Bernie Sumption wrote:
If we create an error display that says "No kidding, this absolutely
is an attack and we're stopping you cold to protect you from it."
it seems unavoidable that users will learn to treat the absence
of such an unbypassable error display as proof to the contrary,
proof that the site is genuine and verified.
Do we want to train them that way?
I don't think that this is an issue. I believe most users likely never
see a MITM attack in their browsing carer - indeed this rarity of real
MITM attacks is the reason why real attacks are interpreted as false
positives, it's just the most likely explanation for a cert error
screen.
Yes.
If a MITM detection service could be designed that gave no false
negatives, most users would never see it, so would not learn to
associate the existing cert error screen with an "all clear".
It is kind of plausible to design any service that does "something" and
there are a few examples. But there are difficulties. Firstly, the
existing service already "promises" it, so what went wrong, and what
will happen when you bypass it? Are we breaking the existing service?
Are we just adding in more complications?
Secondly, recall Adi's 3rd law: the attacker typically bypasses. This
means that any service has to consider whether it is trivially bypassed,
and/or whether there are better attacks outside its boundary already.
The answer at this level is "probably, yes, c.f., phishing." At which
point, it then becomes less valuable, even if it is "right" technically,
and it is likely to become more costly than the benefits it delivers.
See above.
Thirdly, there isn't really any hope of "no false negatives" ... because
the service isn't really close enough to the two players to be
absolutely sure. It can only create that absolutism by mandating that
everyone believes its viewpoint, which is a trick that isn't easy to
pull off, and is wrong.
I have no idea if MITM attacks are generally targeted at users, as in
the case of this thread, or against servers.
We have too little data to answer that. In this case, it was a wireless
attack. In the past, we have predicted that wireless would lead to an
increase in MITMs of this nature, but we were wrong, there are still
only isolated cases. These MITMs are just too rare. (Why that is, and
what to do about it are interesting questions...)
But the fact is, real anti-cert MITMs are too rare.
If MITM attackls are targeted at servers, I accept that there is very
little that Firefox can do to stop this. If the attack is targeting a
user, surely there is an opportunity for Firefox to help the user
realise that they are being MITM'd? This could be a sustained attack,
lasting days or weeks, slowly collecting all of the user's passwords.
The idea of it makes me shudder!
LOL... Did someone tell you that browsing was safe?
Any solution will be an imperfect
trade-off, but is it really the consensus that there's no better trade-
off than the current situation?
No. There is no consensus. There are opposing camps. One camp
believes that the solution is to drop all self-signed certs. Another
camp believes that Key Continuity Management is the answer. Yet a third
camp believes that user training has to be done, and the UI needs a
little tweaking, is all. A fourth camp has written off SSL / secure
browsing as irrepairably flawed. A fifth camp believes that only
protocol bugs and the number of bits is security, the rest is outside
purview. A sixth camp believes this is not a technical issue at all,
and will be solved by the lawyers. If we look over the hill, we'll see
other camps, hear much muttering, and in the end, we all return to our
cups and mutter on...
There is no consensus! Sorry about that... you want a cup of wine with
your muttering? :)
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
