Comments: Opera talks softly about user security

How is a user made more secure if their "secure browser" doesn't let them access a number of sites they want to, so they dump it for a browser which doesn't have that "feature"?

If we, the browser makers, are going to do things which break bits of the web, we need to do them together. Striking out on ones own is counter-productive because people just move to a product which doesn't have the inconvenience, thereby reducing rather than increasing their security.

You may scoff at collaboration if you wish, but I think it's the right way forward.

Posted by Gerv at May 24, 2006 09:28 AM

Hi Gerv,

Security is a relative benefit - it is not an absolute. The greater good is important to security, not because of philosophy but because it is a good measure of relatives, and it smooths out the effect of absolutes. Half a billion people with better security, or the million or so who get phished every year, is to be compared to the few thousands that might be inconvenienced by the poorer access to those legacy sites.

On one hand we could drop 100-4000 sites. For that, we improve security for all browsing users, and move forward in protecting each year's million phishing victims. At some cost of some inconvenience as the 100-4000 sites need to upgrade.

Alternatively, we keep those 100-1000 sites available and we expose all those people to more attacks. Call it a year wasted, so that's 1 million people, 1 billion dollars. Take some proportion of that, because we can't attribute all the blame to one decision...

That's a lot of pissed off, poorer people - because of what? You didn't want to deny those same people access to a website? On the Internet? With a free browser? Ask a phishing victim sometime.

It's a fair trade-off *iff* you are considering security as important. If security is important, then we generally argue that some inconvenience has to be put up with. So some people move to another browser, or do not upgrade. That's their choice. That doesn't mean everyone, it's a miniscule percentage that would actually move.

In choosing the convenience of access and trying to stop customers migrating because they also choose convenience, browser manufacturers have chosen lower security. That's their choice, and the fact that all browser manufacturers have chosen that path, and are collaborating on that, is a singular observation.

Posted by Iang at May 24, 2006 10:08 AM

The release note for Opera 8 on "Die inoffizielle Opera-Fansite" says:

# SSLv2 and 40-bit encryption are enabled by default again.
# Readded experimental support for TLS Extensions and TLS 1.1. Setting is disabled by default.

Posted by Die inoffizielle Opera-Fansite at May 24, 2006 10:34 AM

bizarre story, I just had to use my browser for a bank web site

you know its often the case that java applets windows work better with PC (I only have a mac on hand)

I laboriously tried EVERY mac browser to see if it would work

the last one I tried waa, I think, the ONLY BROWSER you have to pay for, its called OmniWeb ( or something)

incredibly it DID WORK PERFECTLY ... omniweb on a mac (I am fairly certain) is the best and perhaps only really reliable browser (on a mac) if you need touse ordinary java applets typical as you might see when logging in to your online bank etc

wild huh!

Posted by JPM at May 24, 2006 01:39 PM

You keep referring to these "100 sites" but remember that these sites were found during a very limited test period by the relatively few users who frequent the pretty technical beta forum AND are sufficiently interested in encryption and SSL to take part in such a specific testing. It's anyone's guess how many sites out there are incompatible with the new SSL stuff but when brief and limited testing turned up 100 the real number must be at least 15 times larger. Also SSL sites are typically very important to the end user. There are alternatives to most HTTP resources but you NEED to access your online banking. As Gerv already tried to explain the only way forward is the browser vendors pushing together, both pushing CAs to improve their procedures and pushing in unison sites to upgrade their outdated servers.

> (Do you think the commerciality of the equation might
> explain the laggardness of browser manufacturers here?)

Now that's complete rubbish. Users feeling secure is essential to our existence while we get none of the payments to ISPs for those non-shared IP addresses. Where is the logic in this accusation?

Posted by Hallvord R. M. Steen at May 29, 2006 06:28 AM

Hallvord, thanks for your comment. On the "cooperation" front:

I know you're probably smarting at the injustice of my post - but you should be aware that this is nothing new. All browsers are at fault, and I write the same criticisms about all of them from time to time. The faults are serious, the faults are real and are only being addressed if one observes geological timeframes. I know the browser manufacturers are all working hard - but there is a difference between working hard and working smart.

Grouping together as a browser community won't help, it will hinder. It will make you feel better for a while, but you really have to do the hard work to understand the big picture. No other browser is going to help you do that, because you all come from the same culture, the same background, the same architecture. You need diversity, not monoculture, to address the blindspots.

By clustering together in a community, this has led you to make a big mistake - blame the CAs. You make it above by pushing the CAs to improve their procedures - and the browser people all huddled together with the CAs to work on the "high assurance" programme. Although the weakness of the CAs is cause for concern, events are even overtaking that concern, such that it is far from the most serious worry we have. The "high assurance" programme will achieve no improvement in security to users, but it may shuffle some other pieces around the board. It does not compare with addressing the security problems of today, and elevating it as "something we are doing" reveals that browser manufacturers have no better strategy than blaming the next guy in the line up.

That's not to say that the CAs can't improve their procedures - they can and they might in time. They have many problems too, but what they cannot do is address the vast bulk of attacks which are against the browser and the Microsoft OS.

Posted by Iang at May 29, 2006 09:38 AM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x558c600d58b8) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.