[Cryptography] "Death Note" elimination for hashes

Jerry Leichter leichter at lrw.com
Mon Oct 21 18:06:53 EDT 2013 

On Oct 21, 2013, at 3:27 PM, Ray Dillinger <bear at sonic.net> wrote:
Nice idea for how to publish a proof that a hash function should no longer be used, not so nice idea about how to tell a user:

> "Whenever you try to do anything financial over the Internet using this ISP, or attempt to change your account settings with your ISP, or anything else that requires secure Internet communications, it will fail.  This is not a problem or error with your software or settings.  This is something your ISP needs to fix, and you will not be able to use secure communications until your ISP fixes it.  A cryptographic function used by your ISP has been proven to be
> invalid and your ISP now needs to upgrade servers, routers, or switches for you to be able to continue using secure communications."
(And other similar examples.)

Sorry, but hardly anyone will read this; most of those that do won't really understand what it means; and, in general, it will just piss users off.  You broke the Internet for them.  All this verbiage doesn't make it any better.

The *only* message you could give users that has a hope of drawing a reaction other than "they broke it" is one along the lines of:  "Your software is out of date.  Click here to update it.  You will not be able to communicate with <product> until you do so."

I understand that the problem you're attacking is one where there *is* no update.  Well ... guess what.  That's the way things are.  The idea that you can somehow magically get someone to upgrade them by pissing off enough naive users is just wrong.

Security is important, but the fact is that if you *ask* people whether they would choose to be locked out of their on-line banking accounts for some indefinite period, or be able to access their account at some small risk, you'll find hardly anyone who wants to be locked out.

The vast majority - hundreds of millions - of Android devices out there run versions of Android with known, sometimes severe, security bugs.  They can't, and won't, be upgraded.  Is your best response "well, brick 'em all"?

                                                        -- Jerry

More information about the cryptography mailing list