Comment Re:stuxnet vs CA vs hashstamp (Score 1) 91
deskpane build 250 hashstamp appended
By hashstamp, I mean that you post the hash of whatever, and the post is datestamped and can't be edited or deleted, although it would be nice to have a "flag", indicating that someone has paid X dollars to claim that their password was stolen and so the hashstamp is possibly invalid, or even that such a challenge has been validated.
To automate this, a filename such as e.g. deskPane_w.....zip MUST begin with a dot-com name fby underscore. A hashstamp-server might send mail to hashmaster@deskpane.com to verify stuff. The first thing you would do, is say post the hash of your self-portrait, in case your ownership is challenged. "No edit, no delete" is thus powerful, no one can ever get rid of that hash, so this would be a great ritual for setting up a new domain.
*COMPARE* this to the stuxnet thing. With hashstamping the server could obviously notify the hashmaster when new hashes are posted. Even assuming the notification got lost, for important companies they COULD just view the hashstamp-journal, to verify that no-one-else has been sneaking in bogus hashstamps. With stuxnet, a copy of the certificate was SILENTLY stolen, so those files could be signed, and the true owner of the certificate has no way of knowing this is happening.
From this perspective, the advantage of certification is that it saves on communication costs. But today we can EASILY afford a server-query, each time we install a program. The use of certificates is thus viewed as a dinosaur from the dial-up-days, when hashstamp-server-queries might have been too costly. But today, this advantage of total visibility seems decisive, at least to moi, owner of www.hashstamp.com.
Anyway knowing of no such hashstamp server, for today I just append the hashstamp of my release-candidate-build, this one might ship. I was so dissapointed when slashdot allowed editing of user journals, now to get the no-edit/no-delete I have no choice but to comment in some security-discussion.
file C:\zzzz\zzzzWcDemo\deskPane_win32_win64_2011_APR_24_00250.zip nbytes 0x62868B 6456971 CRC32 28e1ac5e MD5 87c595fe508de6eea992274de3e4a651 SHA-1 9d4225e0d60e732306880cef6d61a11ad933679d SHA-256 bcb31cd8a57750439c3c95eaee8506374c7efde5de5573698b7f5c86937640fe
By hashstamp, I mean that you post the hash of whatever, and the post is datestamped and can't be edited or deleted, although it would be nice to have a "flag", indicating that someone has paid X dollars to claim that their password was stolen and so the hashstamp is possibly invalid, or even that such a challenge has been validated.
To automate this, a filename such as e.g. deskPane_w.....zip MUST begin with a dot-com name fby underscore. A hashstamp-server might send mail to hashmaster@deskpane.com to verify stuff. The first thing you would do, is say post the hash of your self-portrait, in case your ownership is challenged. "No edit, no delete" is thus powerful, no one can ever get rid of that hash, so this would be a great ritual for setting up a new domain.
*COMPARE* this to the stuxnet thing. With hashstamping the server could obviously notify the hashmaster when new hashes are posted. Even assuming the notification got lost, for important companies they COULD just view the hashstamp-journal, to verify that no-one-else has been sneaking in bogus hashstamps. With stuxnet, a copy of the certificate was SILENTLY stolen, so those files could be signed, and the true owner of the certificate has no way of knowing this is happening.
From this perspective, the advantage of certification is that it saves on communication costs. But today we can EASILY afford a server-query, each time we install a program. The use of certificates is thus viewed as a dinosaur from the dial-up-days, when hashstamp-server-queries might have been too costly. But today, this advantage of total visibility seems decisive, at least to moi, owner of www.hashstamp.com.
Anyway knowing of no such hashstamp server, for today I just append the hashstamp of my release-candidate-build, this one might ship. I was so dissapointed when slashdot allowed editing of user journals, now to get the no-edit/no-delete I have no choice but to comment in some security-discussion.
file C:\zzzz\zzzzWcDemo\deskPane_win32_win64_2011_APR_24_00250.zip nbytes 0x62868B 6456971 CRC32 28e1ac5e MD5 87c595fe508de6eea992274de3e4a651 SHA-1 9d4225e0d60e732306880cef6d61a11ad933679d SHA-256 bcb31cd8a57750439c3c95eaee8506374c7efde5de5573698b7f5c86937640fe
