I already read the paper some days ago when it was first uploaded to the IACR pre-print archives. Yes, the paper is the one being referred to. It's a very interesting result, although not really impactful at the moment for things like game DRM.

The confusion arises from terminology. The technique applies (presently) to pure functions. You can write those functions in, for example, a subset of C because there exist compilers that transform such programs into boolean circuits, and circuit form is what they obfuscate. However it's rather rare to find examples of useful programs that are actually pure functions (compilers themselves being the most obvious one). Most programs have state, rather complex state at that.

Now there was also recently a paper that showed a way to build garbled circuits that had read/write access to a form of memory. If the two techniques can be combined then you're starting to see progress towards "real" obfuscation as used in industry.

EVE sounds like a great advert for never using Python for anything even remotely performance sensitive.

That's a nice theory. In practice what happens is one special interest or another does their own research that tries to demonstrate that something is harmful. Then they go lobby politicians who go "ooh err a study shows $X is harmful, maybe should ban it". Then the other side lobbies to try and undermine that study or convince the politicians not to go ahead. You can call this process the government proving something if you like, but that's not really correct.

To demonstrate this point, please find me a serious, government-sponsored cost/benefit analysis of anti-money laundering laws. I've yet to find one. Wikipedia's take. There are various attempts by academics and accountancy firms, but they are all hobbled by the fact that nobody can even measure how much money laundering takes place (heck even defining what it actually is, can prove troublesome).

Here's a statistic for you to chew on. The concept of money laundering was first invented by the USA in 1970, so about 40 years ago. It has been constantly ratched up since then. Yet in the last 20 years the street price of cocaine has more than halved (page 81, adjusted for inflation and changes in purity). In other words, despite the massive effort put into the war on drugs and all the effort put into AML, it hasn't been enough to even balance increased efficiency of the drug cartels. We can perhaps consider that the price would be even lower if it were not for AML. But that hardly seems to matter against a backdrop of such utter failure.

The court assumes that bad guys don't already have this knowledge. From decades of experience in IT security we can conclude with near certainty that they do.

Erm, no you can't. Your experience is obviously wrong if you conclude that.

Immobilisers are mandatory in the EU since 1998 because they had an absolutely massive effect on car theft. From el wiki:

Statistics in Australia show that 3 out of 4 vehicle thefts are older cars stolen for joyriding, transport or to commit another crime. Immobilisers are fitted to around 45% of all cars in Australia, but account for only 7% of those cars that are stolen. In many instances where a vehicle fitted with an immobiliser has been stolen, the thief had access to the original key. Only around 1 in 4 stolen vehicles are stolen by professional thieves. The majority of vehicles are stolen by opportunistic thieves relying on finding older vehicles that have ineffective security or none at all.

From this paper

Application of the security device reduced the rate of car theft by an estimated 70 percent in the Netherlands and 80 percent in England and Wales, within ten years
after the regulation went into eect. Based on micro-data on time to recovery of stolen cars for the Netherlands, we nd that the device had a greater impact on theft
for joyriding and temporary transportation than on theft for resale and car parts. The costs per prevented theft equal some 250 Euro for England and Wales and 1,000 Euro for the Netherlands; a fraction of the social benets of a prevented car theft

Obviously, in that timeframe not all immobilisers were secure, as we're now learning that some have exploits (also see the BMW recall). Yet car theft dropped a lot anyway. The only explanation is that "bad guys" (who come in all shapes and sizes) did not have that knowledge, the skills needed to be a car thief not often overlapping with the skills needed to break complex security electronics.

Technically the author of the study inferred it, I'm just reporting it ;)

Yeah, that's what I thought on reading the summary too. 30 years for wire fraud?

I read an interesting article in the Economist the other week. It suggested that countries where children are spanked tend to have populations that support harsher prison sentences.

People who as children experienced the “powerlessness” of frequent spankings report a disproportionately greater interest later in life to own guns, Mr Pfeiffer says. They also demand more draconian prison sentences, including the death penalty, for convicted criminals. And they seem more prone to violence themselves. In a study of 45,000 ninth-graders Mr Pfeiffer conducted in 2007-08, those kids who had been beaten by their parents were five times as likely to commit repeated crimes or to use cannabis, and missed school four times more frequently for ten days a year or more.

Scandinavian countries, in part inspired by the children’s books of Astrid Lindgren, the author of the popular Pippi Longstocking (pictured) series, were the first to make spanking illegal for teachers in the 1950s and 60s. Between 1979 und 1983, they also outlawed spanking by parents. Crime rates, gun ownership and prison populations have been falling since.

By contrast, spanking is still common in large parts of America, especially in the Evangelical milieus of Southern states. This is also where crime remains relatively high, gun ownership common, and incarceration excessive. (America’s incarceration rate is between eight to ten times that of northern European countries.)

Correlation does not imply causation and all that, but it's still an interesting theory as to why the US is so far out of step with the rest of the world on crime and punishment.

Common misconception - certificate authorities do not have private keys. Your private key never leaves your own computers. That's why the NSA would have to force companies to cough them up (or steal them).

Also, for normal SSL having the private key lets you passively eavesdrop and decrypt. For souped up SSL with forward secrecy it doesn't, it only lets you MITM the connections, which results in the server and client having a different view of things - that's detectable, whereas a leaked SSL key isn't.

Forward secret SSL is new, and not that easy to do. At the end of 2011 Google employees did the necessary upgrades to OpenSSL, but most other sites haven't deployed it (yet). Enabling forward secret SSL is the best and easiest step forward to beat the NSA/GCHQ right now, because if they HAVE obtained your private key, it forces them to start actively intercepting connections which is expensive and detectable.

Rumour by a conspiracy theorist? We know for a fact that there is a vast conspiracy at work here, because it was just blown open by Snowden. No "theorist" about it, call them conspiracy pragmatists instead.

Given what we know about SSL, the NSA and the FISA process, I'd say compromise of SSL keys is practically Occam's Razor by this point. The interesting rumours to me are the ones that imply they were somehow NOT able to get that data. Bear in mind, all it takes is one mole, or someone served with a "superwarrant+supergag" so they can't tell their management, and the keys are gone.

Perfect forward secrecy helps a lot here because stealing the keys doesn't let you decrypt the traffic, just do MITMs, and active MITM is a lot more detectable than standard SSL key compromise. But hardly anyone uses it (only Google).

But why should someone who creates something not be able to control how it's used? That seems pretty basic. It wouldn't exist at all if not for them.

See, the problem I have with copyright reformers is that copyright is a quite well thought out piece of law (relative to most, anyway). It gives people who create things an optional tool that they don't have to use. It allows everything from Hollywood movies to open source software. If someone felt their work was best given away for free, they could certainly do that, or they could use a creative commons style license and many people do.

Now the situation we have is that a whole generation of people doesn't have any respect for other peoples work. They feel they deserve free movies, music and software because "zomg industry!!!" (reality check - the content industries are quite small relative to others, like the tech or energy industries). They feel that people who create things should have fewer options than today, less freedom to decide how their work is used, because gosh isn't it annoying and inconvenient when you want something and can't afford it?

Much though I dislike the way the US government puts political pressure on other countries, Finland does not, last time I checked, have an equivalent to Hollywood. Probably its people would benefit if the government just shrugged and said, well, we don't create much relative to other people so why bother enforcing their copyrights? Might as well take what we can for free! Party time!!

The problem is if everyone does that, you kill the goose that laid the golden egg. The idea that nobody who creates movies or writes software cares about money is naive and childish. People do create less when they are unable to earn an income doing so.

By "encrypted" they almost certainly mean, "credit card data is encrypted with a key that may or may not have been compromised as well" and "passwords were hashed". Password hashing doesn't achieve very much these days unless your password is unusually strong.

I don't believe Dalvik does any kind of escape analysis. It might be something they could put into dexopt and do ahead of time (at install time not runtime).

FYI stack allocation (the optimisation you refer to) is implemented in the JVM for some time already. It is capable of eliminating large numbers of allocations entirely on hot paths. Of course, there is a lot of memory overhead to all of this - the JVM has to do an escape analysis and it has to keep around bookkeeping data to let it unoptimize things.

For some reason they call this optimisation scalar replacement. I'm not sure why. In theory this can help close the gap a lot, because a big part of the reason GC is seen as slow is just because the languages that use it put so much pressure on the heap due to their library and language designs encouraging tons of tiny objects. If you can put them onto the stack then things can get much faster. I use some pretty large and complicated Java apps these days (like IntelliJ) and they seem to perform well, so perhaps things like this have turned the tide somewhat.

Programmers intent on using all of the resources available, and performing intensive tasks, should think about means other than garbage collection.

This debate is as old as the hills. I'll just point out that it's not so much that GC is terrible, so much as it's indelibly associated with managed languages that either are Java or use very Java-inspired designs (like C#) in which objects and heap allocation is treated as being nearly free.

To prove my point, I cite Unreal Engine, a serious piece of code with very tight performance constraints. It's capable of hitting high, smooth frame rates, and it uses a garbage collected heap for the core game state (lots of objects with lots of pointers between them). (reference).

None of these things are free, exactly, but if you understand their costs you can still benefit. I think one of the reasons GC has a bad name is that so much code is written in languages like Java or JavaScript by people who, for instance, don't know the difference between a heap and a stack, or were simply never taught how GC works, so they tend to see allocations as free and use as many of them as they want. Older languages like C++ are used by older, more experienced developers who naturally consider the costs of things as they go, and have a bias towards more complex error-prone code that is tighter.

The whole fiasco is enabled by the fact that the NSA does have (secret) court orders from a (secret) court, and the regular courts won't hear cases because of state secrecy. I don't see any reason to believe DDG would have any more luck than Google or Yahoo did.

Well that's convincing - not!

Has this dude been living in a cave for the past month? We've just had a non-stop series of revelations about how governments (not just in the USA) routinely ignore their own laws or secretly redefine them into meaninglessness, in order to engage in dragnet surveillance. And his answer is "such a request would be unconstitutional". Yes, it would. It was unconstitutional for all the other search engines too. So what? That obviously doesn't matter.

DDG is just a scam in so many ways. The entire site is basically a proxy for Bing. If Bing were to cut them off they'd have no search engine anymore. If Bing were to say "you pass through data on people or we cut you off", they'd either have to give up on their privacy guarantees or shut down completely. It's a completely self defeating business model, if they get popular they won't be able to sustain the reasons for it anymore.

The fact that he thinks there's a difference between Amazon and Verizon with regards to NSA cooperation is especially amusing.