Father of SSH Says Security Is 'Getting Worse'

alphadogg writes with an excerpt from an interview with the designer of SSH-1: "Tatu Ylönen has garnered fame in technology circles as the inventor of Secure Shell (SSH), the widely used protocol to protect data communications. The CEO of SSH Communications Security — whose crypto-based technology invented in 1995 continues to be used in hundreds of millions of computers, routers and servers — recently spoke with Network World on a variety of security topics, including the disappearance of consumer privacy and the plight of SSL. (At the Black Hat Conference this week, his company is also announcing CryptoAuditor.)"

ssh

- But what if anything could replace the SSL certificate infrastructure?
- For consumers in the short term, no. But SSH is an option, especially for automation. It would require an extension to SSH. I actively proposed it to replace SSL 15 years ago but I was basically railroaded at the IETF by Microsoft and Sun!

"...Imagine all the people
browsing through SSH, uh uh u-uh uh"

Re:ssh

[garyisabusyguy]

implementation and usage are the weakest links in any security plan

any given encryption tool can be made weak in implementation by using short keys or failing to salt the encryption

any security infrastructure can be made weak by users who send email in clear text, directly exchange passwords in the same medium the password is used for, continue to use telnet or ftp when ssh and sftp are available

It makes me happy to think about a completely secure computer system with NO USERS since that is the only way that you could possibly make a system secure

Re:ssh

That doesn't make any sense. Ssh uses unverified self signed keys.

Re:ssh

Incorrect. That is how people use it, but that is not how it is most securely implemented. If you absoultely must guarantee the authenticity of a key, you have to meet in person, just like you have to do so in order to absolutely guarantee the security of a GPG key or SSL cert for that matter.

SSL and GPG both offer methods to help you trust a key proffered via CAs and trusted key signing, which helps, but those methods do not facilitate a 100% guarantee of authenticity.

Re:ssh

[QuantumRiff]

There is nothing wrong with SSL.. it works well to encrypt traffic between sites. its the way we manage the certificates that is ugly, and prone to lots of attacks and hacks. (How many Root CA's are automatically trusted by a browser?)

Just using DNSSEC to store the public keys for SSL would be a huge step up. No more trusting a company in the netherlands that signed your key for gmail.com. Just look it up in DNS. (yes, people could I guess hijack DNS), but that should be detected pretty quickly by comparing the keys between different computers in different regions.

Most people just want to encrypt the traffic between themselves and www.$x.com, and that the server that claims to be www.$x.com is the same one in DNS. I could really care less that www.$x.com is actually the company residing at a verified address, with letterhead, etc. Basically, domain validated certificates (which are pretty common for SSL now) shouldn't use a CA anymore.

Re:ssh

Salt the encryption? Never heard of that.

Re:ssh

It makes me happy to think about a completely secure computer system with NO USERS since that is the only way that you could possibly make a system secure

Then you should be pleased to know that RIM has been making great strides on their implementation of this idea. It might even be finished within the next year.

Re:ssh

Yup, and that was the point.

It's not about the protocol, but about the fake "security feeling" that a couple of "CA's" can create...

Re:ssh

As someone who has seen mission impossible, meeting someone in person gives no guarantee that he is the person you think he is.
Could be someone in a rubber mask.

Re:ssh

[EyelessFade]

The full SSL specification also states that both parties have an trusted certificate. Its a 20-something step handshake. only two of those are sending user data. This is not used in todays web

Re:ssh

[vlm]

Most people just want to encrypt the traffic between themselves and www.$x.com, and that the server that claims to be www.$x.com is the same one in DNS. I could really care less that www.$x.com is actually the company residing at a verified address, with letterhead, etc.

Well, somebody's outed as not being able to answer "What a man in the middle attack?"

Re:ssh

[aix+tom]

As someone who as seen Firefly, it isn't even enough to live with a man 40 years. Share his house, his meals. Speak on every subject.

You have to tie him up, and hold him over the volcano's edge. And on that day, you will finally meet the man.

Re:ssh

[vlm]

Technically incorrect. You don't have to meet in person to transfer individual id_rsa.pub files to be inserted into the .ssh/authorized_keys file, you just have to find a secure way to share a symmetric encryption key with someone and then transfer the mcrypt'd key data at your leisure. In english this more or less describes how a certain script of mine transfers my authorized_keys file around to various machines, there's also a md5 hash to see if the data has been messed with or corrupted, etc.

Also meeting in person, perhaps to examine each other's govt issued identity docs, is only really useful if you're better at detecting fake/falsified identity documents than the opposition is at creating or obtaining them. The opposition theoretically has much more impressive resources than you'll ever have.

Re:ssh

[erp_consultant]

Then you employ the "half of the jello box" method. Tear it in half. You get one half he gets the other. When you meet, compare them. If they don't match exactly he's not the guy ;-)

Re:ssh

Nope, you misread that. There is a technical MITM attack, but SSL with DNSSEC-hosted keys protects against that. And then there's talking to the wrong server at the wrong domain.

Suppose you want to download Firefox and type the name into Google, which gives you an ad for www.totallylegitfirefoxdownloads.com, which has an SSL certificate from a Chinese CA. If you click on that, you won't get a warning. You'll get owned instead. That's not a MITM attack. You're simply talking to the wrong server, which is what "extended validation" certificates are supposed to prevent, by not only assuring you that you're talking to a server which is authorized or operated by the domain owner, but also telling you with high certainty who that is. That was supposed to be how it works from the very start, and it didn't, so now it's supposed to work with EV certificates, and it won't.

If you go to https://www.mozilla.org and your browser complains that the key is not the one in the signed DNS record for www.mozilla.org, then that is a MITM attack, and you only get owned if you ignore the warning. DNS-hosted SSL keys would be a huge step forward for SSL, by eliminating hundreds of possible but unnecessary trust chains from the root to your certificate. The only remaining trust chain is the one induced by the DNS hierarchy.

Re:ssh

Salt the encryption? Never heard of that.

It's not a car analogy but here goes -

You've never caught your roommate pee in the alphabet soup?

Re:ssh

[element-o.p.]

any security infrastructure can be made weak by users who...continue to use telnet or ftp when ssh and sftp are available...

Where I work, we still use telnet in a few applications because, even though the hardware vendor includes an SSH implementation on some of our gear, it is so horribly broken that it is essentially unusable (for example, dropped characters up to 50% while typing commands because the processor can't keep up). The equipment works well otherwise so we keep using it, but I would certainly like to see them beef up the hardware so that we could use SSH instead. As far as FTP, I prefer to use SCP on any device that supports it. I've never really used SFTP, though, since pretty much every device I've used that supports SFTP also supports SCP.

Re:ssh

[QuantumRiff]

Exactly.. And since with a full DNSSEC implementation, everything should be signed by walking the tree... you could see that the root was signed. then the ORG subdomain was signed. then the mozilla.org subdomain was signed.

Re:ssh

[NatasRevol]

How secure is your md5 hash?

Re:ssh

[mlts]

SSL by itself is secure. However, it would be nice to have it allow to be implemented in a WoT fashion similar to PGP/gpg.

This way, I go to my banks's site. I'm 100% sure that the key is genuine because that is what shows up, and that the bank prints the fingerprint of the key for people to see when visting a branch. So, I sign the bank's key.

I go to another site. The key for the server is unknown, but I have 2-3 semi-trusted CAs all agree that the key is whom it is supposed to be. The threshold I set allows the SSL transaction.

I go to a third site, one CA says the key is OK, but nobody has zero clue about it. The threshold set will warn the connection is encrypted, but untrusted. Since it is just the listings for when the local vomitorium is open, the risk is acceptable.

The fourth site, a friend signed the key, but completely distrusting it. The Web browser refuses to go to the site, or if allowed to, shows that anything from there is suspect. A link leads to a discussion on this. After several people mention this on another forum, the owners of the site with the bad cert find that their DNS server was compromised as well as the CA they were using.

I wish SSL had this functionality in it. Since it is a superset of having root keys and a CA hierarchy, existing stuff would work. A compromised CA's damage would be greatly limited.

Re:ssh

[JoeMerchant]

a completely secure computer system with NO USERS since that is the only way that you could possibly make a system secure

I think that users on BOTH ENDS have to care about security (and know enough to do something about it) if a link is going to be secure, otherwise somebody is always going to get sloppy.

Re:ssh

[JoeMerchant]

Bell Helicopter had a similar safety plan for their birds: make 'em heavy enough that they won't get off the ground, that way they'll never crash.

Re:ssh

And sometime later your DNS response finally returns and you can then start to connect to the target host.

I mean, have you even looked at the sequence diagram for a single DNSSEC lookup? It's insane and requires non-trivial communication and computation.

The first ten or so hits here should help.

Re:ssh

DNS is heavily cached. That's not a problem for the SEC part of DNSSEC, because the records are signed, not encrypted. Validating DNSSEC is neither wizardry nor slow. Get Unbound and see for yourself.

Re:ssh

[Junta]

SSL certs conceptually contain SSH host keys as a strict subset of functionality. The strategy with respect to all-powerful CAs without limited authority domain is the big problem in x509 implementations. More sophisticated mechanisms to limit the scope of CAs and more carefully manage trust of CAs would go far to address the real-world problems of SSL.

I often find myself wishing ssh did have SSL mechanisms for user and client keys, but all ssh entities by default trust *no* CA and treat the keys like they treat ssh keypairs today, and normally speaking the admin would have to add one or two CAs pertinent to their organization if they wanted to take advantage of the extras of x509.

Re:ssh

[vlm]

How secure is your md5 hash?

LOL not relevant. More than secure enough for this problem. I really only use the last 16 bits or so.. Hmm the file on cluster03 has the last hex digits 1a just like the old version of the file as opposed to the new file which should end in d9... wtf

All you need is to do simultaneously to break my protocol and insert your key into my authorized_keys file as a MITM is:
1) Calculate a rsa pub and priv key (OK no problemo so far)
2) With the minor little criteria that your pub key, after being concatenated or inserted into the keys file and run thru mcrypt (oh wait, you need my mcrypt passphrase too) when pushed thru md5sum hashes to the same value so I don't notice you added it. Well I only look at the last 8 to 16 bits or so visually so...
3) Also wc -l .ssh/authorized_keys would look weird and your MITM attack file would have an unusual length, aside from all the crypto. Yes you don't notice going from 58 lines to 59, but you tend to notice going from 1 line to 2 lines.

Merely saying "md5 isn't secure because it was broken and now only offers 90 bits of security in a given plaintext attack" is a huge leap away from "my system is insecure".

Basically I'm testing file integrity two ways, does it md5 to the same value on both boxes in other words I gave them the correct mcrypted file and does it mcrypt decrypt properly given the verbally provided passphrase in which case its probably not been messed with. Or rephrased its not enough to break md5 or one of the mcrypt protocols, you have to utterly break them both with chosen plaintext attacks.

I could just GPG sign the thing and verify my sigs there and the GPG fingerprint for the signing key matches, if trusted data connectivity were already up, but this is a long story as to why not mostly involving transfer of the mcrypt key being verbal and I'm not about to uuencode my GPG pub key and read it over the phone so they have a copy to verify the sig etc etc. Why? Once you have SSH keys you can ghettovpn via tunneling to set up openvpn to etc etc... So its not a good general solution to secure file transmission, but is an interesting bootstrapping proposal.

Bootstrapping crypto trust is an interesting problem if you start it by voice and don't rely on a trusted 3rd party.

Re:ssh

[lewiscr]

If I can MITM the HTTPS connection, I can MITM the DNS query. Or just target users that already have DNSChanger.

Re:ssh

[dreamchaser]

Salt the encryption? Never heard of that.

Then read and learn. It's a common term and a good idea to use the methodology in any encryption implementation. It actually refers more to how the passwords are handled and encrypted than the actual encryption itself.

Re:ssh

Bootstrapping crypto trust is an interesting problem if you start it by voice and don't rely on a trusted 3rd party.

give everybody a one time pad written on silk and have them eat the strip with the key on it after they use it ;)

Or at least that was an effective approach in ww2

Re:ssh

If the host is compromised, all bets are off. Then you could just as well install your own root CA and MITM any SSL connection that uses CA key authentication. If the host isn't compromised, DNSSEC prevents (undetected) MITM attacks on DNS.

Re:ssh

You salt a cryptographic hash, which is a one-way operation. Encryption typically refers to a two-way operation, or the ability to be decrypted.

GP was being funny/snarky, but technically he's correct.

Re:ssh

[lightknight]

Or just use a language that no one outside your country could possibly know.

Re:ssh

[hairyfeet]

But don't forget the flip side of that argument, the BOFHs that make things so much of a PITA either the users are gridlocked and can't get dick done or they actively go out of their way to break the security just so they can work.

I'll never forget an old programmer friend of mine who told me about taking some of the students he was teaching over to check out this big corporate software firm. on and on and on the BOFH giving the tour talked about how incredibly secure his place was, with crazy password rules and just one nasty thing after another until mike said "You give me 15 minutes in this place and I bet you $100 and a steak dinner i CAN get into your systems".

Well sure enough the BOFH took him up on it and let him loose for 15 minutes while he took over the tour. In 10 he was back with a dozen working username/password combos, including one for one of the higher level guys that would have pretty much given him the keys to the kingdom. When the BOFH demanded he show him how he did it, know what he did? he just went and started flipping keyboards and there were the passwords because nobody could keep up with them thanks to his crazy rules.

So its always a balancing act between making a secure system and making an unusable one. After all you could make a corp the most secure system in the world by simply cutting the power to the PCs and locking them in a vault but they wouldn't be doing the workers much good then, will they?

Re:ssh

[pakar]

Yes, the formulas taste much better with a bit of salt.

Re:ssh

[garyisabusyguy]

Kind of a shaggy dog story there, the alternative shaggy dog story to yours is that (as of 1999, I'm old) the only way to make a Windows NT server meet B2 security requirements was to remove the network card, keyboard and monitor and keep the machine in a locked room with no physical access.

In context to the story, the thing that slays your dragon (complex passwords, etc) is a token system like openid, which is aided in great length by integrated private key exchanges

The push back that you will get at this point is from executives (OpenID is EXPENSIVE) and BOFHs (key exchanges make your head hurt), but it is always fun to torment those groups, particularly after you discover that some knucklehead has used your SAN to store DVDs on

Re:ssh

[jonwil]

Replacing SSL as an encryption standard is not necessary. (at least if you don't use the variants vulnerable to that BEAST attack)
What is necessary is to replace the system of certificates with a new way to validate that the computer you are connecting to is the one you think you are connecting to, one that doesn't have the costs usually associated with SSL certificates and one that isn't vulnerable to compromise of a single CA ala DigiNotar.

Re:ssh

[flink]

He was probably referring to an initialization vector, which in a block cipher plays a similar role to salt in a hash, making it harder to analyze.

Re:ssh

Physical tokens can be stolen, which is why some smartcard readers require a PIN-code (which you of course can get by using a $5 wrench).

Try again.

Re:ssh

Not as it stands. SSH has no viable *authentication* infrastructure for personal keys, and no key expiration or revocation for host or personal keys. And all, I mean *all* of the clients and key management tools enable and support passphrase free local keys by default. Given the horrible security most internal networks have because they "trust the people they work with" and the prevalence of rootkitted laptops going into and out of those "trusted" environments, and the prevalence of admins who rely on personally stored passphrase keys for direct root access to remote core servers, it's like having an armored door in a wall made of cream cheese.

Those problems aren't new: they were pointed out with the first ports of SSH-1 and SSH-2 from Tatu's formerly GPL published code, and with the first early ports of OpenSSH. (I sent in code to all of them.) The last time anyone pointed this out to Theo de Raadt he called them names. (Theo is the primary author of OpenBSD. That OS manages OpenSSH and tries to never, never, never admit that it wasn't actually written by them.)

Such flaws are also not hard to fix, but they require fundamental changes in basic usage. As long as the primary maintainers can't be bothered and teach "make your computer secure, then no one can steal your keys" as their basic security approach, most people will people use their SSH keys as a glorified plain-text password file.

Re:ssh

[icebraining]

http://convergence.io/details.html

Re:ssh

[hairyfeet]

But you just wrote why you are a hell of a lot more likely to run into what Mike saw than a sensible work environment (hint: OpenID is EXPENSIVE) so instead of coming up with a sensible plan they will instead let the BOFH use what he already has (the ability to be a prick about passwords) which frankly is worse than no security at all.

The scary part is how many systems are wide open thanks to stupid BOFH tricks. I used to do some work on the side for a guy that did a lot of subcontracted work for hospitals, do you have ANY idea how many of those either have the head nurses having ALL the doctor's codes or even more often the nurses teaching how to get around the BOFH passwords? The first time I worked in the hospital I came back with just a look of shock and told my mom (who is a retired charge nurse) what i had seen and she was "Oh yeah, we did that ALL the time! See you just change your password 4 times and then you could go back to the password you had, so I showed that trick to ALL the doctors! Most just use the number off their ID badge or their social you know" and i just stood there shocked.

By using an insane security schema all you do is disable all your security because thanks to the "smart cow situation" all it takes is ONE to figure out how to get around the bullshit and it spreads like wildfire. That is why I have always warned by business customers to NEVER use crazy BOFH security schemes, instead talk to the employees and work out something both they and you can live with. Because otherwise frankly you may as well not have any security at all for all the good it'll do you.

How is this quantifiable in any stretch?

[colin_faber]

If you think about it, the issues with key infrastructure are nothing new, they've been there since day 1, and in fact the same can be said about the micro-controllers which are now being regularly exploited by big brother.

User/Device security is no more or less "secure" than it was back in 1995, actually I'd argue that it's getting better as it's more widely adopted (when was the last time you used rsh?). In general it's always an evolving process.

We still don't have a practical way of breaking high bit crypto, and in general I feel plenty safe with my 1024 bit ssh connections to my LAN machines =)

Re:How is this quantifiable in any stretch?

I guess you safely manage your authorized_keys file then, right?

Re:How is this quantifiable in any stretch?

[colin_faber]

Of course, posted to pastebin and regularly updated for all to see =)

Re:How is this quantifiable in any stretch?

[mpfife]

| User/Device security is no more or less "secure" than it was back in 1995,

I disagree. The amount of compute time rises dramatically each year (Moore's law), it is not good enough to simply 'tread water' and just upping the key length are sufficient. New techniques and systems are constantly being built to attack these methods. While I'm not saying SSH is bad or outdated, I'm saying that cryptanalysis and raw compute has not stopped chipping away at the corners and weak spots. What if at 51200 bit security, we find an aweful and damnin patter appears in the math? We still cannot prove that any of these particular methods for cryptography today couldn't be completely broken wide open with a numerical discovery tomorrow (while we are pretty sure it can't).

We mustn't fall into the trap of thinking that what is good enough today is good forever. Have as many irons in the fire being tested and competing is the best way for your protection today and tomorrow.

Re:How is this quantifiable in any stretch?

[colin_faber]

Right but we're no where near that point. Even 128 bit keys are huge mountains to climb with the most powerful systems on the planet.

I don't think anyone is saying that security research in the realm of computer science is settled, but saying the sky is falling and security hasn't kept up with improvements in overall compute power is false.

Just like today, back in 1995 if keys were stolen then you have a chance of being exploited some how. Is there a better method to prevent such problems? Probably, but it's a MINOR issue.

In most cases attackers don't bother with crypto systems, in favor of much lower hanging fruit (such as insecure web servers, sql injection exploits, etc).

Re:How is this quantifiable in any stretch?

[vlm]

We still cannot prove that any of these particular methods for cryptography today couldn't be completely broken wide open with a numerical discovery tomorrow

I think there's some pretty impressive proofs that prove breaking factoring would have some pretty wild implications across mathematics. You could keep it secret for awhile, but math advances have a way of sneaking out and being detected in applied sciences. Maybe rephrased it would be hard to break all of modern crypto without making life extremely exciting for most mathematicians, not just cypherpunks.

For a good, kind of sci-fi far out laugh, maybe not realistic, but would be cool if it worked out that way, look at some combinatorial/bit stream physics (which I acknowledge is not entirely mainstream popular in physics). What if broken factoring means the sun collapses into a black hole due to that physics theory, just like 2+2=5 would imply all kinds of whacked out gravitational effects if it were true. It is possible if something provable in a bit stream physics theory had some interesting and measurable quantum effect that depends inherently on factoring not being broken, then you could perform a physics experiment to prove factoring is not broken. But before you get overly excited, this line of reasoning is more than a little sci fi ish. If you hate the idea of bit-stream physics thats OK, substitute in another physics theory where factoring could be an operator. But you insisted its somehow not provable that crypto is unbreakable, and at least in theory there exists a whacked out roadmap to prove factoring is not broken that could be verified by a physics experiment so I felt the need ...

Re:How is this quantifiable in any stretch?

[Sloppy]

If you think about it, the issues with key infrastructure are nothing new, they've been there since day 1

And that's why PRZ started trying to address it, many years before ssh existed. But for some reason in 1995 people decided to not build upon the current (1988-1990, roughly) state of the art in establishing key trust, or the lack thereof, or the realistic acknowledgment of degrees of trust that exist in between "I'm sure" and "I have no idea."

People wanted it dumbed down into incorrectly telling users "be sure" in cases where they would have no reason to actually be sure. And now their shocked that after programming the computer to lie by oversimplifying things, sometimes it does lie by oversimplifying things.

Re:How is this quantifiable in any stretch?

s. While I'm not saying SSH is bad or outdated, I'm saying that cryptanalysis and raw compute has not stopped chipping away at the corners and weak spots. What if at 51200 bit security, we find an aweful and damnin patter appears in the math? We still cannot prove that any of these particular methods for cryptography today couldn't be completely broken wide open with a numerical discovery tomorrow (while we are pretty sure it can't).

That's why (Open)SSH supports DSA, RSA, and more recently, ECC, for keys. No one is standing still:

  * Implement Elliptic Curve Cryptography modes for key exchange (ECDH)
      and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA
      offer better performance than plain DH and DSA at the same equivalent
      symmetric key length, as well as much shorter keys.

      Only the mandatory sections of RFC5656 are implemented, specifically
      the three REQUIRED curves nistp256, nistp384 and nistp521 and only
      ECDH and ECDSA. Point compression (optional in RFC5656) is NOT
      implemented.

      Certificate host and user keys using the new ECDSA key types are
      supported - an ECDSA key may be certified, and an ECDSA key may act
      as a CA to sign certificates.

      ECDH in a 256 bit curve field is the preferred key agreement
      algorithm when both the client and server support it. ECDSA host
      keys are preferred when learning a host's keys for the first time,
      or can be learned using ssh-keyscan(1).

http://www.openssh.com/txt/release-5.7

Ditto for D/TLS: the newer revisions are adding new algorithms.

Re:How is this quantifiable in any stretch?

So the rules don't apply until we figure it out?

Is that Acme physics? Run off the cliff in mid air as long as you don't notice, *then* you fall.

So as long as we don't discover anything different, we're safe..... Are you religious?

Re:How is this quantifiable in any stretch?

[vlm]

So the rules don't apply until we figure it out?

I'm not even sure what that means in context.

Are you religious?

LOL. Yeah, that's me, the prophet of /. Would you like to worship me?

Re:How is this quantifiable in any stretch?

[Hatta]

The amount of compute time rises dramatically each year (Moore's law), it is not good enough to simply 'tread water' and just upping the key length are sufficient.

There's a limited amount of energy in the universe, and a lower limit on how little energy you can use to do a calculation. Even the most optimistic estimate will show that brute forcing AES-256 will consume all the energy in the visible universe.

I'm saying that cryptanalysis and raw compute has not stopped chipping away at the corners and weak spots.

Which is good, there's a lot fewer corners and weak spots now than there was in 1995 because of all that work.

What if at 51200 bit security, we find an aweful and damnin patter appears in the math?

That's no more likely to happen now than it has been in the past.

Re:How is this quantifiable in any stretch?

[cryptizard]

Factoring is not believed to be NP-complete so it would not have the kind of widespread implications you are talking about. Not that it wouldn't be an important discovery, but it would not prove P=NP or anything like that. It is one of a few candidates for the complexity class NP-intermediate. There were originally more of these that were eventually found to be in P, so I don't think it would be earth shattering (from a pure mathematics perspective) if factoring were also found to be in P.

Re:How is this quantifiable in any stretch?

[cryptizard]

Not that I agree with the GP, but from a cryptographic standpoint that is not really diversifying since all those schemes are based on the the hardness of integer factorization or discrete logarithm (which are intimately related, algorithms for one usually imply similar algorithms for the other).

it's because people don't value it.

I try to get my college buddies to send me encrypted email, and it's the same story, "Dude, just use Facebook like everybody else". I have a Facebook but stopped using it because I don't want FB snooping all my communications!

Privacy disappears because people don't value it. If they did, they wouldn't be using Facebook for all their communications. If they cared, they'd be using encrypted point-to-point VOIP for voice, not Skype. If they cared, they would be using OTR and Pidgin for chat.

Slashdot peoples care, but outside that crowd, people value convenience, not security or privacy. That's the only way so many privacy-violating services have become so huge when there are alternatives that preserve your privacy.

98% of people in the 22-29 year old age bracket now use Facebook. Most of those use it as their primary means of communicating with friends, and you're now considered "abnormal" if you don't have a Facebook. Even if you explain it to them the pitfalls of FB they don't care.

Until people start to care about their security and privacy, they won't have any. You have to vote with your actions.

Re:it's because people don't value it.

Well said. It's unfortunate, but if anyone requires Facebook or something similar to communicate with me, I don't want to communicate with them.

Re:it's because people don't value it.

[Vellmont]

Don't worry. Eventually there will be a huge FB breach of privacy story where FB starts selling all your info to the highest bidder. People will be outraged, FB will try to spin it into a non-story. Then another one will happen. Eventually people will over-react and FB will become the new Microsoft, with large amounts of people openly hating them. But unlike Microsoft the don't really have any powerful monopoly on anything where people can't just use something else. Eventually it'll suddenly become cool to NOT have a FB account, and people will turn to some other form of socialization online.

Re:it's because people don't value it.

Skype is end-to-end encrypted.

Re:it's because people don't value it.

[Yvanhoe]

I scared a group of doctors telling them "I guess that you have some facebook friends who are former patients. I am sure that the list of your friends that are not health professionals is worth something to insurance companies."
"but they would not! It would be illegal!"
"In your country it is (we were in Japan) but which jurisdiction is Facebook operating in? Are you sure it is illegal there? Do you even know how Facebook makes its profits?"
When I had this discussion I was already thinking I should just surrender, stop clinging to privacy, just stop caring, put my emails on gmail, my personal files in the cloud and vamos...
But one doctor there said that she was very happy that an IT professional gave them these advices and pointed the issues they were not suspecting.
I wonder if we won't see, in the next years, a facebook scandal that will reveal to the world the kind of things that us geeks keep shouting to everyone. Most people are simply not aware of how much they are screwed.

Re:it's because people don't value it.

[Cid+Highwind]

Privacy disappears because people don't value it. If they did, they wouldn't be using Facebook for all their communications. If they cared, they'd be using encrypted point-to-point VOIP for voice, not Skype. If they cared, they would be using OTR and Pidgin for chat.

WHAT alternatives? Where's a one-stop "download client (available for all major desktop/mobile platforms, of course), punch in your buddies' pseudonyms, and start an encrypted point-to-point VOIP conference" alternative to Skype? Where's Diaspora? (I know, perpetual beta) Where's crypto-twitter?

Until people start to care about their security and privacy, they won't have any. You have to vote with your actions.

There's a slight problem with that: network effects mean that the value of a communication channel scales with some power of the number of people who use it. Kim Kardashian (thanks to her huge twitter following) probably has more "votes" than all of Slahdot put together.

Re:it's because people don't value it.

[jareth-0205]

Privacy disappears because people don't value it. If they did, they wouldn't be using Facebook for all their communications. If they cared, they'd be using encrypted point-to-point VOIP for voice, not Skype. If they cared, they would be using OTR and Pidgin for chat.

It's all very well sitting there talking about people not caring, but people have other things to do, and frankly it's not unreasonable to want methods of communication to be as easy as possible. Skype became popular because it worked behind firewalls without configuration when all other VOIP needed ports forwarding and other fiddling. Facebook took over messaging because it is similarly much easier to find and keep track of people without managing your own address book for hundreds of changable addresses. I honestly *still* don't know how to do encrypted email, it's just not clear.

We as an industry haven't given people easy ways to do these things. It is *our* fault, not theirs.

Re:it's because people don't value it.

[NatasRevol]

The names will change.

I doubt the security level will.

Re:it's because people don't value it.

[betterunixthanunix]

There's a slight problem with that: network effects mean that the value of a communication channel scales with some power of the number of people who use it

Which is why standardized protocols are so great. Email is immensely popular, not because Email, Inc. has lots of users, but because anyone can implement email -- there is no monopoly, just a good protocol.

Too bad social networking systems try to divide people by not interoperating.

Re:it's because people don't value it.

[NatasRevol]

Kim Kardashian (thanks to her huge twitter following) probably has more "votes" than all of Slahdot put together.

And she gets laid more often!

Re:it's because people don't value it.

[leonardluen]

Eventually it'll suddenly become cool to NOT have a FB account, and people will turn to some other form of socialization online

i thought that happened when your mom and grandma started signing up for facebook.

one of the reasons facebook originally won people over from myspace because it was more exclusive, you had to have a .edu email address to signup. now they let anyone in.

Re:it's because people don't value it.

[ethanms]

I don't value it because I have nothing to say via email/chat/etc that *needs* to be secure or protected typically. The information is either public, unimportant, or otherwise reasonably obscured.

Re:it's because people don't value it.

See, we've been waiting for years for that to happen. It never does. Sure, there are breaches, and some of them made you think "they've got to see the light now", but they never do. The big one just doesn't happen. There's a reason for that: If almost everybody is affected, the damage must be mitigated. The option of saying "I told you so" and leaving them with their losses just doesn't exist. It's the "they can't put us all into jail" thing. There may be other breaches which screw just a few selected victims really badly, but those breaches obviously don't worry the masses, like very few people worry about being wrongly deported to Guantanamo Bay.

The masses will always be OK.

Re:it's because people don't value it.

Yep. Facebook is basically Cartmanland

Re:it's because people don't value it.

[EvilBudMan]

Yeah like /. and the names will be changed to protect the guilty. Damn it ain't no fun waiting around to be a millionaire.

Re:it's because people don't value it.

Slashdot peoples care, but outside that crowd, people value convenience, not security or privacy

The people who use Facebook as a substitute for email do so precisely because it's public.

Re:it's because people don't value it.

Yep but the skype people have a backdoor, which has been shown to exist, so it's not encrypted from them or anyone they say can listen in.

Re:it's because people don't value it.

[Bill,+Shooter+of+Bul]

There is a group of lawyers I know here in the US that requires its lawyers to conduct research on their facebook friends. The post fake updates and try to provoke responses from they're friends to see what kinds of arguments work on people of various backgrounds.

When I learned of this, from a lawyer involved, I contacted the FTC and the EFF, but never heard back. Apparently its legal, or no one reall cares enough.

Re:it's because people don't value it.

[bcrowell]

I try to get my college buddies to send me encrypted email, and it's the same story, "Dude, just use Facebook like everybody else".

Your friends are perfectly sane not to bother with encrypted email. There are two serious problems with encrypted email: (1) poor ease of use, and (2) network effects (i.e., it's not useful unless lots of people use it, but people won't use it because it's not useful).

#1 is actually not easy to fix, because it's inherently difficult to manage a public/private key infrastructure. This inherent difficulty shows up in the fact that the software is much too hard for the typical user.

#2 is also basically impossible to fix.

For these reasons, email is always going to be an insecure medium, just like postcards are always going to be insecure. If you need more security, use snail mail, which is highly legally protected in the US and is not run by telecoms that are only too happy to shit on the constitution.

Re:it's because people don't value it.

Don't worry. Eventually there will be a huge FB breach of privacy story

No there won't. William Binney already laid out what's going on, and nobody cares. Every telephone conversion you made, every web site you visited, every jpg you downloaded, and every email you sent and who was on the other end of each of those things since 2002 is in storage and perusable by any three-letter agency that wants it and nobody cares. Nobody cares that their information is bought and sold, and nobody cares that their constitutional rights are being violated by the government when it spies on everything and associates personal identifiers with every piece of data it stores. Nobody cares, at least not enough to delete their FB pages or to demand that administration officials and congressional representatives be jailed for the goverment spying.

Re:it's because people don't value it.

[tlhIngan]

We as an industry haven't given people easy ways to do these things. It is *our* fault, not theirs.

Exactly. Even in the geek world this is true.

Want to know why SSH is the premier protocol for remotely doing stuff? Because it does it all so easily. If you used rsh, or telnet, forwarding an X session was fraught with danger and extremely tricky, having ot mess with xhost or other xauth crap.

With SSH, you just add -X. Done. Easy.

Ditto with proxying - SSH supports SOCKS or manual port forwarding. The other protocols require running programs manually - they can't tunnel traffic through an existing connection (also handy if you're firewalling stuff - it's easy to just open one port for your SSH server rather than many).

When it's easy to do, people will do it.

Re:it's because people don't value it.

[Hatta]

Eventually there will be a huge FB breach of privacy story where FB starts selling all your info to the highest bidder. People will be outraged

How will it be different from all the other times that FB has commited a huge breach of privacy, and people kept using it? If this were likely to happen, wouldn't it already have happened?

Re:it's because people don't value it.

I think thats because she is a sleaze, not because of her twitter following

Re:it's because people don't value it.

[MightyYar]

Privacy disappears because people don't value it.

This makes sense - humans did not evolve with privacy, it is a modern concept. As such, even if it had a tangible value, people would do a terrible job assigning a value to it.

Re:it's because people don't value it.

[Inda]

"you're now considered "abnormal" if you don't have a Facebook."

I disagree.

My very non-geek friends don't use it. They're old school and prefer the phone and knocking on doors. My not using Facebook is seen as normal to them.

The middle ground associates, who think everyone is on Facebook, often look puzzled when I tell them I don't use it. You can see the thought process going on: Inda doesn't use it, and he's Mr Geek, why doesn't he use it? Is there something better? No one asks though. They've learnt not to talk to me about computers as I'll carelessly take the conversation to another level, and that that alienates everyone.

It's changing - slowly changing. Keep nudging. Keep suggesting small changes. People will follow if you don't go full geek.

Re:it's because people don't value it.

[Antique+Geekmeister]

Oh, it certainly exists in other species. Even unsophisticated animals have dens or hunting grounds, turf that they protect from members of their own species and try to conceal both from other members of that species.

Re:it's because people don't value it.

It hasn't been cool to use Microsoft products for quite a while, people are still using it.

Besides, you're speaking as if people actually cared about privacy. If they did, the OP wouldn't have anything to complain about in the first place...

Re:it's because people don't value it.

[MightyYar]

I never said it didn't exist in other species, though I'd characterize your examples (dens and hunting grounds) as a physical protection mechanism and scarcity coping mechanism, respectively. The concept of "privacy" as we know it today simply couldn't exist in a nomadic culture with small populations... everyone is going to know everything about everyone else.

Re:it's because people don't value it.

[icebraining]

Some do interoperate; my instance of StatusNet sent and received messages from Identi.ca just fine.

The problem is that no one is there, and thsoe who were, left. Compare:

http://identi.ca/timbl with https://twitter.com/timberners_lee

Re:it's because people don't value it.

I gather, you are not in the 22-29yo range either.

Re:it's because people don't value it.

[Antique+Geekmeister]

I've no idea where you get the idea that in a nomadic culture, "everyone is going to know everything about everyone else". Even in a small family or among roommates, some personally owned space and possessions is vital. It's reflected in other species, so it's certainly part of how we evolved, socially if not physically. To say that a nomadic group "knows everything about everyone else" is as strange a concept as to say that nomadic groups "live in tune with nature". It's not borne out by observation, or by observing other species with similar practices.

The complexities of privacy that are common in civilizations, where people in cities have high population density, are greater. I'll certainly agree with that that. Bringing it back around to SSH and system security, a tight knit physical and social community can have lower privacy standards because it's so easy to simply "peer over the cubicle wall", so excess privacy is a pointless waste of resources. But the existence of predators, or of vermin who will nest in one person's personal workspace and reach out to infest the entire group, is a given. The previous lack of expensive privacy is now an opening for attack vectors, and they are constantly being probed.

Re:it's because people don't value it.

[MightyYar]

.I've no idea where you get the idea that in a nomadic culture, "everyone is going to know everything about everyone else".

Think about it. You are a nomadic tribesman. Everything you own has to be portable enough for you to carry. You will live in a group with a few dozen people, all who know you by name. They see all of your possessions, as you are always packing them up, carrying them around, and unpacking them. They know exactly when you go to sleep, and who you sleep with. They know what you eat at every meal. Sure, you might occasionally sneak off into the woods and have a liaison with someone, people probably went behind a tree or something when they had to defecate, and you could probably come up with other things done in secret. But I don't think that's really what we are talking about when we are discussing privacy; Google is not following you into the bathroom (though I hear a lot of smartphones in there!).

The previous lack of expensive privacy is now an opening for attack vectors, and they are constantly being probed.

Yes, I think this will be a problem for exactly the reason I stated before: we are not predisposed to value privacy - it has to be taught. In a way it is similar to hygiene... in theory we know exactly how to stop the common cold, but we don't have any predisposition towards washing our hands or keeping our hands away from our face.

CEO of Security Company warns of security dangers

CEO of Security Company warns of ever-increasing security dangers ... suggests own company's auditing tool to combat it!

People don't understand what security is.

[gurps_npc]

Let's start with a basic, real world example.

I have a home. On this home there is a lock.

Now, an ignorant fool might think the lock is there to keep other people out. Nope, they are wrong. You see, in addition to my lock, I have windows, doors, a roof and floors, and walls. None of them are made of unobatanium.

An intelligent 5 year old child, with no training whatsoever can break my window and climb into my house.

My lock is there fore two distinct purposes:

1. It tells the world that this place is private - that the owner does not want anyone to enter it and will try to punish those that violate it's privacy. It's a sign.

2. It lets me get into my house easily, while making it much more difficult for anyone else to get in without leaving clear and obvious signs that they have trespassed (i.e. a broken window.)

That's what the locks on my home do - notify the world of my privacy and create traceable evidence of a violation of that privacy.

We need to start using IT security for the same purpose. Among other things, that means that when you log on to any website, it should list the last time you logged, and from where (using either an IP address and/or a cookie to identify the device used).

I don't want, nor do I need, an unbreakable password. I want to know when I've had a trespasser.

Re:People don't understand what security is.

Doors are the most convenient way of entering a house, locks make it less convenient. The other options left to you attract attention.

This is also why alarms exist, to attract attention.

Nothing is 100% secure, but something can be made into an extremely inconvenient target, which compared to a neighbouring house (or system) protects you.

Survival of the fittest.

Re:People don't understand what security is.

I don't want, nor do I need, an unbreakable password. I want to know when I've had a trespasser.

That's all well and good - until someones changes your lock; You know you've had a trespasser, but you can't do anything about it.

Re:People don't understand what security is.

[gurps_npc]

Like I said before, an intelligent 5 year old child can break into my window and climb in.

I am older than 5, and I'm pretty smart, so changing the lock doesn't do much. Maybe if they tried to get my title revoked, that would be a different thing.

But if you want an IT It's really not that hard to set up security to a) notify you of an attempt to change the lock immediately and b) ensure that the old password works for a period of 1 week after you changed it - as long as it came from any approved computer that you had used at least a month before changing the password.

That's just one way. There are lots of really good ways to prevent passwords being changed by anyone but the person that set it up - particularly if you don't demand a secure password. You could have the account send you an email and a snail mail letter with the new password (to all addresses listed as your current address within the past month.)

Re:People don't understand what security is.

[DeeEff]

I'm going to try this right now. I'm going to break into my neighbour's house, and change all the locks on all their doors and windows. Each one will require a different key. It may be expensive, but it'll be interesting.

I suppose I could booby trap the home and steal the TV remote for good measure, but I'd like to see how they cope. I'll leave a key to each room hidden somewhere and they can start with a key that I'll tape to their back door. They have to unlock every single door in order to solve the final puzzle. Hell, I think I just came up with a way to have endless fun.

All I'll need now is to video stream it using a Raspberry Pi and I can make an entire story on Slashdot about it too!

Re:People don't understand what security is.

[vlm]

Good analogy but you're missing the wallet/pocket analogy which is much better.

My wallet is easy to grab out of my pocket, but you have to invade my personal space to do it, so its incredibly inconvenient and each attempt is painfully obvious to me and only a few people in the world at any given instant, all of whom must be hyper-local and in my legal jurisdiction, can stick their hand in my pocket to fish around for my wallet, at any given time. Sure, a Russian gangster can get my wallet... but he has to travel to me first.

This is the best analogy to the internet, in fact the core technology is oriented purposefully around preventing a situation like this. Sometimes the most obvious solution is hardest to see... a "wallet" and/or "pocket" concept just doesn't work on the internet. Simple, huh?

Its not the techie's problem to find a way to install horse's reins on a starship helm control board.

Re:People don't understand what security is.

[amorsen]

2. It lets me get into my house easily, while making it much more difficult for anyone else to get in without leaving clear and obvious signs that they have trespassed (i.e. a broken window.)

A small minority of locks fulfill that purpose today. The majority can be opened quickly and easily. If you are lucky, an expert can detect that the lock was forced.

For some, the convenience of being able to call a locksmith and get in easily if you lose your keys outweigh the risk of having to try to prove to an insurance company that you did not leave the door unlocked.

Re:People don't understand what security is.

[Vellmont]

The problem with your analogy is that your house doesn't need to be super-dupe-secure because nobody has invented anonymous, instantly replicable robots that roam the countryside looking for open windows, and equipped with high speed glass cutters, valuable item detectors, and phone-home capabilities to alert a human when further action is warranted. This is routing on the internet.

This is the threat to you email address or bank account has to deal with. In your home you merely have to deal with the people around you who might rob you, and the occasional opportunistic criminal. On the internet, everyone is basically the same distance from everyone else, automation is cheap, and anonymity is common. Think that might lead to the need for more security than easily breakable glass windows? If all my shit is gone from my house, but my window is broken, I'm still not terribly happy that the thief was kind enough to let me know through the broken window.

Re:People don't understand what security is.

[element-o.p.]

Yes!!! Something like this:
:~$ ssh localhost
${UsernameMunged}@localhost's password:
Last login: Tue Jul 24 08:43:58 2012 from ${HostnameMunged}
:~$

...would be great. I've always appreciated the "last" output with SSH; it never occurred to me to include it in web sites as well <embarrassed>

Re:People don't understand what security is.

[ethanms]

Love the analogy.

You cannot duplicate a house with no evidence of the duplication, so the evidence of entry is preserved. How do you accomplish this with a digital object that can be trivially duplicated? You're talking about revamping everything we have to treat packets (let's just focus at that level I guess) as unique objects which cannot be duplicated (or at least not with modifying the original such that someone will know it was duplicated).

The other issue with your analogy... when/if your house is violated it will be a problem for you--documents and other contents may be stolen and used for nefarious purposes. House break-in's are not common, at least most people don't experience multiple break-in's per month, let alone per day or less. If we were transition to your model we may face the equivalent of a house break-in on an hourly or daily basis as our data is intercepted/examined and we are notified.

No... I think it's more accurate to compare data security to an armored car. You build your vehicle to withstand all reasonable attacks it may face.

Re:People don't understand what security is.

[ethanms]

I don't want, nor do I need, an unbreakable password. I want to know when I've had a trespasser.

That's all well and good - until someones changes your lock; You know you've had a trespasser, but you can't do anything about it.

Or they break in and take your cash and other valuables. Great, I know they stole those things, now what? I'd prefer to keep out thanks.

Re:People don't understand what security is.

Physical and virtual security are different, because someone who breaks into your home has to be there physically. An attack on your email account can be executed from an internet cafe in Bumfuckistan. There is a very real chance that a burglar is caught in the act, but even if you notice an attack on your email account while it's happening, the chance of catching the perpetrator is nil. As if that wasn't bad enough, there are also many devices which can be attacked, but with which you never interact directly: your router, for example.

The current computer security paradigm is very much focused on detection: Anti-virus software detecting drive-by downloads, firewalls blocking intrusion attempts, Google warning users of dangerous web sites. You have what you wish for. Is it working?

Re:People don't understand what security is.

[Shompol]

And this is how your home would look some 200 years ago, when security was a bigger issue. This is a typical home in Costa Rica today. And this is how a web server looked 200 years ago, It could withstand an attack from an army of 5 year olds! Just because you outsourced home security to the local police dept does not make your analogy a good one.

Re:People don't understand what security is.

Your argument falls apart with one word. Tor.

Re:People don't understand what security is.

[EvilBudMan]

--I want to know when I've had a trespasser.--

Damn straight. I wanna know that more than being able to completely block everyone.

Re:People don't understand what security is.

[cbiltcliffe]

So somebody breaks in, changes your password, and you change it back from the computer you used last week.
The computer used to break in was used only a few days before, so it's on the approved list to log in with the old password.
You see where I'm going with this?

Under this system, the attacker would gain permanent access to your account, as long as they logged in once a week.

If this is your idea of a "good method" to prevent an attacker from changing your password, I'd suggest the subject line of this thread describes you perfectly....

Re:People don't understand what security is.

[guruevi]

The difference however is that if someone breaks into your house and steals your stuff, you are deprived of the use of these items. If somebody 'breaks in' to your *book, my* or i* they merely duplicate what you already have and usually leave your stuff alone.

I wouldn't mind if an automated robot came into my house and quantum-cloned my car for my neighbor to have one too.

I think in the future we will evolve to go either towards a completely closed society where nothing is connected and everyone keeps everything including knowledge and wealth selfishly or a completely open society where nobody (especially large corporations and governments) don't have ANY privacy or secrets and money is of no value.

Re:People don't understand what security is.

[icebraining]

If someone breaks into your email account and starts spamming with it, you may be deprieved of its use (since every server will starting flagging your address), though.

Re:People don't understand what security is.

[icebraining]

Gmail does it: http://support.google.com/mail/bin/answer.py?hl=en&answer=45938

Re:People don't understand what security is.

Bravo. The most intelligent observation of the ridiculous mess we call security I can recall reading in ages.

Re:People don't understand what security is.

[Rich0]

The problem is that once you detect an intrusion, what do you do about it?

With your home you can call the police, who will pursue the burglar and potentially catch them. Breaking into a house is a high-risk activity - if somebody spots them the police will be on the way quickly. Break into enough houses and you're likely to get caught - and your haul is just whatever is lying around and easily carried off. If you find a ton of jewelry maybe you'll do OK (though it has limited resale value), but hauling off huge plasma TVs is both difficult and quite detectable (and those have limited value too). If it turns out you have a priceless piano I doubt a burglar would even bother with it.

Contrast that with a computer intrusion. Suppose you can detect it? That will tell you that a bunch of data on a server was transferred off to some remote IP address. Chances are the owner of that IP address has nothing to do with it, and chances are they aren't security conscious - it might even be some grandmother with a virus on her home PC. Likely that connection went around the world three times before it got to your sever, and the intruder could very well be in some country with police who aren't going to be of much help. The attack might even be state-sponsored, though nobody would ever acknowledge that.

The internet is like one big bad neighborhood - you're just a few hops away from anybody on the planet, and even fewer hops away from the first router completely outside of your own government's jurisdiction.

And knowing you've had an intrusion is of little use if the data you're guarding is important. Great, so you know that your plans to buy some company are now on the internet before you have a signed offer - now the value of that company is up 50% and it will cost you a few billion dollars more to buy them.

He's right

[93+Escort+Wagon]

And here's an example: I remember when, a few years ago, a new version of a supposedly secure communications tool would let a person connect to a valid account by using any two letters as the password...

Security getting worse

[mpfife]

I would largely agree. Unfortunately, I believe it is because real security - cryptography and end-to-end security and privacy - are very difficult, and hence, very expensive to develop, implement, and test. My experience with such coding is that it's every bit, if not more, rigorous as code written for medical devices or flight control software. It simply has to be bulletproof. Any one hole in the theory, algorithm, or implementation - and the whole thing comes apart. Learning about all those possible holes and plugging them is a herculean task. One can point to the near constant stream of security patches for every browser, app, and OS on the market. And these are the best-funded commercial enterprises around.

Another huge problem is the 'meh' attitude people have towards their personal information. We throw our data around so willy-nilly on smart phones and social networks. We check in places that tell everyone where we are (or are not http://pleaserobme.com/ ), publicly publish our most intimate family and friend relationships, report where we live and work, we even identify people to image recognition software. One expert I heard said that he could not imagine a more dastardly personal information monitoring system than Facebook. And we WILLINGLY give that information away. Google reads your emails and all the documents you upload to their 'free' services. Websites use everything they can to target ads at you, etc.

The unfortunate part, as my CS security professor pointed out, is that by the time it crosses an ethical line - it's nearly impossible to stop. Even worse, what if the company you gave all that info too gets sold to a very un-scrupulous person in a country with no protections? What if your government is taken over and they raid these databases for information about dissenters? All of these things are real, happen today, and yet we consider it more important to be able to brag to our friends and family what we had for dinner last night than protect ourselves.

Tatu Ylönen has garnered fame ...

[chad_r]

Tatu Ylönen has garnered fame in technology circles as ... the dick who tried to trademark the term SSH in a move to try to shut down OpenSSH as a free alternative to their commercial product.

Re:Tatu Ylönen has garnered fame ...

[PolygamousRanchKid+]

"SSH" is definitely worthy of a design patent. Look at those "curved corners" of the "S" . . . artistically contrasted against the sharp corners of the "H".

A lot of creative intellectual property work went into that, and the creator should be rewarded with all rights to that.

The estate of the late Heinrich Himmler has challenged this in court, however.

Re:Tatu Ylönen has garnered fame ...

Sorry to spoil the joke, but the SS-Runes had no cuves, only straight lines and edges.

Re:Tatu Ylönen has garnered fame ...

no cuves, only straight

Is it, "Wofür die Untergang der Sturmabteilung?"

Re:Tatu Ylönen has garnered fame ...

[V+for+Vendetta]

"Wofür die Untergang der Sturmabteilung?"

You're obviously confusing the SA (Sturmabteilung) with the SS (Schutzstaffel) ... ;-)

ssh is the reason for insecurity

If IPsec had been made routine and manageable by mere mortals then *everything* running across the Internet could be secure by now. At first everyone would have supported it as an option, then at some point during one of Microsoft's mad security drives, it would have set "IPsec connections only" as default in one of its new operating systems. Businesses would have rushed to make sure that their systems were compliant.

But geeks promote ssh, which involves a mindset of explicitly setting up a tunnel - something the majority of people won't do. And if, as a service provider, you don't care about your client's security, you'll prefer HTTP rather than HTTPS on CPU usage grounds alone.

It's such a fucking shame that the transition to IPv6 hasn't involved a transition to IPv6sec.

Re:ssh is the reason for insecurity

[0123456]

If IPSEC wasn't one of the worst designed-by-committee-throw-in-the-kitchen-sink monstrosities ever produced, it would be more widely adopted.

Just getting two of my Linux boxes to talk IPSEC to each other took a couple of days, because there are about a bazillion different combinations of parameters and if any of them are wrong it doesn't work and doesn't provide any easy means of figuring out why it doesn't work.

It's also a 'security' protocol which allows you to send unencrypted data, so even if you do use it you can't readily prove that you have a secure connection unless you monitor the traffic.

There's a reason why we use SSL and SSH instead.

Re:ssh is the reason for insecurity

Don't mix up protocol specification and implementation. Debug values and error output are specific to your system's implementation.

The design is not ugly at all, it's just utterly complex, so complex in fact that it's impossible to assert its security. It's so complex that it will never be perfectly secure, just because of that. Implementation errors will be common and maybe fatal, but the fact that it won't work if the conf is not 100% correct is IMHO a good security measure, only advanced users who understand how things work should set it up.

Re:ssh is the reason for insecurity

Just so you know, SSL/TLS is perfectly capable of setting things up to let the two sides talk unencrypted too; see TLS_NULL_WITH_NULL_NULL.

On the services side

[gelfling]

No one cares about security. They cover everything with contract language but only to the extent that they could be hit with fines. Beyond that, customers literally do not give a fuck about security anymore. Not if it costs a nickel. And when it does, 4.9999 cents of that nickel goes into excruciatingly dense reporting which no one, NO ONE, ever reads.

Once the IT industry was taken over my lawyers and accountants, it's been downhill into a pool of shit since.

ROFL

im not paying to get some cert
end of story and my users will still enjoy SSL https....

"several"

[harvey+the+nerd]

There have been several incidents where someone has stolen from the certificate authorities.
Let's see, who would want that that much to do the breakins? NSA, FSB, RIAA, MPAA, Chinese state sec...

Re:"several"

Or just anyone of the scammers that run fake bank-sites etc...

Some DNS spoofing of routers and get them to download an alternative firmware that will forward all the traffic for the wanted bank's to your own server is not that hard... And being able to sign a few bank-certs yourself it makes it quite easy to get away with this...

Re:ssh--What does Tatu YlÃnen know about this

[CrowdedBrainzzzsand9]

What does Tatu YlÃnen know about this? It only took 20 years for his security tool to be softened by hackers. It takes almost, um, minutes for a new Apple ios to be jail-broken. Never mind.

I read that headline wrong...

[eternaldoctorwho]

...and left out the word "says" in my mind. I thought, "Oh no! I hope he'll be okay!"

apparently, others are more rational

[kenorland]

You're typically irrational about privacy, but focusing on Facebook.

In fact, it makes little difference whether Facebook snoops on your E-mail in order to show you ads; there's little they can do to you, and if they harm you, you can recover damages.

What should concern you is that governments and law enforcement get ever increasing access to your data, and the false positive rate for their data mining techniques is doubtlessly high. And when they drag you away in some pre-crime effort, you have little recourse. Yet, politicians successfully stoke the fear of companies like Facebook while at the same time creating laws that let government and police intrude ever more into our private lives.

Until people like you actually start getting a clue, acting rationally, and demanding change from politicians, privacy will continue to spiral down the drain.

Re:apparently, others are more rational

[dcollins117]

What should concern you is that governments and law enforcement get ever increasing access to your data, and the false positive rate for their data mining techniques is doubtlessly high. And when they drag you away in some pre-crime effort, you have little recourse.

I think you give them (the governments and law enforcement) too much credit. Where were these crack investigators when James Holmes was stockpiling massive amounts of ammunition, tactical gear, and bomb-making chemicals? He bought them openly on the internet and had them shipped right to his home. He even sent a notebook full of details about his plans, including drawings and illustrations of the planned massacre to a psychologist who worked at the University he just dropped out of.

Security "theater" is just that - a fiction.

Re:apparently, others are more rational

[kenorland]

I think you give them (the governments and law enforcement) too much credit.

I pointed out that data mining by police has a false positive rate that is too high. That says nothing about the false negative rate, which is even higher. So, I'm not "giving them credit" for anything in particular. If you want to be a privacy advocate, you need to understand these concepts.

Furthermore, the US has much stronger privacy protections than Europe when it comes to the government; unfortunately, post 9/11 these are being eroded, by both conservatives and progressives alike.

Re:Hmmm.

Nah, he's probably just from Finland. Oh wait, he actually is.