We pity the civil servants involved in the negotiations between the European Union and the United Kingdom, because after tense meetings until almost the Eleventh Hour, they’ve had to cobble together the text of a post-Brexit trade agreement in next-to-no time. In the usual manner of such international agreements both sides are claiming some kind of victory over fish, but the really interesting parts of the document lie in the small print. In particular it was left to eagle-eyed security researchers to spot that Netscape Communicator 4, SHA-1, and RSA encryption with a 1024-bit key length are recommended to secure the transfer of DNA data between states. The paragraphs in question can be found on page 932 of the 1256-page agreement.
It’s likely that some readers under 30 years old will never have used a Netscape product even though they will be familiar with Firefox, the descendant Mozilla software. Netscape were a pioneer of early web browsers, and Communicator 4 was the company’s all-in-one browser and email offering from the late 1990s. It and its successors steadily lost ground against Microsoft’s Internet Explorer, and ultimately faded away along with the company under AOL ownership in the late 2000s. Meanwhile the SHA-1 hashing algorithm has been demonstrated to be vulnerable to collision attacks, and computing power has advanced such that 1024-bit RSA encryption can be broken in a sensible time frame by anyone with sufficient GPU power to give it a try. It’s clear that something is amiss in the drafting of this treaty, and we’d go so far as to venture the opinion that a tired civil servant simply cut-and-pasted from a late-1990s security document.
So will the lawmakers of Europe now have to dig for ancient software as mandated by treaty? We hope not, as from our reading they are given as examples rather than as directives. We worry however that their agencies might turn out to be as clueless on digital security as evidently the civil servants are, so maybe Verizon Communications, current owners of the Netscape brand, could be in for a few support calls.
As pointed out in many places elsewhere, this is direct transposition from the 2008 EU agreement on DNA data sharing, which forms part of the Brexit agreement. It’s not a simple case of plagiarism. Bad reporting by Hackaday.
Their points are still valid about sha1/rsa 1024 being retardedly simple to attack..
Which the BBC has now leaned on as the basis for some equally bad reporting: https://www.bbc.co.uk/news/technology-55475433
Shocking lack of thought from the people involved in these agreements. Surely the agreement should state some form of minimum, perhaps leave open to alteration the exact methods used in case things get hacked or broken. Its pretty likely the Russians, GCHQ and the NSA can ALL break these codes by now.
Agreed on bad reporting, a little research would point out that it already exists in legislation and is common practice. While it is a copy and paste job, it has to be aligned with the pre existing legislation with other non-EU states. And while is a draft it most likely will stay this way to ensure a common minimum standard. The actual transfer of DNA data would most like be this at a minimum.
The UK Government has been referencing their best practice solutions and qualifications for the past four plus years; there is simply no excuse for this reference as the negotiating team should have worked on a modernisation of the clause with the EU… they have most certainly had the time.
But it’s not the UK’s place to change EU law… UK has been in transition period for the past year. Alignment means the UK takes on most of the EU standards (which it already has or exceeds), the EU is the side requiring this clause…
Not that eagle eyed… those requirements are set out in a 2008 EU law and needed to be included to maintain parity between the new treaty and existing EU law.
Those eagle eyes should probably be wondering why a law from 2008 had those technologies listed in the first place…
The UK Government recently was found out for storing COVID-19 patient/contact data in an Excel Spreadsheet – and then losing half of it. I’m from the UK, and this is sadly a realistic plausibility, and plausible minimum which will be updated in due course (of course less safe until then) after the many other issues of different priorities are addressed.
When I stumbled over that piece of news (on HaD?) and dug a tiny bit deeper I landed on the website of a European institute/institution/organization with the task of removing excel from everywhere where it can do more harm than good (industry, banking, voting, medical data and so on).
But I’m unable to find it again.
They basically gathered reports of epic fails because excel was used instead of a proper DB and organized conferences I think…
http://www.eusprig.org/
You probably meant The European Spreadsheet Risk Interest Group over at http://www.eusprig.org/
EuSpRiG – The European Spreadsheet Risks Interest Group are the org you’re looking for.
Thanks. Searched for it months ago but for the life of me I couldn’t figure out a set of search terms that didn’t result in dozens of thematically completely unrelated spreadsheet/excel help pages and so on.
This is a massive thing in the finance world – Many banks putting a huge amount of money into this as there are a shocking number of trading desks still running critical calcs on Excel. Several huge banks have been fined for issues around bad risk calcs from Excel sheets. (Source – used to work in the transitioning away from RAD tools!)
2008 was right around when the world was finally starting to accept that MD5 was broken and that it was time to move to something else. SHA1 was widely considered the best choice at the time. This was likely put in to force people to stop using MD5.
As for netscape communicator, who knows. That does appear to be a list of email client software that was compatible with S/MIME for the data transfer. It isn’t dictating that you have to use communicator.
Actually, if you read what that document actually says (the snippet in the article is sufficient), it does not in any way require (or even recommend) Netscape Communicator. It is simply giving it as an example of software that supports s/MIME. The requirement is s/MIME with particular cryptographic standards. But the asymmetric encryption strength and hash algorithm required are certainly not up to current best practice, and are probably inadequate.
I really don’t know whether to laugh or cry that your typical politician is discussing such things and enshrining them in law.
Probably written by someone in marketing who read the minimum requirements from the back of some ancient box of software. Where I work they proudly advertise that your transactions are secured with 2048 bit encryption. No matter how many times I’ve told them how humiliating that it is they’re advertising the key size (which is out of date, we now use a 4096 bit key) and clearly don’t know what encryption is (nevermind that the truth is “it’s complicated and we’ll negotiate down from an EC function to whatever your browser and our server agrees to support”).
Just can’t get past the “it looks good” to anyone who’s not going to make fun of us for having no idea
If you describe something technical, have someone technical involved, preferably from this age. Now it bears a ctrl-c ctrl-v style document, which is probably true for most of the rest of the document, you can smell it.
And this is why security recommendations should be based on current cracking time for a reasonably sized attack, instead of based on simple, “use X amount of bits in Y algorithm.”
Ie, if it takes a cluster of 500 recent (parts released in the last 2 years) computers made of higher end parts at least 5 years to crack the encryption, then it is likely fairly decent for doing low security tasks.
If it’s data that could be of potential criminal interest though, one has to remember that botnets don’t care about how much of someone else’s electricity they are using. Then it’s more like, if it takes 500 high spec PCs that’s probably 5000 botnet PCs, so a botnet of a million will get it done in around 3 months. So one has to keep an eye to the dark to figure out what it’s most lucrative to run a million bots against, to figure out if you’re it.
Then anything that looks like it would be “worth” a well funded commercial adversary cracking with up to date hardware, figure that nation states have had that capability for 5-10 years. Mainly because they don’t care what power costs because they have dedicated power stations, and they also do things on a scale 50x higher than what you’d consider “reasonable”. Also they try to stay that far ahead in theory by trying to snag all the best and brightest.
“Also they try to stay that far ahead in theory by trying to snag all the best and brightest.”
And RW is never heard from again.
And that is explicitly why I ended with the statement: ” then it is likely fairly decent for doing low security tasks.”
Low security is frankly anything that needs to survive in safe hands for minutes, or worst case a day or two at most.
My highly intelligent comment reply is:
Netscape, still better than Edge will ever be.
Best reply ever.
Am I a bad person for not caring at all about this? It smacks of someone repurposing an article from Wired, which I also don’t care about.
The real descendant of Netscape is SeaMonkey, via the Mozilla Suite. It’s still in active development too, using code shared with Firefox.
Any would be hackers will be scuppered when their browser rejects the certificates. Even if they make it that far their modern browsers will refuse to render the tags the DNA is hidden in.
The only thing that beggars belief is that they will use what is equivalent of 80bits (RSA 1024) to establish a 256 bit encryption key?!
Newsworthiness aside, Jenny, I admire your effort to explain the history whenever you write about some old piece of computing or electronics. I hope you’ll keep it up.
Up until recently I took it all for granted, mostly because I tend to hang out with people about my age, but at work people somehow get younger and younger (interns, people that just got their BSc etc.) and sometimes they don’t know what us old farts are talking about. Especially when we go down memory lane ;-)
Thanks. I too have had that unfortunate transition to being older than a bunch of the people I mix with, so I realise that sometimes people need reminding of something that I know from being there at the time.
A reason of why I think AI running government would be better. It would never have made this daft mistake. AI can not be brought or coerced. It can only do what the people want. Although in achieving that it may go a little too far… ;)
Humans: We want everyone to be equal.
AI: Easy, let me kill you all then you’ll all be dead. Can’t get more equal than that. :D
It is by design to take the lowest standards for things which are not that important.
Jenny, according to your article, the information about SHA-1 and Netscape are referenced on page 932 of the document in question. I went to page 932 of the document, I even searched for the references in question. I couldn’t find any of them. Correct me if I’m wrong, but could it be that you have simply posted something without following the claims to their end? Or, perhaps the document has been changed in the meantime?
I found the right passage. It’s on page 931. It took a while to index the file, which led to me not finding it immediately. Perhaps you could change the reference above in your article to reflect the correct page in the document. I’ve seen a few reports on this. Some journalists reference page 921, you reference 932. With all the incorrect references, it rather appears like misinformation instead of the honest criticism of the legal process it should be.
Screenshot is taken from page 932 of the PDF, the number printed on that page is 931.