In this day and age of well-known NSA spying, everyone keeps saying that the only way to be safe is to use SSL/TLS, commonly known as "browsing with https://".
The sad reality is that HTTPS does virtually nothing to protect you from the prying eyes of alphabet soup agencies - or anybody else with enough knowledge about how these supposedly "secure" connections actually work.
I have said it before, and I'll say it again: There never was security or privacy on the internet, there is no security or privacy on the internet now, and most likely there never will be. Not unless some very big changes are made...
And do you know why all this (and much, much more) is possible?
Because just like you, I had no knowledge of the gaping holes in SSL. Awareness of this and many other issues - technological, political, psychological, social, etc. - is absolutely essential.
Otherwise, frankly, we're screwed.
It's true that connecting to web sites with SSL will certainly prevent "script kiddies" and other more winky opponents from eavesdropping on your surfing or otherwise interfering in your affairs. BUT as for the Real Bad Guys, forget it...
We shall begin by taking a brief dive down the rabbit hole of SSL, hopefully in a way that will make sense to even the least technically inclined among us.
This issue is, after all, so extremely important that I think everyone needs to understand what is really going on, and how web security actually works, without needing a PhD in cryptography, computer science, or engineering!
Our story begins with a little e-mail I received the other day. The basic message can be found here:
Microsoft Security Advisory (2880823)
From the above link, we read:
Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm- and use SHA-2 - for the purposes of SSL and code signing after January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.
MD5 considered harmful today: Creating a rogue CA certificate
SSL Web Site Certificate
Using HTTPS is not only for encryption of communications, but also a way to verify that the site you are communicating with is the Real Thing, and not an imposter.
Now, where do these hash algorithms like MD5, SHA-1, and SHA-2 come into play?
All certificates contain information, like:
- Web site domain (www.mysite.com)
- Site location (country, state, etc.)
- Site owner info (company name)
- Period of validity
Right. There is such a thing as a "hash collision". This is when you have 2 hashes that are identical, but they were generated from different data. That's like if you and your neighbor suddenly had the same thumbprint. OOPS!
This is exactly what happened with the MD5 SSL attack, a Man-in-the-Middle attack.
In other words, SSL / HTTPS means that the connection between your browser and the destination server at the URL you're visiting is supposed to be encrypted. But due to the fact the certain types of SSL certificates (which help handle the encryption) can be forged, an attacker could set up their fake server that pretends to the be the real destination server, and thus insert themselves in the middle of the connection. When that is done, the attacker has control over the connection and the data, and can thus decrypt your data, manipulate it, and/or pass it on to the real intended destination server.
Now, isn't that a daisy?
"But wait!" Even you signed using SHA-2, you are still unsafe.
Why?
In order for the "security" to actually be more secure, everyone must upgrade right now. But this isn't going to happen.
Because all it takes is for ONE Certificate Authority to use a "weak" hash algorithm, and someone who is up to no good can generate a forged CA Root Certificate. Once they have that, they can generate as many SSL Web Site Certs as they want - using any hashing algorithm they please - including a fake-yet-valid cert that they can use to impersonate your "secure" site!
In other words, the weakness in the hashing algorithm is just the tip of the iceberg. Due to the hierarchical "chain of authority" in the whole certificate system, if anyone manages to create a false CA Root Cert, they are more or less god in terms of creating false SSL Web Site Certs.
Now, if that isn't bad enough, think about all the NSA spying. Think about how many people said, "Naw, man, I just surf using HTTPS, and I'm totally safe!"
Guess who invented the SHA-1 hash algorithm in 1995?
The NSA.
Guess who invented SHA-2 in 2001?
The NSA.
So, why should all the Certificate Authorities switch from the NSA's SHA-1 to the NSA's SHA-2? Why, because the NSA created it the way they did for a reason!
SHA-1 already has been theoretically breached, and there are a few indications that SHA-2 isn't quite as super-duper-safe as everyone thinks.
Imagine you are the NSA. You want to spy on everyone, everyone's grandmother, the grandmothers' cats, and the mice that are currently being digested inside the cats. SSL is kind of a problem... It can use pretty annoying encryption. Well, hell! No problem. Just compromise the "certificate authority chain" by forging one little CA Root Certificate, and blammo! You can eavesdrop and man-in-the-middle anybody you darn well please, SSL or not!
Web sites over SSL? No problem.
E-mail over SSL? No problem.
No comments:
Post a Comment