Re: Number of CAs

[Phillip Hallam-Baker <hallam@xxxxxxxxx>]

On Mon, Nov 18, 2013 at 1:25 AM, Masataka Ohta <mohta@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Phillip Hallam-Baker wrote:

> Not unless you compile your browser from source and verify the source each
> time you compile.

Wrong, because your compiler may also be compromised.

        http://en.wikipedia.org/wiki/Backdoor_%28computing%29

        Thompson's paper describes a modified version of the Unix C
        compiler that would:

                Put an invisible backdoor in the Unix login command
                when it noticed that the login program was being
                compiled, and as a twist

                Also add this feature undetectably to future compiler
                versions upon their compilation as well.

The attack is easily defeated these days because we have time stamp authorities. I don't think that the compilers I use are smart enough to put a back door in code written after they were.

 

> They have demonstrated an ability to hide compromise
> pretty well.

See above. I know better than you how to hide it.

The paper is hardly obscure. I generally assume people have read freshman Comp Sci 

 

Assuming active MITM attacks both on ISP chains and CA chains, the
attacks on PKI always suceed.

> Subpoenaing the software providers and the CAs are two different issues.
> Google could not credibly claim that its business would be destroyed if
> PRISM was exposed but

Are you saying that it's OK even though google's software business
has damaged a lot?

Note that google also has cloud provider business, which is also
damaged a lot.

It is a much trickier case because any damage comes from the risk of using the unconstitutional powers not from having exercised them. The cause of action is nowhere near as clear cut as it would be if a court exceeded its powers and granted an injunction requiring a CA to make a misrepresentation.about the identity of a certificate holder.

--
Website: http://hallambaker.com/