[15784] in cryptography@c2.net mail archive
On `SSL considered harmful`, correct use of condoms and SSL abuse
daemon@ATHENA.MIT.EDU (Amir Herzberg)
Sun Jul 18 11:28:35 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sun, 18 Jul 2004 10:19:43 +0200
From: Amir Herzberg <herzbea@macs.biu.ac.il>
To: Ian Grigg <iang@systemics.com>
Cc: "'Cryptography'" <cryptography@metzdowd.com>
In-Reply-To: <40F81D87.7000302@systemics.com>
This is a multi-part message in MIME format.
--------------010904070405080500040307
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Ian Grigg called attention to the fact that the use (as by pgp.com) of a
lock in the FavIcon position (in the location bar) can be abused in site
spoofing/phishing attacks, to fool users to think that a page is SSL
protected, when it's not. In fact, this is part of Ian's `SSL considered
harmful` page (at http://iang.org/ssl/), `A page on the the harms and
devastations wrought by implementations of SSL.`. With apologies to Ian,
we recently saw another SSL-bashing by the folks in Artisoft, `SSL -
does it protect you or is it a condom open at both ends ?` (their PR guy
made a blunder of their technology... and their metaphor!).
I agree that the lock icon/logo as used in pgp.com may mislead users to
think this is a protected site. But I think there is a bigger threat
here. As your demo at http://iang.org/ssl/ shows, a spoofing site could
present the logo of the victim site. Now, most users don't even check
the SSL logo.
In fact, many `serious` web sites ask users to enter passwords etc. in
pages which are NOT PROTECTED, usually relying on a script in the page
to invoke SSL just before submitting the information; this implies that
a spoofing/phishing site can present the same content and collect the
unencrypted passwords... I found such vulnerabilities in many of the
most prestigious web sites, including Microsoft's Passport, Chase,
E-Bay, Amazon, Yahoo! and TD Waterhouse (see screen shots at fig 5 of
http://www.cs.biu.ac.il/~herzbea/Papers/ecommerce/spoofing.htm).
So my conclusion is: the problem is not with SSL/TLS, the problem is in
their current use by browsers (and we present a possible fix in the
paper). You can't sue the condom maker if it failed to protect it,
although you've put it on carefully - but too late. Or if your partner
promised to use it, but forgot.
So while `SSL is harmful` sounds sexy, I think it is misleading. Maybe
`Stop SSL-Abuse!`
--
Best regards,
Amir Herzberg
Associate Professor, Computer Science Dept., Bar Ilan University
http://amirherzberg.com (information and lectures in cryptography &
security)
--------------010904070405080500040307
Content-Type: text/x-vcard; charset=utf-8;
name="herzbea.vcf"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="herzbea.vcf"
begin:vcard
fn:Amir Herzberg
n:Herzberg;Amir
org:Bar Ilan University;Computer Science
adr:;;;Ramat Gan ;;52900;Israel
email;internet:herzbea@cs.biu.ac.il
title:Associate Professor
tel;work:+972-3-531-8863
tel;fax:+972-3-531-8863
x-mozilla-html:FALSE
url:http://AmirHerzberg.com
version:2.1
end:vcard
--------------010904070405080500040307--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
