DCPP

DCPP
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
DCPP Peter 01-24-2007
---> Re: DCPP Sebastian Gotts...01-24-2007
| | ---> Re: DCPP Sebastian Gotts...01-24-2007
| | `--> Re: DCPP Volker Birk01-25-2007
| ---> Re: DCPP Sebastian Gotts...01-25-2007
| | |--> Re: DCPP Volker Birk01-25-2007
| |--> Re: DCPP Volker Birk01-25-2007
| ---> Re: DCPP Sebastian Gotts...01-25-2007
| | ---> Re: DCPP Volker Birk01-25-2007
| | ---> Re: DCPP Sebastian Gotts...01-25-2007
| | ---> Re: DCPP Volker Birk01-25-2007
| | | `--> Re: DCPP Sebastian Gotts...01-25-2007
| | `--> Re: DCPP Frank Slootweg01-25-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| ---> Re: DCPP Frank Slootweg01-26-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| ---> Re: DCPP Frank Slootweg01-26-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| ---> Re: DCPP Frank Slootweg01-26-2007
| ---> Re: DCPP Sebastian Gotts...01-26-2007
| `--> Re: DCPP Frank Slootweg01-26-2007
|--> Re: DCPP Volker Birk01-25-2007
Posted by Frank Slootweg on January 26, 2007, 11:18 am
If you were  Registered and logged in, you could reply and use other advanced thread options
> Frank Slootweg wrote:
>
> > And *which* FM might that be? The FM which says how to disable
> > hibernation?
>
> F.e. TrueCrypt and PGP.
>
> > *Why* would the user (want to) read *that*?
>
> Because you simply can't use a highly complex program without at least
> knowing the basics? Sorry, but if the users lacks intent to read the FM,
> this is clearly his fault. As he deserves the resulting problems.

Yes, we are all quite well aware of your unrealistic expectations of
and opinions on users of commercial software.

> > Anyway, a product like DCPP is surely also, and probably mainly,
> > targeted for the laptop market, which is very likely to use the
> > hibernation feature. So blaming the user for using an essential feature
> > is rather silly.
>
> And now you're even talking nonsense. If the user doesn't intentionally
> goes to hibernate at the key creation *before* the hard drive gets
> initially encrypted, it's clearly his fault. After encryption, the
> hibernate file is placed inside the crypto container.

And the swap file *isn't* placed inside the crypto container?

> > For the swap case the PEBKAC, because the user allowed physical access
> > or/and Administrator rights,
>
> Even more bullshit. Swapping is done by the operating system as part of the
> normal modus operandi, and intentionally invoking is was just for the
> purpose of demonstration.

You missed the point. I'm not talking about your demonstration of the
exploit, but about the fact that a culprit has physical or programmatic
it access to the swap file, yet you don't blame the user for that.

> > but you don't say "PEBKAC", but instead blame the DCPP supplier.
>
> Of course, because it's something that's normally avoided by technical
> measures. And because it's not done by the user, but by the operating
> system following normal operation.
>
> And well, every competent cryptographic software programmer knows that, yet
> this super-big company fails to get even this simple thing right.
>
> > But for the hibernate case, you *do* say the PEBKAC. Why? Because you
> > can't see a way to blame the DCPP supplier? Other?
>
> I should blame you for wasting my time discussing with someone who doesn't
> even have a fu^W clue about the technological aspect he's discussing.

Yes, we are all aware of your superiority complex. It's becoming
rather a drag that you are always blaming others, but silently snip or
remain silent when people point out your misconceptions.

Posted by Sebastian Gottschalk on January 26, 2007, 12:38 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Frank Slootweg wrote:

>> Because you simply can't use a highly complex program without at least
>> knowing the basics? Sorry, but if the users lacks intent to read the FM,
>> this is clearly his fault. As he deserves the resulting problems.
>
> Yes, we are all quite well aware of your unrealistic expectations of
> and opinions on users of commercial software.

This is an expectation on sanity, not on users.

>> And now you're even talking nonsense. If the user doesn't intentionally
>> goes to hibernate at the key creation *before* the hard drive gets
>> initially encrypted, it's clearly his fault. After encryption, the
>> hibernate file is placed inside the crypto container.
>
> And the swap file *isn't* placed inside the crypto container?

Might be, but this might already have been too late.
BTW, you came up with that.

> You missed the point. I'm not talking about your demonstration of the
> exploit, but about the fact that a culprit has physical or programmatic
> it access to the swap file, yet you don't blame the user for that.

Physical access. Well, that's exactly what we want to protect against with
implementing this crypto.

Posted by Frank Slootweg on January 26, 2007, 1:50 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
> Frank Slootweg wrote:
>
> >> Because you simply can't use a highly complex program without at least
> >> knowing the basics? Sorry, but if the users lacks intent to read the FM,
> >> this is clearly his fault. As he deserves the resulting problems.
> >
> > Yes, we are all quite well aware of your unrealistic expectations of
> > and opinions on users of commercial software.
>
> This is an expectation on sanity, not on users.

But the 'sanity' of users. My point is that the expectation is
unrealistic, so it's kind of an insane expectation of "sanity"! :-)

> >> And now you're even talking nonsense. If the user doesn't intentionally
> >> goes to hibernate at the key creation *before* the hard drive gets
> >> initially encrypted, it's clearly his fault. After encryption, the
> >> hibernate file is placed inside the crypto container.
> >
> > And the swap file *isn't* placed inside the crypto container?
>
> Might be, but this might already have been too late.

But the same goes for the hibernate file. So you do expect the user to
wait pressing hibernate until the hibernate file is placed inside the
crypto container, but it's apparently fine if he doesn't wait (i.e.
leave the system physically unprotected or/and open to exploitation of
Administrator rights) until the swap file is placed inside the crypto
container. Don't you realize the inconsistency in such reasoning?

> BTW, you came up with that.

Huh? I came up with what?

> > You missed the point. I'm not talking about your demonstration of the
> > exploit, but about the fact that a culprit has physical or programmatic
> > it access to the swap file, yet you don't blame the user for that.
>
> Physical access. Well, that's exactly what we want to protect against with
> implementing this crypto.

So you do agree that the user is as much to blame for leaving the
system open to 'your' swap file exploit as he is for leaving it open to
'my' hibernate exploit? I.e. he either is to blame in *both* cases or in
*neither* case. That's all I'm pointing out.

Posted by Sebastian Gottschalk on January 26, 2007, 2:08 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Frank Slootweg wrote:

> But the 'sanity' of users. My point is that the expectation is
> unrealistic, so it's kind of an insane expectation of "sanity"! :-)

You may understand that the notion a reasonable user is an important
decision criteria on software design, as well as the stupid user is. We
should design our software that the most stupid user can't break, but also
that a reasonable user isn't bothered with "treat him stupid" stuff. Making
a software such even the most stupid user can use it well and productive is
not really possible, especially not for cryptographic software.
(Well, at least until we develop some reasonable AI. Don't expect this to
become real within the next 200 years.)

>>> And the swap file *isn't* placed inside the crypto container?
>>
>> Might be, but this might already have been too late.
>
> But the same goes for the hibernate file. So you do expect the user to
> wait pressing hibernate until the hibernate file is placed inside the
> crypto container, but it's apparently fine if he doesn't wait (i.e.
> leave the system physically unprotected or/and open to exploitation of
> Administrator rights) until the swap file is placed inside the crypto
> container. Don't you realize the inconsistency in such reasoning?

No, since it's not under the user's control when memory pages are swapped
or not. And, of course, because it's trivially avoidable by the software.

And it's written in the manual that you should not press hibernate until
the process is finished.

*Geez*, what do you want more?


>> BTW, you came up with that.
>
> Huh? I came up with what?

You came up with the question how one could address the issue after the
encryption has taken place. However, the discussion was about the time
before that happens, thus if there still is an unencrypted place where the
key from memory could end up.


>>> You missed the point. I'm not talking about your demonstration of the
>>> exploit, but about the fact that a culprit has physical or programmatic
>>> it access to the swap file, yet you don't blame the user for that.
>>
>> Physical access. Well, that's exactly what we want to protect against with
>> implementing this crypto.
>
> So you do agree that the user is as much to blame for leaving the
> system open to 'your' swap file exploit as he is for leaving it open to
> 'my' hibernate exploit?

No. The user generally can't avoid the memory swapping issue, even if he
wanted to. Your "hibernate" exploits involves the user doing something
intentionally wrong beside the given warnings.

Posted by Frank Slootweg on January 26, 2007, 5:01 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> Frank Slootweg wrote:
[deleted]

> >>> And the swap file *isn't* placed inside the crypto container?
> >>
> >> Might be, but this might already have been too late.
> >
> > But the same goes for the hibernate file. So you do expect the user to
> > wait pressing hibernate until the hibernate file is placed inside the
> > crypto container, but it's apparently fine if he doesn't wait (i.e.
> > leave the system physically unprotected or/and open to exploitation of
> > Administrator rights) until the swap file is placed inside the crypto
> > container. Don't you realize the inconsistency in such reasoning?
>
> No, since it's not under the user's control when memory pages are swapped
> or not. And, of course, because it's trivially avoidable by the software.

*My* point is, as I said, that for 'your' exploit to work, the
"culprit has [to have] physical or programmatic it [sic, sorry for that
typo, delete "it"] access to the swap file, yet you don't blame the user
for that.".

So you blame him for pressing the hibernate button, but not for
leaving his system open. Call me silly, but I call that inconsistent.

> And it's written in the manual that you should not press hibernate until
> the process is finished.

In the *DCPP* manual? This is the first time you say/imply that!
Before you referred to the manuals of *other* products (TrueCrypt and
PGP) when I asked about which FM the user was supposed to R and why.
(And I said "*Why* would the user (want to) read *that*?", i.e. why
would he read the manuals of *other* products when using DCPP?)

> *Geez*, what do you want more?

Some consistency in your arguments?

> >> BTW, you came up with that.
> >
> > Huh? I came up with what?
>
> You came up with the question how one could address the issue after the
> encryption has taken place.

I did no such thing. But let's drop this.

>                         However, the discussion was about the time
> before that happens, thus if there still is an unencrypted place where the
> key from memory could end up.
>
> >>> You missed the point. I'm not talking about your demonstration of the
> >>> exploit, but about the fact that a culprit has physical or programmatic
> >>> it access to the swap file, yet you don't blame the user for that.
> >>
> >> Physical access. Well, that's exactly what we want to protect against with
> >> implementing this crypto.
> >
> > So you do agree that the user is as much to blame for leaving the
> > system open to 'your' swap file exploit as he is for leaving it open to
> > 'my' hibernate exploit?
>
> No. The user generally can't avoid the memory swapping issue, even if he
> wanted to. Your "hibernate" exploits involves the user doing something
> intentionally wrong beside the given warnings.

See above. It's only "something intentionally wrong" if it's
specifically stated in the (relevant (installation?) part of the) *DCPP*
manual. If you say *that* is indeed the case, then I concede your point
and would appreciate a verifiable (web) reference.

Similar ThreadsPosted
DCPP user password?! September 16, 2007, 1:37 pm

The site map in XML format XML site map

Contact Us | Privacy Policy