970s or so, mortgageswereare sliced and diced into investment products -- securities -- that changedhands frequently.
If you wish to understand anything about the financial crisis, understand this:
securitization was a game-changer.
It was invented in the 1970s or so, and it set the scene for the massive boom we saw in the 2000s, and the massive collapse 2007-2009. Most confusing still, it's a good thing. Moving right along...
As a convenience for the mortgage industry, many of these mortgages were recorded electronically by a system called MERS (Mortgage Electronic Registration System).At issue was when Citibank tried to foreclose on a property in California, the homeowner's defense was that the actual deed was held by MERS and yet since MERS could not offer a homeowner signed documentation to a mortgage agreement, they could not prove ownership and since they couldn't prove ownership, the Deed of Trust could not be transferred and Citibank's note was therefore uncollectible.
Basically, throughout the securitisation process that created the global financial collapse, the issue that was staring us in the face was that the various transactions were not being perfected. That is, the contracts were not being adequately backed up according to the standards of the day. That standard is ultimately measured in court, or not as Citibank has discovered above.
I saw this when I designed my system, and set out to resolve it. The Ricardian Contract form solves the above problem, in part because it is signed, and in other part because it solves a lot of other issues lurking in the mess above. And, when Jim and I filed it into the SEC, they realised that it addressed their concerns, too.
But like this blog post, the problems brought about by securitization's success were put off until tomorrow. And tomorrow's tomorrow. And ... then came 2007. Some singularity somewhere caused systemic ripples throughout the system, which caused all contracts to shake and wobble. But it is important, nay, essential to realise: the fundamental structural feature was securitization. The systemic wobble event was not important. Keep your eye on the securitization ball as it rolls on unchallenged through the USA financial quagmire.
Now they've gone to court, and:
The California bankruptcy court concluded:"Since the claimant, Citibank, has not established that it is the owner of the promissory note secured by the trust deed, Citibank is unable to assert a claim for payment in this case."
So that's what is meant by a contract not being perfected. You can talk about it. You can sell it, slice & dice it, derive it and steal it. Start a boom, pay outrageous bonuses, watch the bubble burst. But you can't get a court to back all these things up. Which matters not one jot if everyone believes the boom will go forever...
Which leads to somewhat of an observation over modern finance... heck, all finance, and probably all business!
Finance is an inverted pyramid that sits on the apex of dispute resolution. Somewhere in a middle layer are contracts. Somewhere up top on the mesa are mortgages and loans and prosperity and the happiness of owning your own home. Down the bottom is dispute resolution.
If the apex collapses, don't be standing nearby with a camera.