More on n2n (by alaric)

I've been discussing n2n with my friends, and one of them raised an interesting point.

He pointed out that since n2n offers access control only at the network level - you need to know the network key to join a network - it works like the Internet of old: once you're in, you're in and fully trusted, and people can't get rid of you; they can just ignore you.

If that's a problem, then you have to do what the Internet had to do - set up local firewalling and access control.

This struck me as an interesting point about the trust model you're using.

Read more »

Keysigning party – South Kensington, London, 2nd of June 2008 (by alaric)

I now have a venue for the keysigning party...

If you're interested in building a web of cryptographic trust (or just want to meet some interesting people), come along to Da Vinci's Cafe Bar, Imperial College Union, Beit Quad, Prince Consort Road, South Kensington, London. More detailled directions are available on the web site

Turn up around 7pm - but be there before 8pm, since that's when we'll actually authenticate ourselves to each other and swap key data.

Then an evening of socialising!

Keysigning party – London, 2nd June (by alaric)

I've somehow ended up organising a keysigning party in London on the 2nd of June.

See the page for directions to the venue (it's in South Kensington).

So if you have a PGP keypair (or take part in CACert.org or Thawte's web of trust), come along. If you don't, but are interested in being able to exchange military-grade encrypted or signed messages, then set up GNU Privacy Guard - see their manuals for more details - and create yourself a keypair (your own digital identity) - or several - and bring along your key IDs and fingerprints to have them vouched for and vouch for everyone else's.

I've made myself some MOO cards to hand out my key details on:

n2n (by alaric)

n2n looks like a lovely piece of technology.

It's basically a VPN system, but quite different from existing VPN technologies. Existing VPNs work by creating a point-to-point link between two systems, usually a personal computer on an untrusted, remote, and often frequently changing network - and a router which then routes or bridges traffic (depending on the layer the VPN operates on) to other VPN clients and/or a physical private network.

The usual configuration is that there's a network with some resources on it that can't be trusted to the open Internet - insecure file sharing or network management services, for example - with an access device connected both to that network and the public Internet, such that remote computers can connect to the access device via the Internet and thus be virtually and securely connected to the private network so they can access the resources therein as if they were physically plugged into it. All over an encrypted link that they need to authenticate to set up, keeping third parties from reading or injecting traffic.

But the conventional VPN approach doesn't work so well for more complex setups. I, for example, have two private networks with various servers and workstations on, an isolated server, and two roaming laptops. It would be nice if I could set up varying levels of trusted connectivity between the three; the isolated server should really appear to be local to the first private network, which could be done with a conventional VPN, except that a permanent connection would require the isolated server to try to set the VPN up on boot and, if it goes down due to network problems or the access server on the private network rebooting, retry the connection automatically. Likewise, I'd like some level of routing between the two private networks, with a bit of packet filtering to tailor the precise trust relationship; I'd have to choose one network's router to be the VPN server and the other the client, set up another auto-reconnecting VPN, and set up routing across it. Then have the laptops also connect to a VPN server on one of the private networks, or perhaps the isolated server, to then use routing across the VPN links between the two private networks in order to reach everything they should be able to.

In practice, I'd probably pick the best connected private network to be the hub, and run a VPN server on it, and have everything else connect to that. Traffic between a laptop and the other private network would go via the hub, causing double bandwidth consumption at the hub and increasing latency. If the hub goes down, the whole network is fragmented.

Plus, mainstream VPN protocols are a pain to configure and use, as they tend to use strange protocols like GRE.

But n2n is much better than all that.

Social engineering (by alaric)

Bruce Schneier's blog as an article on a recent diamon heist carried out purely through social engineering. No high-tech descending on wires through skylights, gymnastic climbing through nets of laser beams, or reprogramming advanced electronic locks. Nope, the perpetrator just earnt the trust of the staff by appearing to be a nice harmless guy.

No amount of snazzy technology can prevent this kind of thing. Sure, you can make it harder in some ways, but people will still be the weakest link.

My suggested solution to this kind of crime is to make it everybody's civic duty to test security systems. Teach social engineering at school. If somebody is caught in an attempted non-violent non-property-damaging security breach attempt, congratulate them. If they manage to pull one off and get away with it but then fail to report the fact, throw 'em in jail - but if they DO report it and turn the goods back in, they get congratulated and a reward from the victim's insurance company.

Sure, this makes an actual malicious robbery slightly less risky (as long as you don't damage anything or anyone during the attempt, which is clearly against the rules of a good-natured security probe), since if you get caught in the act you can say it was just for fun and you'd have handed in the winnings if you'd not been caught, but actual successful robberies at that level are rare. And with a segment of the population worrying at any possible security hole in search of a finder's bounty, there'll be less security holes to exploit, and the staff will be a lot less trusting of nice folks...