I'll say it a third time, then: setting up a mitm goes far beyond snooping.
Against snooping, SSL is bulletproof.
Against a targeted attack, SSL with a known-good certificate is bulletproof.
What lengths you have to go to to be sure of the certificate increases as attackers throw more resources at it, and yes, if they're going to go to the trouble to corrupt a CA, you and I and everyone else are screwed so hard we can't even feel it any more. That was the implication I left earlier.
And that's the other part of the reason I so strongly dislike the misleading and excessive warnings against self-sign: not only are the tactics being used deceptive, the trust they're offering in its place is blind.
GGP wanted to protect against snooping, against which SSL is bulletproof.
As I said early and late, getting into an SSL session means getting control over ARP or DNS or DHCP traffic, and that goes beyond just "snooping".
Fire up wireshark surreptitiously, you're snooping. Set yourself up to impersonate a particular site and then usurp the local gateway or poison its DNS to enable a man-in-the-middle attack, you're not snooping any more.
In short, Trepidity's post was spot on, and schon hammered him for not defending against attacks he explicitly mentioned as potential weak spots and said he didn't care about. As you say, widespread use of self-signed certs might lead the ignorant into unthinkingly accepting self-signed certs at the wrong time, but schon didn't say that.
What the self-signed-cert warning screens should say is something along the lines of
This session is vulnerable to a targeted attack. No major or commercial site will ever use the sort of security credentials this site is presenting. If anything you truly value is at risk, get out now. If you intend to continue with this session you must acknowledge either that you have independent verification that these are the correct credentials for [site name here] or that you are willing to take the very real chance that an attacker is impersonating this site.
with "get out now" above being an escape link, a big button and the only button on the panel that reads "Get out now", the full hashcode beneath that with no explanation at all, and links, not buttons, below that reading
I've verified every digit personally, and that's the correct credential for [site name here].
and
This might be an impostor's key, but if so I simply don't care enough to check. Anybody willing to spend a few hours' effort to steal my identity here is welcome to it.
That way people could actually make an informed choice. As it is now, the simple fact is that the major browsers are telling lies about security issues.
Only if you verify the certificate yourself before you connect - otherwise anyone could be snooping and you'd never know.
I'm sorry, but that's just wrong. Self-certs stop all the garden-variety wiretap tools cold, and that's where snooping starts.
Self-certs stop everything from there on up until the attacker has completely usurped the target's subnet to the point of controlling things like ARP and DNS and DHCP, and at that point we no longer call it "snooping".
even a self-signed cert will catch man-in-the-middle attacks as long as the first connection, when you save the cert, is not a compromised one
No, this is absolutely wrong. Without some OOB way to verify the certificate, it is impossible to know if the first connection is being intercepted or not.
I'm sorry, but you got that wrong too. The OP posited untampered transmission of the certificate. It's invalid, non sequitur, just plainly and completely wrong to rebut that by rejecting his premise.
It's a completely different response to question his faith in the security of the transaction that delivered the cert, but that in itself raises questions that the entire CA architecture does not completely answer.
Let's start with obvious fact: there are close to eighty (80) authorities on my brower's authority list.
It's valid to reject the obvious implication I'm raising here as requiring far more resource and dedication than just casual snooping, but see above: that's my point too.
Famous old quote regarding chaotic systems being overwhelmed by larger forces:
We might have trouble forecasting the temperature of the coffee one minute in advance, but we should have little difficulty in forecasting it an hour ahead.
Try this: iterate x=cx(1-x) for varying c, and plot out the results for the range [0,4].
The scientists are trying to answer two separate questions: 1) short term, where are the next few iterations going to fall?, and 2) long term, what's the picture going to look like?
Their response is far from absurd. That short-term inability to predict combined with long-term certainly about the big picture is befuddling, counterintuitive, infuriating, humbling and just the way it is.
If you do what I asked you to try, you'll see sequences that are predictable within limits, and for the smaller values of c are actually tame. Docile. Boring.
Crank c up far enough, though, and short-term predictability goes right out the window, because if you vary the least little thing about where you start, what happens next soon diverges.
It turns out that, if you examine how they behave, equations that really do predict real-world things like temperatures in coffee and the ocean behave the same way, and not just approximately.
As you crank up c with that simple equation, you'll see that the general shape of the sequence you get changes at predictable intervals up to a point, after which it goes chaotic but still displays a definite pattern.
The equation you use to predict those intervals is so elementary they teach it to kids: the same way you get 1 2 3 4 etc by adding a constant at each iteration, (x=x+c, c=1 for 1 2 3 4 etc.) you get these intervals by multiplying by a constant at each iteration (x=cx).
The kicker is, it turns out that the constant you use to predict when the shape of the x=cx(1-x) sequence will change is the same as the constant to predict that interval for everything else. Fluid dynamics, crop yields, everything: iterative models with a feedback loop all exhibit _exactly_ the same behavior as you crank them up.
And that means, again: if you try to predict what nature is going to come up with next it really can be impossible to get it right short term but, with the right model, certain of the boundaries and general distribution of the overall result.
Do try it. The arithmetic is so simple you can do it by hand with a calculator and graph paper. I could write you a bonehead-simple demonstration program that would fit here, but the point isn't to see a pretty picture, it's to go through the effort of trying to predict it: the point is that gut checks on what's reasonable and what's not, if they're based only on day-to-day life, are completely wrong when things scale up or down a lot. You have to see how the rules change at small and large scales to realize how fundamental the shift is.
So do it yourself. Because until you do, the fact that you and the source you apparently trust haven't absorbed the lesson is going to be very visible to everyone who has.
That is correct. And also the various assertions that the 4th doesn't restrict private entities.
But shutting off an entire household's internet access, let alone taking their computers, is seizure, not talk, and requires either consent or legal authority. So the 4th applies.
The police may not search your car without explicitly-stated consent. If they can see it through the windows that's fine, but that's looking, not searching. The police also may not revoke your license just because someone made accusations - the police themselves can't do it even if someone provides evidence.
The *AA's want to turn ISPs into police who _do_ have the authority to search, not merely to look, and to revoke not just your license but the licenses of everyone in your entire household just because somebody leveled an accusation.
Maybe you don't use the net much in your work. I don't much, now, but permanent team IRC or skype or AIM chats are widespread professional practice. Net access is very definitely as important to many people as a driver's license, and more so to quite a few.
Considering that certain other browsers (Firefox and Safari) experience many more security bugs these days, combined with the fact that none of these offer sandboxing, the recommendation does seem a bit odd.
The rest of your post, including the sandboxing point, deserves that 5. This one doesn't belong on the same page.
Everyone paying attention can see that Firefox (and open-source general practice) reports and patches as critical security holes bugs for which there's only theoretic or even just heuristic evidence of a potential security breach, while Microsoft's usual reports are of bugs that have actually been exploited and are often actually leaking data in the wild, and eventually releases patches for those.
Microsoft, understandably given their nature as a marketing company, is only too happy to persuade the gullible that the two different counts are comparable.
Joel's argument is wrong in cases where it isn't the code that's bad, but the design. If internal boundaries are set wrong you're going to be essentially rewriting every part of the system with things on the wrong side anyway, and you know what doesn't work and what does in the code you're looking at while rewriting. I'm speaking from experience, rewriting drop-ins for two medium-sized subsystems and completely redesigning one substantial one.
Now, his point is subtly different from a what's-best-for-the-code argument: he's saying it's strategically bad at the corporate level, and discussing corporate-level rewrites of an entire product. I think that's interesting, because what I did was at the separately-installed-subsystem level, on code running in its own address space. Smaller companies have made a business out of selling things at that scale, and I can see that the exact same work on separately-sold products in a smaller company would be a strategically bad risk... for the company.
But not necessarily for the product itself. He's talking about Netscape in 2000. It's ten years farther along now, and I think Firefox in 2010 pretty much QED's that.
So you don't have to carry all your terabytes of media with you everywhere? Bandwidth cost for a DVD is... down around nothing.
You think marketing-driven companies don't put real value on tracking your habits? Spend some time thinking about how the supermarket discount card deals are set up. Notice there aren't any "points" or anything to manipulate you into coming back to Ralphs or Vons or wherever. They know how to do it effectively, but they don't.
I didn't say anything I didn't say, dude. I said they don't insert ads. They don't insert ads. If I send a note to my wife, she sees my email, not their ads, because they don't insert ads.
but let's be honest
I like their service. I said why. You can take that snide little remark and shove it up your ass.
Lemme guess: you think hotmail doesn't datamine. You think yahoo doesn't datamine. These companies think so little of their users' privacy that they treat their users' private email as if it were their own private billboard, and you think they don't datamine.
This is really stretching the "can be adequately explained by stupidity" half of the old dilemma, dude.
I didn't know that about the ads. If they also provide 7G space then I can't think of any concrete reason to prefer google's over aol's, just taste and ephemera.
All the major media companies except Disney and Apple are supporting a media-purchase-validation system that won't work unless your purchase is DRM'd. Disney and Apple are proposing one that works equally well with un-DRM'd media.
When it comes right down to it, if you've met the guy, talked to him, and are actually going to use his card, then he's already made an impression on you. If a corrected typo is going to sway that, you're the lightweight.
Just what I want from a law enforcement agency, eh?
The problem here is, of course (or, that is, "of course" to anyone who bothers trying to find out about Interpol), that Interpol doesn't have any agents that enforce laws.
They're a clearinghouse. They're the liaison organization for international crimes, they know what the laws are in multiple countries and which organizations do which things in them all.
In particular, terrorist organizations commit international crimes. Interpol tracks them, just the same as they do international jewel thieves and drug rings and assassins. Wanna guess why the President wants their records immune to U.S. FOIA laws?
But the soi-disant "news" channels don't report any of this, of course. It wouldn't sell ads.
That is just one method in which the citizens of the United States can unite despite certain minority groups wanting to tear them apart to satisfy their own agendas.
No doubt methods like that work very well where you can punish people for visibly regarding them as idiotic. Please, though, do try curb the bestiality out here, in public? It sets a bad example for the children.
Seriously, rape is not a major problem in our country. You're more likely to die from a terrorist attack than from being raped. Really.
Seriously, cargo-cult mockeries of reason like that are not a major problem in our country. You're more likely to die from a terrorist attack than you are from such bestial so-called "conservatism". Really.
Selling media in any particular form is always going to be superseded, but the music industry itself, getting popular music to the populace, has done nothing but grow. The sheet music industry was the music industry. Now it's not.
I don't think it's possible to intelligently discuss copyright and distribution issues without addressing everything in Macauley on Copyright. I think anyone who's going to tl;dr that should stfu. Because I think he saw, 168 years ago, every relevant facet of the problem we're facing today. There's a payload quote in there, but I refuse to quote it. Context matters, and I'm tired of unconsidered repetition of talking points.
Slashdot Mirror
That would be the U.S. Constitution.
There's a difference between "comforting to people made stupid by rage and fear" and "reasonable".
Tape's been around.
Shoulda stopped there :)
And Microsoft will provide you with a comfy chair to do it in.
I'll say it a third time, then: setting up a mitm goes far beyond snooping.
Against snooping, SSL is bulletproof.
Against a targeted attack, SSL with a known-good certificate is bulletproof.
What lengths you have to go to to be sure of the certificate increases as attackers throw more resources at it, and yes, if they're going to go to the trouble to corrupt a CA, you and I and everyone else are screwed so hard we can't even feel it any more. That was the implication I left earlier.
And that's the other part of the reason I so strongly dislike the misleading and excessive warnings against self-sign: not only are the tactics being used deceptive, the trust they're offering in its place is blind.
GGP wanted to protect against snooping, against which SSL is bulletproof.
As I said early and late, getting into an SSL session means getting control over ARP or DNS or DHCP traffic, and that goes beyond just "snooping".
Fire up wireshark surreptitiously, you're snooping. Set yourself up to impersonate a particular site and then usurp the local gateway or poison its DNS to enable a man-in-the-middle attack, you're not snooping any more.
In short, Trepidity's post was spot on, and schon hammered him for not defending against attacks he explicitly mentioned as potential weak spots and said he didn't care about. As you say, widespread use of self-signed certs might lead the ignorant into unthinkingly accepting self-signed certs at the wrong time, but schon didn't say that.
What the self-signed-cert warning screens should say is something along the lines of
This session is vulnerable to a targeted attack. No major or commercial site will ever use the sort of security credentials this site is presenting. If anything you truly value is at risk, get out now. If you intend to continue with this session you must acknowledge either that you have independent verification that these are the correct credentials for [site name here] or that you are willing to take the very real chance that an attacker is impersonating this site.
with "get out now" above being an escape link, a big button and the only button on the panel that reads "Get out now", the full hashcode beneath that with no explanation at all, and links, not buttons, below that reading
I've verified every digit personally, and that's the correct credential for [site name here].
and
This might be an impostor's key, but if so I simply don't care enough to check. Anybody willing to spend a few hours' effort to steal my identity here is welcome to it.
That way people could actually make an informed choice. As it is now, the simple fact is that the major browsers are telling lies about security issues.
Only if you verify the certificate yourself before you connect - otherwise anyone could be snooping and you'd never know.
I'm sorry, but that's just wrong. Self-certs stop all the garden-variety wiretap tools cold, and that's where snooping starts.
Self-certs stop everything from there on up until the attacker has completely usurped the target's subnet to the point of controlling things like ARP and DNS and DHCP, and at that point we no longer call it "snooping".
even a self-signed cert will catch man-in-the-middle attacks as long as the first connection, when you save the cert, is not a compromised one
No, this is absolutely wrong. Without some OOB way to verify the certificate, it is impossible to know if the first connection is being intercepted or not.
I'm sorry, but you got that wrong too. The OP posited untampered transmission of the certificate. It's invalid, non sequitur, just plainly and completely wrong to rebut that by rejecting his premise.
It's a completely different response to question his faith in the security of the transaction that delivered the cert, but that in itself raises questions that the entire CA architecture does not completely answer.
Let's start with obvious fact: there are close to eighty (80) authorities on my brower's authority list.
It's valid to reject the obvious implication I'm raising here as requiring far more resource and dedication than just casual snooping, but see above: that's my point too.
Famous old quote regarding chaotic systems being overwhelmed by larger forces:
We might have trouble forecasting the temperature of the coffee one minute in advance, but we should have little difficulty in forecasting it an hour ahead.
Try this: iterate x=cx(1-x) for varying c, and plot out the results for the range [0,4].
The scientists are trying to answer two separate questions: 1) short term, where are the next few iterations going to fall?, and 2) long term, what's the picture going to look like?
Their response is far from absurd. That short-term inability to predict combined with long-term certainly about the big picture is befuddling, counterintuitive, infuriating, humbling and just the way it is.
If you do what I asked you to try, you'll see sequences that are predictable within limits, and for the smaller values of c are actually tame. Docile. Boring.
Crank c up far enough, though, and short-term predictability goes right out the window, because if you vary the least little thing about where you start, what happens next soon diverges.
It turns out that, if you examine how they behave, equations that really do predict real-world things like temperatures in coffee and the ocean behave the same way, and not just approximately.
As you crank up c with that simple equation, you'll see that the general shape of the sequence you get changes at predictable intervals up to a point, after which it goes chaotic but still displays a definite pattern.
The equation you use to predict those intervals is so elementary they teach it to kids: the same way you get 1 2 3 4 etc by adding a constant at each iteration, (x=x+c, c=1 for 1 2 3 4 etc.) you get these intervals by multiplying by a constant at each iteration (x=cx).
The kicker is, it turns out that the constant you use to predict when the shape of the x=cx(1-x) sequence will change is the same as the constant to predict that interval for everything else. Fluid dynamics, crop yields, everything: iterative models with a feedback loop all exhibit _exactly_ the same behavior as you crank them up.
And that means, again: if you try to predict what nature is going to come up with next it really can be impossible to get it right short term but, with the right model, certain of the boundaries and general distribution of the overall result.
Do try it. The arithmetic is so simple you can do it by hand with a calculator and graph paper. I could write you a bonehead-simple demonstration program that would fit here, but the point isn't to see a pretty picture, it's to go through the effort of trying to predict it: the point is that gut checks on what's reasonable and what's not, if they're based only on day-to-day life, are completely wrong when things scale up or down a lot. You have to see how the rules change at small and large scales to realize how fundamental the shift is.
So do it yourself. Because until you do, the fact that you and the source you apparently trust haven't absorbed the lesson is going to be very visible to everyone who has.
That is correct. And also the various assertions that the 4th doesn't restrict private entities.
But shutting off an entire household's internet access, let alone taking their computers, is seizure, not talk, and requires either consent or legal authority. So the 4th applies.
The police may not search your car without explicitly-stated consent. If they can see it through the windows that's fine, but that's looking, not searching. The police also may not revoke your license just because someone made accusations - the police themselves can't do it even if someone provides evidence.
The *AA's want to turn ISPs into police who _do_ have the authority to search, not merely to look, and to revoke not just your license but the licenses of everyone in your entire household just because somebody leveled an accusation.
Maybe you don't use the net much in your work. I don't much, now, but permanent team IRC or skype or AIM chats are widespread professional practice. Net access is very definitely as important to many people as a driver's license, and more so to quite a few.
Considering that certain other browsers (Firefox and Safari) experience many more security bugs these days, combined with the fact that none of these offer sandboxing, the recommendation does seem a bit odd.
The rest of your post, including the sandboxing point, deserves that 5. This one doesn't belong on the same page.
Everyone paying attention can see that Firefox (and open-source general practice) reports and patches as critical security holes bugs for which there's only theoretic or even just heuristic evidence of a potential security breach, while Microsoft's usual reports are of bugs that have actually been exploited and are often actually leaking data in the wild, and eventually releases patches for those.
Microsoft, understandably given their nature as a marketing company, is only too happy to persuade the gullible that the two different counts are comparable.
Joel's argument is wrong in cases where it isn't the code that's bad, but the design. If internal boundaries are set wrong you're going to be essentially rewriting every part of the system with things on the wrong side anyway, and you know what doesn't work and what does in the code you're looking at while rewriting. I'm speaking from experience, rewriting drop-ins for two medium-sized subsystems and completely redesigning one substantial one.
Now, his point is subtly different from a what's-best-for-the-code argument: he's saying it's strategically bad at the corporate level, and discussing corporate-level rewrites of an entire product. I think that's interesting, because what I did was at the separately-installed-subsystem level, on code running in its own address space. Smaller companies have made a business out of selling things at that scale, and I can see that the exact same work on separately-sold products in a smaller company would be a strategically bad risk ... for the company.
But not necessarily for the product itself. He's talking about Netscape in 2000. It's ten years farther along now, and I think Firefox in 2010 pretty much QED's that.
So you don't have to carry all your terabytes of media with you everywhere? Bandwidth cost for a DVD is ... down around nothing.
You think marketing-driven companies don't put real value on tracking your habits? Spend some time thinking about how the supermarket discount card deals are set up. Notice there aren't any "points" or anything to manipulate you into coming back to Ralphs or Vons or wherever. They know how to do it effectively, but they don't.
I didn't say anything I didn't say, dude. I said they don't insert ads. They don't insert ads. If I send a note to my wife, she sees my email, not their ads, because they don't insert ads.
but let's be honest
I like their service. I said why. You can take that snide little remark and shove it up your ass.
You really, really haven't been paying attention, have you?
Lemme guess: you think hotmail doesn't datamine. You think yahoo doesn't datamine. These companies think so little of their users' privacy that they treat their users' private email as if it were their own private billboard, and you think they don't datamine.
This is really stretching the "can be adequately explained by stupidity" half of the old dilemma, dude.
I didn't know that about the ads. If they also provide 7G space then I can't think of any concrete reason to prefer google's over aol's, just taste and ephemera.
All the major media companies except Disney and Apple are supporting a media-purchase-validation system that won't work unless your purchase is DRM'd. Disney and Apple are proposing one that works equally well with un-DRM'd media.
Jobs is at it again.
When it comes right down to it, if you've met the guy, talked to him, and are actually going to use his card, then he's already made an impression on you. If a corrected typo is going to sway that, you're the lightweight.
Why is gmail better than hotmail or aol?
God. 76367,556 and it's been well over 20 years.
Just what I want from a law enforcement agency, eh?
The problem here is, of course (or, that is, "of course" to anyone who bothers trying to find out about Interpol), that Interpol doesn't have any agents that enforce laws.
They're a clearinghouse. They're the liaison organization for international crimes, they know what the laws are in multiple countries and which organizations do which things in them all.
In particular, terrorist organizations commit international crimes. Interpol tracks them, just the same as they do international jewel thieves and drug rings and assassins. Wanna guess why the President wants their records immune to U.S. FOIA laws?
But the soi-disant "news" channels don't report any of this, of course. It wouldn't sell ads.
The principle of diplomatic immunity is ancient and absolute.
Other countries grant the same to select organizations, including diplomatic staff, on their soil, and have for thousands of years.
Doing so for INTERPOL is really unremarkable to all but the tinfoil hat crowd. And, of course, to the teabaggers.
That is just one method in which the citizens of the United States can unite despite certain minority groups wanting to tear them apart to satisfy their own agendas.
No doubt methods like that work very well where you can punish people for visibly regarding them as idiotic. Please, though, do try curb the bestiality out here, in public? It sets a bad example for the children.
Seriously, rape is not a major problem in our country. You're more likely to die from a terrorist attack than from being raped. Really.
Seriously, cargo-cult mockeries of reason like that are not a major problem in our country. You're more likely to die from a terrorist attack than you are from such bestial so-called "conservatism". Really.
Selling media in any particular form is always going to be superseded, but the music industry itself, getting popular music to the populace, has done nothing but grow. The sheet music industry was the music industry. Now it's not.
I don't think it's possible to intelligently discuss copyright and distribution issues without addressing everything in Macauley on Copyright. I think anyone who's going to tl;dr that should stfu. Because I think he saw, 168 years ago, every relevant facet of the problem we're facing today. There's a payload quote in there, but I refuse to quote it. Context matters, and I'm tired of unconsidered repetition of talking points.
Wanna bet DRM for news and advocacy broadcasts isn't in the offing, rendering criticism with plainly dead-on-target quotes like this illegal?
the music industry
the sheet music industry
n/t