Closed Bug 294730 Opened 19 years ago Closed 8 years ago

Potential man in the middle attack by verisign and browser will never warn about it.

Categories

(Core :: Security: PSM, enhancement)

Product:
Core
Component:
Security: PSM
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: duane, Assigned: dveditz)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b2) Gecko/20050516 Firefox/1.0+
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b2) Gecko/20050516 Firefox/1.0+

Due to Verisign having control of both DNS and the inclusion of their root
certificate in all browsers they effectively could main in the middle a large
section of the internet by redirecting DNS to a proxy server and then issuing a
replacement SSL certificate, and the browser would never warn that anything
suspecious was occuring. This is both a huge conflict of interest and a grave
concern, especially in light of some other business ventures Verisign has under
it's belt being one of the largest companies offering wire tap services to US
government bodies, and any other country that can afford to pay for the services.

Reproducible: Always



Expected Results:  
No traffic carried over SSL/TLS via any browser can be trusted to be secure. To
further this any browser claiming that your internet traffic is secure is
potentially facing a lawsuit due to misleading their customers.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
I was reading one of the Mozilla newsgroups and now I wonder why has this been
resolved "INVALID" without a valid statement from any of the mozilla.org
members, why is that? I can only guess that it was 'wtchang@redhat.com' because
he is the 'component owner'?
Status: RESOLVED → UNCONFIRMED
Resolution: INVALID → ---
Status: UNCONFIRMED → NEW
Ever confirmed: true
(In reply to comment #1)
> I can only guess that it was 'wtchang@redhat.com' 

No need to guess. If you are using Mozilla Suite you can enable the Navigation
Toolbar via View->Show/Hide and from there More->Show->Bug Activity

Or use the link below:
https://bugzilla.mozilla.org/show_activity.cgi?id=294730


The way to fix this is an (optional) popup window notifying you of changes to a
certificate since the last time you visited this website. This alert box should
show some details about the old certificate and the new one.
(In reply to comment #3)
> The way to fix this is an (optional) popup window notifying you of changes to a
> certificate since the last time you visited this website. This alert box should
> show some details about the old certificate and the new one.

I'd settle for one of those warning bar things across the top... Less annoying
and likely to stay up longer etc...

Also after a long debate on the newsgroup the consensus was to have it turned
off by default, like OCSP currently is...
QA Contact: bishakhabanerjee → jason.m.reid
This is not an NSS issue.  It is a PSM issue.  So, I am moving this bug to PSM.

It asks that mozilla adopt a new security model regarding trusted CAs, 
a model in which CAs are no longer trusted.  
For mozilla to adopt such a different model requires a policy decision,
and that decision would apply to the mozilla browser products, and not
to all products that use NSS.
Assignee: wtchang → kaie
Component: Libraries → Security: PSM
Product: NSS → Core
QA Contact: jason.m.reid
Version: unspecified → Trunk
(In reply to comment #5)
> It asks that mozilla adopt a new security model regarding trusted CAs, 
> a model in which CAs are no longer trusted.

I'm not saying that they aren't trusted, I'm just after a warning if things
change, this could be because of an attack not just CAs.

> For mozilla to adopt such a different model requires a policy decision,
> and that decision would apply to the mozilla browser products, and not
> to all products that use NSS.  

Applies as much to email as it does to browsing, after all if you can't prove
emails aren't being intercepted in the same manner...
So you are suggesting to have a cache on the end user's computer for all the
server certificates that you encounter, and whenever you connect to a secure
site, a comparison of the current with the cached certificate should be made.

You want to be warned of any differences.

As a consequence you'll also be warned when a web site simply has changed their
certificate for whatever reason. You would be unable to decide, whether the
change is a man-in-the-middle-attack or not, or whether it's simply a new cert.

You'd only be certain about experiencing a man-in-middle situation when you
suddenly saw warnings for many secure sites.

And you also would be unable to detect the man-in-the-middle situation when
connections to a site have always been rerouted already, because you always got
the same cert.
Assignee: kaie → nobody
(In reply to comment #7)

> As a consequence you'll also be warned when a web site simply has changed their
> certificate for whatever reason. You would be unable to decide, whether the
> change is a man-in-the-middle-attack or not, or whether it's simply a new cert.

As things stand at present the browser denies me the ability to make such
statements easily.

> You'd only be certain about experiencing a man-in-middle situation when you
> suddenly saw warnings for many secure sites.

As things stand at present the browser denies me the ability to make such
statements easily.

> And you also would be unable to detect the man-in-the-middle situation when
> connections to a site have always been rerouted already, because you always got
> the same cert.

Actually this is debatable, for most situations it's unlikely to have a constant
man in the middle attack these are expensive to operate indeffinately, and would
eventually know something was up.
This should be resolved invalid--it's not a browser bug.  It's inescapable that "trusted" entities might in fact turn out to be untrustworthy if the stakes are high enough.

I can't imagine Verisign doing something like that casually.  They are a for-profit company in pursuit of the almighty dollar like everyone else, and their particular strategy is convincing corporate users that Verisign certificates are somehow more secure than other certs that cost a tenth as much.  If it came out that they had spoofed a certificate, even under a law enforcement or national security order (i.e. the spoofing was part of an FBI investigation of some site), that would be tremendously damaging to their future sales.  

I can think of some hacks that paranoid server operators could do to thwart this kind of attack, based on using multiple IP addresses dynamically bound to subdomains.  People really concerned about it can probably think of similar hacks.
Assignee: nobody → dveditz
QA Contact: psm
New technologies are being developed to address this. There's key pinning, CAA, certificate transparency, etc.. I don't think we need to keep this bug open.
Status: NEW → RESOLVED
Closed: 19 years ago8 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.