Twitter Implements Forward Secrecy; Says It 'Should Be The New Normal'

from the protecting-your-privacy dept

There's been a lot of talk recently about getting more web companies to look at using forward secrecy to make HTTPS connections even more secure. That link from Parker Higgins at EFF explains the basics. It appears that folks at Twitter were paying attention, as they've now announced how they've implemented forward secrecy to better protect privacy. In practical terms, this means that if someone (hello NSA peoples!) is recording all encrypted traffic today, and then are later able to crack or steal Twitter's private encryption keys, they shouldn't be able to go back and decrypt the stored data. That's as opposed to the way many now implement security, in which if the key gets out, it's basically game over for privacy on previously encrypted files.

The Twitter blog post on this actually goes into a fairly detailed discussion about the technology choices they made, and the trade-offs involved. It's pretty clear this wasn't just written by a PR person. That said, security researcher Nicholas Weaver notes some potential issues with Twitter's transport encryption choices, noting that there are some indications that RC4 is no longer secure, even when used in TLS. Hopefully further changes can make it even more secure.

That said, the Twitter blog post makes a key point towards the end, about how greater and greater security, especially against the ability of an entity like the NSA, needs to be "the new normal."

At the end of the day, we are writing this not just to discuss an interesting piece of technology, but to present what we believe should be the new normal for web service owners. A year and a half ago, Twitter was first served completely over HTTPS. Since then, it has become clearer and clearer how important that step was to protecting our users’ privacy.

If you are a webmaster, we encourage you to implement HTTPS for your site and make it the default. If you already offer HTTPS, ensure your implementation is hardened with HTTP Strict Transport Security, secure cookies, certificate pinning, and Forward Secrecy. The security gains have never been more important to implement.



Reader Comments (rss)

(Flattened / Threaded)

  1. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Nov 22nd, 2013 @ 3:55pm

    Here's the payload: "secure cookies, certificate pinning"

    Those will be NECESSARY and PERMANENT, which will allow better TRACKING. So this is actually stealth way to force everyone to be tracked, NOT about security.

    And a communication service in which presumably one wants the messages widely read is contrary to encryption! To me: sense no makes.

    Cerf - who is Google's chief internet preacher - added: "Privacy may be an anomaly."
    http://www.theregister.co.uk/2013/11/20/vint_cerf_privacy_may_be_an_anomaly_online/

    11:54:17 [m-917-8]

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Nov 22nd, 2013 @ 4:15pm

    Re: Here's the payload: "secure cookies, certificate pinning"

    Nothing makes sense to you.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Nov 22nd, 2013 @ 4:20pm

    Re: Here's the payload: "secure cookies, certificate pinning"

    Are you stupid on purpose, it is all natural or they pay you something?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Nov 22nd, 2013 @ 4:24pm

    Re: Here's the payload: "secure cookies, certificate pinning"

    Those will be NECESSARY and PERMANENT, which will allow better TRACKING. So this is actually stealth way to force everyone to be tracked, NOT about security.

    You have to work extra hard to so totally misunderstand things. I mean, you didn't just misunderstand something, you took it to a new level of blatant wrongness.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Nov 22nd, 2013 @ 4:42pm

    Re: Here's the payload: "secure cookies, certificate pinning"

    Secure cookies refer to Secure and HttpOnly attributes.

    The Secure attribute is meant to keep cookie communication limited to encrypted transmission, directing browsers to use cookies only via secure/encrypted connections. If a webserver sets a cookie with a secure attribute from a non-secure connection, the cookie can still be intercepted when it is sent to the user by man-in-the-middle attacks.

    The HttpOnly attribute directs browsers not to expose cookies through channels other than HTTP (and HTTPS) requests. An HttpOnly cookie is not accessible via non-HTTP methods, such as calls via JavaScript (e.g., referencing "document.cookie"), and therefore cannot be stolen easily via cross-site scripting (a pervasive attack technique[29]). Among others, Facebook and Google use the HttpOnly attribute extensively.


    The certificate pinning, may or may not be used for tracking by one entity but it reduces the tracking by others meaning instead of everyone being able to track you only that one entity you contacted will be able to do it.

    So please enlighten us all, how is this bad at all? I be surprised if you actually can backup your big mouth there.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Nov 22nd, 2013 @ 5:10pm

    why would twitter want this encryption ?? tweets are public knowledge anyway, what is the point of encryption ???

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Nov 22nd, 2013 @ 6:55pm

    Re:

    There are no stupid questions, except yours.

     

    reply to this | link to this | view in thread ]

  8.  
    icon
    Coyne Tibbets (profile), Nov 23rd, 2013 @ 7:02am

    2%

    Hmmmm, gee. The party wholly owned by the top 2% is in favor of a treaty of the 2%, by the 2% and for the 2%. Who'da thunk?

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Nov 23rd, 2013 @ 7:23am

    to prevent passive wiretapping

    why would twitter want this encryption ?? tweets are public knowledge anyway, what is the point of encryption ???

    Although writers publish everything, the encryption protects the readers against wiretapping by 3rd parties. This forces them to use active MitM attacks. See http://www.snowdenandthefuture.info/ why reading anonymous is important.

    Only twitter learns what readers are interested in. To protect against that, readers need to read without all cookies, supercookies, Etag-headers, caching headers and guard all other browser fingerprinting attacks. Or use Tor.

    Still an improvement.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous, Nov 23rd, 2013 @ 11:23am

    I'm tired of this "new normal" crap. And I wish Old Miley would come back.

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    WulfTheSaxon (profile), Nov 23rd, 2013 @ 1:49pm

    Re:

    There are three main reasons for encryption on Twitter (besides account security):

    • It prevents third parties from determining your Twitter reading habits.

    • It prevents third parties from determining who owns a Twitter account.

    • Protected Tweets.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    toyotabedzrock (profile), Nov 23rd, 2013 @ 4:01pm

    So hackers just need the ssh key to get up to date session tickets.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous, Nov 24th, 2013 @ 8:34am

    Re: Re: Here's the payload: "secure cookies, certificate pinning"

    What DOES make sense in this world anymore?

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This