[Cryptography] Encryption opinion

[ianG]

On 25/08/2014 07:31 am, Stephan Neuhaus wrote:
> On 2014-08-24, 13:40, ianG wrote:
>> The bad things that seem to happen at the user level rely on the split
>> between HTTP and HTTPS, in that users cannot tell the difference and get
>> phished.
> 
> I would opine that even if users could tell the difference, they'd still
> get phished.


Indeed.  And if users have credit cards, they'll still use them or lose
them or hand them to waiters at dodgy restaurants.

So what was the mission of HTTPS, again?

> HTTPS doesn't protect against phishing;


HTTPS lists amongst its features protection against MITM.  Indeed, the
primary design influence is protection against MITM, being the big
difference between SSL v1 and SSL v2, and the #1 thing that the WGs
worry about.

Phishing is an MITM.  We could talk about this MITM versus that MITM,
but do you recall the 1990s when all this was pushed through against
objections? "If you do not stop the MITM you are evil" is the basic
sense of it.

So it turns out that HTTPS protects against a class of MITMs, not all
MITMs.  As the easiest MITM is outside HTTPS, what is the point of
protecting MITMs at all?


> if your browser is
> talking to a phishing site, and if they have a genuine certificate, the
> certificate will happily (and correctly) attest to the authenticity of
> that phishing site.


Yeah, this is CA-talk, it is a marketing story to get browser vendors
and developers to understand that they must have a certificate.

What it distracts from is:  protecting the user.


> Pervasive HTTPS would indeed be a (part of the) solution to the problem,
> if only because it would no longer be possible to make the stupid
> decision that a site with a self-signed certificate (that fails to
> verify because the browser doesn't have the issuer's cert in its cache
> of trusted roots) is somehow less secure than a site with no certificate
> at all.


Right.  Now the browsers make the stupid decision that somehow a
self-signed certificate is somehow less secure than HTTP.

Basically the browsers don't do security.  They follow some recipe that
they were sold a long time ago.

Try this.  Imagine the browser vendors sat down and said, let's do
security.  Let's protect our users.  How would they be able to have that
conversation without saying "and we must stop phishing?"

And, do you think that if they browsers had said "we must eradicate
phishing!" they would have succeeded?  Of course the would.

I don't understand how they did it, but they managed to forget the user.
 Entirely.  Industry-wide cognitive dissonance allowed everyone from
IETF to vendor to CA to audit to proceed happily without addressing
phishing [0].  How do you explain that?



iang

[0] Rest is history:  phishing in mid 2000s financed the investment
cycle that created the industrial attack machine we now know and loath.