Post AWKfJs6ePxpYwv5Tcm by tqbf@infosec.exchange
(DIR) More posts by tqbf@infosec.exchange
(DIR) Post #AWKfJqgNi9DuX9mz2W by tqbf@infosec.exchange
2023-06-03T20:10:50Z
0 likes, 0 repeats
Palpable vibe shift over the last month or so. Nobody was really interested in DNSSEC before, but the default has shifted from ambivalence to antipathy. People fucking hate it, and it's great to see.
(DIR) Post #AWKfJrRsrXDkuU0v56 by dalias@hachyderm.io
2023-06-03T20:12:28Z
0 likes, 0 repeats
@tqbf What a healthy, non-destructive attitude... š¤
(DIR) Post #AWKfJs6ePxpYwv5Tcm by tqbf@infosec.exchange
2023-06-03T20:13:28Z
0 likes, 0 repeats
@dalias I'm not sure what you mean there. It's healthy and productive to advocate against bad things!
(DIR) Post #AWKfJsOjKkIBqzXunw by tqbf@infosec.exchange
2023-06-03T20:11:14Z
0 likes, 0 repeats
To think, all it had to do was break all of New Zealand.
(DIR) Post #AWKfJsobmWzb9Fea8m by tqbf@infosec.exchange
2023-06-03T20:14:23Z
0 likes, 0 repeats
@dalias When the USG proposed their overt, pre-DNSSEC key escrow system, it wasn't unhealthy or destructive to say "it's good that nobody wants the Clipper chip!ā.
(DIR) Post #AWKfJtfmapWjoAX31U by dalias@hachyderm.io
2023-06-03T20:18:54Z
0 likes, 0 repeats
@tqbf Completely unrelated, but I love how you tried to inject the tired trope of associating DNSSEC with scary USG stuff once again.
(DIR) Post #AWKfJuFwQORzcJRvNo by tqbf@infosec.exchange
2023-06-03T20:22:36Z
0 likes, 0 repeats
@dalias Imagine trying that argument with Dual EC, or with the Clipper chip. āIt's a tired trope that the USG is going to misuse the control over Internet cryptography this gives them".I was wrong about Dual EC (I thought it was just stupid, not an actual backdoor), and when we found out Dual EC was actually showing up in important products, I admitted, quickly, that I was wrong. What's it going to take for you to acknowledge the obvious fact that DANE is a key escrow system for TLS?
(DIR) Post #AWKfJuwpqulHlLWBF2 by dalias@hachyderm.io
2023-06-03T20:27:16Z
1 likes, 0 repeats
@tqbf I don't know whether I want to hear whatever crackpot theory is behind this claim, or just be sad that you're this far down a path of irrational hatred for something opt-in that lets us declare what keys others should trust for names we own.
(DIR) Post #AWKfJvY3cWXHcmvuG8 by matt@mastodon.bitcoin.ninja
2023-06-03T21:35:18Z
1 likes, 0 repeats
@dalias @tqbf you get to pick, either you have security against a number of real-world attacks that have happened to even the largest of providers (read: AWS Route 53) or no security. Either way USG can get your .com yanked with the stroke of a judgeās pen (or less). The fact that people still advocate against DNSSEC has caused real harm to website operators, itās just sad.
(DIR) Post #AWKfKg7QTM9y3npnm4 by tqbf@infosec.exchange
2023-06-03T22:16:45Z
0 likes, 0 repeats
@matt @dalias Almost nobody that works in the field agrees with you about this.
(DIR) Post #AWKfKgqnkeSKKX42V6 by matt@mastodon.bitcoin.ninja
2023-06-03T22:17:25Z
1 likes, 0 repeats
@tqbf @dalias funny cause I know lots of people who work in the field and agree with me about this :)
(DIR) Post #AWKfKhj2UzqD2kRM2a by matt@mastodon.bitcoin.ninja
2023-06-03T22:18:47Z
0 likes, 0 repeats
@tqbf @dalias i do know people who donāt use DNSSEC for fear of the security/availability tradeoff bricking their domain name if they screw it up (*cough* Slack), but thatās up to them.
(DIR) Post #AWKgkgnEghSndRMEQS by tqbf@infosec.exchange
2023-06-03T22:27:51Z
0 likes, 0 repeats
@matt @dalias You get that you can write a 3 line shell script to count the number of security teams who buy into this, right?
(DIR) Post #AWKgkhhxHopkTLtWpk by matt@mastodon.bitcoin.ninja
2023-06-03T22:30:02Z
0 likes, 0 repeats
@tqbf @dalias funny, I actually know zero serious security teams who recommend against DNSSEC for reasons other than the availability tradeoff (though most folks agree the design absolutely could be much better, but the choice is yes or no, not some other protocol). I think weāre both just biased by who we know :).
(DIR) Post #AWKgkiKay9k4PByO3s by corry@mastodon.sharpletters.net
2023-06-03T22:55:01Z
0 likes, 0 repeats
@matt @tqbf @dalias good thing most security teams donāt take themselves too seriously š
(DIR) Post #AWKgkj7s0x9os11jrk by matt@mastodon.bitcoin.ninja
2023-06-03T22:55:50Z
1 likes, 0 repeats
@corry @tqbf @dalias ha, maybe I should have said āremotely competentā.
(DIR) Post #AWKgyjeUr30QYYy3EG by corry@mastodon.sharpletters.net
2023-06-03T22:57:45Z
0 likes, 0 repeats
@matt @tqbf @dalias well, that was a fast path from light joke to straight insult. Cheers
(DIR) Post #AWKgykj8rGJdtG9H6m by tqbf@infosec.exchange
2023-06-03T23:01:20Z
0 likes, 0 repeats
@corry @matt @dalias It turns out that the largest best funded security teams on the planet are holding off on deploying DNSSEC because they're afraid of being bullied by (checks notes) me.
(DIR) Post #AWKgylb1cvPwaNMJ60 by matt@mastodon.bitcoin.ninja
2023-06-03T23:03:58Z
0 likes, 0 repeats
@tqbf @corry @dalias i donāt thinking alleged that or anything similar to that at all? I also noted it may well be a perfectly reasonable decision to not deploy DNSSEC on the basis of the implied availability tradeoff if you screw it up! Thereās some reasonable debate as to the impact of things like BGP hijacking given the deployment of RPKI and the move to announcing authorative DNS servers in /24s, though those are by no means strong protection as RPKI-SOV is not a security protocol but an anti-fat-finger one.
(DIR) Post #AWKgymSCRDx5FIElyi by tqbf@infosec.exchange
2023-06-03T23:05:14Z
0 likes, 0 repeats
@matt @corry @dalias This is a tangent but what do you think it says about the protocol that the most competent, best regarded, best funded, best staffed, most experienced infrastructure teams in the world refuse to deploy DNSSEC out of concern that it will eat them and take them off the Internet for hours at a time?
(DIR) Post #AWKgymblrdbliyiPtg by tqbf@infosec.exchange
2023-06-03T23:01:46Z
0 likes, 0 repeats
@corry @matt @dalias A pattern that has remained stable for (checks further notes) 25 years.
(DIR) Post #AWKgynXuNU72dHuqW0 by matt@mastodon.bitcoin.ninja
2023-06-03T23:07:11Z
0 likes, 0 repeats
@tqbf @corry @dalias im pretty sure I was quite explicit above that DNSSEC could well have been much better designed :). But, again, this is unrelated to your claims that the issue with deployment is somehow itās association with the USG or some kind of conclusion that it provides no security guarantees at all, which are both really horribly inaccurate.
(DIR) Post #AWKgyoHzc8yYwDTeLY by matt@mastodon.bitcoin.ninja
2023-06-03T23:07:52Z
0 likes, 0 repeats
@tqbf @corry @dalias itās also worth pointing out that NSA is *requiring* it in some systems, if you really want to get into arguments from authority rather than real ones.
(DIR) Post #AWKgyopJcFdAbZ4GHo by tqbf@infosec.exchange
2023-06-03T23:06:49Z
0 likes, 0 repeats
@matt @corry @dalias This is a bad system, it's self-evidently bad, it's been bade for decades (plural), and efforts to evangelize it are clownish, most especially when they feign outrage that anybody has bothered to notice how bad the system is.
(DIR) Post #AWKgypAwJqvbgdBWzY by tqbf@infosec.exchange
2023-06-03T23:09:09Z
0 likes, 0 repeats
@matt @corry @dalias I'm surprised NSA hasn't tried to lobby for a statutory requirement for civilian DNSSEC, because DNSSEC is a key escrow system for .COM.
(DIR) Post #AWKgyqWbInqhs6KLOS by matt@mastodon.bitcoin.ninja
2023-06-03T23:10:34Z
0 likes, 0 repeats
@tqbf @corry @dalias thatās a joke, right? Cause thatās, uhhhhh, not in any way how DNSSEC works nor an impact of opting into it.
(DIR) Post #AWKgyr77733XhLPVJ2 by tqbf@infosec.exchange
2023-06-03T23:08:12Z
0 likes, 0 repeats
@matt @corry @dalias All this, by the way, in an an attempt to mitigate (not resolve!) an attack that virtually never happens, because it's much easier to simply phish a registrar account, which is how virtually all DNS corruption actually happens in the real world.
(DIR) Post #AWKgyr8X1mBrlk4dW4 by dalias@hachyderm.io
2023-06-03T23:11:53Z
1 likes, 0 repeats
@matt @tqbf @corry The tinfoil koolaid runs deep.
(DIR) Post #AWKhJKjyfdA3NMLxZ2 by tqbf@infosec.exchange
2023-06-03T23:12:32Z
0 likes, 0 repeats
@matt @corry @dalias That is not a joke, and when people are shocked to hear it described that way, I assume they haven't thought through how a top-down tree-based PKI controlled by a government works.
(DIR) Post #AWKhJLRa3W2VYakmWm by dalias@hachyderm.io
2023-06-03T23:15:12Z
0 likes, 0 repeats
@tqbf @matt @corry "Key escrow" means very specifically "you give them a copy of your private keys". Not "the holder of the root key that signed your key is physically located under their jurisdiction and could somehow have it raided".
(DIR) Post #AWKhJM4vhDVzWdACrQ by tqbf@infosec.exchange
2023-06-03T23:17:37Z
0 likes, 0 repeats
@dalias @matt @corry LOL.
(DIR) Post #AWKhJMjLGxqDXy4Tqq by dalias@hachyderm.io
2023-06-03T23:33:56Z
0 likes, 0 repeats
@tqbf @matt @corry I love how the arguments for why DNSSEC is evil require flagrant misuse of a word with a very precise technical meaning, which infosec professionals like yourself certainly know, and how the only response to being called out on that is "LOL"...
(DIR) Post #AWKhJNqp6dQ51SZy9Q by tqbf@infosec.exchange
2023-06-03T23:36:18Z
0 likes, 0 repeats
@dalias @matt @corry Sometimes the best, clearest arguments just are that succinct.
(DIR) Post #AWKhJOVwdkJT4zooFM by tqbf@infosec.exchange
2023-06-03T23:38:11Z
0 likes, 0 repeats
@dalias @matt @corry By all means keep explaining to me and your audience how DNSSEC enables by design a cryptographic attack on Internet sites by trusted government authorities that happens to have a different name than "key escrow", as if you're somehow making a better case for deploying it. My take is that you're making my argument for me.
(DIR) Post #AWKhJPCU5aLBCvimYK by dalias@hachyderm.io
2023-06-04T00:04:03Z
0 likes, 0 repeats
@tqbf @matt @corry Honest question: do you believe CT sufficiently mitigates the analogous (but much larger because now you have N governments instead of 1) weakness in web PKI?
(DIR) Post #AWKhJPoPoYgL6ZT4fw by tqbf@infosec.exchange
2023-06-04T00:13:13Z
0 likes, 0 repeats
@dalias @matt @corry I don't know what "adequately" means. You ideally want something that forecloses on the attack. Nothing in the Web PKI comes close to doing that (though: closer than DNSSEC will ever get). But everything is complicated by the fact that the most aggressive IC agencies are allergic to detection.
(DIR) Post #AWKhJQlcGS2M4BALx2 by dalias@hachyderm.io
2023-06-04T00:20:50Z
1 likes, 0 repeats
@tqbf @matt @corry Ok, because you can literally construct a CT equivalent (but stronger), on top of DNSSEC, without any cooperation from authorities.
(DIR) Post #AWKhJTXtvtqggVlwUS by dalias@hachyderm.io
2023-06-04T00:23:43Z
0 likes, 0 repeats
@tqbf @matt @corry If you do that, I don't see any viable way you can claim DNSSEC has weaknesses that a system you're already using and trusting (webpki) doesn't.
(DIR) Post #AWKhO0dGrM6qSXRhNA by tqbf@infosec.exchange
2023-06-04T00:51:40Z
0 likes, 0 repeats
@dalias @matt @corry (1) I don't think you can, because there's no way to get SCTs in that system, and (2) it doesn't matter if you do, because you can't kill TLDs the way you can CAs.
(DIR) Post #AWKhO1E8eHbGIsh8q0 by dalias@hachyderm.io
2023-06-04T01:12:38Z
0 likes, 0 repeats
@tqbf @matt @corry I don't think the conditions that SCTs, as done in CT, address, matter the same way with what I have in mind.And indeed you can't kill TLDs (except maybe garbage new ones š¤£) but now you're talking about a different threat than non-detection, which isn't solvable in the framework of DNS entities regarding of what PKI you're using, since they're all rooted in trusting DNS. It's just a question of whether or not that trust has cryptographic evidence or not.
(DIR) Post #AWKhO1piOZeqBQH9PM by dalias@hachyderm.io
2023-06-04T01:15:38Z
1 likes, 0 repeats
@tqbf @matt @corry If you're actually worried about that problem rather than just wanting to throw FUD at DNSSEC, ok, but the only way to solve it is with an entirely alternate name ownership system that's purely cryptographic chains of ownership with no backdoor for any authority to claw back anything. There are ppl nominally trying to create that but they only want it to run it as a casino...
(DIR) Post #AWKhZCdcYykgsawmGm by tqbf@infosec.exchange
2023-06-04T01:16:50Z
0 likes, 0 repeats
@dalias @matt @corry I have multiple reasons to push back on DNSSEC, which I feel like I've documented repeatedly. That it doesn't fix the Web PKI trust problem, but rather amplifies it, is just one of them. But my original motivation is just how *bad* the protocol is.
(DIR) Post #AWKhZDSJWVIlPofGHg by matt@mastodon.bitcoin.ninja
2023-06-04T01:17:57Z
0 likes, 0 repeats
@tqbf @dalias @corry It fixes some issues in the Web PKI trust space, dropping all of Web PKI and replacing it with DANE would introduce others. That is a false-choice, though, you can use Web PKI as it exists today and *also* enable DNSSEC to protect against attacks which Web PKI currently does not.
(DIR) Post #AWKhZEGIWfHfuq3BC4 by tqbf@infosec.exchange
2023-06-04T01:19:19Z
0 likes, 0 repeats
@matt @dalias @corry I would argue that it literally fixes none of the problems, and makes the existing problems worse. It's a PKI controlled by the global adversary. And it's a bad protocol. Why are we entertaining this? Design something better.
(DIR) Post #AWKhZF4HWpGaPrR66S by tqbf@infosec.exchange
2023-06-04T01:20:03Z
0 likes, 0 repeats
@matt @dalias @corry Start with online signers (which best-practices DNSSEC wants anyways, because of enumeration!) and a secure transport, and the rest of a drastically better design will fall from there.
(DIR) Post #AWKhZFhdAWk4NtqWR6 by dalias@hachyderm.io
2023-06-04T01:23:20Z
0 likes, 0 repeats
@tqbf @matt @corry Online signers are antithetical to best practices.
(DIR) Post #AWKhZGTqHHJ4nQP1aC by matt@mastodon.bitcoin.ninja
2023-06-04T01:23:59Z
0 likes, 0 repeats
@dalias Depends on who you ask, some folks suggest them, some do not. Obviously online KSKs would be bad, but online ZSKs is, well, the reason ZSKs exist separately from KSKs.
(DIR) Post #AWKhZHXQLRlY4p5Onw by dalias@hachyderm.io
2023-06-04T01:27:53Z
1 likes, 0 repeats
@matt I consider both harmful because you're putting key material that can be used to forge your authority in places where it's attack surface (often managed by incompetent parties). The #1 awesome design point of DNSSEC is offline signing, which lets you treat your DNS host as the untrusted garbage it is.
(DIR) Post #AWKhZKbQwzkva7z8yG by dalias@hachyderm.io
2023-06-04T01:29:31Z
0 likes, 0 repeats
@matt If DNSSEC were online signing only, I'd need my own always-on reliable network link to provide all authoritative nameservers. As it is, I can outsource to a $1/mo VPS.
(DIR) Post #AWKhfb4acxcYOubuHg by matt@mastodon.bitcoin.ninja
2023-06-04T01:30:01Z
0 likes, 0 repeats
@dalias I tend to agree, but also am happy that those who see enumeration as a larger issue can choose to do online signing :). (of course CT has completely rendered any anti-enumeration properties of DNS borderline useless, but whatever).
(DIR) Post #AWKhfbieE1fCP9Ltiq by dalias@hachyderm.io
2023-06-04T01:30:47Z
0 likes, 0 repeats
@matt Yes, the second best thing about DNSSEC is that everyone gets to choose how (or if) to use it.
(DIR) Post #AWKhfcKZx00MIn6BqS by dalias@hachyderm.io
2023-06-04T01:33:28Z
1 likes, 0 repeats
@matt But yeah, anti-enumeration in my book is one of those ridiculous BOFH-personality infosec dude things. Your systems need to be secure assuming anyone can enumerate them.