Readit News logoReadit News
divegeek commented on Show HN: Kryptonite – a new home for your SSH private key   krypt.co... · Posted by u/4kevinking
developer2 · 8 years ago
>> Every application on the phone is sandboxed

Note that you are trusting this app with your private key. While other apps are sandboxed away from having access, all it takes is one update to the app to sneak away your private key to any remote server. You have to trust the publisher of this app, including their entire chain of source code repository management and app build/release process. It takes a single instance of a malicious person inserting code that steals all users' private keys (disgruntled employee at this company, or social engineering attack to gain access to commit to their GitHub, etc.).

It's the same reason I am horrified that anyone trusts password managers from for-profit companies. Those companies have unfiltered potential access to your entire online identity, including critical logins like your bank and government services. The app is sandboxed, and the company promises that your (unencrypted) credentials never leave the local device. But it is impossible for them to offer an absolute guarantee that their app will never be the target of an attacker slipping in code that steals information.

In this particular case, you're giving a single app access to potentially expose your key to theft. Less risky than storing your key in the default ~/.ssh/id_rsa, where any app running on your desktop machine has access to read it. Also likely to be less devastating of a loss compared to the compromise of the contents of a password manager.

divegeek · 8 years ago
>> Note that you are trusting this app with your private key.

On Android, the Kryptonite code uses the AndroidKeyStore to store the private key, which means that the app does not have access to it. At a minimum (on old devices), AndroidKeyStore keeps the private key material in a separate process, so it never exists in the app's process space. On newer devices (launched with M or later), the private key material is kept in the Trusted Execution Environment, so nothing in Android user or even kernel space has access to it.

EDIT: Actually, there's one small flaw in the Kryptonite code that may make the private key accessible to a sophisticated attacker who compromises the app. The key allows signing without using a hash function. Signing a sequence of carefully-chosen plaintexts can reveal the private key. I filed an issue and sent a pull request.

divegeek commented on Google announces Android for Work   googleforwork.blogspot.co... · Posted by u/derpenxyne
viccuad · 11 years ago
I tried to find any info about license or repos and couldn't find anything. Unlike Samsung's Knox, which is FOSS, how can this be even remotely secure if it is closed source?

Seems that Google is full on the "Extinguish" phase with Android.

edit: amazing that I'm being downvoted for stating facts yet nobody replies to me.

divegeek · 11 years ago
(Googler here)

It's a platform feature, so it's open source, but there's always a delay between the announcement and the time the code hits the public repositories. It'll be there before too much longer.

divegeek commented on Mumbling Isn’t a Sign of Laziness, It’s a Clever Data-Compression Trick   nautil.us/blog/mumbling-i... · Posted by u/fbrusch
amirmc · 11 years ago
> "Eh, this can also denote synergistic group think or collective creativity."

I think you've missed my point. I was mostly referring to things like meetings, where people typically are trying to reach an agreement (or decision) about something. If those people are from different cultures, then a mismatch can arise where people think they're talking about the same thing but only realise later that things have gone wrong. Even then, people tend towards recriminations, rather than root-causing and realising that their terms mean different things. Take the example from the end of the post itself (where 'skiing' meant different things to both people -- if they hadn't clarified, they'd have parted with vastly different views on what was discussed).

divegeek · 11 years ago
I find it useful to keep in mind the notion that all knowledge is gained by a process of guesswork and criticism. When you listen to my voice or read my words, you must guess at what I mean to convey, because my words by themselves, even if not mumbled, are almost never sufficiently precise to carry my meaning.

So instead, you have to build and discard internal explanatory models of my meaning, criticizing them by cross-checking them with other things I've said, and with your understanding of my understanding of the world. Meanwhile, I'm doing the same thing on the other side, hypothesizing the models that you're creating based on what I've said and trying to add more words to fill any gaps in what I presume that you're presuming that I mean.

When we arrive at a point where you and I both believe that you hold a consistent mental model of what I wished to convey, then we believe that I have communicated to you.

Stated that way, it's clear that communication is really, really hard -- even though we do all of that model building and evaluation without conscious effort in most cases. And it's also quite obvious why it's easier to communicate with people you know well, because both sides have a better mental model of the other's mental model. Both are _wrong_, always, but they're less wrong than similar situations between people with less shared context.

This view also makes it abundantly clear that it's important to validate communication. If you restate to me in your own words what you believe I intended to convey, there's a good chance I'll catch any major discrepancies between what I intended and what you got. A good chance, but we can still end up believing that we're in agreement when we're not.

In theory it is possible to define a language and communication techniques that do not depend on this iterative, contextualized method. This is essentially what we do in formal languages, such as those we use in mathematics or programming. But it is not how people communicate because it's actually far more efficient to rely on compression via shared context than it is to communicate with formal precision. Further, formal communication only obviates guesswork and criticism at the level of understanding which is directly expressed. I can read an assembler program and understand with perfect precision what the individual instructions do, but the leap to understanding the goal of the program again requires guesswork and criticism.

As an aside, it's interesting to note that the process of guess-and-evaluate is essentially the same as the scientific method of hypothesize-and-test and even the same as the evolutionary method of vary-and-select. There's a compelling argument that all knowledge creation occurs via this process -- and communication is knowledge creation, even if it simply conveys an idea from one brain to another, because there's no direct transfer mechanism the receiver of the idea must create it based on observations of the words of the giver.

divegeek commented on Nest Protect is a terrible buggy product   plus.google.com/115863474... · Posted by u/somerandomness
aniket_ray · 11 years ago
Not sure why you were downvoted as opposed to OP but this thread is full of people who don't realize that Google is truly a place where employees are encouraged to speak up when things are bad. Frankly, organizations would never be able to fix their mistakes if their employees are censured when they speak up.
divegeek · 11 years ago
(Googler here)

You're not wrong, but I think you overstate the case. I wouldn't say employees are encouraged to publicly trash the company's products. Not at all. But the company does respect employees' right to speak their mind in public, and it does encourage thoughtful internal dissent.

I often tread pretty close to the line on what I say in public, and have even been reined in by Google legal counsel in a couple of cases. I found the experience of being told to cool it to be surprisingly affirming and liberating, and a powerful confirmation of the true commitment to openness in Google culture, because of the reasons for which it was done and the way in which it was done. Specifically, in both cases I really had crossed a line which could be potentially troublesome for Google in court, and in both cases the attorney who contacted me was respectful of my opinions and my rights to speak them to the point of being very apologetic about telling me to shut up. It was very clear to me that Google really didn't want to silence me, and did it only because they truly had to. I think that's awesome.

Based on my experience, I have zero concern for Brad's job, and wouldn't be surprised if he gets some mild and unofficial kudos.

divegeek commented on At some startups, Friday is so casual that it’s not even a workday   washingtonpost.com/local/... · Posted by u/petethomas
monsterix · 11 years ago
Now this could be an early sign of a bubble in the making. Here's why:

1. The bay believes that solofounders are a bad deal - mostly - because starting a company is a lot of work. And so it is - a lot of work!

2. Now here we have a handful of _startups_ that confess there's isn't enough work to keep everyone in the nimble team up on toes for even forty hours a week! This contradicts with 1.

Sure it means team happiness and all that. Fine.

3. For each _startup_ that has confessed situation at 2. there should be at least 'X' times the number of start_ups who do not accept this reality. I don't know what that number 'X' would be but let's take it 10.

Which means what - a bubble?

[Left open]

divegeek · 11 years ago
> here we have a handful of _startups_ that confess there's isn't enough work to keep everyone in the nimble team up on toes for even forty hours a week

I don't think they said anything of the sort. There's no claim they don't have enough work for 40 hours; I'm sure like most of us there is no end to the work, and it can and will consume all the time we're willing to give it.

They're just not willing to give it as much. It's possible that will put them at a disadvantage to their competitors. It's also possible that they may be sufficiently more creative to overcome that disadvantage.

divegeek commented on Windows 10: Re-Crappifying Windows 8   ignorethecode.net/blog/20... · Posted by u/smcgivern
sliverstorm · 11 years ago
... a tactic to undermine people's opinions by ascribing them to unproductive emotional reactions, rather than objective evaluations...

Isn't "liking" Windows 8 less than Windows 7 an emotional reaction?

divegeek · 11 years ago
I like a $20 bill more than a $10 bill. Is that an emotional reaction? No, it's an objective value judgement based on the fact that the former is more useful (roughly twice as useful) as the latter. The word "like" merely expresses preference. It's neutral as to the basis of the preference, which may be emotional, rational or some combination.
divegeek commented on Why Google won't fix a security bug in almost a billion Android phones   engadget.com/2015/01/14/g... · Posted by u/moe
anon1385 · 11 years ago
>What Google can't do is get those patches delivered to end-user devices.

Apple manage to do it. Google made a conscious decision to trade off allowing end users to keep up to date with achieving faster adoption of Android among OEMs and carriers. You can't now pretend that the results of those decisions are some kind of inevitability. It was Google's choice, and they are responsible for the result.

>And we know that OEMs won't provide updates because they are already refusing to provide the one that has existed for some time now: Android 4.4.

Yes, OEMs like Google themselves…

divegeek · 11 years ago
Apple makes all of its devices and therefore controls them. Google can't dictate to Samsung, HTC, LG, etc.

Google has updated the in-support Nexus devices. The Galaxy Nexus is something of a question mark, but the number of active Galaxy Nexus devices is tiny. It would make more sense for Google to offer GNex users a new device than to upgrade the few remaining GNex's to 4.4.

divegeek commented on Why Google won't fix a security bug in almost a billion Android phones   engadget.com/2015/01/14/g... · Posted by u/moe
guelo · 11 years ago
WebView is embedded in many apps so using Chrome, or Firefox, won't help.
divegeek · 11 years ago
Correct. At present the only solution for pre-4.4 devices is to avoid using WebView to display untrusted content. If you're an app developer using WebView you should make sure it's only displaying trusted content which means either local content or remote content from trusted sites with non-broken SSL. I recommend using Google's recently-released nogotofail toolkit to test for SSL breakage (https://github.com/google/nogotofail).

The ideal fix for this problem is for OEMs to update devices to 4.4.

divegeek commented on Why Google won't fix a security bug in almost a billion Android phones   engadget.com/2015/01/14/g... · Posted by u/moe
ryanhuff · 11 years ago
Sheez. So when the broken code in question is over 2 years old, and is hard to fix, then Google just washed their hands of it? Google is a big company with substantial resources. How about they support their customers beyond the "new and shiny period" like many, many other companies do?
divegeek · 11 years ago
Google could invest the resources to create patches. What Google can't do is get those patches delivered to end-user devices. Given the fact that if Google provided patches they'd never reach users anyway, why should Google bother? And we know that OEMs won't provide updates because they are already refusing to provide the one that has existed for some time now: Android 4.4.

(Disclaimer: I'm a Google employee, and I work on Android security, but I'm not a spokesperson and these are only my own opinions.)

divegeek commented on How Uber’s Autonomous Cars Will Reshape the Economy by 2025   zackkanter.com/2015/01/23... · Posted by u/cryptoz
potatolicious · 11 years ago
This is a cop-out - the entire "people will find other things to do" argument is a total cop-out.

Yes, in aggregate, over long timespans (read: multiple generations), people will figure out other things to do. But as we've seen from the automation of manufacturing jobs in the US, a huge number of people haven't retrained, nor have magical jobs "we couldn't even imagine" erupted en masse to absorb a chronically un- or under-employed work force.

I submit that the oversimplified notion that people who lose their jobs to technology will be fine and find something else to do is mainly a device to make people like us feel better - it isn't a notion that actually helps the displaced.

divegeek · 11 years ago
The problem isn't the change. History has shown time and again that we can deal with that. The problem is the rate of change. The industrial revolution took generations to really complete, and even so it was kind of rough in places. These changes are coming much, much faster.

We need to find something between accepting mass poverty and creating a total welfare state which, even if it works economically, will be a disaster for human happiness. People need to feel productive, useful and self-reliant. What that is, I don't know.

I'm encouraging my kids to become technocrats, like me.

d

u/divegeek

KarmaCake day49August 14, 2014View Original