From: sameer <sameer@c2.org>
To: cypherpunks@toad.com
Message Hash: e8c9742c4bff194897528f47ed2a7917c356e07998e00b8b60a6d120e966c18d
Message ID: <199509200336.UAA28871@infinity.c2.org>
Reply To: N/A
UTC Datetime: 1995-09-20 03:41:04 UTC
Raw Date: Tue, 19 Sep 95 20:41:04 PDT
From: sameer <sameer@c2.org>
Date: Tue, 19 Sep 95 20:41:04 PDT
To: cypherpunks@toad.com
Subject: response to netscape's press release
Message-ID: <199509200336.UAA28871@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain
I plan on releasing a press release regarding the misleading
statements made by Netscape in their statement about the seed bug,
announcing the web page describing my objections in detail. The document is
http://www.c2.org/hacknetscape/critique.phtml detailing my objections
to their statements.. I would appreciate comments, corrections, and
criticisms. Thanks.
(The press release will not be written in the style of the web
page. ;-)
IN REPLY TO NETSCAPE
Netscape announced that they are going to "fix" the problem. In
traditional Internet style, I will respond to their post.
With this knowledge, an experienced computer programmer could decrypt
messages sent by Netscape Navigator to other computers in a few hours
of computation time.
"a few hours"? Ian and David's program generates keys in 25 seconds.
The random information is found through a variety of functions
that look into a user's machine for information about how many
processes are running, process ID numbers, the current time in
microseconds, etc.
Specifically, the Parent Process ID, the Process ID, and the time in
microseconds. See the exploit code for more details.
The current vulnerability exists because the size of random input is
less than the size of the subsequent keys.
The vulnerability exists because the random input isn't random. Since
when is the time "random"? I'm sure a few physicists would love to see
your theories on that one. (Berkeley Standard Time notwithstanding)
Once this improvement is made, protection of the random information
will be as strong as the rest of the security built into Netscape
Navigator.
That's not saying much, considering that the security community has
not had a chance to independently verify the security in Netscape
Navigator.
Netscape has also begun to engage an external group of world-class
security experts who will review our solution to this problem before
it is sent to customers.
So after someone violates Netscape Navigator's security do they decide
to have an external group verify their code. (Note that they still
don't plan on making it available for the security community at large
to review). According to RSADSI's Jim Bidzos, his company offered to
review Netscape's security when it was first introduced, but Netscape
declined. "They're asking us to review it this time," he said.
This discovery does not affect the strength or security of SSL (Secure
Sockets Layer), RC4, or any other portions of our security
implementations.
True, but this implies that SSL is a secure protocol, which has been
shown to be false.
At the beginning of their release:
Netscape secure software has been in use for almost a year on the
Internet by millions of customers and no thefts of actual customer
information protected by our security have been reported - this
posting on the Internet reported a potential vulnerability, not the
actual theft of customer information.
Yes, Netscape is very lucky that Ian and David are students, and not
criminals. I sincerely hope that the next time someone finds a hole in
Netscape that it's someone who would rather win a free T-shirt than
steal lots of money.
--
sameer Voice: 510-601-9777
Community ConneXion FAX: 510-601-9734
An Internet Privacy Provider Dialin: 510-658-6376
http://www.c2.org (or login as "guest") sameer@c2.org
Return to September 1995
Return to “sameer <sameer@c2.org>”