Category Archives: Rant

Who do you trust?

Posted on by
Reply

I trust a few people and organisations – my parents, some close friends and a handful of organisations such as EFF. Your personal circle of trust is probably not hugely dissimilar.

I wonder, have you heard of DigiNotar or Comodo before? Do you realise that you implicitly trust them and hundreds of other organisations every time you use your Internet web browser?

What are you trusting these organisations to do? You trust them to vouch for secure web sites that you visit. These 650 ‘trusted’ organisations are SSL Certificate Authorities (or CAs) and they are responsible for confirming that a given domain name and web site belongs to the legal entity named in the web server SSL certificate.

As a result of security weaknesses, the integrity of the Comodo and DigiNotar Certificate Authorities was breached in hacks which made news all around the world. Even the non-tech press realised the significance of these attacks.

The hacker responsible was able to generate a number of bogus web server SSL certificates, which were used by persons unknown to transparently intercept and spy on communications with popular web services such as Gmail, Skype and Facebook.

(Update: This article was written in 2011, before Edward Snowden’s revelations about NSA interception techniques. The paragraph above now has extra significance with regards to the persons unknown!)

This led me to question the role of certificate authorities and how fit for purpose the SSL protocol is in the modern Internet world of web applications.

The original SSL protocol specification was drafted in 1994 by Netscape engineer Kipp Hickman. In the section describing ‘Man In The Middle’ attacks the author simply says:

During the security connection handshake the server is required to provide a certificate that is signed by a certificate authority.

Any good secure protocol requires three elements: secrecy, integrity and authenticity. Apparently Hickman himself has admitted that authenticity was “thrown in at the end” of the SSL protocol specification. This weakness of SSL is a fundamental and critical flaw. This is the element where commercial interests, criminality and good old fashioned human error have all come into play.

In the early days of SSL, VeriSign was the lone certificate authority entrusted to verify that a web server belonged to a particular domain name and legal entity. The problem with a monopoly such as this is that without competition the CA can set an unreasonably high price for the service they provide. To stimulate competition more and more CAs were added to the trusted root certificate lists and over time we now find ourselves with literally hundreds of ‘trusted’ CAs.

So what makes these businesses trusted? Judging by some of the CAs that have bought their way onto the list – not a lot!

StartCom CA for example will issue free SSL certificates with only cursory validation. In their own words:

Class 1 Certificates provide modest assurances that the email originated from a sender with the specified email address or that the domain address belongs to the respective server address. These certificates provide no proof of the identity of the subscriber or of the organization.

Most Internet users naively assume that seeing https and the padlock icon is a guarantee that the identity of the web site owner has been verified and the web site is secure. Actually both assumptions are no longer true.

It is no longer necessary to go through strict vetting procedures to obtain a valid and trusted SSL certificate. With fake certificates having already been created via compromised CAs there is also no guarantee that your communications are safe from a man-in-the-middle attack.

Former Netscape Chief Scientist Dr Taher Elgamal is credited as being one of the co-authors of the original SSL specification. He too has voiced his concerns that a copycat attack against CAs could result in more rogue SSL certificates:

It could happen again. There’s no back-up plan, which is generally a bad security model. The problem of what to do when certificate issuers were compromised never came up when the original work was being done on SSL/TLS. Nobody asked the question of what to do if a certificate authority turns out to be bad. The problem was not so much with the technology as it was with the firms issuing the certificates.

There’s way too many of them.

But what of the Online Certificate Status Protocol (OCSP), which was specifically designed to protect us from rogue SSL certificates? Well that is unfortunately flawed too and can be bypassed using a simple protocol trick.

So are there any workable alternatives to SSL?

Moxie Marlinspike (the security researcher who found the OCSP flaw referenced above) has been giving it some serious thought. He was inspired by a concept called Perspectives which he has improved on and developed into Convergence – “An agile, distributed, and secure strategy for replacing Certificate Authorities“.

Convergence is still in its infancy and it’s not perfect, but with SSL now coming of age it could be a critical enabler for the future of secure communications.

I’m glad that someone who understands the weaknesses of SSL has proposed an alternative to CAs. Let’s hope that this effort gains some momentum in the industry and together we properly solve the issue of web server authenticity.

FiReControl FiAsCo

Posted on by
Reply

I was going to let this story pass without my commenting on it, then I heard ex-Deputy Prime Minster John Prescott making his own comment on BBC Radio 4 while trying to absolve himself of all responsibility.

The FiReControl project was started by the Labour government in 2004, with a budget of £120 million. It had the aim of replacing 46 smaller fire and rescue control rooms with nine regional control centres.

The project was eventually terminated in 2010 “with none of the original objectives achieved and a minimum of £469m being wasted“.

The Commons Public Accounts Committee was tasked with reviewing the failed project and has published their report.

Chair of the Committee of Public Accounts, The Rt Hon Margaret Hodge MP summed it up nicely:

The Department’s ambitious vision of abolishing 46 local fire and rescue control rooms around the country and replacing them with nine state of the art regional control centres ended in complete failure. The taxpayer has lost nearly half a billion pounds and eight of the completed regional control centres remain as empty and costly white elephants.

The success of the so-called FiReControl project crucially turned on the cooperation of locally accountable and independent Fire and Rescue Services. The Department’s failure both to recognize this and try to ensure local buy-in fatally undermined the project from the start.

The project was rushed, without proper understanding of costs or risks. The leadership relied far too much on external consultants and the frequent departures of senior staff also contributed to weak management and oversight of the project.

The contract to implement a national IT system linking the control centres was not even awarded until a full three years after the project started. The contract itself was poorly designed and awarded to a company without relevant experience. The computer system was simply never delivered.

No one has been held to account for this project failure, one of the worst we have seen for many years, and the careers of most of the senior staff responsible have carried on as if nothing had gone wrong at all and the consultants and contractor continue to work on many other government projects.

The Department now plans to spend a further £84.8 million to secure the original objectives of FiReControl, so that there is a co-ordinated response to national incidents. However it is not clear to us how this extra spending will deliver value for money or achieve the objectives intended.

This is one of the worst cases of project failure that the committee has seen in many years. FiReControl was an ambitious project with the objectives of improving national resilience, efficiency and technology by replacing the control room functions of 46 local Fire and Rescue Services in England with a network of nine purpose-built regional control centres using a national computer system. The project was launched in 2004, but following a series of delays and difficulties, was terminated in December 2010 with none of the original objectives achieved and a minimum of £469 million being wasted.

John Prescott was the minister in charge at the time. He has the barefaced cheek to claim that it wasn’t his fault, because apparently he wasn’t made aware of it! In an interview on BBC Radio 4 he said:

I had responsibility for the policy. We decided we needed a system with natural resilience built into it. We decided the policy and we told people to get on with it. It started in 2004, but clearly from what the committee says it started to go wrong in 2007/8. Of course you try to keep on top of the projects but we were told by them that it would cost about £120 (million). To go four times as much in four years is unbelievable.

Unbelievable indeed!

It is also unbelievable that as the minister in charge Prescott was totally in the dark about the lack of progress and horrific overspend. Maybe he was asleep?

As if we needed it, just one more example of the disgusting extravagance in public spending and total contempt for the taxpayer at the hands of the last Labour government. Lest we forget.

Incandescent

Posted on by
Reply

Today (1st September 2011) marks the untimely and unnecessary death of the humble but revolutionary incandescent light bulb, an invention of Englishman Joseph Swan in 1878.

Since September 2009 it has been a criminal offence to manufacture or import any frosted or ‘pearl’ incandescent bulb or any clear bulb with a power of 100W or more, and as from today it is now illegal to manufacture or import 60W incandescent clear light bulbs.

Kerry Nicolaou has been stockpiling thousands of incandescent bulbs which he sells from his shop Orbit Electronics in Twickenham:

This is not a democracy, it’s becoming like a dictatorship, ordering you to do this, do that. You should have a choice.

I agree entirely. What happened to consumer choice?

So who do we have to thank for agreeing to this? It’s our old foe Tony Blair!

In 2007 Prime Minister Blair agreed to adopt European Commission Regulation (EC) No 244/2009 which outlaws the manufacture and import of incandescent bulbs.

So what of the replacement, the compact fluorescent lamp?

Howard Brandston – one of the most respected lighting experts in the world – says this:

Compact fluorescent lamps are dangerous – because of the mercury. If they weren’t dangerous, why would the manufacturers pack them in plastic when they ship them? Incandescent lamps are packaged in cardboard. The truth is they don’t want the mercury escaping – one gram of mercury can pollute a two-acre pond. The bulbs are a serious health hazard.

There is a small glimmer of hope however.

In February 2007 the New Zealand government announced a proposal to ban incandescent bulbs, but in December 2008 their new Energy and Resources Minister, Gerry Brownlee, reversed the decision and lifted the ban on traditional light bulbs.

This government has real concerns about telling people they have to move to energy efficient light bulbs by decree.

It has been well signaled and will come as no surprise that the government is lifting the ban on traditional or incandescent light bulbs.

We are committed to energy efficiency in the home and efficient lighting has an important role to play in helping us reduce the amount of energy we use, but this Government believes it is a matter of consumer choice.

People need good, credible information about the different lighting options that are available to them, and then they can decide what is right for them in their homes.

Lifting the previous government’s ban on incandescent light bulbs simply means we are allowing their continued sale, and I am confident the consumer trend to energy efficient bulbs will continue.

Please join me then in lobbying Energy Minister Charles Hendry to do likewise and save us from this undemocratic Blair legacy.

Thanks Nokia

Posted on by
Reply

Great, yet another instance of my supposedly secure personal data having been stolen by hackers unknown.

This time the hugely negligent company guilty of not securing their databases adequately was Nokia …

I’m beginning to doubt if there is actually any more of my data out there that’s still private to be stolen in this way. Most of it is now probably in the public domain thanks to the likes of Nokia, Travelodge and Sega.

The Jeremy Kyle Generation

Posted on by
Reply

Reproduced below are the words of Tony Blair, responding to claims that British society is in morale decline (copied from an article in The Guardian).

The big cause is the group of alienated, disaffected youth who are outside the social mainstream and who live in a culture at odds with any canons of proper behaviour. And here’s where I simply don’t agree with much of the commentary. In my experience they are an absolutely specific problem that requires a deeply specific solution.

The left says they’re victims of social deprivation, the right says they need to take personal responsibility for their actions; both just miss the point. A conventional social programme won’t help them; neither – on its own – will tougher penalties.

The key is to understand that they aren’t symptomatic of society at large. Failure to get this leads to a completely muddle-headed analysis of what has gone wrong. Britain as a whole is not in the grip of some general ‘moral decline’.

This is a hard thing to say, and I am of course aware that this too is generalisation. But the truth is that many of these people are from families that are profoundly dysfunctional, operating on completely different terms from the rest of society, either middle class or poor.

This is a phenomenon of the late 20th century. You find it in virtually every developed nation. Breaking it down isn’t about general policy or traditional programmes of investment or treatment.

The agenda that came out of this was conceived in my last years of office, but it had to be attempted against a constant backdrop of opposition, left and right, on civil liberty grounds and on the basis we were ‘stigmatising’ young people.

After I’d left, the agenda lost momentum. But the papers and the work are all there.

Wasn’t Tony Blair our elected Prime Minister in the late 20th Century? It was his job to do something about it, rather than glorifying chav culture like it was an amusing joke.

These “alienated disaffected youth … living in a culture at odds with any canons of proper behaviour” are his creation. They have grown up in a culture of state funded hand-outs that rewarded teenage pregnancies and self-inflicted unemployment with free houses and benefits.

Who should we blame for the work-shy feral youths that roam the streets like they own them, spreading lawlessness and intimidation in their wake? Who was the catalyst for the Jeremy Kyle generation? Who nurtured these profoundly dysfunctional families?

Look in the mirror Blair!