Forgot your password?
typodupeerror
Security IT Apple

Apple Criticized For Not Blocking Stolen Certs 154

Posted by samzenpus
from the I-am-disappoint dept.
CWmike writes "A security researcher is criticizing Apple for lagging with its response to the DigiNotar certificate fiasco. He is urging the company to quickly update Mac OS X to protect users. 'We're looking at some very serious issues [about trust on the Web] and it doesn't help matters when Apple is dragging its feet,' said Paul Henry, a security and forensics analyst with Lumension. Unlike Microsoft, which updated Windows on Tuesday to block all SSL certificates issued by DigiNotar, Apple has not updated Mac OS X to do the same. Meanwhile, even Mac OS X users who want to go DIY are stymied, reports Bob McMillan, because the OS can't properly revoke dodgy digital certificates."
This discussion has been archived. No new comments can be posted.

Apple Criticized For Not Blocking Stolen Certs

Comments Filter:
  • Not just Apple... (Score:4, Interesting)

    by Amarantine (1100187) on Friday September 09, 2011 @02:49AM (#37348838)

    At the request of the Dutch government, Microsoft is delaying the update in the Netherlands (home of DigiNotar) until next week, to avoid confusion (and to buy the government more time to roll out new certs).

    I feel much safer now, knowing our government has the power to stop Microsoft from rolling out security updates in a country.

    • by mwvdlee (775178)

      Yup. Much better to just shut down the government for a few days than to not overreact to an already fixed security issue.

      • by sjames (1099)

        Apparently it;'s NOT a fixed security issue if you use IE in the Netherlands. It WOULD be fixed if the certificate were removed.

    • Re:Not just Apple... (Score:5, Informative)

      by Golthar (162696) on Friday September 09, 2011 @02:54AM (#37348856)

      At the request of the Dutch government, Microsoft is delaying the update in the Netherlands (home of DigiNotar) until next week, to avoid confusion (and to buy the government more time to roll out new certs).

      I feel much safer now, knowing our government has the power to stop Microsoft from rolling out security updates in a country.

      I'm in the Netherlands and I got the patch just fine.
      Must be because I use the English version of Windows

      • by Zeikzeil (1099785)
        Even on some computers that run Dutch versions of WIndows the patch got installed apparently. MS called it an error. I call it not honoring an agreement. Not that I think this agreement was a good idea to begin with.
        • That Microsoft was looking out for customer's interests rather than governments? I would think this should be applauded.

          • by Zeikzeil (1099785)
            Don't get me wrong, I agree. the one time MS acts quickly someone asks them to hold. I think MS should not have agreed to it. That's why I said the agreement wasn't a good idea to begin with. The Dutch government should hurry to get new certificates in place, not ask MS to put the patch on hold.
    • by Anonymous Coward

      Not really. The Dutch government asked Microsoft the same thing that it asked Mozilla: not to block the Staat Der Nederlanden Root (yet), of which DigiNotar was one of the partners. The Fox-IT audit did not find any evidence of fraudulent certificates under this root, so there no clear and present danger for these certificates.

      That said, the root certificate will be invalidated anyway. The government is only asking for more time to do so. We're talking about renewing some 10,000 certificates btw, and granti

      • Re:Not just Apple... (Score:4, Informative)

        by dingen (958134) on Friday September 09, 2011 @05:06AM (#37349308)

        The Fox-IT audit did not find any evidence of fraudulent certificates under this root, so there no clear and present danger for these certificates.

        That is old information. The Dutch government only asked Mozilla to not block their root while the Fox-IT audit was still in progress. But by the time it was finished, it could not be proven the Staat Der Nederlanden CA was clean, so they then gave up on DigiNotar entirely and gave Mozilla the OK to block everything.

    • by im3w1l (2009474)
      Why couldn't they just whitelist the most critical, known-legit, certs instead?
      • What I don't understand is why in hell the browser simply doesn't ask before trusting any cert encountered? Sure it might be like the damn cookie question (allow/deny) 40-50 times for a single website but wouldn't this at least be a practical check as the only ones that need to be trusted by default are the Root certs.

        In my case, I've set all certs to untrusted status and enabled those few exceptions to policy that I actually encounter as there are very few websites where I actually see SSL certs in use. Ri

    • by daem0n1x (748565)

      I feel much safer now, knowing our government has the power to stop Microsoft from rolling out security updates in a country.

      Better than the opposite. I trust governments more than corporations. Governments are (still) elected and accountable before their citizens

      Of course, unless you're an anti-government fanatic libertarian nut-job.

      • by S.O.B. (136083)

        Unfortunately Slashdot is populated by equal numbers of each extreme so no matter what you say there will be someone waiting to obnoxiously inform you of your error.

      • by Toonol (1057698)
        Better than the opposite. I trust governments more than corporations. Governments are (still) elected and accountable before their citizens

        And that sums up the difference between your political ideology and mine in a succinct little package. I trust corporations more than governments; corporations aren't allowed to jail and kill you.
        • by daem0n1x (748565)

          corporations aren't allowed to jail and kill you.

          So naive. What about Blackwater?

          Anyway, my government is not allowed to kill anyone. Yours is, because most of your people support it.

    • I feel much safer now, knowing our government has the power to stop Microsoft from rolling out security updates in a country.

      I doubt they have "the power" so much as common courtesy. I bet the exchange went something like this:

      Microsoft: "We're going to push out an update to block DigiNotar certificates soon."
      The Dutch: "Hey Microsoft, most of our government infrastructure uses those certs. Our IT staff is pretty backed up right now. Can you delay the release a week for the Dutch version?"
      Microsoft: "Sure."

      Microsoft could have refused, if they wanted to be dicks about it, and the Dutch gov probably could have threatened some s

  • FUD (Score:3, Funny)

    by Anonymous Coward on Friday September 09, 2011 @02:51AM (#37348844)

    These certs are blocked on all Apple equipment and always have been. Anyone getting the certificate accepted is obviously holding it wrong.

    • by oobayly (1056050)

      Why anonymous? I very nearly had coffee on my monitor because of that.

      • Why anonymous? I very nearly had coffee on my monitor because of that.

        Let me guess: he's American, you are not. Causing coffee on a monitor is reason to sue.

  • Reality (Score:5, Funny)

    by mcrbids (148650) on Friday September 09, 2011 @02:53AM (#37348850) Journal

    Somewhere deep in Silicon Valley, a programmer is looking at a comment something like this:

    /*******
    FIXME: WTF Hack here. CRLs require authentication of being revoked, but we never bothered to check the callback of the revoke. Maybe if we bothered to have a revoke infrastructure? For now, we'll just not bother fixing this until 10.1 or 10.2.
    ******/
    return true;

    • by alannon (54117)

      If you read the article, you would learn that this isn't the case. It's pretty clearly a bug (not a missing revocation infrastructure) since the problem only occurs on Extended Validation certs. Otherwise, the revocation works as it should.

      • by HiThere (15173)

        You sound like you know what you're talking about. But what's an "Extended Validation cert."? To me it sounded like a browser problem, but I'm NOT informed in that area.

        • by alannon (54117)

          An Extended Validation certificate is one that includes information indicating that a specific legal entity (person, corporation) has been confirmed as being the owner of the certificate, rather than just in control of a particular domain. In modern browsers that understand this extended information, you will often see the name of the corporation next to the 'lock' icon.

          • by HiThere (15173)

            You mean this story is about Apple deciding that you can't decide that you don't trust someone who you can identify?

            That's grotesque! I frequently decide that someone in particular (rather than someone I can't identify) is untrustworthy.

  • by wvmarle (1070040) on Friday September 09, 2011 @02:55AM (#37348858)

    The biggest issue that has come to light here imho is that it's nigh impossible to revoke an issued certificate. When a certificate is out, and it's signed by a trusted CA, there is basically no way to revoke it. Revoking involves updating browsers, or even complete operating systems (like Windows or OS-X). Just because one CA made a small mistake, got hacked for whatever reason, and the whole world has to update their software.

    Errors will be made. Certificates will be issued erroneously by a CA, or through hacking. Certificates will be lost/stolen. But for some reason there is no proper way in the whole system to fix that kind of errors. If we let it be, it's just a matter of time before the whole system crumbles and nothing can be trusted any more.

    Any thoughts on this? Any ideas on how this could be fixed?

    • The major browsers support OCSP. The technology exists, whatever the practical problems are in using it.

    • by slimjim8094 (941042) <slashdot3@justconnected . n et> on Friday September 09, 2011 @03:13AM (#37348932)

      Certificates can be revoked by putting them on the certificate revocation list [wikipedia.org]. The OCSP [wikipedia.org] protocol is analogous. Here, try it yourself: http://validation.diginotar.nl/ [diginotar.nl] - get an OCSP client (IE7+, FF3+, Chrome, etc do it automatically) and try to authenticate any of the fraudulent certificates.

      Somebody getting a hold of the private keys for the CA itself is a bigger problem - keys can be signed by the attacker faster than they can be revoked. I haven't heard that that's the case - just that fraudulent certs were made, presumably through the same semi-automated process that everybody else uses.

      I don't know if there's a way to revoke a CA cert (that is, *all* certificates signed by a certificate). But that doesn't seem to be required here, so the standard revocation procedure works.

      • by pankkake (877909)

        Welcome to the Diginotar OCSP Service. To use this service, please use compatibel client software. Thanks.

        Why did we ever trust these guys?

      • by wvmarle (1070040)

        Certificates can be revoked by putting them on the certificate revocation list [wikipedia.org]. The OCSP [wikipedia.org] protocol is analogous. Here, try it yourself: http://validation.diginotar.nl/ [diginotar.nl] - get an OCSP client (IE7+, FF3+, Chrome, etc do it automatically) and try to authenticate any of the fraudulent certificates.

        OK sounds cool. I can't be bothered to try it out myself, I'll take your word for it. But if there's such a revocation system, why do we still need browser or even OS updates to deal with this issue??

        • I can't be bothered to try it out myself, I'll take your word for it

          if there's such a revocation system, why do we still need browser or even OS updates to deal with this issue??

          Probably because people are too trusting, and never bother to test that OCSP works..

          • by wvmarle (1070040)

            I can't be bothered to try it out myself, I'll take your word for it

            if there's such a revocation system, why do we still need browser or even OS updates to deal with this issue??

            Probably because people are too trusting, and never bother to test that OCSP works..

            Do you check the Linux kernel for back doors? Or any other software that you use, like Firefox? I don't. Because I trust the community at large. Not a single vendor. I know there are people that make it their business to make sure there are no back doors in the kernel, or in Firefox, and that SSH has no bugs, and that SSL certificates are secure, and that CAs issue only valid certificates. The whole Diginotar issue came to light not thanks to Diginotar, but thanks to the community at large: security experts

            • Yes, but the joke was that the revocation system is in place, yet even someone who's asking about it can't be bothered to test it out and see if it works. Bugs won't get fixed if they're not noticed and reported.

              • by wvmarle (1070040)
                It is so obviously broken and utterly useless (if not: why would anyone need to install a software update to fix it?) that I really can't be bothered to manually try it out. It's useless. It doesn't do what it's supposed to do. Great that you can manually check a certificate there, but I've got better things to do with my time than manually checking all those certificates that I encounter.
                • by v1 (525388)

                  It is so obviously broken and utterly useless

                  if they happen to visit a site that uses the more-secure Extended Validation Certificates, the Mac will accept the EV certificate even if it's been issued by a certificate authority marked as untrusted in Keychain.

                  It's troubling that such a basic component of Internet security could have such an obvious flaw on the Mac, several security experts said Wednesday.

                  It's entertaining to watch the armchair quarterbacks at it, even the ones calling themselves "security ex

            • http://digitaloffense.net/tools/debian-openssl/

              Just saying...
      • by tjohns (657821)

        From what I understand, the Diginotor CRL isn't to be trusted at this point. Logs were deleted as part of the hack, and they're not completely sure which fraudulent certificates were issued.

        Their OCSP servers were modified to consider all certificates as revoked, except for those on a whitelist. This is the opposite of how OCSP usually works, and the correct approach in this situation. However, CRLs can only be used as a blacklist.

        Source: http://isc.sans.edu/diary.html?storyid=11512 [sans.edu]

      • by BZ (40346)

        CRLs and OCSP only work if you can reach the server they're hosted on.

        You could have systems fail hard on failure to reach such servers, but that gives the SSL parts of the internet single points of DoS failure, not to mention that some CAs run pretty flaky servers to start with.

    • > Any ideas on how this could be fixed?

      Take a walk to the trusty stonewalled bank not a 'firewalled' phony bank, don't buy a Mac, another FOSS victory btw..
    • by Anonymous Coward

      FF allows disabling certifiers and it runs on OSX and Windows:
          Preferences | Advanced | Encryption, View Certificates, scroll down to DigiNotar Root Certificate, press Edit and uncheck.

      It's a manual update, but no new browser or OS update. And it's supposed to be updated automatically-- I might have disabled it in About:Config

    • Why don't you just delete diginotar and comodo certs yourself? I mean, it's a trust relationship. If you, the user, no longer trust a notar, just delete it's certificate and find out which of your SSL connections no longer works or defaults to an unsecured connection. You can find and delete certificates in the prefs of some browsers. On OSX, it's the Keychain Util, of course.
      • by wvmarle (1070040)

        I just get an update from Ubuntu that blacklists Diginotar. So that part is done.

        Yet you're also one of those people that doesn't get the point. This kind of blacklisting should be done automatically, in real time, without needing to update software on a client computer. Now other comments mention that there is some automated system, yet the fact that these updates get so much attention and are presented as "the solution" tells me that that system is broken.

    • by hey! (33014)

      My thought is that it's probably impossible to patch the architecture of the certificate system in such a way that it:

      a) reliably rejects revoked certificates

      b) is transparent to users, performing quickly on valid certificates and never or very seldom rejecting them.

      c) covers all the use cases the certificate system is supposed cover

      d) doesn't require the user to understand the the certificate system and make sound judgments about when it can safely be bypassed.

      Covering the substantial majority of users in

      • d) doesn't require the user to understand the the certificate system and make sound judgments about when it can safely be bypassed.

        Doesn't the perspectives firefox plugin handle this? If that concept were included within the browser framework, it might add a secondary check to the top-down hierarchical (and thus critical-point-of-failure) of trusting CAs alone.

        • by hey! (33014)

          No it doesn't. It appears to implement a decentralized certificate architecture its authors consider a better than the standard, and in many use cases they're probably right.

          It's really a mixed bag with either architecture. Let's take the scenario where a corporate network has serious problems and it carved into separate islands disconnected from each other and the Internet. Both architectures fail, throwing the user back on his judgment, but in different ways.

  • by Anonymous Coward

    The problem lies with Safari not with OSX. Use a different browser. This is not an OS problem. I do wish Apple would get their finger out and fix it though.

    • No, it's an OS problem.

      On OSX Safari, of course, and I think FF, Opera, and Chrome, do not use their own root certificate list like on windows. They use the OS level keychain service for their encryption needs, whether it be form data or certificates.

      This has the advantage that changing the certificate trust value will affect all browsers on your system (that use the built-in encryption services), and other things that require certs (like VPN) and the disadvantage that, if it's not working correctly, will

      • by BitZtream (692029)

        No, it's an OS problem.

        The only problem is ignorant users. The OS does a fine job of revoking certs, if you know how to use the OS.

        You just revoke them in Keychain Access and they are revoked system wide. Open it, find your cert, mark it as never trusted. Takes about 8 seconds, I timed it.

        Anyone who thinks certificates can't be revoked in OSX is an idiot.

      • On OSX Safari, of course, and I think FF, Opera, and Chrome, do not use their own root certificate list like on windows. They use the OS level keychain service for their encryption needs, whether it be form data or certificates.

        No FF has its own list. However it only has "Delete or Distrust . . " as one option not two.

        • by nabsltd (1313397)

          No FF has its own list. However it only has "Delete or Distrust . . " as one option not two.

          It's actually two options that work differently depending on the type of certificate.

          If the cert was built-in to Firefox, then "Delete or Distrust..." removes all the trusts for the cert but does not delete it. This means that the cert can't be used to validate anything, but it also means that you don't have to re-install Firefox to get back a built-in cert that was accidentally deleted.

          If the cert was not built-in, then "Delete or Distrust..." deletes the cert. Since you obviously imported it once, you s

  • Comodo hasn't had just one, but two such breaches in the past few years (use the Slashdot search to find the stories).

    How come their certificates are still trusted and included with all browsers and operating systems whereas Diginotar's certificates were obliterated from all browser and almost all operating systems immediately?

    Is it because DigiNotar is only a regional Dutch CA? Talk about disgusting double standards then.

    • by Elbart (1233584)
      Comodo immediately disclosed the breach and made it known to all affected parties. DigiNotar sat on it and kept quiet for months.
      • by trifish (826353)

        I don't care they reacted quickly. It has happened TWICE to Comodo.

        It's about trust. I don't trust amateurs who can't even learn from their own mistakes.

        I've distrusted Comodo's certificate like I did with DigiNotar and the Chinese CA.

        The reason not to remove Comodo can't be that they're bigger than DigiNotar. Double standards are absolutely unacceptable in this field.

      • Comodo also lied about it. They painted a sophisticated attack from Iran. Now we know that the "hacker" was a Turkish script kiddy who's still bragging about it... That's the scary part: the intruder wasn't even any good. He's just an absolute beginner who follows "How To?" hacking vids on YouTube. And what happened to the lying Comodo CEO? Right, he's chosen as CEO of the year by RSA's InfoSecurity's 2011 Global Excellence Awards ... If you want to know how bad the problem is, how little is being done b
        • Maybe I've missed some recent news but last I heard, the Comodo hacker was ichsun AKA "skill of 1000 hackers," who is an Iranian and is an at least decently skilled black hat.

    • by sjames (1099) on Friday September 09, 2011 @03:17AM (#37348950) Homepage

      Because Comodo proactively detected the problem, put a stop to it, and had an appropriate audit log showing how large the problem was and what certs were wrongly issued.

      Evin DigiNotar acknowledges that removal of their root key is the only way to contain their leak.

      OTOH, I chose to disable Comodo's keys in my browser.

    • by nedlohs (1335013)

      because Comodo's announced the problem and revoked the bad certificates within minutes of them being created. Whereas DigiNotar did nothing for a month.

      CAs are all about trust, sure Comodo showed they have some problems but also that they do the right thing when shit happens. DigiNotar showed they are completely untrustworthy - security breaches happen the ignoring them bit is unforgivable for an entity whose role is solely about trust.

    • Reading the 'pedia, it seems like DigiNotar's been careless for a while. Only 9 certificates were issued with Comodo, and it was handled very very quickly. It also doesn't seem like Comodo was actually compromised - Wikipedia says "a user account with an affiliate registration authority had been compromised"

      By comparison, nobody's quite sure just how many DigiNotar certs were issued, or over how long a period of time. DigiNotar themselves have said they can't ensure that all fraudulent certs will be revoked

    • As a Dutch reader, I can guarantee you that nobody in his right mind here minds the way DigiNotar's fiasco is handled. They deserve this, and worse. If you're basically selling trust, you'd better be trustworthy.
      On the Mozilla Security Blog, the the reason why they handled this as they dit is explained very well:
      http://blog.mozilla.com/security/2011/09/02/diginotar-removal-follow-up/ [mozilla.com]

    • by RogerWilco (99615)

      DigiNotar didn't tell anyone, when they found out. Given that the CA system is built on trust, it means they have lost everyone's trust.

      Next to that, they don't seem to have a good audit trail, so can't tell what is and isn't affected.

      Everyone knows computer security can't be 100%. The central issue is trust. DigiNotar is no longer trusted, Comodo is because of the different way they handled things when a breach occurred.

  • by Anonymous Coward on Friday September 09, 2011 @03:08AM (#37348914)

    They lack in security and fixing exploits, and yet, they like to brag about somehow being "more secure" than Windows.

    Oh, and Microsoft I believe already released a patch... yesterday? Tuesday?

  • by antifoidulus (807088) on Friday September 09, 2011 @03:39AM (#37349038) Homepage Journal
    The thing is, I am wondering whether they will even bother to fix it for people still running Leopard. Apple historically has released non-security bugfixes for 10.n, security patches only for 10.(n-1), and basically jack shit for all osver
    While ordinarily just a dick move, due to the intel transition this means that there is a large user base out there(namely the ones that still run PPC macs) that basically will never get any new security patches for their systems and they are stuck with either pitching their hardware or taking the risk that they will not be a victim.

    Apple really needs to make these EOL policies not only clear, but announce them significantly ahead of time so that people who decide to migrate have plenty of time to do so.
  • by bytesex (112972) on Friday September 09, 2011 @06:17AM (#37349538) Homepage

    Same here. Snow Leopard user. Can confirm it. Stupid OS. I hope this will forever silence the 'if you think that firefox is a proper Mac application GTFO' trolls. This time, it's *better* to use Firefox.

  • Hard Info and Tools (Score:4, Interesting)

    by plsuh (129598) <plsuh&goodeast,com> on Friday September 09, 2011 @07:28AM (#37349844) Homepage

    Folks,

    I have detailed info and tools on my website at

    http://ps-enable.com/articles/diginotar-revoke-trust [ps-enable.com]

    The short story is that it is possible to protect yourself, but it requires deleting the DigiNotar root cert(s), then revoking trust on the two roots plus four intermediates.

    --Paul

  • by greggman (102198) on Friday September 09, 2011 @07:37AM (#37349886) Homepage

    What about iOS, Android, WebOS, OperaMini, OperaMobile, etc etc etc. Do they all need to be updated?

  • reports Bob McMillan, because the OS can't properly revoke dodgy digital certificates."

    Really? Cause I just set the trust to 'Never' in Keychain Access and it works just fine.

    If you don't know how to do something, you shouldn't talk out your ass.

    • Open Keychain Access from Applications/Utilities
    • Click on System Roots keychain
    • Click on Certificates category to filter down to only certs
    • Double click on DigiNortor certificate.
    • Expand 'Trust' drop down
    • The first option is: 'When using this certificate:' change that option to 'NEVER'
    • Close Keychain Access and rest assured knowing the blogger who wrote t
    • by Anonymous Coward on Friday September 09, 2011 @07:53AM (#37349960)

      FTFA:

      Ryan Sleevi, a software developer who has contributed to Google's Chrome project, noticed the issue too. After poking around the Mac OS X source code, though, he uncovered the cause.

      Users can revoke a certificate using Keychain, but if they happen to visit a site that uses the more-secure Extended Validation Certificates, the Mac will accept the EV certificate even if it's been issued by a certificate authority marked as untrusted in Keychain.

    • by forand (530402) on Friday September 09, 2011 @09:14AM (#37350512) Homepage
      This works fine as long as you don't visit an EV site. You must delete the cert, and make changes to your system on OS X. This is not an easy fix for most people. Please find more info here [arstechnica.com]
      • by guruevi (827432)

        It's easy to do from command line. I even wrote a package and distributed it to my machines that does the dirty work.

  • by Anonymous Coward

    Apple has a reputation for its aggressiveness when it comes to its own security, searching the houses of people suspected of finding lost phones and throwing them in jail. But apparently when it comes to the security of their customers, their enthusiasm wanes.

  • by JustAnotherIdiot (1980292) on Friday September 09, 2011 @10:52AM (#37351514)
    What a shocker!
  • Reading TFA, it sounds like the problem is not in the OS, but in the Safari browser. A nuance might be that the problem is in the OS, but only Safari uses the OS for cert authentication and other browsers roll their own authentication. At any rate, I read TFA to say if you're using some other browser than Safari you're OK. Granted, the usual Mac "Joe Sixpack" equivalent is probably running Safari and is left hanging, but is this a correct read of the article?
  • For Lion & Snow Leopard. http://support.apple.com/kb/HT4920 [apple.com]

    Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information

    Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar's

Someone is unenthusiastic about your work.

Working...