LinkedIn password database compromised

Rich Kulawiec rsk at gsp.org
Thu Jun 21 12:56:06 UTC 2012


On Wed, Jun 20, 2012 at 12:43:44PM -0700, Leo Bicknell wrote:

(on the use of public/private keys)

> The leaks stop immediately.  There's almost no value in a database of
> public keys, heck if you want one go download a PGP keyring now. 

It's a nice thought, but it won't work.   There are two large-scale
security problems which prevent it from working:

1. Fully-compromised/hijacked/botted/zombied systems.  Pick your term,
but any estimate of this population under 100M should be laughed out
of the room.  Plausible estimates are now in the 200M to 300M range.
Any private key present on any of those is accessible to The Bad Guys
whenever they can trouble themselves to grab it.  (Just as they're
already, quite obviously, grabbing passwords en masse.)

2. Pre-compromised-at-the-factory smartphones and similar.  There's
no reason why these can't be preloaded with spyware similar to CarrierIQ
and directed to upload all newly-created private keys to a central
collection point.  This can be done, therefore it will be done, and when
some security researcher discovers it, the usual excuses and justifications
will be made by the designated spokesliars for the companies involved...
which will of course keep right on doing it, albeit perhaps with more
subterfuge.

Problem #1 has been extant for ten years and no (meaningful) progress
whatsoever has been made on solving it.

Problem #2 is newer, but I'm willing to bet that it will also last
at least a decade and that it will get worse, since there are
substantial economic incentives to make it so.

---rsk




More information about the NANOG mailing list