[Fwd: MI5 hate encryption so much, they don't use it!]
Ben Laurie
ben at algroup.co.uk
Wed, 03 Jul 2002 12:49:53 +0100
This is a multi-part message in MIME format.
--------------090205090509020402020703
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
--------------090205090509020402020703
Content-Type: message/rfc822;
name="MI5 hate encryption so much, they don't use it!"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="MI5 hate encryption so much, they don't use it!"
X-Sieve: cmu-sieve 2.0
Return-Path: <ben@algroup.co.uk>
Received: from mailgate.algroup.co.uk (localhost [127.0.0.1])
by scuzzy.ben.algroup.co.uk (Postfix) with SMTP id 94AAA2EB41
for <ben@scuzzy.ben.algroup.co.uk>; Wed, 3 Jul 2002 11:39:39 +0000 (GMT)
Received: (qmail 19037 invoked by uid 1002); 3 Jul 2002 11:39:37 -0000
Delivered-To: aldigit-ben@algroup.co.uk
Received: (qmail 381 invoked by uid 1007); 3 Jul 2002 11:39:37 -0000
Received: from ben@algroup.co.uk by mailgate with qmail-scanner-1.01 (. Clean. Processed in 0.064882 secs); 03 Jul 2002 11:39:37 -0000
Received: from sockittome.aldigital.co.uk (HELO scuzzy.ben.algroup.co.uk) (194.128.162.252)
by mailgate.algroup.co.uk with SMTP; 3 Jul 2002 11:39:37 -0000
Received: from algroup.co.uk (wiese.ben.algroup.co.uk [193.133.15.150])
by scuzzy.ben.algroup.co.uk (Postfix) with ESMTP
id 03F1C2EB41; Wed, 3 Jul 2002 11:39:06 +0000 (GMT)
Message-ID: <3D22E25A.7080409@algroup.co.uk>
Date: Wed, 03 Jul 2002 12:39:06 +0100
From: Ben Laurie <ben@algroup.co.uk>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.0) Gecko/20020530
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: RISKS <risks@csl.sri.com>, ip <ip-sub-1@majordomo.pobox.com>,
tips@spesh.com
Cc: Ben Laurie <ben@algroup.co.uk>
Subject: MI5 hate encryption so much, they don't use it!
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
According to Network News (the UK rag) today, MI5, the Home Office and
others don't use PGP signing at RIPE (the European Internet registry),
although its the only really secure method for updating records. So
anyway, I thought I'd look into it, and, well, its true (editted
highlights follow):
www.mi5.gov.uk. 6715 IN A 128.98.11.23
inetnum: 128.98.0.0 - 128.98.255.255
mnt-by: QINETIQ-UK-MNT
mntner: QINETIQ-UK-MNT
auth: MD5-PW $1$tSMW1DGk$GIAERGLu5BwBUXabmYjvs1
I'm sure Qinetiq haven't been so foolish as to choose a guessable
password (after all, they've shown their IT expertise by the masterly
handling of the 1901 Census website), but even so, their emails must
contain the password in plain text. Of course, if anyone out there runs
their password cracker on that and finds I'm wrong, I'd _love_ to hear
about it.
Note: all data above is from publicly available sources.
Incidentally, the article suggests that some people are still using
MAIL-FROM auth, which is, frankly, astonishing. I can't be bothered to
track down who, though.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
--------------090205090509020402020703
Content-Type: message/rfc822;
name="Re: MI5 hate encryption so much, they don't use it!"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="Re: MI5 hate encryption so much, they don't use it!"
X-Sieve: cmu-sieve 2.0
Return-Path: <ben@algroup.co.uk>
Received: from mailgate.algroup.co.uk (localhost [127.0.0.1])
by scuzzy.ben.algroup.co.uk (Postfix) with SMTP id 5EAB12EB41
for <ben@scuzzy.ben.algroup.co.uk>; Wed, 3 Jul 2002 11:43:54 +0000 (GMT)
Received: (qmail 17858 invoked by uid 1002); 3 Jul 2002 11:43:52 -0000
Delivered-To: aldigit-ben@algroup.co.uk
Received: (qmail 22152 invoked by uid 1007); 3 Jul 2002 11:43:52 -0000
Received: from ben@algroup.co.uk by mailgate with qmail-scanner-1.01 (. Clean. Processed in 0.061632 secs); 03 Jul 2002 11:43:52 -0000
Received: from sockittome.aldigital.co.uk (HELO scuzzy.ben.algroup.co.uk) (194.128.162.252)
by mailgate.algroup.co.uk with SMTP; 3 Jul 2002 11:43:52 -0000
Received: from algroup.co.uk (wiese.ben.algroup.co.uk [193.133.15.150])
by scuzzy.ben.algroup.co.uk (Postfix) with ESMTP
id 555CB2EB41; Wed, 3 Jul 2002 11:43:21 +0000 (GMT)
Message-ID: <3D22E359.4060005@algroup.co.uk>
Date: Wed, 03 Jul 2002 12:43:21 +0100
From: Ben Laurie <ben@algroup.co.uk>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.0) Gecko/20020530
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Ben Laurie <ben@algroup.co.uk>
Cc: RISKS <risks@csl.sri.com>, ip <ip-sub-1@majordomo.pobox.com>,
tips@spesh.com
Subject: Re: MI5 hate encryption so much, they don't use it!
References: <3D22E25A.7080409@algroup.co.uk>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Ben Laurie wrote:
> Incidentally, the article suggests that some people are still using
> MAIL-FROM auth, which is, frankly, astonishing. I can't be bothered to
> track down who, though.
OK, I lied: I can be bothered. This is just too amazing:
www.gov.uk. 35656 IN CNAME www.ukonline.gov.uk.
www.ukonline.gov.uk. 283 IN A 195.33.102.13
inetnum: 195.33.96.0 - 195.33.127.255
mnt-by: AS12967-MNT
mntner: AS12967-MNT
auth: MAIL-FROM .*@att.nl
auth: MAIL-FROM .*@icoe.att.com
Yes, folks. The UK govenment's website uses MAIL-FROM auth. And not even
.uk addresses!
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
--------------090205090509020402020703--