27 March 2011

Comodo "SSL certificate" incident and what it means for you

For those of you who missed all the news coverage, here's a quick (and hopefully straightforward) explanation of the issue.

What is this?

Executive summary: The way secure communications is handled on the internet is broken, and a recent attack higlighted that. People running the latest version of their browsers are protected.

Whenever you visit a web site, your're either accessing that site through HTTP, the Hypertext Transfer Protocol, or via HTTP inside TLS (Transport Layer Security), aka HTTPS.

With HTTP, anything you do can be watched, recorded, etc by any entity between you and the site you are trying to visit. These entities include your ISP, various internet providers your ISP has peering agreements with, or anybody who is on the same Wifi (or sometimes wired) connection as you.

HTTPS encrypts your traffic to prevent such "man in the middle" attacks. Because the entire connection is private, it can be harder for organizations to filter out specific HTTPS sites.

My personal website is available via HTTPS, and your browser accepts that it is connecting to me and not an impostor because GeoTrust / RapidSSL checked the domain records to find my contact information, and called me up to make sure I am who I say I am.

To ensure that when you connect to a site, you are actually connecting to that site and not a malicious attacker, your web browser relies on Certificate Authorities, which vouch for a site's identity. Any CA can vouch for any domain, and there are almost 50 such entities which Mozilla Firefox fully trusts. Microsoft trusts hundreds, including a variety of governments ranging from France to South Korea to  Hong Kong.

What happened?

Recently one of these CAs, Comodo, was compromised, insofar as somebody was able to get a signed certificate for a domain they did not own. From what I understand, the attacker gained control of a reseller account at Comodo, and there were inadequate checks to prevent the now compromised account from issuing fraudulent certificates.

In this case, they were able to obtain certificates for the log in pages of Google, Yahoo, Windows Live, and Skype, as well as the Mozilla Addons site. Full details are in their incident report. Based on their initial analysis, the attack appears to be sourced from within Iran, and Comodo has concluded that the breach was orchestrated by the state.

Since Comodo's certificates are trusted by all major browsers, these sites can be impersonated by others, even though none of the targeted sites used Comodo.

Why should I care?

The Iranian government or another organization controlling those certificates can intercept usernames and passwords, and access private information. This is of primary concern to Iranian dissidents, but could be used by the government there to target anybody they don't like, given the right circumstances.

What can I do about it?

Well, this breach has shown that the process for revoking a certificate is horribly broken, since most browsers do not check to see if a certificate is still valid. Fortunately, the major browser vendors (Mozilla, Google, and Microsoft) have all issued updates, so if you are running the most updated version of your browser (which you should be doing anyway!) then you are protected against this specific attack. ((Well, Apple hasn't as of this writing, but you can work around it via this  method))

However, the incident shines light on the wider issue of the way our internet trust model works: allowing hundreds of unrelated organizations to vouch authoritatively that somebody else is who they say they are. This is a hard problem in information security to solve, and most of the proposed alternatives (cough DNSSEC) also suffer from having a trusted issuer. It will be interesting to see if any decentralized alternatives to CAs gain traction because of the Comodo affair.

01 March 2011

Trip to SCOTUS, Camreta v. Greene (09-1454) or: "Justices just want tohave fun"

I usually write about technical topics in this space, so pardon my digression. </metablogging>

Today my AP Gov't class took a trip to the Supreme Court of the United States (SCOTUS). We were fortunate to get reserved seating thanks to one of my classmates, so we skipped the line and were able to sit for an entire argument. We didn't get to choose which of the two arguments we saw, since half our group was randomly sent to each. I didn't get the one I had hoped for. Camreta v. Greene (the one I attended), however, proved to be much more entertaining than Schindler Elevator v. US ex rel. Kirk, at least based on the people I talked to. A quick search of the transcripts for each confirms this:
Argument    # of instances of "(Laughter)"

Facts of the case

The Huffington Post has a detailed overview of the circumstances surrounding the case, which didn't gloss over any details or strike me as overly biased; they certainly did a better job than I did. The whole story is rather sad, but what came before the court was this: whether a child can be questioned by the police, Child Protective Services, or other governmental agencies without parental consent, probable cause, or "extingent circumstances". If so, on what grounds can such questioning occur?