Slashdot Mirror

← Back to Stories (view on slashdot.org)

Perfect MITM Attacks With No-Check SSL Certs

Posted by kdawson on from the stuck-in-the-middle-with-you dept.

StartCom writes "In a previous article I reported about Man-In-The-Middle attacks and spotlighted an example showing that they really happen. MITM attacks just got easier. In the attack described previously, untrusted certificates from an unknown issuer were used. Want to make the attack perfect with no error and a fully trusted certificate? No problem, just head over to one of Comodo's resellers. Screenshots and disclosure provided at the link."

8 of 300 comments (clear)

  1. Don't do this at home by moro_666 · · Score: 4, Insightful

    While the link is already being slashdotted ...

    I hope the article author understands that unless he's really lucky, he is in deep legal trouble already. It's not the first time that the messenger was slaughtered, although the message was honorable.

    Gotta think over the SSL certs one more. I never really liked the mechanism behind it, i like it even less now.

    --

    I'd tell you the chances of this story being a dupe, but you wouldn't like it.
    1. Re:Don't do this at home by cp.tar · · Score: 5, Insightful

      Oh, dear. So who certifies the certifiers?

      --
      Ignore this signature. By order.
    2. Re:Don't do this at home by Anonymous Coward · · Score: 4, Insightful

      Pesronally I'd like VISA and Mastercard to give me Root CA certs to use for purchasing on line - then if they foul up and someone gets a dodgy cert then they pick up the bill.

      As it is, I don't think anyone would be liable (except yourself) to pick up the cost of shenanigans

    3. Re:Don't do this at home by betterunixthanunix · · Score: 5, Insightful

      The problem with the system you described is that it relies on end users to understand what is happening. Most FF or IE users have no understanding of what a certificate even is, how it works, or how a MITM attack works. If you told end users that they would pay for identification services, every scam artist on earth would be setting up their own CA and charging users for the root signing certificate, which would then be used for MITM attacks. Worse, the idea that end users could try and verify self-signed certificates is preposterous also, and again, scam artists would be all over it.

      From a security standpoint, the current system is pretty much the best you can hope for. People who presumably know what they are doing select your CA roots for you; a mistake there is equivalent to a buffer overflow that allows an attacker to install a key logger. The CAs, wishing to remain in business, have an incentive to do some level of checking on who they issue certificates to: if it became known that a CA was just signing any CSR, with no checks whatsoever, software makers would stop shipping their public key, and legitimate users would not pay for a signature. This, by the way, is the incentive for site owners to buy signatures from competent CAs: an incompetent CA is likely to not have their public key shipped with popular software, so their signatures are worthless.

      It's not common for a CA public key to be removed from a software package, because of the ruckus it would create (potentially thousands of websites suddenly having untrusted certificates), but if a CA has truly incompetent practices, then yes, their public key will be removed. In general, software makers try to hold CAs to high standards to get their public key shipped with the software in the first place, so unless the CA itself allows its practices to worsen, it is unlikely that they would find themselves in that position.

      Trusting a third party for security is tough, but if you are smart enough to be aware of that, then you should also be aware that you can personally add or remove CA public keys from any software that you use. If you feel that Comodo is untrustworthy, remove their public key, and every time you get a warning, report it to the owner of the website you were trying to visit.

      --
      Palm trees and 8
  2. Re:Really now. by daveewart · · Score: 4, Insightful

    The example cited is "RESOLVED INVALID"

    That's because the behaviour reported in the bug (the actual MITM attack) is *not* a problem with Firefox as suspected by the reporter: Firefox was behaving correctly by identifying the SSL certificates as invalid. It is however an interesting report of a MITM attack.

    --
    "If you think the problem is bad now, just wait until we've solved it." --- Arthur Kasspe
  3. Re:Sensationalist - reroute & self signed cert by bunratty · · Score: 4, Insightful

    In the perfect attack, the certificate is issued by a trusted certificate authority, so no warning is shown. It truly is a perfect MITM attack. We do know exactly who is issuing certificates without verifying the identify of the individuals requesting them. It's time for browser makers to remove some trusted CAs from their lists so users can be secure.

    --
    What a fool believes, he sees, no wise man has the power to reason away.
  4. Re:OK, which CA must leave the trusted list? by timeOday · · Score: 5, Insightful

    How can we trust that the list of trusted CAs is valid and up to date? Who maintains this list? Me? You? The Scam Artists? A central trust agency? The Government?

    Go ahead and accuse me of not being libertarian, but yes, I think making and enforcing standards for CAs is a good role for the government. I would never put my money in an unregulated bank, or send premiums to an unregulated insurer, or go to a back-alley doctor.

  5. Re:OK, which CA must leave the trusted list? by Vellmont · · Score: 5, Insightful


    but yes, I think making and enforcing standards for CAs is a good role for the government.

    Which "the government" are you talking about here? You might have noticed the internet is worldwide, and there's no single authority to control it. Browser makers are also free to put whatever CA's root certificates in their browsers that they wish (along with all anyone else who distributes software that uses an x509 certificate).

    --
    AccountKiller