Re: Public Policy and Consumer ISP Hygiene (was Comcast pop-ups)

[Valdis.Kletnieks () vt edu]

On Sun, 11 Oct 2009 23:31:08 CDT, Dan White said:

> 1) Educating users on proper use of anti-virus and anti-malware tools - and
> being ADHD about installing OS updates.

No, you *don't* want them being ADHD about OS updates. You want them
to be obsessive-compulsive about it.  Somebody wit OCD will be going
back and checking "Am I patched? Did I patch in the last hour? I better
check again to be sure".  Somebody with ADHD will end up visiting
http://windowsupdate.microsohlookachicken.com

> 2) Replacing SMTP with something sane and secure. SMTP has got to be IETF's
> biggest failure.

Actually, SMTP is probably the IETF's best example of "so frikking successful
that everybody jumped on the bandwagon, moving the goalposts in the process".
The fact that it works at *all* 27 years after RFC821 is a demonstration
of how well-designed it was...

> 3) Doing what we can to develop and increase our participation in a public
> key infrastructure and IPSEC.

Unfortunately, most of the problems we have would *not* be fixed with more
crypto and IPSEC (with the exception of closing down unencrypted wireless and
making the standard there WPA2 or a better follow-on).  I mean, *seriously*,
how often do you hear of successful sniffing attacks on copper or fiber,
compared to the number of attacks where a keystroke logger or website hack
got the unencrypted goods at the endpoint?

You want to fix something - come up with a good way to enhance the trust for
websites that load from multiple places.  Go read Schneier's "Secrets and Lies",
he has a good chapter on SSL snake oil, but to sum it up with a re-quote
of an example from yesterday:

If I'm on msnbc.msn.com, and click a link that takes me to discovery.com,
what reason does my browser have to trust the Flash content that gets
loaded from mstories.vo.llnwd.net?  (Hint - your scheme has to work even
if discovery.com is compromised - if the hacker can change the link, there's
a good chance that if you depend on a digital signature of the page containing
the link, he can re-sign the page as well.  Probably not for discovery.com,
which likely has separate devel and prod machines and the signing can happen
on the devel boxes - but there's a *lot* of "update in place" websites that
would almost certainly have the signing keys on the webserver.  Bad idea,
I know, but it's gonna happen.

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.