19th
Trusting the Untrustable Internet
We may well look back on 2008—coincidentally my 10th year “in the business”—as the year when we finally realized, in black and white, that the internet cannot be trusted.
Sysadmins have known this for a long time; it’s the reason why no one ever uses telnet for remote shell access, and why OpenSSH is so paranoid about not letting you connect to a server whose key fingerprint has changed.
I’m still working out a lot of issues around the recently-publicized failure of DNS, and a few big “oops” in the world of SSL—including the not-news-to-anyone revelation that Certificate Authorities can be tricked into signing certificates that they shouldn’t—but a big theme in the coming year is obviously going to be how browser vendors and web applications providers can make the web safe for grandma again.
I’m pretty sure that grandma is going to need to get much more savvy about how PKI works, and we’re going to have to redesign the interfaces around it to be much more transparent and user-friendly. We’ve spent a lot of time focusing on XSS and SQL injection in the last few years, but man-in-the-middle attacks are poised to circumvent all of that work.
It may turn out that attackers are satisfied with botnets, and don’t care to p0wn wi-fi routers or poison DNS caches. But given the juiciness of the targets (Apple’s Mobile Me doesn’t use SSL?) I think we can assume that they will. Or if today’s black hats don’t, tomorrow’s will blow right past them.
