Re: [PLUG] news

Rich Freeman via plug on 11 Aug 2020 09:49:40 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] news

From: Rich Freeman via plug <plug@lists.phillylinux.org>
To: brent timothy saner <brent.saner@gmail.com>
Subject: Re: [PLUG] news
Date: Tue, 11 Aug 2020 12:49:15 -0400
Cc: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Reply-to: Rich Freeman <r-plug@thefreemanclan.net>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Mon, Aug 10, 2020 at 5:15 PM brent timothy saner
<brent.saner@gmail.com> wrote:
>
> On 8/10/20 4:55 PM, Rich Freeman wrote:
> >
> > There is no attack that works on an "untrusted" (ie unauthenticated)
> > encrypted connection that doesn't also work on an unencrypted
> > connection.  There are plenty of attacks that do work against
> > unencrypted connections that fail against an unauthenticated encrypted
> > connection.
>
> You interestingly leave out authenticated encrypted connections, which
> is convenient.

I left them out because nobody argues with the security of them.
Unless you're really arguing that authenticated encrypted connections
are less secure than unencrypted connections?

> Step 1: "I have more trust (as a person/org) in this connection, because
> it is encrypted and authenticated."
> Step 2: Flaw/vulnerability in verification or encryption
> Step 3: "I now trust (as a person/org) this fraudulent connection more
> than other connections."
>
> You've now granted more trust *value* to the compromised connection than
> to the unencrypted connection.

Rightly so, because if you have the ability to exploit a vulnerability
in step 2 with an encrypted connection, you can exploit the same
vulnerability in an unencrypted connection.

> > Can somebody execute a MITM attack against an unauthenticated
> > encrypted connection? Sure.  However, they can't just passively
> > evesdrop on the connection, which they can do with an unencrypted
> > connection.
>
> Which is my entire point, yes. As mentioned, you now have no option to
> do that and place your entire trust chain in the hands of an external
> party, unless you want to install your CA on all machines of your org.
> Which is certainly a possibility, but the intranet is (should be) lower
> risk than internet.

I'm not really sure what you're taking issue with here.

Is your argument that you don't like the design of web browsers where
CA trust is an all-or-nothing proposition?  If so I agree with you,
but that isn't an issue with encryption - it is an issue with how it
is implemented in a specific context.  Browser encryption is pretty
terrible - about the only thing that is worse is not using it at all,
which seems to be what you're advocating for.

-- 
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] news
  - From: brent timothy saner via plug <plug@lists.phillylinux.org>

References:
- [PLUG] news
  - From: jeff via plug <plug@lists.phillylinux.org>
- Re: [PLUG] news
  - From: Michael Lazin via plug <plug@lists.phillylinux.org>
- Re: [PLUG] news
  - From: brent timothy saner via plug <plug@lists.phillylinux.org>
- Re: [PLUG] news
  - From: Rich Freeman via plug <plug@lists.phillylinux.org>
- Re: [PLUG] news
  - From: brent timothy saner via plug <plug@lists.phillylinux.org>

Prev by Date: Re: [PLUG] news
Next by Date: Re: [PLUG] news
Previous by thread: Re: [PLUG] news
Next by thread: Re: [PLUG] news
Index(es):
- Date
- Thread