Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
@jschaumaO’Reilly Security 2017
Cutting your TLS baggage
Jan Schaumann
A really boring talk.
@jschaumaO’Reilly Security 2017
I really like boring.
@jschaumaO’Reilly Security 2017
I really like boring.
I’m so boring, even
BoringSSL is too
exciting for me.
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
http://peering.oath.com/
@jschaumaO’Reilly Security 2017
“There are two types of companies:
those that have been hacked and
those that don't know i...
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
$ units
You have: a huge infrastructure with lots of baggage
You want: a unified ingress se...
@jschaumaO’Reilly Security 2017
$ units
You have: an https service
You want: to accept end-user traffic from the internet
-...
Be f*ckin explicit about
general things.
@jschaumaO’Reilly Security 2017
Be f*ckin explicit about
general things.
(Common sense ain’t.)
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
$ units
You have: …uhm, good question
^C
$
@jschaumaO’Reilly Security 2017
- certificates with a Not Before date set prior to the
Unix epoch (00:00:00, January 1st, 1...
Any sufficiently large infrastructure
is indistinguishable from the
internet.
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
One in a million is next Tuesday
every couple of minutes.
@jschaumaO’Reilly Security 2017
https://blogs.msdn.microsoft.com...
The lowest common denominator
will always drag you down.
@jschaumaO’Reilly Security 2017
The lowest common denominator
internet of unpatchable crap
will always drag you down.
@jschaumaO’Reilly Security 2017
IoT is when
“smart” means “dumb”.
@jschaumaO’Reilly Security 2017
https://www.philips.com/a-w/mobile-privacy-notice/smart-...
@jschaumaO’Reilly Security 2017
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_...
@jschaumaO’Reilly Security 2017
Lowest common denominator is low…
https://github.com/jschauma/cipherdiff
@jschaumaO’Reilly Security 2017
$ units
You have: an x509 certificate
You want: to accept end-user traffic from the internet...
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
https://github.com/jschauma/certdiff
If it hurts, do it more often.
@jschaumaO’Reilly Security 2017
https://www.martinfowler.com/bliki/FrequencyReducesDifficult...
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
#Infosec Minimum Viable Protection
1) get buy-in from exec.
@jschaumaO’Reilly Security 2017
0) get pwned
1) get buy-in from exec.
@jschaumaO’Reilly Security 2017
https://www.netmeister.org/blog/crazy-like-a-fox.html
0) get pwned
1) get buy-in from exec.
2) incremental changes
@jschaumaO’Reilly Security 2017
Perfect is the enemy of the good.
"Eh, good enough." is the enemy
of actually good.
@jschaumaO’Reilly Security 2017
0) get pwned
1) get buy-in from exec.
2) incremental changes
3) sell something
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
Patience, young skywalker.
0) get pwned
1) get buy-in from exec.
2) incremental changes
3) sell something
4) profit
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
0) get pwned
1) get buy-in from exec.
2) incremental changes
3) sell something
4) profit
@jschaumaO’Reilly Security 2017
@jschaumaO’Reilly Security 2017
0) get pwned
1) get buy-in from exec.
2) incremental changes
3) sell something
4) profit goto 2
@jschaumaO’Reilly Security ...
@jschaumaO’Reilly Security 2017
“We fight for the user.
We must do better today that we did yesterday,
and better tomorrow ...
@jschaumaO’Reilly Security 2017
Things to come:
- ECDSA
- Expect-CT
- OpenSSL 1.1 (ChaCha20/Poly1305)
- OCSP Must-Staple
-...
Fake it 'till you make it.
@jschaumaO’Reilly Security 2017
Effecting change
Chokepoints and defaults
are your secret weapon.
@jschaumaO’Reilly Security 2017
Effecting change
First:
fix the future.
@jschaumaO’Reilly Security 2017
Effecting change
Lead by example,
but offer autonomy.
@jschaumaO’Reilly Security 2017
Effecting change
Know what might break
before you hit ‘go’.
@jschaumaO’Reilly Security 2017
Effecting change
Transparency goes a long way.
@jschaumaO’Reilly Security 2017
Effecting change
Incremental changes.
Always move forward.
Lead by example, be transparent.
Encourage autonomy.
We can’t reach 100% securit...
Apache Traffic Server
Google Chrome Team
Mozilla Observatory
SSLLabs
Yahoo Edge Team
(Yahoo/Oath/All) Paranoids
Credits
@j...
The Razors Edge - Cutting your TLS Baggage
Upcoming SlideShare
Loading in …5
×

The Razors Edge - Cutting your TLS Baggage

498 views

Published on

A talk on effecting change across a large organization, given at O'Reilly Security 2017.

Write-up will be posted at https://www.netmeister.org/blog/razors-edge.html

Published in: Technology
  • Be the first to comment

  • Be the first to like this

The Razors Edge - Cutting your TLS Baggage

  1. 1. @jschaumaO’Reilly Security 2017 Cutting your TLS baggage Jan Schaumann
  2. 2. A really boring talk. @jschaumaO’Reilly Security 2017
  3. 3. I really like boring. @jschaumaO’Reilly Security 2017
  4. 4. I really like boring. I’m so boring, even BoringSSL is too exciting for me. @jschaumaO’Reilly Security 2017
  5. 5. @jschaumaO’Reilly Security 2017 http://peering.oath.com/
  6. 6. @jschaumaO’Reilly Security 2017 “There are two types of companies: those that have been hacked and those that don't know it yet.” — every #infosec nerd, smugly No, seriously, that includes yours. — this guy, jaded
  7. 7. @jschaumaO’Reilly Security 2017
  8. 8. @jschaumaO’Reilly Security 2017
  9. 9. @jschaumaO’Reilly Security 2017 $ units You have: a huge infrastructure with lots of baggage You want: a unified ingress serving platform * lots of work across tons of teams / 0 Floating point exception (core dumped) $
  10. 10. @jschaumaO’Reilly Security 2017 $ units You have: an https service You want: to accept end-user traffic from the internet - keep up with changing requirements - implement critical updates across all systems in <24h - run latest stable release of supported software - implement non-critical updates within <3 months $
  11. 11. Be f*ckin explicit about general things. @jschaumaO’Reilly Security 2017
  12. 12. Be f*ckin explicit about general things. (Common sense ain’t.) @jschaumaO’Reilly Security 2017
  13. 13. @jschaumaO’Reilly Security 2017 $ units You have: …uhm, good question ^C $
  14. 14. @jschaumaO’Reilly Security 2017 - certificates with a Not Before date set prior to the Unix epoch (00:00:00, January 1st, 1970) - certificates with a Not Before date set in 2023 - certificates with a Not Before date set to ”110204212630-1200” - certificates with a Not After date set in 1902 - certificates expiring 10 years in the future - certificates expiring in 2100 - certificates expiring in the year 4752 - self-signed certificates galore - various properties having stood up their own CAs - key length of 512 - certificates with an MD5 signature - publicly used certificates that expired -15 years - cipher suites using a NULL encryption cipher - cipher suites using a NULL authentication cipher - cipher suites offering export ciphers - 14 different versions of OpenSSL - systems vulnerable to Heartbleed, POODLE, Logjam, FREAK, DROWN, and $SILLYNAME - certificates with ~200 SANs - certificates without either a CN or a SAN - certificates with a CN of "*" Weird things we found:
  15. 15. Any sufficiently large infrastructure is indistinguishable from the internet. @jschaumaO’Reilly Security 2017
  16. 16. @jschaumaO’Reilly Security 2017
  17. 17. One in a million is next Tuesday every couple of minutes. @jschaumaO’Reilly Security 2017 https://blogs.msdn.microsoft.com/larryosterman/2004/03/30/one-in-a-million-is-next-tuesday/
  18. 18. The lowest common denominator will always drag you down. @jschaumaO’Reilly Security 2017
  19. 19. The lowest common denominator internet of unpatchable crap will always drag you down. @jschaumaO’Reilly Security 2017
  20. 20. IoT is when “smart” means “dumb”. @jschaumaO’Reilly Security 2017 https://www.philips.com/a-w/mobile-privacy-notice/smart-shaver-app.html
  21. 21. @jschaumaO’Reilly Security 2017 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA ECDSA missing - coming soon! ChaCha20/Poly1305 missing - coming soon! Prefer Forward Secrecy Prefer GCM over CBC Prefer faster “good enough” over slower, stronger.
  22. 22. @jschaumaO’Reilly Security 2017 Lowest common denominator is low… https://github.com/jschauma/cipherdiff
  23. 23. @jschaumaO’Reilly Security 2017 $ units You have: an x509 certificate You want: to accept end-user traffic from the internet - be issued by approved CA - have Certificate Transparency - RSA keys >= 2048; ECDSA >= 256 - misc. CN/SAN restrictions - validity <= 6 months $
  24. 24. @jschaumaO’Reilly Security 2017
  25. 25. @jschaumaO’Reilly Security 2017 https://github.com/jschauma/certdiff
  26. 26. If it hurts, do it more often. @jschaumaO’Reilly Security 2017 https://www.martinfowler.com/bliki/FrequencyReducesDifficulty.html
  27. 27. @jschaumaO’Reilly Security 2017
  28. 28. @jschaumaO’Reilly Security 2017 #Infosec Minimum Viable Protection
  29. 29. 1) get buy-in from exec. @jschaumaO’Reilly Security 2017
  30. 30. 0) get pwned 1) get buy-in from exec. @jschaumaO’Reilly Security 2017 https://www.netmeister.org/blog/crazy-like-a-fox.html
  31. 31. 0) get pwned 1) get buy-in from exec. 2) incremental changes @jschaumaO’Reilly Security 2017
  32. 32. Perfect is the enemy of the good. "Eh, good enough." is the enemy of actually good. @jschaumaO’Reilly Security 2017
  33. 33. 0) get pwned 1) get buy-in from exec. 2) incremental changes 3) sell something @jschaumaO’Reilly Security 2017
  34. 34. @jschaumaO’Reilly Security 2017
  35. 35. @jschaumaO’Reilly Security 2017 Patience, young skywalker.
  36. 36. 0) get pwned 1) get buy-in from exec. 2) incremental changes 3) sell something 4) profit @jschaumaO’Reilly Security 2017
  37. 37. @jschaumaO’Reilly Security 2017
  38. 38. 0) get pwned 1) get buy-in from exec. 2) incremental changes 3) sell something 4) profit @jschaumaO’Reilly Security 2017
  39. 39. @jschaumaO’Reilly Security 2017
  40. 40. 0) get pwned 1) get buy-in from exec. 2) incremental changes 3) sell something 4) profit goto 2 @jschaumaO’Reilly Security 2017
  41. 41. @jschaumaO’Reilly Security 2017 “We fight for the user. We must do better today that we did yesterday, and better tomorrow than we did today.” — Chris Nims, CISO / Chief Paranoid at Oath
  42. 42. @jschaumaO’Reilly Security 2017 Things to come: - ECDSA - Expect-CT - OpenSSL 1.1 (ChaCha20/Poly1305) - OCSP Must-Staple - shorter validity - apply to all Oath brands
  43. 43. Fake it 'till you make it. @jschaumaO’Reilly Security 2017 Effecting change
  44. 44. Chokepoints and defaults are your secret weapon. @jschaumaO’Reilly Security 2017 Effecting change
  45. 45. First: fix the future. @jschaumaO’Reilly Security 2017 Effecting change
  46. 46. Lead by example, but offer autonomy. @jschaumaO’Reilly Security 2017 Effecting change
  47. 47. Know what might break before you hit ‘go’. @jschaumaO’Reilly Security 2017 Effecting change
  48. 48. Transparency goes a long way. @jschaumaO’Reilly Security 2017 Effecting change
  49. 49. Incremental changes. Always move forward. Lead by example, be transparent. Encourage autonomy. We can’t reach 100% security, but we can always improve. @jschaumaO’Reilly Security 2017 How to be boring:
  50. 50. Apache Traffic Server Google Chrome Team Mozilla Observatory SSLLabs Yahoo Edge Team (Yahoo/Oath/All) Paranoids Credits @jschaumaO’Reilly Security 2017

×