[Mailman-Developers] Encrypted lists predictable difficulties and implementation needs

Tue Mar 21 18:16:20 EDT 2017

On Tue, Mar 21, 2017 at 04:04:20PM +0100, johny wrote:
> Shifting the attacker to actively compromise devices is an overall
> improvement.

If "compromising devices" was difficult, I might agree.  But it's not.
Devices of all descriptions have been and are being compromised in
enormous numbers on an ongoing basis even by relatively unskilled
attackers -- since they can buy/lease the requisite tools and infrastructure
and use them without needing to understand how they work.

I think you (and others) are continuing to badly underestimate the
scale at which this is taking place.   We're not talking about an
ecosystem in which 2% or 6% of devices are compromised; we're talking
about one in which any estimate under 25% should be laughed out of
the room and an estimate of 50% should be given serious consideration.
(I think the latter may be still be too high.  But it's certainly
within the realm of plausibility.)   We're also talking about an
ecosystem in which, increasingly, vendors are shipping devices that
are essentially pre-compromised at the factory due to very poor
and entirely self-serving design and implementation decisions.

> There are plenty of threat actors for which sniffing traffic to a
> plaintext mailing list might be easy, however overcoming a well setup
> encrypted mailing list system would be quite hard.

I don't think so, if the mailing list is of sufficient size.  (Certainly
one with only a handful of people might be hard to crack, but that
would be fairly hard today even without encryption.) 

> The system security only increases in this case. It's security is
> obviously debatable against state actors/equivalent threats, there it
> might not improve much, but improves significantly against other threats.

State actors are not necessarily the biggest threat.  They might
have the most resources, and they might have the best cryptographers,
and they certainly have the most political power (e.g., NSLs in the US),
but they also have their own areas of focus and this may not be one of them.

If there's money to be made by trafficking in information, then others
will take an interest.  They may not have the resources, cryptographers,
power, etc., but they do have some very talented personnel, stockpiled
exploits, and rather a lot of experience with mass compromise of end
user systems.  These are not script kiddies in mom's basement, these
are professionals with the discipline to identify and attack targets
successfully on a large scale.  Don't underestimate them.  *That*
particular mistake was already made by every ISP on this planet ~15
years ago, which is one of the major reasons the problem has the
scope that it has today.

---rsk