A condom with an invisible hole is worse than no condom.
At 12:37 PM 5/17/00 -0500, John Kelsey wrote:
>Having some not-trivially-breakable crypto is better than
>nothing for preventing untargeted attacks, where someone's just
>looking at the traffic that goes by, checking for anything
>interesting. That's honestly the right threat model for most people
>to worry about.
Fine, but the user must be *aware* of their flimsy door locks. Lest they
act as if they had strong protection, and leave something valuable
around. This is why MS is negligent (intentionally or accidentally).
Unlike metal locks, Joe User can't tell whether he's got a cheap toy or a
serious security system. (Oh yes--- an entry in a log. How nice.)
Unlike the metal-lock world, with bit-theft, you'll never know you've been
ripped off.
>A targeted attack is different. In that case, someone is willing to
>spend real resources to read certain traffic you're sending or
>receiving.
But if you're using encryption, you must be doing something *interesting*,
and your message is worth reading off line. And maybe initiate some traffic
analysis on you and your correspondents while waiting for the Bombe to finish.
This "crypto=interesting" principle is valid until most net traffic is
encrypted. (This is a complement of the "why use crypto? what have you to
hide?" fallacy.)
Giving out free condoms with pinholes is.. criminally negligent.
So is (effectively) silently degrading to 1DES. Microsoft is giving
condoms with pinholes to teenagers (the cryptonaif public). S/WAN
is wisely checking for porosity first, and refusing to tango.
(One could imagine a really amusing 101 billboard using this metaphor..)
IMHO
