Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Collapse In the HTTPS Market

Posted by Soulskill on from the many-points-of-failure dept.

CowboyRobot writes: HTTPS has evolved into the de facto standard for secure Web browsing. Through the certificate-based authentication protocol, Web services and Internet users first authenticate one another ("shake hands") using a TLS/SSL certificate, encrypt Web communications end-to-end, and show a padlock in the browser to signal that a communication is secure. In recent years, HTTPS has become an essential technology to protect social, political, and economic activities online. At the same time, widely reported security incidents (such as DigiNotar's breach, Apple's #gotofail, and OpenSSL's Heartbleed) have exposed systemic security vulnerabilities of HTTPS to a global audience. The Edward Snowden revelations (notably around operation BULLRUN, MUSCULAR, and the lesser-known FLYING PIG program to query certificate metadata on a dragnet scale) have driven the point home that HTTPS is both a major target of government hacking and eavesdropping, as well as an effective measure against dragnet content surveillance when Internet traffic traverses global networks. HTTPS, in short, is an absolutely critical but fundamentally flawed cybersecurity technology.

7 of 185 comments (clear)

  1. So offer a cost effective replacement by brunes69 · · Score: 5, Insightful

    Yes HTTPS is flawed. Name one protocol that is not.

    Unless someone can offer a cost effective replacement (IE one that can be deployed and scaled into without breaking existing technology) then the best approach is to continue and fix the flaws as they are found.

    The solution to a problem is not always "throw it away and re-write it". In fact the longer you are around in technology, the more you will realize that this is hardly ever a good idea.

    1. Re:So offer a cost effective replacement by Anonymous Coward · · Score: 5, Insightful

      As with all security, your requirements depend on your threat model. What are you trying to protect against?
      I suspect most of us just don't want thieves stealing our bank passwords, social security numbers, or credit cards.
      HTTPS is probably sufficient for that.
      If you're trying to make sure the NSA can't get at data of yours that it wants, you need something else. What that is, I don't know.

    2. Re:So offer a cost effective replacement by philipmather · · Score: 5, Funny

      Spock. I win.

      --
      Regards, Phil
    3. Re:So offer a cost effective replacement by CastrTroy · · Score: 5, Interesting

      And it's the wrong solution. The solution is that I shouldn't have to send my credit card number to every retailer I want to do business with. The credit card companies and banks should have set up a system long ago so that I can send money to a retailer without having to divulge my private information to a non-trusted third party. Paypal offers something which is halfway in between. I can pay people without having to send them my credit card info. Unfortunately, I have to trust PayPal. It would make much more sense for the bank to be in control of this, since they have all the information anyway, and I would hope that they know how to keep it secure.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  2. broken implementation! = bad protocol by raymorris · · Score: 5, Informative

    OpenSSL's heartbleeed bug was a bug in openssl, a buffer overrun that didn't really have anything to do with ssl. A similar bug in any other server software would be approximately as bad. Where https protocol specified a ping, openssl instead leaked the contents of arbitrary memory locations .

    Apple's goto bug was Apple's bug. Again, little to do with the protocol. Ssl/tls/https didn't fail here, the company failed to implement https.

    The one "fault" of the protocol in the cited cases could be that it isn't brain-dead simple. Since the standard isn't idiot-proof, idiots can screw it up.

  3. Folks.... by Anonymous Coward · · Score: 5, Interesting

    It's not HTTPS that's insecure, it's the current certificate authenticity chain.

    Eliminate that chain, work out a public exchange and verification program (something akin to bittorrent for
    gpg signed certificates from other people you trust.) and plug that in in place of the current certificate authority
    model and you're set.

    This does of course require you to have people you trust who have some way to verify they got the 'original'
    copy of the certificate, and doesn't preclude using the equivalent of modern certificate authorities if desired.
    It simply provides 3rd party verification if something appears to be up.

    If you need a good example of how this might be carried out, look up 'WASTE', then imagine combining that with slashdot's rating system utilizing the old Kevin Bacon skit about 6 degrees of separation. That should provide secure peering with a layer of trust model that would dwindle the farther away from you a 'trusted individual' is positioned. It's not as 'cheap' in terms of cpu, disk space, or memory requirements as the current system, but it would be harder to exploit than the current centralized system.

  4. HTTPS is not flawed by Aethedor · · Score: 5, Insightful

    From a technological point of view, it's a good protocol. It works and when implemented correctly, it's very secure. However, a PKI is not much about technology. It's mostly about organisation. In other words, it's not about PK, but all about I.

    And that's were most things go wrong. Yes, Heartbeat was about technology, but people who paid attention moved away from OpenSSL a long time ago. There are more than enough alternatives. GnuTLS and PolarSSL for example. Apple's gotofail was also about technology, but name me one piece of software that is 100% bug free.

    The real problem with HTTPS is how it's organized. When I install a browser (or get one via the OS), I also get a shit load of CA's which I'm supposed to trust. CA's from China, Turkey, Taiwan and other countries from which I don't even speak the language. I will never need a certificate from one of those CA's, because I will never need a secure connection with any website protected by their certificates. If the people from Iran were wise enough to realize that they don't need Diginotar because they don't speak Dutch, they would never be at risk because of Diginotar's epic failure. The first thing I do when installing a web browser is get rid of all the irrelevant CA's. Just to be sure, just to be safe.

    And that's what's wrong with HTTPS. That's what needs to be fixed. Trust shouldn't be imposed by a browser maker. Trust should be earned.

    --
    It doesn't have to be like this. All we need to do is make sure we keep talking.