Blog Home  Sign In RSS 2.0 Atom 1.0 CDF  

  def Softwaremaker() :
         return "William Tay", "<Challenging Conventions />"

  knownType_Serialize, about = Softwaremaker()
 

 Saturday, May 31, 2008

I was recently pointed to this post that highlights a "successful attempt" by some students in Germany to crack Microsoft Cardspace.After reading through the post several times, I became convinced that it is NOT what it seems it is and that if the "breach" is what it says it is, there must be some pre-conditions that must be satisfied before it can happen and these criteria are not going to be easy...

Just as I was putting some of my thoughts down that relates to why I think the attempt is somehow "inappropriately glorified":

  1. If an end-user would be stupid enough to put and store his/her passwords, credit card information on his PC
  2. There must be some sort of DNS compromise on the end-user side, which also means successfully hacking into his/her router
  3. There must be some sort of Digital Certificate Store compromise on the end-user side, which also means successfully hacking into his machine with highly-elevated priviledges or saying, the user's machine password has been stolen

Points [2] and [3] relates to the statements from the attempt and I quote from the above post:

openquotes.png To reproduce the demonstration, you should change your own DNS settings and install an untrusted certificate closequotes.png

If I can do both those points sucessfully, to be honest, I already have control over what the user does on his machine, stealing his Infocard is probably of low priority at that point in time.

Then, the brains behind Cardspace, Kim Cameron, himself, wrote a comprehensive reply, which basically was a detailed answer to my brief thoughts above, to counter the students' attempt and should really put any doubts in anyone's mind to rest.

[Added 02 June 2008]: In this video on his blog, Kim demonstrates how YOU, the end-user, must FIRST POISON your own machine first before the attack can happen: http://www.identityblog.com/wp-content/images/2008/05/Students/Students.html

Some comments standout and I quote:

openquotes.png The demonstrator shows that if you are willing to compromise enough parts of your system using elevated access, you can render your system attackable. This aspect of the students’ attack is not noteworthy.

 closequotes.png

openquotes.png There is, however, one interesting aspect to their attack.  It doesn’t concern CardSpace, but rather the way intermittent web site behavior can be combined with DNS to confuse the browser.  The student’s paper proposes implementing a stronger “Same Origin Policy” to deal with this (and other) possible attacks.  I wish they had concentrated on this positive contribution rather than making claims that require suspension of disbelief. closequotes.png

openquotes.png However, the students propose equipping browsers with end user certificates so the browsers would be authenticated, rather than the sites they are visiting.  This represents a significant privacy problem in that a single tracking key would be used at all the sites the user visits.  It also doesn’t solve the problem of knowning whether I am at a “good” site or not.  The problem here is that if duped, I might provide an illegitimate site with information which seriously damages me.

 closequotes.png

While I know the ignorant media will find some ways to sensationalize this unworthy episode, especially when Microsoft is such a big target, this brings to mind a popular joke which I think can be used as an anology:

Q: How do you make 1 million dollars ?
A: Start with 2.

Saturday, May 31, 2008 8:45:51 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions

  •  Tuesday, April 29, 2008

    Gosh, I think I am in desparate need for some new empty bookshelves ...

       <-- Click this pic to see a higher resolution for even more details.

    ...and you havent even seen my other bookshelves containing my other interest, which I wont share for now ...

    Tuesday, April 29, 2008 11:08:53 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions

  •  Wednesday, April 16, 2008
    Wednesday, April 16, 2008 6:26:49 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions

  •  Tuesday, April 08, 2008

    One cannot run away from understanding infrastructure needs when one is pitching or designing software solutions in the enterprise (which I do a lot of) and it is sometimes strange (in a pleasant way) when the conversation goes like this:

    openquotes.png Please make sure you have failover expertise in your next meeting. I recommend getting Steve to proxy in for William, even though I dont think anyone can impersonate him. At least, I have been able to ascertain that Steven can mirror William quite well and will be able to backup William in the event of a failure closequotes.png

    Tuesday, April 08, 2008 7:22:57 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions

  •  Monday, February 25, 2008

    I remember back in 2005/2006 when I was still touring the APAC circuits such as Sydney (Australia) and Kuala Lumpur (Malaysia) doing training and consulting gigs for customers, partners about Windows Workflow Foundation (WF) and Windows Communication Foundation (WCF, previously - Indigo) and some of the initial Windows Workflow questions came up regarding the use of Parallel Activities. It came as a surprise to many people that parallel activities are not independently asynchronous.

    I explained that a WF instance gets only one instance from the runtime. There are reasons for this single-threaded execution model so each activity have to work with this single thread efficiently. There are ways to spin off differents thread when real parallelism activities are reqquired but because documentation was scare at that time, I had some trouble articulating how to do so.

    I just read "Multithreaded Parallelism in Windows Workflow Foundation" on MSDN and while it is a definite deep technical article, if you can grok it, you will understand how "MultiThreaded Parallelism" can be done in WF using both the (rather hard-to-use) "Call External Method Activity (CEMA)" and the "Handle External Event Activity (HEMA)". Not only that, the authors (whom actually implemented such a system for their own use) also shared how to pair those 2 activities up using correlation and how to create wrappers aoround them so that it can be reused and therefore "not require talented software developer use of call-external-method and handle-external-event activities along with the CLR thread-pool"

    A gem of a read.

    Monday, February 25, 2008 8:44:37 AM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions

  •  Sunday, February 17, 2008

    If you make your living installing, deploying, managing and operating Microsoft BizTalk Server 2006. I guarantee that you will be excited and be thankful for the availability of the BizTalk Server Operations Guide. So, what's in it ?

    openquotes.png Guidance based on real-world experience. The idea for the guide originated with Microsoft field representatives, partner organizations, and customers who plan, deploy, and maintain BizTalk Server installations. This group of IT professionals has accumulated extensive hands-on experience with a diverse range of BizTalk solutions. As they gained experience they created checklists, best practices, and presentations to guide future BizTalk Server operations. We collected and organized this information to create the guide.
    Key portions of this guide are new; however, a considerable portion consists of documentation taken from BizTalk Server 2006 R2 Help, white papers, Knowledge Base articles, and other sources. It has been carefully reviewed and vetted by experts from the community of BizTalk Server IT professionals and members of the product development team, whom we gratefully acknowledge at the end of this topic. We believe that the information presented here will help BizTalk Server users solve, and above all, avoid many of the common problems that can occur while deploying and maintaining a BizTalk Server installation.

    Enjoy.closequotes.png

    The BizTalk Server Operations guide is now available for download in DOCX, CHM, and PDF file formats.

    Saturday, February 16, 2008 10:25:50 PM (Malay Peninsula Standard Time, UTC+08:00)  #    Disclaimer 
  • Blog reactions