djm's scribble

This is just a quick note to state that the recently reported SSL/TLS MITM attack does not affect SSH. Like SSL/TLS, SSH supports key and parameter renegotiation, but it is not vulnerable because a session identifier is carried over from the first key exchange into all subsequent key exchanges.

Technical details:

In SSL, key exchanges and subsequent renegotiations are completely independent. This allows an attack as follows: a MITM intercepts a connection from a real client. It then connects to the target server itself and negotiates a SSL/TLS connection. The MITM may then inject some data of its choice (say, the start of a HTTP request) before it initiates a regenotiation with the server and proxies the real client’s negotiation to the server. The real client thinks it is negotiating for the first time, but the real server thinks the client is renegotiating. Once the negotiation is complete, thereal client and server continue the connection (proxied via the MITM) oblivious to the fact that the MITM has injected data.

In SSH, the first key exchange generates a “session identifier” in addition to a key. This session identifier is used in the derivation of all future cipher and MAC keys (RFC4253 section 7.2). If an attacker tried the proxy and renegotiate SSL attack on SSH, the real client’s session ID would not match that generated by the server, causing the derived keys to be different. The connection would terminate with a MAC error as soon as the first data was exchanged.

I don’t know why SSL/TLS missed adding the binding between the initial and subsequent negotiations; crypto is hard, let’s go shopping!

I have just switched from Firefox to Chrome as my default browser on my Linux workstation and, wow. Chrome feels much faster than FF3.5 and despite it still being a beta has been very stable. It has actually been more stable than FF: evil stupid necessary Flash actually works now, where it was totally flaky on FF and would require frequent browser restarts to recover from the plugin crashing. The only things that I really miss are replacements for Flashblock, LiveHTTPHeaders and some nice way to quickly switch proxies. Oh, and if anyone is listening, an OpenBSD port would be great too.

Disclosure: I work for Google, but I don’t speak for them.

If you are not Australian, don’t use the Internet or are living under a rock, you may not be aware that the Australian Federal Government has plans to implement mandatory Internet censorship, ostensibly to block child pornography. Needless to say, I believe this to be a terrible idea for a number of reasons which I spelled out in a letter I sent to my local Member of Parliment, Kelvin Thompson:

Dear Mr. Thompson,

I am writing to express my concern at the government’s proposals for mandatory Internet censorship. As an Internet security professional of 10 years experience, I know that the proposed scheme cannot fulfil its stated goals but has the potential to do a great amount of harm in the process. The technology required to perform this filtering simply does not exist - the incomplete solutions that do exist will degrade Internet speeds, will fail to block some child pornography, will misclassify harmless pages as child pornography, will make the Internet less reliable and will cost an exorbitant amount of money.

Furthermore, it would be possible to trivially circumvent any system that has a hope of being implemented in Australia. The price of building a circumvention-proof censorship system would be breaking many legitimate uses of the Internet that individuals and businesses rely upon daily. Even the so-called “Great Firewall of China” does not go that far. People seeking paedophillic content will therefore be able to find it, despite the mandatory filtering.

Any filtering approach is doomed to be incomplete. Therefore, as a parent, I would not be able to rely on such a system to keep paedophillic material from my child (nor would I). As a crutch to absolve parents of their supervisory responsibilities, the proposed system fails here too.

Finally, as someone who cares about our fragile civil liberties, I am deeply concerned that such a system would rapidly grow in scope beyond its original remit of blocking purely illegal material. Already there are calls to block legal material that some senators simply find objectionable. In the future, these calls and the political temptation to yield to them will only grow stronger. It does not take great leaps of cynicism to see how such a system could be abused once it is in place.

Hopefully I have made a convincing argument against mandatory Internet censorship. If you are interested in further discussion on any of the technical issues relating to this subject then I am happy to assist. Thank you again for your time.

Kind regards,

Damien Miller

If you feel the same way, I suggest that you email your local member to inform them of your concerns as soon as possible.

I am probably several years behind the curve in discovering this, but this Electronic Music Guide is excellent and hilarious. It isn’t perfect - it seems to skip some sub-genres, especially in the various regional interpretations of techno that proliferated from 1989-1992 (New York techno being wildly different to UK or Belgian, for example.)

via Parisa.

Auto-escaping has been implemented in the Google CTemplate templating system and is coming soon for Clearsilver. Go check it out!

My son has been the primary object of my attention; I figure that if I can photograph a writhing two year old who usually likes to run when he spots a camera then I will be able to photograph pretty much anything…

Some time ago I wrote about the US Department of Homeland Security’s crazy plan to gather science fiction authors to think of crazier “security threats”. Apparently this gathering has happened, and the results are far more comedic that I could have possibly imagined:

The 45-minute panel discussion quickly deteriorated as federal, local and state homeland security officials, and at least one congressional aid, attempted to ask questions, which were largely ignored.

Instead the writers used their time to pontificate on a variety of tangentially related topics, including their past roles advising the government, predictions in their stories that have come to pass, the demise of the paperback book market, and low-cost launch into space.

…

David Brin, keeping on the topic of empowering citizens with mobile phone technology, delivered a self-described ‘rant’ on the lack of funds being spent to support citizen reservists to back up the military, homeland security officials and first responders in times of crisis.

“It is impossible for you to succeed without us!” he shouted at the assembled officials, while banging his fist on the table and at one point jumping off his chair to wave a mobile phone in their faces.

There is more in the article - you just can’t make comedy this good up…

Here are two great social psych articles from a couple of New York publications: Learning to Lie (Po Bronson, New York Magazine), and Taking Play Seriously (Robin Marantz Henig, New York Times). These confirm my status as Neurotic Parent :)

I’m sorry for not updating my weblog for so long. Between the demands of work, a very active and playful son and a persistent illness, I just haven’t had the time or much that I’d considered to be of wide interest to say.

This changed yesterday as I watched an incredible thing: our government apologising to indigenous Australians who had been forcibly removed from their families, a result of government policy over the course of seven decades. This apology has been a long time in coming; it was stubbornly blocked by the previous conservative government and vigorously used as a token in the sad culture wars that have held this country over the last two decades. That conservative government is no more, and with the departure of its bitterly ideological leader, a good proportion of their resistance disappeared too.

I, probably to my shame, don’t have any deep knowledge or interest of what transpired during this chapter of my nation’s history and, having been born around the time the practice was concluded, certainly do not feel any personal guilt for what was done. In spite of this, I strongly supported an apology. Other than the most strident right-wing culture warriors, everyone (even the previous Prime Minister) agreed that what was done was wrong - the resistance to apologise was justified with two arguments: that apologising would traduce those who acted with good intentions to (in their view) improve the lives of indigenous children, and that the current generation should not bear guilt for actions carried out by previous generations.

I have always considered these arguments to be trivially flawed. To the first, the apology is for the government’s actions and policies. These were clearly shame-worthy, having been motivated by some awful views of race and the desired destiny of indigenous Australians. The actions, motivations and guilt of the people involved in the removal and subsequent care of the affected children are a separate matter, for those individuals’ consciences alone.

The second argument fails to convince too: it is not the current generation who are apologising, rather the instrumentality of government itself. The same instrumentality with the same broad constitution, that presided over the offending policies is what continues to exist today and it is appropriate that it apologises for its own past mistakes.

The apology itself was excellent. I can’t recall having ever being touched by a speech made in the House of Representatives before, but this one certainly did between its recitation of the personal story of Nanna Fejo’s removal, and the brutally confronting quotation of the racist doctrine underpinning the policies that enabled it. Prime Minister Rudd went further than I dared hope, producing an appropriate and great speech for a historic occasion.

Not so the reply. The beginning of Dr. Nelson’s reply was also touching and I recall my shock at thinking that he’d actually brought his party to the table and was making a sincere apology. Sadly, it didn’t last very long - only ten or so pauses before he started drawing irrelevant and inappropriate equivalences between the settler and indigenous experience.

Dr. Nelson, in one of those excellent opening paragraphs, admonished us to “place ourselves in the shoes of others, imbued with the imaginative capacity to see this issue through their eyes with decency and respect.” I don’t have to step far; as a father, I could imagine no greater pain than having my son forcibly removed from me. To tacitly suggest that such pain was justified by some aspirational struggle towards nationhood is offensive and not supported by any fact of which I am aware.

His speech could only be described as schiziod. Divided between his clear personal sympathy for the apology, and the need to pander to the atavists in the party who put installed him as their leader (it being widely believed that the other contender for the leadership was rejected because of his support for the apology). The result is that the could delay and slightly mar the occasion, but not stop it - a lesson for social conservatives everywhere.

I only hope that Prime Minister Rudd’s gesture of bipartisanship is genuine and not political, and this becomes one of those rare critical points where the circumstances are right for a real change in the lives of our indigenous citizens. It is sorely overdue.