Great product...
Rich Frenkel
I like the concept and so far the execution of your product. One thing
that I'd like to see would be a credible independent analysis of your
security model and actual code. Another would be a credible
independent certification of your company.
It's impossible to sniff the packets that pass between my computer and
the site since they're all encrypted. I'd love to store all my
passwords with you since an encrypted password is much more secure
than using the same password everywhere, using short passwords,
writing them down on pieces of paper etc. But clearly an organized
crime group could pay for a nicely developed online password system...
you get the idea. So credibility is everything :) I of course do
believe that your system works like you say and that you are
completely above board: this site looks like a labor of love not
crime.
I think the company certification is probably the most important since
code can be changed. If you can get some convincing testimonials, a
big insurer to cover any breaches, etc. that would really help the
confidence level.
Giulio Cesare Solaroli
On 12/21/07, Rich Frenkel <ri...@frenkelfamily.org> wrote:
>
> Hi,
>
> I like the concept and so far the execution of your product. One thing
> that I'd like to see would be a credible independent analysis of your
> security model and actual code. Another would be a credible
> independent certification of your company.
You may find some discussion about this topic here:
<http://www.clipperz.com/learn_more/crypto_foundations>
> It's impossible to sniff the packets that pass between my computer and
> the site since they're all encrypted.
If you want to take a look at what data is exchanged between your
browser and our server, you may want to use Firefox with the FireBug
extension.
FireBug allows to log all the details of the XHR requests your browser
sends to our servers; and since it is the browser itself to log the
data, the HTTPS layer causes no problem.
> I'd love to store all my passwords with you since an encrypted password
> is much more secure than using the same password everywhere, using
> short passwords, writing them down on pieces of paper etc.
> But clearly an organized crime group could pay for a nicely developed
> online password system... you get the idea.
> So credibility is everything :)
Sorry, but we don't share this interpretation of "security". :-)
Please, take a look at this post where we have written down the
definition of "zero-knowledge" application:
<http://www.clipperz.com/users/marco/blog/2007/08/24/anatomy_zero_knowledge_web_application>
The short version is: "if you need to trust us, something is severely
broken security wise".
We provide the full code of each version (and all the previous
versions are stored for reference, so you can also look for
differences between two versions), and we are also working on a way to
check that the code downloaded by the browser has not being tampered.
I access the application using this "alternate" url myself:
http://del.icio.us/gcsolaroli/clipperz
There you find an url that starts a script comparing the hash of the
page provided by our server against a known signature; if the two
don't match, a security warning is raised.
This solution is far from ideal, but this is the path we want to
follow. Not trust.
We perfectly understand that not everybody is willing or even able to
check through the code to "certify" it; but the code is published (all
the versions we have released are publicly available), and it would be
enough that a single person found a broken statement in it, to kill
the whole project and company.
More that this, the code is arranged to tunnel all the communications
with the server in a few well defined points (that I am more than
willing to point ou to any interesting party); it would be enough to
double check that all the information passing through these points is
correctly handled to ensure your data are not leaving your browser in
a clean format.
> I of course do believe that your system works like you say and that
> you are completely above board: this site looks like a labor of love not
> crime.
Thanks!!
We are really enjoying this project, and we are really putting all our
best effort to make it worthy.
> I think the company certification is probably the most important since
> code can be changed. If you can get some convincing testimonials, a
> big insurer to cover any breaches, etc. that would really help the
> confidence level.
We don't share this vision, but we are equally trying to build some
reputation about our company behaving at our best, being completely
transparent on any subject, even money:
<http://www.clipperz.com/users/marco/blog/2007/04/11/the_money_side_of_clipperz>
Thank you very much for your praise.
Best regards,
Giulio Cesare
paul...@gmail.com
data being exploited is unimaginable!
But having given this matter some thought, I don't think that a
security audit of Clipperz would make me feel any better, specially
after considering the following example;
We put trust in our Government, after all they know everything about
us, and giving them personal information is not optional - we have to
by law! but just think how many security breaches there have been over
the past 2 months - 25 million Child Benefit records lost including
bank details. So much for credibility and trust!
BUT.. using a zero-knowledge model, it matters not if the holders of
the data were incompetent or dishonest, because what they hold is
worth nothing.
I suppose the big question is whether Clipperz operates as a zero-
knowledge application or not, and I am not sufficiently computer savvi
to determine either way, but I think that Giulio, by making his code
available for scrutiny, and making himself available to answer
technical questions has introduced an element of integrety and trust
in the product. Especially as Giulio says;
spot a fake cliperz site as your unique links and passwords would not
be present or work, but none the less, Giulio may wish to consider
introducing an encrypted user defined 'welcome message', similar to
the ones used by Banks and Financial sites. (ie if your personal
greeting is not present, then the site is a fake.) Meanwhile, I am
using the link;
Giulio Cesare Solaroli
On 12/21/07, paul...@gmail.com <paul...@gmail.com> wrote:
>
> [...]
>
> Phishing scams always worry me, but I think that it would be easy to
> spot a fake cliperz site as your unique links and passwords would not
> be present or work, but none the less, Giulio may wish to consider
> introducing an encrypted user defined 'welcome message', similar to
> the ones used by Banks and Financial sites. (ie if your personal
> greeting is not present, then the site is a fake.)
we have devoted a lot of time to this topic, but we were not confident
with any of the available options.
All the current anti-phishing solution tries to ensure you are
connected to the right server; this is perfectly fine for sites you
(have to) trust (like a bank, that own all of your data anyway), but
for a zero-knowledge application this is simply not enough.
In order to leak your credentials, it would be enough a very simple
change into the application code; and changing the application code is
way too easy for a long list of people, starting from our own
employees (we don't have employees at the moment, but we hope to grow
enough to be able to recruit someone helping us), the people working
at our hosting provider, the police, someone being able to remotely
hack our site, etc ...
For all these reason, we have not implemented, and are neither going
to add later, any anti-phishing feature; we don't want our users to
feel an unreasonable sense of safety.
The script I am using to access the Clipperz application is a step
into the "right" direction, but it still has a long list of problems
we are working on to fix:
- it is running on our own servers, so it may be compromised together
with the main application; anybody is free to run it on their own
server, but at the moment I don't have any other server where to run
it;
- the application signature check is performed by the script, while
the browser will run the application downloaded with a different
request; this represents a possible attack vector, as the content sent
to the script may be different from the content sent to the browser
itself. We are trying to find a convenient way to perform the checksum
on the browser itself, but we have not found a reasonable solution
yet;
- even if you are able to run the checksum on the browser, you need to
know which is the "trusted" (whatever this means) signature to use. At
the moment we provide a reference signature on a box on our site, but
you obviously would like to keep it somewhere else, in order to avoid
using a compromised signature.
The application source code we provide to download, has a build script
that performs the same exact steps executed to generate the online
application, and ends writing out the signature of the generated page.
In this way, you may be able to generate the checksum on your own
without having to trust the online value reported on our site.
We perfectly understand that many of these steps are not trivial to
execute; but we are also perfectly aware that we can not take any
shortcut security wise.
We will continue do our best to find convenient ways to achieve these
same results effortlessly, but until then in order to achieve complete
security we need some efforts from our uses too.
> Meanwhile, I am using the link;
> > I access the application using this "alternate" url myself: http://del.icio.us/gcsolaroli/clipperz
Possible ways to improve this simple practice are:
- call the script from your own bookmark, so you may realize whenever
the application is updated;
- host the script on you own site (the code of the script is attached
to a message posted to this group a few months ago);
Best regards,
Giulio Cesare