Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Encryption The Internet

Researchers Find, Analyze Forged SSL Certs In the Wild 86

An anonymous reader writes "A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL certificates are in the wild. Led by Lin-Shung Huang, PhD candidate at Carnegie Mellon University and, during the research, an intern with the Facebook Product Security team, they have created a new method (PDF) for websites to detect these attacks on a large scale: a widely-supported Flash Player plugin was made to enable socket functionalities not natively present in current browsers, so that it could implement a distinct, partial SSL handshake to capture forged certificates."
This discussion has been archived. No new comments can be posted.

Researchers Find, Analyze Forged SSL Certs In the Wild

Comments Filter:
  • by Anonymous Coward on Tuesday May 13, 2014 @08:32AM (#46988751)

    brought to you by the Adobe Flash plugin!

    • As opposed to regular browsing where you have no way of detecting these types of activities?
      • by Anonymous Coward

        As opposed to regular browsing where you have no way of detecting these types of activities?

        You mean other than the browser warning the article discusses?

        "These certificates are not authorized by the website owners, but most browsers will "accept" them, i.e. they will warn users of the error, but will allow them to choose whether they will continue on to the (potentially insecure) website."

        Yep, no way to tell.

      • by ChadL ( 880878 ) *
        Where there is an IT team to provide support using SSL client certificates will prevent (and detect via server SSL logs and client errors) fake certificates.
        When enabled the client will sign (using their client cert, generally with a site-specific internally managed CA) all the communications after the key negotiation finishes, so if there is a middle-man that modified the certificate/keys the server will see the clients signature of the communications as incorrect (as the client and server wouldn't agree
    • by Anonymous Coward

      Some things are just to freaking hard to exterminate!
      Windows... XP.... Flash... browsers...

  • Flash has had too many security breaches & just isn't useful enough for me to justify it's continued existence on my main browsers.

    When I need flash for a few select sites I use Chrome & for the rest I use a windows VM that is regularly wiped back to a clean config using snapshots.

    Too bad they didn't implement their validation tool as a normal browser plugin (or a suite of such for FF/Chrome/Safari/IE).

    • Do those alternatives to Flash allow the developer to enable socket functionalities not natively present in current browsers"? That's the sort of open-ended capability that tends to make Flash a security risk in the first place.

      FlashBlock works great for me, all the advantages of disabling flash, but it's only a click away when desired.

      • by phayes ( 202222 )

        Do those alternatives to Flash allow the developer to enable socket functionalities not natively present in current browsers"?

        Are low level socket functions beyond what is available to Browser plug-ins absolutely necessary to perform the function? I don't know, which was pretty much the point of my post.

    • Re: (Score:3, Funny)

      by oodaloop ( 1229816 )
      Why would you remove the savior of the universe?
    • by unrtst ( 777550 )

      Too bad they didn't implement their validation tool as a normal browser plugin (or a suite of such for FF/Chrome/Safari/IE).

      WTF? Really? How many users would actually install that plugin? How many of those users wouldn't already be paying attention to the warning the browser prints out on bad certs? Using a very widely deployed technology (flash) means they write it once, deploy via the website, and it runs almost everywhere, and it can report back to them (as opposed to the browser warning, which is client side only).

      I'd be a little surprised if it wasn't possible to script this up in javascript, but that would probably only wo

      • by phayes ( 202222 )

        Snort, great solution there. Flash is going down the tubes and is installed on fewer and fewer systems -- starting with people who refuse the unnecessary security hassle it has become.

        If you want to create a browser plugin for the security conscious, you don't do in an environment that has been proven to be insecure time after time. If possible, you create it in in an environment that will continue to exist in a few years when even Chrome abandons it.

        As to how many people are using TFA's plugin, people usin

    • Too bad you didn't read the summary properly: The flash object sits on the website, not the browser. The browser just runs it.
      For this to work on a wide scale, you can't make everyone install a browser addon. That's just stupid and as bad as flash is, proprietary addons are worse.

      • by phayes ( 202222 )

        Too bad you don't understand that the browser cannot run it if flash is not installed as a plugin on the user's browser (which it isn't if the person behind the browser has a clue & doesn't NEED it.
        For this to be widely deployed, people would have to care enough to install it, yet clearly that is not the case for over 99% of the people browsing the web. For the remaining people with a clue (aka the security conscious), a browser plugin (akin to Browser Patrol in Firefox) would be amply sufficient.

        • So what you're saying is, Flash is a stupid idea because people have to install it, but a browser addon is a better idea because people have to install it.

          • by phayes ( 202222 )

            Clearly, both reading comprehension & web security are too complicated for you.

            Let me use small words to make it easier for you:
            Both Flash plus their flash plugin & a browser plugin need to be installed. A plugin would add no vulnerabilities. Adding Flash to a machine does.

            I leave you to your browser with 10 toolbars, unexplained slowdowns & redirects to porn sites.

            • For someone banging on about security, this statement is laughable:

              A plugin would add no vulnerabilities.

              Flash is a plugin.

              • by phayes ( 202222 )

                Just because Flash is a plugin & insecure, that doesn't make all plugins insecure. You'd have to be really stupid to make that assumption but you seem dumb enough...

                • I'm not making any assumptions, but you seem determined to make blanket statements.

                  • by phayes ( 202222 )

                    No assumptions? Yeah, right, you only assume that all browser plugins are as insecure as flash is.

                    Anyone who makes an assumption that dumb is an idiot -- statement of fact, not a blanket statement

  • It would be interesting to see what they would find if they could run this on a bigger scale. The biggest offender appears to be security appliances. Should the browsers flag security appliances?
    • by leuk_he ( 194174 )

      Should they flag them? No, flagging too much will cause the users to just ignore the messages. And for most facebook communication http traffic will be just as good as https traffic.

      But it should note that the security is as good as http traffic, in other words, do not display a lock.

      By the way, think about it, security devices. Security for you? Did you pay those devices? No, it is security for those who pay for the devices.

  • by Anonymous Coward

    Many businesses implement a man in the middle server that allows them to REGEXP the HTTPS searches and connections. Generally its a proxy out with a requirement to accept the certificate which is then applied to your local to the proxy connection, but remotely your handing the company the keys to any accounts/connections used across the board.

    There is a thought of trust your admin not to log your password/financial data etc... Its all quite bizarre but someone thought it was a good idea, or didn't unde

    • Why can't a business do what it wants on its own networks to monitor their own computers?

      Do not like it? Then don't work. Plain and simple as you are paid to work and not create hostile work environments or infect their networks. They have a right to protect themselves legally and liability wise. Companies are liable for what their employees do at all times.

      They create their own self signed certs to do this so no biggie.

    • by azav ( 469988 )

      Generally it's* a proxy out

              it's = it is

      Learn this.

  • by Anonymous Coward on Tuesday May 13, 2014 @09:03AM (#46989003)

    I'm behind a Bluecoat proxy at work. The software plays man-in-the-middle when I access my mailbox or online bank.
    I never understood where my employer got the right to impersonate gmail or xyz-bank with their own certificates.

    • by Anonymous Coward

      I never understood why my employees use company resources for private business.

      • by Anonymous Coward

        Not much of a leader or thinker then are you?

        Hint - your employees are at the office more than they are not.

        • Yeah, these 13 hr days, 7 days a week really suck.

      • by Anonymous Coward

        You probably also don't understand that your employees are in fact people who occasionally need to get things organized during the day, and the fact that you are paying them some form of remuneration does not grant you power to dictate every facet of their existence while they work.

        If you don't like it, maybe you should hire robots instead. I'm sure that will work very well for you. You'll just need a maintenance cre--... oh damn.

        What's the world coming to when you can't run a business without these annoyin

        • You probably also don't understand that your employees are in fact people who occasionally need to get things organized during the day

          Meh.

          Businesses have legitimate reasons for monitoring the use of their equipment and networks. Employees have legitimate reasons for doing some personal stuff at work. The obvious compromise is exactly what happens: Businesses monitor and employees can decide whether they're okay with their personal stuff being monitored. If not, they have other options like doing it at home, or on their smartphone.

          That said, I do appreciate that my employer doesn't monitor my traffic.

      • by gl4ss ( 559668 )

        you don't know if they're using it for private business without breaching their telecommunications in a manner which should be( and actually in many western countries is) illegal - no matter if you built the road used for delivering the letter...

        of course you probably don't understand all the possible insider and outsider complications that come from having some personnel (no matter if it's some bofh or you) with expressed ability to read everybodys mail and banking details - and from the ability that they

    • by Anonymous Coward

      I'm behind a Bluecoat proxy at work. The software plays man-in-the-middle when I access my mailbox or online bank. I never understood where my employer got the right to impersonate gmail or xyz-bank with their own certificates.

      This is something many corporate security products do, so they can inspect and control SSL traffic for security threats. The argument for doing this is that if they didn't, then a large portion of the traffic would be bypassing some of the security defenses. You should never trust SSL for personal info when inside the company firewall.

    • I never understood where my employer got the right to impersonate gmail or xyz-bank with their own certificates.

      They got the right by providing you with the network connection at work which you choose to use for your personal banking and e-mail.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      If you're using OS X, a secure outside connection is as simple as:

      ssh -D127.0.0.1:1080 user@machine

      That establishes a SOCKS proxy on port 1080 which tunnels connections to the remote machine. Then change your network settings to point your browser at port 1080.

      I'm pretty sure PuTTY on Windows supports SOCKS proxies, too.

      Warning: if using Firefox you need to disable local DNS resolving (so that the domain name is resolved on the other end). I forgot what the config name is, but Google will help you.

      Of course

  • And needs to be retired to the bit bucket. Need I say more?

    • by 1s44c ( 552956 ) on Tuesday May 13, 2014 @09:23AM (#46989169)

      Flash is evil and should be destroyed, I agree. But this story is about how researchers did something cool with flash to detect forged SSL certs.

      In this one case Flash isn't the security issue, it's the useful software helping to find the security issue.

    • Re: (Score:2, Redundant)

      by moof1138 ( 215921 )

      Flash isn't a villain here, it was used as a research tool. The researchers are using Flash to detect forged SSL Certs.

      • by lgw ( 121541 )

        ... meet it is I set it down
        That one may smile, and smile, and be a villain

        Flash is always a villain. You may use it's power intending to do good, but in the end you will do only evil.

  • by Anonymous Coward

    You idiots, this guy is presenting about a much larger concern of the overall insecurity of this stupid trust model we call SSL CA Cert and all you morons talk about is how much flash sucks. You guys are fuckin nuts for brains man...

    • I'd love to trade my poorly articulated comments how people are complaining about the wrong thing for mod points t mod up parent.
  • by Kirth ( 183 ) on Tuesday May 13, 2014 @10:33AM (#46989971) Homepage

    (Error code: ssl_error_no_cypher_overlap)

    Yes, I turned off all weak ciphers in my browser. Including most 128bit ones.

    • by chihowa ( 366380 ) *

      It's using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. That's not exactly a weak cipher, especially since AES256 is putatively not much stronger than AES128.

      I think the issue you're seeing originates on your end.

  • This isn't really all that interesting. I will be more interested when researchers find a way to detect certs created with stolen root certificates. You know, the kind that don't make the browser throw up a warning.

    • Did you read the paper? I did. That's what the research does. It turns out that there isn't a lot of malicious MITM out there, and what little does exist is done by malware on the same machine. The other MITM "attacks" are things like corporate proxies, etc.

      The most interesting thing about this research is that it rather decimates the oft-repeated meme that SSL is broken and gets busted all the time. The data doesn't show that.

      • True, although it's worth noting that this approach only works through obscurity. As soon as attackers know about it, they can block the flash app or alter it to make everything look fine.
      • I had not read the paper. Now I have. I stand by my statement that this is not what I consider "forged". All of the detected certificates mentioned in the paper were detected by noticing inconsistencies in the public certificate. In most cases an outsider attacker would trigger at least a browser warning unless they had gotten their certificate authority registered on the victim computer as a trusted authority. In the case of the opFailZeroAccessCreate malware, "VeriSign Class 4 Public Primary CA" whic

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...