[conspire] Fraudulent SSL certs for *.google.com from DigiNotar

[Edward Cherlin]

On Wed, Aug 31, 2011 at 17:41, Rick Moen <rick at linuxmafia.com> wrote:
> Quoting Edward Cherlin (echerlin at gmail.com):

Here Rick and I are again, in violent agreement.

>> The best advice I know is never to put data on the Internet unless you
>> are willing to see it published on the front page of the New York
>> Times. Not just Usenet postings that are publicly available to search
>> on Google, _anything_.
>
> The 'best advice you know' is pretty _bad_ advice.  Terrible, in fact.
>
> I'm really comfortable putting significant amounts of my personal
> sensitive data on my own server, administered by me in my own house,
> using my own DNS and my own first-stage routers, onto the Internet.

Well, then I need to clarify what I said. Don't put stuff on the
Internet under someone else's control unless you are willing to see it
published. Google Docs, your reading lists at bookstores and what
videos you watch, any of that. How many people do you know who can
correctly manage their own server at home with their own DNS? Out of
how many computer users that you know?

Let me clarify further. I don't mean that you should keep lots of data
off the Internet. I mean that you shouldn't mind having information
about you published, with quite limited exceptions, and just keep
those exceptions off corporate information-gathering systems. For
example, I detest munging e-mail signatures as a supposed anti-spam
measure. I publish my e-mail address and phone number on most of my
personal pages, at Earth Treasury and on sites such as the Sugar Labs
Wiki.

I have only ever had one problem with this policy, an idiot who called
me up to tell me that I had posted one too many times on the Internet,
and that he and his buddies knew where I lived and were following me.
I lived outside a small enough town at the time that I could tell
without checking that it was all lies, and indeed he had no idea where
I lived. The other major idiot I ran into claimed that I was a major
anti-Semite and that he was working for "Lybia". But that was from
Usenet posts about Spam. YMMV, of course.

> (It doesn't have my medical data or my finances; some things are
> sufficiently sensitive that they're best kept mostly on paper.)

So we agree about keeping sufficiently sensitive data off the Net
entirely. You are confident in your ability to protect less sensitive
data on your own server, and you are very likely correct. I would not
recommend that the less skilled try it. Would you?

> However, I'm also really comfortable using my own open-source Web
> browser on my own open-source OS installation on my own workstation to
> reach across an SSL link over the Internet to discuss confidential
> medical matters with doctors at Kaiser Permanente.

Material shared with _people_ using end-to-end encryption is also not
data on the Internet, unless the people at the other end are doing
something stupid. I was suggesting that people not regard, say,
_plain-text e-mails_ to the doctor to be entirely private, regardless
of HIPAA.

> I'm really comfortable to use that same Web client setup to talk to my
> bank and some credit-card vendors about my private finances and credit
> accounts.
>
> I'm not willing to see any of that on the front page of the _New York
> Times_.  However, since I understand the risk models in question, I know
> how highly improbable disclosure through technical-level failure is.

And social engineering, where hundreds of thousands, perhaps millions
of accounts are compromised at one time?

I don't trust banks or credit-card vendors to keep my data secret (but
I don't worry about keeping my bill payments secret). Too many have
been hacked or social engineered. It is true that this is individually
improbable, like getting struck by lightning, except in the case of
Crypto AG. But it is statistically inevitable. I have so far been
willing to accept financial organization and government assurances
that I can be made financially whole if they get hacked, no matter
what happens to my information.

> You know what really offends me as an open-source person?  Conditioned
> helplessness.  And that is what attitudes like the one you express,
> above, leads to.

Thus ignoring everything I said about teaching children not to be
helpless. Rick, you have the wrong end of the stick. You are
interpreting my advice _backwards_, as a counsel of despair, as I
shall endeavor to explain.

> I write about how to curtail and control security
> exposures so people do _not_ need to 'never put data on the Internet
> unless you are willing to see it published on the front page of the _New
> York Times_', making the existence of thieves, rogues, and incompetents
> at crypto companies, domain registrars, etc. _not_ a disaster

Exactly my goal, also, that they should be not a disaster.

> -- and one
> might say that a large part of my entire profession revolves around
> people who hold your view being wrong.

Whereas my professional life revolves around people who would not meet
your standards of knowledgeability, even after reading your advice.
People like me, even, and several million children much more so. I can
understand your advice, being a mathematician and computer scientist,
but I prefer not to have to carry it out in detail, so that I don't
have to memorize it and then keep checking back to see what has
changed. Of course, I agree on not running proprietary malware, and on
downloading security patches only on systems with reasonable prior
security. But that is not our current topic, which is placing personal
data on proprietary servers on the Web.

The second part of my advice, which I did not add last time, is not to
have secrets that you would be unwilling to have published, or if that
doesn't work, to keep them actually secret. Not only off the Net, but
entirely unknown to others.

Three can keep a secret, if two of them are dead.--Ben Franklin

Otherwise, you might as well just publish. None of your personal
secrets are worth money to anyone or embarrassment to you if they are
not secrets, unless you inhabit one of our subcultures that obsesses
about such things.

On medical secrets, read Tuesdays With Morrie. (I have  diabetes,
ADHD, very moderate high blood pressure, BPH, and a few minor issues
that I won't bore you with. My father and his brother died from
complications of diabetes. My mother died from heart damage sustained
fifty years earlier. My 95-year-old father-in-law has squamous cell
cancer, which is very unlikely to mestastasize because he is very
unlikely to live that much longer. See?)

Finance, unless you are, say, a bootlegger with the New Jersey mob
like my grandfather, or have a heavily proprietary product that you
are pitching to vulture capitalists, is just numbers. (I am retired on
Social Security with a house in Indiana, where the livin' is easy, and
modest savings. My wife, also retired, stands to inherit money and
property worth something, but my father-in-law doesn't want to say how
much. The exact details don't matter much, except to the IRS.)

I live fully on the Internet, and I don't care who knows it. I would
be delighted if the NYT saw fit at some point to write up me and my
plan to teach a billion children at a time to take over the world.
(I'm not holding my breath.) Even if it included my medical and
financial situation as part of the analysis of my chances of any sort
of success.

-- 
Edward Mokurai (默雷/धर्ममेघशब्दगर्ज/دھرممیگھشبدگر ج) Cherlin
Silent Thunder is my name, and Children are my nation.
The Cosmos is my dwelling place, the Truth my destination.
http://wiki.sugarlabs.org/go/Replacing_Textbooks