Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chinese CA Issues Certificates To Impersonate Google

Posted by Soulskill on from the doing-trust-wrong dept.

Trailrunner7 writes: Google security engineers, investigating fraudulent certificates issued for several of the company's domains, discovered that a Chinese certificate authority was using an intermediate CA, MCS Holdings, that issued the unauthorized Google certificates, and could have issued certificates for virtually any domain. Google's engineers were able to block the fraudulent certificates in the company's Chrome browser by pushing an update to the CRLset, which tracks revoked certificates. The company also alerted other browser vendors to the problem, which was discovered on March 20. Google contacted officials at CNNIC, the Chinese registrar who authorized the intermediate CA, and the officials said that they were working with MCS to issue certificates for domains that it registered. But, instead of simply doing that, and storing the private key for the registrar in a hardware security module, MCS put the key in a proxy device designed to intercept secure traffic.

23 of 139 comments (clear)

  1. The Web of trust only works by Virtucon · · Score: 5, Insightful

    When we all agree to the same rules.

    --
    Harrison's Postulate - "For every action there is an equal and opposite criticism"
    1. Re:The Web of trust only works by Feral+Nerd · · Score: 3, Informative

      The Web of trust only works ... When we all agree to the same rules.

      The CA system is broken.Trusting many different CAs has proven to be a bad idea since any CA can issue a certificate for any domain name they please like these guys did plus the fact that many CAs have suffered serious security breaches. What we've needed for years is some sort of DNS like system for certificates where certificates can be revoked and the action will be cascaded through the entire net quickly like domain name changes. There even have been proposals to use DNS for this purpose which as far as I understand it would render CAs redundant. Under the current system Google can only remove the certificates from the CA Root lists Google controls if the bad certificates have made it into those, and politely request that others who maintain CA Root lists do the same. I can only theorise that CA reform has proven problematic since implementing such a system would be taking a bowl of soup from the cauldron of certain set of people who have an interest in maintaining the old system and have resisted reform. I can't imagine any other reason why the certificate system hasn't been changed.

    2. Re:The Web of trust only works by blippo · · Score: 3, Interesting

      It's a bit of a scam from the beginning. I remember almost 20 years ago I asked where the safety was in that we had to shell up a relatively large sum of money to some unknown company on the other side of the world, so that they could "verify" our identity (how exactly?) - just because they had bought (?) a place in Netscape's or Internet Explorer's root CA list.

      Since there are so many certificate authorities it's safe to assume that too many are compromised by- or under the influence of- criminal organisations or non-democratic and/or corrupt governments. (Ignoring the just-for-lulz hackers, I'm not that worried about them.)

      I really wished PGP/GPG-style trust chain model worked in real life, but it's a hassle even for techies.

      One idea would be to utilize the existing social networks + phones for something, but I doubt it would be possible to build something that is idiot-proof enough.
      (Especially since a lot of people seems to have no idea who some of their contacts actually are...)

      It could potentially solve email too though.

    3. Re:The Web of trust only works by Anonymous+Brave+Guy · · Score: 4, Insightful

      Trusting many different CAs has proven to be a bad idea

      Trusting any one of many different CAs has obvious vulnerabilities, as this case demonstrates (and it's not exactly the first time the problem of an untrustworthy CA has been observed in the wild). The current CA system isn't really a web of trust, because it ultimately depends on multiple potential single points of failure.

      One way or another, in the absence of out-of-band delivery of appropriate credentials, you have to trust someone, so I suspect the pragmatic approach is to move to a true web-of-trust system, where you trust a combination of sources collectively but never trust any single source alone, and where mistrust can also be propagated through the system. Then at least you can still ship devices/operating systems/browsers seeded with a reasonable set of initial sources you trust, but any single bad actor can quickly be removed from the trust web by consensus later while no single bad actor can undermine the credibility of the web as a whole. Such a system could still allow you to independently verify that the identity of a system you're talking to via out-of-band details if required.

      --
      If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
  2. Are the CAs that do this revoked? by QuietLagoon · · Score: 5, Interesting

    Or at least their certs removed from valid CA Root lists that, for example, Mozilla uses. If not, why not? A trust has been breached.

    1. Re:Are the CAs that do this revoked? by BenJeremy · · Score: 5, Insightful

      THIS.

      Make an example out of them, at the very least. I doubt MCS or CNNIC will do anything to disengage themselves from the Chinese government (Most likely culprit here). Revoke their authority and put an end to this nonsense.

    2. Re:Are the CAs that do this revoked? by gnasher719 · · Score: 5, Interesting

      It seems that you are right. It very much looks like there was a genuine Certificate Authority behind this, and that means an Internet death sentence needs to be issued - removing that Certificate Authority from the root certificates of Windows, MacOS X, iOS, Android, Linux etc.

    3. Re:Are the CAs that do this revoked? by RelaxedTension · · Score: 4, Informative

      Yup, same as DigiNotar. This company is no longer trustworthy, regardless of if this happened on purpose, or due to being incompetent.

    4. Re:Are the CAs that do this revoked? by Anonymous Coward · · Score: 5, Insightful

      So are we going to revoke Verisign's root CA certificate (and screw up the millions of websites that use their certs) when we eventually find out that the NSA strong-armed them into doing the same thing?

    5. Re:Are the CAs that do this revoked? by Holi · · Score: 5, Insightful

      If we are serious about trust then yes, otherwise this isn't the beginning of the end, it's just the end. If the cert's cannot be trusted and we are not willing to take the steps to preserve that trust then the whole internet economy goes poof.

      --
      Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
    6. Re:Are the CAs that do this revoked? by sexconker · · Score: 5, Interesting

      We should. We won't.

      A system built around certificate authorities is broken by design. Self-signed certs are much more secure than anything stamped by a CA.
      And can we start using client certs, please? I should be able to walk into my bank and hand them a unique cert that they attach to my account and use for verification. Additionally, I should be able to request a unique cert on their end that they use only for my account so I can do my own verification.
      Since this is all self-signed shit, it can be easily automated.

      For revocation, all either party has to do is stop using/trusting the cert. No one can regenerate the bank's unique cert that I trust because there is no authority with that power. No one can regenerate mine. If the bank wants to issue a new cert, I have to go in and get the new cert and trust it. You can dumb down your trust if you want - the bank could mail you the cert, mail you a letter saying it's going to be changed, post the thumbprint of the cert on their site, to their support phone line, whatever. If I want to issue a new cert, I have to get them to trust me in a similar fashion.

      Doing it this way is more work, but you have ACTUAL trust, negotiated equally by both parties. You can choose convenience over security if you want, but you're not subject to some government/CA MITMing everything on a whim.

    7. Re:Are the CAs that do this revoked? by Ted+Stoner · · Score: 3, Interesting

      I am annoyed that Firefox does not respect my choices for trusted certs when it does an update. Every time FF updates I go in an un-trust certs from CAs from foreign countries (China, Turkey, etc.). But after the next update, they are back. This is not a secure way to operate.

    8. Re:Are the CAs that do this revoked? by arth1 · · Score: 4, Interesting

      The irony here is that Google wants https with chain-of-trust certificates, and advocate https, and without self-signed certs harder than anyone. Now it comes back to bite Google's own derriere.

      The reason they want https (or SPDY or HTTP/2.0) everywhere isn't our best interest, but because you can't easily hide behind caching proxy servers, giving them better fingerprinting as well as a higher hit count on ads.

      When I have to go to Google, I go to the non-redirecting http page they have hidden.
      My personal privacy is worth more to me than the risk of a 3rd party listening in on my searches (other than the three letter agencies who already listen in).

  3. Re:Google wants a monopoly... by Shoten · · Score: 5, Insightful

    ...on processing of your private information. It is in its interests to make sure everything is secure until the moment it reaches their servers.

    And if you live there, China wants a monopoly on knowing your private information...plus incarcerating you and even killing you to harvest your transplantable organs should it find that it doesn't like something it learns about you. Like that you think Tibet should be free. Or if you worship the wrong god.

    Please do try to keep a sense of perspective?

    --

    For your security, this post has been encrypted with ROT-13, twice.
  4. One-sided relationship by Tablizer · · Score: 4, Interesting

    Please explain why we offer nearly tariff-free trade with such a prick country? They bleep with US entertainment companies, networking companies, search companies, etc. etc.

    --
    Table-ized A.I.
    1. Re:One-sided relationship by nitehawk214 · · Score: 4, Insightful

      Because American voters can't see past the end of their noses. If congress enacted laws that increased prices on their Wallmart goods, they would be voted out so fast. Coupled with this the fact that the lobbies of corporations want to keep the status quo that keeps them rich.

      --
      I'm a good cook. I'm a fantastic eater. - Steven Brust
    2. Re:One-sided relationship by gstoddart · · Score: 3, Insightful

      And, so what?

      American spy agencies fuck with everybody else on the planet. Are you laboring under the belief you are special little flowers or something?

      On behalf of the rest of the world, listening to Americans complain about what the Chinese are doing is pathetic.

      Because you don't seem to give a shit about how we feel about you spying on us.

      --
      Lost at C:>. Found at C.
    3. Re:One-sided relationship by gstoddart · · Score: 3, Interesting

      Oh, well, if it's commerce it's magically exempt and everybody will know it's divine and protected by god, right?

      Sorry, but do you expect us to use the US wouldn't use spying for commercial advantage if they had a chance? Or that they don't? Or that they restrict how they spy on everybody else int he world?

      The difference between the US government saying "We can break into any system we want" and the Chinese government saying "We can break into system we want" is the self entitled nature of the person who says they're different.

      These two are exactly the same. Claiming otherwise is just exceptionalism. It's just one government hacking security for their own ends.

      To everyone who is neither American nor Chinese, you're both convinced magical unicorns give you the right to do as you please.

      --
      Lost at C:>. Found at C.
  5. At what point do we stop playing? by tekrat · · Score: 5, Interesting

    Sooner or later, greed trumps useability. Companies are going to screw one another over in attempts to dominate. We, the users of the internet, lose when these entities play their games on one another, and sooner or later we are going to take to take our marbles and go home -- it's not worth it to play.

    I feel we have already reached this state; between the NSA essentially hacking every router as it leaves the factory to China issuing false certs to Google putting their own interests at the top of every search, it seems that the time has come to either consider some international organization to regulate the internet, or abandon TCP/IP and start again with a whole new internet based on something else. Clean sheet.

    The way we are currently headed will breed a cesspool of an internet you can't trust for anything -- so why would you use it for shopping, news, banking, or any other activity if you KNOW that every single time you do, you will regret using this medium for anything?

    If Amazon, Google, CNN, and heck even Facebook want to stay in business, they need to learn to stop fucking around with their users, because I've essentially had it, and I'm guessing that I cannot be alone in my disdain and distrust of what has become of an internet I used to like.

    --
    If telephones are outlawed, then only outlaws will have telephones.
    1. Re:At what point do we stop playing? by cavreader · · Score: 3

      Oh yes another International organization. The current ones have such a wonderful track record. Maybe the UN can take over the internet regulations.

  6. Bet the US can as well ... by gstoddart · · Score: 3, Insightful

    Can't pretty much any high enough level certificate authority issue any damned certificate it wants?

    You think America or any other country can't do this stuff? You think they don't?

    Sorry, but when every other damned nation is spying and lying, WTF difference is it when China does it? You don't get to pretend it's OK for one country but not another.

    Until we start designing stuff which is inherently more secure, and which doesn't have back doors for government .. this is the state of security. You may or may not have it, you have no control over that fact.

    America doesn't want people to bypass their spy apparatus any more than China does. Let's not pretend this is any different.

    --
    Lost at C:>. Found at C.
    1. Re:Bet the US can as well ... by SuricouRaven · · Score: 4, Insightful

      The big difference is that China got caught. I'm sure the US has this capability too - but they use it only in targeted intercepts, so as to maintain deniability.

  7. Revoke the certs by Imagix · · Score: 5, Insightful

    At a _minimum_ MCS's rights need to be revoked. There needs to be an independent audit of any cert that CNNIC has issued _at CNNIC's expense_, and of their operations (both CNNIC, and the organizations to which they've issued certs), or CNNIC should have its rights revoked as well. MCS is completely untrustable, and CNNIC has to prove that they are currently trustable. CNNIC's operations need to be audited or they may just turn around an issue a new cert to MCS. (Or "MCS" with a new name)