Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Meet Carla Shroder's New Favorite GUI-Textmode Hybrid Shell, Xiki

mstefanro Re:Not convinced (176 comments)

I am skeptical to the idea tbh. For commonly used commands the effort of learning them is relatively small and the rewards are great (if I ever had to type "change the permissions such that" instead of "chmod" I would just give up and use GUI) .

about 3 months ago
top

Meet Carla Shroder's New Favorite GUI-Textmode Hybrid Shell, Xiki

mstefanro Not convinced (176 comments)

I believe the tradeoff of CLI is between working more efficiently (by typing commands and not having to use your mouse too often to interrupt your flow)
and a steeper learning curve (learn commands and their params, config file locations and their syntax etc.).

This shell seems to provide a lot of features that most of the people are not interested in, or already use specialized tools for those tasks. It is unclear to me why would one prefer to use such a shell to execute SQL or modify the DOM of a webpage rather than spawn a full-featured querying tool, respectively Firebug.

Their syntax coloring looks pretty poor, and they seem to ask you to "double-click" whenever you want to do anything. I am currently using terminator + fish, which I can highly recommend. It makes me way more productive, has very interesting completion features and uses a really large number of colors to make things more easily distinguishable.

The fact that you can move things around is quite cool, but I don't see any significant advantages, although I've only watched the first ~6 mins of video. Can someone competent perhaps voice his opinion on what does this bring?

about 3 months ago
top

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible

mstefanro Re:This idea is really BS (277 comments)

My bad, it's n^s instead of s^n. I don't know where the factorial is coming from in your analysis. Or how it magically disappeared
at the end of your comment.

about 5 months ago
top

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible

mstefanro Re:This idea is really BS (277 comments)

You have a space of `m' accounts, `n' common passwords and `s' threshold.
The first step is to find a subset of `s' people who all have easy passwords. There is no better
way than to pick all such subsets, so that gives binom(m,s).
For such a subset, you have to try all assignments of passwords. You have s
people, each of which can have one of n passwords. That's s^n tries.
The total time is binom(m,s) * s^n * C, where C is the time it takes to test if your guess is correct.

about 5 months ago
top

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible

mstefanro Re:This idea is really BS (277 comments)

The latter is not feasible, because you don't need to guess passwords, you need to guess user-password pairs.

about 5 months ago
top

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible

mstefanro Re:That's a nice technical solution you have there (277 comments)

Yes, you could. This doesn't have any better security guarantees than just doing that.

His whole argument however is that the salt needs to be reentered in the memory manually
after a system crash, whereas with his mechanism the memory gets the needed data automatically
after a few users login.

about 5 months ago
top

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible

mstefanro Re:That's a nice technical solution you have there (277 comments)

Yes, it does make it more secure. The security of the hash files relies on a secret stored in memory. To
get that secret, you either need to know the password of K users (user i has password p_i) or you need
access to memory. The point is that access to disk is not sufficient (regardless of how weak the passwords
of the users are).

about 5 months ago
top

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible

mstefanro Re:This idea is really BS (277 comments)

Plus, for most websites, you can just register 10 accounts, giving you the 10 known passwords.

In any case, the treat model is that you can access all the data in the db, but not all the data in memory (as
is the case with SQL injection and most other attacks). The
memory is used to cache the first n-1 passwords. The n-th guy needs to wait only after the system crashes
and the cache data is lost.

But in such a treat model, the problem can be solved in a way simpler fashion: just store in memory a key
with which all the hashes are encrypted. Write the key down on a piece of paper. If the machine crashes,
just reload the key from the paper into the server's ram.

And this is the only threat model you can work on anyway: if you assume the attacker gets root,
then there's obviously not much security to preserve. This is why authentication should be interactive (
EKE protocols).

about 5 months ago
top

MIT Researchers Create Platform To Build Secure Web Apps That Never Leak Data

mstefanro Re:Why don't they just use Polymorphic data? (90 comments)

Can you detail how can this support any of the features of a relational database? Filtering rows, joining tables, aggregation, ordering.

about 6 months ago
top

MIT Researchers Create Platform To Build Secure Web Apps That Never Leak Data

mstefanro Clarifications (90 comments)

To clarify all misconceptions in other posts, having been to a talk of hers a few days ago, here's the encryption types involved:
    * RND (salted symmetric key encryption) - used for columns where no sql manipulation is needed
    * DET (unsalted symmetric key encryption) - used for columns that need to be looked up by equality
    * Partially homomorphic encryption - used for aggregation such as SUM()
    * Order preserving encryption - useful for inequality where clauses, indexes, aggregations such as MIN()
    * Searchable encryption - allows something like ILIKE on text columns

OPE is the most dangerous, but is rarely needed for the most sensitive fields. They've run CryptDB on top of phpBB and
some other thngs with acceptable overhead. Let me know if you have other questions.

about 6 months ago
top

Getting Evolution In Science Textbooks For Texas Schools

mstefanro Re:ya know... (710 comments)

Well, other sources do not typically threaten to send you to a special place to burn forever.

about 10 months ago
top

First Lab Demonstration That the Ability To Evolve Can Itself Evolve

mstefanro Soon in the news (72 comments)

The ability to evolve of the ability to evolve may actually evolve.

about 10 months ago
top

GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware

mstefanro Re:HTTPS on Slashdot (335 comments)

I wasn't aware TLS-SRP patched browsers exist. In any case, these mechanisms will likely be adopted only if they can be embedded in HTML. Few designers are going to sacrifice their fancy login form for that ugly-ass browser window that asks for credentials. But allowing proper authentication in HTML forms would imply that you get all or nothing. Either all HTML forms that contain an input type="password" must use TLS-SRP for sending the credentials, or this cannot be adopted. Otherwise a MITM would simply alter the form to switch from secure authentication to plaintext authentication.

about 10 months ago
top

GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware

mstefanro Re:Strict Transport Security (335 comments)

To the best of my knowledge , HSTS is merely the Strict-Transport-Security response header. The lists are just something
extra. The "not very useful" comes from the fact that you are still unprotected the first time you access the website. If the
attacker is present the first time you visit an website, he can remove that header via MITM. Otherwise you should be fine.

about 10 months ago
top

GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware

mstefanro Re:HTTPS on Slashdot (335 comments)

No, I meant what I said. "https.example.com" is an example of a host supporting HTTPS, yet the browser accesses
it by default as "http://https.example.com". You don't seem to have understood what I said at all.

about 10 months ago
top

GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware

mstefanro Re:HTTPS on Slashdot (335 comments)

Because of the lack of widely adopted HTTPS, browsers are default-HTTP. So if you type https.example.com in your browser,
it will first try to access it by HTTP. Sure, the host is sometimes nice enough to redirect you immediately to HTTPS. But the
redirection happens over HTTP (because that's how you accessed the website). Therefore, a MITM can easily prevent such a
redirect and keep you in the HTTP land (see sslstrip tool), where attacks are a child's play. So unless your victims are paranoid enough to
check the address bar to make sure "https" appears, or manually write https:/// in front of their links, or use an addon such as "HTTPS Everywhere", then providing HTTPS doesn't matter much.
What addons like HTTPS Everywhere do is they have a huge lists of websites known to support HTTPS, and they force the browser to go default-https instead.

In my opinion, good solutions would include:
a) make HTTPS-everywhere part of the browsers;
b) add some proper authentication and encryption in HTTP2.0 instead of bitching that it's the wrong layer. it's clear no-one is going to adopt HTTPS
        widely anytime soon; most websites require you to login, meaning you can perform encrypted key exchange (EKE) with them, which allows for two-way authentication, plus encryption optionally;
c) widely adoption of something like this: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security - not very useful, but still an improvement

about 10 months ago
top

Microsoft Warns of Zero-Day Attacks

mstefanro Re:Already there (165 comments)

As you said, it is the all-or-nothing that concerns me. I am not claiming that sandboxing
would magically solve all problems and that successful exploits would never be able to do
any harm. But being able to mount an attack such as "someone using MS Office somewhere might use it
to open sensible data, which we can steal" is not the same as mounting an attack like "we can use MS Office
to collect all stored passwords from all browsers and send them to us. And to spawn a keylogger". The MS Office
should have no business accessing the sensible data of other applications or their memory space for that matter.
I don't believe that the fact that Windows allows everything to stick its head where it does not belong is really an unsolvable problem.

about 10 months ago
top

Microsoft Warns of Zero-Day Attacks

mstefanro Re:Already there (165 comments)

Antiviruses are blacklisting, code signing is whitelisting. Both bad solutions in a world
where we have so many apps that keeping track of all of them is very difficult.
Besides, code signing does not solve the problem of too relaxed permissions. In the
situation presented in the article, MS Office is a signed piece of software.

about 10 months ago
top

Microsoft Warns of Zero-Day Attacks

mstefanro Re:Already there (165 comments)

Yes, this is a major issue, but I don't believe it to be one without a solution, should one really bother
to come up with a good implementation.

On a mobile phone, you (as an application) can refuse to run if an user does not grant access to
a resource (such as webcam), because you know for sure that every phone has an webcam.
This blackmailing procedure may not be so successful on a PC, where if the owner refuses to grant
access to his webcam to an app, the OS can make it such that it is impossible for
the app to distinguish between "the PC has no webcam" and "the PC has an webcam but
you do not have access to it". Doing this for most resources should make it a lot more difficult
for apps to trick users into granting more permissions than they need.

about 10 months ago
top

Microsoft Warns of Zero-Day Attacks

mstefanro Re:Already there (165 comments)

I have been saying this for ages. It is embarassing that the concept of "antivirus" still exists.
Its main purpose is to enforce a huge blacklist of .exe files that can harm you. Instead
of keeping track of million of apps that are evil, why not just apply some least privilege
principles and sandboxing already so that we can run an application without granting it
access to all our resources?

It comes as no surprise that everything gets moved to the web nowadays. One can safely
open a website without worrying that all his personal data can be accessed (such as Firefox
stored passwords). On the other hand, opening an application requires complete trust in the author,
which is simply too much to ask most of the time. Look how well "apps" have evolved in mobile
platforms. It is quite natural to prefer apps to websites, because it can be easier to have something run on startup
and be easily accessible whenever you want, as opposed to having to go through a browser. They
generally have less overhead and are more powerful. If Windows had a decent package manager
and proper privilege separation we would probably be living in a different world today.

For anyone who claims stuff like "but Windows has UAC", obligatory xkcd: http://xkcd.com/1200/

about 10 months ago

Submissions

mstefanro hasn't submitted any stories.

Journals

mstefanro has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>