Feds Tighten DNS Security On .Gov

alphadogg writes "When you file your taxes online, you want to be sure that the Web site you visit — www.irs.gov — is operated by the Internal Revenue Service and not a scam artist. By the end of next year, you can be confident that every U.S. government Web page is being served up by the appropriate agency. That's because the feds have launched the largest-ever rollout of a new authentication mechanism for the Internet's DNS. All federal agencies are deploying DNS Security Extensions (DNSSEC) on the .gov top-level domain, and some expect that once that rollout is complete, banks and other businesses might be encouraged to follow suit for their sites. DNSSEC prevents hackers from hijacking Web traffic and redirecting it to bogus sites. The Internet standard prevents spoofing attacks by allowing Web sites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption."

Just what they want you to think

[Punko]

"you can be confident that every U.S. government Web page is being served up by the appropriate agency."

The easiest way entrap a victim is to promote a feeling of security.

Nothing says 'rob me blind' than 'trust us'.

Re:Just what they want you to think

[PainMeds]

Nothing says 'rob me blind' than 'trust us'.

Which is why this originated from the IRS.

Re:Just what they want you to think

[noidentity]

On a similar note,

When you file your taxes online, you want to be sure that the Web site you visit -- www.irs.gov -- is operated by the Internal Revenue Service and not a scam artist

Wait, those are two different things?

Re:Just what they want you to think

[Pecisk]

Paranoia modded up as insightful - yeah, what I'm talking about, this is Slashdot. Seemingly lacking touch with "real life" (tm).

Re:Just what they want you to think

[megamerican]

Nothing says 'rob me blind' than 'trust us'.

Everyone trusts them that it is the law that you must file your tax return. Wouldn't that violate the 5th amendment?

...nor shall be compelled in any criminal case to be a witness against himself...

You can be criminally charged for not filing your taxes and for filing your taxes incorrectly.

However, I must stress that you should pay your taxes because the IRS probably has more guns, lawyers and judges than you do!

Re:Just what they want you to think

[Talderas]

Did someone say 16th Amendment?

Re:Just what they want you to think

The IRS is not a scam artist... it is a protection racket.

And generally, yeah, you want to make sure you pay the right guy in a protection racket.

Re:Just what they want you to think

[jonaskoelker]

"you can be confident that every U.S. government Web page is being served up by the appropriate agency."

The easiest way entrap a victim is to promote a feeling of security.

I would venture a guess: any visitor to *.gov who doesn't know what a packet is (i.e. at least 95% of the public) will already feel secure. Also, since the difference between secure DNS and insecure DNS will be absolutely invisible to them (presumably), they won't feel any more or less secure now. Or they won't know what the difference between the green padlock and the yellow padlock is. At any mention of the secure DNS in the press, these 95% of visitors will have forgotten about it the next day [just as I might].

Bottom line: no one who doesn't deal with computers either professionally or as a hobby will notice. Their feeling of security will be unaffected.

Re:Just what they want you to think

However, I must stress that you should pay your taxes because the IRS probably has more guns, lawyers and judges than you do!

They may have more guns than I do, but not more guns than we do.

Re:Just what they want you to think

[calmofthestorm]

I have full confidence in the IRS's ability to protect me from other groups seeking to take my money. Especially ones that take it tax deductibaly.

Re:Just what they want you to think

Of course, the government needs to raise its $700B to help out the greedy rich bastards who ran the banking system into the ground. Must not let them suffer.

Glad they fixed that

Now I can be sure I'm giving the IRS my money and not some other scam artist. I mean, not some scam artist. (:

Spam Can Bypass God

[mfh]

Yes, but with this handy +4 magic marker, spammers can bypass the multi-trillion dollar infrastructure and pwn your inbox.

IRS vs. Scam Artists?

[rodney+dill]

Come se come sa

Re:IRS vs. Scam Artists?

[cmaurand]

You're tag line: Use your head, can't you, use your head, You're on earth, there's no cure for that needs editing. It should read: Use your head. Can't you, use your head? You're on earth. There's no cure for that.

Re:IRS vs. Scam Artists?

[Sique]

Comme ci, comme ca. (the c with an Cedille, but Slashdot doesn't know how to print that.)

Re:IRS vs. Scam Artists?

You're tag line:

The only thing sadder than a Grammar Nazi is a failed Grammar Nazi...

Re:IRS vs. Scam Artists?

[psmears]

Yes it can—comme ça!

(you need to use HTML character entities: "comme ça". Slashdot only supports some—a fairly arbitrary subset—of these.)

Re:IRS vs. Scam Artists?

[Sique]

A ce façon?

Re:IRS vs. Scam Artists?

[rodney+dill]

It's a quote from Sam Beckett's Endgame, which contains no '?' in any reference that I have found. There is no room to credit Sam Beckett in the sig.

Re:IRS vs. Scam Artists?

[GundamFan]

Not that I'm an expert but given that it is a quotation the sentence, while technically not correct, could very well accurately represent what Mr. Beckett said or wrote. Please post a link to the quote on a reputable site so we can figure out which version is correct.

Why do I don't think it'd help?

[kabocox]

It sounds like a good idea... Why do I feel that this is a user problem though that won't be fixed by a techy fix?

When I read the headline, I thought that they were going to make sure everyone that uses the .gov domain was an actual government agency and not scam artists... That's some thing I'd hope that they are doing now, but I wouldn't hold my breath on it.

The thing is this won't stop a stupid person from following irs-im-a-stupid-user-.com, .tv, .org, or .net.

Re:Why do I don't think it'd help?

The thing is this won't stop a stupid person

Probably not, but it will make it so the rest of us don't have to memorize every IP/hostname combination in order to make sure we're really in the right place.

If you think SSL solves your worries about identity theft, you have no idea how hilarious it would be for someone to make a fake IRS site with slightly wrong forms and instructions.

Re:Why do I don't think it'd help?

The thing is this won't stop a stupid person from following irs-im-a-stupid-user-.com, .tv, .org, or .net.

True, but for the rest of us it makes sure that irs.gov wasn't hijacked and still points to the government server accepting your tax filing. In other words, without dnssec you can check the link all you want, but you're never really sure if the ip address you get from the dns server is right.

You won't be able to protect people who'll happily send in all their private information to your-irs.dyndyns.org, but you will ensure irs.gov will at least work right, and protect everybody else from dns hijacks.

A percentage of the population will do stupid things and end up turning themselves into victims no matter what, but that does not mean you must leave the door wide open for scammers to turn everybody into victims.

How About They..

[neoform]

They really need to crack down more on sites like this one: http://www.usagc.org/ while they're at it.

WIN A FREE GREEN CARD! SIGN UP NOW FREE!*

* $100 entry fee.

Re:How About They..

I know someone that unknowingly (thinking it was an official government page) started signing up to that in a little desperation for a green card. After they filled out the first page, I saw what they were doing and stopped them. Unfortunately the first page contained their name and phone number. Within 5 minutes, someone started calling them regarding signing up (it was at midnight on the weekend). Scary site and service if they have 24/7 customer support for signing up to get a green card through the lottery.

Re:How About They..

[stealths]

WOT (Web of Trust) blocked me from that site! FTW!

Good for opportunistic encryption

[Matt+Perry]

If my memory is correct, DNSSEC is one of the prerequisites for making opportunistic encryption easier to deploy widely. I hope this catches on and becomes more widespread.

Re:Good for opportunistic encryption

[Lennie]

Totally agree that things like opportunistic encryption would be great, although I'm sure we'll get to see a lot of bugs and issues first before things get better.

Re:Good for opportunistic encryption

[incripshin]

And I say 'bring on the bugs'. Only through heavy use will the rough edges disappear. I would rather embrace a technology that makes more sense but with some rough edges, than stable legacy code. Both DNS and DNSSEC have their problems right now, I'm sure, but only DNSSEC has a future.

Now all we need is wide deployment IPv6+IPsec, authenticated BGP, and more accessible certificates for use with SSH/HTTPS/IMAP/etc, and we'll be set.

Re:Good for opportunistic encryption

[Lennie]

There is a RFC-draft for using DNSSEC to check BGP-announcements.

A proper secure protocol for doing DNS-updates would be nice to (DHCP-etc.)

And switch vendors starting to implement RA-guard.

Re:Good for opportunistic encryption

[mpeg4codec]

In case anyone is wondering how this is possible, remember that you can store basically anything you want in DNS. For opportunistic encryption, you could store a cryptographic public key or an SSL certificate (or perhaps just its digest). Your application would query DNS for the data and, due to DNSSEC, be able to cryptographically verify that the proper owners of your nameserver (i.e., you) are the ones who put it there.

Suppose you don't want to pony up the money for a properly signed SSL certificate from one of the current CAs. You could self-sign the certificate and place the digest for it in DNS. When your web browser receives your certificate, it could be configured to try to look up the SSL digest in DNS. If there's a secure delegation from the root and the digest checks out, you can be pretty sure that the certificate is correct. An attacker would have to steal your DNSKEYs or somehow manage to convince your parent to take his/her DS records instead of yours in order to forge it. About the best they could hope to reasonably pull off is a denial of service by dropping the packets.

Now if only...

[InvisblePinkUnicorn]

Now, if only we could be confident about exactly where our taxes are going...

Re:Now if only...

[keithius]

Now, if only we could be confident about exactly where our taxes are going...

*sigh* Too true, too true...

Re:Now if only...

[megamerican]

100% of what is collected is absorbed solely by interest on the Federal Debt ... all individual income tax revenues are gone before one nickel is spent on the services taxpayers expect from government.

-Grace Commission report submitted to President Ronald Reagan - January 15, 1984

I'm sure I'll now be called crazy for simply reading a public document released by our own government.

How useful is DNSSEC w/o top-level signed?

[jamie]

I've been told that DNSSEC is basically just a proof of concept when it's done on a single TLD, not providing much real security. If I understood it right, the main attack DNSSEC is intended to prevent is a man-in-the-middle returning a fake response to your computer's (or your ISP's computer's) DNS query, a fake that it accepts in place of the real response.

If so, then when your ISP queries one of the thirteen root servers for the .gov authority, the attacker could still return a fake response and set himself up as the DNS authority for .gov, at least as far as your ISP knew.

Anyone know how plausible that attack remains? Knowledgeable responses welcome :)

Of course, part of getting DNSSEC set up for the whole internet is seeing how well it plays out in real-world testing, and .gov is the logical place to start. I assume once any kinks are discovered from this rollout, we'll be one step closer to enabling it on the root servers, which will allow any TLD to achieve a real security gain.

Re:How useful is DNSSEC w/o top-level signed?

[jonaskoelker]

I've been told that DNSSEC is basically just a proof of concept when it's done on a single TLD, not providing much real security. [...] If so, then when your ISP queries one of the thirteen root servers for the .gov authority, the attacker could still return a fake response and set himself up as the DNS authority for .gov.

That would be my exact understanding as well.

The details are these: Every node in the DNS tree has a key pair. Everybody knows the public key of the root. Every response to a request contains an answer, and a signature on that answer. As an additional request, you can ask for public keys too.

So, here's the scenario for going to whitehouse.gov, assuming full deployment of DNSSEC:

1. Ask root for whitehouse.gov
2. Receive IP of nameserver for .gov [check its signature]. Root may opt to give you the public key of .gov, otherwise ask for it and its check signature.
3. Ask .gov for whitehouse.gov
4. Receive IP of whitehouse.gov [check sig]. Also, .gov may opt to give you the public key of whitehouse.gov
5. Connect, now you know where to go :)

This secures step 4. Step 2 is still not secured. Paul Vixie has given some good talks on DNSSEC and everything else that's wrong with the interwebs ;) See http://www.usenix.org/events/lisa05/tech/mp3/vixie.mp3. You may also like http://media.defcon.org/dc-13/audio/2005_Defcon_V7-Paul_Vixie-The_Internets_March_of_Folly.mp3.

Re:How useful is DNSSEC w/o top-level signed?

[squidguy]

1. Ask root for whitehouse.gov 2. Receive IP of nameserver for .gov [check its signature]. Root may opt to give you the public key of .gov, otherwise ask for it and its check signature. 3. Ask .gov for whitehouse.gov 4. Receive IP of whitehouse.gov [check sig]. Also, .gov may opt to give you the public key of whitehouse.gov 5. Connect, now you know where to go :)

Ah, but it's more fun if you wind up at whitehouse.com

Re:How useful is DNSSEC w/o top-level signed?

[Dolda2000]

I shan't call myself too knowledgeable about DNSSEC, but as far as I've understood it, it should be perfectly secure as long as the client systems have the .gov TLD's public key installed as an anchor of trust. Which they currently don't, of course, but that's another issue.

Re:How useful is DNSSEC w/o top-level signed?

[Lennie]

You are mostly correct, actually it's even worse.

This creates a false sense of security, because DNSSEC only works for those that support it and only works automatically for those TLD's that have it setup.

There is something called DNSSEC Look-aside Validation (DLV) which DNS-admins can use to validate manually setup validation of a tld or in this case .gov, but I doubt anyone will do it.

The only good thing is the software and procedures get tested better if .gov also starts using it.

And maybe ever DNS-admin 'inside' .gov will setup the DLV manually, that way all communication between .gov's might be better protected.

Re:How useful is DNSSEC w/o top-level signed?

Somehow this is very unlikely to happen, I think.
To pull this off, you have to have access to the ISP core network or DNS servers. Usualy these people are highly qualified and highly paid network engineers. They are not motivated enough compared to the risk to get caught, which is fairly high.
  For my previous empoyer ( a large Telco in Bulgaria) I implemented AAA scheme with TACACS server for all of their network equipment (almost exclusively Cisco). Every network engineer had username and every EXEC (elevated priority) command they used was logged. Configuration of all devices was copied to central repisotory and there was diff history available. So it was fairly trivial to find who changed what. I assume there are similar or even better systems at the large international ISPs.

Because of the nature of their work, when these people (me included) have to deal with something uncertain, thay tend to expect the worst case scenario. Things in the configuration that are "strange" attract attention. So the ISP staff is the least danger in the chain.

Of course if an outsider gains physical access to some of the main traffic cables, it is completely different story ;)

Re:How useful is DNSSEC w/o top-level signed?

[Dolda2000]

The details are these: Every node in the DNS tree has a key pair. Everybody knows the public key of the root.

That runs against my understanding, though. I can't call myself an expert on DNSSEC, but as I've understood it, a client can have a trust anchor at any node in the tree. Thus, the client can have the public key of the .gov TLD pre-installed and check its replies against it.

In fact, I think it seems haphazard to do otherwise. If the clients only knew and trusted the public key of the root server, then it would both require everyone to trust the root server operators (not that I don't, but I wouldn't want to have to), and it would create a single point of failure. If anyone h4xx3d the root zone's public key, they could fake the entire DNS.

Re:How useful is DNSSEC w/o top-level signed?

[ion.simon.c]

Hell.
DNSSEC is useless w/out DNSSEC aware components throughout the chain. So, this is *not* for you and your Windows machine, this is for:
1) yet another "barrel o' money" govt. contract.
2) those select individuals served by the IT staff that are paid from said contract.

Nothing to see here. Move along.

Re:How useful is DNSSEC w/o top-level signed?

[mpeg4codec]

If so, then when your ISP queries one of the thirteen root servers for the .gov authority, the attacker could still return a fake response and set himself up as the DNS authority for .gov, at least as far as your ISP knew.

Anyone know how plausible that attack remains? Knowledgeable responses welcome :)

First, to answer your question regarding the plausibility: there are a few scenarios in which it is possible. The most likely scenario is that you're on the same local network as an attacker so that he/she can intercept your DNS traffic and forge replies. This might be the case when you're using the wireless provided at a coffee shop, for instance. There exist automated tools to make this simple, and I would consider this the biggest vector of attack. The only other case I can think of is that an attacker has control of a router between you and the root servers. While this is technically possible, I would personally regard it as fairly infeasible for the average attacker. If you're in $THIRD_WORLD_COUNTRY and the mob controls internet access, you might have something to worry about.

I'm involved with a project called SecSpider that monitors the deployment of DNSSEC. We use a distributed network of pollers around the world to collect RRsets from all known DNSSEC-enabled zones. One of the reasons we use pollers from different locations is to detect attacks such as either of the two listed above, more likely the latter. If any attack were to occur, we stand the best chance of detecting it. We have been monitoring since 2005 and have yet to see such an attack.

An additional benefit of collecting all these RRsets is that we have what we call a "world-wide perspective" on DNSKEYs. Whenever we collect a set of DNSKEY RRsets from a zone, if the set is consistent across pollers, we add it to our DLV repository. A DLV (DNSSEC lookaside validation) resource record is very similar to a DS (delegation signer) record. It contains a cryptographic hash of the DNSKEYs served by a zone so that the zone's integrity can be checked. However, instead of being served by the zone's parent, it can be served by anyone.

The typical way in which a resolver detects if a zone is secure is by tracing a secure delegation from the root. Instead of the typical manner of starting at the root and querying recursively for NS records, the resolver queries for both NS and DS records. Then when it queries one of the nameservers listed in the NS records, it asks for the DNSKEYs and verifies them using the DS record. In this way, it is possible to build a chain of trust that leads all the way back to the root nameservers.

Unfortunately, without the root being signed, this process will not work. One alternative is to configure your resolver to query for DLV records to bootstrap the process. When your resolver queries a zone for DNSKEY RRs, it will also query the DLV repository for a DLV recording matching that zone. It will then attempt to cryptographically verify the DNSKEYs using that record. If it verifies, you know that someone you trust thinks your DNSKEYs are right, side-stepping the typical chain of trust (thus the name: "lookaside"). If you were to configure your resolver to use our repository, you would be able to verify if the DNSKEYs you receive are the same as the DNSKEYs being seen by all of our pollers around the world. Not perfect security, but definitely an improvement on the current situation.

If you're interested in the details of our project, you can check out our web site or ask me for more details. We have information on how to use our repository in our FAQ.

You mention the notion of real-world testing of DNSSEC. It's worth noting that there are actually several TLDs that are currently signed (mostly ccTLDs), as well as a large number of second-level domains. gov is hardly the first, but it should definitely be the highest-profile rollout to date. We're currently waiting with bated breath to see the outcome.

Re:How useful is DNSSEC w/o top-level signed?

[spinkham]

For DNSSEC to work, you need either:
1)Signed root
2)signed TLDs with out of band pre-verification
3)DLV.

1) is the future.
2) and 3) are what we are stuck with today, so I'll explain them.

DNSSEC can be rooted anywhere you like, but the lower down the tree you go from the root the more keys you have to manually verify. For .gov to be secure, for example, every recursive DNS server operator would have to manually verify and install the .gov key. And they'd have to update it periodically, probably about yearly. For 2) to work, every DNS op would have to be on top of key rotation, or an out of band verification tool could be written that would depend on GPG, SSL, or other established crypto for verification.

DLV is a solution where someone besides the actual DNS root is treated as the DNSSEC root for anyone who submits their key to the DLV. Right now ISC runs one of these, available here. Previously, VeriSign ran a pilot, but dropped it. Apparently they saw no good way to monetize the service.

Eventually the actual DNS root will be signed, and there is lots of talk about it at the moment, but little action.
St the moment .org, .arpa(reverse lookup), and .gov are moving to deploy DNSSEC themselves.

Note that the root signing issue is more political (i.e. Who holds the keys?) then technical at this point.

Re:How useful is DNSSEC w/o top-level signed?

The ONLY "problem" I had w/ Mr. Vixie's otherwise EXCELLENT 'critique' of what is "WRONG" with the internet, today, as it stands (& IPv6 vs. IPv4, the existence & usage of NAT, & more)?

Well, HE had the opportunity to make some changes, IN THE WAY HE SEES IT, & was invited to be on many of these 'taskforces', & yet, he declined...

Sure, he MAY be busy & all that (such as his mentioning he has to deal with morons that attempt to DDOS or DOS the root DNS servers out there etc. & tracking them down as well), but... who isn't?

I mean - complaining shouldn't be his method, especially when HE had the opportunity to voice his opinions, hopefully solely based on facts, & make changes happen before there WAS a chance to 'bitch about how it is', as he had done in 1 of those 2 presentations (DEFCON).

The guy DEFINITELY knows what he is about, to a very high extent, but... he should have "helped head them off @ the pass", & elected to become part of those taskforces from IETF etc. et al, instead of merely now "bitching about" what most any saavy (or, somewhat TRULY saavy) person online today knows (meaning network engineers really)... he could have "made that difference" long ago, instead of merely voicing complaints @ this point.

Re:How useful is DNSSEC w/o top-level signed?

[hardaker]

Just like HTTPS and PGP require keys to get you started with your "trust", so does DNSSEC. With HTTPS you have a set of root CAs that you trust to issue certificates to web sites. Browsers, in fact, distribute a fairly mind numbingly large number of CAs that they accept as authentic providers of SSL certs to be trusted. PGP requires that you boot-strap your own trust by finding keys of all your friends before they send you important data you need to authenticate.

DNSSEC is really no different. The only question is, what's your bootstrapping set of keys. The advantage of waiting for the root to get signed is that you might be able to have just a single set of keys to serve as your "trust anchors".

And, it's entirely possible, for example, that even if the root was signed you'd trust some subdomain's key with a higher level of trust. EG, example.com might trust it's own key more than .coms. Just as it's possible to come up with obtuse security requirement scenarios for any other cryptographic trust policy, you can do the same thing with DNSSEC.

And, even if the root was signed today .com, .org and .net aren't. So if you have example.com you're already missing a trust link because there is no way to get securely from the root to example.com with that nasty break in the middle. And it's equally unclear when .com is going to get signed just as it's unclear when the root is.

Security always comes down to: who do you trust to tell you who you can trust.

Re:How useful is DNSSEC w/o top-level signed?

[jonaskoelker]

This creates a false sense of security

For at least 95% of the population, it doesn't do squat to the perception of security, and here's why I think this is so: http://it.slashdot.org/comments.pl?sid=971611&cid=25107753.

And maybe ever DNS-admin 'inside' .gov will setup the DLV manually, that way all communication between .gov's might be better protected.

My understanding is that DLV doesn't try to solve a security problem, but a deployment problem. DNSSEC requires keys on the path you want to travel in the DNS tree; DLV enables you verify the A-record path root-gov-whitehouse by following a key path starting at dlv.vix.com (or another dlv "pseudoroot" of your choice). Thus, if Verisign is uncooperative, you can still deploy DNSSEC.

It still requires you to have a way to trust that you know the key for dlv.vix.com. If you can do that, why not just distribute the .gov key the way you distribute the dlv.vix.com key? What is gained in terms of security by using DLV?

--Jonas K

Re:How useful is DNSSEC w/o top-level signed?

[jonaskoelker]

That runs against my understanding, though.

You are correct: everyone can choose to trust any (sub)set of keys in the tree. What I explained is the intended deployment scenario Vixie put forth at, I think, lisa05. And he calls the root key "the uberkey, which really has to last the lifetime of the internet".

If anyone h4xx3d the root zone's public key, they could fake the entire DNS.

Which would be no worse than what we have now, except that we may have grown to rely on secure DNS. Even so, 95% of people wouldn't know what it means that the uberkey of the webpipes haz a hack-sored: http://it.slashdot.org/comments.pl?sid=971611&cid=25107753.

But there's something to be said for "(X) It'd stop spam for two weeks, and then we'd be stuck with it."

Re:How useful is DNSSEC w/o top-level signed?

[kayditty]

you forgot the step to determine the nameservers for whitehouse.gov, unless you expect the .gov root servers to be authoritative for it, have it as glue, have it in cache, or recurse for you.

Re:How useful is DNSSEC w/o top-level signed?

[kayditty]

The most likely scenario is that you're on the same local network as an attacker so that he/she can intercept your DNS traffic and forge replies. This might be the case when you're using the wireless provided at a coffee shop, for instance.

that, of course, requires that you're on a broadcast node and either there's no ARP entry for you in your switch, you're on a hub (broadcast), or you've overflowed the switch into broadcast-only mode. I have done that before with ettercap, dsniff, and dnsspoof. it is not impractical at all, especially in apartment complexes or on intranets at the office or other buildings with lots of residences wired up to the same network.

Banks?

[mcgrew]

some expect that once that rollout is complete, banks and other businesses might be encouraged to follow suit for their sites

Might be encouraged? They should be forced to by law!

Re:Banks?

[Chyeld]

Why? Don't we have enough laws that attempt to legislate technology? Yes it's a desirable technology, but do we really need to be chained to it with a law that two decades from now will solely be an obstacle to implementing the next new desirable technology?

Banks and other businesses will move to it once they see a good business case in doing so. Let that decide matters.

Please understand, I'm not a laissez faire sort of fellow most of the time. But if you have the government start trying to decide how the core mechanics of the internet work, and I guareentee you whatever small benefit you gain from the initial decision will be drowned out by the stagnation that results later on.

Re:Banks?

[mcgrew]

Don't we have enough laws that attempt to legislate technology?

This isn't aout legislating technology, it's about protecting Grandma fro the bankers who don't give a rat's patoot whether or not Grandma gets stolen from.

Banks and other businesses will move to it once they see a good business case in doing so

Yes, THEIR interest. I don't care about their interest, I want protection against them. THEIR interest is what has caused the current banking crisis; deregulation has a large part of the current problem.

I wouldn't say "pass a law mandating this technology", I'd say pass a law making them responsible for keeping your identity safe. They can use whatever tech they want, but if somebody phishes Grandma because their security is lax, Grandma should collect triple damages. You can bet your ass they would impliment the strongest measures available. As it is now, they have no incentive whatever to keep grandma safe from their errors.

Re:Banks?

[Chyeld]

Banks and other businesses will move to it once they see a good business case in doing so

Yes, THEIR interest. I don't care about their interest, I want protection against them. THEIR interest is what has caused the current banking crisis; deregulation has a large part of the current problem.

Their incentive is the fact that they are already on the hook for Grandma's money if she's scammed.

And as an aside, you do realize that our current crisis

1. Involved a completely different sort of bank that Grandma keeps her money in.
2. Was pretty much everyone invovled's fault. From the borrowers who got in over their head and the lenders who took a risk in giving them the money, to the investors who saw morgage backed securities as the next hot thing to make money on.

Putting the blame soley on one part of the equation is rather short sighted and dangerously close to enabling the whole thing to happen all over again when someone decides that a patch on one section is enough to keep the whole shakey setup going.

Re:Banks?

Won't someone think of the grandmas?

Re:Banks?

[mcgrew]

Their incentive is the fact that they are already on the hook for Grandma's money if she's scammed.

No, I'm afraid you're wrong. I had my car, a book of checks, and my bank card stolen. The woman who stole these things had watched me punch in the PIN number over my shoulder; she was NOT authorized to dip into my account.

The police recovered the car, the bank made good on the forged checks, but not the debit card; if someone has your PIN number, no matter how they get it, they are authorized.

I no longer use a debit card because of that.

And as an aside, you do realize that our current crisis

Yes, I do. I place the blame solely on the Federal government for failaing to live up to its responsibility to regulate the banking industries. And it WILL happen again. With luck we'll all be dead; the last time this happened was in 1929 (not counting the S&L debacle).

Re:Banks?

[Chyeld]

No, I'm afraid you're wrong. I had my car, a book of checks, and my bank card stolen. The woman who stole these things had watched me punch in the PIN number over my shoulder; she was NOT authorized to dip into my account.

The police recovered the car, the bank made good on the forged checks, but not the debit card; if someone has your PIN number, no matter how they get it, they are authorized.

I no longer use a debit card because of that.

And this has to do with the current discussion of "grandma" being scammed by a sophisticated internet banking scam how? Are you claiming DNSSEC would have saved you then? You even pointed out that the bank made good on the items that they were on the hook for. Are you claiming you don't think that the scam that poor grandma would fall for isn't something they would be on the hook for? Have any references for that?

I place the blame solely on the Federal government for failaing to live up to its responsibility to regulate the banking industries. And it WILL happen again. With luck we'll all be dead; the last time this happened was in 1929 (not counting the S&L debacle).

You sound like a teenage me blaming my parents for not being perfect. Why don't we actually blame the people who made the mistakes, who presumably were adults and capable of making their own decisions, rather than blame the guy who half the time gets screamed at for interfering and the other half the time gets screamed at for not interfering.

Re:Banks?

[AnyoneEB]

He is giving an example an attacker getting access to his debit card and the bank taking no liability for it. You are free to complain about him whining because you think he should be the one liable not the bank (that is a different, irrelevant argument), but the topic of discussion is that the bank customer is liable not the bank. This means the bank has no incentive to improve their security. In fact, better security probably costs more -- at least the cost of paying someone to figure out how to fix problems with their current procedures -- so they have a direct financial incentive to keep the security at the current status quo. Although, if the other banks improve, competition may force them to make changes.

Re:Banks?

[mcgrew]

You hit the nail on the head. Not a whine, an example. I solved the problem of never knowing when someone is looking over my shoulder by not having a debit card, problem solved.

Re:Banks?

[Chyeld]

The point of my comment was not to 'complain about him whining because you think he should be the one liable not the bank', and in fact I didn't.

The point of my comment was to point out that simply because that particular hole exists for debit cards it doesn't have anything to do with the issues he's trying to argue we should have laws 'protecting us' from the banks for.

There are laws in place aready to protect us from those issues. Read up on identity theft law and you will see that the banks are on the hook for it. We don't need more laws simply because he's been bitten once someplace else and is now completely paranoid that the rest of the system is out to get him too.

And regarding the whole "cost" issue, I've had friends that worked in Bank IT Security, and not only did they take it seriously, but they certaintly didn't see the situation to be "maintain the status quo, it costs less". Some of these places make the military and government IT departments look like group of first year LUG members.

The problem is, most identity theft isn't through some 'leet' hacker exploiting an issue that DNSSEC only barely protects against, most identity theft is done the same way it was done centuries ago when it was just plain theft. Through social engineering and taking advantage of those who aren't wary. DNSSEC won't fix that. At best it'll make it a tad harder for someone to pretend to be www.example.com, but they don't do that anyway.

Instead they pretend to be www.example.example.org or some other fake domain designed to look right to "grandma". And this doesn't fix that. All DNSSEC fixes is the potential situation where www.example.com's web site is 'taken over' and pointed to someplace else nefarious.

Re:Banks?

[AnyoneEB]

Okay, so debit cards are insufficiently protected by the law, but identity theft via website hacking and/or phishing is protected. That sounds like a sane reason to invalidate mcgrew's example.

On the other hand, the assertion that banks care about security strikes me as ridiculous. Why are we still using authentication systems where logging in involves transferring all of the knowledge needed to log in as opposed to some sort of challenge response? Randomly asking security questions helps this a little, but the system is fundamentally broken. Even training the user to be okay typing the information needed to access their bank account into a web browser is a bad idea.

Admittedly, this is not entirely the fault of the bank, although they could at least be using some sort of security token to make phished passwords have a very short lifetime. Stronger security requires browser cooperation. Properly implemented http://en.wikipedia.org/wiki/Digest_access_authentication">digest authentication (different color dialog from the weak basic HTTP auth?) would make phishing worthless -- if you could convince users to only type their password into a safe dialog which seems unlikely unless every website used secure authentication so the browser could warn loudly about any insecure authentication. Support for public key auth would be even better because then the user would never be tempted to type in their password on a phishing site if they did not have one. It has problems with being able to log in from multiple computers because a key has to be setup on each computer, but I suspect that is not an issue for most users because they only bank from one computer anyway. Of course, the key could be stolen by spyware but they spyware could be running a keylogger just a easily.

I believe you that banks put a good amount of effort into their internal security, but most are still using plaintext passwords over HTTPS or some authentication measure of equivalent quality. There does not seem to be a strong focus on actually making identity theft via gaining access to a person's bank login information hard.

That said, DNSSEC does not help much in that area because HTTPS already verifies domains, and someone in the position to poison DNS is probably in position to fake unencrypted/unsigned communications from the bank anyway.

SSL, anyone?

[SanityInAnarchy]

What does DNSSEC buy me if I use https?

And if irs.gov isn't supporting https, wouldn't that be the place to start, rather than DNSSEC?

Re:SSL, anyone?

[Chrisq]

Absolutely. Without https you could be subject to a man in the middle attack. This is at least as big a hole as a DNS spoofing/cache poisoning.

They would have been a lot better of going https with extended validation certificates and widely publishing the fact that with a modern browser you should see a green address bar, that would have ensured that dns spoofing and man in the middle attacks would be detected.

Re:SSL, anyone?

[Mr+Thinly+Sliced]

DNSSEC is actually buying the initial phone number (ip address) lookup security. Current DNS is unsecured - if I spot an unsecured phone number lookup go past on the 'net, I can spoof back my phone number - and from there on in even if you use HTTPS you are talking to the wrong person....

In fact, DNS sec is one of the things I'd really like to see widespread adoption of, with it we can actually start to make some headway in turning off the spam (we can reverse lookup who is trying to send the mail, and be *"faily sure" that it is coming from someone we allow to send us mail.

* For interesting values of "faily sure", since of course even DNSSEC relys on a tree of trust, much like SSL certificates.

Mr Thinly Sliced

Re:SSL, anyone?

[Giant+Electronic+Bra]

The 2 things are orthogonal to each other. DNSSEC insures that the site you go to is ACTUALLY the site you wanted to go to.

HTTPS just encrypts the traffic to/from that site once you get there.

In principle an SSL cert insures that the site is what it claims to be, but there are so many possible ways to fool people on that score that it really isn't all that effective.

Besides, if someone subverts DNS, then basically all bets are off anyway because at that point they have the ability to make any particular URL point where they want, so the opportunities to fool you are legion. Form submissions can easily be sent off to anywhere, etc. You MIGHT see a browser pop up warning at some point, but it is pretty unlikely people will be alarmed by that.

Re:SSL, anyone?

Current DNS is unsecured - if I spot an unsecured phone number lookup go past on the 'net, I can spoof back my phone number - and from there on in even if you use HTTPS you are talking to the wrong person....

And here I thought that in order for this to work, either you must possess the private key of the site you're spoofing, or the user must accept the warning about the invalid SSL certificate.

Re:SSL, anyone?

[ultranova]

The 2 things are orthogonal to each other. DNSSEC insures that the site you go to is ACTUALLY the site you wanted to go to.

HTTPS just encrypts the traffic to/from that site once you get there.

Not true. HTTPS also includes a certificate-based indentifying system. Otherwise it would be pretty worthless, as nothing would stop a man in the middle from intercepting the initial contact attempt.

Re:SSL, anyone?

[smoker2]

I don't agree there. If the US Govt can't get their own Authority key added to the browser (like Thawte, verisign etc) then they're not trying. It's pretty hard to circumvent a built in device by getting a cheapo freessl cert. They could even make it so that when you access such a govt. site, a big popup tells you that you ARE at a govt. site.
It's cheaper to include a new Authority in the browser than change the whole DNS system worldwide.

Re:SSL, anyone?

[Mr+Thinly+Sliced]

You are absolutely correct - for spoofing with HTTPS to work without provoking some kind of warning, the spoofer needs a "valid" certificate (private key) with a valid correct certificate chain for the domain in question - it doesn't have to be the private key of the real owner... Social engineering for getting such a thing is feasible.

DNSSEC like HTTPS and certificates are all armour against malicious attackers, but as any security guy will tell you, there is no such thing as 100% real security, just various levels of confidence. DNSSEC helps in adding some extra confidence.

But lets not forget how many people just use unsecured site access - I pop along to my bank http site to obtain a phone number to call them....

Re:SSL, anyone?

[hal9000(jr)]

HTTPS also includes a certificate-based indentifying system.

More precisely, SSL/TLS authenticates the server you are talking to based on it's domain name and the certificates common name provided one of the following is true:

• The servers certificate is signed by a trusted CA. A trusted CA means the CA certificate is in the browsers (in the case of a web browser) certificate store.
• OR The servers certificate is self-signed, and a copy of that self-signed certificate is in the browsers certificate store. Hopefully you got the self-signed certificate via a trusted source.

You could summ up the difference this way. DNSSEC ensures you IP addressed attached to a hostname resovled via DNS is authentict. SSL Ensures that you are actually talking to the intended host.

Re:SSL, anyone?

[Giant+Electronic+Bra]

Actually unless BOTH the client and server must present certificates (which is not supported by any web site I know of) then a MITM attack is PERFECTLY feasible over SLL.

It is true that if I'm 'evil hacker' and I spoof your DNS for say www.irs.gov then I have a problem that if that URL is HTTPS I don't have a copy of their SSL certificate and I can't get one that will work without a pop up warning.

HOWEVER that is rarely the case, home pages are always straight HTTP. So evil hacker can now present me with any content he wishes and as far as I can tell it is coming from www.irs.gov, and NOTHING will tell me different, or even could in theory tell me different.

At that point anything I navigate to within that site is under evil hacker's control and there are trivially simple ways evil hacker can present content to me that will be HTTPS and yet be going to whatever site he does control, like simply pointing an insecure FORM at an HTTPS target on a URL evil hacker DOES own (which will have a good SSL cert). Combine that with clever framing and use of some plausible sounding URLs and the probability that the victim will ever notice what's happening is pretty small.

HTTPS is a useful security mechanism, but in the face of compromised DNS it is not at all sufficient. Besides, as I pointed out above, a MITM attack is perfectly feasible and so yet another tool is in the hacker's arsenal, one which is trivial to deploy in the face of DNS spoofing.

Now, lets think really evil for a bit. Suppose I can spoof your DNS. HOW CAN YOU EVER BE SURE ANYTHING YOU DO FROM THEN ON FOREVER is not under my control? I can redirect your email, I can in fact be in the position of controlling EVERY SINGLE INTERACTION you have with ANYTHING from then on. I can take control of your A/V updates, your OS patches, your VOIP, absolutely anything. Not to say it would be worth all the work for evil hacker to do that in all probability, but once I own your DNS, I own your interaction with the network at a deep level.

Re:SSL, anyone?

[Giant+Electronic+Bra]

Sure, but if I control your DNS I can just patch your browser to do whatever I want... So for example I can install my own root cert.

DNS HAS to be secure, all other aspects of security on the net indirectly depend on the integrity of DNS, and once that is gone, then you have already lost all other battles. Its game over.

Re:SSL, anyone?

[blueg3]

This is the well-known "login page is not over https" problem.

Re:SSL, anyone?

[blueg3]

Except that automatic-update systems, such as what you would use to patch the browser against the user's will, only accept signed packages. You can hijack the domain name and send them all the malicious data you want, but they won't install it for you, because the browser doesn't implicitly trust the domain name.

DNS does not *have* to be secure. It just makes it much more convenient.

Re:SSL, anyone?

[Burz]

You don't know what you're blathering (at length, I might add) about.

Operating systems and browsers come with the public keys of the OS distributor and Certificate Authorities built-in. Unless the responses of the spoofer/MITM system can be validated with these crypto keys, then the user will be warned that the remote site is trying to use an invalid cert. But the spoofer doesn't have the private key of the OS Distro or CAs, so they can't generate responses that jibe with the client's crypto.

If you take over my DNS and try to direct me to false HTTPS sites then its a no-go. If the spoofing starts with HTTP then so what? You can't control the browser's address bar and make HTTPS://sitename + the Lock symbol appear.

Re:SSL, anyone?

[SanityInAnarchy]

for spoofing with HTTPS to work without provoking some kind of warning, the spoofer needs a "valid" certificate (private key) with a valid correct certificate chain for the domain in question - it doesn't have to be the private key of the real owner...

It does, however, have to be the private key of either the real owner or someone at a CA.

What does DNSSEC provide, exactly? I don't see any kind of CA system in place.

DNSSEC helps in adding some extra confidence.

How so, if you're already using SSL?

It's like encrypting a file with single DES, and then re-encrypting that same file with AES256. WTF was the point of the DES in the first place?

But lets not forget how many people just use unsecured site access - I pop along to my bank http site to obtain a phone number to call them....

And let's not forget how many browsers don't support DNSSEC, or how many people will just use a public terminal.

If we're going to make things secure, it has to go both ways -- users have to be educated, at least somewhat ("Look for the green bar!"). If we're not going to be secure (just call a number you found on an untrusted link to your bank site, and give them all your info), what's the point of this discussion?

Re:SSL, anyone?

[SanityInAnarchy]

HOWEVER that is rarely the case, home pages are always straight HTTP.

https://www.paypal.com/
https://mail.google.com/

It's worth mentioning that if the government is going to go to some expense to implement DNSSEC, it would be far more beneficial for them to simply SSL all their sites.

there are trivially simple ways evil hacker can present content to me that will be HTTPS and yet be going to whatever site he does control, like simply pointing an insecure FORM at an HTTPS target on a URL evil hacker DOES own

Except that if the page that form is on is encrypted, he can't intercept it and send the form. That is, unless said page is on a domain he controls, as you say -- in which case, the URL will be https://evilhackersite.com/whatever, and I won't fill out the form, nor will my browser auto-fill my information to that page.

Combine that with clever framing

Irrelevant. Still doesn't get around the problem where the root frame must be a domain I trust -- meaning that domain could very well choose not to use frames. Problem solved.

some plausible sounding URLs

Extremely unlikely that you'll be able to get a cert for https://paypals.com/, particularly an extended-validation cert.

And borderline impossible that you'll be able to get one of those for any .gov domain, which is what this is about. How, exactly, are you going to fool me into thinking I'm on an https://whatever.gov/ page when I'm not?

What's more, every single attack you've described works just as effectively over DNSSEC. There really aren't many attacks which work over DNSSEC but not HTTPS, compared to the attacks which work over HTTPS, but not DNSSEC.

Suppose I can spoof your DNS. HOW CAN YOU EVER BE SURE ANYTHING YOU DO FROM THEN ON FOREVER is not under my control?

Firstly, it's unlikely you can spoof my DNS -- I VPN home when on untrusted networks, so you won't be doing it on the Starbucks wifi.

Second, it's simple: I use HTTPS, or better. You're not getting my email, or my PayPal account, or my Slicehost account, or anything else I care about.

Re:SSL, anyone?

[Giant+Electronic+Bra]

http://www.monkey.org/~dugsong/dsniff/faq.html

Section 3.4, and I quote

Although HTTPS and SSH are encrypted, they both rely on weakly bound public key certificates to identify servers and to establish security contexts for symmetric encryption. As the vast majority of users fail to comprehend the obtuse digital trust management PKI presents (e.g. is an X.509v3 DN really meaningful to you?), a simple monkey-in-the-middle attack works quite well in practice.

Client traffic to a target server may be intercepted using dnsspoof and relayed to its intended destination using the sshmitm and webmitm proxies (which also happen to grep passwords in transit). For example, to sniff Hotmail webmail passwords, create a dnsspoof hosts file such as:

1.2.3.4 *.passport.com
1.2.3.4 *.hotmail.com

where 1.2.3.4 is the IP address of your attacking machine. Local clients attempting to connect to Hotmail will be sent to your machine instead, where webmitm will present them with a self-signed certificate (with the appropriate X.509v3 distinguished name), and relay their sniffed traffic to the real Hotmail site.

sshmitm is perhaps most effective at conference terminal rooms or webcafes as most travelling SSH users don't carry their server's key fingerprint around with them (only presented by the OpenSSH client, anyhow). Even sophisticated SSH users who insist on one-time passwords (e.g. S/Key), RSA authentication, etc. are still at risk, as sshmitm supports monitoring and hijacking of interactive sessions with its -I flag.

Re:SSL, anyone?

[Mr+Thinly+Sliced]

It does, however, have to be the private key of either the real owner or someone at a CA.

What does DNSSEC provide, exactly? I don't see any kind of CA system in place.

Lets imagine that via social engineering I am able to get a fake certificate signed, so its trusted. Without DNSSEC I can spoof the DNS and off we go with my dodgy parallel site.

With DNSSEC, I have to go to the additional effort of social engineering the DNS entry too - its far from perfect, but as I mentioned before, its an additional bit of confidence or barrier to pulling off some kind of site re-direct

How so, if you're already using SSL?

It's like encrypting a file with single DES, and then re-encrypting that same file with AES256. WTF was the point of the DES in the first place?

Not really, its not a second level of the same thing, its securing something different to SSL - the server location / discovery.

And let's not forget how many browsers don't support DNSSEC, or how many people will just use a public terminal.

If we're going to make things secure, it has to go both ways -- users have to be educated, at least somewhat ("Look for the green bar!"). If we're not going to be secure (just call a number you found on an untrusted link to your bank site, and give them all your info), what's the point of this discussion?

First thing - DNSSEC wont be just a browser thing - should be supported at the OS level really. But regarding naive users - I totally agree with you - its impossible to do any of this without education on the part of users - but we should at least attempt to provide some level of trust for server locations too. I know your question was originally relating to HTTPS, but the internet is not just secure websites - what about securing email? As I mentioned before, I'd love this since we can then begin to clear up the mess that is spam.

Re:SSL, anyone?

[SanityInAnarchy]

With DNSSEC, I have to go to the additional effort of social engineering the DNS entry too

Does DNSSEC have a concept of a certificate authority? Or could you simply spoof the DNSSEC entry as well?

the internet is not just secure websites - what about securing email?

For user-level security, there's GPG. For account-level security, there's still SSL -- HTTPS for web apps, but SSL for IMAP, also.

As I mentioned before, I'd love this since we can then begin to clear up the mess that is spam.

Should I fill out The Form for you?

Re:SSL, anyone?

[Burz]

Somehow I knew if you responded, you would start with the assumption that users will bypass the certificate warning.

My users don't accept bogus certificates; they know to watch for the Lock + proper domain together in the address bar because I communicate basic browsing knowledge to them. So what is wrong with your users?

Re:SSL, anyone?

[Burz]

Even the convenience is questionable. Just maybe DNSSEC would prevent webmasters from having to convert "http://etc" links to "https://etc" en-masse.

Then again, if the sensitive parts of the site are already https, then why bother? Even from a resource-use perspective, the crypto burden may be only slightly less than https.

Re:SSL, anyone?

[Mr+Thinly+Sliced]

(1) DNSSEC is signed DNS entries, where the fetch of each domain level retrieves a key and DNS entries signed using a private copy of that key. Client verifies entries using the public copy of the key.

There is no idea of a certificate authority as yet, the "trust" comes down the tree from the root DNS servers.

(2) You still don't seem to see the difference between securing the stream, and securing information about where the stream should be sent to.

(3) No need for rudeness. I'd suggest you read up some more on security.

Re:SSL, anyone?

[Giant+Electronic+Bra]

Hahahaha, yeah, right.

Several studies have been done on what users actually will and won't do. If your security is based on the myth that your users will do the right thing, then you HAVE no security.

Re:SSL, anyone?

[SanityInAnarchy]

DNSSEC is signed DNS entries, where the fetch of each domain level retrieves a key and DNS entries signed using a private copy of that key. Client verifies entries using the public copy of the key.

So, in other words, anywhere between here and the root servers, someone could pull an effective MITM.

You still don't seem to see the difference between securing the stream, and securing information about where the stream should be sent to.

I do, it's just that SSL covers both. The difference is that the "where" in this case is not an IP address, but a private key, which is considerably more secure.

No need for rudeness. I'd suggest you read up some more on security.

I don't think I was condescending, except for mentioning the spam form -- and I think it is relevant. Let me know if I've made some incorrect assumptions:

Your post advocates a

(X) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(X) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(X) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
(X) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
(X) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
(X) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and pain

Re:SSL, anyone?

[blueg3]

DNSSEC protects things that aren't secured by https, like MX records. I suspect it's also easier to implement than forcing everyone to move to HTTPS and other encrypted protocols.

The parts of the Web where you don't care about security are built around HTTP, but there's still value in preventing them from being hijacked.

Re:SSL, anyone?

[Mr+Thinly+Sliced]

Yep the spam form was what I was getting at.

I do, it's just that SSL covers both. The difference is that the "where" in this case is not an IP address, but a private key, which is considerably more secure.

As I mentioned before adding security to the location increases the difficulty in pulling off a hack / redirect. I think that using SSL for location security is the wrong approach (application layer) - it should be at the network layer.

So, in other words, anywhere between here and the root servers, someone could pull an effective MITM.

No, since each recursive lookup also involves pulling down a signed record indicating where the next level of lookup should go. That next level pull is for the next level key, signed/hashed using the root level key ad infinitum.

Say I'm looking for www.blah.com (grossly simplified, but gets the idea across)

Now I will have root (level 0) key locally, so my machine goes to level 0 server, asks for where the server for level 1 of blah.com is and gets a signed hash of level 1 key.

It replies with where level 1 server for blah lives signed using level 0 key.

Now I contact level 1 server and ask it for its key info for blah.com.

It replies with the level 1 key that can be used to verify responses from the level 1 server, and I check the hash matches that retrieved in first contact.

Now I ask level 1 server for where www.blah.com can be found, it replies with the IP address signed using its key from level 1.

The chain of trust above is the hierarchical nature of the key signing (search for "secured pointers" and or/DS DNS record), or look here

From a technical standpoint, there is no man in the middle - you must do something equivalent to certificate forging/stealing or some kind of social engineering hack.

I know this isnt a "spam" killer, its one of the tools we will need to begin to fight back. Verifiable sources are vital.

So since you went to the effort of filling the form in, here we go:

* technical approach

As I mentioned, I was not advocating it as being _the_ solution, just one of the tools that will come in handy for various reasons

* It will stop spam for two weeks / open relays in foreign countries / armies of worm riddled broadband windows boxes

Of course all of these things will not go away just from securing domain name lookups - things get a lot easier to check when we "know" the source of the connection. It helps in tracking down where the spam is coming from - the "stopping it" bit has to follow the existing model (police action / court etc), until a more workable situation can be found. But to look at the situation with telephones, caller ID makes a huge difference to tracking down criminals.

* Countermeasures must work if phased in gradually

Lets imagine we have location security, we can begin to build a web of trust for mail servers now. DNSSEC is a pre-requisite to beginning to clean up the dirty parts of the web.

* Ideas similar to yours are easy to come up with, yet none have ever been shown practical / Feel-good measures do nothing to solve the problem

Fair enough, I've tried to show you it does have some benefits, and I will leave it at that.

Have a good day.

Mr Thinly Sliced.

Re:SSL, anyone?

[Burz]

DNSSEC protects things that aren't secured by https, like MX records.

And if email is sent via SSL connections?

What is so bad about making SSL/https the default? All digital signature schemes are based on crypto anyway; actually performing the crypto uses hardly any more resources than validating DNS because the burden is almost all in the public key overhead.

Who would administer the root cert? Oh, let me guess... the U.S. of A. government who just happens to be the first mover on implementing this more-centralized-than-https scheme.

But I suppose one can feel secure that DNSSEC is working even as MITM attacks insert browser and other exploits into unencrypted data (which will be more, not less common because of the extra load DNSSEC will be placing on servers).

What a fool's solution.

Re:SSL, anyone?

[blueg3]

It's unwise to run a DNS server on the same machine as an HTTP/HTTPS server anyway, so DNSSEC will put no additional load on those servers. (They will put additional load on DNS servers, and that limits adoption.)

The US government doesn't administer any of this, and they're not by any means the first mover on this. They just happen to control quite a few websites and make press releases.

As far as sending e-mail via SSL, are you familiar with what MX records do? It should be clear that SSL provides absolutely no protection for MX record poisoning.

Re:SSL, anyone?

[SanityInAnarchy]

Of course all of these things will not go away just from securing domain name lookups - things get a lot easier to check when we "know" the source of the connection.

And if the "source" happens to be legitimate, but is not using DNSSEC?

I suppose I should have checked the boxes indicating people who will not put up with it.

But to look at the situation with telephones, caller ID makes a huge difference to tracking down criminals.

Caller ID is opt-out, and law enforcement has an override to the normal level of opting-out.

Countermeasures must work if phased in gradually

Lets imagine we have location security, we can begin to build a web of trust for mail servers now.

And the day when you start using that web of trust to classify mail is the day I get blocked for not participating in it.

It's also the day people in business, particularly in marketing, start to riot, because they need to be able to receive mail from anyone, so long as it's not spam. You can't have mail from a prospective customer being blocked.

Re:SSL, anyone?

[Burz]

The US government doesn't administer any of this, and they're not by any means the first mover on this. They just happen to control quite a few websites and make press releases.

So there are other TLDs already on DNSSEC?

Its still highly centralized and the official status of not being controlled by US govt is merely a pretense in a country that so frequently goes on a war footing. It is also the same govt that is now working with China in the IETF to irradicate anonymity from the Internet.

As far as sending e-mail via SSL, are you familiar with what MX records do? It should be clear that SSL provides absolutely no protection for MX record poisoning.

It can protect a mailer from sending mail through an impostor. I believe that MX records might still be sabotaged by an attacker, such that routing preferences could be forged and causing traffic problems; though I am not aware of such an attack ever happening.

Re:SSL, anyone?

[blueg3]

It's perfectly valid for the MX record to specify that the mail handler for foo.com is mail.foo.com, or even mail.bar.com. Valid and common. To send the mail, then, you're connecting to mail.bar.com. Say this SSL connection is authenticated such that you're sure you're talking to mail.bar.com.

So, the attacker just changes the MX record to mail.evil.com. (Through, for example, DNS cache poisoning.) So, now you set up an SSL connection to mail.evil.com, and you're sure you're talking to mail.evil.com.

The SSL connection is completely valid, yet your mail has been hijacked.

Re:SSL, anyone?

[Burz]

So, the attacker just changes the MX record to mail.evil.com.

Sure, real simple... Just need to find mail and DNS servers sitting on the same subnet as some cheesy, infested PCs. Then execute the attack which BTW leaves the attacker with a verified IP/identity and a big "arrest me!" sign on their back.

The chances of this happening are...?

Re:SSL, anyone?

[blueg3]

You (a) shouldn't base a security approach on having no malicious computers on your subnet (b) don't need access to the subnet to execute this attack and (c) don't even need access to the routing path (which you could obtain without being on the same subnet with BGP hacks, among others).

All the information the MX record contains is the address of a machine you can control. It doesn't have to be yours, as long as you control it.

Using MX forging to redirect mail traffic in exactly this manner has been used in the wild (against unnamed US government organizations, for that matter), so I'd say the chances of this happening are 100%.

Re:SSL, anyone?

[Burz]

LAN security is as important an aspect of physical security as any other.

The rest of what you're saying seems pretty specious, esp. the hand waving about BGP; That's like worrying about whether the Russian Navy warship is going to break into your safety deposit box at the Post Office. :-D

With all of the worry over warrant-less spying, webmasters and an increasing number of clients will probably just opt for a validation system they already know (https) and reap the data encryption benefit at the same time.

Re:SSL, anyone?

[blueg3]

In case you didn't read, I did mention that a successful attack requires neither access to the internal network nor BGP hijacking.

Considering BGP hijacking has also been successfully done (recently) and is an excellent way to get access to communications, I'd hardly call it specious. Yet secure protocols like DNSSEC and HTTPS provide security in the case where your route goes through hostile nodes.

Again, by hijacking the MX record for a domain -- an attack that doesn't require any particularly privileged access on the target's network -- mail to that domain can be sent instead to an arbitrary third party. Applying SSL to the SMTP connection does not in any way protect against this, because there's no guaranteed connection between the name of the domain you are e-mailing and the name of the server handling its mail other than the information provided in the MX record. Securing the DNS lookup is necessary.

Scam

[Arthur+B.]

www.irs.gov â" is operated by the Internal Revenue Service and not a scam artist

www.irs.gov is operated by a scam artist

There, fix that for you.

Re:Scam

Hi Authur,

I'm with the IRS homeland security department and would like to look into those scams. Please provide your social security number and we'll get back to you ASAP.

Regards,
Tax D Man

I wish they had thought of that

[Chrisq]

Before I took up their cash-in hand job offer to deliver a package to their embassy in Islamabad. I've started to wonder whether the ticking really is an alarm clock. ;-)

Re:I wish they had thought of that

[jonaskoelker]

Before I took up their cash-in hand job offer

So did you get the hand job in your sweet ass-car? ;)

A bar decides to have a contest about ...

who can squeeze every last drop of juice out of a lemon. So, the local strong guys line up and try....

The first guy, a big burly construction guy give it a try and squeezes the lemon so that nothing comes out.

A big body builder guy walks up and squeezes some more drops out but then nothing.

Another big guy shows up and nothing. Just as the bartender was about to announce a winner, a small, bespectacled fellow wearing a business suit walks up and says in a mousy voice, "Let me try."

Laughter ensues around the bar and they hand him the lemon. He squeezes and out pours more juice and he's declared the winner. The body builder asks, "How did you do that ?!?"

The little guy answers, "I work for the IRS."

Oh no

[otacon]

So when I went to the IRS site to pay my taxes and it said I was the 1 millionth visitor and won an iPhone, that wasn't real? Now I kno why I've been waiting months for this thing to come in the mail.

HOORAY. This is a GOOD THING.

[dwheeler]

This won't solve all the problems of the universe, but this is a GOOD THING. Securing DNS is absolutely critical to making the Internet a safer place. If I type in "irs.gov", I want to go to "irs.gov", not some spam site, and this helps me get there. DNSSEC can provide IP addresses with a strong guarantee that the IP addresses are actually correct. DNSSEC can even provide other keys, and make it possible to EASILY send secure emails without having to do a key exchange ahead-of-time. See, for example: http://www.dwheeler.com/essays/easy-email-sec.html

How not to worry about the online IRS security...

[Notquitecajun]

File by paper, particularly if you have to pay out. You get it in the mail and your money stays in your account earning you a little more interest for a few more days.

Not so fast!

[duplo1]

My understanding is that unless DNSSEC is implemented in the last mile resolvers (e.g. my ISP), it doesn't buy a whole lot, especially when it comes to preventing cache poisoning attacks. Moreover, according to RFC4035, delegation records and glue records aren't subject to public key verification (i.e. not signed), so DNSSEC could still be vulnerable. Until DNSSEC is pushed out to the end user to the point that are browsers are performing signature verification, I don't think it's going to buy us the security we're looking for. Even then, with PKI being notoriously difficult to implement, I'm sure it will be botched and somebody will find ways to poison public key registries with fake public keys, etc.

Re:Not so fast!

[amorsen]

My understanding is that unless DNSSEC is implemented in the last mile resolvers (e.g. my ISP), it doesn't buy a whole lot, especially when it comes to preventing cache poisoning attacks.

DNSSEC was written with the explicit goal of not having to trust or upgrade servers in the middle. Your machine needs to to the DNSSEC verification itself. Not the browser, or you would only have secured the browser. Not the last mile resolver, as you call it, because you can't trust that.

Re:Not so fast!

[hardaker]

You have to decide if you want to trust your ISP to do validation for you or if you want to do validation yourself (the average Joe will likely have this decided for them). If you trust your DSL (whatever) link to your nearest validating resolver (you're ISPs) and you trust your ISP, then you have functionally a secure(ish) path. If you're more paranoid, then get a on-system validating resolver or validating applications (the DNSSEC-Tools project has a validating version of firefox2).

And the DS record (which is a hash of a childs key) is signed so there is a secure trust path from root to final DNS entry being resolved. Glue, as you pointed out, is not signed but that's because a parent isn't authoritative over glue records. The best you can get with spoofing glue is a DoS.

This can deal with the Chicken-and-egg problem

[dwheeler]

You're quite right, it's perfectly secure if the client systems have the .gov TLD public key. And almost no one does, today. Of course, no one will bother trying to get DNSSEC or these keys until there's something to verify.

This is a classic chicken-and-egg problem. The good news is that the U.S. government _CAN_ require that its OWN sites implement DNSSEC - and once that's done, people who deal with those sites (most U.S. citizens) will have a reason to install DNSSEC and the relevant .gov keys.

What will probably happen is that there will be a Firefox plug-in (if there isn't already) that supplies these keys, and slowly browsers will add support for all this. The result: Accessing these sites will become more secure, over time. Good thing.

Re:This can deal with the Chicken-and-egg problem

[Lennie]

yes, there is one:

http://www.nlnetlabs.nl/dnssec/drill_extension.html

Re:This can deal with the Chicken-and-egg problem

Your "DRILL" .xpi addon only appears to be compatible w/ FF 1.5-2.x, NOT 3.x (the current series of FireFox)... see the bottom of that page, Lennie.

Re:This can deal with the Chicken-and-egg problem

[Lennie]

Well it's not mine.

I just pointed out, yes one exists, I've never used or tried it.

maybe they can work out how to archive emails next

[toby]

Since accountability evasion has proven notoriously hard to fix, and shows every sign of being an ongoing problem.

Re:How not to worry about the online IRS security.

[The+Dancing+Panda]

Because we all know physical mail is impervious to man-in-the-middle attacks.

Good for IPv6 adoption?

[Gamma746]

Since IPv6 addresses are more or less impossible to remember, (especially to the average user) being able to trust hostnames would really help security-wise.

Scam Artist

"When you file your taxes online, you want to be sure that the Web site you visit â" www.irs.gov â" is operated by the Internal Revenue Service and not a scam artist."

This sentence confuses me! It seems to imply some distinction between "IRS" and "scam artist" of which I am unaware.

Why not DNSCurve?

[feld]

I'm not here to give DJB a handjob, but I do think his idea of DNSCurve is quite brilliant.

http://dnscurve.org/

Re:Why not DNSCurve?

[Wowlapalooza]

Yes, but they solve slightly different problems. Basically, DNSCurve is point-to-point and DNSSEC is end-to-end. This distinction is very important to keep in mind, since DNS resolution often goes through multiple "middlemen", some or all of which you may not particularly trust.

There is a decent page on the site you linked, highlighting the differences between the two solutions: http://dnscurve.org/dnssec.html

Why this is a bad example

[OpenYourEyes]

Ignoring if DNSSEC is good or not, this is a pretty bad example of why to do this. Nobody goes to irs.gov to file their taxes. Instead, they go to a third-party (like Quicken, as just one example) who will file their taxes with the IRS. This was part of a deal worked out many years ago - in exchange for the IRS not providing its own e-file solutions, the third-party companies would have to provide free online e-filing (but would still, of course, be able to sell their own software to do the same thing).

Congress is the theif, IRS is just the tool

The IRS doesn't get to set the tax rates. Congress does. If you don't like being taxed to death, take it up with the real villians.

IRS is just a lap dog.

Re:Congress is the theif, IRS is just the tool

[hclewk]

Yeah, but it is a bloated, bureaucratic lap dog.

HTTPS?

[supernova_hq]

Could someone please explain the difference between what they are doing and simply installing SSL Certs?
This sounds a lot like non-news to me...

Re:HTTPS?

[Simon+(S2)]

https certs, if implemented correctly, grant end to end encryption and authentication from one endpoint to another (usually your browser and the server you connect to): you know who you are talking to and the stuff you send is encrypted.
dnssec, on the other hand, "guarantees" you, that the DNS entry of www.example.org you get back from the DNS server is unadulterated and legitimate.
You are right with your assumption that dnssec doesn't add anything new: if https is implemented and used correctly, you are already "secure".

Re:HOORAY. This is a GOOD THING.

This won't solve all the problems of the universe, but this is a GOOD THING. Securing DNS is absolutely critical to making the Internet a safer place. If I type in "irs.gov", I want to go to "irs.gov", not some spam site, and this helps me get there.

Irs.gov being irs.gov can be verified with HTTPS and SSL/TLS.

DNSSEC can provide IP addresses with a strong guarantee that the IP addresses are actually correct.

Yes, but having the correct IP address doesn't still prevent man-in-the-middle attacks or re-routing your traffic. HTTPS and SSL/TLS, on the other hand, would guarantee that you're talking to the correct endpoint.

DNSSEC can even provide other keys, and make it possible to EASILY send secure emails without having to do a key exchange ahead-of-time. See, for example:
http://www.dwheeler.com/essays/easy-email-sec.html

Easily? Did you read the text behind the link yourself? Non-DNS key from DNS to access LDAP to and fetch user keys via some 'not-yet-available' mapping?

What's wrong with using plain LDAP to fetch a certificate, verify certifice and encrypt away? You know, the standard way.

DNSSEC has it uses, but heck, well documented problems as well. It can certainly work for .gov, where single entity is verifying and certifying domain keys.

Oh man, do I hope Dan J Bernstein is reading....

He has certainly mellowed a bit in recent years (he used to come across as an arrogant prick), but he's pretty good at explaining why DNSSEC does NOT solve much, if anything.

what about...

[hesaigo999ca]

I know I may be stating the obvious, but we all know that the only way someone can own the name .gov is now if the were able to poison the dns cache on a server you are pinging...so what about for safe keeping I was to let's say, ask for 103.45.3.23 which is the actual server the us government uses.
This would avoid all these problems for posting your taxes online, and it's not like I need to remember a million of these addresses, how about just 1....the one you are needing to post to, make it available online everywhere, so that if people want to feel safer, they can use the number instead of trusting a man in the middle saying what the url resolves to....no?

filing at irs.gov

[socsoc]

Since when does www.irs.gov allow you to file taxes? Last I checked, they only list other sites that allow you to file... None of which are .gov.

DNSSEC is not the solution

[root777]

Authentication should not be performed at the DNS level. Spoofing needs to be prevented at the application layer instead. Is DNSSEC help me verify and validate my IM buddies? What about P2P or for that matter any other distributed systems or for large scale online apps such as YouTube. Are we trying to force a square peg into a round hole here? Sure DNSSEc would upgrade the whole infrastructure space but like anything else, implementation is the key.

Re:DNSSEC is not the solution

[Wowlapalooza]

Did you read Kaminsky's full presentation? Oftentimes higher-level security measures can be circumvented if the lower levels are not sufficiently secured. E.g. SSL-protected password protection can be circumvented if there is a "forgot my password?" mechanism and the provider's cache can be poisoned with a bogus mail server address. Defense in Depth requires that we address security at all levels of the infrastructure, and the DNS level is a pretty damn important one.

Re:HOORAY. This is a GOOD THING.

Easily? Did you read the text behind the link yourself?

Heh man... look at the name on the paper and his /. login... This guy *wrote* that piece of garbage in 2002, revised it in 2007... He's been delusional for at least 6 years, trying to get a non existing problem fixed.

What's wrong with using plain LDAP to fetch a certificate, verify certifice and encrypt away? You know, the standard way.

Absolutely nothing. Works like a charm.

Re:HOORAY. This is a GOOD THING.

[gkuz]

If I type in "irs.gov", I want to go to "irs.gov"

It's 2008. Does anybody type URL's any more?

SQL in the HTML!

[Plugh]

Maybe someone will finally fix the apparent glaring security hole in New Hampshire's .gov website.

Re:SQL in the HTML!

'.us' ne '.gov'

Re:How not to worry about the online IRS security.

[not-my-real-name]

But you can pay a little more and send it certified or registered. That will provide some evidence that you actually sent it. I think that certified just gives you a receipt, but registered is theoretically traceable end-to-end.

Oh, and note this MITM IS feasible

[Giant+Electronic+Bra]

http://www.sans.org/reading_room/whitepapers/threats/480.php

Again, from this paper:
                                                                                                                    This paper examines the mechanics of the SSL protocol attack, then focusses on the
greater risk of SSL attacks when the client is not properly implemented or configured.
One faulty SSL client implementation, Microsoft's Internet Explorer, allows for
transparent SSL MITM attacks when the attacker has any CA-signed certificate. An even

greater risk is posed by unprotected systems where an attacker can preload his/her own
trusted root authority certificates. In public environments such as libraries and computer
labs, there is little to prevent such an attack from taking place. Casual observation of such
places indicates that an attacker would see them as low-risk, high-opportunity
environments.

Post Office going the other direction.

[Sierpinski]

It is a good thing I think that the government is adding this extra step of security. While I will never believe anything is crack-proof, the more layers the better, and anything is better than nothing. However, for several years it seems the U.S. Post Office has been going in the wrong direction, because (and I just checked this again) when you navigate to http://www.usps.gov you are automatically redirected to http://www.usps.com. Apparently they want people to think they're a commercial business instead of a government agency. Personally I feel better using sites like irs.gov and usps.gov, because I know they are the real deal, and not some phishing site. (In general of course.)

Instead of redirecting usps.gov to usps.com, they should do the reverse and redirect usps.com to usps.gov. Just my two cents.

Not

[Burz]

Stop behaving like a hysterical hack!

Relying on bugs and physical access (for crissesake) is not an attack on the protocol itself. Esp. when the implementation being discussed is a six year-old version.

Every complex piece of software has bugs, particularly early-on. You seem to think that DNSSEC implementations will somehow be an exception.

Re:Not

[Giant+Electronic+Bra]

DNSSEC has been around for quite some time. It isn't some kind of brand new protocol.

I also never said that DNSSEC was some kind of panacea. It is a NECESSARY component of a secure internet. Without it you can't be secure. I never said that HTTPS wasn't also a component of security, all I said was if you think HTTPS BY ITSELF is making you secure, then you are just plain demonstrably WRONG.