Slashdot Mirror

← Back to Stories (view on slashdot.org)

Another CA Issues False Certificates To Iran

Posted by timothy on from the bad-juju dept.

arglebargle_xiv writes "Following on from Comodogate, we have another public CA issuing genuine false certificates to Iran, this time for Google. There's speculation that it's a MITM by the Iranian government, but given the existing record of CAs ready to sell certs to anyone whose check clears, it could just be another Comodogate." Another (anonymous) reader says, "What might be worrying is that the CA behind the forgery is the official supplier of most Dutch Government certificates, diginotar.nl. They are supposed to be very stringent in their application process. As a Dutchman, I'm very interested to see how this one plays out." Adds Trailrunner7: "The attack appears to have been targeting Gmail users specifically. Some users trying to reach the Gmail servers over HTTPS found that their traffic was being rerouted through servers that shouldn't have been part of the equation. On Monday afternoon, security researcher Moxie Marlinspike checked the signatures on the certificate for the suspicious server, which had been posted to Pastebin and elsewhere on the Web, and found that the certificate was in fact valid. The attack is especially problematic because the certificate is a wildcard cert, meaning it is valid for any of Google's domains that use SSL."

11 of 229 comments (clear)

  1. This is considered surprising? by Targen · · Score: 5, Insightful

    Security people have since forever warned the rest of the world against the risks of blindly trusting centralized/hierarchical trust schemes. It's not the first time this happens. It won't be the last. And while standard practices remain as they currently are, we're all in the hands of whoever's got money and power, and governments tend to have a lot of both. Most of you might not care much about this since you probably live in places with decent governments*, but it's a real concern for an enormous portion of the world's population.

    *IN RELATIVE TERMS. I know many of the governments of the "free world" are guilty of all manners of despicable privacy violations with all manners of awful consequences, but please don't even attempt to compare these issues to the sorts of oppression that happen in full-blown totalitarian regimes.

  2. Stringent SSL verification process ... yeah right! by phoxix · · Score: 3, Insightful

    The idea behind the "Stringent SSL verification process" is that customers will pay a brand-name-trusted CA company to verify the SSL request is from who they claim to be.

    Even at *TEN THOUSAND* USD/EUR/GBP/etc per fake certificate, the price is too good for countries like Iran, China, etc for engaging in MITM attacks.

    The whole process is a scam outright....

  3. Penalty: instant deletion of the CA, surely? by robbak · · Score: 4, Insightful

    Surely, if any a fraudulent certificate evert shows up, then the public keys for the issuing CA should be instantly removed? Even if they are Verisign themselves, if a fraudulent certificate exists, then trust is lost, and they cannot remain.

    --
    Prediction for end of Universe #42: Fencepost error in Quantum_bogosort.cpp
    1. Re:Penalty: instant deletion of the CA, surely? by Spad · · Score: 4, Informative

      Mozilla, Google & Microsoft (at least, so far) have all now removed Diginotar from their list of trusted authorities in their respective browsers.

  4. Surprising? by Mensa+Babe · · Score: 5, Interesting

    The only thing I find surprising is that stories like this are not more common. Various government agencies all over the world have been using fake certificates literally for years. Those are usually targeted at specific individuals being under surveillance so those are one-time stunts, limited in time and in network visibility, but all of those certificates in order to be useful have to be issued by certification authorities that are in the trust chain of the popular web browsers (Firefox, Chrome, Explorer, Safari, Opera). The problem with SSL/TLS certificates is that any certification authority from any country can issue a certificate for any domain, and they do occasionally. Most of those certificates are used only few times so they don't get any attention but sometimes they do. The trust model in SSL/TLS is fundamentally flawed and I agree with Dan Kaminsky and Bruce Schneier that we have to completely abandon it in favour of a trust model based on a secure DNS system, where there is only one authoritative source of cryptographic certificate for any given domain, instead of thousands like we have today. I have been telling this for years and I can only hope that people will eventually wake up and listen after stories like this one.

    --
    Karma: Positive (probably because of superiour intellect)
  5. Convergence by unencode200x · · Score: 4, Interesting

    Another reason to take a good, long look at Moxie Marlinspike's Convergence system. Basically, it does away with CAs in favor of a trusted and anonymous notary-based system.

    See him speak about it at BlackHat USA 2011 here .(a really great talk, as always).

    Read about it here

    The official Convergence website (http://convergence.io/). The plugin (AFAIK) is not compatible with FF 6 yet.

    --

    Chance favors the prepared mind.
    Perfect is the enemy of good.
  6. More acronyms, please by mmarlett · · Score: 3, Funny

    So, besides more Californias (CAs) offering more martinis-in-the-morning (MITMs) to confuse more octogenarians/septuagenarians (OSs), what does the Chicago Public School System (CPS) have to do with anything? Or is this one of those "hacker" things I've heard so much about?

    1. Re:More acronyms, please by mysidia · · Score: 4, Funny

      The Californians provide a document specifying their chosen Chicago Public School System, which is digested by THE POWERS THAT BE to decide if the Californian is trusted to introduce UAs (Utah and Alaskans) to servers and vice versa (partially based on their record of providing the proper tip amounts to their servers).

      The problem is, this particular Californian has taken to introducing fake servers to the UAs (Utahns and Alaskans).

  7. Mozilla wants to blacklist the CA it seems. by wvmarle · · Score: 4, Interesting

    I just looked through the bug report listed; at the end two very interesting comments:

    So it seems Mozilla is basically going to blacklist that CA. I think that's an appropriate response: the CA has proven that their methods are flawed, and that there certificates can not be trusted. This one has been found out; who knows whether there are more out there? I surely hope this is a one-off incident but better safe than sorry. And it sends the message nice and clear to other CAs that they have to be really careful.

    As of 9:26pm PDT this bug report has made the frontpage of slashdot.org [...] Please address this issue immediately.

    A Slashdot side-effect :)

  8. Mozilla, Google, MS all agreed to remove the CA by yuhong · · Score: 4, Informative

    http://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate/
    http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html
    http://www.microsoft.com/technet/security/advisory/2607712.mspx

  9. lovely by roman_mir · · Score: 5, Insightful

    I love how every time when the discussion is brought up that browsers need to stop treating https with self signed certificates worse than they treat plain http (just don't show the lock icon, show an icon for the fingerprint, which would make it easy to display the fingerprint for comparing it to a known one), some fool immediately starts talking how browsers must treat https with self signed certs worse than http because https without CA means that your session is vulnerable to the MITM.

    Of-course when it is pointed out that CA does not guarantee that there is no MITM either, the discussion dies out but the opinions never change.

    Well how much longer will the opinions can stay the same with all the evidence that CAs do not in fact guarantee that there is no MITM?

    More importantly: who is talking about browser being responsible to figure out whether there is MITM or not with a https and a self signed cert?

    This cognitive dissonance needs to be eradicated.

    --
    You can't handle the truth.