Full Disclosure mailing list archives
Re: Microsoft Outlook Vulnerability: S/MIME Lossof Integrity
From: Valdis.Kletnieks () vt edu
Date: Mon, 17 Jun 2013 10:45:34 -0400
On Mon, 17 Jun 2013 15:51:56 +0200, "ACROS Security Lists" said:
Good points, Valdis, but I think we know how to do this right: an invalid/untrusted/unmatching certificate is not a cause for user-waivable warning but for a fatal you-shall-not-pass error. By allowing users to even go past the warning we're nurturing the automation of okaying such warning as well as (I've seen this too many times) the development of HTTPS web sites with untrusted certs that ask their users to download and install a root CA cert to remove the warning - and do so over HTTP.
No, that's how to do it *hardline*. There's many in the security industry that will explain to you that it's also doing it *wrong*. Hint - the first time that HR sends out a posting about a 3-day window next week to change your insurance plan without penalty, signs it with something that doesn't match the From:, and the help desk is deluged by phone calls from employees who can't read the mail, the guy who put "You shall not pass" in place will be starting a job hunt. For even more fun, think about the failure modes when an insurance company blows it while sending to Joe Sixpack's GMail account. Who's help desk gets called, and how do they resolve it? Probably the ISP, and the user gets told "You could just turn off that checking...." And that's what will happen to your proposal. Security measures that get in the way of actual work *will* get turned off. Case in point: Google for threads discussing problems with SELinux. 98% of them end with "I couldn't figure out how to make it work, so I just turned it off". (And the fact that SELinux is hard to Unless you plan to actually train the users how to fix the problem *correctly*. Which I'd love to see, actually, since it would be a first in the security industry :)
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Microsoft Outlook Vulnerability: S/MIME Loss of Integrity Defence in Depth (Jun 15)
- Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity Valdis . Kletnieks (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIME Lossof Integrity ACROS Security Lists (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIME Lossof Integrity Valdis . Kletnieks (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIMELossof Integrity ACROS Security Lists (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIMELossof Integrity Jeffrey Walton (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIMELossof Integrity Daniƫl W . Crompton (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIMELossof Integrity Jeffrey Walton (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIME Lossof Integrity ACROS Security Lists (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity Valdis . Kletnieks (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity Jeffrey Walton (Jun 17)
- Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity Darius Jahandarie (Jun 18)
- Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity Alex (Jun 18)