[cryptography] Preserve us from poorly described/implemented crypto

Marsh Ray marsh at extendedsubset.com
Tue Jun 7 15:25:24 EDT 2011

On 06/07/2011 02:01 PM, J.A. Terranson wrote:
> On Tue, 7 Jun 2011, Nico Williams wrote:
>> I'd like keyboards with counter-measures (emanation of noise clicks)
>> or shielding to be on the market, and built-in for laptops.
> Remember how well the original IBM PC "clicky keyboard" went over (I think
> I'm the only person in the US who actually liked it> - veryone gave me
> theirs after "upgrading to the newer lightweight and silent ones):

IBM was a typewriter company for most of the 20th century and 
consequently had a lot of research invested in the keyboards. Those of 
us who used other IBM keyboards before the PC saw it as a lighter-weight 
version of the mainframe terminal keyboards.

I liked it. Years later I found a place to buy a similar "bucking 
spring" model online and did, but it didn't last very long.

> the
> user experience will always end up with a back seat when it's time to do
> the actual work in front of the screen.

I dunno. Seems like more often than not these days it's security taking 
a back seat to the user experience.

For example, Mozilla is removing the status bar and the SSL lock icon 
along with it. A perfect opportunity for a phishing site to paint one of 
their own. Now they're talking about removing the address bar too.

With every pixel valuable on mobile displays, browsers want to dedicate 
the whole frame to the page itself. Consequently, there is no chrome 
with which to communicate security information out-of-band, i.e., not 
under the control of the web page.

> I haven't done a lot of serious work there, but I did look once at an LG
> Optimus V out of idle curiosity: I don't think it would be very difficult
> to map many of it's leaky signals.  Same for all smartphones in general.

What would be interesting would be to substitute an image on the page 
with a one that flickered at a known rate. Then maybe try one that 
flickered at a rate determined by idle CPU capacity or other side 
channels. It'd be interesting to see what kind of data rate you could 
obtain for exfiltration.

- Marsh

More information about the cryptography mailing list