
Pwnie Award Nominations for 2019 - tptacek
https://pwnies.com/nominations-2019/
======
noiseman
> Dragonfly is the invention of a guy named Dan Harkins. Dan Harkins took it
> upon himself to retrofit elliptic curves onto first-generation
> multiplicative-group PAKEs like SRP. We’re losing you here but bear with me:
> there were PAKE protocols that used the same simple math as Diffie Hellman,
> and Dan Harkins tried to design one that used ECC. Anyways, when Harkins
> tried to get his new PAKE included in TLS, Trevor Perrin broke it in a
> mailing list post. The story goes on and involves the NSA and a bunch of
> intrigue and is worth looking into. Oh how we laughed.

> And then WPA3 was released and, oh look, there’s Harkins’ Dragonfly
> protocol, right there in our wireless handshakes.

> It’s pretty clear to us that the WiFi standards groups triggered some
> ancient mummy curse, because the WiFi standards by themselves are a master
> class in everything that can go wrong with a crypto protocol. And, as
> Vanhoef and Ronen show, WPA3 is by itself a lesson in everything that can go
> wrong with a single handshake: invalid curve attacks! Protocol downgrade
> attacks! Timing attacks! They’ll teach this one in schools, unless the WiFi
> people come up with WPA4 or something, which will surely be even worse.

This can’t be real.

Are the WiFi standards groups really as incompetent as this page makes them
out to be? These are the standards that everybody uses, right?

~~~
jarfil
They have a kind of impossible task: to create an encryption standard that
will resist attacks carried by supercomputers but will work on as cheap a
piece of hardware as possible... and let's make it backwards compatible too.

At some point they have to compromise, and security suffers.

~~~
michaelt
Isn't "create an encryption standard that will resist attacks by
supercomputers but will work on as cheap a piece of hardware as possible" the
aim of pretty much every encryption standard ever?

I don't deny it's a big challenge - but it's hardly a unique one.

------
tptacek
This is a pretty good snapshot of what happened in the fields of vulnerability
research and exploit development over the last year, and is actually more
useful than the page announcing the winners (which goes up late next week)
since the non-winning nominations are also super interesting.

~~~
ipoopatwork
Very interesting stuff

FYI the calendar link in July 28 should probably be a href="/nominations"
instead of "nominations". Clicking it from outside the home page brings you to
a 404.

~~~
tptacek
Thanks!

~~~
pvg
You've got some parseltongue in there as well, from a bad "It's" fix - "Itss
SSL VPN "

~~~
tptacek
That may have been deliberate. I'll check.

~~~
pvg
I see how it is. Very well. In

[https://latacora.micro.blog/2019/07/24/how-not-
to.html](https://latacora.micro.blog/2019/07/24/how-not-to.html)

"all but disavows it’s existence"

should be "itss exisstence"

~~~
tptacek
LVH wrote that, and he's definitely not a Slytherin.

------
avian
> Super Micro - The big hack

I would be very surprised if that didn't win in the "most over-hyped"
category. None of the other nominees even come close to the amount of FUD that
Bloomberg story raised.

------
motohagiography
The vulnerability descriptions in the awards page are some of the best
security writing I have ever read.

------
tialaramex
“Johnny, You’re Fired” is fun but it has no impact and doesn't really do
anything interesting cryptographically so it should not win.

The unpleasant truth is that you're faking something that users weren't even
looking at. The _only_ way either S/MIME or PGP email could have made any dent
whatsoever outside of a narrow crypto nerd fanbase is if the default behaviour
for every message that doesn't verify was it is discarded unread. And that was
never realistically going to happen.

------
Scaevolus
Why are so many of the links self-links?

------
ga-vu
How can Thangrycat can be nominated for the most overhyped and underhyped bug
at the same time. These awards are a joke.

~~~
tptacek
Because nominations are open and anyone can nominate. Some people thought it
was underhyped, others that it was overhyped. It's the judging that's closed.
I doubt very much that it will win in both categories.

