From: Paul Bradley <paul@fatmans.demon.co.uk>
To: cypherpunks@Algebra.COM
Message Hash: ddc70fc739f0292c013ea13f7b9846a605bbf78475bcfc0ff71aaf514b6e4a7a
Message ID: <Pine.LNX.3.91.970614112312.1213B-100000@fatmans.demon.co.uk>
Reply To: N/A
UTC Datetime: 1997-06-14 16:46:53 UTC
Raw Date: Sun, 15 Jun 1997 00:46:53 +0800
From: Paul Bradley <paul@fatmans.demon.co.uk>
Date: Sun, 15 Jun 1997 00:46:53 +0800
To: cypherpunks@Algebra.COM
Subject: Impact of Netscape kernel hole (fwd)
Message-ID: <Pine.LNX.3.91.970614112312.1213B-100000@fatmans.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain
>It'd be nice to have more specifics about the whole situation, but
>regardless - any preliminary threat assessments? Exactly how widely
>exploited do you think this has been?
>
>Tim's post (although refuted by Marc) raises some serious issues since I
>suspect that Joe Public has his secret key sitting in c:\pgp\secring.pgp
>
>Some coherent input on the possible impact of this would be appreciated.
Basically the threat model is very simple:
Joe "slightly crypto-savvy pgp user" sixpack keeps his pgp keyring in
c:\pgp on a dos/w95 box. The average user of any of the unices keeps his
keyring in /usr/pgp or /usr/local/pgp it does not take a lot of attempts
to go through most of the common places.
The very same guy probably has a password that is:
A. FRED (notice how close the letters are, this is a real dumb-ass
password of the century)
B. His wifes name
C. Her birthday
D. The name of his favourite film or some character from it...
Can you say "dictionary attack"???.
I must admit I personally, against all the rules, keep my pgp secret key
on this box. This doesn`t worry be greatly because:
1. I have a strong passphrase.
2. This box is only on dialup, so is not connected for long, and I VERY
rarely use the web anyway, Its too slow, so I prefer ftpmail and ftp for
getting files. This corresondingly reduces the risk of me having used a
site that exploited this hole.
3. If I ever have anything to recieve that needs to be really secure I
use a one time key pair, so even the RSA key is one time. Most PGP mail I
send or recieve is fairly innocuous and the use of encryption is just
precautionary, ie. to stop nosy sysadmins.
What it basically comes down to is that Joe Sixpack, the guy most likely
to have his key compromised by this attack, is:
1. Not likely to be sending valuable enough mail to expend time mounting
even a simple dictionary attack on his key.
2. The least likely to know about, understand or respond to this flaw.
So basically the threat is the usual one: The stupid will get caught. If
you are sending highly criminal mail your key shouldn`t be on any machine
not 12 feet underground in a concrete bunker with 24 hour fully trusted
security guards, CCTV etc. etc. anyway.
Datacomms Technologies data security
Paul Bradley, Paul@fatmans.demon.co.uk
Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org
Http://www.cryptography.home.ml.org/
Email for PGP public key, ID: FC76DA85
"Don`t forget to mount a scratch monkey"
Return to June 1997
Return to “Paul Bradley <paul@fatmans.demon.co.uk>”