Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Who cares if you can impersonate your own lightbulb?

For MITM - you think you are connecting to your device, actually it's my proxy (DNS spoof, ARP spoof, TCP hijack, ...), you still get the green bar in your browser saying "über secure Philips lightbulb", you just don't know it's mine because the domain matches and it's signed by the same CA (assuming neither of these protections is in place).

> If each device has its own key and CA then they still can't impersonate your device, and they still can impersonate their device.

Without manual installation of my CA your browser won't accept the certificate ripped from my device.

You said in another post that providing correct address is better than per-device CA. No doubt it's more convenient in a commercial product, assuming you can solve the DNS problem somehow (which doesn't seem possible without working Internet connection or editing hosts file). From pure security standpoint though, I feel like per-device CA has an added advantage of resistance to typosquatting. But it's getting academic now, it's hard to squat if it takes buying a physical device with the right ID.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: