And we thought BGP was insecure

Every now and then an incident reminds us how vulnerable BGP is. Very few of these incidents are intentional (the Pakistan vs. YouTube is a rare exception) and few of them are propagated far enough to matter on a global scale (bugs in BGP implementations are scarier). Most of these incidents could be prevented with either Secure BGP or Secure Origin BGP but it looks like they will not be implemented any time soon.

Contrary to that, the e-business transactions protected with SSL certificates look well protected ... until you start exploring the details. As Kurt Seifried documented in Linux Magazine, almost anyone can become a root CA and issue certificates for any domain and it’s quite easy to get certificates for well-known domains. If you like a bit more in-depth discussion, read Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL ... and don’t forget that an appliance performing the MITM attacks is on the market.

The moral of this story: no technology, no matter how sophisticated, can help you if another link in the chain-of-trust is broken (and the broken link is often a human problem), while an inherently unsecure protocol can be made pretty safe by following common-sense best practices ... but you knew that already, didn’t you?

Add comment