On Sat, Sep 13, 2014 at 4:13 PM, [email protected] <[email protected]> wrote:
> I can't find any Wickr UI to access a key fingerprint. > FWIW I can't either, at least not on Android. > We don't really discuss what should happen after a user finds that the key > fingerprints don't match. Do they just switch communication systems? Report > to some sort of community or authority? Hire a lawyer? The strength of the > protocol for dealing with identity errors determines that value of a key > verification ritual. > This issue has come up before in the case of transparency logs and perhaps we need to more seriously consider it. If I detected a mismatch and I were *sure* that the server had misbehaved I would try to capture some basic forensics, publicize on lists like this and elsewhere, and hope that whatever reputation I have within security circles will convince a few folks the server is not be trustworthy. The service provider would almost certainly dispute my claim (either it actually would be my mistake, or if I found a real MITM attack they'd need to dispute my claim to preserve their reputation). Meanwhile there's a risk there would be some number of cranks reporting spurious errors, possibly more than real errors. So it's not clear exactly how much security we'd gain. I agree with Tom's point that this is a relatively small amount of code to have an option deep in the settings to expose the actual key fingerprints used for each message and I personally wish all proprietary apps did this. But they might rationally view it as a negative feature if it led to spurious reports and criticism and didn't effectively prevent real attacks. There's also an argument to be made that with any proprietary app, the fingerprint UI could be subverted anyways by pushing a backdoored version of the app. This is definitely a harder attack though and more likely to be spotted conclusively by an honest insider or somebody decompiling the source.
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
