[Cryptography] "we need to protect [our dox] by at least encrypting them"

Ian G iang at iang.org
Tue Nov 8 15:27:03 EST 2016

On 08/11/2016 11:10, Peter Gutmann wrote:

> ianG <iang at iang.org> writes:
>> Here's a new data point from Wired - how long did it take the browser
>> manufacturers to respond to the bleedingly obvious failed GUI of the padlock?
>> 20 years.
>> https://www.wired.com/2016/11/googles-chrome-hackers-flip-webs-security-model/
>> That article is the Good, the Bad and the Ugly of security thinking. Count
>> the years - SSL and secure browsing invented in 1994, and the GUI was screwed
>> by Netscape 1.0.  Now, in 2014, a browser manufacturer starts to seriously
>> think about how to present the user a message.
> But look at what they're doing, it's what some guy called Grigg once described
> as "more of what we already know doesn't work".  So they're going to warn even
> harder that you're not using a CA-supplied cert, because if there's one thing
> that 20 years of experience with insecurity has told us, it's that that's all
> you need to make web browsing secure.
> Note that the article doesn't say they're actually going to take any measures
> to improve security, just following the old "anything HTTP is unsafe, anything
> HTTPS is safe" that hasn't done anything to stop phishing, malware, or any of
> the other fun stuff on the web.
> So I'd say it's mostly the Ugly of security thinking.  It shows that after 20
> years of failure to make progress, nothing has changed.  Prognosis: 20 more
> years of the same.

Right, that's why I called it the Good, the Bad and the Ugly.

So, the movement to come up with a new GUI arrangement, and the move to 
HTTPS everywhere are known good things.  The reason for this, and the 
painful unwinding of the meme of "open content is meant to be open" over 
the last decade was because there is no way that phishing can be dealt 
with until it is HTTPS all the time.  Once everything is in HTTPS, then 
every server is effectively identified, and the browser is responsible 
for not getting tricked into phishing.

As an aside, this strategy of HTTPS everywhere was identified in 2005.  
Can you say OODA?

The cost of this is in the cert.  The slavish obsequiousness to CAs is 
going to cause massive heartache, as techs running toy servers have to 
keep running off to that one open CA, and these people - the influential 
techies running departments - will fight until they get effective 
self-signed pinning interfaces.

That's the bad.


More information about the cryptography mailing list