> I'll go even further and respond to Dan's question earlier about the
> prevalance of end-to-end encryption on the web. I'd say I've *never*
> wanted or needed to protect the confidentiality of something I've sent or
> received on the web but have been unable to use SSL to do so.
>
> My bank, my broker and my home web server all support SSL, as do all
> the various commerce sites from which I have bought products or
> services with my credit cards. I'd say SSL is quite a success story.
Yes, it's a success story but no, it's not ubiquitous.
Finanicial services institutions use SSL with strong encryption very
consistently. Their auditors would not tolerate otherwise, and their
regulators and underwriters read the auditors' reports.
Almost all E-commerce sites always use SSL for forms that contain credit card
numbers and usually for forms containing personally identifying information.
They rarely do for catalog browsing, adding to shopping carts and the like
(I've only come across one site that does). As I've mentioned before,
sometimes one's browsings and purchases need to be kept private.
There are other sites that don't but should. For example, several sites that
I use regularly do not use SSL for passwords. I've complained, but it's like
complaining to a brick wall. A particularly annoying one is a site which
partners with my (personal) ISP to allow me to tunnel email through HTTP and
HTML. No use of SSL at all, even for password. Lloyd suggests not using
them. I don't make it a point to cut off my nose to spite my face: there are
times when the alternative is no access to personal email at all.
>
> But that's an entirely different issue from being able to hide which
> publicly-accessible web sites I surf to. That problem remains largely
> unsolved. Even end-to-end SSL wouldn't solve it if the URLs are
> substantially the same to everyone and SSL merely encrypts the
> contents of public web pages that anyone else can also fetch.
>
> I've experimented with surfing over a SSH tunnel to a public caching
> proxy, but that's still vulnerable to traffic analysis that correlates
> the plaintext going into the proxy with the encrypted traffic going
> back out to me. It's hard.
The attack you describe would be a difficult one to mount. It would require
either physical access to the link(s) to the cacheing proxy, an attack on DNS
to redirect you to a spoofed cacheing proxy, or an attack on the routing
system to route the traffic to a monitoring point. It would not be worth the
effort to find out that (for the sake of argument) you visited sex.com.
Perhaps if you were a politician or a celeb, it might be. But there are so
many more easily exploited vulnerabilities that this one seems relatively
unimportant.
Of far greater relevance to this discussion is the simple act of snooping
one's neighbor's wireless home network, or a cable TV data system or a 2.5/3G
cellular system. The assets that you want to protect are trivial to obtain
without any kind of subnet encryption, and difficult to a degree proportionate
to the strength of the mechanisms deployed otherwise. Malicious gossip and
even petty blackmail -- except, perhaps, of public figures -- have a value to
most attackers that is proportionate to simple attacks, but not to highly
sophisticated ones.
Perhaps one point that I've tried, but failed, to get across in this debate
has been that perfect security is obtained only by not trying to communicate.
The challenge is to see to it that mechanisms are proportionate to the assets
being protected and the perceived threats to those assets.
>
> Phil
>
Dan
This archive was generated by hypermail 2b29 : Mon Jan 28 2002 - 09:12:29 EST