2008 has not been a happy year for web security, especially regarding trust you can have in the identity of web site you're visiting:
- Dan Kaminski shook world's faith in DNS. BTW, you already checked your DNS hardness or switched to OpenDNS, didn't you? Anyway, DNS security or not, you cannot trust non-SSL traffic when you're traveling, or you're behind a proxy you can't control (TOR, for instance), or otherwise not using a trusted ISP... wait, do you really trust your ISP? OK, you should not trust non-SSL traffic, period.
- But then, Mike Perry demonstrated how cookies can be stolen from SSL-secured sites (and NoScript deployed some countermeasures).
- Unfortunately, a shameful incident revealed that you can easily buy a valid SSL certificate for a web site you're not related with, if you find an unscrupulous enough vendor: in this case, a mozilla.com certificate has been obtained by Eddy Nigg of StartCom Ltd. from the Certstar Comodo reseller, no question asked. Of course, as a work-around, you could remove the offending CA root, but you must expect side effects (I discovered this breaks cleverbridge e-commerce back-ends, for instance). And, most important, are you sure this is the only sloppy CA out there?
- As if this didn't suck enough, a speech has been given today at 253c by Alex Sotirov, Arjen Lenstra and other high-profile researchers, who managed to leverage known MD5 weaknesses and not-safe-enough practices of some certificate issuers to build their own rogue CA.
The implications of the 3rd and 4th scenarios are scary: as long as these issues stand, trusting internet transactions is an act of faith.
CAs definitely need to move their asses, performing and proving their due diligence on "basic validation" when issuing a proof of identity (which a certificate is), rather than focusing on overpriced "premium services". Obsolete technologies like MD5 in SSL certificates must be deprecated and banned, both by CAs and browser vendors, as soon as possible.
In the meanwhile, there's not much we as end-users can do, other than checking for a sudden and unjustified change in the SSL certificate of a site we usually do business with, and that's not simple either, because there's no built-in browser alert of the kind we've got in SSH clients, for instance. Anyway, some help can come from the Perspectives add-on for Firefox.
Even if Perspective's primary and most advertised aim is enabling SSH-style certificate "validation" for self-signed certificates (those not issued by an established certification authority), it can be configured to act a second validation layer for CA-signed certificates too, by checking their consistency from multiple internet nodes (called "Notaries") and/or over time:
- Install the Perspectives add-on (if you are not a Firefox user, get Firefox first).
- Open the Tools|Add-Ons Firefox's menu item, then select the Perspectives row and click the Options button.
- In the Preferences panel of the Perspective options window, check Contact Notaries for all HTTPS sites.
- Optionally clear the Allow Perspectives to automatically override security errors checkbox if you're not interested in managing self-signed certificates.
- Optionally modify, in the Security Settings box, the required quorum (the fraction of Notaries which must agree) and the number of days this quorum must have been reach for.
This way you should obtain some protection against rogue but "valid" certificates.
Happy new year!