February 14, 2006

Todd Boyle: value of transactions versus security model

Todd Critiques! iang wrote:

> Financial Cryptography Update: Brand matters (IE7, Skype, Vonage, Mozilla)
> [........]
> No, brand is a shorthand, a simple visual symbol that points to the
> entire underlying security model. Conventional bricks&mortar
> establishments use a combination of physical and legal methods
> (holograms and police) to protect that symbol, but what Trustbar has
> shown is that it is possible to use cryptography to protect and display
> the symbol with strength, and thus for users to rely on a simple visual
> icon to know where they are.

> Hopefully, in a couple of years from now, we'll see more advanced, more
> thoughtful, more subtle comments like "the secured CA brand display
> forms an integral part of the security chain. Walking along this
> secured path - from customer to brand to CA to site - users can be
> assured that no false certs have tricked the browser."

The statement above seems incorrect to me, and inconsistent with statements you have made for many years.

Any security that works on ordinary general purpose computers is going to work as long as one of the following: no high value transactions at stake, no large numbers of users, and.or not in the marketplace very long.

In other words, any mac or windows or linux thing that gets into common use by very many people, that actually has any money at stake, will be cracked before very long. There is some type of a destruction curve that starts out slow, then reaches a steep slope or catastrophic collapse, again depending on how much money is at stake, aggregated over the number of users.

I'm afraid this will be true until there are two elements introduced: more people, real people in the community, involved in the day-to-day operation of our identity and reputation mechanisms, and, a signing device that is guaranteed to perform its function for the long term and I don't mean 99.999% but 100%. However humble its function, to be adopted at all, it must be 100% even if that's artificially nailed down by some sort of intermediary, some sort of insurance as we see with credit cards. Why is this taking so long to appear?!

In closing, we had Bruce Schneier in Seattle last weekend,


Sunday, February 12, 2006 - Page updated at 12:00 AM
500 show up to hear security guru
By Tan Vinh
Seattle Times staff reporter

Bruce Schneier once worked for the Defense Department.

Since the disclosure last month that the government authorizes warrantless domestic spying, the water-cooler chats and classroom debates have raged over privacy and constitutional rights.

But Bruce Schneier, the security guru who has rock-star status among crypto-philes, offered another take on the matter to a crowd of more than 500 people at the American Civil Liberties Union convention at the University of Washington on Saturday: This computer-eavesdropping stuff doesn't really work.

"When you have computers in charge telling people what to do, you have bad security," said Schneier, who worked for the U.S. Department of Defense in the 1980s.

Schneier, who won't reveal what he did for the Defense Department other than to say it's related to communications and security, said the domestic-eavesdropping program relies on computers to pick up words such as "bomb," "kill" or "president" in conversations and flag the participating parties as potential suspects.

Last month, the Bush administration acknowledged authorizing the National Security Agency to intercept e-mails and phone calls without warrants in cases where one party is outside the United States.

"Technology is static," Schneier said. "It doesn't adapt. But people can adapt to whatever is going on," he said. "You are better off" hiring more FBI agents to gather intelligence.

The security is not worth the cost because the computers generate too many false alarms, Schneier said.

"Replacing people with technology hardly ever works."

With his thinning hair in a ponytail, Schneier looked more like a hippie than a cryptography expert whose books have gained cult status and whose appearances draw standing-room-only crowds.

Here to speak about the nation's concern with security since the Sept. 11, 2001, attacks, the 43-year old Minneapolis resident suggested everyone step back and realize "terrorist attacks are rare. They hardly ever happen."

A funny thing happens when people get scared, he said. People give up their freedom or liberties to authority. And politicians create "movie plots" of attacks at maybe the Super Bowl or the New York subways, as if terrorists couldn't attack another event or the subway stations in Boston, he said.

"Security that requires us to guess right" is not worth the cost because there are too many potential targets, he said.

Tan Vinh: 206-515-5656 or tvinh@seattletimes.com

Posted by iang at February 14, 2006 12:19 PM | TrackBack

> > ... Trustbar has
> > shown is that it is possible to use cryptography to protect and display
> > the symbol with strength, and thus for users to rely on a simple visual
> > icon to know where they are.

Todd wrote:
> The statement above seems incorrect to me, and
> inconsistent with statements you have made for
> many years.

Well! I don't know about that .. but let's see. The statement made above was purely on the narrow focus of phishing. In your classic phish, the attacker bypasses the SSL/PKI security model completely. Why? Because there is no need to engage it. let's call this a Class 1 Browser MITM.

1st step then is to make sure that the SSL/PKI system is engaged. Which means putting more information on the browser chrome so that the user partakes in this process. Logos, brand, colour. Browser can do this now, by themselves, they just need to expand the padlock.

Then, we have today's story where someone went and acquired a decent certificate. That cert *also* engages the padlock, and even other parts. Let's call this a Class 2 Browser MITM.

So what was different about that cert in comparison to the proper cert? Well, we can imagine that the proper cert was in fact provided by another CA. But the user doesn't know that. Solution? Tell the user. We can do this by putting the CA's name on the chrome - IE7 is trialling this right now, albeit with bugs.

Or we can be more friendly to the user. We can put the logo of the CA on the chrome. The reason for taking this brand thing one step further is that we won't get the schlock that Geotrust came out with today - they would never ever dare to risk this sort of nonsense if their brand was on the chrome of every user's online banking session.

Now, why do we sign it? So that it is the right one. So no phisher can change it. Sure, the phisher can blow away the certificate process. In which case the phisher now _owns the user's machine_. Yeah, nothing can change that except a better machine / better OS.

Fix one problem at a time. Yes, we need a trusted platform. (No, thanks, Microsoft, not *that* one.) But in the meantime, as long as we are talking about the very limited domain of phishing and online banking, let's at least get the browser secured. However, if we are doing real transactions ... that won't be enough. I agree with that.

Posted by: Iang at February 14, 2006 12:44 PM
Post a comment

Remember personal info?

Hit preview to see your comment as it would be displayed.