Secure IRC?

priikone writes: "IRC has had a lot of problems related to security and network scalability in the past, and recently as well. However, there is an alternative -- secure alternative to IRC; the Secure Internet Live Conferencing (SILC), which has all the same features IRC has, with addition of superior security, and hopefully more scalable and powerful network topology. It is for all those who cares who's listening. It works, and is of course all Open Source." We posted an article about another secure IRC system last year.

Re:IRC doesn't need security..

[krokodil]

This is not a reason you need more security. Let me give you an
example: I hang on IRC to chat with friends. I usually sit there in
passive mode and if somebody wants to talk to me, they could. Kind of
instant messaging, but using more popular and accessible
media. Sometimes my colleagues from across the ocean stop by and want
to discuss some business related issues. Main problem is our
conversation (if it is not DCC, which in most case does not work
because of firewalls) could be observed by any IRC server
operator. There are dozen servers on network, some administrated by more
than one person. You could not assure integrity of all these people.

Proposed system will solve this problem, since all communication will
be encrypted using public keys of participants and channel keys. So
several people can chat on channel in confidence that nobody is
snooping their discussion.

IRC can be fixed easily.

[Lumpy]

1. add an authenticate system like slashdot, but does not release any info - I.E. bubbles is your nick? well then you are bubbles and that is all that is released.

2. BLOCK ip address discovery. The Irc servers you are connected to dont have to tell everyone that you are at 192.168.1.1 and if you dont release what IP you are at then the script kiddies and other tripe cant attack.

IRC was a great idea, when people on the net had a maturity level higher than that of an 8 year old. Today we have to give up those niceiteies of yesteryear to give a nice big thump on the head of the idiots and morons.... but the coolest thing is that the above ideas would bring back registered nicks.

Re:You cannot secure IRC

[RedX]

IRC is a denzien of hackers, pirates and kiddieporn scum.

Sounds just like just about every ignorant Internet critic, RIAA or MPAA member, government official when trying to justify DMCA or some other piece of legislature/censorship. Get a clue, troll. Just like every other area of the Internet, IRC does have its "hackers, pirates, and kiddieporn scum", but it also has a great array of technical resources and general chat areas. I don't know of many other places where I can drop in and get real-time support from peers when trying to chase down a network or OS problem. Hate to burst your bubble, but many people might think of IRC and Usenet to be the bottom of the Internet barrel, I find them to be two of the most useful technical resources I have at my disposal.

Re:It *is* broken, and needs to be fixed.

[Vanders]

Any IRC Network? I think you'll find it is only the larger networks such as Efnet, IRCNet, Dalnet, Undernet etc. that are currently under kiddie attacks. There are plenty of other networks out there that do not have any of these problems.

Most people who use IRC regularly will stick to a few channels 99% of the time. It isn't a huge task to move a channel onto a new network if everyone who uses the channel is aware of the move. Something as simple as placing the details in the topic is usually all that is needed. The channel I've used for the past three years has moved twice now, and even changed names once.

IRC as a protocol does has flaws when you scale it past a dozen servers or so, but that doesn't mean IRC is a wasteland. Smaller networks are better, generally, as they're run by admins and opers who give a damn.

Securing an open system would be hard

[hardaker]

In other words, trying to secure IRC would be difficult to do successfully. Most of the problems associated with IRC come from it's allowed annonymous access by many servers. IE, you don't need an account with a password to join. This gives annonymous access and hence can be nice if you have debatable things to say that you don't want others to see. However, it also allows for "flashing" DoS and other IRC related fun. The proper way to secure IRC against abuse would to be only allow servers that check authentication and make people accountable. It is possible to do this, however, without sacrificing annonimity if you trust the servers you're using (ie, they authenticate you for accountability purposes promising they won't give out who you are without a court order). This will likely not prove to be popular among people who want to be annonymous further than that (like Flashers, of course).

Won't Work

[audibility]

The big-sell factor for IRC at the moment is its age. It's been around forever, and there's enough knowledge of it and how it works / software / literature / networks etc etc out there to form a user base.

It'd be far too hard to implement this system attractively wide scale, simply due to the fact that IRC has been losing usefulness (in it's intended form) for quite a while now.

There's no real demand for such a system. If people care who's listening they use encrypted email / private messaging software - they may themselves not be totally secure but you've got a better chance if you talk to 1 person than a room of 78.

Current IRC users don't give a shit who listens. Just the way it is.

that only fixes the little problems

[Anonymous Coward]

Most of the big problems with IRC are caused by users feuding over channels. However, nowadays they rarely attack each other directly. Instead, they load up their list of haXX0rd servers and proceed to flood the irc server or its upstream provider with a horrendous amount of traffic.

It doesn't matter how good your security is on the irc network itself. If someone is able to saturate your bandwidth there's not a whole lot you can do about it.

There are only two things you can really do. One, is to get the rest of the Internet more secure, and better able to track the initiators of such attacks. Good luck; people have been trying for years.

The second thing is to take away the adversarial nature of IRC. If users have no power over each other, then there is no incentive to attack the servers. Of course this means you either need a lot of oper intervention, or you don't have much choice over who can join in on your conversation.

The best solution probably lies with a combination of the two.

Re:I'm sticking with IRC thankyouverymuch

[Bostik]

Q: How secure SILC really is? A: A good question which I don't have an answer for.

I'm answering this one first. Or more than that - can YOU tell me exactly how secure RSA as an algorithm is? Or AES (Rijndael)? SSL as a protocol? The PGP specification?

None of these have absolute and accurately measurable "amount" of security. The algorithms are open, as are the protocol specifications. We only know that they haven't yet been publicly broken. We use them, and we trust them.

SILC is by no means a silver bullet and it's not meant as such. Personally I think it's one huge step into the right direction. One, it adds to the generally small amount of encrypted traffic which is always good. Two, nobody owns a nick in SILC network so the ever increasing nick wars as seen in IRC are not going to be a problem. Three, people are touting about not using telnet when we have SSH. It didn't happen overnight.

No, I don't think SILC is ever going to replace IRC, in the same way that SSH has not replaced telnet. What we need is more clients, more users and a lot more testing and good ideas as to how SILC should be developed. It's not a ready product but it's definetely quite stable - and because the UI is almost exactly like IRC, those that wish to give it a try should feel quite at home.

The SILC protocol appears quite solid and the person who designed it, has had it brewing for ages. No, he's not an established crypto authority like Zimmerman or Biham. But he works in this field and as such, has a pretty good insight. The protocol is still under developement, as you have noticed. The chat part is quite finished but file transfer is not yet there. What we need is a set of really good ideas and a streamlined protocol for file transfer. You have a very good point about that - but how long did it take for IRC to have DCC capability? I'm pretty confident it didn't have it at the very beginning. Don't bash SILC just because it's still an infant and trying to grow.

You have absolute rights to your opinion, and I respect that. I just used mine.

I'm sticking with IRC thankyouverymuch

[evilMoogle]

Q: Does SILC support file transfer? A: Not yet. This is a feature that will be added to the SILC protocol. The exact file transfer protocol is undefined.

Q: How secure SILC really is? A: A good question which I don't have an answer for.

Okay, so let's go down a checklist: 1) No file transfer yet, and when it comes, we don't know what the protocol will be. You know, IRC is really more than just a chat network, Files are also important. When you want to find a hard-to-find mp3, where do you turn? IRC. If you want the latest Southpark episode because you forgot to tape it, where do you turn? IRC. If you want to fine fansubbed anime, or test out a series before you spend money on a DVD, where are there tons of fservers dedicated to anime? IRC. If you're looking for almost any type of file, where to turn? IRC. SILC, even if it does get a protocol (which allows fserves) couldn't get the sheer volume of stuff that IRC has. SILC will never replace IRC, for that reason alone.
2) Wow, it's more secure, but they aren't really sure how secure it is. It might as well be the latest security feature out of Microsoft, for all that they can tell us. They mention stuff, but they don't actually answer the question.

Well, these two, for me, are enough to persuade me that I'm not uninstalling mIRC, and not going to be d/ling SILC any time soon. Besides, IRC is great because of the variety with the people, does SILC have that? Nah. I'm sticking with my beloved IRC, thankyouverymuch.

The reason irc is still alive

[Phork]

IRC may not be the greatest protocol ever, but it work, and there is an irc for basically every platform. I can go and download 3 different irc clients for my palm pilot right now, i cant download an silc client for it.

Also, i dont see that this solves any problems with irc that havent already been solved. There has been irc over ssl for a while, it is no to widly used, but there are places that use it. There is authentication via nickserv. One of the ircds has hostname cloacking so people cant get your hostname. And as far as being scaleable, irc is very scaleable, a single server can easily handle 30,000 connections, and it is not to difficult to make a net of 20 server. Using routing servers makes this even more scalable.

Re:I'm metasceptic

[borud]

Pay attention; I did not proclaim that I had greater knowledge of cryptography than the author. What I said was that the way in which the author talks about SILC suggests to me that the author is not experienced in designing or even describing security systems. People who design security systems are usually more precise in their wording and more reluctant to make assumptions or vague statements.

As I also mentioned, I do not doubt that the author knows the "mechanics" of cryptography (ie. how things work in general, the basic underlying theory and how available libraries etc work). But knowing the mechanics of cryptography isn't even half of what is needed to create a security product. On the contrary, it might be dangerous because it lulls you into the false assumption that you actually know what you are doing.

What I do doubt is that the author has the scientific discipline to be self-aware in terms of understanding what types of weaknesses a design can have and how these should be weighted in terms of how they do or do not contribute to "security".

Since you drag me into the discussion I'd like to make a few comments:

First off, you do not have to be an opera singer to point out that the prima donna can't hit half the notes she is reaching for. My observation can be verified by merely analyzing how practitioners of cryptography, mathematics or even security theorists express themselves. In particular you will find that when these people publish papers or describe their work they will strive to be precise and careful -- not vague and self-confident.

Second, I do not proclaim that I have greater knowledge of cryptography than the author. I might have and then again I might not. It isn't really interesting. What I think I do know more about is what kind of mindset you need to have when approaching security solutions. Again, if this applies to me or not, or to what degree, is not really important. The only remotely relevant aspect is that I've done enough work with security solutions to be able to _recognize_ handwaving.

(Ideally most people should be able to recognize someone having an under par grasp on a given subject matter, but unfortunately many people neither posess the academic discipline to evaluate what they see in a cool, objective way nor do they have the inclination to understand basic scientific principles you need to follow in order to arrive at valid conclusions.
This observation can trivially be made on Slashdot: how many people exhibit an almost religously strong preference for a particular system while at the same time exhibiting narrow or lacking knowledge of a particular field (eg. OSes, languages) at the same time? I'd say most users. Well, most of the vocal ones anyway).

Third, you reveal a compelling lack of comprehension as to what a useful contribution from me or someone else would be in this case. Your preoccupation with "finding an exploit" reveals a naive assumption that "it is just a matter of finding and plugging the holes".

The most important problem with the SILC white paper is that it implies that the author did not start by asking fundamental questions and find answers to them. Nor does it reflect an understanding of the importance of doing so when designing a security system. If he had, he would have started by stating the problem in a precise manner and presented a plan for solving the problem.

What he does in the whitepaper is to make general statements about how secure the system is, with contradictory notions sprinkled throughout.

For instance he says that the user must trust the server. Then he says the user can't really trust the server. Which is it? If the author can't even clarify what parts of the system you need to trust and what the criteria for trusting them are within the first few pages then what is this guy doing designing a security system? Because apparently he has no idea what he is doing.

I say that because I have found myself in exactly that situation many times; thinking that I know what I am doing because it didn't occur to me that I needed to question my assumptions.

If you are at least able to discover that you don't you've accomplished a lot. I am sorry to say though: not many people are.

And you do not need to hold a Ph.D in mathematics to understand that something is VERY wrong here.

I have spent a lot of time trying to understand security systems. It is hard work and I still do not consider myself a guru (although I do know that I probably know a hell of a lot more about what sort of discipline you must exercise when designing security systems than most so-called "professionals"). Far from it.

But: I am very _aware_ of my limitations and I keep asking myself if I am basing something on assumptions or if I actually know something. I'd be appropriately reluctant to stick my neck by making statements I would be unable to back up when designing a crypto app.