On Monday 24 March 2003 19:26, bear wrote: > On Mon, 24 Mar 2003, Peter Clay wrote: > > >On Sun, 23 Mar 2003, Ian Grigg wrote: > > > >> Consider this simple fact: There has been no > >> MITM attack, in the lifetime of the Internet, > >> that has recorded or documented the acquisition > >> and fraudulent use of a credit card (CC). > >> > >> (Over any Internet medium.) > > There have, however, been numerous MITM attacks for stealing > or eavesdropping on email. A semi-famous case I'm thinking > of involves a rabid baptist minister named fred phelps and > a topeka city councilwoman who had the audacity to vote against > him running roughshod over the law. He set up routing tables > to fool DNS into thinking his machine was the shortest distance > from the courthouse where she worked to her home ISP and > eavesdropped on her mail. Sent a message to every fax machine > in town calling her a "Jezebellian whore" after getting the > skinny on the aftermath of an affair that she was discussing > with her husband.
I love it! Then, I'm wrong on that point, we do in fact have some aggressive MITMs occuring in some mediums over the net. Steve Bellovin pointed one out, this is another. Which gets us to the next stage of the analysis (what did they cost!). > And as for theft of credit card numbers, the lack of MITM > attacks directly on them is just a sign that other areas of > security around them are so loose no crooks have yet had to > go to that much trouble. Weakest link, remember? No need > to mount a MITM attack if you're able to just bribe the data > entry clerk. I'd say, SSL with the cert protection is the strongest link in the chain. In fact, it's ludicrously strong. It's like a Chubb vault lock on a screen door. If we were getting physical here, the door wouldn't be strong enough to hold up the lock. So, cut to the chase: if we "mandate" that from now on, all commerce servers use ADH, just hypothetically, for the sake of argument, do you think that the connection would then become anything other than the strongest link in the chain? (I think it would remain the strongest link, by far. In fact, even if it was unencrypted, I think it would be one of the stronger links, c.f., David Wagner's devilish advocacy. But, nobody would suggest we throw away the current cert infrastructure, just that we back off a little and accept the intermediate path of ADH / self-signed certs.) > Just because most companies' security is so > poor that it's not worth the crook's time and effort doesn't > mean we should throw anyone who takes security seriously > enough that a MITM vulnerability might be the weakest link > to the wolves. Nobody's saying that we should. I'm saying that the server and browser should offer the choice to deploy and use more convenient levels of security. The message should congratulate the user for moving up to a more secure channel than HTTP, not annoy them with imponderables about how self-signed certs might be insecure under a certain hard-to-measure threat model... as is the case now. -- iang --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
