How Developers Can Rebuild Trust On the Internet

snydeq writes: Public keys, trusted hardware, block chains — InfoWorld's Peter Wayner discusses tech tools developers should be investigating to help secure the Internet for all. 'The Internet is a pit of epistemological chaos. As Peter Steiner posited — and millions of chuckles peer-reviewed — in his famous New Yorker cartoon, there's no way to know if you're swapping packets with a dog or the bank that claims to safeguard your money,' Wayner writes. 'We may not be able to wave a wand and make the Internet perfect, but we can certainly add features to improve trust on the Internet. To that end, we offer the following nine ideas for bolstering a stronger sense of assurance that our data, privacy, and communications are secure.'

Easy trumps security

[rtkluttz]

As long as "easy" takes precedence, the internet will never be secure. It is absolutely impossible to have security between 2 parties when a 3rd is involved (CA's). It was done that way because it allows people who don't know anything to have SOME trust. But if there are people involved trust will be broken. 2 party authentication is the only way to solve the problems. If people don't know how to get secure credentials between themselves and another party then maybe they need the internet that still has training wheels and padded helmets.

Re:Easy trumps security

[PlusFiveTroll]

>As long as "easy" takes precedence,

Heck, getting it to work in the first place takes precedence over both. There are so many chunks of code were written in the fashion of "This should work, but it doesn't so I'll do it this wrong insecure fashion. 10 hours of messing around and it still doesn't work in the secure fashion, and gets put on the back burner. A year later someone else looks at the code and the original guy goes "oh crap, I forgot about that".

Re:Easy trumps security

[RabidReindeer]

I'm afraid that the appearance of working is all that people really care about.

You can sell "pretty" over functional any day, and "quick" over both, with "cheap" trumping all.

Developers cannot fix this. Not unless they get far more organized than they are now. As long as developers do what management tells them and management's values are as previously described, insecurity and unreliability are going to be the hallmarks of software.

And unreliable software is almost guaranteed to be insecure, so kiss all your private data goodbye.

Re: Easy trumps security

Easy... is that why TFA refers to Facebook in the first content paragraph? I avoid failbook because of the insecurities, not to shore up my own (although I guess this how most use it /sarcasm).

Re:Easy trumps security

[dog77]

If it is not easy, it won't get adopted, and if it does not get adopted what is the point. Ease of use and security need to go hand in hand. We pretty much have to trust 3rd parties. Our computer components, operating system, browser, applictions are made by 3rd parties. I am all for a better mechanism than CA for authentication, but this needs to be convenient. Distributing directly between 2 parties is not convenient. Allowing identifies (public keys) to be managed and audited by public trusted 3rd parties is a great idea, as long as it is distributed and open, so you can go to multiple trusted 3rd parties and get independant validation and audit history of identities.

Re:Easy trumps security

[alvinrod]

It's a vicious cycle though, because on the other end you have users that don't really care about security or taking the time to educate themselves to use technology responsibly. Management could push having a robust and secure product, but by the time its built, someone else will have grabbed most of the market or the market will have changed enough that your product has no where near as much potential.

I think that this is an area where open source software can do better though. If you or I find problems or want to improve the software, we're able to do so. The same can't be said of closed source software and you're at the mercy of the company that makes it.

Re:Easy trumps security

[davester666]

1. Stop trying to grab every last scrap of information from your 'user'. Stick with only what you actually need to provide the service.
2. Stop routing all the data through your servers. Keep it on the user's cell phone.

Re:Easy trumps security

Can't we have both

Re:Easy trumps security

[RabidReindeer]

It's a vicious cycle though, because on the other end you have users that don't really care about security or taking the time to educate themselves to use technology responsibly. Management could push having a robust and secure product, but by the time its built, someone else will have grabbed most of the market or the market will have changed enough that your product has no where near as much potential.

A popular myth that justifies being hasty and sloppy.

Which product defined the PDA? Apple's Newton or the later-arriving and more realistically-designed (for the limitations of the day) Palm Pilot?

How about tablets? Microsoft was doing a tablet years before Apple.

Anyone remember those big-name forums that predated Facebook? I don't.

If you are lucky, being first-to-market will gain you some income, but somebody better can come along and sink you like a stone. You'll get some nice cash for a short period, they'll get a massive revenue stream for many years.

That doesn't mean that every pilot product has to be perfect, but it should mean that your plans for long-term success should incorporate the development of a professional product capable of carrying the load.

And if you're a continent-spanning bank or other long-established "respectable" business, it means that you have absolutely no business at all going for the fast-and-cheap.

Re:Easy trumps security

[BVis]

And if you're a continent-spanning bank or other long-established "respectable" business, it means that you have absolutely no business at all going for the fast-and-cheap.

Why do you hate America?

The point of for-profit capitalist companies is to make profit. You make more profit by reducing your costs and increasing your revenue. Building more-secure software increases costs and has no straight-line effect on revenues. Simply put, there's no market value in making secure products, because your average mouth breather doesn't understand security, and, more importantly, doesn't care that they don't understand. They're not likely to buy or use a product based on how secure it is. Adding features that nobody wants hurts your bottom line.

Until people understand that security is important, companies will be able to make more money building shitware that appears to work, but is really millions of lines of outsourced developer-produced garbage that only works due to some glitch in the Matrix. When there are data breaches (Target, Home Depot, etc), as soon as the news coverage starts talking about anything even close to the technical details of the problem, people's eyes glaze over and they change the channel.

TL;DR: Internet security is a bad joke because people don't care.

Re:Easy trumps security

[BVis]

No. Secure, convenient: pick one.

It's not impossible to have both, just extremely expensive. Since there's no perceived benefit to improved security, and doing something (anything) is a pain in the ass, that money will not be spent.

Re:Easy trumps security

[BVis]

Ease of use and security need to go hand in hand.

The trouble is, as I've also stated below, that it's very hard (read: expensive) to have both. Try to implement two-factor authentication and listen to your users howl. Require the use of a VPN in a corporate environment and listen to your CEO threaten you with termination if you don't make an exception for him. Make PGP keys available and watch nobody at all use the service. Require passwords to be updated every 90 days and prepare for your help desk to get a thousand whiny calls every three months.

People are stupid. People are lazy. People don't care about security. When people start caring about security, then we'll get somewhere. But it's like trying to teach a pig to sing; it wastes time and annoys the pig.

Re: Easy trumps security

People lose their phones all the time and do not backup locally regularly. The iCloud is their crutch.

Re: Easy trumps security

[davester666]

Uploading the data to your company's server so you can sell the data is entirely different from backing up the data to iCloud.

Hell, Fitbit doesn't work with HealthKit because...they demand that you pay them EXTRA to gain access to your raw data.

SSL?

It's called SSL, its a new thing.
https://tools.ietf.org/html/rfc6101

Re:SSL?

[PlusFiveTroll]

Our current methods of using encryption are so broken than when encryption break, it breaks all the underlying layers too. Heartbleed for example.

Re:SSL?

[Chris+Mattern]

Well, actually, it's the old thing. SSL is broken. You're supposed to be using TLS.

How developers can lock down the internet.

[Script+Cat]

Seriously, most of the problem is education. Encryption and not doing stupid things is the key. That and preventing users from booting Linux.

Re: How developers can lock down the internet.

Education won't solve a thing. The bar keeps getting lowered. First it was offspring and H1Bs, now it's anyone can code after a day bootcamp. There is a reason web development is considered a ghetto and it's getting worse each and every day. The problem with so called democratization of coding and the subsequent lowering of the bar is the inevitable, unavoidable loss of quality.

The issue is that everyone would like to have their cake and eat it too. Rapid innovation at low cost conflicts with things like licensed engineers producing products that are subjected to rigorous standards akin to anal probing.

The market has decided this is not important. To make an analogy, people would rather cross the border to an unlicensed physician because it costs too much to visit the one at home.

Now we have corporations and special interest groups deflating wages by trying to turn Joe six pack into a code monkey while companies try to conjure minority candidates to fill what will turn into future quotas out of thin air.

We don't want a mature industry. We don't want an engineering discipline. And no amount of training or education can cover for that gaping hole. This is why I left the web, it used to be a nice part of town, now it's run down and run by idiots.

Re:How developers can lock down the internet.

[TemporalBeing]

Seriously, most of the problem is education. Encryption and not doing stupid things is the key. That and preventing users from NOTbooting Linux.

There fixed that for you.

Seriously, Mac and Windows are far more security issues than even the most lax Linux distro.

And homogenous environments, while in some ways easier to manage, are also a security nightmare simply because at attack at one point will equally work at another. In this respect, Linux is awesome - just mix up the hardware (PPC, x86-64, ARM, MIPS, Power, etc) between everything; you can keep a user homogenous environment while creating a very heterogeneous environment for attackers. Not possible with Windows or Mac.

Re:How developers can lock down the internet.

[Script+Cat]

"That and preventing users from NOTbooting Linux."
Oh, they mean the users trust.

Can We Do Better?

Yes. Will it matter in terms of security for the long-term, no.

UK Government will oppose it

[Anne+Thwacks]

The UK government categorically opposes anything that might be even slightly secure "think of the terrorists". I am sure others will agree with them.

Re:UK Government will oppose it

[ArcadeMan]

With all the "Think of the terrorists" and "Think of the children" crap we keep reading about, how about launching "Think of the terrorist children"? That'll throw a wrench into their insane ideas.

Re:UK Government will oppose it

[Anne+Thwacks]

UK newpapers are already hot on that,

Every day we have stories about children travelling to the Middle East to be child brides to terrorists. Just think of the orgasms news editors get from this one! (Sorry).

Make security mandatory

Require that closed source software is clearly labeled as such.
Ban closed source software in public administration.
Ban closed source software on portable devices, ie. devices that someone may carry near other people without their decision.
Make secure code a legal requirement in all products sold in the market and require insurance from provider to cover different fines for bugs with different levels of seriousness. Apply the same legal requirement and fines for services where personal information is used.

If something fails, the company responsible needs to pay for it regardless of how unavoidable it may be. We, the consumer, can not care about the technical difficulties. We can demand security.

Re:Make security mandatory

[Sowelu]

I can't tell if this is parody or not.

Re:Make security mandatory

Intentional or not, here I come, and you can't hide.

Re:Make security mandatory

[ArcadeMan]

Require that closed source software is clearly labeled as such.
Ban closed source software in public administration.
Ban closed source software on portable devices, ie. devices that someone may carry near other people without their decision.

So, you want open source software everywhere...

If something fails, the company responsible needs to pay for it...

But a lot of open source projects don't "belong" to any company.

Nada

[DivineKnight]

Sorry, we're too busy training our replacements. Perhaps they can help you....

Re:Public keys, trusted hardware, block chains

[ArcadeMan]

The way the economy is going, I agree that we need to create more jobs. But if those jobs blow, nobody will want them.

Stop trusting third parties?

[Kjella]

As much as Google, Microsoft, Apple, Facebook and everyone using the word "cloud" would like to convince you otherwise, you're handing over your data to third parties who you really got no control over how they'll use or secure your data. Or if they in turn have been compromised by hackers or the NSA or whatever. While there's certainly a few issues with direct communication too like how do you exchange keys safely they're much more limited in scope. But my impression is it's not about "How can we secure data?" it's "How can we still make you put all your data online in a post-Snowden world?" because that's how they make money...

ball-bearings, tire spikes, sand, and debris

[holophrastic]

I'm becoming more and more disappointed with my techie breathren for things like this. No part of life is anywhere near as safe, or secure, as the current internet already is.

And yet, we trust all of it, every day, with things far more precious than our communication and finances.

We even trust these things despite countless and routine and frequent demonstrations of catastrophic failures.

We have political systems that squander money on a global level. And yet, we still elect leaders through campaigns of obvious horse-shit. Alex ran for student-body president 20 years ago on the basis of getting rid of homework.

We also have roads. We have highways where anyone from across the planet can show up, 'accidentally' drop sand and ball bearings and tire spikes and chunks of metal.

There is NOTHING that stops my car from flying off the highway at 140kph and falling 2'000 feet off the mountain.

But good news! There is something stopping my car from slamming into an on-coming car -- at an impart speed of 280 kph, by the way -- there's a two-inch strip of yellow paint; sometimes two.

And, as discussed earlier, every single day there're another many traffic collisions. And every single day, multiple people die in those collisions. It's so continuous, that the city actually pays for tow-trucks to sit at the edge of the highway in order to clear away accidents that much faster.

So, my e-mails to my grandmother, and to my clients, my banking transactions and my phone bills, while all important, pale in comparison to the vitality of the many other things in my life.

Oh yeah, and my front door, to my house, where I keep virtually all of my stuff, every one of my posessions, and many of my loved-ones -- some not able to protect themselves from a flood, let alone an intruder -- is protected by a very-easy-to-pick lock. Which wouldn't benefit from sophistimication because next to the door, is a big glass window.

Oh yeah, and the alarm wouldn't cause police to show for about 10 minutes anyway. Oh yeah, and the house is mostly wood.

Oh yeah, and my beautiful grass lawn, can be totally destroyed by anyone casually dropping a handful of dandilion seeds.

Nothing we do is secured for trust. That's what the word trust actually means, by the way -- if things were proven secure, you wouldn't be trusting them.

The internet is good enough as-is. Try focusing on the roads please. How about we trust hospitals to not screw up during surgery. How about we work on having enough water next year, or food during droughts, or maybe we could work on not killing people with military super-powers.

These techies are stuck in the wrong rut. They (we) were supposed to be using technology -- like the internet -- as tools to solve real-life problems. This article discusses uses tools to solve problems with other tools. That doesn't help anything.

Scratch that. Improving the security of tools does do one very significant thing. It's called one-upmanship, and it creates better criminals.

Solve the global food problem. Not because people far away from me are starving -- I'm not responsible for them, I've got my own problems. Solve the global food problem so that I don't need to have my yummy cooking show show me a gorgeous sizzling steak, and then break to commercial to see starving children in africa, who've been starving for fifty years now. It does nothing more than to put me off my dinner, and ruin the cooking show..

Re:ball-bearings, tire spikes, sand, and debris

[ArcadeMan]

Hey, keep your sane thinking to yourself. This is the Internet, buddy!

Re:ball-bearings, tire spikes, sand, and debris

No part of life is anywhere near as safe, or secure, as the current internet already is.

No part of life is as optional, either.

anyone from across the planet can show up, 'accidentally' drop sand and ball bearings and tire spikes and chunks of metal

All of these things are visible. People stealing credentials from a server that I don't control is not.

There is NOTHING that stops my car from flying off the highway at 140kph and falling 2'000 feet off the mountain.

Guardrail.

There is something stopping my car from slamming into an on-coming car -- at an impart[sic] speed of 280 kph, by the way -- there's a two-inch strip of yellow paint; sometimes two.

Yes. Very visible yellow paint. Also, the threat of pain and death to the drivers of both vehicles.

And if I'm not mistaken, 280 kph (168 mph) is way too damned fast for anyone to be traveling on a highway. Were you making the mistake of adding the speeds of two vehicles together to get the impact speed? It doesn't work that way. If both cars are going 140 kph (84 mph), then the speed that each car decelerates from is 140 kph. Neither car is put under the strain of decelerating from 280. The only point that receives the equivalent of 280 kph of force is the standing-still neutral observer smashed in the middle. It receives a crushing force equivalent to deceleration from 280. No part of the moving vehicles can receive that much force solely from that impact.

every single day there're another many traffic collisions

Because people are dumb and lazy and inattentive.

every single day, multiple people die in those collisions

Because people are dumb and lazy and inattentive.

It's so continuous, that the city actually pays for tow-trucks to sit at the edge of the highway in order to clear away accidents that much faster.

Tow trucks aren't going to help you if you're dead. The city pays for those trucks to clear wrecks out of the way so more wrecks don't occur due to impeded flow of traffic. Because people are dumb and lazy and inattentive.

The internet is good enough as-is. Try focusing on the roads please.

The roads are good enough as-is, if everyone follows the damned rules. Just like the internet.

How about we trust hospitals to not screw up during surgery.

We already do.

How about we work on having enough water next year

I don't worry about water in Missouri. Your problems are not universal.

or food during droughts

See previous snarky comment.

work on not killing people with military super-powers.

That one is above my pay-grade.

supposed to be using technology... as tools to solve real-life problems. This article discusses uses tools to solve problems with other tools... It's called one-upmanship, and it creates better criminals.

No, it's called "security". No security is perfect. Ever. You already called attention to the insecurity of your front door. But if all your worldly possessions were laying on your front lawn, what are the odds somebody wouldn't just come along and take them? The "insecure" front door provides 1) a minimum level of resistance and 2) a legal line-in-the-sand, both of which the intruder must overcome to be successful. Criminals are going to be as good at being criminals as they need to be. You have to make the value proposition worse in order for most of them to stop. We just haven't reached that point yet on the internet.

Solve the global food problem.

Solve your priorities problem. You're whining that everyone, everywhere should drop what they're doing and solve a single specific human-rights issue that is basically a weapon of war because pictures of the victims of war put you off your grub? Really? Fuck you.

Re:ball-bearings, tire spikes, sand, and debris

[holophrastic]

Coward.

Re:ball-bearings, tire spikes, sand, and debris

I was discussing this with an older gentleman who was a hobbiest in the TRS 80 days. It's a shame that the internet, and all it's potential, and our technical prowess as a country, is being used to sell fucking adverts.

Re:ball-bearings, tire spikes, sand, and debris

[Buchenskjoll]

You are ignoring the aspect of scale. Spikes on the highway will only make the first couple of cars fly off, noone can break into 10.000 houses at once. But on the internet things like that are possible, that's why a secure internet is important.

Developer signatures

[penguinoid]

Publish a list of all developers who worked on a project, those who signed off on its security, and those who refused to sign off on its security. Also the names of anyone who has authority over the developers.

Re:Developer signatures

Ah man, I wish I wasn't such a coward about sharing my name on the internets, because this should be modded up to nose bleed levels.

Done is better than perfect, right? Make management happy and get a nice bonus/stock options and screw the customers.

I've been the IT Ops manager telling the developers that they have vulnerable code facing the public, even going so far once as to show the dev manager a post on a script kiddie website about our servers being open to SQL injection, and begging for a fix, and I'm always told "we know, we'll try to get it fixed in the next release".

Name and shame, all the way up to the CEO.

Re:Developer signatures

I've been the IT Ops manager ... show the dev manager a post on a script kiddie website... begging for a fix

Name and shame, all the way up to the CEO.

And you'd be named and shamed along with the rest. There are plenty of people who care, but as long as upper management have veto nothing that will take time or cost money will be done. Pointing at the developers will not help. As the IT manager show some balls and say no to the CEO. Don't blame others when you are not prepared to do what you claim they should.

Re:Developer signatures

How fucking hard can it possibly be to validate your inputs? Do you need to be able to accept the characters ' or - or = as arguments?
IE: ' OR 1==1;---

The Nine Things

[Somebody+Is+Using+My]

Here are "the nine ideas [for securing] our data, privacy, and communications"
(for those of us too lazy to RTFA)

- Add public keys to major services
- Build better random number generators
- Expand trusted hardware
- Add Merkle trees to the file system
- Build more block chains and extend them for others
- Add chaining to Internet interactions
- Build out cross-linked certified websites
- Add homomorphic encryption
- Add encryption

Details on what each of those thing actually MEAN are in TFA, of course

Re:The Nine Things

[tepples]

The repeated references to block chains and Merkle trees sound like someone has read the description of the Bitcoin protocol, is using the primitives described therein as a hammer, and sees Internet security as a nail. I'll explain some of them:

"Add public keys to major services" means give people a means to publish PGP keys through services that most end users already trust.

"Expanded trusted hardware" means personal handheld HSMs (hardware security modules).

"Add Merkle trees to the file system" means file systems that store revision history for all files in a tamper-evident manner.

"Build more block chains" means do something like Namecoin for storing hashes of file contents in the block chain.

"Build out cross-linked certified websites" appears to be something like Freenet, but I couldn't verify for this post because the InterPlanetary File System (IPFS) web site that it cites is a short blurb, a bunch of videos, and one PDF being distributed with the wrong MIME type.

"Add homomorphic encryption" means ways of time-inefficiently doing computation directly on encrypted data without having to decrypt it. The article acknowledges that beyond things like hashed passwords, it's still impractical as of today.

"Add encryption" refers to protocols where both ends agree on a key that the intermediary forwarding server does not know, such as Off-the-Record instant messaging.

Re:The Nine Things

[TemporalBeing]

- Add public keys to major services

Public Key doesn't really get you much. Theoretically it means you're using a Certificate Authority (CA) to validate both sides; however, a centralized CA is still vulnerable and problematic. A Web-of-Trust system is harder to manage but can be more secure. In both cases everyone has to implement best practices and keep good key sets, which is often not the case.

With PGP/GPG people tend to keep relatively short life-spans on their keys, even then that can be between 1 and 5 years. Still, this is better than CA systems where people tend to make 5-10 year keys, often long enough now that the algorithms are being broken before the keys are replaced, and most don't use Certificate Revocation Lists (CRLs) as well because they're too painful to maintain, and essentially reduces a CA system back to a Web-of-Trust system in that respect.

- Build better random number generators

There are already world-class random number generators (RNGs)...but they're costly. So we have pseudo-random number generators (PRNGs) to try to keep the costs down. Of course, RNGs are primarily expensive due to patents and companies trying to keep it to themselves instead of fully sharing the tech. But you've got to get companies to share the data more and at cheaper prices if you want to improve RNGs and PRNGs.

- Expand trusted hardware

Now this is just false. Trusted Hardware - e.g systems booted with SecureBoot/Palladium/TrustedComputing/etc - don't really buy you anything other than locking down everything to the few "trusted" vendors that get to decide what software runs and which doesn't. As the leading push for this tech is Microsoft, which has one of the worst security records, I wouldn't count on it being used for anything other than vendor lock-in.

- Add Merkle trees to the file system

So TFA's assertion here is that Operating Systems, and more specifically their File Systems, don't do enough to keep data on disk from being pieced together by a bad actor. Sorry, but that's not a very good solution since they already have access to the system, either physically or on-line. If they have on-line access then it doesn't matter - the OS will help them get the data; if they have it physically, well, disk encryption is a better solution (though painful and costly in performance).

- Build more block chains and extend them for others

- Add chaining to Internet interactions

TFA's argument - everyone should be like BitCoin.

Well, this could help communications some...but that's kind of already happening with encrypted communications, just not the way BitCoin does it. Still, that could make an interesting prospect, but that doesn't mean it's necessarily more secure. For instance, a MITM attack could still fool you since it would be able to talk to the other parties and make them both think the chain was intact properly; the attack surface would be reduced since the MITM attack would have to happen at the start of the connection; but then, any good MITM attack does that.

So all this really tells you is that the information send between two parties is a continuous flow of information; however, it has the issue that is completely serializes all communications (in order to create and preserve the chain) and that doesn't work for every protocol.

- Build out cross-linked certified websites

This is the basic idea behind key-sharing systems. Whether web-of-trust (PGP/GPG) or CA systems. In both cases you have to exchange information with a third (trusted) party to verify the information. It can help some, but it's no silver bullet by any long shot. See above for details.

- Add homomorphic encryption

- Add encryption

More encryption. Yes, encryption can help, bu

Critical Mass

It is hard to get a critical mass to get a proper change. Specially if it involves some sort of cost. As far as I can see, I can tell you that ...

• Adobe Flash is still being used, even if it is known to be a large security hole - web developers should rethink how to deliver their rich applications
• IPv4 is still being used, even if a request for IP Addresses has been denied recently - many home appliances should be updated
• Almost 90% of Android users are not on Android v5.x, even if Android v5.x has been out there for nine months - due to policies by manufacturers, users would need to buy new phones
• Most of Internet security is managed by certificate authorities, even if they are not trusted (a given one gave a Google certificate to a non Google company) - and the article probably tries to explain what we should do to build trust

So, the question is how you can trust somebody you do not know. One solution how to do that is a two thing combination, like something you know (password) and something you have (key generator, smartcard). But, as usual, at the end of the day, the mass go with what it is easier for them. People do not want to spend time creating a new account (hopefully without reusing passwords!) - they can use Facebook to log in. People and companies do not sign e-mails (just signing them), even if it is mandatory to have a smartcard as your personal ID in the country I live. And on and on....

Can I have another option?

[Krishnoid]

there's no way to know if you're swapping packets with a dog or the bank that claims to safeguard your money

Those are my choices? I'm going with the dog.

Security

[sexconker]

Give me, your customer, a unique, self-signed cert.
Let me, your customer, give you a unique, self-signed cert.
Let us both agree not to trust any party claiming to represent either of us without first encrypting communication with those respective certificates.
Let us both agree to a secure method for updating certificates that doesn't rely on any 3rd party or the internet. Perhaps we could meet in person at some sort of structure designed for the officiating of such business.

DONE.

Certs work if you cut out the governments and "trusted" root authorities by SELF-SIGNING, and NEVER perform initial certificate exchange over the very channel you cannot trust. Everything is encrypted and no one can fuck with it without compromising BOTH keys or breaking the encryption algorithm altogether.

Yes, this is less convenient. Yes, you have to maintain unique certs for every account. Yes, it's worth it.

Re:Security

[Areyoukiddingme]

Yes, this is less convenient. Yes, you have to maintain unique certs for every account.

Less convenient, but it could still be fantastically convenient now that everyone is carrying a pocket computer.

1. Walk into your bank.
2. Take out your phone.
3. Take a picture of the QR code of your bank's public key that's posted next to every teller window, using key management software designed for the purpose.
4. Show your phone to the teller, which is now displaying your personal public key.
5. Teller performs a similar process with a bank camera, along with verifying your identity to the bank's satisfaction.
6. Profit.

Yeah ok, it fails the underpants gnome step count test. And the key management software would have to be integrated into IOS and Android (for the ubiquity, not any sort of security). But I don't think it's much worse than cashing a check these days.
 

Yes, it's worth it.

Yes. Yes it is.

Doorknob

[fluffernutter]

I have a front door on my house. If I have a company who is in charge of opening and closing the front door, I want to be damn sure they close it as securely as possible. If they leave it open, then there is a big problem.

People have their lives stolen. It's not the same as dying but it's serious.

Re:Doorknob

Really? What I'd want most of all, from a company responsible for my front door, is the assurance that I could open it when I want to.

A front door that doesn't keep out intruders is sub-optimal, certainly. But a front door that keeps me out renders my entire house useless.

We need to make it more complicated

[aberglas]

Add lots and lots more features. Lots of redundant crap. Make it so complex that the hackers will never be able to figure it out. (That appears to be the current strategy.)

Secure Remote Password

[aberglas]

One technology that kills Phishing attacks is SRP

https://en.wikipedia.org/wiki/...

It does not rely on the PKI mess. But we will never see it because there is no money in it.

Some of the list

[AHuxley]

1. "Add public keys to major services"
The security services just use their own or find others or find the users.
2. Build better random number generators
Yet strange limits seem to be added to many public and private crypto like products efforts every decade. From banking to what shipped with personal computers.
3. Expand trusted hardware
That gets found and upgraded during while in the safe hands of the trusted global postage or delivery services. (supply-chain interdiction/Tailored Access Operations).
4. Add Merkle trees to the file system
More logging, tracking and understanding of any network or site helps. The main issue is who gets to see the files after an event? Domestic or federal investigators just take it all away to cover parallel construction or another gov/mil access?
Many of the more skilled nations are opting for their own code, designing their own cpu and networking hardware to escape most of the the more direct ways into their own existing networks.

The downfall of the internet

Internet = Fail.

No reliable authentication. No end to end encryption. Dumb users. Massive stockpiles of data with unlimited access attempts.

Shut it down and start over.

Re: Public keys, trusted hardware, block chains

I swear there was a boot camp the other day teaching hookers web development.

Fingerprint

[MadMaverick9]

Why can I not go to the local branch of my bank and verify the fingerprint of the certificate used for its online banking website?

96:4F:59:F0:D9:3E:DE:00:4F:76:50:5B:33:17:CB:11:4C:65:F4:6B:92:F3:CF:49:4F:6F:1E:2E:FF:AF:35:6D

That way I know for sure I am not asking a dog to transfer my money. Unless of course the dog's pawprint matches the fingerprint of the certificate.

Re:Fingerprint

[Anne+Thwacks]

You trust banks?

You might want to get out a bit more, sonny.

So ban handheld video games

[tepples]

Ban closed source software on portable devices, ie. devices that someone may carry near other people without their decision.

You do know this would ban Game & Watch, Game Boy, Game Gear, Lynx, Nintendo DS, PSP, and PlayStation Vita, right? Or do you believe handheld video games ought never to have existed?

Travel industry

[tepples]

Perhaps we could meet in person at some sort of structure designed for the officiating of such business.

So if you're buying from a business in another city or another country, perhaps you'd prefer to pay the travel industry to be your intermediary. Long-distance travel has always been the limiting factor of key-signing parties.

Re:Travel industry

[sexconker]

If the cost of securing communication isn't worth a trip, then that's your issue.
Regular mail, land lines, and trusted (and legally accountable) services (escrow, lawyers, etc.) can be an intermediary if you so choose.

Can't be done in the USA

There will never be anything more than security theater in the USA as long as there are secret courts enforcing secret laws with secret gag orders.

I'm ALL about the article title via

See subject & APK Hosts File Engine 9.0++ SR-2 32/64-bit http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. browser addons & locally installed DNS servers @ home + fixes DNS' redirect security issues - obtaining its data vs. online threats & adbanner blocking from 10 reputable sites in the security community!

* :)

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per this VERY recent testing of them all http://www.av-test.org/en/news...

&

It's GUARANTEED safe & clean per it being checked by 57 antivirus programs recently in BOTH its 64-bit model https://www.virustotal.com/en/...

+

In its 32-bit model also https://www.virustotal.com/en/...

---

"The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"...

APK

P.S.=> By "yours truly" - "The Lord of Hosts" so-to-speak:

PERTINENT QUOTE/EXCERPT:

"The image this title brings to mind is of a mighty military commander, one who can at a mere word summon rank upon rank of protective power" from https://answers.yahoo.com/ques... & THAT WORD = hosts!

(Accept NO substitutes!)

...apk

Can't be done

[micahraleigh]

As long as software companies are required to put in back doors the internet won't be secure