No, Websites Shouldn't Roll Their Own Encryption

from the just-use-ssl dept

Ben Adida calls out Apple for the poor security of its MobileMe web applications and AppleInsider for its misguided defense of Apple's design. Most users know that a special "lock" icon in the corner of their browser is a signal that the contents of the current website is encrypted in transit, protecting it from third-party eavesdropping. Evidently, users of MobileMe have been alarmed that MobileMe applications don't take advantage of this feature, even when sensitive information is being transmitted. Appleinsider says this is no big deal because Apple uses "authenticated handling of JSON data exchanges" to ensure security, and as a result SSL is unnecessary. Moreover, "if Apple applied SSL encryption in the browser, it would only slow down every data exchange without really improving security, and instead only provide pundits with a false sense of security that distracts from real security threats."

As Adida points out, this is way off base. A malicious individual may discover a security hole in the unencrypted part of the site that Apple's engineers didn't think of. Encrypting the entire session, rather than just the parts that Apple thinks are security-sensitive, provides an important extra layer of protection. There's also a more fundamental problem with AppleInsider's argument: without SSL, the user has no real assurances that he's talking to Apple, rather than a third party executing a man-in-the-middle attack (perhaps using a poisoned DNS cache). SSL requires servers to present a certificate signed by a recognized certificate authority in order to prove that it's the website it claims to be. That makes it difficult for a third party to masquerade as a legitimate SSL-encrypted website.

The scheme works because the authentication algorithm is baked into the browser and can't be changed by the website being visited. In contrast, if the authentication is performed by JavaScript code that was supplied by the server you're trying to authenticate, the "authentication" process is completely useless. A man-in-the-middle attacker can simply substitute his own bogus authentication script for the real one, and no one will notice the difference. So even if you have complete faith in Apple's ability to write secure authentication algorithms, you can't trust a non-SSL website purporting to be from Apple because there's no way to be sure it's actually an Apple server.

Training ordinary users to follow good security practices is notoriously difficult. Widespread user understanding and acceptance of the "lock" icon in their browsers is arguably the most significant improvement in web security since the web was created. It's extremely counterproductive to undermine use confidence in SSL by telling users to put their faith in Apple's magical homebrew crypto algorithms instead.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, roll your own, ssl
Companies: apple


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Michael Janke, 25 Aug 2008 @ 6:08pm

    JSON - Security

    They've apparently decided that session encryption is unnecessary.

    From JSON.org:

    "Any time you are transmitting confidential information or requests for confidential information, use SSL. It provides link encryption so that your secrets are not revealed in transit."

    So the service is vulnerable to session hijacking. Unfortunately so are many other similar services.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.