Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

(Possible) Diginotar Hacker Comes Forward

timothy posted more than 2 years ago | from the have-in-my-hand-a-list-of-names dept.

Security 215

arglebargle_xiv writes "At the risk of burning people out on the topic of PKI fail, someone claiming to be the Diginotar hacker has come forward to claim responsibility: It's the ComodoGate hacker. He also claims to 0wn four more 'high-profile' CAs, and still has the ability to issue new rogue certificates, presumably from other CAs that he 0wns." Whether this claim turns out to be truthful or not, what led to the breach in the first place? Reader Dr La points to an interim report commissioned by the Dutch government (PDF), according to which "a) No antivirus software was present on Diginotar's servers; b) 'the most critical servers' had malicious software infections; c) The software installed on the public web servers was outdated and not patched; and d) all servers were accessible by one user/password combination, which was 'not very strong and could easily be brute-forced.'"

cancel ×

215 comments

Sorry! There are no comments related to the filter you selected.

Weakest link (2)

Errol backfiring (1280012) | more than 2 years ago | (#37315464)

Yep. Our whole security system is exactly as strong as the weakest link.

Re:Weakest link (2, Insightful)

houstonbofh (602064) | more than 2 years ago | (#37315516)

And crap like this is why I don't understand why my browser has to go apeshit over self singed cirts. "Oh My God! You may be at risk because this cirt was MADE BY SOMEONE WITH A CLUE!"

Re:Weakest link (-1)

Anonymous Coward | more than 2 years ago | (#37315584)

Dang if my cirts were singed I'd be pretty peeved. I'm assuming cirts are some sort of breakfast cereal? But, if you self singed them you have only yourself to blame. Now, certs on the other hand - if they are self signed rather than self singed - prove exactly nothing and act just as a facilitator for encryption. Hmm, sort of like the non-self singed, I mean self-signed certificates these days. They also seem to be about proving, well, nothing, due to attacks like this that show our trust chains to be faulty. I mean even the PKI CAs my company uses for Smart Card logon and encryption certificates are much more secure than what is described for these DigiNotar people. Much more secure.

Re:Weakest link (4, Funny)

arglebargle_xiv (2212710) | more than 2 years ago | (#37315614)

And crap like this is why I don't understand why my browser has to go apeshit over self singed cirts.

The browser is acting as a food critic. Everyone knows cirts should be cooked rare, not singed. That just spoils the flavour.

Re:Weakest link (1)

Jawnn (445279) | more than 2 years ago | (#37316220)

I don't care if he singes things himself or not, but I am a bit concerned over this "cirt" thing. It sounds like it could be painful if singed.

Re:Weakest link (0)

Anonymous Coward | more than 2 years ago | (#37315630)

And crap like this is why I don't understand why my browser has to go apeshit over self singed cirts. "Oh My God! You may be at risk because this cirt was MADE BY SOMEONE WITH A CLUE!"

A clue about making a certificate that's worthless against MITM attacks? Congratulations on identifying yourself as completely fucking clueless.

Re:Weakest link (0)

houstonbofh (602064) | more than 2 years ago | (#37315772)

No, I really am not concerned with MITM attacks on my own LAN, and in the VPN network. To keep the dogs in the yard, a latch really is as good as a key. And it still trivially encrypts the connection. There are many reasons to have some security when you can not justify the $400 for a cirt that still does not stop MITM attacks. That is the fucking point!

Re:Weakest link (1)

Anonymous Coward | more than 2 years ago | (#37315870)

Why don't you have the admin's sig added to the authority list in the browser then? You know, actually tell the browser that this signatory is OK instead of expecting it to not warn people in a situation which 95% of the time is a massive security hole?

Re:Weakest link (1)

heypete (60671) | more than 2 years ago | (#37315934)

You are, I trust, aware that there are CAs out there that offer free (or very nearly free) certificates that are widely trusted by browsers, and so won't annoy users with annoying warnings. Why not use those?

Re:Weakest link (1)

Junta (36770) | more than 2 years ago | (#37316256)

No, I really am not concerned with MITM attacks on my own LAN, and in the VPN network.

That's a particularly special case, sounds like you are accessing a remote work server from home using a technology explicitly designed to be unobtrusive and by extension indistinguishable from any other internet connection. Not exactly the scenario where a browser can reasonably detect and change behavior even *if* it were a good idea. Of course, a number of VPN client rely upon DNS and SSL certificates to initiate the connection, so a MITM during VPN connection establishment is not entirely out of the question. Put another way, If you were so confident in the VPN providing all the security, why use https at all?

for a cirt that still does not stop MITM attacks.

Has anyone analyzed how many browsers already have updates invalidating DigiNotar authority or discussed if DigiNotar has a functional OSCP that is returning accurately? The system when used *as designed* does stop MITM attacks. This is the first widespread compromise of a CA that I can recall, and I expect already many users are in browsers that already distrust the compromised key. I suspect most people will have updated their CA certs without even being aware of this incident within a few months. So it does stop MITM attacks.

Then start your own private CA (1)

tepples (727027) | more than 2 years ago | (#37316392)

I really am not concerned with MITM attacks on my own LAN, and in the VPN network.

I agree with Anonymous Coward [slashdot.org] : start your own private certificate authority and install its root certificate on PCs on your LAN and PCs that connect to your VPN.

Re:Weakest link (1)

grnbrg (140964) | more than 2 years ago | (#37315786)

A clue about making a certificate that's worthless against MITM attacks? Congratulations on identifying yourself as completely fucking clueless.

You better get in touch with all the admins running their ssh daemons with self-generated (and unsigned!) host keys! How could such a gaping vulnerability be missed?!

Re:Weakest link (1)

heypete (60671) | more than 2 years ago | (#37315946)

SSH is not as widely used by the general public, who has little knowledge of security, and wouldn't know how to verify a key fingerprint (or understand why they needed to do so) if asked.

Re:Weakest link (1)

grnbrg (140964) | more than 2 years ago | (#37316082)

You missed the point -- parent post suggests that self-signed certificates don't prevent MITM attacks.

ssh doesn't even bother to sign the host keys (certificates), and it does quite well in preventing them.

For that matter, even the current implementation of browsers prevents MITM attacks with self-signed certs.... If I connect to a site with a SS cert, I get a warning about it, and whitelist that cert. If I come back some other time, and there is a new self signed cert, I get the warning again. Since I know I already whitelisted that site, I'm going to dig a bit to find out why the cert changed.

Re:Weakest link (1)

vadim_t (324782) | more than 2 years ago | (#37316436)

Yes, but how do you know whether the first self-signed cert you got is a good one?

With SSH CAs are not needed because somebody else is acting as the CA, either yourself when you're accessing your own system, or whoever is giving you access to theirs. And SSH is only really secure if you actually bother to compare fingerprints.

MITM from day one (2)

tepples (727027) | more than 2 years ago | (#37316478)

If I connect to a site with a SS cert, I get a warning about it, and whitelist that cert. If I come back some other time, and there is a new self signed cert, I get the warning again.

And if there was already a man in the middle on the first day you visited the site, you're screwed. There is the Perspectives project, which uses network route diversity to detect a man in the middle, but it doesn't work so well if the man in the middle is situated between the server with the self-signed cert and its upstream Internet connection, such as a server behind a country's firewall.

Re:Weakest link (1)

Junta (36770) | more than 2 years ago | (#37316118)

How could such a gaping vulnerability be missed?!

It is a vulnerability and it hasn't been missed: http://tools.ietf.org/html/rfc4255 [ietf.org]

SSH should have done x509 from it's inception with self-signed as default. No worse than current state of things with a great opportunity to do better.

Re:Weakest link (1)

Junta (36770) | more than 2 years ago | (#37316070)

This is a huge deal because for browsers/libraries that do not refresh CA certificates promptly, some select population of people can reduce all certs to as bad as self-signed certificates.

Saying self-signed certs are somehow better than certs signed by a compromised CA is rather silly.

Re:Weakest link (3, Insightful)

drolli (522659) | more than 2 years ago | (#37315530)

A good security system is not as weak as the weakest link.

Re:Weakest link (1)

houstonbofh (602064) | more than 2 years ago | (#37315644)

Can you find me 5 people that have never broken the "cup holder" that believe our current system is a "good security system?"

Re:Weakest link (0)

Anonymous Coward | more than 2 years ago | (#37316126)

Can you find me five people that have "broken the cup holder"?

Re:Weakest link (1)

Junta (36770) | more than 2 years ago | (#37316298)

The problem is that our current system may not in practice *be* a 'good security system', but if implemented correctly it *would* be.

The challenge is this will undoubtedly hold true for any proposed alternative implementation strategy, making churning the underlying technology an exercise in futility unless you fix the aspects preventing the x509 system from working as designed.

Re:Weakest link (0)

Anonymous Coward | more than 2 years ago | (#37315738)

Yes it is, it's just that all links are equally strong (or weak if you prefer).

You are right (1)

whoda (569082) | more than 2 years ago | (#37316026)

It's the same as equivalent resistance of resistors in parallel, slightly weaker than the weakest link.

It's Ichsun (1)

GameboyRMH (1153867) | more than 2 years ago | (#37315744)

The hacker is Ichsun again, better known as "skill of 1000 hackers."

Servers run by Diebold (1)

cvtan (752695) | more than 2 years ago | (#37315466)

Clearly they were using voting machines for web servers. That explains everything. Oblig: http://xkcd.com/463/ [xkcd.com]

"No antivirus software was present" (2)

Neil_Brown (1568845) | more than 2 years ago | (#37315468)

on Diginotar's servers

Is this uncommon? Do most (sane) administrators run anti-virus on each of their servers?

Re:"No antivirus software was present" (2)

imroy (755) | more than 2 years ago | (#37315500)

Do most (sane) administrators run anti-virus on each of their servers?

I guess you do if you're running Window servers, which apparently Diginotar were.

Re:"No antivirus software was present" (1)

somersault (912633) | more than 2 years ago | (#37315504)

If they're Windows servers, then yes..

Re:"No antivirus software was present" (0)

Anonymous Coward | more than 2 years ago | (#37316200)

In that case, I don't think an antivirus program would have fixed their issues.

Re:"No antivirus software was present" (0)

Anonymous Coward | more than 2 years ago | (#37315542)

Umm, Yes? I would have used the word "Don't" instead of "Do".

Re:"No antivirus software was present" (0)

Anonymous Coward | more than 2 years ago | (#37315602)

Sure, most admins will run AV software on their Windows boxes. However, a reasonable security protocol would have been to have the servers containing the private keys on a different network that would be physically inaccessible from the outside and from the general corporate network, which would largely negate the need for anti-virus software. The fact that someone was able to remotely compromise the private signing keys points to general incompetence at Diginotar.

Re:"No antivirus software was present" (1)

gmuslera (3436) | more than 2 years ago | (#37315616)

Is debatable if running windows in critical servers is something that sane administrators would do. sane administrators shouldt need to run antivirus in their servers, either because run something safer or know enough to avoid running into that risks.

Re:"No antivirus software was present" (1)

confused one (671304) | more than 2 years ago | (#37315850)

Well, according to Netcraft, 15% of the web is run on IIS. That's potentially a lot of insanity.

Re:"No antivirus software was present" (1)

jhoegl (638955) | more than 2 years ago | (#37315652)

Only if multiple people have access, or there are user files stored on it would i need anti-virus.

If you are the only one that has access, no user files are stored, and it performs simple tasks... probably not needed.

See, what people who think Anti-virus is important dont seem to understand is that it wont protect against vulnerabilities, nor against 0 day. It is a false sense of security for the senseless. I can run for years without anti-virus and never get a virus. How would I know if I dont have an antivirus, that I dont get viruses? I dunno... how do you know you dont have a virus even with anti-virus?

You see, anti-virus is really the user being smart enough to understand what they are doing, and understand anomalies of the system they are working on.

Re:"No antivirus software was present" (1)

UnknowingFool (672806) | more than 2 years ago | (#37315748)

While your points on 0 day bugs is true, in this case, the malware would have been detected by current AV software. AV software is no magic pill that will solve all security problems however I don't understand why the company didn't use it.

Re:"No antivirus software was present" (0)

Anonymous Coward | more than 2 years ago | (#37315948)

Who cares about AV. They should have been running network monitor configured to detect traffic that should not have been occurring. A virus will initiate at least one outbound connection. Since servers should not do that, it would have been caught right there.

IT is amazing how many servers out there are configured with outbound firewalls set to wide open.

Re:"No antivirus software was present" (0)

Anonymous Coward | more than 2 years ago | (#37316506)

A virus will initiate at least one outbound connection.

Not necessarily - A clever virus could be using side channel communication [wikipedia.org] and have modified a expected connection.
See also http://www.sans.org/reading_room/whitepapers/detection/covert-channels_33413 [sans.org]

Difficult and probably hard to implement, but as long as the server does any legit outbound connections the virus could transmit data there.
(DNS lookups, TCP/UDP and IP header modifications. The options are many)

An air gap'ed network as other posters are describing would make this more or less impossible (or, at least, impractical).

Re:"No antivirus software was present" (0)

Anonymous Coward | more than 2 years ago | (#37315952)

Our (huge) partner insists that all computers must run antivirus, including Linux and OpenBSD servers. Oh, and the person responsible on their end has apparently read in a glossy-print magazine that networking equipment are computers, too. It took some persuading that no, there is no way (or reason, for that matter) to install an antivirus on the damn managed switch. Fun fun fun - this is what you get when you replace critical thinking with a checklist-wielding monkey. Next up: the monkey discovers that the coffee machine also contains an embedded computer.

Fear the mighty script kiddy (3, Insightful)

jellomizer (103300) | more than 2 years ago | (#37315478)

We need to stop giving these "Hackers" such press. Oh they broke into a insecure system. They must be real Computer Geniuses. There should be far more press about the state of the hacked sites security, and less on those actual hackers. The hackers are just some dumb kids who did some quick searching around and got some silly tools. The real story is that such organizations have such a poor security.

Re:Fear the mighty script kiddy (1)

cpscotti (1032676) | more than 2 years ago | (#37315632)

I kind of agree with you on the press thing but saying they are "just silly kids" is a bit too far. You mention the obscure term "silly tools", but then WHO makes the SILLY tools? And what makes you think that whoever built the SILLY TOOL is not using it.

It's not that simple. If it was that simple the "mafias/organized crime" would dominate this "for profit". If you really don't acknowledge that some of this kids work HARD and are indeed quite skilled than I'll assume you have never tried hacking anything while a teenager and that you don't use online banking.

Some of these kids are indeed brilliant. Admiring them or not is the only matter here.

Re:Fear the mighty script kiddy (1)

jellomizer (103300) | more than 2 years ago | (#37316024)

No I wouldn't go that far.
"Organized Crime" wouldn't dominate because there isn't much money/risk for hacking. A single person may make a good living but organized crime has resources and wouldn't be profitable. And for the most part hackers are able to take a site down and create damage but not really get anything really valuable out of it. It would be like the mafia going around knocking down people mailboxes just for the sake of it.

Those tools while made by someone who isn't a complete idiot, But the tools they get they can probably figure out rather quickly. Then cause damage. Ok they are not idiots but they are not super smart.

Re:Fear the mighty script kiddy (1)

erroneus (253617) | more than 2 years ago | (#37316238)

It's not the hacker that is the story, but the light on the security situation at large. That a script kiddy was able to do this adds to the embarrassment. Unfortunately, most people will not understand this fact and will instead seek to destroy all script kiddies. ... this is the same mentality in the medical world that has led to the unintentional creation of MRSA. The over-use and dependence on killing everything that might be a germ has bred superbugs. And these days, they are also seeking to destroy all 'hackers' rather than seeking to manage the security of the networks better.

Honest question: (5, Insightful)

Haedrian (1676506) | more than 2 years ago | (#37315480)

How DOES one become a trusted CA? Shouldn't there at least be some sort of procedure to check that they can be trusted?

Re:Honest question: (4, Informative)

tetromino (807969) | more than 2 years ago | (#37315618)

Well, here [mozilla.org] are the requirements for a CA's certificate to be included in Mozilla products. In particular, they require an independent audit of the CA's policies and internal operations. Presumably other browser vendors follow similar procedures.

Re:Honest question: (1)

houstonbofh (602064) | more than 2 years ago | (#37315680)

Well, here [mozilla.org] are the requirements for a CA's certificate to be included in Mozilla products. In particular, they require an independent audit of the CA's policies and internal operations. Presumably other browser vendors follow similar procedures.

Now I get it! He was not a hacker, or a cracker. He was an independent auditor!

Re:Honest question: (1)

Anonymous Coward | more than 2 years ago | (#37315762)

Maybe it was this auditor [serverfault.com] .

Re:Honest question: (1)

bill_mcgonigle (4333) | more than 2 years ago | (#37316088)

Nah, sounds more like this one [wikipedia.org] .

Re:Honest question: (0)

Anonymous Coward | more than 2 years ago | (#37316040)

And everyone can see how that procedure is actually effective. Diginotar's cert is in Firefox, despite's the company not following even rudimentary security practices ...

Re:Honest question: (3, Interesting)

bill_mcgonigle (4333) | more than 2 years ago | (#37316122)

And Mozilla gave these jokers a pass while raking CACert across the coals [mozilla.org] .

That distinction is very instructive as to the real motivations of the PKI industry.

Re:Honest question: (1)

DdJ (10790) | more than 2 years ago | (#37315634)

How DOES one become a trusted CA?

By social engineering applied to the browser vendors.

Re:Honest question: (1)

LighterShadeOfBlack (1011407) | more than 2 years ago | (#37315662)

Also, shouldn't there be ramifications for those who don't take that responsibility seriously, to the point of gross negligence?

Re:Honest question: (2)

timmy.cl (1102617) | more than 2 years ago | (#37315678)

You definitely hit the nail! We should establish a new system that proves the CA's are trustworthy. I'd name it CACA*, for Certification Authorities' Certification Authority. Better yet, it should be decentralized, so there should be many independent CACAs all around the world, and every computer out there will have every CACA's certificate installed. This will definitely be the ultimate, perfect, unbreakable trust system.
 
* Pun intended: "caca" is spanish for poop.

Re:Honest question: (0)

Anonymous Coward | more than 2 years ago | (#37315888)

Yeah, the process is that all of the major browser vendors give you the green light and you're added to the browsers without the majority of computer illiterate users understanding that this has occurred or the implications of it.

WTF?! (-1)

Anonymous Coward | more than 2 years ago | (#37315482)

I almost want to have a seizure reading this crap. It's filled with details, none of them USEFUL to anyone. It's written in the format of an officer candidate education way. It gets several things blatently wrong. PATHETIC.

Re:WTF?! (1)

somersault (912633) | more than 2 years ago | (#37315546)

It all made sense to me, and it's useful to know that SSL is less than trustworthy right now.

By the way - you spelled blatantly wrong while saying things were wrong. Ho ho ho.

Re:WTF?! (0)

Anonymous Coward | more than 2 years ago | (#37316324)

SSL is not less than trustworthy. It's functioning exactly as intended. The failure is entirely due to the concept of "transitive trust": the concept that you browser vendors accept trustworthiness claims from almost anyone on the planet, and subsequently validate unknown websites on your behalf.

That is the broken concept. Not ssl/tls.

CAs are dinosaurs (0)

Anonymous Coward | more than 2 years ago | (#37315494)

What a joke. We need to move to something beyond relying on centralized CAs.

Re:CAs are dinosaurs (0)

Anonymous Coward | more than 2 years ago | (#37315716)

Criticism is USELESS without alternatives.

Re:CAs are dinosaurs (0)

Anonymous Coward | more than 2 years ago | (#37315752)

Care to suggest how? CAs are necessary because you need a relatively small number of signees whose signatures can be passed around widely in order to allow them to be 'known' to everyone, thereby allowing people to know if a man-in-the-middle attack is occurring. If the signee of a cert isn't previously known to the user then they have no way of knowing if the signature (or the cert) is valid.

The solution is not to remove centralized CAs but to adopt standard practice of utilising multiple signatories, both CAs and other lesser known organisations, thereby greatly reducing the risk of poisoning from one or two CAs being compromised and allowing a proper 'web of trust' to be established for any given user by enabling a lower-level hierarchy of lesser known organisations (but known to a particular user) that can provide verification on-top of the primary CAs.

More details from the Pastebin source (2)

arglebargle_xiv (2212710) | more than 2 years ago | (#37315552)

According to the hacker's Pastebin message, one of the other CA's he's 0wned was GlobalSign, a fairly major CA for which it won't be so easy to pull the root certificate as it was for Diginotar. He's also claiming responsibility for the StartSSL breach that occurred a month or two back. GlobalSign have reportedly gone into panic mode. It also includes other details like:

I got SYSTEM privilage in fully patched and up-to-date system, how I bypassed their nCipher NetHSM, their hardware keys, their RSA certificate manager, their 6th layer internal "CERT NETWORK"

as well as their domain admin password Pr0d@dm1n (you can see why Dignotar passed their security audit, they didn't use password1).

WTF? (-1, Troll)

Randseed (132501) | more than 2 years ago | (#37315558)

What in the flying name of crap is this shit? First off, they didn't hack anything: this is more of a social engineering attack. Second, WHY THE GODDAMN FUCK IS THIS NEWS? I do penetration testing on my own damned home network. If some moron decides to set up an insecure network (and I have a few as neighbors), then screw'em. If people are clicking "OK" on random certificates...screw'em.

Re:WTF? (1)

ledow (319597) | more than 2 years ago | (#37315600)

Because, if you understood anything about PKI, you'd know that all major browsers would have trusted these certificates by default for over a month for sites such as Google, Windows Update and a myriad other popular sites.

And still we don't know what else may have slipped through the net and got certified. The hack was hardly social engineering either - they brute-force cracked Windows domain passwords after gaining entry through compromised web-based servers.

Yes, the CA is an idiot (first, they were running Windows servers in the same domain for certificate generation and day-to-day management, for God's sake!), and they should have noticed... but to the end-user and even associated techies (like the entire Dutch government IT who were trusting these certificates) it's big news.

Next time you go on Google, be thankful your browser has been checking OSCP revocations and hope that you DIDN'T visit Google in the time before the revocations occurred (several weeks).

Re:WTF? (0)

Anonymous Coward | more than 2 years ago | (#37315610)

Because people wouldn't have been clicking OK on random certificates; these were signed certificates for a variety of domains from a CA that browsers until recently trusted. There would have been absolutely no indication that the certificates hadn't actually been issued by Diginotar, because as far as the browser was concerned they had been.

If you can't figure out why this is news, perhaps you should try a different career path.

Re:WTF? (0)

Anonymous Coward | more than 2 years ago | (#37315684)

What in the flying name of crap is this shit? First off, they didn't hack anything: this is more of a social engineering attack. Second, WHY THE GODDAMN FUCK IS THIS NEWS? I do penetration testing on my own damned home network. If some moron decides to set up an insecure network (and I have a few as neighbors), then screw'em. If people are clicking "OK" on random certificates...screw'em.

Not everyone is a L33t Haxxor like you. Many of us (the rest of the planet) don't have a ton of time to apply to computer science, that's why we pay people to make our stuff work.

The organization is the interesting part (1)

alfredos (1694270) | more than 2 years ago | (#37315582)

How does an organization that works with moderately complex technology, where security is of the utmost importance, go down such a dark alley so many others have treaded before with foreseeable and dreadful consequences? Point-haired bosses? perhaps appointed by politicians? Too good a business to think about the pillars? Seriously, did they never ever have anyone raise the alarm? What happened if someone did?

Re:The organization is the interesting part (2)

houstonbofh (602064) | more than 2 years ago | (#37315712)

Doing it right costs more money than the PHBs want to spend. At every job I have had, I have gone to management with "This is a bad idea, and it will bite us." Most of the time when we get bit, I do not get the blame. Sometimes, even with the repeated and documented warnings, I get the blame anyway. And soon after, a new job with a, hopefully, more sane company.

Re:The organization is the interesting part (1)

rjstanford (69735) | more than 2 years ago | (#37316190)

Maybe if you'd gone to them with "This is a bad idea, it has a xx% chance every month we're doing it of costing us $$$ in direct fees and around $$$ in indirect bad press. I can rectify it for $ plus $ per month," they'd have taken you up on the suggestion?

Alternately, maybe you would have realized as they did (correctly in some cases, not so in others, I'm sure) that the economics actually supported not fixing the problem?

Re:The organization is the interesting part (1)

houstonbofh (602064) | more than 2 years ago | (#37316536)

I can accept that in many cases. It is when they flip flop later to blaming me for the exact thing I warned them about that I start polishing up the CV.

Re:The organization is the interesting part (0)

Anonymous Coward | more than 2 years ago | (#37316214)

This was not an IT company. The company was founded by a notary, and just grew from there. Naivety in its purest sense, indistinguishable from criminal negligence

No antivirus software on the server? (2)

caseih (160668) | more than 2 years ago | (#37315594)

May we assume by this finding in the Dutch report that the servers were not running any form of Unix or Linux? In any case I do not see how an antivirus program is going to stop an intrusion.

I used to chuckle when our local credit-card processing system would ask me to ensure that my web server had an up to date antivirus package installed. Rather than out right lie, I explained to them that my web server ran Linux and that they don't run antivirus software, but are kept patched and secured with proper firewall rules and proxy servers, and protected by the IDS at the border of the DMZ.

Anyway, not even sure why they mentioned antivirus software at all. The problem was more systemic. Their entire system did not seem to be built with security in mind. Where was the IDS? Why did the public-facing servers have the CA private certificates on them at all?

Re:No antivirus software on the server? (1)

ledow (319597) | more than 2 years ago | (#37315666)

Worse than that - their all-Windows servers (including the signing server) were all part of the same domain and so all could be logged into with a single set of credentials (which is what the intruder had, by brute-forcing that crappy password) and all joined to the same networks.

Re:No antivirus software on the server? (0)

Anonymous Coward | more than 2 years ago | (#37315886)

All major AV firms now have antivirus packages for Linux (Un*x) that offer both realtime (on-access) and on-demand (hand-started) virus scan protection. They protect the Linux OS as well as the Windows people who connect to Samba, Apache etc. from the transmission of malware. They utilize old-school fingerprint/signature based recognition, heuristic scanning, system and application behaviour monitoring / control , sometimes sandboxing and even queries to the Cloud if you allow it, for layered defence.

Any Unix admin who does not run them, despite having a suitably powerful hardware and suitably modern distribution, does not simply suffer from a bad case of hubris, they are outright stupid and deserve to get p0wned through the back orifice with a whole baseball bat on fire.

'Claiming' to be the hacker? (5, Insightful)

plover (150551) | more than 2 years ago | (#37315606)

Hell, if he really hacked it, he'd have signed the message with DigiNotar's key. He's the only person in this whole debaucle I'd trust to actually have a clue as to how to really use their certificates.

Re:'Claiming' to be the hacker? (0)

Anonymous Coward | more than 2 years ago | (#37316208)

This kind of key can't sign arbitrary messages.

Re:'Claiming' to be the hacker? (1)

cronius (813431) | more than 2 years ago | (#37316468)

He could publish a signed certificate of "ComodoGateHackerOwnsDiginotar.com". Or he could sign a domain name consisting of e.g. a base64 encoded compressed message.

Re:'Claiming' to be the hacker? (1)

chrb (1083577) | more than 2 years ago | (#37316518)

As a proof to show that he really did infiltrate DigiNotar, he shares the domain administrator password of the CA network: Pr0d@dm1n. DigiNotar would be able to confirm if this was accurate or not.

Maybe something will come of that...

AV? (0)

Anonymous Coward | more than 2 years ago | (#37315638)

Antivirus would have done little, how about some intrusion detection? If you are a CA and you don't do that, you deserve to go out of business.

"0wn" (0)

Anonymous Coward | more than 2 years ago | (#37315656)

Someone is 12 years old.

epic FAIL (1)

inode_buddha (576844) | more than 2 years ago | (#37315698)

"a) No antivirus software was present on Diginotar's servers; b) 'the most critical servers' had malicious software infections; c) The software installed on the public web servers was outdated and not patched; and d) all servers were accessible by one user/password combination, which was 'not very strong and could easily be brute-forced.'"

 

EPIC FAIL
 

Re:epic FAIL (0)

Anonymous Coward | more than 2 years ago | (#37315908)

From this description it sounds like they were running windows 98....

Re:epic FAIL (1)

jimicus (737525) | more than 2 years ago | (#37316128)

Not necessarily, you put Windows onto a domain and all of a sudden you're one person with Domain Admin rights and a stupid password away from having the whole lot compromised.

Throw in the sort of corporate politics that often leads to non-technical senior managers demanding (and getting) domain admin rights and there you go.

Compromised CAs (2)

unencode200x (914144) | more than 2 years ago | (#37315702)

FTFA:

3.2

Compromised CAs

The attacker(s) had acquired the domain administrator rights. Because all CA servers were members of the same Windows domain, the attacker had administrative access to all of them. Due to the limited time of the ongoing investigation we were unable to determine whether all CA servers were used by the attacker(s). Evidence was found that the following CAs were misused by the attacker(s):-

DigiNotar Cyber CA-
DigiNotar Extended Validation CA-
DigiNotar Public CA - G2-
DigiNotar Public CA 2025-
Koninklijke Notariele Beroepsorganisatie CA-


Stichting TTP Infos CAThe security of the following CAs was compromised, but no evidence of misuse was found (this list is incomplete):-

Algemene Relatie Services System CA-
CCV CA-
DigiNotar PKIoverheid CA Organisatie - G2-
DigiNotar PKIoverheid CA Overheid en Bedrijven-
DigiNotar Qualified CA-
DigiNotar Root CA-
DigiNotar Root CA Administrative CA-
DigiNotar Root CA G2-
DigiNotar Root CA System CA-
DigiNotar Services 1024 CA-
DigiNotar Services CA-
EASEE-gas CA-
Hypotrust CA-
MinIenM Autonome Apparaten CA - G2-
MinIenM Organisatie CA - G2-
Ministerie van Justitie JEP1 CA-
Nederlandse Orde van Advocaten - Dutch Bar Association-
Orde van Advocaten SubCA Administrative CA-
Orde van Advocaten SubCA System CA-
Renault Nissan Nederland CA-
SNG CA-
TenneT CA 2011-
TRIAL DigiNotar PKIoverheid Organisatie TEST CA - G2-
TU Delft CA


For some of these CAs extra security measures were in place (like the CCV CA). This makes it moreunlikely they were misused.

Re:Compromised CAs (1)

unencode200x (914144) | more than 2 years ago | (#37315814)

The timeline:

PUBLIC 13 - Orde van Advocaten SubCA Administrative CA- Orde van Advocaten SubCA System CA- Renault Nissan Nederland CA- SNG CA- Stichting TTP Infos CA- TenneT CA 2011- TRIAL DigiNotar PKIoverheid Organisatie TEST CA - G2- TRIAL DigiNotar PKIoverheid Organisatie TEST CA G2- TU Delft CA 5.3 Plain text left in script to generate signatures on roguecertificates5.4 Timeline

06-Jun-2011 Possibly first exploration by the attacker(s)
17-Jun-2011 Servers in the DMZ in control of the attacker(s)
19-Jun-2011 Incident detected by DigiNotar by daily audit procedure 02-Jul-2011 First attempt creating a rogue certificate
10-Jul-2011 The first succeeded rogue certificate (*.Google.com)
20-Jul-2011 Last known succeeded rogue certificate was created
22-Jul-2011 Last outbound traffic to attacker(s) IP (not confirmed)
22-Jul-2011 Start investigation by IT-security firm (not confirmed)
27-Jul-2011 Delivery of security report of IT-security firm
27-Jul-2011 First rogue *.google.com OSCP request
28-Jul-2011 First seen that rogue certificates were verified from Iran
04-Aug-2011 Start massive activity of *.google.com on OCSP responder
27-Aug-2011 First mention of *.google.com certificate in blog
29-Aug-2011 GOVCERT.NL is notified by CERT-BUND
29-Aug-2011 The *.google.com certificate is revoked
30-Aug-2011 Start investigation by Fox-IT
30-Aug-2011 Incident response sensor active
01-Sep-2011 OSCP based on white list

The words "criminal negligence" come to mind.

Dutch security (1)

SigILL (6475) | more than 2 years ago | (#37315714)

I say that as a dutchman. I'm ashamed to be from the same country as these bozos.

From the report... (5, Informative)

MtHuurne (602934) | more than 2 years ago | (#37315918)

First, here is the actual PDF [rijksoverheid.nl] instead of some web-based PDF viewer surrounded by dubious ads.

The most damning statement from the report (in my opinion) didn't make the summary: "The separation of critical components was not functioning or was not in place. We have strong indications that the CA-servers, although physically very securely placed in a tempest proof environment, were accessible over the network from the management LAN."

I have worked at company that generated encryption keys and they did so on a PC in a locked rack in a locked room with no network connection; such an approach would have prevented this attack.

This fragment from the timeline is also interesting:

19-Jun-2011 Incident detected by DigiNotar by daily audit procedure
02-Jul-2011 First attempt creating a rogue certificate
10-Jul-2011 The first succeeded rogue certificate (*.Google.com)

So an incident was detected three weeks before the first rogue cert was issued.

Does not compute (0)

Anonymous Coward | more than 2 years ago | (#37315922)

Why would an Iranian attacker attempting to monitor Iranian citizens, later claim responsibility and announce control of 4 other CA's.

The only purpose I can see is to undermine the authority of the CA's in order to promote another system, probably under the control of EU/US.

Fox-IT is in the employ of governments and large corporations. Based in EU, is prohibited from trading with Iran. So, if your going to blame someone...

I'm sure there are plenty of western funds available to companies providing solutions to threats such as WikiLeaks and freedom of speech in general. For example, Cameron's response to London riots was to ban twitter. Twat

All Messages from ComodoHacker (2)

eulernet (1132389) | more than 2 years ago | (#37315960)

Here are the messages from ComodoHacker on pastebin:

http://pastebin.com/u/ComodoHacker [pastebin.com]

He published a cert for Mozilla in March.

Bacon (1)

blueg3 (192743) | more than 2 years ago | (#37315964)

a) No antivirus software was present on Diginotar's servers;

As per the XKCD, if this is a problem, you're already doing it wrong. Antivirus software won't save you against sophisticated attacks, only unsophisticated ones. CAs need to be safer than that.

b) 'the most critical servers' had malicious software infections;

Probably because of (c).

c) The software installed on the public web servers was outdated and not patched;

Seriously, everyone who runs a business should know not to do this.

and d) all servers were accessible by one user/password combination, which was 'not very strong and could easily be brute-forced.

Well, that's just stupid.

So (c) and (d) are the real problems, and they're pretty obviously problems.

Well, there's one thing they got right... (1)

grangerg (309284) | more than 2 years ago | (#37315976)

a) No antivirus software was present on Diginotar's servers;

This shouldn't have been listed; it should be considered a good thing. However, considering the rest of the things they did, I doubt they actually knew it was a good idea.

Antivirus software on a production server should be the exception, not the norm; it's just one more attack vector. In the end, it's just a blacklist pattern matcher. If the exploit isn't on the list, it goes right in the front door---and it can't watch all the "doors" either. The AV companies have some really good marketing going on if the FUD has the security experts this paranoid.

Re:Well, there's one thing they got right... (1)

0123456 (636235) | more than 2 years ago | (#37316046)

a) No antivirus software was present on Diginotar's servers;

This shouldn't have been listed; it should be considered a good thing.

If they were running antivirus software it would mean they were running Windows on their servers, which would be insane.

Re:Well, there's one thing they got right... (0)

Anonymous Coward | more than 2 years ago | (#37316072)

Well... they *were* running Windows on their servers. See posts above. It's headdesking stuff!

SSH does it right. (1)

grnbrg (140964) | more than 2 years ago | (#37316016)

The ssh host key for a server is generated automatically by the ssh daemon the first time it runs.

The first time a user connects to that server, they get a fingerprint they can check, and a "This is the first time you've connected to this host, are you sure it's the right one?". Subsequent connections are silent, unless the host key changes. You get a big, scary message if a host you've allowed in the past changes it's key. (As this signals a potential MITM attack.)

SSL certs should be handled the same way by the browser. If you tell the browser you trust CAs, then a new certificate can be automatically approved. Self-signed certs (or all certs if you opt to not trust CAs) get a quiet "Oh, this is a new server. No big deal. Are you sure it's legit?" message. If any cert changes before its expiry date, shout dire warnings. (If a cert changes, but the stored fingerprint has an expiry date that is passed, tell the user in a non-threatening way that they need to be sure of their destination.)

In nearly all cases, the question of who made a certificate is not of any real use to the end-user. All they need to know is that the server they connected to yesterday (their bank, Facebook, GMail, or whoever) is the same server they tried to connect to yesterday.

Re:SSH does it right. (1)

grnbrg (140964) | more than 2 years ago | (#37316112)

Dammit.

".... is the same server they're trying to connect to today."

Re:SSH does it right. (2, Informative)

Anonymous Coward | more than 2 years ago | (#37316152)

There's an add-on for Firefox called Certificate Patrol which does precisely that - it even shows you the diff between the old and new certificate. Alas, it still requires constant vigilance - Joe Random User will click through any warning, no matter how scary, if promised scantily clad dancing bunnies.

And I am not buying it (1)

iamhere (1261236) | more than 2 years ago | (#37316092)

It's not really likely that this person did the 'hacking' on his own. The certificates somehow found their way into the Iranian backbone networks and I do no believe that they got there by the actions of one person, nor do I believe that they could get there without the backing of the Iranian government (or some cabal within it). The message on pastebin is clearly formatted to make some people believe in a ' lonely superhacker', but I am not buying that line. For one the first sentence ends on 'us'.

Re:And I am not buying it (1)

Errol backfiring (1280012) | more than 2 years ago | (#37316204)

Why not? It seems that you can hire entire botnets including hacking software of your choice. So a brute-force attack is hardly anything you need to make your hands dirty on. The hardest part is finding a vendor without attracting attention.

Apart from that, I find it hard to believe that a malicious hacker would step out into the open. And an ethical hacker would have gone public very soon after the hack.

The irony... (2)

rainer_d (115765) | more than 2 years ago | (#37316232)

...of an ad selling "high assurance ssl certificates" on the top of this page is hardly beatable.

"High assurance" now just means "not p0wned, yet".

And Yet (0)

Anonymous Coward | more than 2 years ago | (#37316386)

In all the responses I see here, not a single one blames the hacker for breaking in and stealing these certificates.

Why not?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>