Slashdot Mirror
Encryption Could Make You More Vulnerable
narramissic writes "It sounds like a headline straight out of The Onion, but security researchers from IBM Internet Security Systems, Juniper, nCipher and elsewhere are warning that the use of data encryption could make organizations vulnerable to
new risks and threats. There is potential for 'A new class of DoS attack,' says Richard Moulds, nCipher's product strategy EVP. 'If you can go in and revoke a key and then demand a ransom, it's a fantastic way of attacking a business.'"
I'd call it 'differently vulnerable' rather than 'more vulnerable'--all things come with inherent risks, and the risks of any particular action must be weighed against the rewards thereof.
Encryption is necessary for many businesses, and if such attacks are truly a worry, they should be addressed in the same manner as any other risk.
In Xanadu did Kubla Khan
A stately pleasure dome decree
This sounds more like a problem in the encryption SYSTEM. Its kind of like saying "Encryption makes you weaker because your more likely to use passwords. Which can be brute forced!"
So basically, -1 troll/offtopic is really slashdots way of saying "I hate that you thought of something before me."
I believe they are referring to keys in situations where the keys are used to encrypt / decrypt business critical data, rather than say SSL certificates.
5) Buy our stuff!
Really, I've never seen a setup where stealing ONE (or a few) keys could result in a situation where a whole enterprise gets shut down for ransom.
More likely, consider the situation where only two guys have the password to the domain name registrar's account, they get laid off, and a year later some one realizes the company domain expires in two days. Before anyone figures out how to renew it, it's in the hands of a pr0n site. There's your missing/lost key scenario, happens all the time.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
Traditionally, you store the data in one place and the key in another. You may even encrypt the key with a smaller key, called a password, that is stored in someone's head.
If someone tricks the key-checking mechanism into thinking a key is revoked, that's not a huge problem: All a revoked key means is that you may not be able to TRUST the key or the data it protects anymore. It doesn't mean you can't get at the data.
This is no worse than if a burglar broke into the building storing your paper forms. You can no longer automatically trust that those forms weren't tampered with. You have to either re-authenticate each of them or accept the fact that they may have been altered.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Maybe I'm just being silly or showing my old-school mentality, but I think it's important to try to identify these types of potential "gotchas" before I click setup.exe.
If your attacker can get a hold of your key and alter it, your system is already compromised... thus it is incorrect to claim that encryption can lead to MORE vulnerability because without it you are as good as dead.
Encryption is making things harder for those that want to penetrate your business, but use it with care. Too much will do more harm than benefit. Set up boundaries in your systems and encrypt the communication. That's the reasonable way to do things.
Encryption of hard disks may be useful on laptops, but is relatively useless on stationary computers and servers, and will probably only add to the performance overhead. Just be sure that all hard disks are erased before the computers are retired and you have been saving yourself a lot of trouble.
If someone stores data encrypted anyway and the key is lost - well - tough luck unless you have a good policy where backup keys are stored in a safe place.
Only a few businesses will benefit from extreme levels of encryption, and those are mostly working in the military area. In these cases it may be better to just call it a day and consider all data where the key is missing or manhandled as compromised.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
The problem comes in when people can't remember the encryption password. Either they lock themselves out of the laptop or they do something brilliant like write the password on a post-it and tape it to the laptop case.
No matter what strategy you have, your own customers will find a way to mess it up.
psmylie's dictionary: Godzillion (noun) Any number large enough to destroy Tokyo
This is like saying that using locks on your car can leave you vulnerable. Sure, they keep casual thieves out and the newer systems keep go a long way towards preventing someone from hotwiring your car.
BUT, a mischevious person could put epoxy in all the keyholes, essentially revoking your keys and causing a denial-of-service.
Which is better, a small risk of being locked out of your data/car, or the larger risk of theft and/or misuse of your data/car due to lack of security?
Whenever I leave my apartment, I'm always worried about losing my house keys and getting locked out. So I guess I should just never lock the door, since that makes me vulnerable to a DoS (can't get in) if I misplace my keys? Of course, this is a bad analogy as door locks aren't very secure; anyway this definition of 'vulnerability' is a bit strange :) :D
Considering this warning comes from a bunch of security companies, maybe this is some new trend of disclaimers, like anti-virus vendors warning that their product can only reduce but not eliminate attacks - in case a customer is stupid and tries to blame the encryption vendor for losing their keys, they can say 'I told you so' and point to these articles
+1 Cromulent!
I agree, but I would go so far as to say you are less vulnerable with encryption.
The highest level of attack that the article mentions is DOS by which attackers steal your keys and ransom them back to you. Indeed, this would be a bad day for the IT department and the affected departments of the company could lose days or even a week of productivity, which is damaging indeed.
Compare this to the risks of not running encryption. A similarly motivated and skilled attacker as discussed above could easily grab things like log ins just by monitoring your traffic. Once he finds that login with the proper credentials, not only can he execute a DOS as outlined above, but he can also potentially steal all of your client information, your internal financial information and implant rootkits on all your servers so as to be able to come back for more later. One of the best ways to lose your entire customer base is to tell them that they have to cancel their credit cards because you got their numbers stolen.
This kind of stuff has killed companies. No thanks, I'll keep my ssh and ssl.
weirdest thing I ever saw: scientology advertising on slashdot.
There are hundreds and thousands of case's where security has stopped crimminals in their tracks. Most people cant get past a $30 lock.
~Dan
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"