Comodo SSL Hack From Security Now show 295
http://wiki.twit.tv/wiki/Security_Now_295
History:
• Comodo initially quietly sent a command to its certificate revocation servers designed to tell browsers
to no longer accept 9 certificates signed using its private key.
• Major browsers went beyond this normal revocation process and added hard-coded "do not
trust".
• Mozilla forced this in as the last change to their v4 Firefox source code.
• Jacob Appelbaum, a researcher at the University of Washington's Security and Privacy Research Lab
independently uncovered the certificate theft by carefully watching Chromium source code updates notices
some oddity....
• Chromium hard-codes some invalid certificate serial numbers
• A Mozilla update does the same.
• issuer=/C=US/ST=UT/L=Salt Lake City/O=The USERTRUST
• Network/OU=http://www.usertrust.com/CN=UTN-USERFirst-Hardware
• EFF's SSL Observatory:
• As of August 2010, 85,440 public HTTPS certificates were signed directly by UTN-USERFirst-
Hardware. In the event of a revocation, at least 85,440 websites would have to scramble to obtain new SSL
certificates.
Comodo Confesses:
• http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
• Report of incident on 15-MAR-2011
• An RA suffered an attack that resulted in a breach of one user account of that specific RA.
• This RA account was then used fraudulently to issue 9 certificates (across 7 different domains).
• All of these certificates were revoked immediately on discovery.
• Monitoring of OCSP responder traffic has not detected any attempted use of these certificates after
their revocation.
• mail.google.com, www.google.com, login.yahoo.com (3 certs), login.skype.com, addons.mozilla.org,
login.live.com, and "global trustee".
• login.yahoo.com WAS SEEN LIVE on the Internet
• A web server in Iran was briefly using the fraudulent certificate.
• "an attacker obtained the username and password of a Comodo Trusted Partner in Southern
Europe."
Definitions:
• Certificate Authorities:
• Issues "Certificates" attesting to the identity of web sites.
• Registration Authorities
• “Partners with certificate issuing autonomy”
• DCV - Domain Control Verification
• eMail sent to verify that requestor has control of requested domain
Comodo: (Robin Alden - CTO Comodo)
• "what we had not done was adequately consider the new (to us) threat model of the RA being the
subject of a targeted attack and entirely compromised."
• "Two other (additional) RA accounts had since been compromised though no other erroneous certs had
been issued."
• "High Value Target Check" -- we have such capability, but it had been disabled on several
RA's. We're changing the structure to enforce this universally.
• EV certificates were never able to be issued by RA's.
Comodo adding:
• IP-based address restriction
• Hardware-based two-factor authentication for RA logon
Mozilla:
• Criticized Comodo for allowing RA's to issue certs directly from the root and has asked that each
RA issue from a sub-CA.
• To exploit the fake credentials?
• Host File
• Malicious DNS
• Anyone in the connection - MITM
CRL and OCSP
• Revocation
• Certs last only a few years but what if something bad happens before then?
• OCSP - Online Certificate Status Protocol (OCSP)
• CRL - Certificate Revocation List
Conclusions:
• The FUNDAMENTAL problem:
• The underlying technical design is fragile. ANY CA can certify to ANY user that ANY server owns ANY
domain name. Therefore the consequences of a misplaced trust decision are about as bad as they can be.
It's tempting to write this off as bonehead design, but in truth the available design options are all
unattractive.
• Stated another way: The real problem is a structural one: there are 1,500 CA certificates controlled by
around 650 organizations, and every time you connect to an HTTPS webserver, or exchange email
(POP/IMAP/SMTP) encrypted by TLS, you implicitly trust all of those certificate authorities!
• Steve Schultze @ Freedom To Tinker
• * Too many entities have CA powers: As the SSL Observatory project helped demonstrate, there are
thousands of entities in the world that have the ability to issue certificates. Some of these are trusted
directly by browsers, and others inherit their authority. We don't even know who many of them are,
because such delegation of authority -- either via "subordinate certificates" or via
"registration authorities" -- is not publicly disclosed. The more of these entities exist, the
more vulnerabilities exist.
• * The current system does not limit damage: Any entity that can issue a certificate can issue a
certificate for any domain in the world. That means that a vulnerability at one point is a vulnerability for
all.
• * Governments are a threat: All the major web browsers currently trust many government agencies as
Certificate Authorities. This often includes places like Tunisia, Turkey, UAE, and China, which some argue
are jurisdictions hostile to free speech. Hardware products exist and are marketed explicitly for government
surveillance via a "man in the middle" attack.
• * Comodo in particular has a bad track record with their RA program: The structure of
"Registration Authorities" has led to poor or nonexistant validation in the past, but Mozilla and
the other browsers have so far refused to take any action to remove Comodo or put them on probation.
• * We need to step up efforts on a fix: Obviously the current state of affairs is not ideal. As
Appelbaum notes, efforts like DANE, CAA, HASTLS, and Monkeysphere deserve our attention.
Defeat SSL - HTTPS - "HACKER ETHICS" White Hat Unconventional Researchers
Would you think that a program that hides misleadingly named entries in inappropriate areas of the registry is trustworthy? Me neither, but TRUSTe does.
Can You Trust
TRUSTe?
TRUSTe is a nonprofit organization set up to help Internet users determine who is worthy of their trust, in
commerce or other areas on the Web. The company sells a number of seals that you might see when interacting
with Web sites. These seals are meant to show that the site adheres to TRUSTe's standards for Web
privacy, e-mail privacy and other such concerns. TRUSTe has long had a reputation
for not aggressively enforcing its own standards. Its business model, even as a nonprofit, created a
conflict of interest in that it gets its income from the companies it is certifying. A recent episode shows
that the problems continue. Back in August, Ben Edelman (now a professor at Harvard Business School) reported on misleading and undesirable behaviors
in the PC software
used
by Coupons Inc. As Edelman noted, Coupons software allows you to print
out coupons that you may bring to normal brick-and-mortar retailers, but they were requiring that the
printing be done through custom software that included an ActiveX control. Edelman also noted that the
software was using files and registry entries with names that were misleading and that were stored in
improper locations, such as the \windows directory. Many appeared to be named to give an observer the idea
they were part of Windows. Some of them were not removed after the uninstaller was run. <snip>
Verisign Certificates Can't Be Trusted
- Officials again warn of money-transfer Nigeria scam:
Federal and state agencies are combining to try to stop the regular and e-mail messages. Most come from
Nigeria.The Secret Service e-mail address for forwarding the messages is 419.fcd@usss.treas.gov; its fax number is 202-406-5031.
Those who have lost money to the fraud should call the local Philadelphhia Secret Service at
215-861-3300.
In essence, the message asks recipients to help transfer a large sum of money out of Nigeria in return for a
big share of it. Those gullible enough to respond often end up sending their money to the people running the
confidence game or their accomplices in the United States. People who have received such messages, both
through conventional mail and e-mail, have been forwarding them, at the rate of 10,000 a month, to the U.S.
Secret Service's financial crimes division, which heads an international task force on the activity,
said Steve Saunders, assistant to the special agent in charge in Philadelphia . Americans are cheated out of
an estimated $100 million a year this way, officials said. Hundreds of millions of dollars are stolen
worldwide this way. An American is among 15 foreign businessmen who have been lured to Nigeria and murdered
after responding to the scam, officials said. Some have been held captive in attempts to pry more money out
of them.