* Alyssa Rowan <[email protected]> [141014 14:39]: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 14 October 2014 12:59:48 BST, Ralph Holz <[email protected]> wrote: > > >On the second point - I am not quite so sure we should call it an attack. > >In my experience, there are quite a few companies that use these boxes for > >entirely legitimate reasons - > > Quite a few nation state attackers that have actually deployed them widely > would no doubt argue their use is also legitimate, likely for the prevention > of terror, disharmony, and other bogeymen. > > Regardless of the intentions behind their use, MITM proxies do subvert the > security properties of TLS as designed and deployed, and are thus correctly > regarded as an attack in the general sense. I think it should absolutely be > described as such.
+1. > > >especially in the context of industrial espionage. > > TLS interception proxies are indeed useful in that context: they present an > extraordinarily attractive vector for an attacker, especially when a target > has willingly deployed one and expects to see it in normal use. > > I contend that they are not as useful for counter-espionage as some may > think, especially given the additional threat they pose. Informed, consenting > people could instead grant permissions on the endpoints to someone wishing to > audit traffic (such as an antivirus utility), and this is the best place to > perform scans as presumably legitimate users have legitimate admin rights and > this does not affect the design or deployment of TLS. > > Also of course in most deployments, both ends have not provided consent, > which is worth bearing in mind in some contexts. > > Anyone who's deployed one of these TLS interception middleboxes should > perhaps take the opportunity to re-examine and test their assumptions about > their usefulness, necessity, and their security. I would probably recommend > they SHOULD NOT be used - there may be a valid reason in a specific > deployment, but the risks should be weighed up and normally I feel this > introduces more risk than it eliminates. To the extent it is accepted > practice, I feel that is a problem. The whole discussion is somewhat political - I don't like to go into that kind of stuff on technical mailing lists; but: it escalated after 9/11, most of us will agree on that. I'm not just talking about the US of A. There has been a global policy shift. In central europe privacy for snailmail and banking was taken for granted e.g. a century ago by the general populus. And the arguments politicians and lobbyists constantly bring up are simply bullshit. Successful police work or counter-intelligence is possible without ANY use of modern technology. There's literature en mass on that subject. Some intelligence agencies [0] even declassified their work on these subjects during - for example - the cold war. The same holds true for corporate espionage, controlling and so forth. I just do not see a valid point in subverting security/privacy protocols for the sake of policy and politics. But that's just my opinion, Aaron [0] - https://www.cia.gov/library/center-for-the-study-of-intelligence/csi-publications (there's acutally a lot more information on that subject out there but I'm convinced that you all know how to use google)
signature.asc
Description: Digital signature
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
