[Cryptography] new wiretap resistance in iOS 8?
Peter Fairbrother
zenadsl6186 at zen.co.uk
Sun Sep 21 19:14:22 EDT 2014
On 20/09/14 21:18, John Denker wrote:
> There will never be perfect security. The measure
> of good security is that it imposes a cost on the
> attacker, out of proportion to the cost borne by
> the user.
Aaarrrghh, not that old bollocks again.
"Out of proportion"? - bear in mind Robert Morris's second rule: "Never
underestimate the attention, risk, money and time that an opponent will
put into reading traffic."
Plus remember, we don't ever really know the full resources of an
attacker, or how effective they are.
The costs might be well out of proportion - but the attacker might still
be willing to pay his.
Security is only good if, in practice, it resists an attacker's attempts
to break it.
Now what might be good enough in one case might not be good enough in
another; if for example an attacker can employ extended resources in the
second case.
If an attacker can only employ effective extended resources in limited
numbers, well you could say "it sucks to be the loser, but most of us
are safe" -
- but I will not say that. I will say instead that most of us are at risk.
Nor do I subscribe to the idea that security has to have any significant
cost to the user - modern encryption is essentially free and
unbreakable, why can't we do the same with the rest of our systems?
Especially software systems - the cost of distributing software is lost
in the noise.
The reason why the security behind those systems isn't essentially free
and unbreakable lies mostly in those who design them - they are not
security minded. They make things which are not secure but which are
popular and easy to use, and thus those things get used - we have to
make those popular things secure.
The converse is that secure products have to have the same popularity
and ease of use.
If a luser has to RTFM, it don't fukken work.
-- Peter Fairbrother
(hint re password reminder service - why does it have to be Apple who
remembers, or doesn't remember, the password? Distributed key shares are
old news)
More information about the cryptography
mailing list