SSL certificate debacle includes CIA, MI6, Mossad and Tor

Filed Under: Featured, Privacy, Vulnerability

SpyLast week I wrote about the compromise of digital certificate authority DigiNotar. While the idea of over 250 false certificates being issued was scary, the number has grown to 531, including what could be intermediate signing certificates.

This is really bad news. As DigiNotar is a "root" certificate, they can assign authority to intermediaries to sign and validate certificates on their behalf.

It appears the attackers signed 186 certificates that could have been intermediate certificates. These certificates masqueraded as well-known certificate authorities like Thawte, Verisign, Comodo and Equifax.

The expanded list of domains for which fraudulent certificates were issued includes Facebook, Google, Microsoft, Yahoo!, Tor, Skype, Mossad, CIA, MI6, LogMeIn, Twitter, Mozilla, AOL and WordPress. A complete list can be downloaded from the Tor website.

The attackers also issued themselves certificates for *.*.com and *.*.org. I am not sure if a multi-wildcard certificate like this is valid, but if so it could allow them to impersonate anything.

Tor logoAccording to the blog post on the Tor project's website, they also left a message in Farsi. Loosely translated, it reads "great cracker, I will crack all encryption, i hate/break your head."

This incident makes me feel more justified than ever in my distrust of the certificate system. While Mozilla, Google and others have been quick to permanently remove DigiNotar as a trusted authority, in this case it is too little, too late.

Currently computer users of IE and Safari on Windows 7/Vista/2008/2008R2, or Chrome and Firefox on any platform, are protected against exploitation as long as they are fully patched.

Mac OS X users using the latest Chrome and Firefox (6.0.1) versions are fine, but Safari and OS X itself have not been patched. There are instructions on doing so on the ps | Enable blog, although it is non-trivial.

More concerning is that mobile users are being left in the dark. There have been no updates, and no manual removal method for Android or iPhone/iPad/iPod Touch users who haven't jailbroken/rooted their devices.

Tap, tap, tap... Hello, Apple? Are you there? Your competitors (Microsoft, Google, Mozilla) are protecting their customers promptly and openly. I know you don't like to talk about security, but now would be a great time to show you care.

Correction: I mistakenly had noted Firefox 6.0.2 was current, when in fact 6.0.1 is the latest.

, , , , , , , , ,

You might like

18 Responses to SSL certificate debacle includes CIA, MI6, Mossad and Tor

  1. Stephanie · 1059 days ago

    I have Firefox 6.0.1 running on Windows XP. Am I ok or do I need a patch?

  2. Sarramon · 1059 days ago

    You say:
    "There have been no updates, and no manual removal method for Android or iPhone/iPad/iPod Touch users who haven't jailbroken/rooted their devices."

    Then follow it up with

    "Tap, tap, tap... Hello, Apple? Are you there? Your competitors (Microsoft, Google, Mozilla) are protecting their customers promptly and openly. I know you don't like to talk about security, but now would be a great time to show you care."

    I wasn't aware Google had stopped making Android or that by not patching Android they are still somehow magically "protecting their customers promptly and openly" with regard to mobile.

    • Chester Wisniewski · 1059 days ago

      Actually Google is worse... I was poking at Apple because if they patch it will make a difference.

      On the other hand if Google releases an Android patch tomorrow, on average it will take one year to reach the average handset. Check out the Black Hat presentation on Android patching by the guys from Lookout Security.

  3. Pablo · 1059 days ago

    What about Opera users?

  4. XP is NOT covered... only Vista and later

  5. Alan · 1059 days ago

    I'm looking at the spreadsheet of the of all the certificates issued, I just can't comprehend how so many high-risk certificates could have possibly been issued; "gross negligence" doesn't even seem to describe it. It kinda makes me feel sick.

    • Chester Wisniewski · 1059 days ago

      There have been rumors that the audit logs were tampered with as well, which could mean the attackers hid their actions.

  6. Sean · 1059 days ago

    If you are browsing behind some form of proxy that does SSL Certificate validation, are you likely to be protected from fraudulent use of these bogus certs, regardless of the platform/browser/app you are using?

    • Chester Wisniewski · 1059 days ago

      Depends on the manufacturer of the proxy. If it is squid on Linux for example, I think most Linux vendors have removed DigiNotar.

      It's a tough question, the safest thing to do is patch everything related as soon as possible to be assured you are safe. Especially for laptops/netbooks where you may not always be behind your proxy.

  7. Guest · 1059 days ago

    Wait.... is that Firefox version correct? 6.0.2? Isn't the most current version 6.0.1?

  8. leE · 1058 days ago

    Was the omission of BlackBerry from the mobile devices deliberate?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.