On Saturday 07 May 2005 07:21, Frank Hecker wrote: > Duane wrote: > > "Keystroke loggers are rapidly becoming the lure of choice for phishers. > > Their advantage is that they compromise information long before the > > information has a chance to be encrypted." > > > > http://it.slashdot.org/it/05/05/05/1920253.shtml?tid=172 > > And IMO this in turn means we should not let ourselves get distracted to > the point of single-mindedness by the whole issue of SSL certs and what > protection they provide (or should provide), but rather also focus on > minimizing the possibility that Firefox and other Mozilla-related > products will be vectors for getting keystroke loggers and similar > programs onto users' systems. This means not only addressing bugs > causing vulnerabilities but also securing the "distribution chain" for > Firefox-related code, particularly extensions, including whatever role > code object signing might play in that.
Certainly the whole process is riddled with holes. Back in 2003, 2002, we recognised there was a window of opportunity to close out the cert holes and deal with phishing, but that window closed during 2004 (see my blog on "snail" if this doesn't make sense). The browsing process is now to be beset by attacks at all stages of the chain, as you put it. The attacker is well funded and is more directly motivated than you are, in the narrow technical sense of being paid for each successful effort whereas there is no easily identifiable incenctive for the defender. At the tactical sense, this is most efficiently dealt with by waiting for attacks to arise. But to deal with security fully in an aggressive environent (a new thing for browsing) is going to take a strategic approach. I've been musing on what makes for a security project at the strategic level, and so far I've identified 14 points. OpenBSD scores 12 on my list as the leader, and Mozilla is around 6 (ahead of Java, Microsoft, Ciphire). The things that MoPro lacks include a "director of security", as we've oft discussed, a clear set of agreed goals, an integration across the various turfs, and not least of all an understanding that there exists a problem (I mean outside the narrow confines of the crypto list, I think we are all agreed here that there is a big problem). iang -- http://iang.org/ _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
