- From: Sebastian Hellmann <hellmann@informatik.uni-leipzig.de>
- Date: Sun, 3 Mar 2019 23:32:46 +0100
- To: Jonas Smedegaard <jonas@jones.dk>, public-webid@w3.org
- Message-ID: <ebba1cef-c89b-fd0e-b176-d3bef8771feb@informatik.uni-leipzig.de>
Hi Jonas, On 03.03.19 19:01, Jonas Smedegaard wrote: > Quoting Sebastian Hellmann (2019-03-03 18:05:51) >> Forgot something >> >> On 03.03.19 17:43, Sebastian Hellmann wrote: >>>> *** >>>> >>>> An RDF document is served at the URL of my WebID. >>>> >>>> That is an identifier. Just like my birth certificate and my >>>> passport are identifiers. >>>> >>>> It is not secure against identity theft. It is just a document. >>> I see this differently. Birth certificate and passport are issued by >>> trusted third parties and your passport contains hundreds of >>> security measures, while the RDF document contains exactly 0. >>> >> There are some weak security measures like file permissions, but this >> is 755 and 644 normally. If you put the document in an encrypted >> database I would choose to add this line into your .htaccess >> apache.conf instead: ProxyPassMatch "^/me(.*)$" "/.file.ttl" Well I >> would hide it better, you might never find it and give up and reformat >> the server to fix it. > You are again talking about web hosting security here. > > Imagine for a moment that the WebID+TLS protocol specification contained > rules on how to configure an web hosting service using Apache2. You > could then point out that the physical machine could be compromised if > not secured by a steel box... > > What is your threat model? I am asking for a holistic risk assessment of the WebID system. As far as I understood it, the plan is to take your data from Facebook, Google, Twitter, etc. and move it all into a solid box. The main argument for this is: * you have data ownership * lower threat, because you can not hack one big server any more to get a billion account records, but lot's of individual nodes to get one. From my perspective this looks like this: What Security Impact Facebook Very hard Very high Solid box 70% of nodes low due to lack of skill 20% medium 10% high, but relatively insecure to facebook High personal impact, if in full usage It is comparable to the Saved Logins section in my browser, but there it is linux, I do regular updates of firefox and system, have a master password, which I have to enter each time and some extra measures. But I am sure firefox has good experts working day and night to keep it secure. Ok, sometimes I add a security exception, but only on small sites, where I assume that they forgot to extend their cert. On my web servers, I follow some rules, but then also break them now and then, because it is easier like adding "SSLVerifyClient optional_no_ca" and AllowUnsafeSSL for self-signed certificates. I almost never do updates, because my applications might break (got a lot better with docker now, still..). I try to keep them secure to the best of my knowledge, but it's not my department, so my best is probably an expert's nightmare. There is definitely not a team of experts working on the security of my servers. I believe this holds true for 70% of webserver owners. On the other side, I am thinking from the perspective of a website owner with WebID user accounts. If they get hacked, I have compromised accounts that have access to my application. They could post adult content on my children's website. Well, of course it is the same now, but Browsers are much more secure than web hosting. But I am also willing to find out that this is not the case. Maybe my assumptions are wrong. I wouldn't mind so much about this, if there were more security measures in place, which would decouple reliance from web hosting security. If you would change the WebID to work more like bitcoin addresses, i.e. Public/private key determines the identifier, not Identifier determines the public/private key. It would not be so interesting to hack the servers as private keys are much harder to compromise, i.e. the hack less effective. It has more security layers. -- All the best, Sebastian Hellmann Director of Knowledge Integration and Linked Data Technologies (KILT) Competence Center at the Institute for Applied Informatics (InfAI) at Leipzig University Executive Director of the DBpedia Association Projects: http://dbpedia.org, http://nlp2rdf.org, http://linguistics.okfn.org, https://www.w3.org/community/ld4lt <http://www.w3.org/community/ld4lt> Homepage: http://aksw.org/SebastianHellmann Research Group: http://aksw.org
Received on Sunday, 3 March 2019 22:33:19 UTC