In message <[EMAIL PROTECTED]>, Joel Jaeggli w rites: > >On Mon, 21 Nov 2005, Stephen J. Wilcox wrote: > ><snip> >> >>> What do you learn by looking at someone's ipsec, ssl-wrappered, or ssh >>> tunneled traffic? >> >> no, we're not trying to do that, you dont really think that because its >> encrypted it cant be decrypted do you? > >I do believe (reasonably so, I think) that if I'm going have a >conversation with a second party whom I already trust, that a third party >will have trouble inserting themself into the path of that conversation >without revealing their presence.. > ><snip> > >> you dont have to break the code if the endpoints trust sessions with you and >> share their encryption keys > >Successfully inserting yourself in the middle requires some >social-engineering or really bad protocol design. The former can be >mitigated through vigilance, the later falls into the realm of peer review >and security research.
The problem is "vigilance", especially as applied to non-security aware users. Here's a quick test: pick a bunch of smart, non-geek computer users and ask them what a certificate is and what a certificate authority is. Then inquire what they'd do when the web page they were looking at had some text similar to what I posted yesterday. You're absolutely right that sufficient vigilance -- coupled with good user interfaces -- should be adequate. Note my qualifiers: "sufficient", "good", "should be". Demonstrably, they're not. (A few years ago, a company I know of deployed a browser+Java-based expense voucher application. The login screen said "when you're asked if this applet should have extra permissions, just click yes, even though the pop-up warns that that could be dangerous". A security-clueful person I know complained about the bad habits this was instilling. The answer he got back was "we've checked it out; this application really is ok". Talk about unclear on the concept... That said, ssh (which you cited in another post) does a better job. It gives a very big warning that stresses the danger. By contrast, Firefox (and I think IE, though I'd have to find a Windows machine to test that) tells you that various forms of certificate problems are unlikely. The big thing ssh does is that it keeps a history -- it binds the warning to your previous history. That's a much better strategy than relying on ~80 CAs you've never heard of. > >If I may paraphrase the original posters question (Ross Hosman), it was: > >Do large wireless buildouts present a new security threat due to the >potential to spoof AP's? > >The answer to that is no, this is a threat we live with currently. We have >tools to mitigate the risks associated with it. > >You can say that consumers are stupid, and won't figure this out, and that >may be true; however when it's starts to cost them losts money, they will >sit-up take notice and buy tools to solve this problem for them, just like >they do with any other security threat that goes beyond being an anoyance. >probably said product will be blue, say linksys on it, and have the word >vpn (among others) buried on the packaging someplace. > Given reports I've seen about public terminal usage, I'm much more skeptical. See, for example, http://www.theregister.co.uk/2005/09/21/airport_pc_security_lax/ I frequently take the train to Washington; I've occasionally noticed other PCs that appear to be looking for an access point. I've been tempted to put my machine into host AP mode (or use my travel access point -- these trains generally have AC power), run a dhcp server, and see what passwords I get. But I've never been able to convince myself that it would be legal, let alone ethical. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb