J’étais au centre ville aujourd’hui et j’avais affaire pas très loin. Au lieu d’utiliser le métro, j’ai loué un Bixi, vélo en libre service. J’ai été surpris de constater que les codes Bixi ne comporte que 3 chiffres, sur 5 caractères, soit 3^5=243 codes possibles.
Billet bixi portant le code 21213
Ça semble bien peu, mais si les codes ne sont utilisables qu’au point de service où ils sont émis, et pour une durée limitée, avec peut-être une détection d’attaque en force brute, on devrais pouvoir dormir tranquille…
Je me suis rappellé une attaque mathémaitque sur des codes de ce genre. Avec une location de 24 heures à 5$, on peut prendre et remettre le vélo plusieurs fois, histoire de tester la théorie… Bonne nouvelle, Bixi n’est pas vulnérable. Mais j’écris quand même la démarche, c’est trop rare qu’on a l’occasion d’utiliser des math pour (tenter de) contourner les règles d’un système.
(Continued)
I updated my Notifu utility to use the new IUserNotification2 interface introduced in Vista. It allows to detect a left or right click on the icon in the system notification area. If you run Windows XP, behaviour is unchanged.
On Vista, you can also revert to the old interface by adding the /xp switch.
I am also investigating a timeout problem. In short, the timeout is not honoured if the user is doing something. A system default is used. On my Windows XP SP2 and Vista Business SP1, it is 10 seconds. Some users report shorter times than that (3 seconds).
You can download it here.
Tuesday, February 24, 2009
I am still amazed by the popularity of my replacement Gina (it allows any user to unlock). Most users are quite happy using it with Windows XP and Server 2003, but I do get the occasionnal request for a Vista port. I am looking forward to doing it, but there are important desing changes that I must work with. I think I found a way to have a single source solution Gina and Credential Provider, with a clean architecture on any Windows version.
(Continued)
From time to time, I come across an application whose designers need – or think they need – a CAPTCHA. I stay convinced that CAPTCHA are to be avoided. This post just goes to show the effect of segmentation on optical character recognition (OCR).
If you read about artificial intelligence and character recognition, you will hear that there are references to segmentation. In short, segmentation is separating the letters from each other, before trying to guess what letters are there.
Segmentation is the “hard” part in solving a text based CAPTCHA, background noise and colors are the easy part. As a rule of thumb, if the letters of your CAPTCHA do not touch each other, your CAPTCHA is weak.
Here is an example. With a stock build of ocrad, I have tried to get the text from the same image, with one or two lines over the text.
 |
|
|
$ ocrad -v banane.pbm
processing file ‘banane.pbm’
file type is P4
file size is 175w x 66h
number of text blocks = 1
BANANE
|
$ ocrad -v banane-1.pbm
processing file ‘banane-1.pbm’
file type is P4
file size is 175w x 66h
number of text blocks = 1
_ANE
|
$ ocrad -v banane-2.pbm
processing file `banane-2.pbm’
file type is P4
file size is 175w x 66h
number of text blocks = 1
|
The text goes from 100% to 0% percent recognition just by adding two lines ! The word BANANE, then _ANE and after that … nothing !
This CAPTCHA is by no means robust, and I stay convinced that all forms of CAPTCHA are to be avoided. This example just goes to show the effect of segmentation on optical character recognition (OCR).
After all, artificial intelligence is a field of expertise you can spend your life learning. Just like cryptography, it should not be done by amateurs. But unlike cryptography, an AI challenge has no key. Microsoft and Google’s CAPTCHA have been broken. Your CAPTCHA will be broken too, it someones takes a shot at it. It is a matter of time, and there is a shorter way than brute force.
If you think you must put a CAPTCHA, start thinking about plan B right away… Using an image based CAPTCHA is not good either (post in French).
Je suis tombé sur cette implémentation d’un CAPTCHA.
Je déteste les CAPTCHA. C’est comme de la mauvaise crypto.
Fondamentalement, le CAPTCHA ne fonctionne pas. La tâche d’analyse (le test de Turing) est complexe juste parce que personne ne s’est encore donné la peine d’écrire le code pour réussir. C’est aussi vrai pour la crypto classique, mais ces mathématiques sont soumises à des études formelles et continues. On sait à quoi s’en tenir : avec de la bonne crypto, on déplace le problème ailleurs (la gestion de clé, souvent). En intelligence artificielle, la segmentation est difficile, mais l’ordre de grandeur d’effort est à la portée des botnets actuels.
(Continued)
Le Parti Québecois à répondu au président Sarkozy. Je retiens surtout ce passage :
Il est vrai, Monsieur le Président, que les Québécois ne seront pas appelés à revoter sur cette question dans l’avenir immédiat. Cependant, puisque rien de fondamental n’est résolu dans les rapports Québec-Canada, il n’est pas impossible que cela survienne pendant que vous présidez aux destinées de la France. Il n’est pas impossible que la démocratie québécoise ait besoin de l’appui de tous ses amis, de tous ses frères.
Le problème est surtout là. Les “querelles épuisantes” sont fondées sur des coups de force. De l’acte d’union au rapatriement de la constitution, les ententes ont toujours été imposées, politiquement ou par la force des armes selon l’époque. Loco Locass emprunte les mots de Pierre Falardeau dans la chanson Résistance pour résumer ce point.
Je ne sais plus si l’idée de souveraineté du MSA/PQ est encore la solution. Une fédération d’états peut-être ? Mais cette solution ne sera pas de simplement rentrer de rang, niant notre différence au lieu de la célébrer, sous prétexte qu’on a oublié les sources du malaise. Je m’en souviens.
–
Guillaume
Thursday, November 13, 2008
Like many of you, I had a drive that showed up in the “Safely remove hardware” tray icon, and was unable to remove it.
The trick is to subtract 4 from the Capabilities in the registry. Not easy, but it can be done. The only thing is that it keeps coming back after every boot ! And it looks like the value cannot be edited under Vista. Here is how to fix it for good.
(Continued)
Thursday, November 6, 2008
I have a been a
TrueCrypt user since version 4.0. I used to have an half-baked solution of TrueCrypt, EFS with SYSKEY option 2 (password). When full disk encryption was introduced, I finally got a laptop encryption scheme that I like. It features :
- Strong cryptography
Thank TrueCrypt for 256 bits AES in XTS mode. I think 256 bits is overkill, but 128 is not offered. I don’t see any performance hit on my modest, stock Fujitsu E8210 laptop.
- Need to know (reduced data exposure)
Data is not available in clear text when I don’t need it. In other words, when I work, I have my files, when I play they stay encrypted
- Easy encrypted backup
My backups are merely a copy to a file server.
- Single sign-on to any encrypted volume
The pre-boot authentication password (or pass phrase, your call) is the only one you’ll ever have to enter, and yet, that password is never stored anywhere. Not even in encrypted memory. It’s only in your head.
- Supports encrypted USB drive
USB drives get the same single sign-on, need to know and backup features. Doesn’t matter wheter you use file based or whole volume, although using a file based container allows you to store regular data on any computer, instead of carrying to drives.
- Platform independent
Works on all platforms that TrueCrypt supports
All that out of the box. Well… actually there is no box, it is all open source !
Tuesday, September 23, 2008
I just put online version 1.4 of my replacement Gina ! Thanks to everyone who gave me a break while I was spending more time house shopping, buying and renovating. This release is very good, thanks to everybody who wrote me about problems they were facing… Here is what’s new :
- Fixed a bug where registry keys and groups had to be present to work.
- Fail safe behaviour reverts to normal MSGINA.dll if anything goes wrong
- Better detection of the user logged in coming back to unlock
- Registered as a logon process (Paralint shows in the Event log instead of Winlogon)
- Added an option to generate a debug output (off by default, see Sample.reg)
- Corrections and clarification in the documentation
- Automated build, test and release scripts
Next up ? I am not sure. I am thinking about a self-service application, like a companion product, and when I get that to work, find a way to integrate that concept with Aucun. Something like after N bad logon, you are redirected to the self service application.
Enjoy !
Thursday, August 21, 2008
I left a terrible bug in version 1.3 of my replacement Gina. I didn’t want to miss any test case this time, so I wrote a batch file that tests every one of them. That batch file adds a user to a group and a group to the registry. There are two possible groups in the registry, and the user can be a member of either two groups, making 2^(2+2) possibilities, 16 use cases.
After a few lines in, I realized that I would be less work to order the tests in a way that would minimize the change to the configuration between any two tests. In other words, when a n+1 test case required a change to the registry, then the user group membership should not change, and vice-versa. That would also make it easy to investigate a failed test, because only one thing would change between any two tests.
Then it hit me.
Well actually, I had to stop and think for a while. Kind of like my mind restoring a dusty old tape archive… I remembered that mathematician Richard Hamming had a code for that. It’s a numbering scheme where only 1 bit changes between any two numbers. The number of bits that change is the Hamming distance between two numbers. Using four information bits to represent each possible use case, I came up with the following table. The first two rows (MSB, in blue) are user membership to a group, and the two last rows (LSB, in green) is the presence of that group in the registry. Ordering my tests that way gave me a constant Hamming distance of 1.
| Decimal value |
0 |
1 |
3 |
2 |
6 |
7 |
5 |
4 |
12 |
13 |
15 |
14 |
10 |
11 |
9 |
8 |
| Unlock |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
0 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
| Logoff |
0 |
0 |
0 |
0 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
1 |
0 |
0 |
0 |
0 |
| Unlock |
0 |
0 |
1 |
1 |
1 |
1 |
0 |
0 |
0 |
0 |
1 |
1 |
1 |
1 |
0 |
0 |
| Logoff |
0 |
1 |
1 |
0 |
0 |
1 |
1 |
0 |
0 |
1 |
1 |
0 |
0 |
1 |
1 |
0 |
| Expected test result |
Gina |
Gina |
Gina |
Gina |
Gina |
Force logoff |
Force logoff |
Gina |
Gina |
Force logoff |
Unlock |
Unlock |
Unlock |
Unlock |
Gina |
Gina |
The only drawback to this is that all the typing I saved writing my test batch file, I wasted on this blog post !
