GlobalSign Suspends Issuance of SSL Certificates

← Back to Stories (view on slashdot.org)

GlobalSign Suspends Issuance of SSL Certificates

Posted by Unknown on Wednesday September 7, 2011 @03:45AM from the trust-no-one dept.

Joining the ranks of accepted submitters, realxmp writes "The BBC is reporting that GlobalSign has stopped issuing certificates because of yet another suspected CA security breach. This was in response to a post on the ComodoHacker paste bin, claiming that this and several other CA's have also been compromised." No word yet on whether they were actually compromised.

111 comments

Min score:

Reason:

Sort:

At some point by SlippyToad · 2011-09-07 03:48 · Score: 3, Insightful

You have to wonder if these people are serious about their craft, or just phoning it in. If they are in the security business, you expect they'd at least make a half-assed attempt at securing THEIR OWN BUSINESS.

--
One day I feel I'm ahead of the wheel / the next it's rolling over me / I can get back on / I can get back on
1. Re:At some point by h4rr4r · 2011-09-07 04:14 · Score: 1
  
  Why would they?
  Security costs money, these folks sell the illusion of security so that is what they use for themselves as well. When marketing and MBAs run companies this is what you get.
2. Re:At some point by elsurexiste · 2011-09-07 04:16 · Score: 1
  
  There are two possible scenarios. In the first one, you are right and those fellas at GlobalSign are lame. In the other one, they are doing it because of risk mitigation instead of security.
  
  --
  I rarely respond to comments. Also, don't ask for clarifications: a brain and Google are faster, believe me!
3. Re:At some point by andymadigan · 2011-09-07 04:16 · Score: 2
  
  Selling security is completely different from providing security. Look at TSA for instance, no security provided, but plenty 'sold'. Same with the CAs, their product is a signed certificate which is recognized by browsers, their product is not the security of their own organization. Sure, if they're hacked they'll lose everything, but MBAs think the chance of that happening is so low that it isn't worth it to implement security.
  
  We've also seen what the MBAs will do when a hack does occur - try to keep it a secret for as long as possible. Again, the security of the organization is not the product, just the certificate and some security theater.
  
  --
  The right to protest the State is more sacred than the State.
4. Re:At some point by SlippyToad · 2011-09-07 04:21 · Score: 1
  
  Again, the security of the organization is not the product, just the certificate and some security theater
  If my organization mentions buying a certificate from one of these shysters, I'm certainly going to recommend against it.
  They may not think their own security is their product, but frankly the entire integrity of their business rides on it.
  
  --
  One day I feel I'm ahead of the wheel / the next it's rolling over me / I can get back on / I can get back on
5. Re:At some point by Anonymous Coward · 2011-09-07 04:22 · Score: 0
  
  They are in it for the profit, not the service. You're better off doing it yourself. There is plenty of good information on the Internet, no need for such companies.
6. Re:At some point by h4rr4r · 2011-09-07 04:29 · Score: 2
  
  But until yesterday you would not have.
  So they will fold this company and do it all over again. That is much cheaper than ever bothering with security.
7. Re:At some point by HermMunster · 2011-09-07 04:30 · Score: 3, Interesting
  
  The Comodo and Diginotar break-ins and theft were traced to Iran. To me, when I read the pastebin post, I felt it was a cover up bit meant to mislead the general public. Any additional hack thereafter, such as GlobalSign, would simply be to cover up their actions.
  I'm not talking about hiding the activity, but to make it seem like Iran wasn't a participant. And, they were. The purpose of those thefts is to act as a man-in-the-middle to fool the Iranian citizens into thinking that they were speaking with these social and search sites as if they were the original. SSL is the foundation of secure communication over the internet. Browsers use those to verify a site is the actual site. Acting as a man in the middle with a seemingly valid certificate can fool your population into believing you are Google, and hence they can read your mail, watch your searches, check out what you say, and even find out where you are. Iran could easily put up a fake Firefox/Google/Microsoft site and then substitute their own browser that still accepts the certificates.
  If GlobalSign is ceasing certificate issuance because of pastebin maybe it is appropriate for now.
  My opinion still stands. That pastebin reference was either some fool confessing to every murder and crime on the planet, or it was Iran spoofing the general world public trying to build doubt, thus making it less likely that there'll be major backlash by the governments of the world.
  Certificate forgery (by stealing them from legit sources) is really bad for the internet. Seriously bad.
  
  --
  You can lead a man with reason but you can't make him think.
8. Re:At some point by ObsessiveMathsFreak · 2011-09-07 04:42 · Score: 2
  
  These people are not in the security business; They are in the confidence business.
  Like Calvin Klein, and psychic hot-lines, the CA's are not selling a product so much as they are selling "peace of mind". They sell a special pen which companies use to fill in that special website check-box next to the word "Secure connections". That's it.
  There is nothing magical about a CA issued cert. The Certification Authorities neither certify connections, nor have the authority to do so. They host public numbers on their servers and end users must rely solely on the CAs unearned reputation that the connection is in fact a) secure and b) to the right party. There is no guarantee that the connection is actually either and the CA's cannot issue such guarantees or even verify the situation before or after the fact. Not that they would bother too either.
  The CA's certs are best compared to the sale of church indulgences. You pay money, and your encryption sins are forgiven. What sins are those? Well, according to RSA: Chapter 2, verse 7; a self signed cert (while perfectly functional) is a blasphemy against the holy powers and will be punished with eternal damnation unless you repent and fork over a wad of cash to your nearest CA immediately. By the way, bad things can still happen to you because Security works in mysterious ways, but as long as you gave the CA's money, your soul/ass is covered.
  I hope someone at Mozilla is reading this, because the next time I have to click through that irritating little yellow jerk four times just to stop people sniffing my web traffic, I'm switching to Chrome. Hope that doesn't make you spill coffee out of your complementary Verisign mugs fellas.
  
  --
  May the Maths Be with you!
9. Re:At some point by rednip · 2011-09-07 04:48 · Score: 1
  
  When unaccountable people run companies this is what you get.
  There, I fixed it for you.
  
  --
  The force that blew the Big Bang continues to accelerate.
10. Re:At some point by pe1chl · 2011-09-07 04:57 · Score: 1
  
  The thing is that it does not matter at all how secure the organization you buy your certificate from is.
  What matters is how secure the lease secure of those hundreds of organizations that sell certificates is.
  You can buy your certificate from the most secure one, but someone else can buy or steal it from the least secure organization and it will be trusted just as much.
11. Re:At some point by Anonymous Coward · 2011-09-07 05:00 · Score: 0
  
  You don't need CA's or "security" companies. The software is all there, free, honest and open for everyone to use. Why spend millions on something that is free and good?
12. Re:At some point by Anonymous Coward · 2011-09-07 05:08 · Score: 0
  
  Your parent poster had it right. If you want to fix something, fix the typo in your sig.
13. Re:At some point by ObsessiveMathsFreak · 2011-09-07 05:35 · Score: 1
  
  Why spend millions on something that is free and good?
  Because if you don't the browser with almost 40% market share will throw a hyperventilating fit whenever users connect to your site, and will try its earnest best to frighten them away from you before they so much as see your site logo.
  But other than that, yeah, you can go right ahead and self sign your certs. No problem.
  
  --
  May the Maths Be with you!
14. Re:At some point by interval1066 · 2011-09-07 05:42 · Score: 1
  
  Well, you don't spend millions, typically. You just need a few certs for your domain, depending on the number of servers that's a few grand? And I don't know how that works with visualization in the mix.
  The cert business (and it is a business, don't let them kid you), is all about trust. They're selling trust. The only reason they're in business is to sell you (if you're running a business web site) is to sell you a piece of code that removes the "untrusted" nag a browser presents the user when they access your secured web site, because they come with a collection of pre-installed certs from recognized CAs. If your willing to put a note on your site telling your users that they need to install YOUR cert, and its a one time thing, then there's really no need to buy into these CAs.
  But a lot of enterprises aren't willing to do this, they want the user (who are by and large unfamiliar and don't want to become familiar with this simple process) not to have to deal with it. So the CA business is really a house of cards. They're in business because they got in early and have endorsements from other large entities, the US gov. for one.
  I sometimes wonder what the process is like to set up another CA and get the major browser makers to buy in. What would stop you and me from setting up a CA and getting our cert pre-installed on the browsers?
  
  --
  Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
15. Re:At some point by plover · 2011-09-07 06:04 · Score: 1
  
  This Certificate forgery isn't all bad (except to the direct victims, who I hope are able to remain safe.) It's a wakeup call if we choose to listen.
  The root CA PKI system has always been a house of cards. It's great for the purpose for which it was designed, which is a single top-down hierarchical organization, but that's not the Internet. We've just stuck with it for so long that we've never bothered with the tremendous amount of work it would take to replace it with something better. This is a gust of wind that'sreminded everyone how bad it is. Another few such attacks might force a wholesale change. And that would be good.
  
  --
  John
16. Re:At some point by Anonymous Coward · 2011-09-07 06:05 · Score: 0
  
  I'm sorry, are you implying that MBAs don't as a class shirk responsibility and pass the blame?
17. Re:At some point by shutdown+-p+now · 2011-09-07 06:05 · Score: 2
  
  The Comodo and Diginotar break-ins and theft were traced to Iran. To me, when I read the pastebin post, I felt it was a cover up bit meant to mislead the general public. Any additional hack thereafter, such as GlobalSign, would simply be to cover up their actions.
  I'm not talking about hiding the activity, but to make it seem like Iran wasn't a participant.
  What on the posted PasteBin messages made you think that it's trying to deflect attention from Iran? It seems like the exact opposite to me, if anything. I mean, the very first message from the "ComodoHacker" guy says:
  "Rule#3: Anyone inside Iran with problems, from fake green movement to all MKO members and two faced terrorist, should afraid of me personally. I won't let anyone inside Iran, harm people of Iran, harm my country's Nuclear Scientists, harm my Leader (which nobody can), harm my President, as I live, you won't be able to do so. as I live, you don't have privacy in internet, you don't have security in digital world, just wait and see..."
18. Re:At some point by Solandri · 2011-09-07 06:53 · Score: 1
  
  The Comodo and Diginotar break-ins and theft were traced to Iran. To me, when I read the pastebin post, I felt it was a cover up bit meant to mislead the general public.
  Actually, to me it seems far more likely that the break-in originated elsewhere, then access was sold to Iran.
19. Re:At some point by aztracker1 · 2011-09-07 07:36 · Score: 1
  
  Chrome isn't much nicer with self-signed certs, it warns every time... Would be nice to get a warning the first time, have it log the cert, and warn if it changes.
  
  --
  Michael J. Ryan - tracker1.info
20. Re:At some point by HermMunster · 2011-09-07 09:27 · Score: 1
  
  Seems more like deflection. Some lone gunman shoots--so to speak.
  
  --
  You can lead a man with reason but you can't make him think.
21. Re:At some point by Anonymous Coward · 2011-09-07 12:11 · Score: 0
  
  If it's a quasi-official Iranian initiative, then I'd say it's a very reasonable retaliation for the STUXnet attack on their infrastructure.
  It would be Iran saying "Sure you can inconvenience us with your hacking, but we can do the same to you, so tread carefully, OK?"
  Seems fair enough to me.
22. Re:At some point by Anonymous Coward · 2011-09-07 14:21 · Score: 0
  
  Lets just get rid of SSL certs for the sole reason of shutting this dbag up and he can go back to his x-box.
23. Re:At some point by Kalriath · 2011-09-07 15:45 · Score: 1
  
  Um, not just Firefox. Chrome makes it sound like the world will end as well. In fact, only Internet Explorer passes you through with a mere "Yes/No" dialog box and a mumbled warning about possible forgeries - every other browser makes you jump through fiery hoops to OK a self-signed cert with messages predicting the imminent death of your family, tidal waves consuming your home, and terrorists arriving to kick your dog if you do.
  
  --
  For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Chain effect by Baloroth · 2011-09-07 03:50 · Score: 2

1. Hack one CA
2. Post on pastebin claiming to have hacked more
3. Watch as they scramble in panic
4. ??????
5. Profit?
It seems quite possible that the hacker is just being a total jerk, if they wanted to actually use certs from a company (like they did Diginotar) they wouldn't announce the hack until it was discovered. So most likely they didn't actually pull off the hack.
Unless 4 is "be a rival CA", in which case you do profit. Or if you hacked a different CA and want people to use that company. Which adds a whole layer of conspiracy possibilities on an already conspiracy-laden hack.

--
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
1. Re:Chain effect by vlm · 2011-09-07 04:35 · Score: 2, Interesting
  
  3. Watch as they scramble in panic
  
  I think this is not just casual LOL type watching, but scientifically carefully studying the reaction to a semi-credible threat, to figure out how to work around their reaction in a future (real?) event.
  How has the collapse of diginotaurus or whatever affected other CAs response?
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
2. Re:Chain effect by Anonymous Coward · 2011-09-07 06:13 · Score: 0
  
  In the pastebin, he also claims to have hacked a computer that is not attached to the internet....
3. Re:Chain effect by QuantumRiff · 2011-09-07 09:43 · Score: 1
  
  I can see investigating internally, but if you stop issuing, then it means you either found something really, really bad, or things are such a cluster f--k that you can't tell
  
  --
  
  What are we going to do tonight Brain?
Personal-interest notes by dcollins · 2011-09-07 03:53 · Score: 3, Insightful

First time accepted submitter (and Slashdot coder) cogent writes...
With his first accepted submission, quantr tips news...
Hitting the mainpage for the first time, Black Sabbath writes...
Debuting on Slashdot, seezer writes with a piece...
Joining the ranks of accepted submitters, realxmp writes...
For god's sake, stop! We care about the news, not the personalities of the posters!

--
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
1. Re:Personal-interest notes by tepples · 2011-09-07 03:57 · Score: 3, Insightful
  
  I guess publicly recognizing that a submitter has for the first time written a submission that meets Slashdot's criteria is a way to increase the likelihood that the submitter will submit news of similar quality in the future.
2. Re:Personal-interest notes by SydShamino · 2011-09-07 04:04 · Score: 1
  
  You say this, and yet people bitched for years about Roland Piquepaille's submissions being constantly accepted, leading people to think that you had to be "in the know" to get your story on the front page.
  
  --
  It doesn't hurt to be nice.
3. Re:Personal-interest notes by Anonymous Coward · 2011-09-07 04:04 · Score: 0
  
  Gold star! +5!
4. Re:Personal-interest notes by Anonymous Coward · 2011-09-07 04:24 · Score: 0
  
  Gold star! +5!
  More like, "Infinite Monkeys, +1 sometimes, +5 eventually."
5. Re:Personal-interest notes by ColdWetDog · 2011-09-07 04:37 · Score: 1
  
  Gold star! +5!
  More like, "Infinite Monkeys, +1 sometimes, +5 eventually."
  We're (mostly) American here. The better analogy is 'a blind pig gets an occasional acorn'.
  Thank you,
  The US High Fructose Corn Syrup Benevolent Association.
  
  --
  Faster! Faster! Faster would be better!
6. Re:Personal-interest notes by MagicM · 2011-09-07 04:38 · Score: 1
  
  And highlighting how frequently stories come from a first-time submitter might spur would-be submitters to get off their ass and try for their 5 minutes of slashdot fame.
7. Re:Personal-interest notes by dyingtolive · 2011-09-07 04:44 · Score: 1
  
  Please, we're mostly American here. The best analogy is 'that dere blind pig dun gits its acorn sumthan'.
  
  --
  Support the EFF and Creative Commons. The war is coming, and they're supporting you...
8. Re:Personal-interest notes by Thud457 · 2011-09-07 06:18 · Score: 1
  
  http://slashdot.org/~MichaelKristopeit351/submissions
  
  --
  the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
9. Re:Personal-interest notes by Anonymous Coward · 2011-09-07 10:05 · Score: 0
  
  But OMG it wasn't like that YESTERDAY!!! How many words must they MAKE ME REEEEEEEAAAAAAD!?!?!?!
  And what does TFA mean, anyway?
Self Signed Certificates by roman_mir · 2011-09-07 03:57 · Score: 4, Interesting

Self Signed Certificates.
This is what I have been talking about for years and years now. Years and years, and I am on the topic of browsers treating self signed certificates worse than viruses and there are still people disagreeing.
Come on, browsers need to start treating self signed certificates like they are plain old HTTP, with an icon that can be used to view the fingerprint.
That would be a GOOD START. Then start distributing lists of sites to fingerprints, maybe even public certificates, have time stamps and have the site operators cross check the fingerprints in those lists. Have an architecture to verify one list against another dynamically. Have verified lists that are hash signed, have hash keys for lists being distributed. I don't know, there could be all sorts of things done, but instead we are still relying on the centralized signing authority that didn't actually earn any trust. I don't trust any CA, why does anybody trust any CA?

--
You can't handle the truth.
1. Re:Self Signed Certificates by DarkOx · 2011-09-07 04:04 · Score: 2
  
  So you want to replace the cryptographically secure method of certificate validation and revocation with your own method where anyone can essentially poison the list of thumbprints.
  I agree that self signed certs should be treated like clear text from a security perspective rather than setting off alarm bells but, we still need secure third party identity validation.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
2. Re:Self Signed Certificates by LordLimecat · 2011-09-07 04:07 · Score: 1
  
  That really doesnt work so well for sites like Google / all their services, or Amazon, that people may want to access from various places and on various computers. Are you suggesting that we teach everyone about the concepts of certificates, thumbprints, and trust, so that they can pore over the certificate trust chains on each computer they ever want to use?
3. Re:Self Signed Certificates by 0123456 · 2011-09-07 04:16 · Score: 1
  
  I agree that self signed certs should be treated like clear text from a security perspective rather than setting off alarm bells
  Yeah, because I totally want my web browser not to set off alarm bells when I go to www.mybank.com and it receives a self-signed certificate from that site.
4. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 04:20 · Score: 0
  
  This can already happen with sslstrip. A man in the middle attack can just wipe out ssl.. unless you always check to make sure you are genuinely on the https page then you are just as vulnerable to this attack.
5. Re:Self Signed Certificates by EyelessFade · 2011-09-07 04:24 · Score: 1
  
  But its ok that none warnings are issued just because mybank.com spent a lot of money to buy a signed certificate from douchebags-ca.com?
6. Re:Self Signed Certificates by DarkOx · 2011-09-07 04:24 · Score: 1
  
  ok fair point, I guess, but if you go to www.mybank.com today without putting https:/// in front of it your browser will almost certainly try http first, and if the server answers you will get an unsecured connection with no warnings.
  Mind you it might not be your banks server that answers either, might be anyone redirecting port 80 traffic along the way. So I still say either self signed SSL certs should be treated as clear text, at the application level. Now perhaps the browser should throw up all kinds of scarey warnings about plain HTTP
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
7. Re:Self Signed Certificates by 0123456 · 2011-09-07 04:29 · Score: 1
  
  But its ok that none warnings are issued just because mybank.com spent a lot of money to buy a signed certificate from douchebags-ca.com?
  Untrusted CAs aren't included in the web browser, so there will be a warning unless the browser flags that CA as trusted. That trust may be misplaced, but that's a different issue.
  The big flaw with current browsers is that it doesn't tell you when it sees a new certificate where the old one was from bignameCA.com, but the new one is from CAIveneverheardof.ng.
  The CA concept is fundamentally broken, but so long as the CAs are legitimately trusted it's vastly more secure than accepting any old crap without warning.
8. Re:Self Signed Certificates by 0123456 · 2011-09-07 04:31 · Score: 1
  
  A man in the middle attack can just wipe out ssl.. unless you always check to make sure you are genuinely on the https page then you are just as vulnerable to this attack.
  And, guess what, my web browser does warn me if I go to my bank and it's not encrypted. But most people don't have those options enabled because they're too painful, warning numerous times about sites where I don't care whether the connection is encrypted.
9. Re:Self Signed Certificates by dgatwood · 2011-09-07 04:35 · Score: 2
  
  There's a third choice: display a warning the first time, then permanently accept that cert for that site like ssh does. Then, allow one cert to sign its successor for a couple of years after the cert's expiration (or drop expiration dates entirely, as they don't seem to do much good other than making CAs more profitable) and make the new cert inherit the "always trust for this site" policy from its predecessor.
  With that one change, a self-signed cert would provide nearly the same benefit as a real cert, minus the initial trust on first connection. And even that trust is minimal, given that taking over a domain's admin email accounts (even temporarily) or compromising a CA is enough to get certs. And even in the best case, you're basically going on word-of-mouth trust as to whether you trust the actual owners of the site to be a legitimate business.
  In some ways, the ssh style actually provides more security than the current trust model because an attacker can't get a new key from an arbitrary (compromised or crooked) CA.
  Safari already provides some of this if you know to check the checkbox ("always trust this cert for this site", emphasis mine). Other browsers may do this as well; I haven't tried it. However, to my knowledge, nobody provides trust chaining with expired self-signed certs, nor automatic inheritance of the "always trust for this site" policy, which turns out to be a critical part of the story after the first cert expires.
  
  --
  Check out my sci-fi/humor trilogy at PatriotsBooks.
10. Re:Self Signed Certificates by vlm · 2011-09-07 04:37 · Score: 2
  
  Untrusted CAs aren't included in the web browser
  Insert simpsons voice "ha ha". The whole point is that is just not so.
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
11. Re:Self Signed Certificates by 0123456 · 2011-09-07 04:42 · Score: 1
  
  Insert simpsons voice "ha ha". The whole point is that is just not so.
  As I said, that trust may be misplaced. But just because some CAs aren't trustworthy, that's no reason to accept self-signed certitificates which are guaranteed not to be trustworthy.
  The bad CAs get removed from the browser. No browser developer is going to want to have to track millions of bad self-signed certs, nor could they when anyone can create new ones.
12. Re:Self Signed Certificates by elsurexiste · 2011-09-07 04:44 · Score: 1
  
  Sorry, but I can't agree. Most people wouldn't understand what the hell are you talking about, so even if you show them a fingerprint, they wouldn't know what to do. Browsers treat self-signed with suspicion because anyone can self-sign a certificate and they won't prove, only by themselves, that the server is who it says it is. You surely recognize this. Now, CAs earned their trusts by passing a real audit, as in people from a company you know IRL goes to that company to check stuff IRL. Not that it helped much to that Dutch company, but it guarantees a minimum of security. Finally, quite amusingly, you describe a scheme of distributed CAs as a great alternative. We have now come full circle and returned to certificates checked against CAs. I think your proposal is the way to go, by the way: a certificate full of stamps instead of just one per hierarchical level. But nothing self-signed, that would be a nightmare.
  
  --
  I rarely respond to comments. Also, don't ask for clarifications: a brain and Google are faster, believe me!
13. Re:Self Signed Certificates by Pionar · 2011-09-07 04:44 · Score: 1
  
  Why should I trust your list?
14. Re:Self Signed Certificates by tokul · 2011-09-07 04:45 · Score: 1
  
  Come on, browsers need to start treating self signed certificates like they are plain old HTTP, with an icon that can be used to view the fingerprint.
  
  Will you notice if your bank reverts to self signed certificate? Will other people notice it?
15. Re:Self Signed Certificates by 0123456 · 2011-09-07 04:48 · Score: 1
  
  Now, CAs earned their trusts by passing a real audit, as in people from a company you know IRL goes to that company to check stuff IRL. Not that it helped much to that Dutch company, but it guarantees a minimum of security.
  The big problem with the CA system is that it limits your security to the level of the least secure CA. You can get your certs from supersecureCA.com, but anyone who hacks into CAinmygarage.ng can produce a certificate that will be trusted just as much as the real one.
16. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 04:49 · Score: 0
  
  >Untrusted CAs aren't included in the web browser,
  bwahahaha HAhaHAha http://www.youtube.com/watch?v=9zSHz7Thvbc
  That's such a hilarious statement.
  Do you even follow tech news? These CA's are BY DEFAULT included as trusted. Nobody would give a fuck if a CA that wasn't in the chain issued certs. That's basically the same as self-signing. The whole PROBLEM has been that these 'trusted' CAs are quite willing to issue a cert for anysite to anyone for sufficient reason.
  >The big flaw with current browsers is that it doesn't tell you when it sees a new certificate where the old one was from bignameCA.com, but the new one is from CAIveneverheardof.ng.
  true. There is a FF extension for that
  >The CA concept is fundamentally broken, but so long as the CAs are legitimately trusted
  But they aren't. Given the practices of most CAs in your browsers default trust list, it's not very difficult at all to fake your identity and gain the credentials for a different site.
17. Re:Self Signed Certificates by 0123456 · 2011-09-07 04:51 · Score: 1
  
  Do you even follow tech news?
  Did you read my post?
  Ah, no, because you cropped out the part saying 'That trust may be misplaced'.
18. Re:Self Signed Certificates by Sloppy · 2011-09-07 04:53 · Score: 1
  
  The answer to that question is identical to the answer to: "Will you notice if your bank uses plaintext http?" If you think the answer to that question is No, then whatever you use to turn that into not being a problem, will work the same for both approaches.
  
  --
  As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
19. Re:Self Signed Certificates by roman_mir · 2011-09-07 05:08 · Score: 1
  
  Did I say you have to trust my list?
  I would rather have many distributed lists, all being cross checked, more like multiple DNS roots/entries rather than relying on somebody that is assumed to be trustworthy.
  I want cross checking of multiple lists against one another, etc., You don't have to rely on my list.
  
  --
  You can't handle the truth.
20. Re:Self Signed Certificates by GameboyRMH · 2011-09-07 05:19 · Score: 1
  
  I don't think the distributed lists is a good idea. Just stick to distributed verification / SSL notaries.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
21. Re:Self Signed Certificates by roman_mir · 2011-09-07 05:23 · Score: 2
  
  It's all about the UI - will you notice anything if UI does not tell you?
  What if UI didn't tell you that the site is changing from HTTP to HTTPS, would you notice it? What if the browser decided not to show you the address bar at all? Do you know that they are playing with that genius idea? They are really thinking about it!
  Now, what is needed is a good way to show that the site is HTTP or HTTPS with a self signed certificate, and have an easy way to see the fingerprint or it is an HTTPS with a CA (still show the fingerprint, why not?)
  However I would like it to go further and I would like to see browsers using distributed lists of fingerprints/public certificates/hash keys for the lists, all of this done in a way that allows browser to load multiple lists from different unrelated sources, maybe even some form of 'torrent' for the fingerprint lists. Also maybe a standard to check for fingerprint for a site from the site as well.
  Obviously the site operators have to manage their security actively, which includes actively checking the lists that are all over the web to make sure nobody is poisoning them (and this is what signature hash keys for lists are for, with time stamps and possibly with expiration dates).
  How about expiration dates on fingerprint lists?
  Any new ideas, as long as it's not relying on centralized signing authority.
  
  --
  You can't handle the truth.
22. Re:Self Signed Certificates by roman_mir · 2011-09-07 05:26 · Score: 1
  
  Well, in a marketplace of ideas any idea has the right to exist. I don't see why lists cannot be implemented, tried and tested if anybody cares to try of-course.
  But you are not providing any reasoning to your statement. Why are distributed lists not a good idea? If the lists are distributed, time stamped and hash keys are created, hash keys are distributed and lists have expiration dates. The site operators would have to verify the lists out there periodically. Maybe torrent like way to distribute lists.
  Come on, think outside of this box that we are in. There has to be a competing way to do identity authentication.
  
  --
  You can't handle the truth.
23. Re:Self Signed Certificates by nedlohs · 2011-09-07 05:28 · Score: 1
  
  Your browser sets of alarm bells when you go to http://www.mybank.com/?
  You must love bells!
24. Re:Self Signed Certificates by roman_mir · 2011-09-07 05:30 · Score: 1
  
  I left a few replies in this thread, so it's a PITA to repeat the same thing over again. Distributed, cross checked lists, time stamped with expiration dates, hashed and keys distributed. Torrent like system to distribute list. Site operators checking existing lists for poison. There are many things that can be done by browsers to see if the self signed certificate indeed belongs to the issuer. Staying with the status quo is only acceptable to the CAs, not to users and over time the situation will get worse, as governments will want more and more access to your private data and CAs will be compelled to provide them with ways, so probably more and more CAs will be the points of security failure just like the ones in the stories as of late.
  
  --
  You can't handle the truth.
25. Re:Self Signed Certificates by Sloppy · 2011-09-07 05:35 · Score: 1
  
  Why should I trust your list?
  For the same reason that you trust GlobalSign's list, whatever that may be. With a couple exceptions:
  1) Unlike faceless names like GlobalSign, the person issuing such a list may be someone you actually meet and/or can get to know. So the lower bound of trustworthiness is the same as GlobalSign's, but the upper bound is unlimited.
  2) The assertions provided by the list's publisher are a little less risky to accept, because the list publisher is claiming less. The list publisher is claiming they have seen various identities use certain fingerprints in the past, whereas GlobalSign says something stronger: that they have verified the identities associated with certain fingerprints. Since it's a weaker assertion (analogous to the "I have not checked at all (1)" level of certification under OpenPGP), its failure is less catastrophic, so it's an improvement to the overall security of the system.
  And if you're not thinking in terms of "improvements" and degrees of security (and instead you evaluate each statement of identity as "This is probably a fraud attempt" or "this is definitely secure and I can completely trust it") then you're not facing real life and actually working on the problem, yet.
  
  --
  As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
26. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 05:37 · Score: 0
  
  Certificate Patrol: http://patrol.psyced.org/
27. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 05:41 · Score: 0
  
  Do you, yourself, have any idea what you are saying?
28. Re:Self Signed Certificates by Qzukk · 2011-09-07 06:11 · Score: 1
  
  There's also Perspectives which asks "notary servers" what certs they've seen at that site over time so you can compare what other people are seeing. Of course, this requires that you be able to reach a notary server outside of your network, which may not always be possible.
  
  --
  If I have been able to see further than others, it is because I bought a pair of binoculars.
29. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 06:12 · Score: 0
  
  Exactly.
  Let people chose to trust the site/organization that they choose.
  Instead of a chain of unknowable nobodies that they don't.
30. Re:Self Signed Certificates by plover · 2011-09-07 06:16 · Score: 1
  
  That's a problem I think the banks have a duty to tackle. They simply shouldn't do business without SSL. Plaintext connections should go first to a visible redirector saying "don't be such a dumb ass, always type 'https' when accessing any bank's web site" (OK, maybe more polite.)
  
  --
  John
31. Re:Self Signed Certificates by roman_mir · 2011-09-07 06:19 · Score: 1
  
  if you show them a fingerprint, they wouldn't know what to do
  - well, people don't know how to use their GPS in their cars either, but they are still using them. It's not that hard for a bank to put a statement on the front page:
  
  To make sure you are really on our site compare this number: 43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 to the fingerprint in your Internet browser address bar.
  
  Browsers treat self-signed with suspicion because anyone can self-sign a certificate and they won't prove
  - you can't prove that you are on HTTP site either, that doesn't cut it as an explanation for this duality in behavior. I wonder how much CAs pay browser development teams to add them to the CA lists.
  
  CAs earned their trusts by passing a real audit
  - I disagree. I don't trust any CA or whoever "audits" them. They didn't earn MY trust. That's the only trust that's important when I am browsing.
  
  guarantees a minimum of security
  - this makes no sense. I actually trust CAs less than I trust self signed certificates, because CAs are an easy target for government intervention into the security chain.
  
  you describe a scheme of distributed CAs as a great alternative. We have now come full circle and returned to certificates checked against CAs.
  - nope.
  I never said that you must be a CA to host a list. I never said that you must prove yourself to be ANYTHING to host a list. In fact I am talking about multiple lists just being distributed via torrents. Some may be distributed via whoever wants to be seeing a distributer. Lists need to be checked actively by the site operators to make sure the data is right, and site operators can distribute their own lists. I am talking about a vote on security, not a central authority of any kind.
  
  But nothing self-signed, that would be a nightmare.
  - the nightmare for me is some third party signing a certificate for somebody else based on some authority they bought. This third party is a target for all sorts of intervention by all sorts of powers and money interests and that's the real nightmare.
  
  --
  You can't handle the truth.
32. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 06:26 · Score: 0
  
  So it's security by the most votes via the global web of the Eternal September...
  Ever heard of compromised systems, maybe even done automatically - called botnets? Or by other even more sophisticated systems such as a political campaign?
  Get a clue. That idea is just downright stupid and scary.
  But mostly stupid.
33. Re:Self Signed Certificates by GameboyRMH · 2011-09-07 07:08 · Score: 1
  
  The problem with spreading lists around is that it requires creating another messy system that requires trust in some authority - the one compiling the list. The same way someone could intercept the website serving your Linux distros and give you an infected one, with a matching hash so it still looks A-OK, someone could intercept the list and the corresponding hash. It's a lighter version of the same kind of mess we've had with CAs.
  Using torrents to distribute the list would at least prevent sabotage, if the torrent file can be handed out securely, but that's just clustering the requirement for trust at the pinnacle of the "trust pyramid" - and also creating a single weak point that can compromise the whole system.
  Actually after just writing that I had an idea. The site distributing the list could be hosted on a darknet like an .onion site. This would make the pinnacle of the pyramid much harder to subvert or impersonate, and now the only point of trust required from the client side is that the correct darknet site and public key are embedded in the browser (which could be verified on any open source browser).
  Now from the administration side, if a site wants to register info on their public key on this identity list, here is a process that could be used that prevents impersonation:
  1. The site owner puts a file on their site, following a filename convention, that contains the line that will be added to the identity list. A part of this information is a string and a hash, let's call this string A and hash H.
  2. The site owner sends a PGP-encrypted email to the darknet site, originating from a registered MX IP for the domain, containing only string B. StrongHashFunction(String A + String B) = Hash H, else the darknet site doesn't process the request. This way it's only possible to impersonate a site if you've taken full control of the server - a much bigger problem anyways. So, if everything checks out, the darknet site uses the info it retrieved (via HTTPS connection) to add a line to the identity list.
  DNS hijacks alone will become useless since the identity is checked for every site before a secure connection is made to send confidential information - they'd need the SSL private key that matches the public key to make any sense of the data that comes in, so without that a DNS hijack is useless and an SSL connection can't be established.
  So, weak points:
  1. The darknet site hosting the identity list: This is the single point of blind trust in this system, the integrity of the site itself. It would have to be locked down with paranoid security and in the control of a trusted party. But at least this trust can be easily verified, if a site operator finds that their identity info on the site is wrong they can cry foul.
  2. It would be impossible to fully trust closed-source browsers - but that is an inherent and unavoidable problem we have even today.
  It's still a lighter version of the same problem we've had with CAs but I've lightened it up much more. Verifying identity without sending out-of-band information will always require some trust unfortunately. You can detect MITMs without trust but not verify identity.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
34. Re:Self Signed Certificates by fredan · 2011-09-07 07:45 · Score: 1
  
  Distributed, cross checked lists, time stamped with expiration dates, hashed and keys distributed
  
  DNS?
35. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 08:07 · Score: 0
  
  That trust may be misplaced, but that's a different issue.
  Is that phrase the new "left as an exercise for the reader"?
36. Re:Self Signed Certificates by roman_mir · 2011-09-07 08:12 · Score: 1
  
  Exactly, I mentioned DNS in this thread.
  
  --
  You can't handle the truth.
37. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 10:37 · Score: 0
  
  I now know why there is number 502 attached to your nick. You keep posting the same stupid shit over and over, getting moderated down and can't post again, so you keep coming up with numbered nicknames, you've been doing it for hundreds of accounts here.
  You are dissolved in your accounts, your accounts and your faceless self are now one and the same. You can't escape the magnetism, you are obsessed with posting under hundreds of accounts on this site.
  You are the very essence of nothing, snap out of it or kill yourself.
38. Re:Self Signed Certificates by Anonymous Coward · 2011-09-07 11:40 · Score: 0
  
  seek psychiatric help or put that firearm of yours right into your own mouth and blow you idiotic brains out, nobody misses you, you have no wife or kids or dogs, it's only /. day in, day out, /.
39. Re:Self Signed Certificates by arose · 2011-09-07 15:59 · Score: 1
  
  Yeah, yeah, and for convenience, let's sign these lists with a set of high level keys and distribute them along the software used to check it. Sounds like a good plan, have you proposed it to browser vendors yet? I'm sure they aren't doing anything remotely like that.
  
  --
  Analogies don't equal equalities, they are merely somewhat analogous.
40. Re:Self Signed Certificates by Kalriath · 2011-09-07 16:34 · Score: 1
  
  To make sure you are really on our site compare this number: 43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 to the fingerprint in your Internet browser address bar.
  Um, if you've been MitM'd, all the hacker needs to do is change that text during transit. Your suggestion does not, at all, add any security.
  
  --
  For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
41. Re:Self Signed Certificates by roman_mir · 2011-09-07 20:04 · Score: 1
  
  Well, in my case I distribute my site information to the customers in print, and I have instructions on how to accept the self signed cert., and the keys are all in the brochure. That's just one way. Obviously I left multiple comments in this thread talking about distributed lists transfered even via torrent like transport, coming from different locations and compared to each other, signed with hash keys, having expiration dates and being checked by site operators.
  Any way towards removing the central signing authority needs to be looked at.
  
  --
  You can't handle the truth.
42. Re:Self Signed Certificates by muckracer · 2011-09-07 20:53 · Score: 1
  
  > Untrusted CAs aren't included in the web browser
  I LOL'ed! :-D
43. Re:Self Signed Certificates by muckracer · 2011-09-07 20:59 · Score: 1
  
  > Why should I trust your list?
  Why should you trust your (browser's) list of CA's?
Its not difficult by jzilla · 2011-09-07 04:02 · Score: 1

steps to securing a CA.
1- unplug CA from network.
2- done.

If your CA is accessible via a network you sure not be running a trusted CA.
1. Re:Its not difficult by Anonymous Coward · 2011-09-07 04:11 · Score: 1
  
  Uh, I see a minor flaw in your plan. Think it over a for a bit, I'm sure it'll come to you.
2. Re:Its not difficult by Anonymous Coward · 2011-09-07 04:19 · Score: 0
  
  I have thought it over.
  You physically copy the certificate request to the signing computer by floppy disk or flash drive or similar method and copy the certificate back the same way.
3. Re:Its not difficult by DarkOx · 2011-09-07 04:37 · Score: 1
  
  Sounds nice, but how do you know the CSR is valid? Air gaping the CA might work for your home or business but its no good for commercial CA provider. They get thousands of CSRs everyday.
  Do you expect them to individually transfer them or do thing they might um do it in batch? So lets suppose I break into the processing system and stick a few of my own CSRs in there and mark them in the database as validated or whatever, your monkey at the CA is going to dump those CSRs along with all the legit ones to the floppy, sign them and load the responses back to the processing system.
  Boom, I still have fraudulent certs.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
4. Re:Its not difficult by vlm · 2011-09-07 04:39 · Score: 1
  
  I have thought it over.
  You physically copy the certificate request to the signing computer by floppy disk or flash drive or similar method and copy the certificate back the same way.
  I think he's getting at, how do you upgrade Debian's openssl package if its not on the net... Well, there are ways around that, again involving flash drives and such...
  
  --
  "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
5. Re:Its not difficult by Anonymous Coward · 2011-09-07 04:49 · Score: 0
  
  > but its no good for commercial CA provider. They get thousands of CSRs everyday.
  Then they are too big and deserve to die.
6. Re:Its not difficult by Anonymous Coward · 2011-09-07 04:51 · Score: 1
  
  I think he's getting at, how do you upgrade Debian's openssl package if its not on the net... Well, there are ways around that, again involving flash drives and such...
  You update from CD only when there is a vulnerability that affects you. The packages are signed for a reason.
  While this is not absolutely secure (sure somebody could MITM the debian download and compromise some debian developer's gpg key) at this point it's cheaper to physically break down the door.
7. Re:Its not difficult by Anonymous Coward · 2011-09-07 05:57 · Score: 0
  
  What flaw?
  IMO browsers have built-in CAs keys to verify mybank.com identity. CA secrets are only needed during creation of an end user certificate and that can be done offline
8. Re:Its not difficult by arose · 2011-09-07 15:56 · Score: 1
  
  Tell me, how would Anonymous Coward's employees know what to sign? Maybe you could have some sort of infrastructure where people checking requests put the requesters public keys that need to be signed and the people operating the non-networked machine can copy them from there. Something that serves such a purpose would be necessary, a "server" if you will.
  
  --
  Analogies don't equal equalities, they are merely somewhat analogous.
Interesting - claims controls of 4 more CAs by Lieutenant_Dan · 2011-09-07 04:03 · Score: 1

From http://pastebin.com/85WV10EL
He mentions GlobalSign. I'm assuming DigiNotar is not in one four remaining? StartCom dodged this mess (good for Eddy!).
So there are possibly 3 more CAs that have been compromised. Which ones?
I do find it interesting that the fellow is going after the Dutch government for the Srebrenica event. I wonder what he has in store for the Serbian government?

--
Wearing pants should always be optional.
If you have Diginotar stock, unload it by Anonymous Coward · 2011-09-07 04:11 · Score: 0

Not looking good.
OH NOZE !! by Anonymous Coward · 2011-09-07 04:50 · Score: 0

Whatever will GS do now ?? Probably the same as GS did before, only not collect any money. Soon, it will be back in business, selling stuff that doesn't obviously cost them anything at all !! I mean, if you pay protection money to the mob, they are suppose to protect you !! At least the mob you can trust !!
Without words... by cjcela · 2011-09-07 04:59 · Score: 1

All this shows that you cannot put a for-profit company in charge of data security for the entire world. Things are bound to get ugly. These people are either pathetic or criminal, and in either case they are into their business because of the money, not because they care about the mission they have been trusted with. The amount of damage they can inflict to individuals, governments, and companies is immense. Somehow we must have strict international regulations about how the issuing of certificates is handled, how the internal security of the company is handled, and the entities responsible for them should be under constant public scrutiny and accountable; it makes no sense that a company that produced hundreds of fake certificates is still allowed to continue to operate. Ultimately, I agree with some of the other comments: security has to somehow be distributed, nor centralised. I would also add, figure the way to take the money out of the equation. Make it mandatory for all certificate authorities to be non-profit, and conduct periodic public audits, published on the Web. Then, you will need more than one company/person/site to be corrupted or compromised for things to go wrong, and hopefully, if there is any grey business going on, someone will spot it quickly enough.
Related... by bmo · 2011-09-07 05:20 · Score: 1

I just got an update for Ubuntu's xulrunner (a part of firefox) that labels all DigiNotar certs as untrusted.
The shunning of DigiNotar is beginning. As it should.
Anyone know how I can label all DigiNotar certs bad in Chrome or similar?
--
BMO
1. Re:Related... by bmo · 2011-09-07 05:32 · Score: 1
  
  I said:
  >Anyone know how I can label all DigiNotar certs bad in Chrome or similar?
  Follow up.
  In Chrome.
  >Preferences
  >Under the hood
  >SSL
  >scroll down until you see DigiNotar
  >click Edit
  >uncheck "trust this for...."
  Done.
2. Re:Related... by Anonymous Coward · 2011-09-07 07:36 · Score: 0
  
  I just got an update for Ubuntu's xulrunner (a part of firefox) that labels all DigiNotar certs as untrusted.
  The shunning of DigiNotar is beginning. As it should.
  What shunning?? If a CA key is compromised, you stop trusting it, and therefore anything signed by it. That's how the system is SUPPOSED to work. It's not punishment. Punishment would be not trusting their future root keys until they submit to strict audits.
  There's so many people whining about chains of trust here that don't understand how they work.
3. Re:Related... by aztracker1 · 2011-09-07 07:54 · Score: 1
  
  An update already did that for most users.
  
  --
  Michael J. Ryan - tracker1.info
Virus protection software by jweller13 · 2011-09-07 05:33 · Score: 1

On a somewhat related point. How many IT Admins believe the various symantec, mcafee, whatever virus protection software in and of themselves excel at preventing new viruses from infecting computers. Raise your hand. In a security conference I just attended when asked that question literally no one in the room raised their hand.
So we should ban GlobalSign too? by guruevi · 2011-09-07 07:50 · Score: 1

Anyone with any guidance on WHAT happened? If the CA authority has suspicions, they should be as open as possible about it. We don't know what happened and I NEED to know (as I have people here that deal with sensitive projects and often travel into areas that have shown to be hostile towards privacy).

--
Custom electronics and digital signage for your business: www.evcircuits.com
GlobalSign = skype login by Anonymous Coward · 2011-09-07 08:26 · Score: 0

The Certificate Patrol addon for Firefox is showing that it has stored a GlobalSign nv-sa cert for login.skype.com in my cert cache.
It would be nice to know whether the cert is affected by this latest attack.
Wrong problem by Trogre · 2011-09-07 12:20 · Score: 1

Why should who signed the certificate make any difference? SSL should be only for establishing a secure channel between the two parties, not identification. For that we have DNSSEC.

--
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife