[154031] in North American Network Operators' Group
Re: LinkedIn password database compromised
daemon@ATHENA.MIT.EDU (Dave Hart)
Thu Jun 21 12:19:22 2012
In-Reply-To: <20120621125606.GA3760@gsp.org>
From: Dave Hart <davehart@gmail.com>
Date: Thu, 21 Jun 2012 16:17:41 +0000
To: Rich Kulawiec <rsk@gsp.org>
Cc: nanog@nanog.org
Reply-To: davehart_gmail_exchange_tee@davehart.net
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Jun 21, 2012 at 12:56 PM, Rich Kulawiec <rsk@gsp.org> wrote:
> On Wed, Jun 20, 2012 at 12:43:44PM -0700, Leo Bicknell wrote:
>
> (on the use of public/private keys)
>
>> The leaks stop immediately. =A0There's almost no value in a database of
>> public keys, heck if you want one go download a PGP keyring now.
>
> It's a nice thought, but it won't work. =A0 There are two large-scale
> security problems which prevent it from working:
>
> 1. Fully-compromised/hijacked/botted/zombied systems. =A0Pick your term,
> but any estimate of this population under 100M should be laughed out
> of the room. =A0Plausible estimates are now in the 200M to 300M range.
> Any private key present on any of those is accessible to The Bad Guys
> whenever they can trouble themselves to grab it. =A0(Just as they're
> already, quite obviously, grabbing passwords en masse.)
>
> 2. Pre-compromised-at-the-factory smartphones and similar. =A0There's
> no reason why these can't be preloaded with spyware similar to CarrierIQ
> and directed to upload all newly-created private keys to a central
> collection point. =A0This can be done, therefore it will be done, and whe=
n
> some security researcher discovers it, the usual excuses and justificatio=
ns
> will be made by the designated spokesliars for the companies involved...
> which will of course keep right on doing it, albeit perhaps with more
> subterfuge.
>
> Problem #1 has been extant for ten years and no (meaningful) progress
> whatsoever has been made on solving it.
>
> Problem #2 is newer, but I'm willing to bet that it will also last
> at least a decade and that it will get worse, since there are
> substantial economic incentives to make it so.
In both cases, the evildoers may only gain access to a
passphrase-protected private key. That doesn't help if the private
key is generated on a compromised system, but it helps if the system
is compromised after the private keys are generated, or if the private
key is generated elsewhere and loaded onto the compromised system.
And it doesn't help if the passphrase is easily guessed.
Cheers,
Dave Hart
