[Cryptography] Dedicated servers, was Re: Signal planning no support for plaintext SMS
Peter Fairbrother
peter at tsto.co.uk
Fri Nov 4 02:31:46 EDT 2022
On 02/11/2022 00:45, John Gilmore wrote:
I
> got tired of finding tricks to dodge Signal's insistence that I "create
> a PIN" that it would then use to upload all my contacts into Signal's
> servers
I know almost nothing about Signal, but if any messaging app has its own
dedicated servers then it is going to be insecure. If the servers have
any kind of private information on them they are a security risk.
2nd law: An attacker can't steal things which aren't there to steal
What do they need dedicated servers for? Technically, there is no
security to be gained from having dedicated servers. That includes
better usability (which is a security issue). To combat DOS? Dedicated
servers just give a single point of DOS attack.
I can think of two other possible reasons why app designers might want
to use dedicated servers - monetisation or honey-trapping.
Honey-trapping is obviously bad security (from the user POV), and
monetisation necessarily involves private info and is therefore bad
security as well.
6th law: Only those you trust can betray you
-- Peter Fairbrother
The laws and principles of secure system design:
The laws:
0 It's all about who is in control
1 Someone else is after the things you have
2 An attacker can't steal things which aren't there to steal
3 Everywhere can be attacked
4 More complex systems provide more places to attack
5 Attack methods are many, varied, ever-changing and eternal
6 Only those you trust can betray you
7 Holes for good guys are holes for bad guys too
8 A system which is hard to use will be misused, abused and underused
9 Security is a Boolean. [1]
10 Items of data once publicly linked cannot be reliably unlinked
[1] Looking back in time from the future - did it work? Then it was
secure enough. Can be hard to see that from the present though, and even
from the future not all harmful breaches can be seen.
The principles: (a work in progress)
A capable attacker will look for plaintext
red/black separation
Schneiers's principle
Zooko's tradeoff
Kerckhoffs's Principle
Corollary to Metcalfe's principle [2]
It is easier for insiders to steal information - also janitors, cleaners
Design for known threats
Design for future threats
Design for unknown threats as far as possible
existing systems persist
defence in depth
monoculture -> target more attractive, usually more brittle
the capital and operating costs of well-designed secure systems are
about the same as those of insecure ones until the insecure ones fail
keep intrusion records
keep i/o records
cheap and effective security needs good system design.
if it's expensive, it probably won't be effective.
Unless it is for your use alone you do not control what a system is to
be used for
Even if it is for your use alone you do not control the resources which
will be pitted against your system
cryptanalysis is difficult - but people can do difficult things
people offering the impossible are lying
in code, nothing ever really goes away
etc.
The principles can sometimes be broken or wrong, unlike the laws.
[2] the security of a secret is inversely proportional to the square of
the number of people who know it
More information about the cryptography
mailing list