Snowden's NSA Leaks Gave IETF a Needed Security Wake-up Call 52
alphadogg writes "Security and how to protect users from pervasive monitoring will dominate the proceedings when members of Internet Engineering Task Force meet in London starting Sunday. For an organization that develops the standards we all depend on for the Internet to work, the continued revelations made by NSA whistleblower Edward Snowden have had wide-ranging repercussions. 'It wasn't a surprise that some activities like this are going on. I think that the scale and some of the tactics surprised the community a little bit. ... You could also argue that maybe we needed the wake-up call,' said IETF Chairman Jari Arkko. Part of that work will also be to make security features easier to use and for the standards organization to think of security from day one when developing new protocols."
They will destroy your reputation (Score:2, Informative)
Or... (Score:1)
Or they'll just pay someone smarter than you to unsecure it again.
two words: trusted proxy (Score:5, Insightful)
Re:two words: trusted proxy (Score:4, Insightful)
We need to replace both SSL/TLS AND the broken CA cert model with a new security system specifically designed so its NOT possible to build such a "trusted proxy" or otherwise MITM the connection even if you control the client (i.e. all those corporate solutions that require a special root certificate on the client and then use that to proxy SSL in a way that users generally wont notice unless they start looking at the certificate details)
Re:two words: trusted proxy (Score:5, Insightful)
Uh.. secure communications for the client even if the adversary controls the client? Good luck with that.
Re:two words: trusted proxy (Score:4, Interesting)
What I meant was more along the lines of preventing someone like, say, an IT shop at a big company from being able to install a "trusted client certificate" from one of those SSL proxy server things (websense etc) and MITM SSL that way.
(cue IT guys saying "but we have to do that because xyz stupid law requires we monitor everything going in and out and if we cant monitor SSL traffic, we would have to block it and break half the internet")
Re: (Score:2)
(cue IT guys saying "but we have to do that because xyz stupid law requires we monitor everything going in and out and if we cant monitor SSL traffic, we would have to block it and break half the internet")
Why do you have a problem with that? They should just let employees shuttle corporate trade secrets out of the company via a web browser because you feel like doing your personal banking on a work computer?
Make the case for giving every employee unrestricted Internet access from a computer connected to t
Re: (Score:2)
How do you intend to stop IT departments reconfiguring computers they themselves purchased?
I don't think you thought that one through. At all. It's not even a reasonable goal.
Re:two words: trusted proxy (Score:4, Interesting)
Re:two words: trusted proxy (Score:5, Interesting)
We need to replace both SSL/TLS AND the broken CA cert model with a new security system
I think care is needed in understanding the difference between failures of technology vs. failure in implementation.
For example the technology to enable PKI may be sound however deploying SSL CA's in the manner they have with hundreds of redundant, global, overlapping CAs may prove to be unreasonably difficult to secure or trust.
specifically designed so its NOT possible to build such a "trusted proxy" or otherwise MITM the connection even if you control the client
Every possible security protocol which will ever exist requires a useful source of trust as the basis for useful operation. Without trust security is ALWAYS a useless illusion.
If an untrustworthy source controls all the inputs and all the outputs there is no trust in that system, no sophisticated cryptographic concept or any amount of wishful thinking will ever change this.
If it is not an untrusted cert it will be manipulation of the browsers security stack or rendering system. About as pointless as implementing RFC 3514.
Re: (Score:2)
We need to replace both SSL/TLS AND the broken CA cert model
Here is a proposal: DNSSEC ensures DNS record integrity, so use it to publish domain-specific CA. If you need to connect to www.example.com, get example.com's CA from the DNS, and use it to validate www.example.com certificate.
Re: (Score:3, Insightful)
I'll give you a hint. If it involves a premise of "trusted" it can't be.
oh really.. what about a but of a clean up first? (Score:3, Informative)
And yet, despite the clear conflict of interest, an NSA employee remains in a position of trust in a cryptography standard [arstechnica.com]. No accusation against the guy since don't know him. However, if you or I got caught trying to damage the standard we were working in, we'd get sued. If he got caught he'd just be told to be more careful next time. It is totally inappropriate and the IETF should act.
Re: (Score:2)
just to answer the bullshit "the co-chair can't influence the standard he's working on line"; remember, if he works for the NSA, he already knows where the problem in the standard is. If he notices someone working in that direction, all he has to do is ask a few extra favors and they won't have time to spot the problem.
long overdue (Score:2)
It's about time... There are many standards that the IETF has domain over that are weak and some that should be considered wholly insecure and not recommended or deprecated. These were developed when we were much more trusting of our neighbors on the Internet. Hopefully they'll start taking this to heart when it comes to new standards.
Damn! Ghostery blocked 13 tracking scripts (Score:2)
And that's with scripting disabled even. NetworkWorld is a whore.
Ghostery *is* a natural response (Score:1)
Ghostery turns the tables just like Mega turns the tables. It's tells advertisers what we really think of their methods by adding a usable opt-in layer to their supposed opt-out. The difference here is the advertising industry is happy to pay for that knowledge.
Also, no speed problems with NoScript doing it's thing. Most web pages get bogged down on useless scripts and flash videos.
Re: (Score:1)
By "their methods" I mean drag-netting to achieve targeted advertising.
Article (Score:5, Interesting)
Comment removed (Score:5, Interesting)
Re: (Score:3)
Er, it is implemented in the client! S/MIME has been implemented by all non-webmail clients for years. When used correctly it's more or less transparent: every email is signed (you get an smime.p7s attachment), and if you receive a signed mail and have S/MIME configured too, your client can/will automatically encrypt the response.
But there are reasons it's not widely used: in the consumer space, most people don't bother getting an email address cert (even though Comodo and StartSSL give them away for free,
A stochastic process... (Score:2)
Perhaps if the God you refer to is Tyche [theoi.com].
I don't think the IETF woke up at all... (Score:5, Interesting)
If you care about Internet security, especially what we call "end-to-end" security free from easy snooping by ISPs, carriers, or other intermediaries, heads up! You'll want to pay attention to this.
You'd think that with so many concerns these days about whether the likes of AT&T, Verizon, and other telecom companies can be trusted not to turn our data over to third parties whom we haven't authorized, that a plan to formalize a mechanism for ISP and other "man-in-the-middle" snooping would be laughed off the Net.
But apparently the authors of IETF (Internet Engineering Task Force) Internet-Draft "Explicit Trusted Proxy in HTTP/2.0" (14 Feb 2014) haven't gotten the message.
What they propose for the new HTTP/2.0 protocol is nothing short of officially sanctioned snooping.
Any Idiot (Score:2)
Any Idiot can right a RFC-Draft, they don't even have to know anything about networking.
Re: (Score:1)
Any Idiot can right a RFC-Draft, they don't even have to know anything about networking.
I dunno about that. I'm pretty sure any idiot can write one, but I think they'd have to have some skill to right it if it's stupid.
Re: (Score:2)
From what I understand from the RFC, the proposal is actually trying to protect from local eavesdropping when accessing http-resources. I.e. you define a trusted proxy, and use HTTP2 with TLS to access insecure HTTP resources through it. This does not offer end-to-end security, but offers protection for the user against local adversaries, such as their ISP.
Re: (Score:1)
Out of curiousity, and with no animosity, (Score:2)
Bake Anonymity Into the Internet Itself using Tor (Score:2)
Re: (Score:2)
The reason we seem to be getting all the good crypto news and 'fixes' might be that the vast illegal domestic spying programs have move on and are now ready for any such changes to the internet.
The next step seems to be "NSA head floats idea: What if we only gathered terrorist communications?" Mar 1 2014
http://arstec [arstechnica.com]
My 2c (Score:1)
These guys work 24/7 with a budget beyond most corporations to ensure they are one step ahead of everyone and can access any piece of information they want to get to.
Short of never connecting your computer to a public network (and even that might not cut it [slashgear.com]), You're fighting a losing battle against these guys. If there's any technology out there you could truly use to secure yourself against the NSA, they'll do everything to make sure it never sees the light of day.
The only way to really combat this, is t
The IETF has always been a bunch of dumbasses. (Score:2)
The IETF is deprecated, and can never be trusted. They have always been against security, as demonstrated by HTTP and HTML's lack of interaction with TLS/SSL.
We already have HTTP-Auth using hash based proof of knowledge via HMAC with a server nonce. So, when deciding to add encryption to the Internet we could have just taken the output of the existing HTTP-Auth -- the proof of knowledge -- and key your symmetric stream ciphers with it instead of sending the proof back and forth in the clear. See?
Yes, thi