Researchers Find Same RSA Encryption Key Used 28,000 Times

itwbennett writes In the course of trying to find out how many servers and devices are still vulnerable to the Web security flaw known as FREAK, researchers at Royal Holloway of the University of London found something else of interest: Many hosts (either servers or other Internet-connected devices) share the same 512-bit public key. In one egregious example, 28,394 routers running a SSL VPN module all use the same 512-bit public RSA key.

Re:

[jc42]

Oops.

FTFY. ;-)

Know what's worse? Cleartext.

[Iamthecheese]

This is a real problem and I don't mean to minimize it. But weak encryption is infinitely better than none, and the solution to this is immensely easier than the solution to the many, many wholly unencrypted connections that are happening this very moment. I think we should prioritize getting all connections everywhere encrypted somehow.

Re:

[Anonymous Coward]

Do tell - how are you going to go about breaking AES on WPA2 with a passphrase of 4h2k~l389YUkjh289*(shl3k=ljhs

Re:Know what's worse? Cleartext.

[Anonymous Coward]

Like this: https://xkcd.com/538/

Re:

[DarwinSurvivor]

If you can remember, let alone recite, 4h2k~l389YUkjh289*(shl3k=ljhs while being hit with a $5 wrench, you have a better memory than me.

Re:

[wad4ever]

Dangit. Now I have to change my password.

Re:

[Anonymous Coward]

Entering it into the "WPA key" field should be sufficient. Anything else I can help you with?

Kidding aside: Unless you made sure that WPS is actually off, there's still a good chance that an attacker can get the key in just 11000 tries, and that the router won't stop him from testing them all as fast as he can. Or maybe there's an open port on the WAN interface which hands out the key to anyone who asks. WPS enabled even though it is turned off in the web interface, WPS not rate limiting PIN attempts, a WPS

Re:

[ericloewe]

WPS never really worked well, with ultra-crummy driver support on the device end.

Disabling WPS-PIN really is no loss.

Re:

[Anonymous Coward]

Any of the WPS methods will give an attacker the WPA/WPA2 key if he can "authenticate" against them. WPS-PIN is specified in a way that it is likely to result in bad implementations which dramatically reduce the number of PINs an attacker has to try in order to gain access. Many routers used an implementation of WPS-PIN that was flawed that way, and quite a lot of those routers ignored the "WPS off" switch in the web interface and always offered their flawed WPS-PIN method. Additionally, even if WPS-PIN is

Re:

[Anonymous Coward]

Well, you just told us the passphrase ...

Re:

[Anonymous Coward]

You may as well try to tell me WPA-2 encryption is meaningful. It's not.

Is there a known attack on WPA-2 encryption or are you just jumping on the "it's wireless therefor its more vulnerable!!1!" bandwagon?

Re:

[93 Escort Wagon]

The latter, pretty obviously. Whenever we've heard news about WPA2 exploits trumpeted, invariably it's boiled down to brute forcing very weak passwords - which would be equally problematic for any other encrypted communication method, including ssh.

Re:

[Anonymous Coward]

Well, don't knock brute force as it works quite well given the combination of common human behaviour, powerful hardware (vid cards), comprehensive dictionaries, and wonky manufacturer implementations. ... absent the password issues and flawed firmware, WPA2/AES is demonstrably strong.

Ahhh, but there you go. An attacker usually does not need to be successful all the time; a little success is often sufficient to go far.

Re: Know what's worse? Cleartext.

[Anonymous Coward]

No, that WPS garbage is so stupidly weak it may as well have been designed by the NSA. It is a very real bypass problem. Solution of course is to make sure it's off and that it really IS off or, even better, get equipment that doesn't support it.

Re:

[jthill]

Well, no. He's saying it's _meaningless_. As used here, that word means "utterly inconsequential". See? You might as well not have it for all the difference it makes in TFA's hardware. They're putting three-inch case-hardened core-hardened tungsten alloy deadbolts on tarpaper-and-baling-wire shacks and they've got entire crowds full of people chanting "unbreakable! Unbreakable!! AES!!! no known attacks!!!!!!!!".as if it meant something. Which it doesn't.

Re:

[david_thornley]

It's meaningful. It doesn't mean everything people expect it to be.

With an unguessable key, AES, with encryption and decryption done offline on an uncompromised computer (there are side-channel exploits), is secure. That's worth knowing, and lets people focus on key management and clean computers (which you always need to be concerned about, because if an enemy has control of your computer you have absolutely no security).

Re:

[Chris Mattern]

If something is wireless, it is more vulnerable. It may not be significantly vulnerable, but it is still more vulnerable than going over a wire, because you have relieved any attackers of the need to put a tap on your wire. This does not mean you are at significant risk, only that you have increased that risk by a small amount.

Re:

[TechyImmigrant]

Except that it's a known key with a known loophole?

You may as well try to tell me WPA-2 encryption is meaningful. It's not.

WPA-2 Encryption is an AE (Authenticated Encryption) mode AES-CCM (CTR with CBC-Mac). It has formally proven cryptographic properties.

What is your problem with it?

Re:Know what's worse? Cleartext.

[msauve]

I suspect his problem with it is that he confuses it with WEP.

Re:

[Solandri]

He's probably confusing it with WPA (the original WPA, before WPA-2). It was found to have a flaw similar to WEP [wikipedia.org], especially if you use it with TKIP instead of AES, so it's only slightly harder to crack than WEP. Kinda makes you think they should just give these things a completely different name when one is cracked. Simply incrementing the version number just leads to confusion.

Re:

[Charliemopps]

You can crack WPA-2 in a trivial amount of time. I've got a friend in school for security right now... he pulled an app off a public website, got it running on my computer in minutes and before we were done with dinner he had my wifi password. I knew it could be done, but I had no idea there were public tools for doing it, and it would take so little time. The tool even played a little "TaDa!" sound like vintage windows when it had the password. And this wasn't an easy password either. 12 characters, alpha-

Re:Know what's worse? Cleartext.

[TechyImmigrant]

You are talking about breaking passwords, not the encryption scheme, which comes later.

Password -> PMK -> 4 way handshake (session key establishment) -> Authenticated encryption (link cipher).

A 12 character, alphanumeric + special character password, uniformly generated is about 70 bits of entropy. The pbkdf2 invocation to generate the PMK has 4096 iterations, causing the brute force attack to need to perform on average ~ 2^81 hashes before finding a password. This would not happen over lunch.

Did your friend's tool actually break WEP instead of WPA-2? Or did you have a weak password? Or were you using a weak EAP method? Or what other form of BS are you talking?

Re:

[Culture20]

he pulled an app off a public website, got it running on my computer in minutes and before we were done with dinner he had my wifi password

Presumably something you had recently typed and was in memory, had stored in a file, or had typed while the program was running. Your friend showed you a magic trick. "Look over here at my right hand while it does something awesome. Now look in my left hand to see what my right hand did!" It was his left hand all along.

Re:

[TechyImmigrant]

he pulled an app off a public website, got it running on my computer in minutes and before we were done with dinner he had my wifi password

Presumably something you had recently typed and was in memory, had stored in a file, or had typed while the program was running. Your friend showed you a magic trick. "Look over here at my right hand while it does something awesome. Now look in my left hand to see what my right hand did!" It was his left hand all along.

It's ok, he'd never do that. He's just a friend studying security at college...

Re:

[jrumney]

... got it running on my computer ...

Wait, so he actually installed software to do this? Getting the WiFi password for a network that is already set up on your computer is easy, and doesn't require any apps. It's not the same as cracking WPA2 though.

Re:

[LordLimecat]

he pulled an app off a public website, got it running on my computer in minutes and before we were done with dinner he had my wifi password.

Found your problem. Theres about a million approaches he could have taken from here, including an automated script hacking your router from the LAN side and pulling the key, to pulling the key off of your local computer out of protected storage.

This isnt a weakness in WPA2.

Re:

[wierd_w]

Sounds like WPAcrack.

You push out some reset packets at the targeted base station to get the connected peers to re-handshake. the toll gathers the handshake data, then uses a dictionary attack against the captured frames. It can take awhile if your dictionary is large.

if the passphrase is strong, it will survive very strong dictionaries. Otherwise, you can get the passphrase in minutes.

Re:

[LordLimecat]

WPAcrack isnt breaking mixed case alphanumerical 12-character passwords over lunch.

Heck it would take a rainbow table-based attack about that long to recover a 12 character password (l0phcrack, running from dvd).

Re:

[wierd_w]

Like I said, a strong passphrase will take awhile.

a weak one though, like many people use? It's the reason WPACrack exists.

Re:

[the order of His Maj]

He's probably referring to TKIP [wikipedia.org] and thinking it is the only method available for WPA2.

TKIP has a few vulnerabilities (as detailed here [wikipedia.org] and elsewhere) but as noted in the Wikipedia entry, none of them retrieved the key, and relied on short packets with mostly known content, and were not able to inject many packets (3-7), and the packets they could inject were fairly short (28 bytes, then 596 in a later attack).

None of that sounds at all like WEP's 56bit worthlessness [wikipedia.org].

While I prefer 1 and 10Gbit wired

Re:

[TechyImmigrant]

Right. TKIP was deprecated years ago. Even when it was standardized it was described as a TSN (Transitional Security Network), to tide lower compute power devices over until they deployed new silicon with the RSN (Robust Security Network) protocols.

Re:

[Anonymous Coward]

Uhm. No.

Weak encryption provides the illusion of safety when there is none in fact to be had. It typically means that you will carry on as if you had the security of encryption but you don't and you end up doing something (for all practical purposes) in the clear that you would not otherwise, like transmit your bank account number or credit card number, etc.

Assuming you were somebody who likes to drive faster than the speed limit would you rather drive without a radar detector at all and know you need to

Re: Know what's worse? Cleartext.

[zeigerpuppy]

True, infinity x none = none

Re:

[Anonymous Coward]

No.

I don't put my credit card number in a form that submits plaintext.

A form that appears to be encrypted but actually isn't because the server fucked up is infinitely LESS secure in practice.

Re:Know what's worse? Cleartext.

[Petr Kočmíd]

Weak, bad or fake encryption is infinitely much worse than none, because it makes people believe they are safe while they are not.

Re:Know what's worse? Cleartext.

[Ginger Unicorn]

Weak or bad encryption is not worse in the situation where the person doesn't care if they're safe, or isn't even aware that there's a safety issue. Which is the vast majority of the time.

Re:

[Ronin Developer]

Weak encryption is infinitely WORSE than none.

The illusion of security is more likely to cause people to divulge information that they wouldn't do in plain text.

I remember when the export key laws were in place. Once the regulations were changed doing away with them, software and equipment should have been required to remove the obsolete code or be taken off the market.

My question is how could OpenSSL still have had this potential backdoor? Why was this not removed at first opportunity?

Re:

[tlhIngan]

Weak encryption is infinitely WORSE than none.

The illusion of security is more likely to cause people to divulge information that they wouldn't do in plain text.

I remember when the export key laws were in place. Once the regulations were changed doing away with them, software and equipment should have been required to remove the obsolete code or be taken off the market.

My question is how could OpenSSL still have had this potential backdoor? Why was this not removed at first opportunity?

Yes, bad encryption i

Re:

[petermgreen]

My question is how could OpenSSL still have had this potential backdoor? Why was this not removed at first opportunity?

The trouble with removing old/weak modes is that you break interoperability with systems that only support those modes. Implementations that were limited to export modes only didn't disappear the instant the export restrictions were lifted. In some cases old versions of software stick around for many years because there is some problem that blocks upgrading.

So someone has to make the difficult call as to when the risk posed by supporting the old/weak modes outweighs the interoperability issues that will be

Re:

[Ronin Developer]

Of course systems continued to support the older mode at first.

That being said, the regulations regarding key length were relaxed starting in 1998. By 1999, all restrictions on key length were removed for import and export to all countries not on the terrorist state list. Risk analyses had already been done by any company that had requested a license to export cryptographic products. So, when the restrictions were lifted, the dangers of the export key length restrictions were well known.

In particular,

Re:

[sjames]

Not really. If it' cleartext, you know it's cleartext and have the appropriate security expectations. If it's encrypted, you have a different set of expectations which are not met if the key is actually shared in common.

Often it's better to know you have no security than it is to tyhink you are highly secure when you are actually quite vulnerable.

Re:

[WaffleMonster]

This is a real problem and I don't mean to minimize it. But weak encryption is infinitely better than none,

Not when people think "It's encrypted".

Sometimes it is much better to know something is insecure and behave accordingly than to depend on a lie and get burned.

VPN technology especially is particularly abysmal everywhere I go customers using PPTP, some form of challenge-response authentication over the clear or over shared keys or using EAP methods without properly verifying trust chains. At least with secure websites we have security checkers like Qualsys... if you were to run that same scanner on the TLS

Re:

[david_thornley]

The one case where I can think of where weak encryption might be useful is if there's a general sweep that involves you just because you're there. Weak encryption would take some minor effort to crack, and if the sweep picks up enough plaintext the sweeper may not bother with any ciphertext. It's similar to having a password like Ca$tl3 on a system where people have passwords like password1; if the attacker just wants one account they're likely to crack somebody else's first.

Re:

[Zeromous]

I agree, I liken this to a Master Lock. All keys are the same for the master lock (A Hammer/Crowbar), that doesn't mean it doesn't provide a measure of "sufficient security".

like Hey, if you want to steal my lawnmower thats cool bro. I'll put a master lock on the shed and worry about securing the really important stuff.

Re:

[gweihir]

I do not agree. The problem is that encryption done by incompetents (like this one) gives you a false sense of security. The result is that you may trust the connection a lot more and that you may put things through it that are a problem if intercepted. If you know it is just plain text, you will be careful. This way, many people will not.

Re:

[MikeBabcock]

That's nonsense.

Weak encryption is *worse* than no encryption because it gives people a false sense of security they shouldn't have. It makes them feel safe to say or do things they wouldn't do if they realized how bad the encryption they're using really is.

So Out Them!

[bill_mcgonigle]

"That's just laziness on the part of a manufacturer," Paterson said in a phone interview. "This is cardinal sin."

Then it deserves at least social shaming and ostracism, if not worse than those minor responses to venial sins. Protecting the manufacturers only creates an environment where the incentives are aligned for them to do it again. If manufacturers aren't keenly aware that they need to protect their reputation, then they will cut every corner that doesn't provide them a competitive advantage.

Re:

[tom's a-cold]

OK, so who was the manufacturer then? Anybody??

this whole "security" thing is bogus

[swschrad]

there is no such thing as security any more using the common models and parameters. got to step it up, without fallback to silliness like 512 bit keys. the bigger problem is nobody has been bankrupted and sent to jail yet, so the impetus is not there to fix it as the first priority of business.

I imagine ....

[PPH]

... some vendor built a router or server up to the point of generating the public/private key pair, tested it, saved the image and started copying it to production units.

Similar mistake [theregister.co.uk] have been made before.

Re:

[PhuCknuT]

How would you make a list of what are supposed to be private keys?

Poor first sentence

[in10se]

First line of the article:
"What if the key to your house was shared with 28,000 other homes?"

The fact is, you very well might share the key to your house with more than 28000 other homes. Common lock brands you can buy at Home Depot, Lowe's, etc. create a surprisingly low number of different key/tumbler combinations.

Re:Poor first sentence

[bobbied]

So having a lock really is an advantage... Well, actually it doesn't matter to a thief anyway.

I once had the window broken in my car so they could steal my wife's purse... The doors where unlocked, but they broke the window anyway.

I guess the issue here is that the "key" is easily changed in this case. You don't need to have the guy at the home improvement store rekey it for you...

Re:

[Lumpy]

Yup, most popular locks on homes have a very very limited number of key combinations.

Cars are worse. It's not uncommon to find another car that your key can unlock.

Re:

[bobbied]

Cars are worse. It's not uncommon to find another car that your key can unlock.

The obvious question here is how do you know? ;) Do you go around trying to open random car doors with your keys? I know I don't..

Oh, but there is the ignition key chip stuff now where an RFID tag is embedded in the key, so you may be able to turn the key, but it's not going to start for you unless that RFID is loaded using a manufacturer specific tool.

Re:

[bigtrike]

The pin information is public. Residential Schlage locks have 5 pins. Each pin can be one of 9 heights. The height differences are quite small, so with some wiggling you don't even need an exact match.

Re:

[Lumpy]

Why cares about starting the car, you steal everything inside it or tow it to part it out.

stolen cars are impossible to sell, parts on the other hand are mostly untraceable.

Re:

[Lumpy]

Also for your own education.....

https://books.google.com/books... [google.com]

Buy this book if you want to learn how insecure 90% of the lock designs in use are.

Car keys and house keys are there only to keep your neighbors honest.

Re:

[bobbied]

Car keys and house keys are there only to keep your neighbors honest.

On that we fully agree... Locks only keep honest people honest, in all their various forms.

Re:

[Drethon]

Well yeah, how many wireless garage door frequencies or whatever they use exist?

Re:Poor first sentence

[93 Escort Wagon]

Cars, too.

Funny anecdote: Quite some years ago, my wife and I were over at another couple's house for our semi-regular game of Pinocle. After we called it an evening, I went out the door and accidentally got into their Ford Escort (at the time, they owned one that was a very similar color to ours - plus it was night). They stood there and laughed at me... and then I started their car with my key.

Re:

[93 Escort Wagon]

Whoops, that was an epic quote fail!

Re:

[prefect42]

Actually starting the car is far less likely in newer cars, because whilst the number of key combinations are small, the number of key transponders is not.

Re:

[jrumney]

Actually starting the car is far less likely in newer cars, because whilst the number of key combinations are small, the number of key transponders is not.

Yes, but we're talking about a Ford Escort here. Even if you have the right key, its a toss up whether it will start.

Re:

[karolgajewski]

Hmm... sounds like a key party rather than an unlikely occurrence.

Re:

[Cramer]

That had to be a long time ago. Today, even 'tho the key fits and turns, the electronic security codes won't match. (assuming there is a traditional key.)

That said, my '84 Ford and my sister's '90 Ford had the same ignition key, but different door keys. That's before such electronic security, and when there was a "door" key.

Re:

[bloodhawk]

The same thing happened to my mother in a shopping mall a few years ago. She had an older Renault, literally got half way home before she realised it wasn't her car.

Re:

[thegarbz]

Had a partial similar fail one day at a shopping centre. Got back out to the car and someone had parked an identical car in front of mine. I was able to unlock the door but I wasn't able to start the car.

I then had to convince the man I really wasn't trying to steal his car. Talk about awkward conversations.

Re:

[Snotnose]

First line of the article: "What if the key to your house was shared with 28,000 other homes?"

Several years ago I found myself in this situation. I worked night shift, getting home between 2-3 AM. One night I unlocked my door, opened it, and just had time to think "WTF, this isn't my living room" when some guy came running up with "hey, who are you!!!".

The place I was renting was WW2 era housing, a group of rectangular buildings next to each other, each with 8 apts (think | | | | | |). I had the upper unit in the back, turns out my key worked on *every* upper back unit in each building. Talked to

Re:Poor first sentence

[Obfuscant]

turns out my key worked on *every* upper back unit in each building.

That's just lazy on the part of your landlord. It's easier for him if all his units share the same lock so he has only one key to carry around.

But common house keys? Yes, relatively few "combinations". I'm looking at mine, bought from a big-box home outlet store. Five lands -- that's the flat areas where the pins rest when the key is inserted. I didn't count them when I rekeyed my locks, but it's about five pin lengths. Let's see, 5^5 is 3125 different keys. Six pin lengths would be only about 15,000 different sets.

My work keys have 6 or 7 lands, but the security of those is reduced because each pin has at least two valid lengths. There is actually a published method for taking a bunch of key blanks and a valid key and figuring out the master.

If you want to know how locks work, go buy a new lock for a house and the rekey kit for it. It's fun. While each kit is "different" (or is supposed to be), with a bit of looking you can find two kits with the same pin lengths just in a different order so you can rekey two locks the same. (The kits I bought had colors for the pins.)

For cars, I heard a long time ago that Toyotas were prime theft targets not because of the value but because there were a limited number of dealer master keys and the crooks had copies.

Re:

[Greyfox]

Yeah, I replaced the locks on a couple of doors a couple of years ago and was surprised to find the new key worked just as well on a couple of the other locks that I hadn't replaced. Actually not that surprised, really. There aren't that many tumblers and not that many combinations of them. The keys to your house would probably work on a lot more than 28,000 doors across the country, if you tried them. I wouldn't suggest trying them, though. That'll get you shot in a lot of places.

Fact of the matter is, l

Re:

[jabuzz]

If you buy quality locks there are many orders of magnitude than 28,000 combinations. There are plenty of quality lock systems on the market with over a billion different key combinations.

The big think at the moment depending whether the thieves in your area have court on is lock snapping. If you have europrofile or similar locks and they are not quality anti-snap, anyone can be in in under 20 seconds.

Re:

[Greyfox]

You keep saying "quality". I'm guessing you're not talking about the $20 three-pack you can get down at the local hardware store?

Re:

[Jack Griffin]

A school friend of mine became an apprentice locksmith decades ago. Those big old fashioned locks from pre-1980's only had about 14 keys total, all numbered. When someone came to get a copy he didn't have to cut one, just pull a spare out of the box.

Re:

[david_thornley]

It really doesn't matter that much, in the house key case.

Anybody who can take advantage of the limited number of keys can get into your house in other ways, such as picking the lock or making a key from scratches on the blank. Other people will kick the door in or break a window. Houses really aren't all that secure.

So, you're vulnerable to somebody who happens to have the same house key as you do, and happens to know it fits your lock. That is not something that's likely to happen.

The equivalent

So easy to find

[kooky45]

Just scanned the /16 next to my home broadband and found a number of repeated certificate hashes and all belonging to systems identifying themselves as

*.myfoscam.org/organizationName=ShenZhen Foscam Intelligent Technology Co,Ltd

Seems to be a network enabled camera.

Re:

[TemporalBeing]

Just scanned the /16 next to my home broadband and found a number of repeated certificate hashes and all belonging to systems identifying themselves as

*.myfoscam.org/organizationName=ShenZhen Foscam Intelligent Technology Co,Ltd

Seems to be a network enabled camera.

Which is why I don't allow them out of my local network, and never setup their "remote access" functionality. in fact, it's explicitly disabled.

Re:So easy to find

[kooky45]

And done the /8 now and another common ones are

commonName=UBNT/organizationName=Ubiquiti Networks Inc.

commonName=TS Series NAS/organizationName=QNAP Systems Inc.

commonName=Vigor Router/organizationName=DrayTek Corp.

commonName=homenet.telecomitalia.it/organizationName=TELECOM ITALIA SPA

commonName=localdomain/organizationName=Axentraserver Default Certificate 863B4AB

In fact, there are duplicate hashes appearing all over the place so it's an endemic problem.

Re:

[Chris Katko]

Balls, I've got one of those cameras.

So has anyone checked to see if this was by design? Give everyone encryption, but it's the same key, like a master lock that any locksmith or landlord can bypass?

Re:

[_merlin]

It makes you vulnerable to MITM attacks, since when you connect to your camera, you can't be sure it's actually yours and not just another device with the same well-known certificate/key.

It means that if you use a key exchange mechanism that encrypts the session keys with the server key then someone who's extracted the private key from one of these can decrypt communications with any of the cameras using the same certificate/key.

If you use a key exchange mechanism with forward secrecy, extracting the privat

Obligatory XKCD

[pwnyxpress]

Create a function to generate a random key. [xkcd.com]

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Imagix]

Ahem. Unlike you, manufacturers can get keys which can sign other keys. Which means they can buy 1 key and generate as many sub-keys as they like.

Re:

[Anonymous Coward]

Putting 1 key into a image vs having a different key go into every image.

One is cheap, the other isn't. (when pennies count).

Re:

[tburkhol]

These are not certificates. They're not validated by any trusted authority. These are host keys: you generate them yourself for the cost of electricity. You could have your router generate its own keys the first time it starts up for the cost of a couple seconds delay.

Re:

[swb]

You could use your own CA and generate self signed certificates.

Re:

[silas_moeckel]

You do realize these are self signed keys? They are trivial to generate and have no cost.

Not the first time ...

[briancox2]

http://www.reuters.com/article... [reuters.com] NSA ~ RSA

Add the SALT

[wwbbs]

Without SALT even encryption is bland. Try searching encrypted password hashes on google it's always interesting to see who you share the same password word. Often the userid is revealed in the search, if the userid is unique you can search the userid out and find new sites to try your new acquired user:pass combo's.

This is intentional

[rosencreuz]

Once I know the key is good, I stick with it and use it everywhere. Why to mess with it if it's working?

Security for the Lay User

[Irate Engineer]

Most people doing anything on the internet have no functional literacy in security. WEP, WPA, SSL, https,...it's all alphabet soup mumbo jumbo to most people.

Now, some self-appointed expert is going to chime in in a few moments and say that these ignorant fools need to educate themselves about this, and if they get pwned it's all their own fault.

The problem *is* that people need to be educated, but right now to truly understand the rudiments of security technology and the risks probably requires some night