dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
43

Matt3
All noise, no signal.
Premium Member
join:2003-07-20
Jamestown, NC

Matt3 to gme

Premium Member

to gme

Re: Simple solution

said by gme :

Google may have a very valid SSL certificate (from VeriSign even), but the way an SSL MiTM attack works is that the SSL proxy intercepts your HTTPS request, breaks it, and then forwards it on to Google (for example).

What the proxy sends to YOU (and your browser) is a completely separate encrypted SSL page, and your little lock still shows, because the SSL proxy is using a certificate that is trusted in your certificate store.

Countries like Saudi Arabia, Iran, and China, can do this because their country-level CAs are in everyone's browser (bring up certmgr.msc if you're on Windows).

Since the root is universally trusted, the root CAs can issue bogus intermediate certs via their own CAs, forging the legitimate certs to your browser.

You mention the breakdown of eCommerce as we know it, and you're absolutely correct.

SSL has been the worst thing to happen to the Internet.

Not because of the technology, but because of the false sense of security it provides.

This is a very good explanation and is inline with what I have read about SSL man-in-the-middle attacks. The crux seems to be that in most modern certificate stores (be it Firefox's internal or the one in Windows) there are simply too many trusted root/intermediate certificates that are valid for 10+ years.

All it takes is one relatively common cert to be exploited and you could build a spying business off it ... while working on the next one to compromise to extend your business another 10 years.

rchandra
Stargate Universe fan
Premium Member
join:2000-11-09
14225-2105

rchandra

Premium Member

Even more to the point, validity checking of certs relies on valid DNS results. Without widespread DNSSEC client implementations and validations, and zone signatures, it is likewise MitM vulnerable.