Hi,
Cross posted from gnupg-users, with author's authorization, with
attributes CC BY-ND.
Some points for further thought.
Charly
=====================================================================
In fact, it's quite a bit worse than that. Your traffic is secure only
so long as both endpoints are secure. Depending on who does the
numbers, 15%-30% of all desktops are pwn3d. Even if your desktop is
safe, the odds aren't good the other end will be, too.
There are many reasons why I feel OpenPGP is more or less irrelevant in
the world today, outside of some very special case scenarios. This is
one of the big ones: OpenPGP's necessary precondition -- that our
endpoints are both securable and secured -- is not met.
The subject line may be provocative, but please don't think I'm arguing
that it's not useful. I don't know. I just had an idea a couple of
days ago, and I figure it might be worth some discussion.)
OpenPGP takes its origins from ClassicPGP, which in turn comes out of a
military threat model of the sort that was more or less standard policy
everywhere from WW2 forwards:
1. Attackers can apply significant resources to interception, and
they already know who they want to intercept
2. Communication technicians are trained, skilled and motivated
3. Communication channels are centrally defined and structured
4. Communiqués must be secure for decades or more
There are other elements, but these four are what interest me right now.
OpenPGP defends quite neatly against point one, point two explains why
it's okay for OpenPGP to have a learning curve like the Matterhorn, the
Web of Trust (which is to say, a loose confederation of CAs) follows
from point three, and long-term security is point four.
Now, while there are still environments in which those four criteria
hold, the modern day seems to mostly be governed by four different
principles:
1. Attackers need distinguishment more than interception
2. Defenders are unskilled and perhaps incompetent
3. Communication channels are ephemeral, media-hopping and ad hoc
4. Most people don't care if an individual email — or even a series
of them — gets compromised
"Distinguishment versus interception" may need some explanation.
Intercepting communications is not very hard: finding what
communications need to be intercepted is a labor of Hercules. We are,
figuratively speaking, drowning in a sea of irrelevant and useless data.
The major task is not being able to read the information, but being
able to pick signal out from noise. Distinguishment — differentiating
signal from noise — is more important than interception — picking up the
signal once you know what it is.
With respect to communication channels being ephemeral, media-hopping
and ad hoc: today it's not unusual for a conversation to begin in SMS,
hop to Facebook, migrate to email, and finish on IM. Whatever tool we
use to secure our messages needs to be as media-agile as our conversations.
And finally, most people simply don't care if their emails get read.
Open a stand outside a McDonald's offering "FREE BIG MAC AND FRIES FOR
YOUR EMAIL SERVER PASSWORD" and see how many coupons you give away.
Odds are good that the loudest voices of outrage would come from Burger
King and Wendy's, and they'd shut up once you set up booths outside
their restaurants, too.[*]
... So, finally, here's my Modest Proposal. Encrypt each communication
(Facebook post, SMS, whatever) with a random 40-bit key. Throw the key
away. Send it. The only way for your recipient to recover the key is
to brute-force the message. By our existing standards this would be
absolutely crazy: and yet, it would foil large-scale Hoovering of email
messages (adding that work factor to each email message would make
large-scale analysis difficult), would address point 2 by getting rid of
the learning factor ("install this plugin and that's all you have to
do"), would address point 3 by being broadly applicable over a large
swath of the problem domain, and if someone recovers a particular
message anyway... well, as point 4 shows us, "meh."
(Note: if the phrase "Modest Proposal" wasn't enough of a giveaway, this
is not a serious proposal. It's a thought experiment, just something I
found to be interesting enough to spend a few minutes contemplating.)
[*] Some years ago while teaching a computer literacy class, I had the
undergrads reading David Brin's "The Transparent Society." In it, Brin
suggests offering a free Big Mac with a mouth swab and driver's license,
and plugging these DNA samples into a database of unsolved crimes. He
cheerfully argues there are no privacy concerns since it is so obviously
a bad idea, and yet people will voluntarily choose to do it anyway
despite knowing it's stupid. The class had a good talk about this. The
next Monday a couple of students talked to me after class. "After class
last week, we went down to the Pita Pit. We were sitting around talking
about how stupid Brin's idea was and how he was wrong and nobody would
be that stupid ... and then we realized we were saying this while we
were filling out credit-card applications in order to get a free pita."
When I asked them what they did next, they shrugged. "We felt kind of
stupid. But we filled them out, got our free pita, and started talking
about something else."
You can lead a horse to water, and you can even give the horse a straw,
but...
===================
By Robert J. Hansen <r...@sixdemonbag.org>
Rob Hansen, freelance hacker, languages geek extraordinaire, and dabbler
in the black arts of information security.
<http://sixdemonbag.org/openpgp.xhtml>
_______________________________________________
gpgtools-users mailing list
gpgtools-users@lists.gpgtools.org
FAQ: http://www.gpgtools.org/faq.html
Changes: http://lists.gpgtools.org/mailman/listinfo/gpgtools-users
Unsubscribe:
http://lists.gpgtools.org/mailman/options/gpgtools-users/arch...@mail-archive.com?unsub=Unsubscribe&unsubconfirm=1
This email sent to: arch...@mail-archive.com
