Interesting People mailing list archives
IP: Passport renewal time
From: David Farber <dave () farber net>
Date: Wed, 08 Aug 2001 05:07:47 -0400
Finding fault in Microsoft's e-commerce security Janos Gereben - www.the451.com Passport - Microsoft's one-stop login for millions of users of the company's sites, online purchase authorizations and services such as Hotmail - is under new scrutiny and criticism for its security and privacy weaknesses. The topic is especially timely as Microsoft's XP is about to go into commercial use. XP, Hailstorm and the entire .net cluster all rely on Passport logins. Current figures of 40 million consumers using Passport, with 400 authentications per second on average, may significantly increase as Microsoft is bolstering its e-commerce role. The rallying point of the attack on Passport is not from a Microsoft enemy or competitor. It is a noncommercial, objective study by David Kormann and Aviel Rubin of AT&T Labs. Entitled "Risks of the Passport Single Signon Protocol," the study allows that some of the privacy and security problems it documents may be inevitable for a system with the requirements Passport tries to meet - in volume and complexity. In the end, however, the authors are unequivocal that "efforts such as Passport must be viewed with suspicion", at least "until fundamental changes are made to underlying protocols (through standards such as DNSSEC and IPSec)." Among Passport's flaws, the study lists such major security problems as in the interaction of Passport and Netscape browsers, users kept logged in even while being informed that they had logged out; the uncertainty of decisions about the authenticity of a user; effects of denial of service attack on the login server, and others. Passport is designed to use existing web technologies, so that clients and servers need not be modified. The protocol leverages HTTP redirects, Javascript (not absolutely required but "highly desirable), cookies, and SSL (secure sockets layer). The study, which calls SSL a "wonderful protocol," questions the certification model and user interface. At the time the Passport study was first published, over a year ago, it did not create much discussion, but now, it is being circulated and discussed, creating a new buzz. The451 asked the authors what they think makes their work the subject of renewed interest. Rubin said the main reason is that "Passport is making waves, and so our paper, even though it is a bit dated, is still relevant." Kormann pointed at the imminent public release of Hailstorm and .net, both of which rely heavily on Passport, and "the importance of .net and Hailstorm in Microsoft's long-term strategy." Do increasing concerns with viruses, worms and, specifically, Code Red have anything to do with the interest in Passport's problems? While he wouldn't draw direct comparisons between Code Red and Passport's weaknesses, Kormann said publicity about worms "contributes to an air of heightened awareness about the potential impact of these risks. a good thing." The study, Kormann points out, addresses potential risks in Passport's design, while Code Red exploits a poor implementation decision - so the difference is clear - to him, but that may be too a fine a point from businesses' and costumers' point of view when their security is compromised. ~~~~~~~~~~~~~~~~ Janos Gereben/SF janos451 () earthlink net
For archives see: http://www.interesting-people.org/
Current thread:
- IP: Passport renewal time David Farber (Aug 08)