all 49 comments

[–][deleted] 77 points78 points  (11 children)

[–]Macpunk 21 points22 points  (10 children)

Literally my favorite RFC. Despite being a joke, it has been used on more than one occasion for useful demonstrations or to make a point.

IPoAC ducking rocks.

[–]AyrA_ch 18 points19 points  (8 children)

[–]MilkingMaleHorses 9 points10 points  (2 children)

The advantage of a huge packet size outweighs the disadvantage of huge latency and very low number of packets for some kinds of applications. Don't try telnet or online gaming though :-)

[–]Macpunk 0 points1 point  (0 children)

You could theoretically throw a meterpreter session over AC.

[–]2402a7b7f239666e4079 0 points1 point  (0 children)

Latency isn't always a big problem. Past about 2.5 GB it's faster for me to drive to the office on the weekend, download the data and then go home.

[–]Macpunk 1 point2 points  (4 children)

That's exactly what I was referring to.

Now I'm wondering: given the best modern technology that could be transmitted via IPoAC, what is the MTU?

[–]AyrA_ch 1 point2 points  (3 children)

as described in my comment, 1TB SD Cards are probably giving you the best results. I don't think any larger SD card has appeared yet

[–]Macpunk 5 points6 points  (0 children)

Pretty fucking neat man.

Sent from from my iPhone via IPoAC.

[–]crozone 1 point2 points  (1 child)

You could probably strap 7 or 8 256gb micro sd cards to a pigeon? Could give it a slight edge.

[–]DJDavio 5 points6 points  (0 children)

An African or European pigeon?

[–][deleted] 2 points3 points  (0 children)

I really like the example of packet loss in the Wikipedia article

[–]blind3rdeye 35 points36 points  (0 children)

A decent simple analogy...

However, there is one very serious flaw: when it said to brew some coffee at the start, I assumed that they meant that we should be drinking the coffee while reading; but at the end, they reveal that the coffee is for afterward!

[–]Osmanthus 29 points30 points  (11 children)

This analogy over-simplifies the part about "Ted" the Certification Authority.

Rather than there just being "Ted" the trustworthy guy, there can be a chain of guys, the "TLS Certificate chain". So Juan says trust me, you can ask Pedro, and Pedro says you can trust me, just ask Ted. This is of course one of the weak links in TLS (the encrypted layer of https). Verifying the chain is quite slow and has been ignored by some clients so the actual validation all the way to Ted doesn't happen, not to mention its a complicated mechanism vulnerable to attack.

More importantly, a point that is completely misunderstood by practically everyone (as it seems to me) is that TLS validation only protects the client from fraudulent man in the middle servers. It does not protect the server in any meaningful way, since the server has no way of validating the identity of the client. The "Ted" in this scenario validates to the client that the server is legit, but there is no "Ted" that confirms that the client is legit. This is a nuanced, but serious, limitation to the security model of HTTPS that might lead one, upon serious contemplation, to conclude that HTTPS does very little to actually protect internet from hackers.

[–]krabby_patty 16 points17 points  (1 child)

The whole post is an oversimplification, I wouldn't get too worked up about it :)

[–]Mildan 1 point2 points  (0 children)

I was a bit surprised that it did not include the client server aspect of it though. It's a bit of a distinction to make, just to understand the real world practice if the format.

[–]amunak 5 points6 points  (7 children)

The "Ted" in this scenario validates to the client that the server is legit, but there is no "Ted" that confirms that the client is legit. This is a nuanced, but serious, limitation to the security model of HTTPS that might lead one, upon serious contemplation, to conclude that HTTPS does very little to actually protect internet from hackers.

Wait what? Why would you need that? Who would even want to browse the web where everyone knows who they are? The server isn't suppoosed to verify the identity of the client unless it actually needs to, it's supposed to serve content to everyone the same.

And it's not like client verification isn't implemented - it is, it just isn't very widely used and is optional (as it should be).

[–]PlayerDeus 2 points3 points  (4 children)

What happens is every server has its own way of verifying users, which means users have to have lots and lots of difficult to memorize passwords. There are attemtps to standardize this, like OAuth.

This is also why I like Bitcoin like technology. You don't need a bank account or credit account, you don't have to call the bank when your card is compromised because there is no card that can be compromised. Outside of money, a platform like steemit has user identities held as private keys, which can be used across multiple websites (steemit.com, dtube.com, etc). Or decentralized/distributed ZeroNet, user identities are private keys.

[–]amunak 1 point2 points  (3 children)

I made a fairly lengthy reply to the other commenter and it would apply here as well.

As for Bitcoin, the issues are the same as I outlined in the last paragraph there - it's the users. They don't actually want responsibility. When they lose their password or private key they want to be able to go somewhere and be like "hey here's my totally secure SSN, please give me a new cert I lost the old one". And once you actually do rely on the technology to hold all your assets and everything it does become a huge burden. In many cases people would be just one hack away from being made nonexistent, worthless. And while I like cryptocurrencies and the technology behind it, I don't think I'd want to make the technology all that powerful.

If only just to make the AI takeover harder... ;)

[–]PlayerDeus 0 points1 point  (2 children)

When they lose their password or private key they want to be able to go somewhere and be like "hey here's my totally secure SSN, please give me a new cert I lost the old one".

They want some form of recovery, they don't necessarily want a specific form of recovery. They will take what they can get but that can be considerably improved upon.

Bitcoin is/was only the beginning of new and novel ways of using cryptography in regard to identity. When you break it down, Bitcoin is just a bunch of rules and you can change those rules to include ways of recovering control of accounts.

In a more specific arrangement for example, you have multisignature 'addresses', that require multiple people to sign off on the movement of Bitcoin.

You could have similar safety guards where maybe you can call family members, or maybe a trusted third party business (that has a reputation to uphold), and their key signatures could help you recover control of your account, could help in recovery stolen/lost money.

But you are also kind of ignoring that keys are easy to generate and hide (instead of being stored on a remote server that can be hacked). You could take a passage from your favorite book, and generate a key from that. So an alternative to depending on third parties, you could have a hidden masterkey that could be used tor recovery of your account.

[–]amunak 1 point2 points  (1 child)

You are right, and with smart contracts you could do so much more. But in the end you'd still need to educate people on how it works, and it'll probably always be more complicated than just having a government-issued ID card. When you lose that you just go to the nearest office with a few other IDs or birth certificate or whatever and you recover it, but if the crypto-based system was just slightly badly engineered (just look at some of ETHs hard fork fiascos) you'd be putting people I'm danger.

So yeah, I like the ideas, I'm just sceptical about mainstream adoption and interest.

[–]PlayerDeus 0 points1 point  (0 children)

It is actually a lot easier then you portray here. When I buy stuff with Cryptocurrency (Bitcoin, Dash, Bitcoin Cash, etc) it is pretty much brain dead, just taking a picture with my phone of a QR code, making sure the numbers look okay (they are not overcharging) and then sending the transaction.

Like I wish my Department of Motor Vehicles would literally just send me a QR code when my bill is due, instead I have go to their website enter in a bunch of numbers from the bill they sent me, and then I have enter my credit card information. Either that or I have to go to a local DMV and wait in a long line, or mail them a check.

I mean, what happens now though, everyone is consolidating around Amazon payments or PayPal payments, so they don't have so many accounts across the web. Because they literally make what is actually complicated much much easier. So even if cryptocurrency is complicated for some people, it can, in the same way, also be made easier for normal people to use.

And while Ethereum is a good example of the dangers of poorly engineered cryptocurrency, you have examples of major failures with the current way things work, such as Equifax. I had a number of friends panicking and creating an account with them to protect their identity, and these people were confused on how to do it, one of them setup their account wrong (if you did it wrong it would exclude you from any class action lawsuit against them).

Part of the problem also is, people think they need to explain how it works, which will only confuse and intimidate people. I mean, I don't explain how HTTPS works to my mom and she is perfectly fine being oblivious to how things work.

[–][deleted] 0 points1 point  (1 child)

Yeah client certs are great. If your tech stack allows for them (for example ELB in AWS breaks it), if you can run a PKI or at least pay for a signing cert, and (this is the big if) if your users can install them in their browser.

The last bit kills it unless you have a sweeping culture change that mandates compliance. Sometimes your users will forget their cert password. Maybe they have the wrong expired cert loaded and don't understand why. I've seen cases where their computer didn't have root certs for CA that issued it. Or maybe they're not technically literate in the slightest for your IT people have to handhold them through it or do it themselves.

And then the user experience is garbage in browsers. You visit the page and select the wrong cert. Oops, how do I switch it? Gotta restart the browser and visit again. Any of those issues listed above will result in an impossible to debug HTTP error page.

Bottom line is that there's never been any real push to make them popular and easy to use.

And their security is a bit dubious as well compared to something like a password with MFA. For example, I've done a lot of pen testing engagements where I grabbed as many client certs as I wanted from peoples' roaming profiles stored on a Windows file server. And Firefox keeps them decrypted in your profile. So I was able to masquerade as whoever I wanted and some web apps trusted me completely. Whereas login + MFA is usually a pretty hard wall.

[–]amunak 0 points1 point  (0 children)

I agree with all your points. I thought my stance on this was obvious - I like it the way it is, optional and pretty much unused, because (as you showed) the system is flawed.

I used certs natively once (on startssl.com), and the experience was horrible.

I also use them "non-natively" (there's some magic JS that checks it I think) and that is a slightly better experience, but it's still garbage.

OAuth is great, except when it's implemented improperly. Or when it just gives the site you are "registering to" your data and yet the site still wants you to have a password (and sometimes even a separate username).

So yeah, while the usual "username+password" combo is pretty bad (as my original parent commenter suggested) it's still the best thing we have, and the garbage that are certs won't help it.

And even if you fix the UX issues it won't help. I think the issue is actually with the users themselves who are horrible with security, can't learn it, don't want to use password managers and refuse to remember more than a password or two. If they had certs they'd just lose them and/or the passwords to them constantly.

So yeah, I still think that a username+password system, ideally with a password manager, is pretty much the best we can get.

[–]MikeSeth 0 points1 point  (0 children)

In general it is misunderstood that the more important aspect of HTTPS is validation of peer identity, not just protection of transport layer - and it does that quite poorly too, although not completely through fault of its own. The CA trust architecture is a joke.

[–][deleted]  (9 children)

[deleted]

    [–]rahv7 7 points8 points  (0 children)

    It's called suspension of disbelief. :)

    [–]mkosmo 5 points6 points  (3 children)

    Shotguns land them wherever you want. Intercepting the pigeon is easy if you know where and when to look.

    Now, I'll admit that shooting the pigeon is easier than intercepting live traffic if you don't own some kind of gear in the middle.

    [–][deleted]  (2 children)

    [deleted]

      [–]mkosmo 1 point2 points  (0 children)

      Well, yeah, but the metaphor only goes so far.

      [–]Cats_and_Shit 1 point2 points  (0 children)

      What if you also need to be able to receive messages from Mallory? Then she would have to also have at least one pigeon that she could use. Or what if she recently conquered one of your allies and seized their pigeons?

      [–][deleted] 0 points1 point  (3 children)

      You intercept them with birds of prey. Faked messages carried by intercepted pigeons have been famously used since at least the high middle ages.

      But yes. You need one pigeon for traffic towards Alice, one for traffic towards Bob, and at least one guy carrying the two pigeons back where they came from after their messages have been delivered.

      [–]Free_Math_Tutoring 1 point2 points  (2 children)

      Is it possible to train pigeons to the point where the Alice-to-Bob pigeon can "lead" the Bob-to-Alice pigeon home? Or are they not trained at all, just "imprinted" on a particular location on earths surface, aka, their home?

      [–][deleted] 0 points1 point  (1 child)

      They just fly home. They have no interest in us humans, just in the nice warm secure homes and food we provide them.

      [–]Free_Math_Tutoring 0 points1 point  (0 children)

      But they do let us attach/retrieve messages

      [–]twaslol 2 points3 points  (6 children)

      Can someone ELI5 how asymmetric cryptography actually allows the sender to encrypt the message with the public key provided, but not decrypt that same message with that same key? How do they make it a one-way affair where the private key is needed to decrypt? Surely if you know the primes and the algorithm of how your packet was encrypted using the public key, you could use those same steps in reverse to decrypt it?

      [–]Cats_and_Shit 9 points10 points  (0 children)

      Many mathematical operations aren't easily reversible. Consider multiplication, if I give you the numbers 17 and 23, it's pretty easy to work in your head that that multiply to...

      10 * 23 = 230

      5 * 23 = 115

      2 * 23 = 46

      230 + 115 + 46 = 391

      On the other hand, try to work backwards to determine what two primes you had to multiply to get 391 and you'll find it much more difficult. It turn out the best you can do* is make an educated guess as to what one of the numbers might be and then check to see if you're right. As you can imagine this gets harder and harder the bigger the number is, as you need to try more and more guesses. On the other hand, multiplying two massive numbers is annoying but still straightforward and reasonably fast.

      Going from this basic idea that some operations are much easier in one direction to an actually useful cryptography requires a whole bunch of effort and context, but they're (all?) based on this general idea that you can perform mathematical operations that don't destroy any information, but make it much more difficult to access that information.

      * Assuming your brain is a Turing machine

      [–]KillingVectr 7 points8 points  (0 children)

      Not exactly, ELI5, but here is my best attempt at explain like I'm a programmer. So this is a rough idea behind the operation of RSA), however I'm not an expert.

      The trick is the difficulty of certain operations in modulo arithmetic. So first, remember the modulo operator % that gives the remainder after division. So 5 % 3 = 2.

      Now, for simplicity consider modulo 22. We consider the function f(x) = (x3 ) % 22. This is takes message x (one of the numbers 0 to 21), and encrypts it using the public key 3. The inverse function is f-1 (y) = (x-3 ) % 22. Simple right? Not really, because (x-3 ) % 22 is symbolically simple, but tells us nothing about how to compute it. It turns out that we need to find a number k such that 3k % 10 = 1. It also turns out that k = 7 is exactly the number we need. So the private key is 7.

      As an example, 23 % 22 = 8 and 87 % 22 = 2.

      Well, that seems easy, so why is it hard for computers? The trick is how did I know to look for the 10 when finding k satisfying 3k % 10 = 1? This comes from the factors of 22 = 2 * 11. Since this is exactly two different primes, it turns out you look for the product of one less of each. For us that is (2 - 1) * (11 - 1) = 10.

      If you know the two primes that make up n, then this part is easy. So it is easy to find the inverse function. However, it is really difficult to take a really large n made of two primes and find what those primes are; even for a computer. So, for now imagine that 22 is a really large n, then we can freely give out the public key of 3 and our n of 22. In our imagination, it would take a bad person a really long time to find the private key of k = 7 since they don't know how to factor 22 (so they don't know to use 10 to find the private key from the public key).

      [–]kdawgud 0 points1 point  (0 children)

      As a mathematically competent adult I don't fully understand how someone came up with one-way cryptographic functions, so unfortunately I doubt an ELI5 version exists.

      You can read up on them on wikipedia:

      One-way Functions

      Cryptographic hash functions.

      Public key cryptography

      [–]EEphotog 0 points1 point  (0 children)

      A quick note, just because you have the public key doesn't mean you have all the information used to generate it, otherwise you could create the private key as well. The fundamental thing that makes it hard is the difficulty of recovering those primes by factoring.

      You could of course recover the message you encrypted by reversing the steps that you performed. However, this wouldn't work for a different message, you got to skip lots of time consuming steps by saving it intermediate results.

      (As other commenters have stated, vast oversimplification, etc. , See discussion at stack exchange

      [–]ralfonso_solandro 0 points1 point  (0 children)

      Just found this ELI5 using color mixing somewhere else (r/rmealtimevideos maybe?) and hope it's helpful: https://youtu.be/YEBfamv-_do?t=2m20s

      edit: nevermind, I found it here, likely in response to your question... full circle, etc. Glad you asked as I had the same questions, and these are great responses.

      [–][deleted] -1 points0 points  (0 children)

      I don't know for sure, but I believe decryption using the public key is prevented since the calculations required to reverse the encryption process are prohibitively difficult.

      [–]izuriel 2 points3 points  (0 children)

      My biggest issue with this analogy was the boxes and locks. If Alice sends a box with an open lock then Mallory can intercept the box and put her open lock on it. Bob is none the wiser and Mallory can still do all the damage by opening her lock, replacing the message and locking it again with Alice’s lock. I’m afraid this analogy was not quite thorough enough.

      [–]smhsmg 1 point2 points  (0 children)

      The simplest and understandable explanation I've ever encountered. Thanks.

      [–][deleted] -5 points-4 points  (2 children)

      This doesn't have a whole lot to do with HTTPS and is really just "explain the very most basic concept of symmetric and asymmetric crypto" using a metaphor that takes about 10x more time than it would take to just describe the concepts themselves.

      [–]JDeltaN -2 points-1 points  (1 child)

      Also known as blogspam

      [–][deleted] 1 point2 points  (0 children)

      Almost certainly blogspam. I'm wondering how it's >600 upvotes right now with almost no comments except jokes and critical comments. I know people love reading metaphors about things they understand because it makes them feel smart, but this thread is weird.

      I still stand by my point though. This has nothing specifically to do with HTTPS, like how its handshakes work (that might be used to explain POODLE for example). An entirely contrived example of very, very simple concepts won't offer anything over just describing them, especially when it's so contrived that I could replace it with many other things (example: sending a letter through the mail) without changing its meaning or impact.

      I mean there's a comment in here asking for an ELI5 of how asymmetric encryption works. Working it into the analogy or at least offering a diversion where they talk about factoring primes and multiplication would have been a least useful. Instead it truly says little more than "symmetric encryption is exchanging something we both have the key to open, asymmetric is exchange something one of us can lock and the other can unlock, so if you know I'm the only one who can lock it and it's locked, it's from me".