Fixing the foundations
Moxie Marlinspike is not your average techie. Self-described as a software engineer, hacker, sailor, captain, and shipwright, when Marlinspike isn't out sailing on open waters, he's working at solving the world's online security problems.
The past year has been characterised by multiple high-profile hacks and security breaches, which have elevated the issues surrounding online security in the public consciousness. One of the main forces behind this has been infamous hacking collective, Anonymous.
Marlinspike says Anonymous' antics haven't necessarily changed the threat landscape, but rather dramatically highlighted just how dire the existing security landscape is and always has been.
“If we dissect the vectors that Anonymous employs for their attacks, they aren't anything new or revolutionary, but most often simple techniques that are just deployed with persistence,” says Marlinspike.
“Governments have indicated that they wish to respond to the threat of Anonymous in some way, perhaps through legislation that would make surveillance or discovery of Anonymous agents more efficient, but the truth is that if a 14-year-old is capable of pulling off these hacks, then Anonymous is simply highlighting a problem which extends far beyond them.”
Marlinspike says the foundations of secure communication on the Internet are disintegrating: “Largely due to irresponsible behaviour from organisations, which we chose long ago to provide the security mechanisms we all depend on when transmitting sensitive information to Web sites.
“We've gotten into a situation where we can no longer choose to un-trust these organisations, because they are so embedded in the fabric of all our secure communication, and they know it.”
Marlinspike has spoken extensively about the flaws of the certification authorities (CA) system and Secure Socket Layer (SSL) as the current protocol for encrypting information on the Internet.
“Generally speaking, all secure protocols need to provide three things: secrecy, integrity, and authenticity. If any of these break, the whole protocol breaks. SSL doesn't do any of the three very elegantly by today's standards,” says Marlinspike, adding that it is amazing that SSL has endured for as long as it has.
According to Marlinspike, the majority of attacks in recent years have focused on the “authenticity” aspect of the secure protocol. “The designers of SSL chose to use Certification Authorities as a key component of the authenticity process, and we've been stuck with that decision even after having long since outgrown the circumstances in which it was originally imagined.”
Marlinspike proposes that the current problems with the CA system can be reduced to a single missing property which he defines as “trust agility”.
“Trust agility is a design goal for a system which would replace the old guard, and it simply means that we would have the ability to un-trust someone just as easily as we chose to trust them originally. That there could never again be a group of organisations that we're locked in to depending on forever, even when they no longer warrant our trust.”
Marlinspike says the bar for online security is “exceptionally low”. “At this point, people seem pleased if companies merely admit to having had a security breach and respond in a way that's remotely reasonable. That should be the minimum, not something companies deserve accolades for.”
Privacy vs society
When it comes to social media and recent events such as the Address Book-Gate saga that saw services like Path rapped over the knuckles, Marlinspike says the issue is not that people are too trusting of the services they use, but that “we literally have no other reasonable choice”.
“When the only substantial mechanism to communicate with your friends, find out about social events, stay in touch with colleagues, or find out about the relevant news in your industry is privacy-invasive, the only choice you can make in order to maintain your privacy is to reject society. And that's a tough choice to make,” says Marlinspike.
“As long as we're forced to choose between privacy and using the social media tools, which have replaced the connections that define communities, we as individuals are going to lose. I believe that technologies which help us reject the false choice between privacy and participating in society are our best bet, but there's a lot of money focused on the opposite.”
Marlinspike will expand on his ideas surrounding trust agility at the upcoming ITWeb Security Summit, from 15 to 17 May, at the Sandton Convention Centre.
The event will focus on reinventing information security where trusted technologies have failed. Among the issues to be focused on during the two-day event will be the cyber war threat, IT security and politics, the growing IP theft problem and the rise of hacktivism.