![]() ![]() Therefore it's just server-trust and SMS trust (ewww!) over and over and over again.Even a cursory poll of our security-conscious friends shows that no one bothers.Checking is infeasible, since it happens way too often.Undoubtedly these chat services would argue that it's good enough because the user is warned, and a user could notice and check the safety numbers if they wanted. You should be seeing a giant skull and crossbones. ![]() And make no mistake: TOFU isn't TOFU if it lets you keep going with a cute little shield that flows by. 8.8 has changed and you have requested strict checking. Offending RSA key in /Users/rmueller/.ssh/known_hosts: 12 Please contact your system administrator.Īdd correct host key in /Users/rmueller/.ssh/known_hosts to get rid of this message. It is also possible that a host key has just been changed. Someone could be eavesdropping on you right now (man-in-the-middle attack)! Similarly, in SSH, if a remote host's key changes, it doesn't "just work," it gets downright belligerent: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! If a key has changed, each side sounds the alarm. Rather than meeting in person, you just trust a party in the middle to vouch for each side.and then, after the initial introduction, each side carefully tracks the keys to make sure nothing has changed. In cryptography, the term TOFU ("Trust on first use") describes taking a gamble the first time 2 parties talk. Looks like we got a security upgrade! (But not really.) Resets happen regularly enough that these apps make it look like no big deal: If you have just dozens of contacts, resets will affect you every few days. Reinstall the app, or (6) when any partner uninstalls and reinstalls. With those apps, you throw away the crypto and just start trusting the server: (1) whenever you switch to a new phone (2) whenever any partner switches to a new phone (3) when you factory-reset a phone (4) when any partner factory-resets a phone, (5) whenever you uninstall and How often do resets happen? Answer: if you're using most encrypted chat apps, all the freaking time. How often do you find yourself skipping this check, even though there can be no safety against a man-in-the-middle attack without it?Įven if you are serious about safety numbers, you might only see your chat partners once a year at a conference, so you're stuck. You must now reestablish identity, and in almost all cases, this means meeting in person and comparing "safety numbers" with every last one of your contacts. After a reset, you clear your public keys, and you become a cryptographic stranger in all your conversations. When users lose their keys, they need to reset theirĪccount "resets" are dangerous. In end-to-end (E2E) encrypted chat apps, users take charge of their own keys. ![]()
0 Comments
Leave a Reply. |