nanog mailing list archives
Re: LinkedIn password database compromised
From: Peter Kristolaitis <alter3d () alter3d ca>
Date: Thu, 07 Jun 2012 09:36:18 -0400
On 6/7/2012 9:22 AM, James Snow wrote:
On Wed, Jun 06, 2012 at 11:14:58PM -0700, Aaron C. de Bruyn wrote:Imaging signing up for a site by putting in your email and pasting your public key.Yes! Yes! Yes! I've been making this exact argument for about a year. It even retains the same "email a link" reset mechanism when someone needs to reset their key. A common counter-argument is, "But ordinary Internet users won't understand SSH keys." They don't need to! The idea is easily explained via a lock-and-key metaphor that people already understand. The UI for walking users through key creation is easily imagined. -Snow
Oh yeah, I can just imagine that "lock and key" conversation now..."Imagine if the website has a lock on it, and you tell them what key you want to use by giving them a copy." "But if they have a copy of my key, couldn't they use it to open all of the other locks I've set up to use it?"
"(explain public key crypto)" "(drool, distraction by the latest Facebook feature)"The other problem with this approach is that, as bad as trusting remote sites to do security properly is, I'm not sure that putting a "one key to rule them all" on users' machines is that much better, given the average user's penchant for installing malware on their machine because "FunnyMonkeyScreensaver.exe" sounded like such a good idea at the time... I suspect we'd see a huge wave of malware whose sole purpose is to steal public keys (and you KNOW users won't password-protect their private keys!). Plus, now you have the problem of users not being able to login to their favourite websites when they're using a friend's computer, internet cafe, etc, unless they've remembered to bring a copy of their private key with them.
I think public key auth for websites is a great idea for geeks who understand the benefits, limitations and security concerns, but I have serious doubts that it would hold up when subjected to the "idiot test".
- Pete
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- LinkedIn password database compromised Lynda (Jun 06)
- Re: LinkedIn password database compromised Marshall Eubanks (Jun 06)
- Re: LinkedIn password database compromised Aaron C. de Bruyn (Jun 06)
- Re: LinkedIn password database compromised Jimmy Hess (Jun 06)
- Re: LinkedIn password database compromised Aaron C. de Bruyn (Jun 06)
- Re: LinkedIn password database compromised James Snow (Jun 07)
- Re: LinkedIn password database compromised Peter Kristolaitis (Jun 07)
- Re: LinkedIn password database compromised JC Dill (Jun 07)
- Re: LinkedIn password database compromised Aaron C. de Bruyn (Jun 07)
- Re: LinkedIn password database compromised Owen DeLong (Jun 07)
- Re: LinkedIn password database compromised Mark Andrews (Jun 07)
- Re: LinkedIn password database compromised Randy Bush (Jun 07)
- Re: LinkedIn password database compromised Sean Harlow (Jun 07)
- Re: LinkedIn password database compromised Randy Bush (Jun 07)
- Re: LinkedIn password database compromised Aaron C. de Bruyn (Jun 06)
- Re: LinkedIn password database compromised Marshall Eubanks (Jun 06)
- Re: LinkedIn password database compromised Leo Bicknell (Jun 07)
- Re: LinkedIn password database compromised jeff murphy (Jun 07)
- RE: LinkedIn password database compromised Matthew Huff (Jun 07)