Why Johnny can't surf (safely)? Attacks and defenses for web users

Abstract

In their seminal article “Why Johnny Can't Encrypt” [Whitten A, Tygar JD. Why Johnny can't encrypt: a usability case study of PGP 5.0. In: Proceedings of the eighth USENIX security symposium; August 1999.], Whitten and Tygar showed that usability weaknesses of encryption software may result in failure to protect users, in spite of good cryptography. A similar situation happens, on a huge scale, on the Web: the widely deployed SSL/TLS protocols provide good cryptography, yet there is a growing amount of successful attacks on web users, causing massive damages. In this article, we focus on password theft via fake websites, to which we refer as phishing. We believe that phishing is currently the most severe threat facing web users. We begin with a brief review of SSL/TLS. Many sensitive sites do not use SSL/TLS, or use it incorrectly (e.g. to encrypt password, filled into an unprotected login form); we explain why. Even if sites use SSL/TLS (correctly), this may not be enough to prevent phishing – at least, using the basic security and identification indicators of most browsers (URL, padlock and HTTPS). We discuss basic and advanced indicators, and their usability problems. We review recent usability studies, whose results are rather alarming, and put in question the ability of users to avoid phishing sites based on security and identification indicators.