Slashdot Mirror
Database of Private SSL Keys Published
Trailrunner7 writes "A new project has produced a large and growing list of the private SSL keys that are hard-coded into many embedded devices, such as consumer home routers. The LittleBlackBox Project comprises a list of more than 2,000 private keys right now, each of which can be associated with the public key of a given router, making it a simple matter for an attacker to decrypt the traffic passing through the device. Published by a group called /dev/ttyS0, the LittleBlackBox database of private keys gives users the ability to find the key for a specific router in several different ways, including by searching for a known public key, looking up a device's model name, manufacturer or firmware version or even giving it a network capture, from which the program will extract the device's public certificate and then find the associated private SSL key."
What is the consequence of this?
Here's Google's wikileaks-like test. The database is posted on Google Code. Will they remove it?
So you'll have no problem posting all your passwords, social security number, bank account numbers, and so on publicly, then. Right?
What a fool believes, he sees, no wise man has the power to reason away.
So how does this affect things like dd-wrt, open-wrt, and tomato where custom firmware is in place?
"Bah!" - Dogbert
Until Linksys, D-Link, Netgear, et al get their collective heads out their arses, these types of tools are great for pen testing small business networks. Personally, I can't wait for the Android app; maybe I could hack one together and get it out there...
put the what in the where?
Encryption is only as strong as the idiots who implement it. The Soviets learned that the hard way during the early part of the Cold War, when they accidentally reused random one-time pad encryptors. That led to the NSA's VENONA project, and we decrypted a pretty good amount of Soviet diplomatic and spy traffic before they were tipped off.
Sadly, I'm sure that very few if any hardware vendor will change their behavior after this breach of security. Caveat emptor.
No, like most people who say that ... he only supports someone else's information being made public.
Lost at C:>. Found at C.
Information shouldn't be kept private
Apple ran into something similar a long time ago for Mac OS X Server. The servermgrd daemon uses a self-signed SSL cert by default to secure communications with remote management tools. About four or five versions back the certificate was identical across all installations because it was contained in the installer package. Someone had to go down and show them that you could read all of the traffic by using sslsniff and the private key from your own copy of the installer. They changed to an individual, automatically generated certificate shortly thereafter.
--Paul
So you'll have no problem posting all your passwords, social security number, bank account numbers, and so on publicly, then. Right?
This is one of the stock answers to the "information should be free" in copyright debates. The stock counter to that is that published credentials, such as passwords and the like, have little or no legitimate use other than to defraud people who do business with the rightful owner of the credentials. But this situation is far more nuanced than the typical use of this answer. Publishing an RSA private key almost sounds like publishing passwords, as an RSA key is a credential used to sign communication between a router and an end user administrator, but it's something that the router makers are distributing anyway as part of router firmware. The parallel with Wikileaks is that creating a repository of such keys is a way of pointing out the flaw in a cryptosystem where all devices have the same private key.
From the article: "...making it a simple matter for an attacker to decrypt the traffic passing through the device". I'd think it would only be *to* the device.
SSLKeyLeaks
He who knows best knows how little he knows. - Thomas Jefferson
The AC is a straw man. Real "info wants to be free" people only want the info of companies, organizations, governments, etc. to be free. Julian Assange himself watches his own privacy very carefully.
$ make available
"...simple matter for an attacker to decrypt the traffic passing through the device" Wrong. This will only give the attacker the ability to decrypt encrypted sessions to/with the device. Encrypted traffic going through the device to another nonidentical host will use a different private key.
There's a difference between exposing information about the misuse of power by a powerful individual or organization and information that only exposes a little person for abuse.
If absolutely all information wants to be free in some sci-fi quantum future, we'd better see to it that we go there with the big baddies transparent before they have all the dirt on all of us little regular people.
We do this by exposing the big bad lies while fighting to keep our little secrets.
Some of my favourite people are from th US; Vonnegut, Chomsky, Bill Hicks.
Netgear, Belkin and the rest might deserve it but I don't. This is really lazy on the part of router manufacturers and I'm looking for a new one right now. Hopefully I can find one where the manufacturer doesn't suffer from a common sense failure.
My DD-WRT router generates a new cert every reboot.
If your router appliance firmware generates a new keypair and certificate every time you restart it, you'd have no easy way to tell whether you generated a given certificate or the man in the middle generated it. Even key continuity management fails in such a case. Who signs such certs? What am I missing?
No more secrets, Marty.
Power corrupts. Absolute power...is even more fun.
So you'll have no problem posting all your passwords, social security number, bank account numbers, and so on publicly, then. Right?
Not the same. This is more like calling the emperor naked. The bad guys already know that "security" is often just a theatre. This is just a blunt way to raise awareness of that fact and force vendors to start taking security more seriously.
My other account has a 3-digit UID.
If you're using home routers, they should only be configurable from the wired LAN, and only trusted people should be on that network.
Then what's the polite way to tell house guests why you're not letting them check their Facebook?
OK, you own a private SSH key of a router.
Now what?
Remeber, you got the router key, not Alice's or Bob's!
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
I beg to differ. Private information should of course remain private, nobody argues against that. But here we talk about public Information, "public" in the sense that it is freely available anyway, just slightly harder to come by. This database isn't an original publication, it merely collects the published keys in order to make them easily accessible.
I'd think it would only be *to* the device
That, and I think the attacker has to be on the network you're using to administer the device.
For a home router, with remote administration hopefully disabled, that would be your local net. So, if you have an attacker in your living room https: // 192.0.0.1 (or whatever) won't be any saver than http: // 192.0.0.1
This has zit to do with certification authorities, because the certificate would not be recognized as valid by any browser, because the DNS name would not match. And no certification authority worth their salt would sign a certificate for 10.0.0.1 or similar nonsense.
So, the solution would be D. generate a unique private/public key pair for each device, and have the user manually accept the certificate as an "exception" on first usage. Which he has to do anyways, even if all routers use the same certificate.
Moderators, please don't mod articles about certificates if you don't understand how certificates work.
Encrypted traffic going through the device to another nonidentical host will use a different private key.
If you're using your router appliance as the endpoint of an HTTPS tunnel, then tunneled HTTP traffic will be unencrypted after it leaves the appliance. It appears this would let someone sniff passwords for blogs, forums, and wikis, many of which don't use HTTPS due to the cost of a hosting plan including a dedicated IPv4 address, if someone can't sniff the route from the proxy to the HTTP site but can sniff the one from you to the proxy.
the certificate would not be recognized as valid by any browser, because the DNS name would not match. And no certification authority worth their salt would sign a certificate for 10.0.0.1 or similar nonsense.
Which is why the built-in DNS server on e.g. NETGEAR routers points routerlogin.net to the appliance's private IP address.
Silently drop DNS requests to facebook.com and shrug and say it must be a problem at their end when they ask?
Then they'd try Google, their webmail, and other sites on their Favorites, and see that I'm silently dropping everything. Then they'd bug me to troubleshoot the "problem at their end" for free, and if I refuse to whitelist the MAC of their laptop or tablet, and I further deny them the use of one of my own computers "just for a minute" that inevitably turns into fifteen or more, I'm perceived as inconsiderate.
Which is why the built-in DNS server on e.g. NETGEAR routers points routerlogin.net to the appliance's private IP address.
Smart...but it would have to be routerlogin.netgear.net or else no CA would sign this.
hmmm... but:
> dig routerlogin.netgear.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25491
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;routerlogin.netgear.net. IN A
;; ANSWER SECTION:
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 24 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 16:58:01 2010
;; MSG SIZE rcvd: 155
; > DiG 9.7.1-P2-RedHat-9.7.1-2.P2.fc13 > routerlogin.netgear.net
routerlogin.netgear.net. 3531 IN A 64.95.64.197
netgear.net. 172731 IN NS ns.buydomains.com.
netgear.net. 172731 IN NS this-domain-for-sale.com.
ns.buydomains.com. 7131 IN A 64.95.64.93
this-domain-for-sale.com. 3531 IN A 206.83.79.30
And you are positively sure that the certificate of your router is really signed by a CA, and that you didn't have to "accept" it on first login?
I kinda suspect the grandparent was being sarcastic.
For instance if I went to my local bank branch and the manager there handed me a key in person and told me to go home and install it to validate their online site, that would be better than the Verisign cert they use now.
Would they hand it to you on a CD? Tablets and netbooks don't have internal optical drives, nor do they necessarily come bundled with an external one. On a USB flash drive? Netbooks have USB host ports, but tablets and phones often (usually?) don't, and furthermore, blank USB flash drives are fairly expensive at retail (I don't know about wholesale). Besides, a targeted worm like Stuxnet could dick with the program that installs it to the operating system's key store, especially due to lack of file permissions on removable media such as USB flash drives.
So if I have WPA2 on and configure my router via a wire how would knowing my routers SSL key be all that valuable?
Procrastinating life a way at a rapid rate of speed.
Except Netgear owns netgear.com, not netgear.net..
Do people really change the passwords on their home router?
I suspect not...so this is pretty much a moot hack. I mean, why go through the trouble of sslsniff when you can just log in as admin/admin?
http://www.phenoelit-us.org/dpl/dpl.html
You can't imagine the amount of griping this slowdown caused from the product/marketing teams. They really really wanted it hard-coded. Fortunately "security guys" are taken seriously in Israel so as far as I know it's still generated on the fly.
The ... nice person who thought it's smart to hardcode private keys.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
"Information wants to be free". There's hardly a creed more often misinterpreted. Maybe aside of those associated with other religions.
The "information" that is meant here is not personal, privat information but information in the sense of "knowledge". Sharing knowledge can only lead to more knowledge, never less. If I know something you know, and you know something I know, we both know more than we knew before.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
"A documentary about $controversial_topic". It's about as unbiased and fair as any documentary about abortion or creationism. Once you have people who have an agenda besides "documenting", don't bother watching it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I took a look at this LittleBlackBox tarball. It contains a lot of source code (sqlite, openssl, libpcap plus the the LittleBlackBox program itself which uses these libraries). I wouldn't trust any of the source code or the precompiled binaries. So that leaves you with a file called "lbb.db", which is an sqlite database. Get at that data in some other way (surely there are some sqlite tools for browsing databases or dumping them to text?)
I don't see the WRT54GL listed in there, nor Tomato firmware. Of course. The stock firmware generates the key every time you boot the thing! (Well-known, major nuisance.) Tomato generates one once which is then persisted.
Yes. In the configuration there is a way to turn off wireless config access. Dont remember where it is (probably under the administration tab) but its an enable/disable radio choice.
Procrastinating life a way at a rapid rate of speed.
It's trivial to configure an old pc or laptop as a home router. There are also "consumer" routers which can be converted to Open Source.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
> If absolutely all information wants to be free...
Of course all information wants to be free. Just look how hard it struggles to get away and how expensive and difficult it is to keep it imprisoned.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
I guess you have a choice. You can post supposedly private information ala Todd Davis and get some points for bravery. Or you can wait and see if someone does it for you showing clearly that you are an idiot for trusting your bank, wife, co-worker or whomever leaked the information.
Simple answer today: trust no one. Someone you trust will publish your secrets.
It's not my house or my router. The person who bought this router knows very little about the alleged triviality of configuring an old PC to be a router. I'm going to buy her another one but I shouldn't have to. I should be able to trust the router manufacturer. If my bank had such weak security and I had to find out about it on Slashdot would it be my fault or would it be the fault of the bank?
This seems more like a TLS design flaw than anything else. By default SSL doesn't create perfect forward secrecy, which means that all of our encrypted conversations could be decrypted in the future simply by finding one key. That's ridiculous! If TLS as deployed used a cipher spec with PFS, then even if someone recorded all of our encrypted traffic, knowing these private keys wouldn't be enough to decrypt the sessions. It wouldn't stop the active MITM attack, but it would be an improvement over the current situation.
A possible security control for home networks would be to disconnect from the public network when you are doing administrative work on the router. Then unless the attacker has already placed a sniffer on the home network, the encrypted login credentials would not be visible from the public network while the administrative work was being done.
If the work involves the public network, perhaps the approach would be to disconnect during the login process and reconnect afterward. That might not prevent the attacker from viewing the activity with the public network but would prevent disclosure of the router credentials. Of course this might leave the attacker visibility into the transactions between the modem and the public network.
When are we going to get real about TLS+SRP binding to replace private keys and trusted third parties? With SRP support in all of the major browsers this issue would go away overnight.
Compromised private key and uncompromised self-signed private key are each subject to MITM. The only two realistic choices for the CPE vendor both suck.
When I go to my bank and enter my account password it is sent in the CLEAR over the TLS channel. The only thing protecting my password from being recovered by someone conducting an active MITM on some random leg of the Internet is blind trust in hundreds of organizations with the power to sign their own private keys to look like my banks. This situation is extremely dangerous, expensive and unecessary.
It is NOT just the CPE vendors that are being stupid here. They have no good choices available to them. The technology stacks and to some degree industry politics (CA industry) deserve equal credit for the problem.
At the end of the day secure password authentication is what most secure sites and systems really want. The authentication of the USER should provide the trust basis for initial session encryption key NOT the integrity of hundreds of unrelated third parties none of us know anything about.
We still need the PKI infustructure for cases where passwords are not used or the user has not established an account.. It is still quite useful.
Does this affect VPN on DD-WRT?
Either a strawman or just plain misunderstanding of the issues involved. Hanlon's razor suggests preferring the second option, so I will explain:
Information important to the public shouldn't be kept private.
The AC's passwords, accounts, etc. have no affect on the public and therefore should not be public information. The fact that your router's private key is cracked is a completely different matter.
Let me give you an example.
1. Suppose Bill likes to masturbate to Lady Gaga songs.
This is private information and should stay this way.
2. Suppose Bill is also the town's deputy sheriff.
As long as it does not affect Bill's performance of his public duties, the information should still stay private.
3. Suppose Bill, to satisfy his urges, routinely confiscates Lady Gaga CDs from confused teenagers under some pretext.
Now the information directly affects the public and should not be kept private. However, Bill's poor choice of fetish is only coincidental to the real issue -- his abuse of powers granted to him by society.
Another example:
1. You received a $5000 cheque from your aunt Millie -- private information.
2. Barak Obama received a $5000 cheque from your aunt Millie, who happens to be a RIAA executive -- information that needs to be made public.
Capiche now?
You "should" be able to trust any random person you meet on the street, too. But you can't, because people are human.
It would be your fault once you knew about it for not taking your business elsewhere.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
That does nothing to solve the problem. Even if they somehow got a trusted CA to sign a separate routerlogin.net cert for every router they made an attacker could still use any one of them to spoof.
Here is the link you should be looking for: http://code.google.com/p/littleblackbox/
He's explaining why the soldiers do it - for fun. What's your answer? If it's not for fun, then why do it?
In the rest of your rambling post you talk a lot of shit. You can't say than an organisation lacks credibility because of criticisms of one of its leaders. It's releasing information which a lot of people find interesting. Clearly it's made him a target for smears, and you, like a lot of other 'useful idiots' walk right into it. But this say a lot about you, and not very much about Assange, who's not actually been convicted of any crime yet, and the one for which he's being pursued by the Swedes is a bit of a non-crime in my opinion.
Complete misunderstanding of what "information wants to be free" means.
Think of "water wants to move downhill". This does not mean "dams are bad". What it means is "if you don't want water to move downhill, you will have to more work (such as build a dam) than if you just let the water flow downhill".
Now think carefully, apply to "information wants to be free", and (I can only hope), get a clue.
He's explaining why the soldiers do it - for fun. What's your answer? If it's not for fun, then why do t?
No!
He's explaining, why in *his opinion* soldiers do it - for fun. Meaning, in his opinion, its fun to kill people. As far as the rest of the world's opinion goes, its not fun. Period. They have such bravado so as to protect their mind from long term damage.
The soldiers have a choice of coming to terms with themselves as being murderers. Soldiers who do this go insane. Most soldiers don't want to consider killing others during wartime as murder. As such, they much find a new mindset. Without failure, this mindset creates the bravado you see in the video. Go look at other videos and you'll find the same bravado time and time again.
Those who ignorantly look at the video as incrimination. Those who are knowledgable see it as the bravado of people who come from a culture where life is valued and yet are asked to kill others on a daily basis. Again, its all about framing and knowledge. Those who are outraged are generally ignorant and therefore, unqualified to have an opinion one way or the other. And yet, those who are generally the most ignorant and least qualified to have an opinion are the most vocal and most outraged.
Your response is a classic example. You don't know. You were and are ignorant. Anyone who attempts to clarify your ignorance, must be attacked.
The facts of the matter are, the facts and knowledge from those who actually understand what they are seeing, look down on the masses. Which is EXACTLY why the military didn't want these videos released. Its also why in war movies they temper these events because otherwise the audience wouldn't understand what is it they are seeing. Just time and time again, in real video, you see exactly this. And time and time again, its excused in the real world because chances are, you damning yourself should you be in the same seat. You're damning what it is to be human.
No, like most people who say that ... he only supports someone else's information being made public.
Anthropomorphising governments and corporations, are we?
Security is not for your protection, it is for the (bank's, government's, employer's) protection. They can't profit from a mutually co-operative society, only a divided and individualistic one.
Every cell in your body shares its entire sustenance with its neighbours. When a cell doesn't, it is called cancer. Hence the slow and painful death of our society.
"In the absence of the ability to establish the attribute of truth they tried to establish the noble attributes."
I will rush to execute a pre-compiled binary from a self-admitted hacker/cracker group. Sounds like a great plan ;)
Anyone with less scruples and/or more time to poke stuff: Is Fritz!Box affected? I expect them to and want to call customer support, tomorrow :)
He's explaining, why in *his opinion* soldiers do it - for fun. Meaning, in his opinion, its fun to kill people.
I think there's a step missing in your logic.
If someone asks me why $RANDOM_SPORTS_STAR dedicates so much time and energy to playing some particular sport, and I say that in my opinion I think they do it because it's fun, does that mean I think playing that sport is fun? If so, how do you explain the fact that I don't play that sport? Why would I willingly deny myself fun? Maybe, just maybe, I'm actually trying to put myself in the shoes of someone else who thinks differently to me, and enjoys things that I don't enjoy. It's entirely possible I think someone plays sports because it's fun, even though I personally don't find it to be fun. In the same way, I tend to assume people listen to operas because they enjoy them. Personally, I find them unpleasant to listen to, but that doesn't mean I'm incapable of understanding that other people do in fact actually like them.
The rest of your post is kind of hard to follow, but I think the general gist is that people see videos of soldiers acting like soldiers, and infer that they actually enjoy killing other people. You say it's very common for people to have that naive view because they don't really understand what the soldiers are going through and what they have to do in order to cope, and that the people who better understand the realities take steps to avoid "the masses" from seeing such things because they know it'll be misinterpreted.
Yet you seem to have dismissed the possibility that Julian has a similarly naive view and thinks that soldiers do it simply because they think killing people is fun, and instead decide to infer that his statement that he thinks soldiers do it because they think killing is fun actually means he himself thinks killing is fun. But if that's the case, why didn't he enlist, or at least become a serial killer?
Aaah, but in a world with a largely open internet with file sharing, like our world, then information will tend to become more free with time. People tend to download things that are available for download, and attempts to suppress the sources tends to lead to the creation of new sources for the same info. Basically the Streisand effect applies to all information, though with varying degrees of effectiveness. Information tends towards maximal distribution, or "wants to be free".
Not a sentence!
Do you work for Setec Astronomy?
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
But what if it's not the information trying to escape but organized crime running information abduction and slavery rings? Your information might end up on some run-down sleazy website halfway across the globe having to sell itself to strangers.
"Talkie talkie, ten dollars? Me know you long time."
Won't somebody think of the information?
USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)