nanog mailing list archives
Re: The state-level attack on the SSL CA security model
From: "Danny O'Brien" <danny () spesh com>
Date: Thu, 24 Mar 2011 15:29:13 -0700
On Thu, Mar 24, 2011 at 7:09 AM, Harald Koch <chk () pobox com> wrote:
On 3/23/2011 11:05 PM, Martin Millnert wrote:To my surprise, I did not see a mention in this community of the latest proof of the complete failure of the SSL CA model to actually do what it is supposed to: provide security, rather than a false sense of security.This story strikes me as a success - the certs were revoked immediately, and it took a surprisingly short amount of time for security fixes to appear all over the place.In some places, failure of internet security means people dieThose people know that using highly visible services like gmail and skype is asking to be exposed...
This is definitively not true. There is no evidence of the active use of these services (or circumvention systems to reach them) being used as evidence or an indication that a particular target should be detained, threatened or punished, in Iran in particular and actually globally. I say this, because such evidence would actually reinforce some security recommendations that I and other human rights groups have made, so I'm always on the look out for it. On the other hand, both gmail and Skype are used by many individuals on the assumption that they are more secure than the alternatives (non-SSL protected webmail or those with servers in local jurisdictions; unencrypted instant messaging clients). You can argue about whether these tools *are* more protective, but you certainly can't say that these high-risk groups use them on the understanding they can expect the same level of knowledge or retribution by their adversaries than if these systems were openly surveillable. A security breach like this makes the details of specific communications readable, which also places people who do *not* use these tools at far more risk also. I'm personally not yet convinced that the attackers in this case were the Iranian state; that's something that is incredibly hard to ascertain, and I'm surprised Comodo were so quick to draw this conclusion. Even if these attacks came from Iran, that could be for false flag reasons, plus as others have pointed out, criminals have as much interest in obtaining these certificates as the Iranian state -- although factions within the Iranian government could certainly be potential clients. Other states might have an interest too. Just because you have an organisation with CA authority within the reach of a government doesn't mean you'd want to use those signing powers when dealing with dissidents. The arguments on NANOG about why non-disclosure in this case might have been a good idea I think contribute to the debate. Nonetheless, I'd strongly urge anyone not to assume that activists and journalists at physical risk in states like Iran assume that risk by using specific tools, or that major (if temporary) failures in the PKI structure don't put them and their colleagues at far greater risk. Best, d. Danny O'Brien, Committee to Protect Journalists https://cpj.org/internet
-- Harald
Current thread:
- Re: The state-level attack on the SSL CA security model, (continued)
- Re: The state-level attack on the SSL CA security model Joe Sniderman (Mar 25)
- Re: The state-level attack on the SSL CA security model Franck Martin (Mar 25)
- Re: The state-level attack on the SSL CA security model Steven Bellovin (Mar 26)
- Re: The state-level attack on the SSL CA security model Christopher Morrow (Mar 24)
- Re: The state-level attack on the SSL CA security model Leif Nixon (Mar 24)
- Re: The state-level attack on the SSL CA security model Tony Finch (Mar 24)
- Re: The state-level attack on the SSL CA security model Richard Barnes (Mar 24)
- Re: The state-level attack on the SSL CA security model Dan White (Mar 24)
- Re: The state-level attack on the SSL CA security model Brian Keefer (Mar 24)
- Re: The state-level attack on the SSL CA security model Danny O'Brien (Mar 24)