Slashdot Mirror
Google Joins Mozilla, Microsoft In Pushing For Early SHA-1 Crypto Cutoff (blogspot.com)
itwbennett writes: Due to recent research showing that SHA-1 is weaker than previously believed, Mozilla, Microsoft and now Google are all considering bringing the deadline forward by six months to July 1, 2016. Websites like Facebook and those protected by CloudFlare have implemented a SHA-1 fallback mechanism. Both companies have argued that there are millions of people in developing countries that still use browsers and operating systems that do not support SHA-2, the replacement function for SHA-1, and will therefore be cut off from encrypted websites that move to SHA-2 certificates.
Down-mod on the parent is ridiculous. "Using security as an excuse for forced upgrades" is indeed irrational. None of the three players makes money on hardware or OS upgrades, so the conjectured conspiracy theory is pure tinfoil-hattery.
SHA-1 is broken and needs to die. We aren't doing the developing world any favors by keeping it.
Since when has Slashdot become a Luddite websites for those that fear change?
XP is 15 years old! Things move on. We are tired of turning down 2008 era html 5 and leaving our phones with a better browser experience because of XP IE 6/8 compatibility from a different era. If the hardware is from 2008 or earlier you can install Linux for free?
Do you not change your oil and timing belts either
http://saveie6.com/
Some of the talk about SHA-1 cutoff has been in terms of "Should we break the intertubes for the poor people who can't upgrade?"
Remember; we really don't have that choice. SHA-1 is doing the mathematical equivalent of creaking, groaning, and starting to splinter under load. Our choice is not whether to break SHA-1 or not; it is whether or not to pretend that SHA-1 isn't dangerously precarious.
It's like telling a structural engineer "We can't close that bridge! People need it to cross the river!". That's exactly why we must close the bridge; because if we don't there will be people on it when it falls into the river.
(That said, in environments where security is provided by other means, say a suitably isolated management-only network, there will continue to be a need for browsers that can interact with pitifully outdated SSL implementations for some time to come, probably a disgustingly long time; just as various ancient JVMs are currently kept around to interact with assorted horrible management interfaces, network KVMs, and the like. In practice, since virtualization is so cheap and such legacy systems should be kept the hell away from the internet, we'll probably just end up using an old browser version on a VM that is firewalled from everything except the legacy devices it is used to manage; but there will be places where compatibility will require accepting a known-pitiful authentication mechanism; but such environments should treat that mechanism purely as an archaic quirk, not as any sort of substitute for security.)
So you'd prefer more crypto downgrade attacks?
Considering MS is not in the hardware business
So they make phones, tablets, consoles, their own laptop, fitness bands and keyboards and mice but they aren't in the hardware business?
Windows 10 was free,
For one year and only for consumers.
and MS is betting its future revenue on cloud services instead of Windows Server licenses.
And yet those licenses are still a big portion of their revenue and revenue from that grew 6% just their last quarter.
please think a little bit outside of the box of your own environment, and act responsibly.
And acting responsibly is to remove insecure crypto not to keep it around. Are you ignorant of all the crypto downgrade attacks that have been found just in the last year?
Why is it a bad thing to force upgrades in the name of security here?
The six year old car you are driving is not as secure as a car produced this year. You are required to upgrade.
The lock on your door is not as secure as today's locks. In the interest of security to your business you must change all locks on your premises.
Yes, these involve physical items and cost, but the concept is the same. What business is it of Microsoft, or Alphabet (Google), or Mozilla if someone is using an insecure piece of software? It's not their system.
Whatever happened to letting people decide how they manage their systems? Are we again dragging out the canard that developers or companies know more than the user considering every iteration of all three products don't simply fix bugs but break things, including the UI, or remove features people used.
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
I don't think that UA has been a good detection method for a long time.... they all purport to be Mozilla by default for one thing. Also, all the major browsers will let you change your UA to whatever you want.
My eyes reflect the stars and a smile lights up my face.
So they make phones, tablets, consoles, their own laptop, fitness bands and keyboards and mice but they aren't in the hardware business?
Loss leaders to generate service revenue. Direct revenue from hardware sales is a drop in the bucket. That bucket is growing quarter over quarter, but so too is cost of revenue. Profit margins are low in hardware. But more importantly, and far more relevant to the "forced upgrade" argument: they do not sell PC's or server hardware that would be affected by killing SHA-1.
Windows 10 was free,
For one year and only for consumers.
When MS shuts off SHA-1 on July 1st, Windows 10 will still be free.
and MS is betting its future revenue on cloud services instead of Windows Server licenses.
And yet those licenses are still a big portion of their revenue and revenue from that grew 6% just their last quarter.
But with $15 billion invested in PaaS, there is nowhere to expand except by cannibalizing existing Windows Server revenue.
All my modern hardware will have no problem with this change.
I have older hardware and software that simply doesn't know anything about SHA-2 and never will. Should that hardware stop functioning just because Google thinks that pulling down weather forecasts requires perfectly secure SSL connections?
Changing oil and timing belts don't obsolete the car, and they wear out. Software doesn't wear out, but for some reason we get forced into upgrades that INTENTIONALLY OBSOLETE FUNCTIONAL SOFTWARE ... and thats what I'm bitching about.
Just because you picked a nick that revolves around Microsoft doesn't mean my concerns have anything to do with MS, and indeed they don't. I could give a fuck what MS does.
And no, I won't install Linux just because you think I need an inferior experience. You assume Linux runs on my AVRs ... which it does not, just like SHA-2 doesn't, because there isn't enough CPU to do this shit in real time ... and I have many deployed with wiznet chips that do the TCP part ... including SSL ... and guess what ... linux doesn't run on them either, so fuck you and your linux fanboyism :)
Anything I have that will run Linux is capable of running FreeBSD so you won't catch me dead running Linux, and anything I have that isn't capable of running FBSD isn't capable of running Linux either, or Windows for that matter, so basically, STFU since you don't have any clue why I care.
Luddite, heh, do you even understand what the word means because you sure don't act like it.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
https://bugzilla.mozilla.org/s...
Firefox only currently supports DHE with SHA1. Are they going add support for SHA256 DHE when they disable SHA1?
To quote Michael Staruch from the above link: It looked more like attempts to discredit DHE and push everyone into ECC. And I am not so sure if that's best way to protect our privacy, especially with multiple TLS clients supporting only NSA Suite B curves.
Mozilla, we really need DHE to work with SHA256 and GCM. Sure, fallback to something else (with a second connection, if necessary) if weak dhparams are used by the server.
-=Lothsahn=-
The lock on your door is not as secure as today's locks. In the interest of security to your business you must change all locks on your premises.
This happens all the time. Insurance companies force businesses to change their locks, install alarm systems, etc. Either by changing the goal post with their premiums, or by simply rejecting an application for property insurance. I don't recall any time in the US where operating a business was an inalienable right. (You may be outside of the US, I'm taking a guess here given the assumptions I believe you've made)
“Common sense is not so common.” — Voltaire
> Keeping it around also makes everyone more vulnerable.
No, that's the whole point of the Facebook/Cloudflare TLS switcher. Nobody gets SHA-1 signatures that can handle SHA-2.
There's something like 37 million people who can't handle SHA-2 yet. SHA-1 collisions are not a bigger risk than them running insecure HTTP instead of SHA-2-signed TLS.
Yes, if wishes were unicorns they'd all have DANE-validated TLSv1.2 with ECDHE and PFS, but not even Bernie can make that happen.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
So weak crypto is worse than sending data in the clear? OK.
I think the rationale is that a false sense of security is worse than a true sense of insecurity.
> What business is it of Microsoft, or Alphabet (Google), or Mozilla if someone is using an insecure piece of software? It's not their system.
Herd immunity. Your insecure shit affects everybody on the internet. Which goes to the car thing... if your car is found to have a dangerous defect, the state you live in can black flag it and fine you or tow you if you drive it, until it is repaired. Or, in other cases you will not be able to get a certificate of inspection when your previous decal expires.
>Whatever happened to letting people decide how they manage their systems?
It turns out that 99% of them are fucking idiots that have open spam relays, scan other networks for, or otherwise cause problems.
But what's even funnier about your rant, is not, you don't have to upgrade your broken old crap. You just don't get to talk to my server. By being able to talk to my server with your broken shit, you make my server more insecure.
Good riddance, you lice infected cur.
> just because Google thinks that pulling down weather forecasts requires perfectly secure SSL connections?
Yes. Because *everything* that is served with a Google cookie or by a Google server should be protected by strong encryption so you can't use one function to attack another function inside the same domain. I'm pretty sure you're fucking clueless at the risk profiles at this point and why so many different groups want to get rid of SHA-1.
Software does wear out. It wears out when it becomes a serious risk to everyone that uses it.
If your shit is old, broken and obsolete, you are now responsible for putting a SHA2+ > SHA-1 conversion between them at your own cost.