TLS was designed for E-Commerce
TLS negotiation is made as user friendly as possible by browsers and the web sites that offer encrypted connections. For email, it simply means changing to the encrypted ports versus the standard ports for SMTP and POP/IMAP.
After reading the Wikipedia article one should realize that TLS only encrypts the transport layer of the Internet version of the OSI stack that allows one to communicate between different nodes on the Internet.
The average user only understands what the application or operating system tells them. They may want to know why a certificate presented to them is invalid when they get the massive red warning notice due to an invalid certificate. Or they may just click through and have their data stolen. But in the examples given, there would have been no warning. A bad certificate would not have woken up the software dogs, and they would not have barked.
While TLS is very important, it is only part of the entire security stance and may not protect a client and server against an active attack from a hacker. More and more attacks are active and persistent, not just mindless bots.
For this reason it’s worth understanding how the smartest brokers on Wall Street were hoodwinked by a high stakes variation of this game. Ever shop for an airline ticket and then go back 5 minutes later to find that it is $50 dollars more? How one creates a fair Internet is very important here. It’s not the protocols which are the problem but applying what NIST is supposed to do, not allowing a fat finger on the balance scale.
If that TLS layer is broken so is the security of the entire email message. Or website. That is why we should specify other forms of encryption that encrypt the messages themselves, regardless of whether the transport is also encrypted. This is why one needs S/MIME which is a personal, not website SSL certificate.
It is more expensive for web sites to offer an encrypted transport connection since it uses more computer processing, is a bit slower, and one has to buy a certificate. Yet over the past few years it has become the norm.
The details of all of this have been kept in the background, and despite having an encrypted connection, banks and such still need to identify you as a customer, because you don’t have your own personal X.509v3 client authentication certificate and Directory entry, which identifies you as the other end of the connection.
There are other multiple web based methods at different levels of assurance to do that. Other trust frameworks that might rely on Google to be your identity provider. Or a second factor of authentication, or a biometric, etc. It does not really matter. They all perform the same function to uniquely determine you, to a relying party with a manageable degree of certainty. The major difference is that the Web does not maintain what is called “state”. It is the Alzheimer’s version of state. So to get state, it transfers it, such as with REST. Or it starts at a known part of the state machine, and uses tokens like the movie “Momento” to remember who you are. Cookies. Those cookies are persistent, (and in the case of the NSA) builds a profile so they can always send malware to your machine in an automated fashion if desired.
So where you are, Starbucks, or at home, you get the same “view” of the Internet. Like the traders, it is a constructed reality. The situation changes when you get to the deep Web via Tor.
For free or $20 you can get a client certificate to encrypt your mail, but it does not prove the message came from you, it only turns on the encryption.
The mail arrives encrypted but with no proof of who sent it. Personna not validated. So now you are a dog that knows how to encrypt which is clever, but not trustworthy. You want a personal identity certificate that you can use to assert your claim of identity which will cost more money. And you can revoke this if someone steals your identity. It makes it harder for them to claim to be you, which is fairly simple with a stolen password, or password + other stuff.
Why should I prove who I am to the Internet?
In short, because otherwise you as an individual will be profiled to get to the same place.
In fact you are already profiled by cookies in the browser, and browsers regularly violate “do not track” digital privacy policies to do so.
Do you want Facebook to represent you to the Internet? That’s backwards. Because they own your data you gave them for free. And they sold it. That means you are the product not the customer.
The question is whether you want to maintain control over your identity and independently prove who you are, or what your server is, or that a specific device is a specific device based on Identity, or not use identity at all.
Maybe a probabilistic knowledge based approach like Lexix Nexis will ask questions based on what you purchased on your credit card and thus have an algorithm assign a score based on probability of you providing the right answers.
Or you can simply tell people who you are, and tell them they need to accept that because your can prove it with a high value x.509v3 certificate. In fact they should accept that, and go away because that is the sina qua non gold standard.
Or not provide any identifiers, but the chance of being anonymous (a blank) is actually fairly slim. Basically two or three unique datapoints, age, zip code, etc. can identify anyone in the U.S. with 95% accuracy according to the U.S Government ID management web site. Professional spies have Facebook profiles set up years in advance so they “exist” on the Internet.
That’s because there is a cost of proving you are you to the Internet. You don’t have to pay directly like with a certificate. But if you don’t identify yourself concretely with a high value certificate that is recognized by almost anyone, in terms of the Internet trusted community, you are living in a van down by the river letting companies define your identity according to the marketing profiles. Nothing wrong with that for billions of netizens, but kind of fly by night with no real fixed address and corporations that represent you, already have enough paid lobbyists in Washington compared to citizens.
So are you a rat that use some other method that data mines your friend’s email addresses and so on for a social graph, or an active consumer of big data Twitter sentiment on your product, which is primarily your own branding in social media, i.e. you?
How does one make the world adjust to you on your terms, and not their standard operating rules of service which means you are not and will never be a VIP on any branded service.
Think of how Oprah does it. She was on television so billions know her dog’s name, and you think you know her.
Does she fly in coach to just to hang out with people? No, she has her own jet and does not go through security. She is a VIP by design which is a protocol. TLS also has VIP and coach.
Her identity is entirely public on public networks. Yet she still enjoys privacy at any one of the many houses she owns and cares to stay at, but she probably is not there.
If you don’t have a personal assistant to deal with people, the web performs that function (using TLS) for you to make appointments, show you mail, and so on. It is very democratic that way.
But what privacy do you actually have? It should be clear now that privacy is a fluid, negotiated concept like staying in a very nice hotel. Expectations are important and need to be met. If you stay at a cheap hotel, your expectations are different. Paying nothing and couch surfing might also be more or less private. It is the terms of service that matter.
There is another cost to keeping that data up to date, protecting it, and keeping it accurate for people you want to have use it. Identity documents are rated in terms of how accurately they represent the subject at levels of assurance.
The more you want companies to trust you are you, the more money you have to spend to have them investigate your credentials to prove they are genuine before they create a certificate to present to the other end of the connection, which is called the “relying party” because it relies that the information that you present is genuine. Even Caroline Kennedy, (who most people know quite well), still has to present her credentials to the government of Japan as the U.S. Ambassador per protocol.
In the typical TLS connection over a browser, what one is actually certifying is the DNS name of the server, or group of servers that answers your request. That’s one step to prevent a fake website. That’s a good thing, but not sufficient in some cases.
But they don’t know who you are, except if they start to collect more data on you. So they start collecting data on you. Unless you present credentials of the Internet kind and you determine what data they should have.
You might be a cat lying on the keyboard and ordering cat toys.
A high level of assurance client certificate fixes that because it attests (under penalty of Federal Law) that the person using the computer is who they say they are. This is why Federal employees swipe a PIV smartcard to use any computer at work.
But you know your bank, (maybe) because they use an identity certificate (which costs more) unless you are being phished or attacked via a Man in the Middle Attack. If you are part of a continuous persistent attack instead of a single phish then the situation is far worse since the fake software you download will keep you imprisoned in fairly nasty place.
So everything is set up in the Internet and ISO protocols to make sure this does not happen. Except it does happen because companies don’t follow the protocols. And then they lie about it in their privacy policies that they do the right thing. And then they lose millions of dollars like Target, when (even though they passed their security audit), they get hacked, and customer data is stolen.
Sometimes this happens to an entire country such as the beginning of the Syrian civil war where it began by capturing Facebook and Twitter updates that the protesters used to organize rallies. And companies sell products to do this exact thing.
Many companies should be held responsible for using software that put their users or customer’s data at risk by not actively validating the security of their products.
Fixing TLS in applications will have to be enforced via the FTC so write your Congress people to demand this.
If they lie about that, and actually don’t take your privacy seriously that’s false advertising and they can be fined. And it is better if we clean this up right now, with my solution below, because companies are actually bleeding money from a lack of trust in the cryptography technology by European and US consumers. And it is not the math, which few people understand, but how it is being applied at a policy and business level, with data either:
1. Leaked to the NSA intentionally as a business arrangement
2. Captured by the NSA because data was not encrypted internally between data centers, which was recently patched by Google, and Yahoo.
3. Or encrypted, but decrypted on the fly though unknown or engineered flaws in the software.
4. Or where standards were actually subverted by the NSA and published by NIST who is their agency partner. NIST recently retracted one of these standards on random number generation
5. The NSA sold the idea to large commercial companies that while the TLS certificates that they created were normally broken, (given the defaults of the tool kit that created them) that it was broken in a way that it was broken in a specific way to have a back door that only the NSA could access. In other words, key escrow rejected by the Internet in 1994.
In fact, any back door, even a good one, is eventually leaked or compromised. Backdoors in 1994 were much simpler and limited to “Internet wizards” who had to keep things running in complicated programs like SendMail. But those were phased out.
A very clever cryptographic back door called Clipper backed by Congress and the Executive was then introduced and rejected as insecure in the 1990′s. What is different in this case was the NSA engaged partners and the users supplied the data for free services like webmail. The company that engineered the backdoor was going to patent it.
Most disturbingly is the sole use of TLS in medical records transfer in which patient safety can be compromised by data being altered in transit. There are two areas of concern.
1. Patient records or prescriptions used in day to day medical records
2. Millions of devices that exist in the Internet of Things that operate in hospitals via wireless security, (sometimes using WEP authentication that you would not use for your home wireless router).
This was demonstrated in the popular television show Homeland, but the actual research was done by a hacker on pacemakers and insulin pumps to improve security. He is now dead and not contributing to the discussion.