Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

GlobalSign Suspends Issuance of SSL Certificates

Unknown Lamer posted more than 2 years ago | from the trust-no-one dept.

Security 111

Joining the ranks of accepted submitters, realxmp writes "The BBC is reporting that GlobalSign has stopped issuing certificates because of yet another suspected CA security breach. This was in response to a post on the ComodoHacker paste bin, claiming that this and several other CA's have also been compromised." No word yet on whether they were actually compromised.

cancel ×

111 comments

Sorry! There are no comments related to the filter you selected.

At some point (3, Insightful)

SlippyToad (240532) | more than 2 years ago | (#37328020)

You have to wonder if these people are serious about their craft, or just phoning it in. If they are in the security business, you expect they'd at least make a half-assed attempt at securing THEIR OWN BUSINESS.

Re:At some point (1)

h4rr4r (612664) | more than 2 years ago | (#37328454)

Why would they?
Security costs money, these folks sell the illusion of security so that is what they use for themselves as well. When marketing and MBAs run companies this is what you get.

Re:At some point (1)

rednip (186217) | more than 2 years ago | (#37329010)

When unaccountable people run companies this is what you get.

There, I fixed it for you.

Re:At some point (0)

Anonymous Coward | more than 2 years ago | (#37329294)

Your parent poster had it right. If you want to fix something, fix the typo in your sig.

Re:At some point (0)

Anonymous Coward | more than 2 years ago | (#37330106)

I'm sorry, are you implying that MBAs don't as a class shirk responsibility and pass the blame?

Re:At some point (1)

elsurexiste (1758620) | more than 2 years ago | (#37328496)

There are two possible scenarios. In the first one, you are right and those fellas at GlobalSign are lame. In the other one, they are doing it because of risk mitigation instead of security.

Re:At some point (2)

andymadigan (792996) | more than 2 years ago | (#37328508)

Selling security is completely different from providing security. Look at TSA for instance, no security provided, but plenty 'sold'. Same with the CAs, their product is a signed certificate which is recognized by browsers, their product is not the security of their own organization. Sure, if they're hacked they'll lose everything, but MBAs think the chance of that happening is so low that it isn't worth it to implement security.

We've also seen what the MBAs will do when a hack does occur - try to keep it a secret for as long as possible. Again, the security of the organization is not the product, just the certificate and some security theater.

Re:At some point (1)

SlippyToad (240532) | more than 2 years ago | (#37328580)

Again, the security of the organization is not the product, just the certificate and some security theater

If my organization mentions buying a certificate from one of these shysters, I'm certainly going to recommend against it.

They may not think their own security is their product, but frankly the entire integrity of their business rides on it.

Re:At some point (2)

h4rr4r (612664) | more than 2 years ago | (#37328684)

But until yesterday you would not have.
So they will fold this company and do it all over again. That is much cheaper than ever bothering with security.

Re:At some point (1)

pe1chl (90186) | more than 2 years ago | (#37329138)

The thing is that it does not matter at all how secure the organization you buy your certificate from is.
What matters is how secure the lease secure of those hundreds of organizations that sell certificates is.
You can buy your certificate from the most secure one, but someone else can buy or steal it from the least secure organization and it will be trusted just as much.

Re:At some point (0)

Anonymous Coward | more than 2 years ago | (#37328602)

They are in it for the profit, not the service. You're better off doing it yourself. There is plenty of good information on the Internet, no need for such companies.

Re:At some point (3, Interesting)

HermMunster (972336) | more than 2 years ago | (#37328702)

The Comodo and Diginotar break-ins and theft were traced to Iran. To me, when I read the pastebin post, I felt it was a cover up bit meant to mislead the general public. Any additional hack thereafter, such as GlobalSign, would simply be to cover up their actions.

I'm not talking about hiding the activity, but to make it seem like Iran wasn't a participant. And, they were. The purpose of those thefts is to act as a man-in-the-middle to fool the Iranian citizens into thinking that they were speaking with these social and search sites as if they were the original. SSL is the foundation of secure communication over the internet. Browsers use those to verify a site is the actual site. Acting as a man in the middle with a seemingly valid certificate can fool your population into believing you are Google, and hence they can read your mail, watch your searches, check out what you say, and even find out where you are. Iran could easily put up a fake Firefox/Google/Microsoft site and then substitute their own browser that still accepts the certificates.

If GlobalSign is ceasing certificate issuance because of pastebin maybe it is appropriate for now.

My opinion still stands. That pastebin reference was either some fool confessing to every murder and crime on the planet, or it was Iran spoofing the general world public trying to build doubt, thus making it less likely that there'll be major backlash by the governments of the world.

Certificate forgery (by stealing them from legit sources) is really bad for the internet. Seriously bad.

Re:At some point (1)

plover (150551) | more than 2 years ago | (#37330094)

This Certificate forgery isn't all bad (except to the direct victims, who I hope are able to remain safe.) It's a wakeup call if we choose to listen.

The root CA PKI system has always been a house of cards. It's great for the purpose for which it was designed, which is a single top-down hierarchical organization, but that's not the Internet. We've just stuck with it for so long that we've never bothered with the tremendous amount of work it would take to replace it with something better. This is a gust of wind that'sreminded everyone how bad it is. Another few such attacks might force a wholesale change. And that would be good.

Re:At some point (2)

shutdown -p now (807394) | more than 2 years ago | (#37330110)

The Comodo and Diginotar break-ins and theft were traced to Iran. To me, when I read the pastebin post, I felt it was a cover up bit meant to mislead the general public. Any additional hack thereafter, such as GlobalSign, would simply be to cover up their actions.

I'm not talking about hiding the activity, but to make it seem like Iran wasn't a participant.

What on the posted PasteBin messages made you think that it's trying to deflect attention from Iran? It seems like the exact opposite to me, if anything. I mean, the very first message [pastebin.com] from the "ComodoHacker" guy says:

"Rule#3: Anyone inside Iran with problems, from fake green movement to all MKO members and two faced terrorist, should afraid of me personally. I won't let anyone inside Iran, harm people of Iran, harm my country's Nuclear Scientists, harm my Leader (which nobody can), harm my President, as I live, you won't be able to do so. as I live, you don't have privacy in internet, you don't have security in digital world, just wait and see..."

Re:At some point (1)

Solandri (704621) | more than 2 years ago | (#37330898)

The Comodo and Diginotar break-ins and theft were traced to Iran. To me, when I read the pastebin post, I felt it was a cover up bit meant to mislead the general public.

Actually, to me it seems far more likely that the break-in originated elsewhere, then access was sold to Iran.

Re:At some point (2)

ObsessiveMathsFreak (773371) | more than 2 years ago | (#37328914)

These people are not in the security business; They are in the confidence business.

Like Calvin Klein, and psychic hot-lines, the CA's are not selling a product so much as they are selling "peace of mind". They sell a special pen which companies use to fill in that special website check-box next to the word "Secure connections". That's it.

There is nothing magical about a CA issued cert. The Certification Authorities neither certify connections, nor have the authority to do so. They host public numbers on their servers and end users must rely solely on the CAs unearned reputation that the connection is in fact a) secure and b) to the right party. There is no guarantee that the connection is actually either and the CA's cannot issue such guarantees or even verify the situation before or after the fact. Not that they would bother too either.

The CA's certs are best compared to the sale of church indulgences. You pay money, and your encryption sins are forgiven. What sins are those? Well, according to RSA: Chapter 2, verse 7; a self signed cert (while perfectly functional) is a blasphemy against the holy powers and will be punished with eternal damnation unless you repent and fork over a wad of cash to your nearest CA immediately. By the way, bad things can still happen to you because Security works in mysterious ways, but as long as you gave the CA's money, your soul/ass is covered.

I hope someone at Mozilla is reading this, because the next time I have to click through that irritating little yellow jerk four times just to stop people sniffing my web traffic, I'm switching to Chrome. Hope that doesn't make you spill coffee out of your complementary Verisign mugs fellas.

Re:At some point (0)

Anonymous Coward | more than 2 years ago | (#37329182)

You don't need CA's or "security" companies. The software is all there, free, honest and open for everyone to use. Why spend millions on something that is free and good?

Re:At some point (1)

ObsessiveMathsFreak (773371) | more than 2 years ago | (#37329698)

Why spend millions on something that is free and good?

Because if you don't the browser with almost 40% market share will throw a hyperventilating fit whenever users connect to your site, and will try its earnest best to frighten them away from you before they so much as see your site logo.

But other than that, yeah, you can go right ahead and self sign your certs. No problem.

Re:At some point (1)

interval1066 (668936) | more than 2 years ago | (#37329804)

Well, you don't spend millions, typically. You just need a few certs for your domain, depending on the number of servers that's a few grand? And I don't know how that works with visualization in the mix.

The cert business (and it is a business, don't let them kid you), is all about trust. They're selling trust. The only reason they're in business is to sell you (if you're running a business web site) is to sell you a piece of code that removes the "untrusted" nag a browser presents the user when they access your secured web site, because they come with a collection of pre-installed certs from recognized CAs. If your willing to put a note on your site telling your users that they need to install YOUR cert, and its a one time thing, then there's really no need to buy into these CAs.

But a lot of enterprises aren't willing to do this, they want the user (who are by and large unfamiliar and don't want to become familiar with this simple process) not to have to deal with it. So the CA business is really a house of cards. They're in business because they got in early and have endorsements from other large entities, the US gov. for one.

I sometimes wonder what the process is like to set up another CA and get the major browser makers to buy in. What would stop you and me from setting up a CA and getting our cert pre-installed on the browsers?

Re:At some point (1)

aztracker1 (702135) | more than 2 years ago | (#37331450)

Chrome isn't much nicer with self-signed certs, it warns every time... Would be nice to get a warning the first time, have it log the cert, and warn if it changes.

Re:At some point (1)

HermMunster (972336) | more than 2 years ago | (#37333176)

Seems more like deflection. Some lone gunman shoots--so to speak.

Chain effect (2)

Baloroth (2370816) | more than 2 years ago | (#37328054)

1. Hack one CA
2. Post on pastebin claiming to have hacked more
3. Watch as they scramble in panic
4. ??????
5. Profit?

It seems quite possible that the hacker is just being a total jerk, if they wanted to actually use certs from a company (like they did Diginotar) they wouldn't announce the hack until it was discovered. So most likely they didn't actually pull off the hack.

Unless 4 is "be a rival CA", in which case you do profit. Or if you hacked a different CA and want people to use that company. Which adds a whole layer of conspiracy possibilities on an already conspiracy-laden hack.

Re:Chain effect (2, Interesting)

vlm (69642) | more than 2 years ago | (#37328788)

3. Watch as they scramble in panic

I think this is not just casual LOL type watching, but scientifically carefully studying the reaction to a semi-credible threat, to figure out how to work around their reaction in a future (real?) event.

How has the collapse of diginotaurus or whatever affected other CAs response?

Re:Chain effect (0)

Anonymous Coward | more than 2 years ago | (#37330230)

In the pastebin, he also claims to have hacked a computer that is not attached to the internet....

Re:Chain effect (1)

QuantumRiff (120817) | more than 2 years ago | (#37333352)

I can see investigating internally, but if you stop issuing, then it means you either found something really, really bad, or things are such a cluster f--k that you can't tell

Personal-interest notes (3, Insightful)

dcollins (135727) | more than 2 years ago | (#37328096)

First time accepted submitter (and Slashdot coder) cogent writes...
With his first accepted submission, quantr tips news...
Hitting the mainpage for the first time, Black Sabbath writes...
Debuting on Slashdot, seezer writes with a piece...
Joining the ranks of accepted submitters, realxmp writes...

For god's sake, stop! We care about the news, not the personalities of the posters!

Re:Personal-interest notes (3, Insightful)

tepples (727027) | more than 2 years ago | (#37328174)

I guess publicly recognizing that a submitter has for the first time written a submission that meets Slashdot's criteria is a way to increase the likelihood that the submitter will submit news of similar quality in the future.

Re:Personal-interest notes (0)

Anonymous Coward | more than 2 years ago | (#37328296)

Gold star! +5!

Re:Personal-interest notes (0)

Anonymous Coward | more than 2 years ago | (#37328628)

Gold star! +5!

More like, "Infinite Monkeys, +1 sometimes, +5 eventually."

Re:Personal-interest notes (1)

ColdWetDog (752185) | more than 2 years ago | (#37328822)

Gold star! +5!

More like, "Infinite Monkeys, +1 sometimes, +5 eventually."

We're (mostly) American here. The better analogy is 'a blind pig gets an occasional acorn'.

Thank you,

The US High Fructose Corn Syrup Benevolent Association.

Re:Personal-interest notes (1)

dyingtolive (1393037) | more than 2 years ago | (#37328934)

Please, we're mostly American here. The best analogy is 'that dere blind pig dun gits its acorn sumthan'.

Re:Personal-interest notes (1)

MagicM (85041) | more than 2 years ago | (#37328856)

And highlighting how frequently stories come from a first-time submitter might spur would-be submitters to get off their ass and try for their 5 minutes of slashdot fame.

Re:Personal-interest notes (0)

Anonymous Coward | more than 2 years ago | (#37333618)

But OMG it wasn't like that YESTERDAY!!! How many words must they MAKE ME REEEEEEEAAAAAAD!?!?!?!

And what does TFA mean, anyway?

Re:Personal-interest notes (1)

SydShamino (547793) | more than 2 years ago | (#37328292)

You say this, and yet people bitched for years about Roland Piquepaille's submissions being constantly accepted, leading people to think that you had to be "in the know" to get your story on the front page.

Re:Personal-interest notes (1)

MichaelKristopeit351 (1968158) | more than 2 years ago | (#37329356)

slashdot = stagnated

Re:Personal-interest notes (1)

Thud457 (234763) | more than 2 years ago | (#37330336)

Re:Personal-interest notes (1)

MichaelKristopeit420 (2018880) | more than 2 years ago | (#37330724)

http://slashdot.org/~Thud351/submissions [slashdot.org]

you're an idiot.

cower in my shadow some more behind your chosen auditory report based pseudonym, feeb.

you're completely pathetic.

Self Signed Certificates (4, Interesting)

roman_mir (125474) | more than 2 years ago | (#37328184)

Self Signed Certificates.

This is what I have been talking about for years and years now. Years and years, and I am on the topic of browsers treating self signed certificates worse than viruses and there are still people disagreeing.

Come on, browsers need to start treating self signed certificates like they are plain old HTTP, with an icon that can be used to view the fingerprint.

That would be a GOOD START. Then start distributing lists of sites to fingerprints, maybe even public certificates, have time stamps and have the site operators cross check the fingerprints in those lists. Have an architecture to verify one list against another dynamically. Have verified lists that are hash signed, have hash keys for lists being distributed. I don't know, there could be all sorts of things done, but instead we are still relying on the centralized signing authority that didn't actually earn any trust. I don't trust any CA, why does anybody trust any CA?

Re:Self Signed Certificates (2)

DarkOx (621550) | more than 2 years ago | (#37328302)

So you want to replace the cryptographically secure method of certificate validation and revocation with your own method where anyone can essentially poison the list of thumbprints.

I agree that self signed certs should be treated like clear text from a security perspective rather than setting off alarm bells but, we still need secure third party identity validation.

Re:Self Signed Certificates (1)

0123456 (636235) | more than 2 years ago | (#37328506)

I agree that self signed certs should be treated like clear text from a security perspective rather than setting off alarm bells

Yeah, because I totally want my web browser not to set off alarm bells when I go to www.mybank.com and it receives a self-signed certificate from that site.

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37328562)

This can already happen with sslstrip [thoughtcrime.org] . A man in the middle attack can just wipe out ssl.. unless you always check to make sure you are genuinely on the https page then you are just as vulnerable to this attack.

Re:Self Signed Certificates (1)

0123456 (636235) | more than 2 years ago | (#37328732)

A man in the middle attack can just wipe out ssl.. unless you always check to make sure you are genuinely on the https page then you are just as vulnerable to this attack.

And, guess what, my web browser does warn me if I go to my bank and it's not encrypted. But most people don't have those options enabled because they're too painful, warning numerous times about sites where I don't care whether the connection is encrypted.

Re:Self Signed Certificates (1)

EyelessFade (618151) | more than 2 years ago | (#37328614)

But its ok that none warnings are issued just because mybank.com spent a lot of money to buy a signed certificate from douchebags-ca.com?

Re:Self Signed Certificates (1)

0123456 (636235) | more than 2 years ago | (#37328682)

But its ok that none warnings are issued just because mybank.com spent a lot of money to buy a signed certificate from douchebags-ca.com?

Untrusted CAs aren't included in the web browser, so there will be a warning unless the browser flags that CA as trusted. That trust may be misplaced, but that's a different issue.

The big flaw with current browsers is that it doesn't tell you when it sees a new certificate where the old one was from bignameCA.com, but the new one is from CAIveneverheardof.ng.

The CA concept is fundamentally broken, but so long as the CAs are legitimately trusted it's vastly more secure than accepting any old crap without warning.

Re:Self Signed Certificates (2)

vlm (69642) | more than 2 years ago | (#37328820)

Untrusted CAs aren't included in the web browser

Insert simpsons voice "ha ha". The whole point is that is just not so.

Re:Self Signed Certificates (1)

0123456 (636235) | more than 2 years ago | (#37328910)

Insert simpsons voice "ha ha". The whole point is that is just not so.

As I said, that trust may be misplaced. But just because some CAs aren't trustworthy, that's no reason to accept self-signed certitificates which are guaranteed not to be trustworthy.

The bad CAs get removed from the browser. No browser developer is going to want to have to track millions of bad self-signed certs, nor could they when anyone can create new ones.

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37329020)

>Untrusted CAs aren't included in the web browser,
bwahahaha HAhaHAha http://www.youtube.com/watch?v=9zSHz7Thvbc
That's such a hilarious statement.

Do you even follow tech news? These CA's are BY DEFAULT included as trusted. Nobody would give a fuck if a CA that wasn't in the chain issued certs. That's basically the same as self-signing. The whole PROBLEM has been that these 'trusted' CAs are quite willing to issue a cert for anysite to anyone for sufficient reason.

>The big flaw with current browsers is that it doesn't tell you when it sees a new certificate where the old one was from bignameCA.com, but the new one is from CAIveneverheardof.ng.
true. There is a FF extension for that

>The CA concept is fundamentally broken, but so long as the CAs are legitimately trusted
But they aren't. Given the practices of most CAs in your browsers default trust list, it's not very difficult at all to fake your identity and gain the credentials for a different site.

Re:Self Signed Certificates (1)

0123456 (636235) | more than 2 years ago | (#37329060)

Do you even follow tech news?

Did you read my post?

Ah, no, because you cropped out the part saying 'That trust may be misplaced'.

Re:Self Signed Certificates (1)

glrotate (300695) | more than 2 years ago | (#37329578)

>> The big flaw with current browsers is that it doesn't tell you when it sees a new certificate where the old one was from bignameCA.com, but the new one is from >> CAIveneverheardof.ng.

> true. There is a FF extension for that

Which one?

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37329726)

Certificate Patrol: http://patrol.psyced.org/ [psyced.org]

Re:Self Signed Certificates (1)

Qzukk (229616) | more than 2 years ago | (#37330182)

There's also Perspectives [perspectives-project.org] which asks "notary servers" what certs they've seen at that site over time so you can compare what other people are seeing. Of course, this requires that you be able to reach a notary server outside of your network, which may not always be possible [slashdot.org] .

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37331964)

That trust may be misplaced, but that's a different issue.

Is that phrase the new "left as an exercise for the reader"?

Re:Self Signed Certificates (1)

DarkOx (621550) | more than 2 years ago | (#37328626)

ok fair point, I guess, but if you go to www.mybank.com today without putting https:/// [https] in front of it your browser will almost certainly try http first, and if the server answers you will get an unsecured connection with no warnings.

Mind you it might not be your banks server that answers either, might be anyone redirecting port 80 traffic along the way. So I still say either self signed SSL certs should be treated as clear text, at the application level. Now perhaps the browser should throw up all kinds of scarey warnings about plain HTTP

Re:Self Signed Certificates (1)

plover (150551) | more than 2 years ago | (#37330300)

That's a problem I think the banks have a duty to tackle. They simply shouldn't do business without SSL. Plaintext connections should go first to a visible redirector saying "don't be such a dumb ass, always type 'https' when accessing any bank's web site" (OK, maybe more polite.)

Re:Self Signed Certificates (1)

nedlohs (1335013) | more than 2 years ago | (#37329570)

Your browser sets of alarm bells when you go to http://www.mybank.com/ [mybank.com] ?

You must love bells!

Re:Self Signed Certificates (2)

dgatwood (11270) | more than 2 years ago | (#37328796)

There's a third choice: display a warning the first time, then permanently accept that cert for that site like ssh does. Then, allow one cert to sign its successor for a couple of years after the cert's expiration (or drop expiration dates entirely, as they don't seem to do much good other than making CAs more profitable) and make the new cert inherit the "always trust for this site" policy from its predecessor.

With that one change, a self-signed cert would provide nearly the same benefit as a real cert, minus the initial trust on first connection. And even that trust is minimal, given that taking over a domain's admin email accounts (even temporarily) or compromising a CA is enough to get certs. And even in the best case, you're basically going on word-of-mouth trust as to whether you trust the actual owners of the site to be a legitimate business.

In some ways, the ssh style actually provides more security than the current trust model because an attacker can't get a new key from an arbitrary (compromised or crooked) CA.

Safari already provides some of this if you know to check the checkbox ("always trust this cert for this site", emphasis mine). Other browsers may do this as well; I haven't tried it. However, to my knowledge, nobody provides trust chaining with expired self-signed certs, nor automatic inheritance of the "always trust for this site" policy, which turns out to be a critical part of the story after the first cert expires.

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37330220)

Exactly.

Let people chose to trust the site/organization that they choose.

Instead of a chain of unknowable nobodies that they don't.

Re:Self Signed Certificates (1)

LordLimecat (1103839) | more than 2 years ago | (#37328350)

That really doesnt work so well for sites like Google / all their services, or Amazon, that people may want to access from various places and on various computers. Are you suggesting that we teach everyone about the concepts of certificates, thumbprints, and trust, so that they can pore over the certificate trust chains on each computer they ever want to use?

Re:Self Signed Certificates (1)

roman_mir (125474) | more than 2 years ago | (#37329598)

I left a few replies in this thread, so it's a PITA to repeat the same thing over again. Distributed, cross checked lists, time stamped with expiration dates, hashed and keys distributed. Torrent like system to distribute list. Site operators checking existing lists for poison. There are many things that can be done by browsers to see if the self signed certificate indeed belongs to the issuer. Staying with the status quo is only acceptable to the CAs, not to users and over time the situation will get worse, as governments will want more and more access to your private data and CAs will be compelled to provide them with ways, so probably more and more CAs will be the points of security failure just like the ones in the stories as of late.

Re:Self Signed Certificates (1)

fredan (54788) | more than 2 years ago | (#37331590)

Distributed, cross checked lists, time stamped with expiration dates, hashed and keys distributed

DNS?

Re:Self Signed Certificates (1)

roman_mir (125474) | more than 2 years ago | (#37332040)

Exactly, I mentioned [slashdot.org] DNS in this thread.

Re:Self Signed Certificates (1)

elsurexiste (1758620) | more than 2 years ago | (#37328938)

Sorry, but I can't agree. Most people wouldn't understand what the hell are you talking about, so even if you show them a fingerprint, they wouldn't know what to do. Browsers treat self-signed with suspicion because anyone can self-sign a certificate and they won't prove, only by themselves, that the server is who it says it is. You surely recognize this. Now, CAs earned their trusts by passing a real audit, as in people from a company you know IRL goes to that company to check stuff IRL. Not that it helped much to that Dutch company, but it guarantees a minimum of security. Finally, quite amusingly, you describe a scheme of distributed CAs as a great alternative. We have now come full circle and returned to certificates checked against CAs. I think your proposal is the way to go, by the way: a certificate full of stamps instead of just one per hierarchical level. But nothing self-signed, that would be a nightmare.

Re:Self Signed Certificates (1)

0123456 (636235) | more than 2 years ago | (#37328998)

Now, CAs earned their trusts by passing a real audit, as in people from a company you know IRL goes to that company to check stuff IRL. Not that it helped much to that Dutch company, but it guarantees a minimum of security.

The big problem with the CA system is that it limits your security to the level of the least secure CA. You can get your certs from supersecureCA.com, but anyone who hacks into CAinmygarage.ng can produce a certificate that will be trusted just as much as the real one.

Re:Self Signed Certificates (1)

roman_mir (125474) | more than 2 years ago | (#37330362)

if you show them a fingerprint, they wouldn't know what to do

- well, people don't know how to use their GPS in their cars either, but they are still using them. It's not that hard for a bank to put a statement on the front page:

To make sure you are really on our site compare this number: 43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8 to the fingerprint in your Internet browser address bar.

Browsers treat self-signed with suspicion because anyone can self-sign a certificate and they won't prove

- you can't prove that you are on HTTP site either, that doesn't cut it as an explanation for this duality in behavior. I wonder how much CAs pay browser development teams to add them to the CA lists.

CAs earned their trusts by passing a real audit

- I disagree. I don't trust any CA or whoever "audits" them. They didn't earn MY trust. That's the only trust that's important when I am browsing.

guarantees a minimum of security

- this makes no sense. I actually trust CAs less than I trust self signed certificates, because CAs are an easy target for government intervention into the security chain.

you describe a scheme of distributed CAs as a great alternative. We have now come full circle and returned to certificates checked against CAs.

- nope.

I never said that you must be a CA to host a list. I never said that you must prove yourself to be ANYTHING to host a list. In fact I am talking about multiple lists just being distributed via torrents. Some may be distributed via whoever wants to be seeing a distributer. Lists need to be checked actively by the site operators to make sure the data is right, and site operators can distribute their own lists. I am talking about a vote on security, not a central authority of any kind.

But nothing self-signed, that would be a nightmare.

- the nightmare for me is some third party signing a certificate for somebody else based on some authority they bought. This third party is a target for all sorts of intervention by all sorts of powers and money interests and that's the real nightmare.

Re:Self Signed Certificates (1)

Pionar (620916) | more than 2 years ago | (#37328940)

Why should I trust your list?

Re:Self Signed Certificates (1)

roman_mir (125474) | more than 2 years ago | (#37329298)

Did I say you have to trust my list?

I would rather have many distributed lists, all being cross checked, more like multiple DNS roots/entries rather than relying on somebody that is assumed to be trustworthy.

I want cross checking of multiple lists against one another, etc., You don't have to rely on my list.

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37330452)

So it's security by the most votes via the global web of the Eternal September...

Ever heard of compromised systems, maybe even done automatically - called botnets? Or by other even more sophisticated systems such as a political campaign?

Get a clue. That idea is just downright stupid and scary.

But mostly stupid.

Re:Self Signed Certificates (1)

Sloppy (14984) | more than 2 years ago | (#37329694)

Why should I trust your list?

For the same reason that you trust GlobalSign's list, whatever that may be. With a couple exceptions:

1) Unlike faceless names like GlobalSign, the person issuing such a list may be someone you actually meet and/or can get to know. So the lower bound of trustworthiness is the same as GlobalSign's, but the upper bound is unlimited.

2) The assertions provided by the list's publisher are a little less risky to accept, because the list publisher is claiming less. The list publisher is claiming they have seen various identities use certain fingerprints in the past, whereas GlobalSign says something stronger: that they have verified the identities associated with certain fingerprints. Since it's a weaker assertion (analogous to the "I have not checked at all (1)" level of certification under OpenPGP), its failure is less catastrophic, so it's an improvement to the overall security of the system.

And if you're not thinking in terms of "improvements" and degrees of security (and instead you evaluate each statement of identity as "This is probably a fraud attempt" or "this is definitely secure and I can completely trust it") then you're not facing real life and actually working on the problem, yet.

Re:Self Signed Certificates (1)

tokul (682258) | more than 2 years ago | (#37328948)

Come on, browsers need to start treating self signed certificates like they are plain old HTTP, with an icon that can be used to view the fingerprint.

Will you notice if your bank reverts to self signed certificate? Will other people notice it?

Re:Self Signed Certificates (1)

Sloppy (14984) | more than 2 years ago | (#37329082)

The answer to that question is identical to the answer to: "Will you notice if your bank uses plaintext http?" If you think the answer to that question is No, then whatever you use to turn that into not being a problem, will work the same for both approaches.

Re:Self Signed Certificates (2)

roman_mir (125474) | more than 2 years ago | (#37329506)

It's all about the UI - will you notice anything if UI does not tell you?

What if UI didn't tell you that the site is changing from HTTP to HTTPS, would you notice it? What if the browser decided not to show you the address bar at all? Do you know that they are playing with that genius idea? They are really thinking about it!

Now, what is needed is a good way to show that the site is HTTP or HTTPS with a self signed certificate, and have an easy way to see the fingerprint or it is an HTTPS with a CA (still show the fingerprint, why not?)

However I would like it to go further and I would like to see browsers using distributed lists of fingerprints/public certificates/hash keys for the lists, all of this done in a way that allows browser to load multiple lists from different unrelated sources, maybe even some form of 'torrent' for the fingerprint lists. Also maybe a standard to check for fingerprint for a site from the site as well.

Obviously the site operators have to manage their security actively, which includes actively checking the lists that are all over the web to make sure nobody is poisoning them (and this is what signature hash keys for lists are for, with time stamps and possibly with expiration dates).

How about expiration dates on fingerprint lists?

Any new ideas, as long as it's not relying on centralized signing authority.

Re:Self Signed Certificates (1)

GameboyRMH (1153867) | more than 2 years ago | (#37329442)

I don't think the distributed lists is a good idea. Just stick to distributed verification / SSL notaries.

Re:Self Signed Certificates (1)

roman_mir (125474) | more than 2 years ago | (#37329542)

Well, in a marketplace of ideas any idea has the right to exist. I don't see why lists cannot be implemented, tried and tested if anybody cares to try of-course.

But you are not providing any reasoning to your statement. Why are distributed lists not a good idea? If the lists are distributed, time stamped and hash keys are created, hash keys are distributed and lists have expiration dates. The site operators would have to verify the lists out there periodically. Maybe torrent like way to distribute lists.

Come on, think outside of this box that we are in. There has to be a competing way to do identity authentication.

Re:Self Signed Certificates (1)

GameboyRMH (1153867) | more than 2 years ago | (#37331122)

The problem with spreading lists around is that it requires creating another messy system that requires trust in some authority - the one compiling the list. The same way someone could intercept the website serving your Linux distros and give you an infected one, with a matching hash so it still looks A-OK, someone could intercept the list and the corresponding hash. It's a lighter version of the same kind of mess we've had with CAs.

Using torrents to distribute the list would at least prevent sabotage, if the torrent file can be handed out securely, but that's just clustering the requirement for trust at the pinnacle of the "trust pyramid" - and also creating a single weak point that can compromise the whole system.

Actually after just writing that I had an idea. The site distributing the list could be hosted on a darknet like an .onion site. This would make the pinnacle of the pyramid much harder to subvert or impersonate, and now the only point of trust required from the client side is that the correct darknet site and public key are embedded in the browser (which could be verified on any open source browser).

Now from the administration side, if a site wants to register info on their public key on this identity list, here is a process that could be used that prevents impersonation:

1. The site owner puts a file on their site, following a filename convention, that contains the line that will be added to the identity list. A part of this information is a string and a hash, let's call this string A and hash H.

2. The site owner sends a PGP-encrypted email to the darknet site, originating from a registered MX IP for the domain, containing only string B. StrongHashFunction(String A + String B) = Hash H, else the darknet site doesn't process the request. This way it's only possible to impersonate a site if you've taken full control of the server - a much bigger problem anyways. So, if everything checks out, the darknet site uses the info it retrieved (via HTTPS connection) to add a line to the identity list.

DNS hijacks alone will become useless since the identity is checked for every site before a secure connection is made to send confidential information - they'd need the SSL private key that matches the public key to make any sense of the data that comes in, so without that a DNS hijack is useless and an SSL connection can't be established.

So, weak points:

1. The darknet site hosting the identity list: This is the single point of blind trust in this system, the integrity of the site itself. It would have to be locked down with paranoid security and in the control of a trusted party. But at least this trust can be easily verified, if a site operator finds that their identity info on the site is wrong they can cry foul.

2. It would be impossible to fully trust closed-source browsers - but that is an inherent and unavoidable problem we have even today.

It's still a lighter version of the same problem we've had with CAs but I've lightened it up much more. Verifying identity without sending out-of-band information will always require some trust unfortunately. You can detect MITMs without trust but not verify identity.

Re:Self Signed Certificates (1)

MichaelKristopeit502 (2018076) | more than 2 years ago | (#37329682)

I don't trust any CA, why does anybody trust any CA?

because they aren't you. why would anyone trust someone that wouldn't trust them back?

you're an ignorant hypocrite.

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37329784)

Do you, yourself, have any idea what you are saying?

Re:Self Signed Certificates (1)

MichaelKristopeit502 (2018076) | more than 2 years ago | (#37330368)

i can see why you might be confused about the difference between me and myself, as you yourself are exactly what you've claimed to be: NOTHING.

cower in my shadow some more, feeb.

you're completely pathetic.

Re:Self Signed Certificates (0)

Anonymous Coward | more than 2 years ago | (#37333922)

I now know why there is number 502 attached to your nick. You keep posting the same stupid shit over and over, getting moderated down and can't post again, so you keep coming up with numbered nicknames, you've been doing it for hundreds of accounts here.

You are dissolved in your accounts, your accounts and your faceless self are now one and the same. You can't escape the magnetism, you are obsessed with posting under hundreds of accounts on this site.

You are the very essence of nothing, snap out of it or kill yourself.

Re:Self Signed Certificates (1)

MichaelKristopeit425 (2018896) | more than 2 years ago | (#37334034)

ur mum's face are the very essence of nothing.

suggesting suicide is a crime. you are a criminal. turn yourself in or kill ur mum.

cower in my shadow some more, feeb.

you're completely pathetic.

Re:Self Signed Certificates (1)

MichaelKristopeit410 (2018830) | more than 2 years ago | (#37334072)

you now know exactly what you claim to be: NOTHING

MichaelKristopeit is not a nick. it is my name. i am michael kristopeit. i live at 4513 brittany ct, eau claire, wi 54701. i live there with my wife and children and dogs and numerous firearms. you are a pathetic criminal. present yourself to me, admit what you've done; then i will bring upon you the ultimate punishment for your transgressions.

Its not difficult (1)

jzilla (256016) | more than 2 years ago | (#37328254)

steps to securing a CA.
1- unplug CA from network.
2- done.

If your CA is accessible via a network you sure not be running a trusted CA.

Re:Its not difficult (1)

Anonymous Coward | more than 2 years ago | (#37328406)

Uh, I see a minor flaw in your plan. Think it over a for a bit, I'm sure it'll come to you.

Re:Its not difficult (0)

Anonymous Coward | more than 2 years ago | (#37328542)

I have thought it over.

You physically copy the certificate request to the signing computer by floppy disk or flash drive or similar method and copy the certificate back the same way.

Re:Its not difficult (1)

DarkOx (621550) | more than 2 years ago | (#37328840)

Sounds nice, but how do you know the CSR is valid? Air gaping the CA might work for your home or business but its no good for commercial CA provider. They get thousands of CSRs everyday.

Do you expect them to individually transfer them or do thing they might um do it in batch? So lets suppose I break into the processing system and stick a few of my own CSRs in there and mark them in the database as validated or whatever, your monkey at the CA is going to dump those CSRs along with all the legit ones to the floppy, sign them and load the responses back to the processing system.

Boom, I still have fraudulent certs.

Re:Its not difficult (0)

Anonymous Coward | more than 2 years ago | (#37329030)

> but its no good for commercial CA provider. They get thousands of CSRs everyday.

Then they are too big and deserve to die.

Re:Its not difficult (1)

vlm (69642) | more than 2 years ago | (#37328858)

I have thought it over.

You physically copy the certificate request to the signing computer by floppy disk or flash drive or similar method and copy the certificate back the same way.

I think he's getting at, how do you upgrade Debian's openssl package if its not on the net... Well, there are ways around that, again involving flash drives and such...

Re:Its not difficult (1)

Anonymous Coward | more than 2 years ago | (#37329050)

I think he's getting at, how do you upgrade Debian's openssl package if its not on the net... Well, there are ways around that, again involving flash drives and such...

You update from CD only when there is a vulnerability that affects you. The packages are signed for a reason.

While this is not absolutely secure (sure somebody could MITM the debian download and compromise some debian developer's gpg key) at this point it's cheaper to physically break down the door.

Re:Its not difficult (0)

Anonymous Coward | more than 2 years ago | (#37329988)

What flaw?
IMO browsers have built-in CAs keys to verify mybank.com identity. CA secrets are only needed during creation of an end user certificate and that can be done offline

Interesting - claims controls of 4 more CAs (1)

Lieutenant_Dan (583843) | more than 2 years ago | (#37328278)

From http://pastebin.com/85WV10EL [pastebin.com]

He mentions GlobalSign. I'm assuming DigiNotar is not in one four remaining? StartCom dodged this mess (good for Eddy!).

So there are possibly 3 more CAs that have been compromised. Which ones?

I do find it interesting that the fellow is going after the Dutch government for the Srebrenica event. I wonder what he has in store for the Serbian government?

If you have Diginotar stock, unload it (0)

Anonymous Coward | more than 2 years ago | (#37328418)

Not looking good.

adasd (-1, Offtopic)

renzjude (2456150) | more than 2 years ago | (#37328450)

disney villains [mydisneyva...resort.com] playhouse disney games [mydisneyva...resort.com] coloring pages of disney characters [mydisneyva...resort.com] disney cruise vacations [mydisneyva...resort.com] chicken coops [howtobuild...coops.info] how to build a chicken coop [howtobuild...coops.info]

OH NOZE !! (0)

Anonymous Coward | more than 2 years ago | (#37329038)

Whatever will GS do now ?? Probably the same as GS did before, only not collect any money. Soon, it will be back in business, selling stuff that doesn't obviously cost them anything at all !! I mean, if you pay protection money to the mob, they are suppose to protect you !! At least the mob you can trust !!

Without words... (1)

cjcela (1539859) | more than 2 years ago | (#37329168)

All this shows that you cannot put a for-profit company in charge of data security for the entire world. Things are bound to get ugly. These people are either pathetic or criminal, and in either case they are into their business because of the money, not because they care about the mission they have been trusted with. The amount of damage they can inflict to individuals, governments, and companies is immense. Somehow we must have strict international regulations about how the issuing of certificates is handled, how the internal security of the company is handled, and the entities responsible for them should be under constant public scrutiny and accountable; it makes no sense that a company that produced hundreds of fake certificates is still allowed to continue to operate. Ultimately, I agree with some of the other comments: security has to somehow be distributed, nor centralised. I would also add, figure the way to take the money out of the equation. Make it mandatory for all certificate authorities to be non-profit, and conduct periodic public audits, published on the Web. Then, you will need more than one company/person/site to be corrupted or compromised for things to go wrong, and hopefully, if there is any grey business going on, someone will spot it quickly enough.

Related... (1)

bmo (77928) | more than 2 years ago | (#37329458)

I just got an update for Ubuntu's xulrunner (a part of firefox) that labels all DigiNotar certs as untrusted.

The shunning of DigiNotar is beginning. As it should.

Anyone know how I can label all DigiNotar certs bad in Chrome or similar?

--
BMO

Re:Related... (1)

bmo (77928) | more than 2 years ago | (#37329636)

I said:

>Anyone know how I can label all DigiNotar certs bad in Chrome or similar?

Follow up.

In Chrome.

>Preferences
>Under the hood
>SSL
>scroll down until you see DigiNotar
>click Edit
>uncheck "trust this for...."

Done.

Re:Related... (1)

aztracker1 (702135) | more than 2 years ago | (#37331734)

An update already did that for most users.

Re:Related... (0)

Anonymous Coward | more than 2 years ago | (#37331454)

I just got an update for Ubuntu's xulrunner (a part of firefox) that labels all DigiNotar certs as untrusted.

The shunning of DigiNotar is beginning. As it should.

What shunning?? If a CA key is compromised, you stop trusting it, and therefore anything signed by it. That's how the system is SUPPOSED to work. It's not punishment. Punishment would be not trusting their future root keys until they submit to strict audits.

There's so many people whining about chains of trust here that don't understand how they work.

Virus protection software (1)

jweller13 (1148823) | more than 2 years ago | (#37329654)

On a somewhat related point. How many IT Admins believe the various symantec, mcafee, whatever virus protection software in and of themselves excel at preventing new viruses from infecting computers. Raise your hand. In a security conference I just attended when asked that question literally no one in the room raised their hand.

So we should ban GlobalSign too? (1)

guruevi (827432) | more than 2 years ago | (#37331676)

Anyone with any guidance on WHAT happened? If the CA authority has suspicions, they should be as open as possible about it. We don't know what happened and I NEED to know (as I have people here that deal with sensitive projects and often travel into areas that have shown to be hostile towards privacy).

GlobalSign = skype login (0)

Anonymous Coward | more than 2 years ago | (#37332264)

The Certificate Patrol addon for Firefox is showing that it has stored a GlobalSign nv-sa cert for login.skype.com in my cert cache.
It would be nice to know whether the cert is affected by this latest attack.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>