- From: Nala Ginrut <mulei@gnu.org>
- Date: Tue, 27 Aug 2019 18:32:28 +0800
- To: public-privacy@w3.org
- Cc: "Eric J. Bowman" <eric@bisonsystems.net>, Chris Palmer <palmer@google.com>, Nick Doty <npdoty@w3.org>, David Singer <singer@apple.com>, TAG List <www-tag@w3.org>
- Message-ID: <87woeyyk3n.fsf@debian>
Hi Marc! Great appreciated for the work! I've noticed the sentence here: ------------------------------------------------------------------------- The app itself should be signed to ensure an MITM attacker cannot tamper with the application itself before it’s installed/downloaded/run. ------------------------------------------------------------------------- And here: ------------------------------------------------------------------------- This method specifically avoids intentionally insecure cryptographic API built in the browser. ------------------------------------------------------------------------- If the app (browser) is not trusted, especially for its cryptographic API, then the signature means nothing to verify. Best regards. Marc Fawzi writes: > 5 years later, we can now bypass TLS with ALS (application level security) > while dancing around NIST recommended broken security standards in > WebCrypto etc > > https://docs.google.com/presentation/d/1f2k6fsIkDmIS1WyJAT0lXQmDuHIPeo9GDKfP1FY2rVc/edit?usp=sharing > > Enjoy this 5-year delayed response. > > > > On Mon, Feb 23, 2015 at 6:07 AM Marc Fawzi <marc.fawzi@gmail.com> wrote: > >> >> http://zitseng.com/archives/7489 >> >> *Government-Linked Certificate Authorities in OS X (zitseng.com >> <http://zitseng.com>)* >> >> From the comments on Hacker News: >> >> "No, if they want to hack your SSL comms, they aren't going to do it by >> using a MITM attack backed by a government-issued root CA, they are going >> to do it by gaining access to a "neutral" CA (such as Verisign), and >> obtaining the root certificate's private key. Now you would have a much >> harder time of figuring out that something has gone wrong, but then, if >> you're paranoid of the government spying on you, and you are using a CA >> other than one you own yourself, you've already lost the battle." >> >> I agree, no protocol or method can stop a nation state because things >> ultimately come down to physical security. >> >> But it is more reason to put the breaks on the idea that moving the whole >> web to https is going to make a real difference. I don't think it will. >> Once the users see https as a selective spying mechanism (open for govs, >> closed for petty criminals) they really won't trust the web ever again, >> unless you come up with a new protocol/story and keep evolving it in major >> ways to stay ahead of the inevitable. >> >> Copying the wisdom below (via another developer): >> >> *On Derived Values* >> >> This, milord, is my family's axe. We have owned it for almost nine hundred >> years, see. Of course, sometimes it needed a new blade. And sometimes it >> has required a new handle, new designs on the metalwork, a little >> refreshing of the ornamentation . . . but is this not the nine >> hundred-year-old axe of my family? And because it has changed gently over >> time, it is still a pretty good axe, y'know. Pretty good. >> >> -- Terry Pratchett, The Fifth Elephant >> >> On Sun, Feb 22, 2015 at 6:33 PM, Eric J. Bowman <eric@bisonsystems.net> >> wrote: >> >>> Eric J. Bowman wrote: >>> > >>> > > >>> > > I encourage you to read more about cryptography and cryptographic >>> > > network protocols, and to try your hand at subverting HTTP and HTTPS >>> > > traffic (on your own systems and networks only, of course). I think >>> > > you'll find that the available security guarantees and >>> > > non-guarantees of HTTP and of HTTPS are very different from what >>> > > you have expressed in this thread. >>> > > >>> > >>> > Thanks, but I don't think you've understood what it is I'm trying to >>> > express. >>> > >>> >>> Particularly, Superfish illustrates that the guarantees and non- >>> guarantees of HTTP and HTTPS are *exactly* what I tried to express in >>> this thread. >>> >>> Yes, I know. You're above this list now, or at least until March 30, >>> while you write a book on Web security. Let's just say I'm not pre- >>> ordering. >>> >>> -Eric >>> >>> >> -- GNU Powered it GPL Protected it GOD Blessed it HFG - NalaGinrut Fingerprint F53B 4C56 95B5 E4D5 6093 4324 8469 6772 846A 0058
Received on Tuesday, 27 August 2019 10:40:31 UTC