Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Another CA Issues False Certificates To Iran

timothy posted more than 2 years ago | from the bad-juju dept.

The Internet 229

arglebargle_xiv writes "Following on from Comodogate, we have another public CA issuing genuine false certificates to Iran, this time for Google. There's speculation that it's a MITM by the Iranian government, but given the existing record of CAs ready to sell certs to anyone whose check clears, it could just be another Comodogate." Another (anonymous) reader says, "What might be worrying is that the CA behind the forgery is the official supplier of most Dutch Government certificates, diginotar.nl. They are supposed to be very stringent in their application process. As a Dutchman, I'm very interested to see how this one plays out."Adds Trailrunner7: "The attack appears to have been targeting Gmail users specifically. Some users trying to reach the Gmail servers over HTTPS found that their traffic was being rerouted through servers that shouldn't have been part of the equation. On Monday afternoon, security researcher Moxie Marlinspike checked the signatures on the certificate for the suspicious server, which had been posted to Pastebin and elsewhere on the Web, and found that the certificate was in fact valid. The attack is especially problematic because the certificate is a wildcard cert, meaning it is valid for any of Google's domains that use SSL."

cancel ×

229 comments

Sorry! There are no comments related to the filter you selected.

This is ridiculous (2)

mysidia (191772) | more than 2 years ago | (#37249808)

Any CA that can't implement sufficient controls to prevent such shenanigans, should not be a CA in the first place. Needless to say i've changed my browser and OS settings to distrust the CA. I expect a serious explanation shortly, and short of some unusually extreme extenuating circumstances, I think all browser vendors and OS vendors should evict the CA immediately, to make an example of them.

I am curious though.... did the CA fail to implement its CA CPSs, or did its Certification practice statement actually have a hole where such a thing could happen?

More acronyms, please (3, Funny)

mmarlett (520340) | more than 2 years ago | (#37250024)

So, besides more Californias (CAs) offering more martinis-in-the-morning (MITMs) to confuse more octogenarians/septuagenarians (OSs), what does the Chicago Public School System (CPS) have to do with anything? Or is this one of those "hacker" things I've heard so much about?

Re:More acronyms, please (-1)

Anonymous Coward | more than 2 years ago | (#37250046)

you contribute nothing.

Re:More acronyms, please (1)

mmarlett (520340) | more than 2 years ago | (#37250076)

Ah, yet you fail to understand that the parent (and the post itself) obscure everything unnecessarily and that I mocked them accordingly. And I see why you posted anonymously. (Adverbs are big this time of night.)

Re:More acronyms, please (0)

Anonymous Coward | more than 2 years ago | (#37250118)

i understood it so well i didn't need you to gratify yourself by pointing it out. i simply don't share your offense at it.

if only i could grasp the subtle nuances of your clever mockery, right? i'm glad you didn't post anon so it can be known you're another one of those who thinks that people would agree with you if only they were as smart as you. that's a crowded category but i'm sure there's room for one more.

like i said you contribute nothing.

Re:More acronyms, please (0)

Anonymous Coward | more than 2 years ago | (#37250666)

Atleast he/she contributes more than you.

Re:More acronyms, please (1)

Tacticus.v1 (1102137) | more than 2 years ago | (#37250096)

Re:More acronyms, please (2)

mmarlett (520340) | more than 2 years ago | (#37250140)

Actually, this is real news if presented properly. I don't fault mysidia for that, really, but I do fault timothy. I mean, you are talking about international fraud that could affect billions of people, but the article is presented in such a way that it is only instantly readable by a few hundred people. I've been reading Slashdot since 1996, so I'm totally used to the jargon. And I figured it out — so have thousands (or millions) of others ... but there is no real burden on the poster to spell out a few acronyms that make no sense to even a general audience (of nerds). This is more egregious than usual is all.

Re:More acronyms, please (4, Funny)

mysidia (191772) | more than 2 years ago | (#37250172)

The Californians provide a document specifying their chosen Chicago Public School System, which is digested by THE POWERS THAT BE to decide if the Californian is trusted to introduce UAs (Utah and Alaskans) to servers and vice versa (partially based on their record of providing the proper tip amounts to their servers).

The problem is, this particular Californian has taken to introducing fake servers to the UAs (Utahns and Alaskans).

Re:More acronyms, please (1)

mmarlett (520340) | more than 2 years ago | (#37250228)

See, now that's the smartassery I really enjoy. ;)

Re:More acronyms, please (1)

pseudotensor (1416993) | more than 2 years ago | (#37250392)

Whoever responded to mmarlett and complained he contributed nothing is dead wrong. I have no idea what CA's are. This is the first article in like 2 years of reading slashdot that I've been stumped on acronyms or initialisms. Bad summary for a major website -- end of line.

Re:More acronyms, please (0)

Anonymous Coward | more than 2 years ago | (#37250912)

have no idea what CA's are. This is the first article in like 2 years of reading slashdot that I've been stumped on acronyms or initialisms.

Sounds like bullshit to me. People who have been reading Slashdot for 2 years should be able to use google and not post useless stuff, so that there is a higher signal to noise ratio.

If you know nothing about a topic, SHUT UP and if you're interested go look it up, or just wait a few minutes, someone might actually post something informative.

The main reason to read Slashdot is for the occasional very informative/interesting post by a random Slashdotter. It's not for the editors crap, and certainly not for "Bwaaa I'm too lazy and stupid, why doesn't someone spoonfeed me" posts.

You should know by now the slashdot editors are crap (or pretending to be) and are not going to improve. So stop reacting stupidly to it. Just pretend the editors are trolling for more hits and posts.

Re:More acronyms, please (1)

Anonymous Coward | more than 2 years ago | (#37251034)

http://lmgtfy.com/?q=ca+ssl [lmgtfy.com]
http://lmgtfy.com/?q=mitm+ssl [lmgtfy.com]

WOW! This newfangled google thingie is SOOOO COOL!

Notary idea (2)

93 Escort Wagon (326346) | more than 2 years ago | (#37249820)

I'm beginning to think some variation of Marlinspike's distributed notary system [softpedia.com] may actually be the way to go. This just can't be allowed to happen, given the importance of internet communication nowadays. If the CAs can't prevent this, it's time to find an alternative.

Re:Notary idea (1)

RajivSLK (398494) | more than 2 years ago | (#37251100)

There must be something I don't understand about this system...

The whole idea is to compare a certificate served by a website to a client with one received from the same destination by a notary. If the client is surfing from a compromised network and gets served a fake certificate, it won't match with the one from the notary, triggering an alert.

How does it prevent a man in the middle attack from simply forging the certificate and all of the notary responses?

Re:Notary idea (0)

Anonymous Coward | more than 2 years ago | (#37251264)

How does it prevent a man in the middle attack from simply forging the certificate and all of the notary responses?

The idea is that you have a bunch of notary public keys stored on your harddisk as part of the software (like the CA root certs are stored in your OS+Browser right now) and the notary responses are signed so that they can't be forged, only blocked (which reveals that something is wrong) [Replay attacks may be a problem but any decent protocol includes expiration timestamps]. This approach is straightforward and simple enough, you protect against compromised notaries by always checking several so one liar is will stand out amongst the others*, as long as you don't install a (non-notary-checked/non-SSL) browser patch over the compromised network then you should be fine.

* The inherent benefit here is web of trust vs centralised trust. Rather than relying on the CA to do its job properly, you ask a bunch of servers owned by a multitude of people to take a vote on whether the site is legitimate or not; it's much harder to corrupt a democracy than a dictatorship.

CAs Need To Go (0)

Anonymous Coward | more than 2 years ago | (#37249822)

There are so many CAs built into Firefox and other browsers, it'd be easier to create a list of the companies/individuals that aren't authorized to issue certs. Why haven't we moved the certificates into DNS and encrypted the whole mess yet?

This is considered surprising? (5, Insightful)

Targen (844972) | more than 2 years ago | (#37249826)

Security people have since forever warned the rest of the world against the risks of blindly trusting centralized/hierarchical trust schemes. It's not the first time this happens. It won't be the last. And while standard practices remain as they currently are, we're all in the hands of whoever's got money and power, and governments tend to have a lot of both. Most of you might not care much about this since you probably live in places with decent governments*, but it's a real concern for an enormous portion of the world's population.

*IN RELATIVE TERMS. I know many of the governments of the "free world" are guilty of all manners of despicable privacy violations with all manners of awful consequences, but please don't even attempt to compare these issues to the sorts of oppression that happen in full-blown totalitarian regimes.

Re:This is considered surprising? (1)

bky1701 (979071) | more than 2 years ago | (#37250296)

I know many of the governments of the "free world" are guilty of all manners of despicable privacy violations with all manners of awful consequences, but please don't even attempt to compare these issues to the sorts of oppression that happen in full-blown totalitarian regimes.

The "free world" is effective enough at controlling the people though other means (bread and circuses) that it need not resort to more extreme measures: the people are powerless, and so abusing them overtly would only potentially give them something to unite against.

You aren't free only because you can say something, although that is a prerequisite. You're free because you can effect social change. Tell me with a straight face that there is a wide gulf between Iran and the West in that respect, and I shall laugh at you. The West simply learned the hard way not to use the stick every time.

Re:This is considered surprising? (0)

miffo.swe (547642) | more than 2 years ago | (#37250518)

Im in love with your mind. *kissy* *kissy*

Re:This is considered surprising? (1)

jpapon (1877296) | more than 2 years ago | (#37250934)

Sure you're free to "effect social change", you just might not be all that effective; the system in place in most "free" countries makes it difficult, but not impossible. This is, in fact, wise, because (believe it or not) not everyone wants to enact the same social changes as you.

Re:This is considered surprising? (1)

gilboad (986599) | more than 2 years ago | (#37251166)

I'm *perfectly* happy with not giving *you* the power to "effect social change"; something tells me that what-you-consider-social-chance is what I consider anarchy...

- Gilboa

Re:This is considered surprising? (1)

bky1701 (979071) | more than 2 years ago | (#37251326)

Interesting. I am a supporter of public services, welfare (to an extent, one far more comprehensive than we have in the US), nationalization of certain industries, etc.. Being for personal freedom as well makes me an anarchist? If what I just listed are aspects of anarchy, things have changed a lot. Perhaps you shouldn't jump to conclusions that anyone criticizing your precious country is some kind of radical.

My point, though, is less about any specific change; in fact, you can be on opposite ends of the political spectrum and realize the same problem. Western democracies are extremely good at keeping intact the old aristocratic systems, while managing to convince the general public that they actually have a say. Both sides in the US play upon the psychology of the people, while both have the same root goal of making sure they are the ones in charge. Who has more power in the US - lawyers, lobbyists, the rich, or common people? I suspect only the most deluded would choose the last. No matter your politics, it is rather obvious that voting is more a system of rubber-stamping than actual government. You will never get anywhere in politics without money, and you'll never get money without money.

The fact that massive political divisions exist, while nothing really ever changes, is a good example of why I say democracy is a distraction. It doesn't matter what grand shows you put on, or what ideals the government is founded on: sooner or later, the old systems creep back in. I'm not sure if this can be fixed, or if it is just human nature, but ignoring it solves no problems. Democracy is the most ingenious invention ever for keeping people in check.

Playing global sports, "my country is better than yours! mine is freer than yours!" only leads to wars and hate, not solutions, when everything in the end is so similar.

Re:This is considered surprising? (2)

ibwolf (126465) | more than 2 years ago | (#37251332)

You're free because you can effect social change. Tell me with a straight face that there is a wide gulf between Iran and the West in that respect, and I shall laugh at you.

It is difficult to effect social change in the west because most of us are, on the whole, content with things as they are. Sure, there is room for improvement, but (a few fringe groups aside) few of us want radical change. This is the essence of democracy.

In Iran it is difficult to effect social change because if you seem even remotely likely to succeed in undermining the government they will crack down on you hard.

Of course, democracy is somewhat flawed in that it involves giving people what they want and what people want isn't necessarily what is good for the whole (or even themselves). ("People are dumb, panicky, dangerous animals and you know it.") But that is completely different from an autocratic rule that puts the welfare of its citizens behind all concerns of the ruling elite.

Democracy isn't perfect (and as practiced in the USA, could be improved notably), but it is still the best system we've got. Or to borrow a quote

Many forms of Government have been tried and will be tried in this world of sin and woe. No one pretends that democracy is perfect or all-wise. Indeed, it has been said that democracy is the worst form of government except all those other forms that have been tried from time to time.

I believe that Churchill was onto something there.

Implementing ALL of SSL, perhaps? (0)

Anonymous Coward | more than 2 years ago | (#37250880)

Part of the SSL spec is the use of CRLs: the ability of certificate provider to "blacklist" certificates that have been compromised by one means or another through a Certificate Revokation List. . Sadly, this is perhaps the least-implemented feature of the whole SSL system, even though it's clearly a very important part thereof.

Compromises happen, people!

Certificates get transferred on USB thumb drives that get left at coffee shops, et al.

A CRL isn't that hard to implement. Yet, it's rarely set up correctly, and many (most?) softwares that use SSL don't support CRL. WTF? !?!?

It's also pointless in this case (1)

Chuck Chunder (21021) | more than 2 years ago | (#37250980)

Someone capable of doing a MITM attack with a dodgy cert is almost certainly going to be in a position to stop you hitting a CRL.

Stringent SSL verification process ... yeah right! (3, Insightful)

phoxix (161744) | more than 2 years ago | (#37249834)

The idea behind the "Stringent SSL verification process" is that customers will pay a brand-name-trusted CA company to verify the SSL request is from who they claim to be.

Even at *TEN THOUSAND* USD/EUR/GBP/etc per fake certificate, the price is too good for countries like Iran, China, etc for engaging in MITM attacks.

The whole process is a scam outright....

And thus you find out the real security weakness (1)

Anonymous Coward | more than 2 years ago | (#37249852)

Money.

It actually works slightly better than a wrench, and is more reliable than stupidity.

Maybe if you have gold-plated wrenches...if you have gold-plated wenches, you end up with a James Bond movie.

Or with "Dodgeball." (1)

bdwoolman (561635) | more than 2 years ago | (#37249974)

" If you can dodge a wrench, you can dodge a ball."

Patches O'Houlihan

Re:And thus you find out the real security weaknes (2)

tftp (111690) | more than 2 years ago | (#37250266)

if you have gold-plated wenches, you end up with a James Bond movie.

The sad fact is that you don't even have to buy them gold-plated. They happily do that on their own, at your expense.

Penalty: instant deletion of the CA, surely? (4, Insightful)

robbak (775424) | more than 2 years ago | (#37249876)

Surely, if any a fraudulent certificate evert shows up, then the public keys for the issuing CA should be instantly removed? Even if they are Verisign themselves, if a fraudulent certificate exists, then trust is lost, and they cannot remain.

Re:Penalty: instant deletion of the CA, surely? (0)

Anonymous Coward | more than 2 years ago | (#37249930)

Comodo (2nd largest after verisign) fucked things up royally with their resellers but guess what. They weren't shunted off.

What, you thought "Too big to fail" was only for banks?

Re:Penalty: instant deletion of the CA, surely? (1)

arglebargle_xiv (2212710) | more than 2 years ago | (#37250066)

What, you thought "Too big to fail" was only for banks?

In this case the breach appears to have been serious enough that Mozilla have actually pulled the CA's cert. No matter how negligent a CA has been in the past, no browser vendor has ever done this before. Rumors on Mozilla lists are that it was a CA compromise, which would mean that no certs from Diginotar can be trusted at the moment. Whatever it is, it's pretty serious. Again.

Maybe this time the browser vendors will finally be incentivised to fix the PKI mess (CA protection racket) that they've created, although given the outcome of Comodogate (business as usual, nothing to see here, move along) I rather doubt it.

Re:Penalty: instant deletion of the CA, surely? (1)

jamesh (87723) | more than 2 years ago | (#37250574)

Surely, if any a fraudulent certificate evert shows up, then the public keys for the issuing CA should be instantly removed? Even if they are Verisign themselves, if a fraudulent certificate exists, then trust is lost, and they cannot remain.

Who would do this? What is the 'parent body' of a CA? Is the CA business actually regulated in any way? And under what jurisdiction? The nature of 'root certificate' is that the keys are in Windows (or whatever operating system), so Microsoft (or appropriate vendor) would have to do it via an update, or the user would have to do it manually.

Re:Penalty: instant deletion of the CA, surely? (4, Informative)

Spad (470073) | more than 2 years ago | (#37250622)

Mozilla, Google & Microsoft (at least, so far) have all now removed Diginotar from their list of trusted authorities in their respective browsers.

Good! (1)

robbak (775424) | more than 2 years ago | (#37250696)

Now all we need is for that to be an automatic response.
Then, the only way back in would be to fix the procedural issues, get properly audited, then generate a new root cert and reissue everyone fresh certs.
The huge cost of this might get them taking security seriously. And even saying "no"to governments.

instant deletion of the CA: O RLY?!? (0)

Anonymous Coward | more than 2 years ago | (#37251268)

This does nothing for all the 3.6.x series firefox users.

Why hasn't mozilla or someone else made a simple addon for maintaining/importing CA CRL lists?

Why is my CRL list in firefox blank by default? (All mozilla default CA's should have CRL lists registered directly. There is ZERO reason for mozilla to not know the CRL list locations, considering they took on the responsibility of reviewing and allowing in all the default CA's)

New Meaning (0)

Anonymous Coward | more than 2 years ago | (#37249880)

to "going Dutch"?

Surprising? (5, Interesting)

Mensa Babe (675349) | more than 2 years ago | (#37249884)

The only thing I find surprising is that stories like this are not more common. Various government agencies all over the world have been using fake certificates literally for years. Those are usually targeted at specific individuals being under surveillance so those are one-time stunts, limited in time and in network visibility, but all of those certificates in order to be useful have to be issued by certification authorities that are in the trust chain of the popular web browsers (Firefox, Chrome, Explorer, Safari, Opera). The problem with SSL/TLS certificates is that any certification authority from any country can issue a certificate for any domain, and they do occasionally. Most of those certificates are used only few times so they don't get any attention but sometimes they do. The trust model in SSL/TLS is fundamentally flawed and I agree with Dan Kaminsky and Bruce Schneier that we have to completely abandon it in favour of a trust model based on a secure DNS system, where there is only one authoritative source of cryptographic certificate for any given domain, instead of thousands like we have today. I have been telling this for years and I can only hope that people will eventually wake up and listen after stories like this one.

Convergence (4, Interesting)

unencode200x (914144) | more than 2 years ago | (#37249932)

Another reason to take a good, long look at Moxie Marlinspike's Convergence system. Basically, it does away with CAs in favor of a trusted and anonymous notary-based system.

See him speak about it at BlackHat USA 2011 here [youtube.com] .(a really great talk, as always).

Read about it here [infosecurity-us.com]

The official Convergence website (http://convergence.io/). The plugin (AFAIK) is not compatible with FF 6 yet.

Re:Convergence (-1)

Anonymous Coward | more than 2 years ago | (#37250186)

The official Convergence website (http://convergence.io/). The plugin (AFAIK) is not compatible with FF 6 yet.

Fortunately, they plan to have it compatible with FF8 by the time that FF11 comes out. So, some time early next month. The rest of you may use this thread for an offtopic flamewar.

If that joke fell flat, here's another one.

The official Convergence website (http://convergence.io/). The plugin (AFAIK) is not compatible with FF 6 yet.

They're still sorting out the organizational units of whoever is left after Kefka blew up the world.

Re:Convergence (1)

jonwil (467024) | more than 2 years ago | (#37250236)

Forget that, go with SSL certificates in DNS and DNSSEC to verify the records.

Re:Convergence (2)

GSloop (165220) | more than 2 years ago | (#37250376)

And when the DNS servers are subverted to point to bogus SSL certificates, then what?

You do happen to know that you'll have to trust the government [ISP etc] not to mess with DNS, and a one-stop shop to subvert both your domain and your PKI is just what they'd like to have.

SSL certs authenticated/served by DNS is not a fix, IMO - because DNS isn't any more secure from powerful interests than SSL is. [And it may even be less secure.]

This truly is a hard nut to crack, and knee-jerk solutions like "tie it to DNS" won't solve the problem in any robust way.

-Greg

Re:Convergence (2)

jonwil (467024) | more than 2 years ago | (#37250454)

with proper cryptographic protocols like DNSSEC, the only way to change DNS (and hence SSL certificates stored in DNS) without raising red flags is to actually change the DNS record itself. Any man-in-the-middle attacks by hackers, ISPs or foriegn governments (great firewall of china etc) will cause the DNSSEC chain-of-trust to fail.

Now it might be possible for a bad guy to convince the DNS provider or operator to accept new cryptographic keys, DNSSEC signatures or DNS data but that is a lot harder than convincing a dodgy CA to issue a fake certificate for PayPal or Google.

As for the US government, if the US government wanted to take action, they could use secret national-security apparatus to force a CA to issue a valid certificate just as easily as they could use it to force a DNS provider to change DNS

Are DNSSEC certificates the magic bullet? No.
But they do eliminate the possibility of rogue CAs being bribed or otherwise convinced to offer fake SSL certificates. And they eliminate the high costs of SSL certificates (dont like what your DNS provider wants to charge you to store certificates in your DNS record and sign it with DNSSEC? Just go to another provider, no need for it to be one of a handful of approved CAs)

Show me ONE example (real or hypothetical) where a DNS record has been altered (with or without the cooperation of the DNS provider) by someone other than the legitimate domain owner (e.g. hackers, government etc) where storing certificates in DNS would make things worse than if the site was using current CA-issued certificates and I will accept your arguments.

Re:Convergence (2)

GSloop (165220) | more than 2 years ago | (#37250596)

Go ahead and actually read or listen to the talk.

If you won't trust the SSL authorities, and I don't - then one would assume that trusting the registrars/TLD's/root/or country TLD's would be even more crazy.

IMO, DNSSEC simply doesn't really solve the problem, and shouldn't be the "solution." We should look for and design something better.

-Greg

Re:Convergence (2)

GSloop (165220) | more than 2 years ago | (#37250896)

Show me ONE example (real or hypothetical) where a DNS record has been altered (with or without the cooperation of the DNS provider) by someone other than the legitimate domain owner (e.g. hackers, government etc) where storing certificates in DNS would make things worse than if the site was using current CA-issued certificates and I will accept your arguments.

Seriously? Sex.com was totally hijacked. There are literally thousands of cases where domains get owned. [And once you own the domain its DNS is certainly available for tampering.]

Next, if you are willing to tamper with the whole chain, then nothing will help the user. Easily within reach for a government or serious party handling DNS - and there's no protection.

Why settle for a half measure at best. We're going to have to redesign a whole set of things - lets really try to do it right and make the replacement agile. As MM points out. "Who are you going to trust and for how long." If you can't easily/gracefully [or even ever] change who you trust, then you probably have a problem.

where storing certificates in DNS would make things worse than if the site was using current CA-issued certificates

Man, what a high bar you have there for a "better" solution. 'It's better than the totally broken current system.'
Your argument amounts to: "Well, yeah, rape sucks. We think you ought to get mugged and violently assaulted instead."

Huh? Really?!
Let's just assume CA's *are* worse than DNSSEC - just for the sake of argument.
In that case that DNSSEC would be better than the sketchy CA's. But simply being a little better than what's currently in place shouldn't be where we set our aspirations in coming up with something new and better.

How about, instead of aspiring to get violently assaulted, you work for something a LOT better.

Re:Convergence (1)

soundguy (415780) | more than 2 years ago | (#37250844)

Any company where the validity of an SSL cert is even remotely important should be running their own DNS. If they aren't, they have no business being in business.

Re:Convergence (2)

Onymous Coward (97719) | more than 2 years ago | (#37250762)

Thanks for bringing this up. Every time we talk about SSL issues folks fail to bring up the notaries-based systems. (Even during the last /. article, which was really about Marlinspike's Convergence.)

Additional information: Convergence is based on Perspectives [networknotary.org] .

Network notaries let you see a diverse views of the public key(s) used by an HTTPS server over time.

As an example, here are multiple views of Google's SSL [networknotary.org] .

Re:Convergence (1)

Onymous Coward (97719) | more than 2 years ago | (#37250792)

The attack appears to have been targeting Gmail users specifically.

Okay, then, more relevantly, multiple views on Gmail's certificate [networknotary.org] .

That'll give you a good idea if someone's MITMing you.

Nuke the root from orbit (0)

Anonymous Coward | more than 2 years ago | (#37250000)

It's the only way to be sure.

English (1)

oldhack (1037484) | more than 2 years ago | (#37250072)

"Timothy", dutchman, learn to write in English.

Try asking him in Dutch (0)

dutchwhizzman (817898) | more than 2 years ago | (#37250196)

Flawlessly. Or didn't you ever learn to write in a foreign language that good?

Re:Try asking him in Dutch (0)

Anonymous Coward | more than 2 years ago | (#37250426)

What foreign language is as good as Dutch?

Re:Try asking him in Dutch (0)

Anonymous Coward | more than 2 years ago | (#37250770)

[troll]I think you'll find it is "Or did you never learn how to write well in a foreign language?"[/troll]
Sorry, I'm just trying to troll as well as the OP.

Re:Try asking him in Dutch (1)

FormOfActionBanana (966779) | more than 2 years ago | (#37250922)

Er staat een paard in de gang.

Re:English (0)

Anonymous Coward | more than 2 years ago | (#37250586)

Jesus, guys.

CA - certificate authority
cert - certificate
MITM - "Man in the middle" attack pattern
I'm - I am
HTTPS - Hypertext transfer protocol, secured
SSL - secure socket layer.
The final two are inexact applications to "secured web browser network connection." Everything except "I'm" relates to computing and cryptography. This is relatively standard nerd stuff!

Re:English (0)

Anonymous Coward | more than 2 years ago | (#37250888)

I like to think that I'm fairly competent at English, thank you. Maybe you would be so kind as to point out the grammatical and syntactical errors in TFS?

Idealistic? (1)

Gothmolly (148874) | more than 2 years ago | (#37250082)

Did anyone really assume that SSL certs were legit? YOU'RE BUYING THEM - someone will always sell them to you. Suddenly self-signed, homebrew certs aren't so bad anymore are they?

Re:Idealistic? (0)

Anonymous Coward | more than 2 years ago | (#37250212)

Well, self-signed certificates and CA are perfectly valid and trustworthy as long as you trust the signer. If you want to setup a secure connection between two of your own machines, then self-signed is even better than public CA.

Of course, there may be an issue with self-signed certs and 3rd parties. After all, unless they can verify the certificate offline (eg. though mail or phone conversation fingerprinting), then these certificates are indistinguishable from MITM certificates.

Re:Idealistic? (0)

Anonymous Coward | more than 2 years ago | (#37250270)

It is in the interest of all governments to discourage self-signed certificates, in order to ensure that the majority of encrypted internet traffic can still be wiretapped by them.

Entirely coincidentally, all browsers just happen to display huge warnings when they encounter a self-signed certificate.

Non-sequitor (2)

Mathinker (909784) | more than 2 years ago | (#37250348)

Everyone accepting self-signed certificates without checking who created them is going to make us all more secure against governments?

The problem is with the current trust model itself, as others have noted here. Changing it to blindly trusting everything isn't going to improve the situation (and that is what you are proposing, for Joe Sixpack, anyway).

Re:Idealistic? (1)

jamesh (87723) | more than 2 years ago | (#37250594)

Did anyone really assume that SSL certs were legit? YOU'RE BUYING THEM - someone will always sell them to you. Suddenly self-signed, homebrew certs aren't so bad anymore are they?

If you can deliver the key (or even just the thumbprint) to me in a secure manner then i'm quite happy to use it to trust my connection to you. Otherwise I need to trust a third party to tell me that your certificate is actually your certificate and not someone else pretending to be you, which is the whole point of SSL. Well... and encryption of course, but that aspect is somewhat overrated in comparison.

Hooray for corporate control (0)

Anonymous Coward | more than 2 years ago | (#37250094)

What's the problem? Isn't the market supposed to take care of businesses who behave like this? There's no problem here. I can't see how this is any illustration of why regulating private business behavior is necessary in many cases.

Re:Hooray for corporate control (1)

Jiro (131519) | more than 2 years ago | (#37250260)

I believe Iran is run by a government. Whether they bribed the CA or hacked into the CA, it's certainly not free market capitalism.

Re:Hooray for corporate control (0)

Anonymous Coward | more than 2 years ago | (#37251054)

So in your definition of free market capitalism, governments either do not exist or do not interact with any company at all, not even as a customer?

I fail to see the difference between Iran bribing a CA and a company or person bribing a CA.

Mozilla wants to blacklist the CA it seems. (4, Interesting)

wvmarle (1070040) | more than 2 years ago | (#37250100)

I just looked through the bug report listed; at the end two very interesting comments:

So it seems Mozilla is basically going to blacklist that CA. I think that's an appropriate response: the CA has proven that their methods are flawed, and that there certificates can not be trusted. This one has been found out; who knows whether there are more out there? I surely hope this is a one-off incident but better safe than sorry. And it sends the message nice and clear to other CAs that they have to be really careful.

As of 9:26pm PDT this bug report has made the frontpage of slashdot.org [...] Please address this issue immediately.

A Slashdot side-effect :)

Re:Mozilla wants to blacklist the CA it seems. (1)

wvmarle (1070040) | more than 2 years ago | (#37250106)

For some reason the first quote went missing... I should have checked the preview of course:

It is my understanding that the patches that are being created will blacklist all DigiNotar-issued certificates based on "CN=DigiNotar " in the certificate issuer.

Re:Mozilla wants to blacklist the CA it seems. (1)

Co0Ps (1539395) | more than 2 years ago | (#37250418)

100% correct. They can no longer be trusted and should be instantly removed. If they come back with a full post mortem study, including the steps they have implemented for it to never happen again, plus a full list of all fraudulent certificates they have issued they should be reconsidered again, but only after sufficient penalty time has passed, say one year. This is to prevent other CAs from doing the same mistake.

Oh and the CA system is utterly broken. This is the scenario all security researchers anticipated and failed to be surprised by. When can we get a standard based on DNS-SEC instead?

Mozilla, Google, MS all agreed to remove the CA (4, Informative)

yuhong (1378501) | more than 2 years ago | (#37250490)

This sounds and smells like a kdawson post (1)

uofitorn (804157) | more than 2 years ago | (#37250102)

To two links to forum-type sources?

Re:This sounds and smells like a kdawson post (0)

Anonymous Coward | more than 2 years ago | (#37250930)

I would have included links to the original [www.nu.nl] articles [tweakers.net] if I would have thunk that a significant percentage of /. were competent at reading Dutch.

Re:This sounds and smells like a kdawson post (0)

Anonymous Coward | more than 2 years ago | (#37251282)

doe dat volgende keer maar, je kan er altijd "(in Dutch)" bij zetten toch.

At the rate these CAs are doing this crap (1)

antifoidulus (807088) | more than 2 years ago | (#37250168)

Maybe I should tell my browser to just accept certs signed by Bob's SSL Certs and Taco Stand, probably no worse than anyone else.(Bonus points if you get the reference)

bit of a red flag? (2)

slashmydots (2189826) | more than 2 years ago | (#37250178)

I'm not that informed on how certs work but if someone goes to a dutch CA and says they want a cert related to Google, wouldn't that be the one they'd double or triple check just in case it's not really Google? I mean, it's Google. Nobody doesn't know them and they wouldn't just randomly pick up a cert from a random foreign country, right? Or do they need muliple certs around the world or something so it wasn't that unusual? Either way, it's not that hard to make sure a google certificate isn't being requested from Iran...I mean, they're kinda different and easy to follow up on over the phone.

Re:bit of a red flag? (1)

ESD (62) | more than 2 years ago | (#37250520)

I think the easiest explanation for this would be that that would be a manual intervention in an automated process, which is expensive, so they won't do that. (The Dutch would rather throw a couple of millions at improving efficiency rather than accept a couple hundred thousands of losses because things aren't quite as great as they could be. Apart from that it commonly also happens at big companies, it's also a cultural thing. I've lived there for over a quarter of a century; fortunately I was able to get away from it a bit ;-p )

Re:bit of a red flag? (1)

wvmarle (1070040) | more than 2 years ago | (#37250522)

To debunk the last bit: it's not that hard for a spy operation to ask some friends in the US, possibly friends that are actually Google employees, to apply for such certificates. To have at least the request coming from a plausible source.

And on the rest... sure, should have raised plenty of red flags. Why would a US company ask a Dutch CA for a certificate? Why would an established site need a new or an extra certificate - a wild card (*.google.com) cert to boot? Now I have no idea how a CA certifies that the requester is actually the owner of a certain domain, it certainly failed badly in this case.

Re:bit of a red flag? (2)

jimicus (737525) | more than 2 years ago | (#37251324)

And on the rest... sure, should have raised plenty of red flags. Why would a US company ask a Dutch CA for a certificate? Why would an established site need a new or an extra certificate - a wild card (*.google.com) cert to boot? Now I have no idea how a CA certifies that the requester is actually the owner of a certain domain, it certainly failed badly in this case.

Go buy a certificate some time. There are LOTS of CAs out there who will complete the transaction and give you a certificate in seconds. We'd like to believe that such CAs have some sort of process in place that flags up potentially fraudulent requests for human verification, but as this sort of thing demonstrates that's obviously not the case.

DUTCH ?? DOPERS MORE LIKE IT !! (-1)

Anonymous Coward | more than 2 years ago | (#37250298)

The dutch are dopers. You know it, They know it. That anything gets done there, let alone all those fingers in all those dykes, is a mystery to one and all !!

Re:DUTCH ?? DOPERS MORE LIKE IT !! (0)

cheaphomemadeacid (881971) | more than 2 years ago | (#37250332)

haha and still, the dopers manage a better economy than the us ;P

Re:DUTCH ?? DOPERS MORE LIKE IT !! (0)

Anonymous Coward | more than 2 years ago | (#37250406)

http://www.scaruffi.com/politics/gnp.html [scaruffi.com]

USA is shown there as #1. Nederland is #15. USA per capita is $38k. Nederland is $27k. I can't recall the last thing I bought from "Holland". I've seen those klog shoes == when I was a kid and it was a gag product. What am I missing? You can get good hash in downtown L.A. now.

Re:DUTCH ?? DOPERS MORE LIKE IT !! (0)

Anonymous Coward | more than 2 years ago | (#37250614)

Netherlands GDP is roughly the size of Florida's, not the entire US.

The general fashion sense and level of class is also similar to that of Florida

ban the CA, problem solved (0)

Anonymous Coward | more than 2 years ago | (#37250316)

Remove that CA's certificates from the root store permanently and refuse all future root certificates from that authority.

It would only be necessary ONCE. After all, until it costs them money they will continue to ignore their security issues.

Anyone with a full list (1)

utkonos (2104836) | more than 2 years ago | (#37250318)

Can anyone add to a list of CAs that have been involved in anything like this?

I had already disabled all Comodo CA certs and and all COMODO certs in my browser after the comodogate incident. After I did that, I submitted complaints to any site that I noticed that use those certs (mainly Amazon's payment system). Other than all diginotar certs, which others should be deep sixed?

I am a firm believer that once there is a loss of trust, anything that company touches should be black holed.

Re:Anyone with a full list (1)

TheLink (130905) | more than 2 years ago | (#37250996)

I am a firm believer that once there is a loss of trust, anything that company touches should be black holed.

Really? Do you still trust Verisign and Verisign owned companies (e.g. Thawte)? Verisign have screwed up, and worse also do ethically dubious
stuff ( http://en.wikipedia.org/wiki/Verisign#Controversies [wikipedia.org] ).

BTW Symantec now owns Verisign's CA stuff not sure how much you trust Symantec but they certainly have screwed up before.

How about Mozilla? Or the other browser makers who have bundled CNNIC's (China Gov) CA certs in their browsers.

How about Entrust? They have signed CNNIC's CA cert, so even if you remove CNNIC's cert, an MITM by China might still work as long as your browser trusts Entrust.

I personally use Certificate Patrol, so if something is signed by CNNIC and it's a Chinese Gov site, it's no big deal, but if google/gmail is signed by CNNIC I'd get warned.

BTW I'm not that worried about the Chinese Gov - since I don't live there or work there, just using China because it's a popular bogeyman (with some justification since they certainly do bad stuff ;) ).

Verisign issued fake MS certs in 2001 (0)

Anonymous Coward | more than 2 years ago | (#37251010)

Here [schneier.com] and here [techrepublic.com] .

Oh Good (2)

thegarbz (1787294) | more than 2 years ago | (#37250360)

Oh Good. We can visit something such as Gmail.com with a fraudulent certificate and no one would notice. But god forbid I self sign my home webserver certificate, that must be met with a wrath of a bright red page warning me about the dangers of a possible man in the middle attack and that no one should visit my site under any circumstances!!! /rage

But on a more serious note shouldn't this right now be a clear indication to those in defense of using SSL / TLS to establish identity that their system is horrendously flawed and that maybe self signed certificates are in fact not any worse then any certificate verified by a picture of Ben Franklin?

Re:Oh Good (0)

Anonymous Coward | more than 2 years ago | (#37250992)

> But god forbid I self sign my home webserver certificate, that must be met with a wrath of a bright red page warning me about the dangers of a possible man in the middle attack and that no one should visit my site under any circumstances!!! /rage

It's quite logical. Trusting CA issued certificates works quite well, with the exception of the occasional screw-up such as the one in TFA. If browsers accepted any self-signed certificate, Iran (and any other country interested in your email, or online banking, etc.) would have simply self-signed a certificate. That this instance of broken trust is such a big deal proves that in general, the current system works reasonably well. I'm not saying there isn't room for improvement, but allowing any self-signed certificate without warning would be less secure than the current situation.

No need to wait (1)

sjames (1099) | more than 2 years ago | (#37250364)

There's no need to wait for a patch. In Firefox, under preferences->advanced->encryption, select view certificates. Just select digi notar and either click delete or edit and then uncheck everything.

CAs must understand that they will be erased from existence by browser providers, security admins and end users if they violate the public trust in this way. They don't have enough bribes, threats, or lies to get out of the hole they dig for themselves when they sell out.

Re:No need to wait (1)

Greyfox (87712) | more than 2 years ago | (#37250422)

Ooh that's neat. While I'm in there, how much do I trust Chunghwa... really?

Re:No need to wait (1)

wvmarle (1070040) | more than 2 years ago | (#37250552)

Trolling because that name sounds Chinese? And why would you trust Verisign and all the others?

The answer is: because trust is what their business is built upon. Break that trust, break your business, like what's now happened to diginotar. And that's why you can trust them: because they need you to trust them, and that's a good reason for such a business to be and to remain trustworthy.

That said of course we should remain vigilant. Trust is just that - trust. It needs independent verification, and how we can do that properly well I don't know yet. Other than staying vigilant, and reporting issues like this one as soon as they are found.

Re:No need to wait (1)

sjames (1099) | more than 2 years ago | (#37250582)

And there's the real problem with the current structure. Too many CAs nobody's ever heard off, practically all of which consider profit to be the only thing that counts in the world.

CA abstract concept of real-world bank/government (0)

Anonymous Coward | more than 2 years ago | (#37250378)

Hey - just like software is an abstraction of real-world objects, and the web an abstraction of society - CA's could be the abstraction of a real-world bank or government. There is room for corruption.

shock. horror.

Just sayin'

Remove and erase (0)

Anonymous Coward | more than 2 years ago | (#37250544)

There is just one solution.

Remove them from the list of trusted roots, they are no more trusted.
This will of course kill their business, but that is the only way they will learn, and others will learn from that too.
Do not accept a donation from them to stay in the cert list in Firefox, not even millions of $$$.
They failed our trust

Liability (2, Interesting)

Anonymous Coward | more than 2 years ago | (#37250652)

Question for lawyers. If I bought a certificate from DigiNotar, can I sue them for damages? My certificate is unchanged so I have not been directly damaged. However, their business model is based on trust and once they are blacklisted, my cert while not be useful.

Re:Liability (1)

plaukas pyragely (1630517) | more than 2 years ago | (#37250878)

For starters just contact them and ask for a refund + switch to other provider.

We work for cash, not for fun; we want our cash... (1)

rts008 (812749) | more than 2 years ago | (#37250968)

Make an appointment and come to our office.
Oh yeah, bring money. Preferably, a lot of money.

          signed, your lawyers:
Dewy, Cheatem, and Howe

lovely (5, Insightful)

roman_mir (125474) | more than 2 years ago | (#37250882)

I love how every [slashdot.org] time [slashdot.org] when the discussion is brought up that browsers need to stop treating https with self signed certificates worse than they treat plain http (just don't show the lock icon, show an icon for the fingerprint, which would make it easy to display the fingerprint for comparing it to a known one), some fool immediately starts talking how browsers must treat https with self signed certs worse than http because https without CA means that your session is vulnerable to the MITM.

Of-course when it is pointed out [slashdot.org] that CA does not guarantee that there is no MITM either, the discussion dies out but the opinions never change.

Well how much longer will the opinions can stay the same with all the evidence that CAs do not in fact guarantee that there is no MITM?

More importantly: who is talking about browser being responsible to figure out whether there is MITM or not with a https and a self signed cert?

This cognitive dissonance needs to be eradicated.

Paranoid seeks confirmation from other paranoids (0)

Anonymous Coward | more than 2 years ago | (#37250988)

Anyone else removing all of the "approved" certificates from Firefox upon installation and relying instead upon hashes at first use (I wish these were easier to view like in SSH) and the Perspectives plugin?

Even the big names cut corners... (0)

Anonymous Coward | more than 2 years ago | (#37251308)

For the record, even the big names cut corners. I've a Managed PKI account with one of the 'big name' CAs and jumped through ridiculous hoops to get the whole thing setup. Lots of legal records, documents from company house, attestations from the company directors etc. With a number of domains to manage and a complex (Fortune 500) company structure it took about 6 weeks start to finish. While also paying top dollar, I felt the end result would be worth it. ...until two months ago when I happened to learn of a new web page out there that looked like my company and using a domain that was obviously a variation. And in the certificate by *that same* big name CA was my company name...letter for letter, exact detail match, country etc...no variation. Probably copied from my real certs.

On investigation, the domain was registered to a digital agency and had been engaged by an individual in marketing for some promo or other. While I was relieved that this wasn't malicious we also determined that the CA had been happy to issue this cert to this digital agency without any checks whatsoever. When I contacted my AE at the CA, they were basically dismissive with their response amounting to "we figured the other company was well known so it was probably safe enough". The guy who had bought the cert said they didn't really check who he was and he'd paid on his personal CC....

The whole CA industry is a farce.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>