Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 22 Aug 2013 20:19:30 +0800
From: Pavel Labushev <pavel.labushev@...box.no>
To: oss-security@...ts.openwall.com
Subject: Re: HTTPS

On Wed, 21 Aug 2013 14:13:55 -0600
Kurt Seifried <kseifried@...hat.com> wrote:

> Right now the bar is so low as to be in the negative scale. Using
> HTTPS instead of HTTP raises it, the attacker now has to compromise
> the server, if they can do that, they could have also done it before
> most likely, so adding HTTPS doesn't make things any worse/riskier.

I didn't say HTTPS could make it riskier. And since you seem to put
words in my mouth, please, read carefully what you're replying to.

> I'm honestly tired of the "we shouldn't change the status quo of no
> security because we might not do the new security perfectly", guess

I didn't mean or say that neither. I objected to calling HTTPS "a good
approximation" to content signing. Because:

- It's not. It just doesn't address many problems and risks that
content signing does, and that were proven to be statistically (even
more) significant in practice.

- When someone calls HTTPS a good approximation to content signing or
something like that, expect no other integrity/authenticity checking
measures to be implemented. I wonder, are there any major practical
examples that prove the contrary? Doesn't seem so.

Besides, content signing isn't perfect or even isn't something new, at
all. It has been available for more than a decade. It even has known
issues, including unsolved or even unsolvable (in practice) ones. Yet
it's much more suitable for the task than HTTPS.

I'm tired of people who propose flawed or inappropriate solutions on the
premise of "doing something is better than doing nothing" when at the
same time there are better solutions available and practically
applicable, many of which are even considered to be common practices.

There are variations of that misguiding fallacy:
- "The perfect is the enemy of good"
- "Perfection is unreachable"

Except the proposed half-measures are usually not good at all. And their
good available alternatives are not perfect. Just like HTTPS is not good
as a replacement to content signing, and content signing is by far not
perfect yet is reachable (applicable) pretty much.

Sure, it's much easier to just plug HTTPS in and go like "ok, it's good
enough". No, it's not. Even statistically - it's not.

> what: you're not going to get any better at this without practise,
> when I was in my early 20's O bought a copy of stronghold and an SSL
> cert for seifried.org, Thawte had no idea how to sell a certificate to
> an individual (as opposed to a company), we compromised on a scan of
> my passport (since I had no business papers for it, being that it was
> just my name and not a company). Did I deploy SSL properly? in

All this is just totally irrelevant.

> retrospect not really. But that's why we do things, find the mistakes
> and then correct them. And the only way to find a lot of these

Well, as long as we're talking about HTTPS, I don't see any mistakes
that were corrected. It has many flaws, and even though solutions do
exist for some of them, it's like no one cares to implement and/or use
them. HTTPS is being misused, over-advertised, inappropriately
implemented, overcomplicated and in many cases provides false
sense of security instead of any due security.

> mistakes is to actually do it. We can sit around and discuss possible
> issues till the cows come home but that's not going to really help anyone.

Was I just told to shut the fsck up? The issues are not "possible" but
real. So I refuse to follow your advise and instead will continue to say
against implementing ineffective half-measures and spreading false sense
of security. And perhaps it's you, for whom you should "set up a room",
where you could speak of behalf of anyone.

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.