Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Monday November 21, @04:38PM   Printer-friendly
from the one-at-the-time dept.

Last week Bruce Schneier published An Untrustworthy TLS Certificate in Browsers and now Ian Carroll has published Security concerns with the e-Tugra certificate authority.

Ian is best known for the death of the EV (Extended Validation) certificates. He legally registered a colliding entity name and then got an EV certificate for his site stripe.ian.sh. As this site is not online any more, a good write up of this is Extended Validation Certificates are (Really, Really) Dead by Troy Hunt.

Troy Hunt is also known for his website ';--have i been pwned?.

Schneier suggests that it might be time to disable / remove trust for the following Certificate Authorities (CAs):

  • TrustCor
  • E-Tugra

Cory Doctorow gives a very good explanation the the problem in general and its causes here. Basically, we are just too trusting and we believe that others are looking after our interests. It appears that they are not.


Original Submission

 
This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Insightful) by Anonymous Coward on Monday November 21, @07:03PM (1 child)

    by Anonymous Coward on Monday November 21, @07:03PM (#1280866)

    The problem I see with this approach is that there is no obvious useful action that a web user can take in response to such a warning.

    Huh, what are you smoking? If the site is your bank, the useful action is to NOT log in and do your banking.

    If you're not sure if you can trust the cert you should NOT be using the site till you can confirm you can trust the cert. You can get your bank to confirm it for you.

    This applies whether or not you have this warning feature or not. The warning feature just makes it easier for you to notice potential dangers that you might not have noticed before. Without the feature the dangers don't vanish by themselves, they are still there.

    Your objections are as inane/stupid as objecting to a "bridge has changed unexpectedly" warning feature because there's no obvious useful action that a bridge user can take and the only options are:

      (a) ignore the warning and continue anyway, or
      (b) try again another day, hoping the problem goes away on its own, or
      (c) stop using the bridge indefinitely.

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  

    Total Score:   1  
  • (Score: -1, Troll) by Anonymous Coward on Monday November 21, @08:57PM

    by Anonymous Coward on Monday November 21, @08:57PM (#1280891)

    If you're not sure if you can trust the cert you should NOT be using the site till you can confirm you can trust the cert. You can get your bank to confirm it for you.

    Can you?

    You phone up your bank and ask them for the fingerprints of their current web certificates, and they give you usable information in a timely manner? Have you actually tried doing this? What about other websites? Do you just email the administrative contact in WHOIS? Does this give you useful responses often?

    This applies whether or not you have this warning feature or not. The warning feature just makes it easier for you to notice potential dangers that you might not have noticed before.

    The problem is that a warning like this, virtually every single time, will be a false positive. Clicking through the warning is therefore a sensible action. Users will simply be conditioned to ignore the warnings as there will be no way of distinguishing a real attack from yet another pointless warning.

    Your objections are as inane/stupid as objecting to a "bridge has changed unexpectedly" warning feature because there's no obvious useful action that a bridge user can take and the only options are:

    This is a straw man. There are many effective actions you can take when a bridge is out, such as taking a different bridge, or using a different method to cross. Nothing like this is possible with websites that have certificate errors.