PKI too confusing to prevent phishing, part 28
Jerrold Leichter
leichter at smarts.com
Sun Sep 25 23:39:41 EDT 2005
| <http://www.informationweek.com/story/showArticle.jhtml?articleID=171200010>
|
| Summary: some phishes are going to SSL-secured sites that offer up
| their own self-signed cert. Users see the warning and say "I've seen
| that dialog box before, no problem", and accept the cert. From that
| point on, the all-important lock is showing so they feel safe.
|
| Although the company reporting this, SurfControl, is known for
| alarmism, this is a completely predictable situation. If users can
| hold one bit and the bit is "look for the lock", then phishers will
| do anything to get the lock up there.
Just another indication that PKI as it was supposed to be done during the
Internet boom is dead. There are plenty of legitimate sites that are using
self-signed certs. (An ISP I use has one - and, while not one of the majors,
it's not a mom-and-pop operation either. They used to have a cert from
Verisign or one of the other big providers. After that expired, they kept
using it for about a month - then put the self-signed one in its place.)
On this list, we see plenty of (quite plausible) arguments that a self-
signed cert is better than no cert at all: At least it can be used in an
SSH-like "continuity of identity" scheme.
Talking about users as being able only to hold one bit continues an
unfortunate attitude that, if only users weren't so dumb/careless/whatever, we
wouldn't have all these security problems. Between the hundreds of CA's that
browsers are shipped with - all allegedly trustworthy; the sites whose certs
don't match their host names; the random links that appear to be within one
site but go off to others with no relationship that anyone can discern to the
original; the allegedly-secure sites that don't use https until you log in;
all the messages telling you to ignore security warnings; and now the growing
number of sites that use self-signed certificates ... as far as I'm concerned,
SSL for browsers has gotten to the point where one could legitimately argue
that it's *bad* for security, because it leads people to believe they have a
secure connection when very often they don't. Perhaps if they realized just
how insecure the whole structure really is these days, there would be some
pressure - in the form of even more people voting with their feet and refusing
to participate - to actually get this right.
(BTW, I'll add one more tale to the "ignore security warnings" thread: If
you try to use Windows Update these days, it asks you to update the updater.
If you agree, a .CAB file gets downloaded. The .CAB file is properly signed
by Microsoft. Inside it are three other files. These individual files are
*not* signed. You get warnings for each one, asking if the installer should
go ahead and use them even though they are unsigned. If you decline ... you
can't use Windows Update.)
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list