geekwisdom's blog

Misplaced Trust or Lack of Education?

The headline reads, "Professor charged with stealing students' IDs." At first glance this appears to be a case of misplaced trust. The professor asks his students to sign into his class by signing their name and placing their social security numbers on the sign-in sheet. The professor then uses the information to open up a bunch of department store credit cards. I submit that this incident happened because students don't know what their social security number is supposed to be used for and the federal government has not done enough to discourage the use of the SSN for non-social security matters.

This whole thing raises some questions. Does the organization--the community college in this case--even know what the SSN is supposed to be used for? What is the student to think? How does the student know whether it's safe to provide the information or not? What could the students have been told in advance that would have prevented this situation? Who should have told them; the college, their high school, their parents, the governemt, who? What is the SSN supposed to be used for anyway?

Attack of the SSN and DOB

Altered Grades Lead to Student’s Arrest, reads the headline. Upon further reading it is clear to me that naivete in system design combined with unscrupulous behavior are to blame. I am so sick of hearing about systems that have been access by people impersonating authorized users. Many times these systems are protected by passwords and the hole that makes them vulnerable is the utility for resetting the password when a user forgets it.

How can an administrator say, "...illegal access to the computer grading system was not the result of a deficiency or flaw in the program." Of course there was a flaw! The flaw exists in the logic that lead to the procedure to reset a user's password using their Social Security Number and Date of Birth. Two elements of data that are trivial to obtain and never designed to be secret!

Insecurity of Signature Images on the Web

Someone recently asked about the security of a signature image on their web page. They wondered if they should remove it or if there was some way to keep it from being downloaded or spidered and cached by search engines. While I can understand the desire to give that personal touch to a web page I wouldn't publish an image of my signature. That being said, here's some analysis.

I assume we all agree that there is no reliable way to keep a publicly viewable web image of anything, including a signature from being viewed, downloaded, cached, reused, etc. If you disagree, consider that you're not trying to hide it from search engines. You're trying to hide it from people, unscrupulous people specifically. How can you make it public while at the same time hide it from people with questionable intentions? My web-enabled mind reading system is not finished yet, is yours?

Death to the Secret Question

In The curse of the secret question, an article by Bruce Schneier, he explains why security questions are so inadequate. Schneier and I share the view that the security question is, essentially, a second password which serves as an alternate login mechanism. Since most people answer these questions truthfully the accounts that these questions are supposed to protect are only as safe as the answers provided.

Email is insecure but it doesn't have to be

Perhaps you've heard that e-mail is insecure. Do you know why it is considered insecure? Do you know how to secure your e-mail?

Many of the protocols involved with the sending and receiving of e-mail are not considered secure protocols, in the sense that they are vulnerable to eavesdropping. For instance, Simple Mail Transport Protocol (SMTP), the protocol used to route e-mail around the Internet, is typically implemented without any type of transport encryption. This means that unencrypted e-mail messages are viewable to anyone with the tools to eavesdrop on the network connections between mail servers. Post Office Protocol (POP) and Internet Message Access Protocol (IMAP), when implemented without transport encryption, suffer from the same eavesdropping problems as SMTP. Even when SMTP is implemented with transport encryption it does not, by default, require the authentication of e-mail message senders, therefore mail servers cannot be sure that the senders of messages are really who they claim to be. Even though POP and IMAP require users to authenticate themselves, messages are sent and delivered using SMTP. The result is a situation where the recipient of an e-mail message can be positively identified but the sender cannot.

Pages