Defending users of unprotected login pages with TrustBar 0.4.9.93

Amir Herzberg herzbea at macs.biu.ac.il
Tue Sep 20 05:38:25 EDT 2005 

John Gilmore wrote:
> Perhaps the idea of "automatically" redirecting people to alternative
> pages goes a bit too far:
Of course, users can turn this off for one page or for all, but that's 
not answering yet John's comments below - I respond following them...

Also: I am not crazy about this solution either, but I think the current 
situation, where very large banks insist on providing unprotected login 
pages, is even worse. I tried convincing them, and I must say few did 
change, e.g. Wells Fargo I think. I'll be happy to hear of better 
solutions (or do you think the current state is better?).
>  
>>1. TrustBar will automatically download from our own server,
>>periodically, a list of all of the unprotected login sites, including
>>any alternate protected login pages we are aware of. By default,
>>whenever a user accesses one of these unprotected pages, she will be
>>automatically redirected to the alternate, protected login page.
> 
> How convenient!  So if I could hack your server, I could get all
> TrustBar users' accesses -- to any predefined set of pages on the
> Internet -- to be redirected to scam pages.
What if the list is signed by one or more authorities that users are 
willing to trust to this matter?

Or just have the list in a trusted site - after all, if someone breaks 
Google, they can redirect much more than by attacking our server...
> 
> A redirect to an "untrustworthy" page is just as easy as a redirect to a
> "trustworthy" page.  The question is who you trust.
We are not redirecting to a trustworthy site (e.g., your bank is 
insecure, try that one instead...). We simply redirect to an SSL 
protected page of the same entity (bank) if we know one.
> 
>>BTW, TrustBar is an open-source project, so if some of you want to
>>provide it to your customers, possibly customized (branded) etc., there
>>is no licensing required.
> 
> 
> Also providing a handy platform for slightly modified versions, that will
> take their cues from a less "trustworthy" list of redirects.
Are you now against open source in general? After all, for this attack, 
Mozilla would be a much better target... In fact, since `everybody` uses 
Windows, any stupid program can redirect users to fake sites - and do 
much worse...

Anyway - thanks for the feedback.
-- 
Best regards,

Amir Herzberg

Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
Try TrustBar - improved browser security UI: 
http://AmirHerzberg.com/TrustBar
Visit my Hall Of Shame of Unprotected Login pages: 
http://AmirHerzberg.com/shame

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list