Security Portal: The End of SSL and SSH? Follow-upDec 26, 2000, 21:29 (2 Talkback[s])
(Other stories by Kurt Seifried)
"Well, I certainly managed to kick over a hornet's nest with my article "The End of SSL and SSH?". There were quite a few points I did not cover in the article, many I did not think of, and some I trimmed. This article will cover the reaction to SSL and SSH being "dead", as well as numerous implementation issues I did not cover. The real issue is that technology cannot solve problems completely. Anytime you put a new solution in you breed new problems. This of course assumes you installed and are maintaining the new solution correctly in the first place. Vendors ships SSL and SSH, you turn it on, it works. Unfortunately most people feel that they are then done and move on to other problems, this is far from the truth. Both SSL and SSH have numerous avenues an attacker can take, many of these rely on the end user to make the right decision or have a secure system, meaning a user can shoot themselves in the foot with incredible ease. Pretty much any cryptographic "solution" requires a degree of maintenance and continued attention."
"Vendors ship server software such as SSL enabled web servers but do little to make sure that users create certificates properly or store them properly. While almost all webservers support PEM (Privacy Enhanced Mail) encoded certificates relatively few people use them since you must enter a passphrase every time you start the server, making it impractical for many such as virtual web hosting companies with dozens, hundreds or even thousands of sites. These certificates can also be retrieved from the memory of the server, this was found to be quite a bit easier then originally thought. On the client side we have web browsers with over a hundred certificates (I counted the root certificates in Internet Explorer 5.5 and it came to 120 root certificates). If any one of these certificates is compromised an attacker would be able to create and sign certificates for any name they wished to, making setup of fake sites trivial. Attackers can easily present users with a new root certificate and many users would inadvertently install, again allowing an attacker to create arbitrary certificates. You can also modify the certificate store with relative ease, since Windows 9x has no file or registry permissions and the default settings in NT are quite promiscuous this is relatively easy. The number of potential paths an attacker can take to get a root certificate into a users webbrowser are numerous and generally speaking quite weak, most depend on the user to make the right decision, or have secured their system properly, something that is relatively rare."