Hello Paul,
On 12/21/07, pauldr...@gmail.com <pauldr...@gmail.com> wrote:
> [...]
> Phishing scams always worry me, but I think that it would be easy to
> spot a fake cliperz site as your unique links and passwords would not
> be present or work, but none the less, Giulio may wish to consider
> introducing an encrypted user defined 'welcome message', similar to
> the ones used by Banks and Financial sites. (ie if your personal
> greeting is not present, then the site is a fake.)
we have devoted a lot of time to this topic, but we were not confident
with any of the available options.
All the current anti-phishing solution tries to ensure you are
connected to the right server; this is perfectly fine for sites you
(have to) trust (like a bank, that own all of your data anyway), but
for a zero-knowledge application this is simply not enough.
In order to leak your credentials, it would be enough a very simple
change into the application code; and changing the application code is
way too easy for a long list of people, starting from our own
employees (we don't have employees at the moment, but we hope to grow
enough to be able to recruit someone helping us), the people working
at our hosting provider, the police, someone being able to remotely
hack our site, etc ...
For all these reason, we have not implemented, and are neither going
to add later, any anti-phishing feature; we don't want our users to
feel an unreasonable sense of safety.
The script I am using to access the Clipperz application is a step
into the "right" direction, but it still has a long list of problems
we are working on to fix:
- it is running on our own servers, so it may be compromised together
with the main application; anybody is free to run it on their own
server, but at the moment I don't have any other server where to run
it;
- the application signature check is performed by the script, while
the browser will run the application downloaded with a different
request; this represents a possible attack vector, as the content sent
to the script may be different from the content sent to the browser
itself. We are trying to find a convenient way to perform the checksum
on the browser itself, but we have not found a reasonable solution
yet;
- even if you are able to run the checksum on the browser, you need to
know which is the "trusted" (whatever this means) signature to use. At
the moment we provide a reference signature on a box on our site, but
you obviously would like to keep it somewhere else, in order to avoid
using a compromised signature.
The application source code we provide to download, has a build script
that performs the same exact steps executed to generate the online
application, and ends writing out the signature of the generated page.
In this way, you may be able to generate the checksum on your own
without having to trust the online value reported on our site.
We perfectly understand that many of these steps are not trivial to
execute; but we are also perfectly aware that we can not take any
shortcut security wise.
We will continue do our best to find convenient ways to achieve these
same results effortlessly, but until then in order to achieve complete
security we need some efforts from our uses too.
Possible ways to improve this simple practice are:
- call the script from your own bookmark, so you may realize whenever
the application is updated;
- host the script on you own site (the code of the script is attached
to a message posted to this group a few months ago);
Best regards,
Giulio Cesare
