Rich Freeman via plug on 11 Aug 2020 09:49:40 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] news |
On Mon, Aug 10, 2020 at 5:15 PM brent timothy saner <brent.saner@gmail.com> wrote: > > On 8/10/20 4:55 PM, Rich Freeman wrote: > > > > There is no attack that works on an "untrusted" (ie unauthenticated) > > encrypted connection that doesn't also work on an unencrypted > > connection. There are plenty of attacks that do work against > > unencrypted connections that fail against an unauthenticated encrypted > > connection. > > You interestingly leave out authenticated encrypted connections, which > is convenient. I left them out because nobody argues with the security of them. Unless you're really arguing that authenticated encrypted connections are less secure than unencrypted connections? > Step 1: "I have more trust (as a person/org) in this connection, because > it is encrypted and authenticated." > Step 2: Flaw/vulnerability in verification or encryption > Step 3: "I now trust (as a person/org) this fraudulent connection more > than other connections." > > You've now granted more trust *value* to the compromised connection than > to the unencrypted connection. Rightly so, because if you have the ability to exploit a vulnerability in step 2 with an encrypted connection, you can exploit the same vulnerability in an unencrypted connection. > > Can somebody execute a MITM attack against an unauthenticated > > encrypted connection? Sure. However, they can't just passively > > evesdrop on the connection, which they can do with an unencrypted > > connection. > > Which is my entire point, yes. As mentioned, you now have no option to > do that and place your entire trust chain in the hands of an external > party, unless you want to install your CA on all machines of your org. > Which is certainly a possibility, but the intranet is (should be) lower > risk than internet. I'm not really sure what you're taking issue with here. Is your argument that you don't like the design of web browsers where CA trust is an all-or-nothing proposition? If so I agree with you, but that isn't an issue with encryption - it is an issue with how it is implemented in a specific context. Browser encryption is pretty terrible - about the only thing that is worse is not using it at all, which seems to be what you're advocating for. -- Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug