[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Impact of Netscape kernel hole (fwd)
>It'd be nice to have more specifics about the whole situation, but
>regardless - any preliminary threat assessments? Exactly how widely
>exploited do you think this has been?
>
>Tim's post (although refuted by Marc) raises some serious issues since I
>suspect that Joe Public has his secret key sitting in c:\pgp\secring.pgp
>
>Some coherent input on the possible impact of this would be appreciated.
Basically the threat model is very simple:
Joe "slightly crypto-savvy pgp user" sixpack keeps his pgp keyring in
c:\pgp on a dos/w95 box. The average user of any of the unices keeps his
keyring in /usr/pgp or /usr/local/pgp it does not take a lot of attempts
to go through most of the common places.
The very same guy probably has a password that is:
A. FRED (notice how close the letters are, this is a real dumb-ass
password of the century)
B. His wifes name
C. Her birthday
D. The name of his favourite film or some character from it...
Can you say "dictionary attack"???.
I must admit I personally, against all the rules, keep my pgp secret key
on this box. This doesn`t worry be greatly because:
1. I have a strong passphrase.
2. This box is only on dialup, so is not connected for long, and I VERY
rarely use the web anyway, Its too slow, so I prefer ftpmail and ftp for
getting files. This corresondingly reduces the risk of me having used a
site that exploited this hole.
3. If I ever have anything to recieve that needs to be really secure I
use a one time key pair, so even the RSA key is one time. Most PGP mail I
send or recieve is fairly innocuous and the use of encryption is just
precautionary, ie. to stop nosy sysadmins.
What it basically comes down to is that Joe Sixpack, the guy most likely
to have his key compromised by this attack, is:
1. Not likely to be sending valuable enough mail to expend time mounting
even a simple dictionary attack on his key.
2. The least likely to know about, understand or respond to this flaw.
So basically the threat is the usual one: The stupid will get caught. If
you are sending highly criminal mail your key shouldn`t be on any machine
not 12 feet underground in a concrete bunker with 24 hour fully trusted
security guards, CCTV etc. etc. anyway.
Datacomms Technologies data security
Paul Bradley, [email protected]
[email protected], [email protected]
Http://www.cryptography.home.ml.org/
Email for PGP public key, ID: FC76DA85
"Don`t forget to mount a scratch monkey"