Security team successfully cracks SSL using 200 PS3's and MD5

Joe Greco jgreco at
Fri Jan 2 21:33:05 UTC 2009

> On 2 Jan 2009, at 12:33, Joe Greco wrote:
> > We cannot continue to justify security failure on the basis that a
> > significant percentage of the clients don't support it, or are  
> > broken in
> > their support.  That's an argument for fixing the clients.
> At a more basic level, though, isn't failure guaranteed for these kind  
> of clients (web browsers) so long as users are conditioned to click OK/ 
> Continue for every SSL certificate failure that is reported to them?

Yes.  This is a major problem.

> If I was attempting a large-scale man-in-the-middle attack, perhaps  
> I'd be happier to do no work and intercept 5% of sessions (those who  
> click OK on a certificate that is clearly bogus) than I would to do an  
> enormous amount of work and intercept 100% (those who would see no  
> warnings). And surely 5% is a massive under-estimate.

Yet I do not particularly wish to ignore the problem, just because we do
not have a completely comprehensive solution to the problem that solves
every case and prevents every mistake.

The Firefox changes to really draw attention to certificate issues is,
regardless of what people have said about "usability" and "practicality,"
an important step.

However, there's something else being highlighted here.  SSL certificates
have a major failing in that it is really spectacularly annoying and
difficult for some people to acquire them, and/or the value in paying more
than a trivial sum (or any sum) is hard to justify, etc.

For example, I have absolutely no desire to pay even a modest $15/year
per device to get all my various networking devices to have legitimate
SSL certificates; instead, we run our own local CA and import our root
CA cert into browsers.  It's cheaper, *more* secure, etc.  Nobody but us
will be logging into our devices, and our browsers have the local root CA

Now, many sites just don't see the need, and self-signed certs are
the result.

This would seem to point out some critical shortcomings in the current SSL
system; these shortcomings are not necessarily technological, but rather
social/psychological.  We need the ability for Tom, Dick, or Harry to be
able to crank out a SSL cert with a minimum of fuss or cost; having to 
learn the complexities of SSL is itself a "fuss" which has significantly 
and negatively impacted Internet security.

Somehow, we managed to figure out how to do this with PGP and keysigning,
but it all fell apart (I can hear the "it doesn't scale" already) with SSL.

... JG
Joe Greco - Network Services - Milwaukee, WI -
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

More information about the NANOG mailing list