[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU/consensus] Eccentric Authentication again
From: |
Guido Witmond |
Subject: |
Re: [GNU/consensus] Eccentric Authentication again |
Date: |
Fri, 06 Sep 2013 17:53:17 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130704 Icedove/17.0.7 |
On 09/06/13 17:28, hellekin wrote:
> On 09/05/2013 06:02 PM, Guido Witmond wrote:
>>>
>>> Can you explain/point me to a resource where those steps (to
>>> avoid the mitm attack) are described?
>>>
>
>> That would be in the manual of the voice/video/chat package.
>> Usually it means validating a SAS (Short Authentication String)
>> once.
>
> *** You mean, beforehand, out of band? Doesn't it defeat the purpose
> of authenticating strangers?
Authenticating the SAS is part of the document where you do the
opposite: authenticating relatives after exchanging the keys via an
insecure channel.
You're right that it doesn't work for authenticating strangers. That's
the topic of the second part of the blog where I introduce my ideas on it.
> The MITM attack scenario nowadays seems quite... Normal.
>
> I mean, who trusts the X509 infrastructure after the Snowden
> Apocalypse? I thought the security model was "My node is secure.
> Everything else is compromised." And even that does not seem to be
> certain, so we *assume* our node not to be compromised.
Nope, the model has always been that the end users' node is insecure.
That's why everyone limits http-sessions with banks. They even forbid
people from letting their browser remember passwords.
To solve that, take a look at capability operating systems such as
genode.org. More necessary than ever.
Guido.
signature.asc
Description: OpenPGP digital signature