Google Joins Mozilla, Microsoft In Pushing For Early SHA-1 Crypto Cutoff

itwbennett writes: Due to recent research showing that SHA-1 is weaker than previously believed, Mozilla, Microsoft and now Google are all considering bringing the deadline forward by six months to July 1, 2016. Websites like Facebook and those protected by CloudFlare have implemented a SHA-1 fallback mechanism. Both companies have argued that there are millions of people in developing countries that still use browsers and operating systems that do not support SHA-2, the replacement function for SHA-1, and will therefore be cut off from encrypted websites that move to SHA-2 certificates.

Remember.

[fuzzyfuzzyfungus]

Some of the talk about SHA-1 cutoff has been in terms of "Should we break the intertubes for the poor people who can't upgrade?"

Remember; we really don't have that choice. SHA-1 is doing the mathematical equivalent of creaking, groaning, and starting to splinter under load. Our choice is not whether to break SHA-1 or not; it is whether or not to pretend that SHA-1 isn't dangerously precarious.

It's like telling a structural engineer "We can't close that bridge! People need it to cross the river!". That's exactly why we must close the bridge; because if we don't there will be people on it when it falls into the river.

(That said, in environments where security is provided by other means, say a suitably isolated management-only network, there will continue to be a need for browsers that can interact with pitifully outdated SSL implementations for some time to come, probably a disgustingly long time; just as various ancient JVMs are currently kept around to interact with assorted horrible management interfaces, network KVMs, and the like. In practice, since virtualization is so cheap and such legacy systems should be kept the hell away from the internet, we'll probably just end up using an old browser version on a VM that is firewalled from everything except the legacy devices it is used to manage; but there will be places where compatibility will require accepting a known-pitiful authentication mechanism; but such environments should treat that mechanism purely as an archaic quirk, not as any sort of substitute for security.)

Re:Dear Microsoft, err, I mean Google

[Lunix+Nutcase]

So you'd prefer more crypto downgrade attacks?

Re:Dear Microsoft, err, I mean Google

[smooth+wombat]

Why is it a bad thing to force upgrades in the name of security here?

The six year old car you are driving is not as secure as a car produced this year. You are required to upgrade.

The lock on your door is not as secure as today's locks. In the interest of security to your business you must change all locks on your premises.

Yes, these involve physical items and cost, but the concept is the same. What business is it of Microsoft, or Alphabet (Google), or Mozilla if someone is using an insecure piece of software? It's not their system.

Whatever happened to letting people decide how they manage their systems? Are we again dragging out the canard that developers or companies know more than the user considering every iteration of all three products don't simply fix bugs but break things, including the UI, or remove features people used.

Re: Dear Microsoft, err, I mean Google

[BitZtream]

All my modern hardware will have no problem with this change.

I have older hardware and software that simply doesn't know anything about SHA-2 and never will. Should that hardware stop functioning just because Google thinks that pulling down weather forecasts requires perfectly secure SSL connections?

Changing oil and timing belts don't obsolete the car, and they wear out. Software doesn't wear out, but for some reason we get forced into upgrades that INTENTIONALLY OBSOLETE FUNCTIONAL SOFTWARE ... and thats what I'm bitching about.

Just because you picked a nick that revolves around Microsoft doesn't mean my concerns have anything to do with MS, and indeed they don't. I could give a fuck what MS does.

And no, I won't install Linux just because you think I need an inferior experience. You assume Linux runs on my AVRs ... which it does not, just like SHA-2 doesn't, because there isn't enough CPU to do this shit in real time ... and I have many deployed with wiznet chips that do the TCP part ... including SSL ... and guess what ... linux doesn't run on them either, so fuck you and your linux fanboyism :)

Anything I have that will run Linux is capable of running FreeBSD so you won't catch me dead running Linux, and anything I have that isn't capable of running FBSD isn't capable of running Linux either, or Windows for that matter, so basically, STFU since you don't have any clue why I care.

Luddite, heh, do you even understand what the word means because you sure don't act like it.