Profile

Cover photo
Matt Blaze
5,944 views
AboutPostsPhotosVideos+1's

Stream

Matt Blaze

Shared publicly  - 
 
NJ to allow voting by email on Tuesday for displaced residents.

Is this s a good idea?  Some thoughts here: http://www.crypto.com/blog/njvoting
2
1
Matt Thomas's profile photoSampo Syreeni's profile photoKevin W. Wall's profile photoGreg Norcie's profile photo
4 comments
 
Here's my take. Just don't be surprised if Guy Fawkes wins the NJ race as a write-in candidate.
Add a comment...

Matt Blaze

Shared publicly  - 
 
A recent NY Times piece, on the response to a "credible, specific and unconfirmed" threat of a terrorist plot against New York on the tenth anniversary of the September 11 attacks, includes this strikingly telling quote from an anonymous senior law enforcement official:

"It’s 9/11, baby,” one official said. “We have to have something to get spun up about.”

Indeed. But while it's easy to understand this remark as a bitingly candid assessment of the cynical and now reflexive fear mongering that we have allowed to become the most lasting and damaging legacy of Al Qaeda's mad war, I must also admit that there's another, equally true but much sadder, interpretation, at least for me.

We have to get spun up about something because the alternative is simply too painful. I can find essentially two viable emotional choices for tomorrow. One is to get ourselves "spun up" about a new threat, worry, take action, defend the homeland and otherwise occupy ourselves with the here and now. The other is quieter and simpler but far less palatable: to privately revisit the unspeakable horrors of that awful, awful, day, dislodging shallowly buried memories that emerge all too easily ten years later.

The relentless retrospective news coverage that (inevitably) is accompanying the upcoming anniversary has more than anything else reactivated the fading sense of overwhelming, escalating sadness I felt ten years ago. Sadness was ultimately the only available response, even for New Yorkers like me who lived only a few miles from the towers. It was in many ways the city's proudest moment, everyone wanting and trying to help, very little panic. But really, there wasn't nearly enough for all of us to do. Countless first responders and construction workers rushed without a thought to ground zero for a rescue that quickly became a recovery operation. Medical personnel reported to emergency rooms to treat wounded survivors who largely didn't exist. You couldn't even donate blood, the supply of volunteers overwhelming the small demand. (Working for AT&T at the time, I went to down to a midtown Manhattan switching office, hoping somehow to be able to help keep our phones working with most of the staff unable to get to work, but it was quickly clear I was only getting in the way of the people there who actually knew how do useful work.)

All most of us could really do that day and in the days that followed was bear witness to the horror of sensless death and try to comprehend the enormity of what was lost. Last words to loved ones, captured in voicemails from those who understood enough about what was happening to know that the would never see their families again. The impossible choice made by so many to jump rather than burn to death. The ubiquitous memorials to the dead, plastered in photocopied posters on walls everywhere around the city, created initially as desperate pleas for information on missing loved ones.

Rudy Giuliani, a New York mayor for whom I normally have little patience, found a deep truth that afternoon when he was asked how many were lost. He didn't know, he said, but he cautioned that it would be "more than any of us can bear".

I remember trying to get angry at the bastards who inflicted this on us, but it didn't really work. Whoever they were, I knew they must be, in the end, simply crazy, beyond the reach of any meaningful kind of retribution. Anger couldn't displace the helplessness and sadness.

Remember all this or get "spun up"? Easy, easy choice.


http://www.nytimes.com/2011/09/10/nyregion/biden-describes-bomb-threat-as-security-is-increased.html?hp=&pagewanted=all
8
2
Add a comment...

Matt Blaze

Shared publicly  - 
 
Everything else aside, the recent Wikileaks/Guardian fiasco (in which the passphrase for a widely-distributed encrypted file containing an unredacted database of Wikileaks cables ended up published in a book by a Guardian editor) nicely demonstrates an important cryptologic principle: the different security properties of keys used for authentication and those used for decryption.

Authentication keys, such as login passwords, become effectively useless once they are changed (unless they are re-used in other contexts). An attacker who learns an old authentication key would have to travel back in time to make any use of it. But old decryption keys, even after they have been changed, can remain as valuable as the secrets they once protected, forever. Old ciphertext can still be decrypted with the old keys, even if newer ciphertext can't.

And it appears that confusion between these two concepts is at the root of the leak here. Assuming the Guardian editor's narrative accurately describes his understanding of what was going on, he believed that the passphrase he had been given was a temporary password that would have already been rendered useless by the time his book would be published. But that's not what it was at all; it was a decryption key -- for a file whose ciphertext was widely available.

It might be tempting for us, as cryptographers and security engineers, to snicker at both Wikileaks and the Guardian for the sloppy practices that allowed this high-stakes mishap to have happened. But we should also note that confusion between the semantics of authentication and of confidentiality happens because these are, in fact, subtle concepts that are as poorly understood as they are intertwined, even among those who might now be laughing the hardest. The crypto literature is full of examples of protocol failures that have exactly this confusion at their root.

And it should also remind us that, again, cryptographic usability matters. Sometimes quite a bit.

A version of this post also appears at http://www.crypto.com/blog/wikileaking
20
9
Adam Fields's profile photo
 
A lot of online storage services seem to be moving towards multi-level keys, where the end-user key is only used to encrypt/decrypt the actual content encryption key which is never revealed.
Add a comment...

Matt Blaze

Shared publicly  - 
 
The centralized certificate authority model is bad enough, but the way it's implemented in browsers, where all blessed CAs are trusted equally for all purposes, is even worse.

When a trusted CA goes bad, you'll need to dig in to unfamiliar browser configuration territory to protect yourself.
Søren Ragsdale originally shared:
 
The web stays safe(r) due to SSL (web encryption). A certificate provider in the Netherlands messed up: they released a wildcard certificate for Google. Basically, anyone can impersonate Google now. Here's how to tell your browser not to trust the compromised certificate from OSX. There are other docs online for Windows and Linux.
5
1
Amy Rich's profile photoLynn Wheeler's profile photoChristopher K Davis's profile photo
3 comments
 
In addition to people's ability to protect themselves manually, we're spinning new versions of firefox, thunderbird, and seamonkey to revoke diginotar's root: http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/
Add a comment...

Matt Blaze

Shared publicly  - 
 
Depressing email of the day: out of the blue message from a radio engineer (or someone claiming to be a radio engineer, at least) ranting at me that users who can't figure out a crypto UI don't "deserve" security.

If that attitude is representative of the designers of P25 equipment, it explains a lot. Of course, we can't throw too many stones; indifference or hostility toward usability was surprisingly mainstream in computing not long ago.
4
Elizabeth Zwicky's profile photoC. Matthew Curtin's profile photoPaul Crowley's profile photoChristopher Browne's profile photo
10 comments
 
Gerry, I guess it's about what you do with the outcome of the blame game. If the deal is that those who aren't to blame don't have to work on making things better, then you're sunk. The trick is to arrange the game so it's not about who made the mistake, but what step in the process is vulnerable to errors and how to fix that step.

I think Matt and his coauthors did an important job identifying things that users could do to fix and work around UI problems. (Especially because in many tactical situations if the user has to look at the display in the first place the game is already lost.) Ultimately the engineers have responsibility for the product, but if they're not pathological they'll work with the users...

(My own human-factors understanding goes back to being a theater geek in college, where everyone labelled their wrenches "on" and "off" and didn't take anything heftier than a 6-inch crescent wrench into the flies, because that way even if you mistakenly thought you wanted to apply more force, you couldn't. Oh, and using jigsaws instead of circular saws because they can do less damage...)
Add a comment...

Matt Blaze

Shared publicly  - 
 
Went through security at the Philly federal office building today, loaded with electronic gear.

This triggered the most infuriatingly slow search of my bag I've ever experienced, involving taking batteries out of all my stuff and disconnecting every connector in order to poke fingers in every interface. (I imagine this was what crossing into the old Soviet union must have been like, assuming Soviet border guards were all given high doses of Thorazine). The line was empty when I arrived; I apologize to the 20 people who were waiting behind me when I was finally let in to the building.

But my shoes stayed on the whole time, and they let me keep my water.
5
1
James Lees's profile photoBriana Cavanaugh's profile photoP Tufts's profile photoRobert Hettinga's profile photo
16 comments
 
Mmm.... zombies!
Add a comment...

Matt Blaze

Shared publicly  - 
 
"Key Escrow from a Safe Distance: Looking back at the Clipper Chip"

Paper for my ACSAC '11 invited talk next month (a spooky subject, finished just in time for Halloween).

http://www.crypto.com/papers/escrow-acsac11.pdf
11
Lynn Wheeler's profile photoSteven Bellovin's profile photoCetin Kaya Koc's profile photoCarl A. Gunter's profile photo
8 comments
 
It appears that NSA moved on from key escrow as a way to learn the content of encrypted communications.
Add a comment...

Matt Blaze

Shared publicly  - 
 
Micah Sherr originally shared:
 
Old news, of course, but still very important to publicize periodically.
1
1
Matt Blaze's profile photoNigihayama Kohaku Nushi's profile photo
3 comments
 
thanks for the posting.
Add a comment...

Matt Blaze

Shared publicly  - 
 
I'd ask each presidential candidate one question: "What's the difference between a theory and a hypothesis?"
11
7
Gerry Blaze's profile photoPerry Metzger's profile photoBriana Cavanaugh's profile photoJeffrey Schiller's profile photo
19 comments
 
I've been thinking about this idea of what one quality/question/idea is critical to my idea of what's important in a leader (President should qualify here). What I keep coming back to is the ability to hear diverse opinions.

I've done all this work with consensus process and dialogic stuff, which means that I spend some large amount of time listening to people and some smaller amount of time wondering why the hell I listen to people. But I find that the people who have the most success in moving group process forward towards a set a shared values (and/or creating those shared values) are people who very highly value diverse opinions especially across communities and demographics and can get out of their own way. Most of the time they have a "diverse background" which means they have connected with lots of different kinds of people and places.

So science yes, of course. But also being able to listen to those "other" people and hear what value and see what they bring to the work/table/legislative disaster. Because as much as I want the world to be all about me, it's not. Mostly. (Except, of course, when I hijack threads weeks in the past for no damn good reason.)
Add a comment...

Matt Blaze

Shared publicly  - 
 
People are getting more and more fed up with parasitic scientific/academic publishers. This piece in the Guardian yesterday has a nice perspective (and generated quite a response): http://www.guardian.co.uk/commentisfree/2011/aug/29/academic-publishers-murdoch-socialist

I wrote about ACM and IEEE's loathsome, regressive copyright policies earlier this year: http://www.crypto.com/blog/copywrongs/
19
71
Steven Bellovin's profile photoSampo Syreeni's profile photoNaty Hoffman's profile photoDan Wallach's profile photo
13 comments
 
I fear that the Powers That Be in some of these organizations have attitudes similar to that of, say, the RIAA and the MPAA. Those two, of course, want a new criminal to be created -- felony interference with a business model -- and the ACM and IEEE haven't gone that far, at least as of yet. But the underlying problem is the same: an inability to accept that when the world has changed, organizations have to adapt or die. (Are there any mammals here? I think a digital asteroid has just crashed in to the information planet.)
Add a comment...

Matt Blaze

Shared publicly  - 
 
I blog about our P25 results, one-way cryptography, and Morris' "First Rule of Cryptanalysis" at http://www.crypto.com/blog/p25/
5
2
Gerry Blaze's profile photopaul mplr's profile photo
2 comments
 
This post is fantastic.
Add a comment...

Matt Blaze

Shared publicly  - 
 
Wiretapping and surveillance of electronic communication often plays a crucial role in many of the most important police and anti-terrorism investigations, as this article reminds us:

http://thelede.blogs.nytimes.com/2011/08/15/briton-arrested-for-plotting-water-fight-by-blackberry/?hp
2
1
Christopher Petrilli's profile photoRafi Rubin's profile photo
2 comments
 
Being such a small island with global warming looming, maybe they are just getting scared of water. Certainly seems like the police might be avoid water and resorting to drinking the magic kool aid.
Add a comment...
Story
Tagline
Scientist, safecracker.
Introduction
I'm the Matt Blaze who's a professor at U. Penn.

There are a couple other Matt Blazes out there, and I'm none of them.  In particular, I'm not the one who's a pro wrestler, or the one who's an adult film star.
Basic Information
Gender
Male
Other names
mab
Work
Occupation
Professor and Hacker
Matt Blaze's +1's are the things they like, agree with, or want to recommend.
GeoSat4Android
market.android.com

Astronomy app for calculation the apparent position of geostationary satellitesSmall astronomy app for calculation the apparent position of