Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security The Internet IT

How Developers Can Rebuild Trust On the Internet 65

snydeq writes: Public keys, trusted hardware, block chains — InfoWorld's Peter Wayner discusses tech tools developers should be investigating to help secure the Internet for all. 'The Internet is a pit of epistemological chaos. As Peter Steiner posited — and millions of chuckles peer-reviewed — in his famous New Yorker cartoon, there's no way to know if you're swapping packets with a dog or the bank that claims to safeguard your money,' Wayner writes. 'We may not be able to wave a wand and make the Internet perfect, but we can certainly add features to improve trust on the Internet. To that end, we offer the following nine ideas for bolstering a stronger sense of assurance that our data, privacy, and communications are secure.'
This discussion has been archived. No new comments can be posted.

How Developers Can Rebuild Trust On the Internet

Comments Filter:
  • Easy trumps security (Score:5, Interesting)

    by rtkluttz ( 244325 ) on Monday July 20, 2015 @03:20PM (#50147879) Homepage

    As long as "easy" takes precedence, the internet will never be secure. It is absolutely impossible to have security between 2 parties when a 3rd is involved (CA's). It was done that way because it allows people who don't know anything to have SOME trust. But if there are people involved trust will be broken. 2 party authentication is the only way to solve the problems. If people don't know how to get secure credentials between themselves and another party then maybe they need the internet that still has training wheels and padded helmets.

    • >As long as "easy" takes precedence,

      Heck, getting it to work in the first place takes precedence over both. There are so many chunks of code were written in the fashion of "This should work, but it doesn't so I'll do it this wrong insecure fashion. 10 hours of messing around and it still doesn't work in the secure fashion, and gets put on the back burner. A year later someone else looks at the code and the original guy goes "oh crap, I forgot about that".

      • I'm afraid that the appearance of working is all that people really care about.

        You can sell "pretty" over functional any day, and "quick" over both, with "cheap" trumping all.

        Developers cannot fix this. Not unless they get far more organized than they are now. As long as developers do what management tells them and management's values are as previously described, insecurity and unreliability are going to be the hallmarks of software.

        And unreliable software is almost guaranteed to be insecure, so kiss all yo

        • It's a vicious cycle though, because on the other end you have users that don't really care about security or taking the time to educate themselves to use technology responsibly. Management could push having a robust and secure product, but by the time its built, someone else will have grabbed most of the market or the market will have changed enough that your product has no where near as much potential.

          I think that this is an area where open source software can do better though. If you or I find problem
          • It's a vicious cycle though, because on the other end you have users that don't really care about security or taking the time to educate themselves to use technology responsibly. Management could push having a robust and secure product, but by the time its built, someone else will have grabbed most of the market or the market will have changed enough that your product has no where near as much potential.

            A popular myth that justifies being hasty and sloppy.

            Which product defined the PDA? Apple's Newton or the later-arriving and more realistically-designed (for the limitations of the day) Palm Pilot?

            How about tablets? Microsoft was doing a tablet years before Apple.

            Anyone remember those big-name forums that predated Facebook? I don't.

            If you are lucky, being first-to-market will gain you some income, but somebody better can come along and sink you like a stone. You'll get some nice cash for a short period, the

            • by BVis ( 267028 )

              And if you're a continent-spanning bank or other long-established "respectable" business, it means that you have absolutely no business at all going for the fast-and-cheap.

              Why do you hate America?

              The point of for-profit capitalist companies is to make profit. You make more profit by reducing your costs and increasing your revenue. Building more-secure software increases costs and has no straight-line effect on revenues. Simply put, there's no market value in making secure products, because your average m

    • by dog77 ( 1005249 )
      If it is not easy, it won't get adopted, and if it does not get adopted what is the point. Ease of use and security need to go hand in hand. We pretty much have to trust 3rd parties. Our computer components, operating system, browser, applictions are made by 3rd parties. I am all for a better mechanism than CA for authentication, but this needs to be convenient. Distributing directly between 2 parties is not convenient. Allowing identifies (public keys) to be managed and audited by public trusted 3rd
      • by BVis ( 267028 )

        Ease of use and security need to go hand in hand.

        The trouble is, as I've also stated below, that it's very hard (read: expensive) to have both. Try to implement two-factor authentication and listen to your users howl. Require the use of a VPN in a corporate environment and listen to your CEO threaten you with termination if you don't make an exception for him. Make PGP keys available and watch nobody at all use the service. Require passwords to be updated every 90 days and prepare for your help desk to

    • 1. Stop trying to grab every last scrap of information from your 'user'. Stick with only what you actually need to provide the service.
      2. Stop routing all the data through your servers. Keep it on the user's cell phone.

  • Seriously, most of the problem is education. Encryption and not doing stupid things is the key. That and preventing users from booting Linux.

    • Seriously, most of the problem is education. Encryption and not doing stupid things is the key. That and preventing users from NOTbooting Linux.

      There fixed that for you.

      Seriously, Mac and Windows are far more security issues than even the most lax Linux distro.

      And homogenous environments, while in some ways easier to manage, are also a security nightmare simply because at attack at one point will equally work at another. In this respect, Linux is awesome - just mix up the hardware (PPC, x86-64, ARM, MIPS, Power, etc) between everything; you can keep a user homogenous environment while creating a very heterogeneous environment for attackers. N

  • The UK government categorically opposes anything that might be even slightly secure "think of the terrorists". I am sure others will agree with them.
  • Nada (Score:5, Funny)

    by DivineKnight ( 3763507 ) on Monday July 20, 2015 @03:38PM (#50148015)

    Sorry, we're too busy training our replacements. Perhaps they can help you....

  • by Kjella ( 173770 ) on Monday July 20, 2015 @03:53PM (#50148129) Homepage

    As much as Google, Microsoft, Apple, Facebook and everyone using the word "cloud" would like to convince you otherwise, you're handing over your data to third parties who you really got no control over how they'll use or secure your data. Or if they in turn have been compromised by hackers or the NSA or whatever. While there's certainly a few issues with direct communication too like how do you exchange keys safely they're much more limited in scope. But my impression is it's not about "How can we secure data?" it's "How can we still make you put all your data online in a post-Snowden world?" because that's how they make money...

  • by holophrastic ( 221104 ) on Monday July 20, 2015 @03:58PM (#50148163)

    I'm becoming more and more disappointed with my techie breathren for things like this. No part of life is anywhere near as safe, or secure, as the current internet already is.

    And yet, we trust all of it, every day, with things far more precious than our communication and finances.

    We even trust these things despite countless and routine and frequent demonstrations of catastrophic failures.

    We have political systems that squander money on a global level. And yet, we still elect leaders through campaigns of obvious horse-shit. Alex ran for student-body president 20 years ago on the basis of getting rid of homework.

    We also have roads. We have highways where anyone from across the planet can show up, 'accidentally' drop sand and ball bearings and tire spikes and chunks of metal.

    There is NOTHING that stops my car from flying off the highway at 140kph and falling 2'000 feet off the mountain.

    But good news! There is something stopping my car from slamming into an on-coming car -- at an impart speed of 280 kph, by the way -- there's a two-inch strip of yellow paint; sometimes two.

    And, as discussed earlier, every single day there're another many traffic collisions. And every single day, multiple people die in those collisions. It's so continuous, that the city actually pays for tow-trucks to sit at the edge of the highway in order to clear away accidents that much faster.

    So, my e-mails to my grandmother, and to my clients, my banking transactions and my phone bills, while all important, pale in comparison to the vitality of the many other things in my life.

    Oh yeah, and my front door, to my house, where I keep virtually all of my stuff, every one of my posessions, and many of my loved-ones -- some not able to protect themselves from a flood, let alone an intruder -- is protected by a very-easy-to-pick lock. Which wouldn't benefit from sophistimication because next to the door, is a big glass window.

    Oh yeah, and the alarm wouldn't cause police to show for about 10 minutes anyway. Oh yeah, and the house is mostly wood.

    Oh yeah, and my beautiful grass lawn, can be totally destroyed by anyone casually dropping a handful of dandilion seeds.

    Nothing we do is secured for trust. That's what the word trust actually means, by the way -- if things were proven secure, you wouldn't be trusting them.

    The internet is good enough as-is. Try focusing on the roads please. How about we trust hospitals to not screw up during surgery. How about we work on having enough water next year, or food during droughts, or maybe we could work on not killing people with military super-powers.

    These techies are stuck in the wrong rut. They (we) were supposed to be using technology -- like the internet -- as tools to solve real-life problems. This article discusses uses tools to solve problems with other tools. That doesn't help anything.

    Scratch that. Improving the security of tools does do one very significant thing. It's called one-upmanship, and it creates better criminals.

    Solve the global food problem. Not because people far away from me are starving -- I'm not responsible for them, I've got my own problems. Solve the global food problem so that I don't need to have my yummy cooking show show me a gorgeous sizzling steak, and then break to commercial to see starving children in africa, who've been starving for fifty years now. It does nothing more than to put me off my dinner, and ruin the cooking show..

    • Hey, keep your sane thinking to yourself. This is the Internet, buddy!

    • I have a front door on my house. If I have a company who is in charge of opening and closing the front door, I want to be damn sure they close it as securely as possible. If they leave it open, then there is a big problem.

      People have their lives stolen. It's not the same as dying but it's serious.
    • You are ignoring the aspect of scale. Spikes on the highway will only make the first couple of cars fly off, noone can break into 10.000 houses at once. But on the internet things like that are possible, that's why a secure internet is important.
  • by penguinoid ( 724646 ) on Monday July 20, 2015 @03:59PM (#50148171) Homepage Journal

    Publish a list of all developers who worked on a project, those who signed off on its security, and those who refused to sign off on its security. Also the names of anyone who has authority over the developers.

    • by Anonymous Coward

      Ah man, I wish I wasn't such a coward about sharing my name on the internets, because this should be modded up to nose bleed levels.

      Done is better than perfect, right? Make management happy and get a nice bonus/stock options and screw the customers.

      I've been the IT Ops manager telling the developers that they have vulnerable code facing the public, even going so far once as to show the dev manager a post on a script kiddie website about our servers being open to SQL injection, and begging for a fix, and I'

  • by Somebody Is Using My ( 985418 ) on Monday July 20, 2015 @04:11PM (#50148271) Homepage

    Here are "the nine ideas [for securing] our data, privacy, and communications"
    (for those of us too lazy to RTFA)

    - Add public keys to major services
    - Build better random number generators
    - Expand trusted hardware
    - Add Merkle trees to the file system
    - Build more block chains and extend them for others
    - Add chaining to Internet interactions
    - Build out cross-linked certified websites
    - Add homomorphic encryption
    - Add encryption

    Details on what each of those thing actually MEAN are in TFA, of course

    • by tepples ( 727027 )

      The repeated references to block chains and Merkle trees sound like someone has read the description of the Bitcoin protocol, is using the primitives described therein as a hammer, and sees Internet security as a nail. I'll explain some of them:

      "Add public keys to major services" means give people a means to publish PGP keys through services that most end users already trust.

      "Expanded trusted hardware" means personal handheld HSMs (hardware security modules).

      "Add Merkle trees to the file system" means file

    • - Add public keys to major services

      Public Key doesn't really get you much. Theoretically it means you're using a Certificate Authority (CA) to validate both sides; however, a centralized CA is still vulnerable and problematic. A Web-of-Trust system is harder to manage but can be more secure. In both cases everyone has to implement best practices and keep good key sets, which is often not the case.

      With PGP/GPG people tend to keep relatively short life-spans on their keys, even then that can be between 1 and 5 years. Still, this is better t

  • by Krishnoid ( 984597 ) on Monday July 20, 2015 @04:36PM (#50148427) Journal

    there's no way to know if you're swapping packets with a dog or the bank that claims to safeguard your money

    Those are my choices? I'm going with the dog.

  • Security (Score:3, Informative)

    by sexconker ( 1179573 ) on Monday July 20, 2015 @05:09PM (#50148651)

    Give me, your customer, a unique, self-signed cert.
    Let me, your customer, give you a unique, self-signed cert.
    Let us both agree not to trust any party claiming to represent either of us without first encrypting communication with those respective certificates.
    Let us both agree to a secure method for updating certificates that doesn't rely on any 3rd party or the internet. Perhaps we could meet in person at some sort of structure designed for the officiating of such business.

    DONE.

    Certs work if you cut out the governments and "trusted" root authorities by SELF-SIGNING, and NEVER perform initial certificate exchange over the very channel you cannot trust. Everything is encrypted and no one can fuck with it without compromising BOTH keys or breaking the encryption algorithm altogether.

    Yes, this is less convenient. Yes, you have to maintain unique certs for every account. Yes, it's worth it.

    • Perhaps we could meet in person at some sort of structure designed for the officiating of such business.

      So if you're buying from a business in another city or another country, perhaps you'd prefer to pay the travel industry to be your intermediary. Long-distance travel has always been the limiting factor of key-signing parties.

      • If the cost of securing communication isn't worth a trip, then that's your issue.
        Regular mail, land lines, and trusted (and legally accountable) services (escrow, lawyers, etc.) can be an intermediary if you so choose.

    • Yes, this is less convenient. Yes, you have to maintain unique certs for every account.

      Less convenient, but it could still be fantastically convenient now that everyone is carrying a pocket computer.

      1. Walk into your bank.
      2. Take out your phone.
      3. Take a picture of the QR code of your bank's public key that's posted next to every teller window, using key management software designed for the purpose.
      4. Show your phone to the teller, which is now displaying your personal public key.
      5. Teller performs a similar process with a bank camera, along with verifying your identity to the bank's satisfac

  • Add lots and lots more features. Lots of redundant crap. Make it so complex that the hackers will never be able to figure it out. (That appears to be the current strategy.)

  • One technology that kills Phishing attacks is SRP

    https://en.wikipedia.org/wiki/... [wikipedia.org]

    It does not rely on the PKI mess. But we will never see it because there is no money in it.

  • 1. "Add public keys to major services"
    The security services just use their own or find others or find the users.
    2. Build better random number generators
    Yet strange limits seem to be added to many public and private crypto like products efforts every decade. From banking to what shipped with personal computers.
    3. Expand trusted hardware
    That gets found and upgraded during while in the safe hands of the trusted global postage or delivery services. (supply-chain interdiction/Tailored Access Operations
  • Why can I not go to the local branch of my bank and verify the fingerprint of the certificate used for its online banking website?

    96:4F:59:F0:D9:3E:DE:00:4F:76:50:5B:33:17:CB:11:4C:65:F4:6B:92:F3:CF:49:4F:6F:1E:2E:FF:AF:35:6D

    That way I know for sure I am not asking a dog to transfer my money. Unless of course the dog's pawprint matches the fingerprint of the certificate.

  • As long as software companies are required to put in back doors the internet won't be secure

Do molecular biologists wear designer genes?

Working...