Security Now 32
|Hosts: Leo Laporte and Steve Gibson|
Topic: Listener Feedback Q&A #5
Recorded: March 22, 2006
Published: March 23, 2006
Steve and Leo recap on symmetric stream ciphers and set Security Nows first puzzle. They then move onto questions and issues raised by the listeners.
News & Errata
- Steve reminds people the open VPN guide is on its way and he has not forgot about it.
- A listener reports the secret decoder ring discussed in the previous episode was first used by Julius Caesar.
Security Now Puzzle
Roger Cuthbert from the United Kingdom wrote in with this idea to get something from you to the recipient securely.
- You want to send a box securely to some
- You put your own padlock on it and send it to him
- He puts his padlock on and sends it back
- You take your padlock off and send it back to him
- He takes his padlock off and opens the box
Or in the context of computers:
- You encrypt your message using your one time pad and send it to him
- He encrypts it with his one time pad and sends it back to you
- You remove your encryption and send it back
- He removes his encryption and the plain text is revealed
Is this secure or is there something wrong with it?
Questions and Answers
Question: You talk about how 128 bit website encryption is secure but DRM is easy to crack so what's the difference between them?
Answer: You cant crack website encryption because no one in the middle has enough information to do it. For DRM the device in the middle knows how to decrypt it and you can reverse engineer it.
Question: Is there a security threat when you have wireless enabled on a laptop but don't use it?
Answer: Yes. There are two modes the Wifi card can work in infrastructure mode where you connect to an access point or Ad Hoc where two laptops communicate with each other. Windows XPs default mode is both so if wireless is enabled and Ad Hoc mode is on enabled then yes someone can hack your laptop.
Question: Gmail kept me log in even after I navigated away from the site why?
Answer: You didn't log out of Gmail and you have a session cookie which keeps you logged in unless you close the browser or click log out.
Question: Are there any issues with using PPTP (Point to Point Tunnelling Protocol.) Also Is it also okay to open the PPTP port, which is 1753 to a Windows computer, and set up the Windows computer to accept incoming connections for a VPN?
Answer: Thats a huge question, once you open a port there could be an exploit which is exploited. Also PPTP does not have strong authentication.
Question: If the limiting factor for cryptographic security is computing power, how about distributed processing such as SETI?
Answer: This cant be used to brute force a key due to the number of bits used in the key it would still be too time consuming. E.g.
If you could crack a 40 bit key in 40 seconds
It would take:
- 35 hours to crack a 56 bit key
- 1 year to crack a 64 bit key
- 10^14 years to crack a 112 bit key
- 10^19 years to crack a 128 bit key.
Question: My ISP, Cyberonic, recently switched backbones and issued new IP addresses to subscribers. The range of IPs I'm now in was recently in the 'bogon' address space, This is causing big issues with anything going upstream I've come to the conclusion the packets are being blocked somewhere en route. I'm not certain where to even start looking for solutions. Any ideas?
Answer: Routers are programmed to drop packets destined for bognous space e.g. 10.*.*.* and 192.*.*.* etc. You have an IP that used to be in this bogon space and it takes time for routers to be reprogrammed to know not to drop these packets.
Question: Is it safer to plug into a cable modem at a hotel than a hotel LAN?
Answer: It is potentially but you need to look more in depth at the setup to be certain
Question: Can I get a secure connection in a hotel if I bring my NAT router with me?
Answer: Not really as once it leaves your NAT router people can view it but you do get a good firewall.
Question: Would it help prevent ARP cache poisoning if computers just ignored responses that they didn't send?
Answer: Sort of but a bad guy could respond to a ARP request first before the real machine. The problem really is a lack of authentication.
Question: Microsoft Anti Spyware gave me an LSP warning when I installed USB drivers. What does this mean?
Answer: An LSP allows any software to insert itself as a shim in the networking traffic. Spyware uses this to intercept network traffic.
Question: I have an ISP that issues private IP addresses and I cant use bit torrent or dynamic DNS. Is there away around this?
Answer: No your hosed
Question: Can any machine be hacked ?
Answer: No but many systems are so complex there are possible exploits and you also need to consider attacks like social engineering.
- Recorded Date: March 22, 2006
- Release Date: March 23, 2006
- Duration: 00:54:47
- Log line:
- Edited by:
- Notes: NA