OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Crispin Cowan (crispinwirex.com)
Date: Mon Jan 15 2001 - 13:08:41 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Kurt Seifried wrote:

    > > > If you need "real" security I'd advise using a hardware solution, if an
    > attacker
    > > > does break in they can sign messages/etc but not retrieve the secret key (or
    > so
    > > > most vendors would claim).
    > >
    > > ...which, even if it were true, buys you absolutely nothing, since you
    > > can still make the hardware solution to encrypt or sign whatever you
    > > want with a trojan.
    > >
    > > Kurt, why do you always make so broad and false claims?
    > > What has do happen to make you learn? First, the Debian debacle, then,
    > > the SSL/SSH debacle, now this. It sickens me.
    >
    > What part of "I'd advise using a hardware solution, if an attacker does break in
    > they can sign messages/etc but not retrieve the secret key (or so most vendors
    > would claim)." did you not understand?

    Kurt is correct on the secret key issue: the only way to protect a secret key that
    has to be chronically accessible for signing is to use a dedicated hardware
    solution to sign stuff. In all other cases (i.e. where there's something besides
    message signing on the machine holding the private key) the attacker has at least a
    potential opportunity to obtain the private key & run for it. Having your private
    key stolen is far, far worse than having some bogus messages signed with your
    private key.

    > As for the debian thing, what was wrong? They do not sign packages, they do
    > exceedingly bizarre things with "frozen" code, etc. As for SSL/SSH please point
    > out factual errors so I can correct them. Bite me.

    I don't know what "the Debian" thing was, but the SSL/SSH article was a mistake.
    Kurt pitched MITM as if it was a bug in the protocol specification or
    implementation of SSL/SSH, when in fact it is a fundamental limitation of network
    cryptography. This is likely to confuse newbies. Yes, newbies need to be aware of
    the MITM problem, and the limitations of PKI, but you don't do that with the
    Chicken Little approach.

    > P.S. I am sick and somewhat grumpy.

    So am I, but what do our personality traits have to do with this thread? (Ducks!
    Kidding! Kidding :-)

    Crispin 

    --
Crispin Cowan, Ph.D.
Chief Research Scientist, WireX Communications, Inc. http://wirex.com
Free Hardened Linux Distribution:                    http://immunix.org