Thursday, April 10, 2014

Belt suspenders and duct tape


How we can reduce the effects of heartbleed next time.

For too long we have talked about layers of security and really not walked the talk. The Open SSL weakness was a mistake but mistakes happen and sometimes they take a long time to uncover. We have put too much stock in just link level security. Securing our data and our passwords with the same technology, is not really the best plan.

With over a billion TPMs deployed, it is time to leverage this technology and provide the tamper resistant authentication that assures the link does not have to be trusted to assure the security of the access control.  Challenge response with a device is a powerful defense mechanism.  The one time random number that is used to challenge the chip is of little use to a man in the middle. The weakness of OpenSSL would not have affected a TPM authentication. The data transmitted after you log in would still be vulnerable.

TPM can be seen as a single point of failure if a machine is stolen. Adding a Self Encrypting Drive provides a complete 2nd level of protection that my token is not used by someone else. It is a simple inexpensive mechanism to provide world class protection to my device as a token. Layering high quality security technologies provides a web of safety for the user and can make it easier to recover from a loss. We have to approach each of the security issues in this manner to continue to layer our protections.

Heartbleed will require everyone to reset their passwords in a week or so after the holes have been fixed. If TPM had been in broad use the TPM credentialing mechanism would not have been put at risk and could have played a role in reducing the impact of an OpenSSL mistake. The reverse is also true - if TPM where to fail, having strong SSL would play a great role in aiding recovery.

Message security is another technology that we need more investment in.  Moving from securing links to securing message traffic provides isolation of your sensitive data to many potential weaknesses in the global Internet. Computers are now fast enough to provide us with data encryption at the message level so the data in transit and the data at rest is protected. It is not okay for dropbox to not encrypt the data at the client anymore.

The rise of Trusted Execution Technology, distributed applications and the Blockchain will put better security into our everyday apps. It will be expected that information is encrypted, isolated, and private. Bitcoin has the potential to bring best in class cyber security to the kids for messaging and to all of us for the information we use every day. The internet is growing up and we need to have multiple safety systems put into use. The companies who rely only on the one button to keep their pants up, might want to re-visit Belts, Suspenders and the ole reliable Duct Tape!

No comments:

Post a Comment