Thursday, January 03, 2013

Notes on the TURKTRUST fiasco

Yet again a Certificate Authority failed, allowing a hacker or government to spy on SSL connections. I thought I'd write up some notes. I'll likely update this post over the next couple days as more info becomes available.

The most important thing to remember is there is no evidence of maliciousness. The CA fail appears to have been accidental. More importantly, the MitM may also have been accidental. This incident will be used by those beating the "state sponsored hacking" drum, so I thought I'd point out that as of today (Jan 3 2013) no evidence exists to support that conclusion.

The incident was first detected by Google. Their blogpost says that Chrome detected the issue. That's interesting, because it implies that Chrome has some ability to detect (and report back to Google) attempts to MitM connections to Google.com.

Microsoft and Mozilla reported advisories on this. The three major browsers (Chrome, Firefox, IE) have added filters preventing the bad certificates from being used. In addition, they have paused adding support for TURKTRUST's new certificates. None of these three have yet (Jan 3 2013) removed the old TURKTRUST certificate.

This post in the Mozilla forum appears to be from TURKTRUST. It describes the details supporting their claim that the granting of those two certificates was an accidental error that is unlikely to be repeated. These details are quite plausible.

That post also describes how the bad certificate was added to a Checkpoint firewall. These firewalls have the ability to do MitM HTTPS interception for legitimate purposes, but normally would require installing a self-signed certificate on all the desktops behind the firewall. This page at Checkpoint and this video discusses their HTTPS inspection capabilities.

I don't have enough experience with Checkpoint firewalls, but after looking at the details, this seems like a plausible scenario. It's quite possible that the MitM was essentially accidental. This is especially true when looking at it from the other point of view. Google Chrome hoovers up a ton of information from hundreds of millions of machines. When somebody misconfigures a firewall, Google is going to notice. Google is going to regularly report harmless Internet oddities that otherwise would've gone unnoticed before.

Microsoft published information about the offending certificate, which is discussed here. Someone decoded the certificate blob and posted it on pastebin. This appears to be the sort of thing the Checkpoint auto-generated certificate looks like, such as being valid for only one month.

1 comment:

Neversphere said...

Chrome has a feature called certificate pinning which ensures that certs for certain sites must be issued from a whitelisted ca.

Code: http://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state.cc?view=markup

Quick overview:
http://www.imperialviolet.org/2011/05/04/pinning.html