1995-09-20 - response to netscape’s press release

Header Data

From: sameer <sameer@c2.org>
To: cypherpunks@toad.com
Message Hash: e8c9742c4bff194897528f47ed2a7917c356e07998e00b8b60a6d120e966c18d
Message ID: <199509200336.UAA28871@infinity.c2.org>
Reply To: N/A
UTC Datetime: 1995-09-20 03:41:04 UTC
Raw Date: Tue, 19 Sep 95 20:41:04 PDT

Raw message

From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 20:41:04 PDT
To: cypherpunks@toad.com
Subject: response to netscape's press release
Message-ID: <199509200336.UAA28871@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


	I plan on releasing a press release regarding the misleading
statements made by Netscape in their statement about the seed bug,
announcing the web page describing my objections in detail. The document is
http://www.c2.org/hacknetscape/critique.phtml detailing my objections
to their statements.. I would appreciate comments, corrections, and
criticisms. Thanks.
	(The press release will not be written in the style of the web
page. ;-)


                             IN REPLY TO NETSCAPE

   Netscape announced that they are going to "fix" the problem. In
   traditional Internet style, I will respond to their post.

With this knowledge, an experienced computer programmer could decrypt
messages sent by Netscape Navigator to other computers in a few hours
of computation time.

   "a few hours"? Ian and David's program generates keys in 25 seconds.

The random information is found through a variety of functions
that look into a user's machine for information about how many
processes are running, process ID numbers, the current time in
microseconds, etc.

   Specifically, the Parent Process ID, the Process ID, and the time in
   microseconds. See the exploit code for more details.

The current vulnerability exists because the size of random input is
less than the size of the subsequent keys.

   The vulnerability exists because the random input isn't random. Since
   when is the time "random"? I'm sure a few physicists would love to see
   your theories on that one. (Berkeley Standard Time notwithstanding)

Once this improvement is made, protection of the random information
will be as strong as the rest of the security built into Netscape
Navigator.

   That's not saying much, considering that the security community has
   not had a chance to independently verify the security in Netscape
   Navigator.

Netscape has also begun to engage an external group of world-class
security experts who will review our solution to this problem before
it is sent to customers.

   So after someone violates Netscape Navigator's security do they decide
   to have an external group verify their code. (Note that they still
   don't plan on making it available for the security community at large
   to review). According to RSADSI's Jim Bidzos, his company offered to
   review Netscape's security when it was first introduced, but Netscape
   declined. "They're asking us to review it this time," he said.

This discovery does not affect the strength or security of SSL (Secure
Sockets Layer), RC4, or any other portions of our security
implementations.

   True, but this implies that SSL is a secure protocol, which has been
   shown to be false.

   At the beginning of their release:

Netscape secure software has been in use for almost a year on the
Internet by millions of customers and no thefts of actual customer
information protected by our security have been reported - this
posting on the Internet reported a potential vulnerability, not the 
actual theft of customer information.

   Yes, Netscape is very lucky that Ian and David are students, and not  
   criminals. I sincerely hope that the next time someone finds a hole in
   Netscape that it's someone who would rather win a free T-shirt than  
   steal lots of money.


-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




Thread