zlacker

[parent] [thread] 10 comments
1. notpus+(OP)[view] [source] 2023-07-25 09:52:52
Agreed. GP comment was extremely weird to read, but I agree with the sentiment 100%.
replies(1): >>chii+R5
2. chii+R5[view] [source] 2023-07-25 10:45:57
>>notpus+(OP)
it's not weird, but it's just that you're not used to seeing google as an attacker. But they definitely are in this spec.
replies(1): >>relaun+Vd
◧◩
3. relaun+Vd[view] [source] [discussion] 2023-07-25 11:50:39
>>chii+R5
It might be my security hat speaking, but I see it as insecure, regardless of who is man in the middling the connection.

I'm not a tinfoil hat, but security can't hang it's hat on the kindness of strangers.

replies(2): >>insani+VR >>mindsl+E31
◧◩◪
4. insani+VR[view] [source] [discussion] 2023-07-25 15:07:56
>>relaun+Vd
> I'm not a tinfoil hat, but security can't hang it's hat on the kindness of strangers.

Given that SSO is a massive security win and has been a game changer for removing passwords, I think it's been shown that delegation is extremely effective.

replies(2): >>gunapo+l91 >>codedo+Rk1
◧◩◪
5. mindsl+E31[view] [source] [discussion] 2023-07-25 15:51:14
>>relaun+Vd
The main vulnerability isn't the man in the middle per se. Rather it's the unforgeable attestation of exactly what software an end-user is running, by the user's own hardware having been designed to betray the user's interests. This would allow powerful websites to prohibit the use of user-representing agents altogether, and essentially mark the end of the open web.
◧◩◪◨
6. gunapo+l91[view] [source] [discussion] 2023-07-25 16:08:27
>>insani+VR
Why is removing passwords a massive security win? You're just moving the centralization from a password manager to SSO.
replies(1): >>insani+Xe1
◧◩◪◨⬒
7. insani+Xe1[view] [source] [discussion] 2023-07-25 16:26:14
>>gunapo+l91
A few reasons.

1. Instead of needing 100 passwords, which increases the chance of users just choosing something and repeating it, you have 1 password.

2. Similarly, instead of needing 2FA on 100 sites they can just have 2FA on their SSO. In fact, the other sites don't even need to support 2FA - you get that "for free" with SSO.

3. SSO providers implement auth really well. They make it smooth, as in "I don't have to reauth when it's obviously me" and safe, as in "that might not be a valid auth, let's get them to 2fa again".

Of course, if you have a password manager then (1) is not a problem. But SSO is a lot simpler for users.

replies(1): >>JohnFe+mL1
◧◩◪◨
8. codedo+Rk1[view] [source] [discussion] 2023-07-25 16:43:47
>>insani+VR
A "massive security win" would be using physical non-copyable keys instead of software palliative.
replies(1): >>insani+so1
◧◩◪◨⬒
9. insani+so1[view] [source] [discussion] 2023-07-25 16:55:52
>>codedo+Rk1
Both things can be significant. It's worth noting that:

a) SSO has no financial cost. Hardware keys do.

b) SSO has been implemented and standard for years and is trivial for sites to support, hardware keys are much newer and are still rarely supported for authentication.

c) You can use hardware keys with SSO, which I'd recommend, and now you've gotten the benefits of both.

◧◩◪◨⬒⬓
10. JohnFe+mL1[view] [source] [discussion] 2023-07-25 18:13:38
>>insani+Xe1
As long as using it remains optional, I don't mind that SSO systems exist. But I am personally allergic to them, so I fear the day that they are no longer optional.
replies(1): >>insani+w52
◧◩◪◨⬒⬓⬔
11. insani+w52[view] [source] [discussion] 2023-07-25 19:32:58
>>JohnFe+mL1
I fully advocate for users to be in control over how they choose to identify themselves on the internet. It's part of why I'm against the integrity proposal despite seeing a lot of value in it.
[go to top]