Re: FYI: More on WebTV security
--- begin forwarded text X-Sender: dstoler@gptmail.globalpac.com Mime-Version: 1.0 Date: Tue, 13 Oct 1998 05:38:59 -0700 To: Pablo Calamera <pablo@microsoft.com>, rah@shipwright.com, mac-crypto@vmeng.com From: dstoler@globalpac.com (dstoler) Subject: Re: FYI: More on WebTV security Cc: jimg@mentat.com Dear all, This message discusses Microsoft's recent press release where they announce unlimited 128 bit RC4 export approval for WebTV users in Japan and the UK with no key escrow. They announce secure email between WebTV users in addition to security for financial services, web shopping, etc. http://www.microsoft.com/presspass/press/1998/Oct98/EncryptionPR.htm (See the end of this message for key paragraphs of the press release.) I rarely post messages on the crypto mailing lists. I am sufficiently disturbed by Microsoft's recent WebTV press release that I feel compelled to comment. The press release implies that there is secure end-to-end email between two WebTV customers. Perhaps I am overly cynical, but I am guessing that they are using SSL (TLS) from a web based email application on the client to WebTV's servers. I presume email data is decrypted at the servers, then re-encrypted to the recipient when she uses the WebTV client to read email. This approach would allow access to private email at the servers by WebTV employees or law enforcement agencies. Note the careful use of the phrases "unauthorized party" and "without posing undo risks to national security and law enforcement" in the press release. I believe that WebTV's email security is directly coupled to their ability to establish and enforce good security policy within their operation and the trustworthiness of the employees who have access to sensitive data. I am concerned that carefully constructed wording of Microsoft's press release implies stronger email security than really exists. I hope I am wrong. David Stoler Key paragraphs from Microsoft's press release: WebTV Networks has been granted the first export license to use strong 128-bit encryption for any user and any application in Japan and the United Kingdom. So, for example, an e-mail message with personal information sent from a WebTV subscriber in Japan to a second WebTV subscriber in Japan will be sent securely because there is no known technology by which an unauthorized party could intercept and decipher it. Therefore, as part of the WebTV Network, the WebTV-based Internet terminal (starting at under $100) is now the most secure communications device available from a U.S. company. "WebTV Networks' export approval is a significant step for industry and reflects the U.S. government's commitment to promoting e-commerce abroad," said William Reinsch, U.S. undersecretary for export administration. "The WebTV Network provides secure communications for its customers and partners without posing undue risks to national security and law enforcement." --- end forwarded text ----------------- Robert A. Hettinga <mailto: rah@philodox.com> Philodox Financial Technology Evangelism <http://www.philodox.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Has anyone hacked WebTV to enable a terminal to connect to a plain vanilla ISP (or better yet a local ethernet) or is it inexorably tied to their network of proxy servers? I get the impression that like a Newton or any other graphically limited device a WebTV browser would have to be aided by a proxy server that translates the content to more amenable form before it can take a crack at it. If it were possible to divorce it from their service it might be a nifty device for less than $100. This would become especially appealing if 128 bit crypto were thrown into the bargain. Steve Bryan Vendorsystems International email: sbryan@vendorsystems.com icq: 5263678 pgp fingerprint: D758 183C 8B79 B28E 6D4C 2653 E476 82E6 DA7C 9AC5
At 06:32 PM 10/13/98 -0700, SDN wrote:
More relevant to the list, the threat model for the WebTV service/box is primarily concerned about loss of user data, forgotten passwords, and unsecured data over the public internet. It's not worried about privacy from WebTV insiders. As a result, all user data is stored on the service, traffic to and from the box is encrypted, and data isn't hidden from the customer care people.
If it's not secure against insiders, then it's not only not secure against cops, it's also not secure against crackers, unless Microsoft hsa let the WebTV folks do a very good job of security. Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
On Wed, Oct 14, 1998 at 03:23:45AM -0700, Bill Stewart wrote:
At 06:32 PM 10/13/98 -0700, SDN wrote:
More relevant to the list, the threat model for the WebTV service/box is primarily concerned about loss of user data, forgotten passwords, and unsecured data over the public internet. It's not worried about privacy from WebTV insiders. As a result, all user data is stored on the service, traffic to and from the box is encrypted, and data isn't hidden from the customer care people.
If it's not secure against insiders, then it's not only not secure against cops,
I'd say it's definitely not secure against law enforcement. That's probably the primary reason why the boxes got export approval with 128-bit crypto. It's just so much easier to ask the service operators what a user has been up to, check the logs, and go... That's why I said that the threat model wasn't something a cypherpunk would be happy with. There just isn't any protection against an attacker who looks legitimite to Microsoft.
it's also not secure against crackers, unless Microsoft hsa let the WebTV folks do a very good job of security.
This is less clear. The service predates the buyout, and it hasn't (yet) migrated to NT. The people who run and maintain it are very competent (at least the ones I know personally), but anyone can make mistakes, espescially under the pressures of a startup environment. Jon Leonard Again, the above are my opinions. WebTV's opinions may be entirely different.
On Tue, Oct 13, 1998 at 11:58:37AM -0500, Steve Bryan wrote:
Has anyone hacked WebTV to enable a terminal to connect to a plain vanilla ISP (or better yet a local ethernet) or is it inexorably tied to their network of proxy servers? I get the impression that like a Newton or any other graphically limited device a WebTV browser would have to be aided by a proxy server that translates the content to more amenable form before it can take a crack at it. If it were possible to divorce it from their service it might be a nifty device for less than $100. This would become especially appealing if 128 bit crypto were thrown into the bargain.
The WebTV units are in fact tied to the WebTV service. You can use another ISP to reach the service, though, at a reduced cost. (Search for OpenISP at webtv.net.) Retrofitting ethernet onto a box isn't practical. The proxy servers do transform data, but I don't think the software in the box requires it. My understanding was that the transformations were just for faster downloads, and did things like rescale images. It doesn't matter much, because there isn't a way to avoid using them. More relevant to the list, the threat model for the WebTV service/box is primarily concerned about loss of user data, forgotten passwords, and unsecured data over the public internet. It's not worried about privacy from WebTV insiders. As a result, all user data is stored on the service, traffic to and from the box is encrypted, and data isn't hidden from the customer care people. If that doesn't fit what you want out of it (and it doesn't seem very close to a consensus cypherpunks threat model), don't get one. I think it's the best attempt at an easy-to-use network computer on the market, but I don't use one myself. It's not what I want. Jon Leonard The above opinions are mine and not WebTV's.
participants (4)
-
Bill Stewart -
Robert Hettinga -
SDN -
Steve Bryan