nationwide interception of Facebook & webmail logincredentials in Tunisia
M J D Brown
mjdb at dorevale.demon.co.uk
Sat Feb 5 18:27:19 GMT 2011
A recent experience has illuminated the CA trust problem for me. During
the installation and configuration of a Netgear NAS the default
assumption of its manufacturer-provided certificate resulted in an
complaint by IE8. Having generated a new certificate and key using the
NAS internal firmware, Windows XP then asked me whether to trust the
internal LAN URL of the NAS device as the certificate issuing authority.
I know that nobody else can access the NAS admin area, because only I
have the key, and data transmissions are encrypted across the LAN which
is hiding behind a hardware firewall that Shields Up does not penetrate.
Accordingly I approved the request. As a rhetorical question: was I
misguided?
It would seem that there is a fair concensus that the present system
cannot be trusted at a technical level.
Apropos the present discussion; I suggest that what we really need to
identify are the pre-conditions for trusting a certificate issuing
authority. If there are really no circumstances in which trust could be
given, then the whole tomfoolery should be junked. Otherwise, a new
system that respects the agreed pre-conditions would be a worthwhile
goal.
Mike.
----- Original Message -----
From: "Richard W.M. Jones" <rich at annexia.org>
To: "UK Cryptography Policy Discussion Group"
<ukcrypto at chiark.greenend.org.uk>
Sent: Friday, February 04, 2011 7:23 PM
Subject: Re: nationwide interception of Facebook & webmail
logincredentials in Tunisia
> On Tue, Feb 01, 2011 at 09:58:40AM -0800, Passive PROFITS wrote:
>> --- On Wed, 1/26/11, Richard W.M. Jones <rich at annexia.org> wrote:
>> > From: Richard W.M. Jones <rich at annexia.org>
>> > Subject: Re: nationwide interception of Facebook & webmail login
>> > credentials in Tunisia
>> > +0000, Brian Morrison wrote:
>> > > True, but are any CAs already present *really* more
>> > trustworthy than
>> > > the others? I suspect not.
>> >
>> > I think this gets to the nub of it. There's literally
>> > no criterion
>> > for trusting a CA except that I set it up myself (and even
>> > then I'm
>> > suspicious :-) Why wouldn't the NSA have the private
>> > keys used by
>> > Verisign? I'd actually consider them to be failing in
>> > their job if
>> > they *hadn't* got them.
>> >
>> > Rich.
>> >
>> > --
>> > Richard Jones
>> > Red Hat
>>
>> Which I suppose is why Red Hat was recently named by the Washington
>> Post as part of the USA military industrial complex.*
>>
>> All non USA companies, governments, etc, using Red Hat products,
>> should take note, not just of the naming of the company in this
>> context, but of the attitude of it's employees, to your/your
>> organisation's security.
>>
>> With employee attitudes to security like those expressed above, who
>> needs a clandestine stealing of the private key/pass phrase.
>>
>> The implication is clear; use Red Hat products, you're owned. :(
>
> I've no idea what you're on about. I work for Red Hat (hence the
> .signature), but the comments here are in *no* way related to,
> endorsed by, authorized by, recommended by, guaranteed by,
> underwritten by or encouraged by Red Hat. Just to make that clear.
>
> Rich.
>
> --
> Richard Jones
> Red Hat
>
More information about the ukcrypto
mailing list