Jeremy Morton wrote:
> Nelson B wrote:
>> Jeremy Morton wrote:
>>> Re: bugzilla bug #383183 comment #52:
>>>
>>> So just to confirm, you're saying that there is no difference in
>>> security between submitting a username/password via HTTP and via HTTPS
>>> with a self-signed SSL cert?
>> http is vulnerable to passive attack ("sniffers").
>> https with self-signed certs is not vulnerable to passive attack.
>> That is the only essential difference.
>> Both are vulnerable to active attack.
>> Both are *trivially* attacked by MITM attackers.
>
> Right, I realise all of that.
>
> I guess my question is whether you have any reliable statistics as to
> what kind of number of passive attackers there are out there vs active
> attackers. Are there literally virtually no passive attackers? If so,
> not distinguishing HTTPS w/ self-signed in the chrome would make sense.
> However if there are a significant number, that 'essential difference'
> is still important, no?
No.
The vast majority of attacks today are active. One of the few types of
places where passive snooping opportunities still exist is at WiFi hot spots.
15 years ago, Ethernet networks (the most common kind in corporate settings)
all used "hubs" (technically: multi-port repeaters) that retransmitted all
packets on the network to all systems connected to the network. Sniffing
was rampant in those days. But today, Nearly all "hubs" have been replaced
by switches, which selectively route packets based on IEEE 802 MAC addresses
to their next hop, and most systems with Ethernet connections see only
their own traffic and true broadcast packets. Unicast packets just aren't
sniffable in most Ethernets today. Yes, some switches can be programmed to
copy all traffic to a single port for sniffing purposes, but that's an
active attack - it requires control of a network node.
Most users of cryptography (all forms, not just https or SSL) mistakenly
assume that "encrypted" means that no one but the intended recipient can
read the traffic in the clear. (Many mozilla developers even make that
mistaken assumption.) But we know that's simply not true for
unauthenticated encryption.
If we give the users a sign (an indicator) that the traffic is encrypted,
even when it is unauthenticated, the vast majority of users will think
"Oh, my traffic is encrypted, so I have no worries; no one can read my
traffic except the intended recipient". We want to avoid misleading our
users in that way.
Since the users tend to understand any such indicator as meaning that
their traffic cannot be read in the clear except by the intended
recipient, we want the indicators to mean exactly that. That is why
we do not propose to offer an indication of encryption without authentication.
--
Nelson B
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
