Hi John,
Am Freitag den, 21. Juni 2002, um 17:00, schrieb John Stracke:
And at least I think you are too pessimistic by the small number of
interested people. I have the impression here in germany are still lots
of people concerned and frightend everytime some tv magazin reports
online banking bugs here and security frauds there. If everyone is
complaining how about solving it in a simple way?
But this doesn't solve the actual problem--nearly all cracks of online
banks, stores, etc., are *not* done by intercepting HTTP traffic.
They're usually done by exploiting security bugs in the server
software and stealing information out of the databases. sigHTTP would
do nothing about that; in fact, it might exacerbate the problem, by
diverting resources that could instead be spent on securing the
server.
Here we had already one case where an intruder changed silently the html
programming of a banking portal.
He changed the login form in such a way that he was sent the one time
transaction code of the money transfer and displayed an successful
result by himself from the hijacked web server. The SSL certificate was
of no use in this case, it even kept the user in wrong confidence.
The SigHTTP would have been a solution for this case. Changing already
signed HTML content wold have deleted or modified the signature and a
SigHTTP cpapable browser or third party tool would have been given the
chance to alert the user.
The "best thing" for sure is a perfect hardened server but I think there
must be a second layer of security.
--
Think Safety
www.security-gui.de & www.sighttp.org