Re: Fwd (TAG): Draft finding - "Transitioning the Web to HTTPS"

Hi Marc!
Great appreciated for the work!

I've noticed the sentence here:

-------------------------------------------------------------------------
The app itself should be signed to ensure an MITM attacker cannot tamper
with the application itself before it’s installed/downloaded/run.
-------------------------------------------------------------------------

And here:

-------------------------------------------------------------------------
This method specifically avoids intentionally insecure cryptographic API
built in the browser.
-------------------------------------------------------------------------

If the app (browser) is not trusted, especially for its cryptographic
API, then the signature means nothing to verify.


Best regards.


Marc Fawzi writes:

> 5 years later, we can now bypass TLS with ALS (application level security)
> while dancing around NIST recommended broken security standards in
> WebCrypto etc
>
> https://docs.google.com/presentation/d/1f2k6fsIkDmIS1WyJAT0lXQmDuHIPeo9GDKfP1FY2rVc/edit?usp=sharing
>
> Enjoy this 5-year delayed response.
>
>
>
> On Mon, Feb 23, 2015 at 6:07 AM Marc Fawzi <marc.fawzi@gmail.com> wrote:
>
>>
>> http://zitseng.com/archives/7489
>>
>> *Government-Linked Certificate Authorities in OS X (zitseng.com
>> <http://zitseng.com>)*
>>
>> From the comments on Hacker News:
>>
>> "No, if they want to hack your SSL comms, they aren't going to do it by
>> using a MITM attack backed by a government-issued root CA, they are going
>> to do it by gaining access to a "neutral" CA (such as Verisign), and
>> obtaining the root certificate's private key. Now you would have a much
>> harder time of figuring out that something has gone wrong, but then, if
>> you're paranoid of the government spying on you, and you are using a CA
>> other than one you own yourself, you've already lost the battle."
>>
>> I agree, no protocol or method can stop a nation state because things
>> ultimately come down to physical security.
>>
>> But it is more reason to put the breaks on the idea that moving the whole
>> web to https is going to make a real difference. I don't think it will.
>> Once the users see https as a selective spying mechanism (open for govs,
>> closed for petty criminals) they really won't trust the web ever again,
>> unless you come up with a new protocol/story and keep evolving it in major
>> ways to stay ahead of the inevitable.
>>
>> Copying the wisdom below (via another developer):
>>
>> *On Derived Values*
>>
>> This, milord, is my family's axe. We have owned it for almost nine hundred
>> years, see. Of course, sometimes it needed a new blade. And sometimes it
>> has required a new handle, new designs on the metalwork, a little
>> refreshing of the ornamentation . . . but is this not the nine
>> hundred-year-old axe of my family? And because it has changed gently over
>> time, it is still a pretty good axe, y'know. Pretty good.
>>
>> -- Terry Pratchett, The Fifth Elephant
>>
>> On Sun, Feb 22, 2015 at 6:33 PM, Eric J. Bowman <eric@bisonsystems.net>
>> wrote:
>>
>>> Eric J. Bowman wrote:
>>> >
>>> > >
>>> > > I encourage you to read more about cryptography and cryptographic
>>> > > network protocols, and to try your hand at subverting HTTP and HTTPS
>>> > > traffic (on your own systems and networks only, of course). I think
>>> > > you'll find that the available security guarantees and
>>> > > non-guarantees of HTTP and of HTTPS are very different from what
>>> > > you have expressed in this thread.
>>> > >
>>> >
>>> > Thanks, but I don't think you've understood what it is I'm trying to
>>> > express.
>>> >
>>>
>>> Particularly, Superfish illustrates that the guarantees and non-
>>> guarantees of HTTP and HTTPS are *exactly* what I tried to express in
>>> this thread.
>>>
>>> Yes, I know. You're above this list now, or at least until March 30,
>>> while you write a book on Web security. Let's just say I'm not pre-
>>> ordering.
>>>
>>> -Eric
>>>
>>>
>>


--
GNU Powered it
GPL Protected it
GOD Blessed it
HFG - NalaGinrut
Fingerprint F53B 4C56 95B5 E4D5 6093 4324 8469 6772 846A 0058

Received on Tuesday, 27 August 2019 10:40:31 UTC