[cryptography] yet another certificate MITM attack

Jeffrey Walton noloader at gmail.com
Sat Jan 12 05:46:07 EST 2013


On Sat, Jan 12, 2013 at 4:27 AM, ianG <iang at iang.org> wrote:
> On 11/01/13 02:59 AM, Jon Callas wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Others have said pretty much the same in this thread; this isn't an MITM
>> attack, it's a proxy browsing service.
>>
>> There are a number of "optimized" browsers around. Opera Mini/Mobile,
>> Amazon Silk for the Kindle Fire, and likely others. Lots of old "WAP"
>> proxies did pretty much the same thing. The Nokia one is essentially Opera.
>>
>> These optimized browsers take your URL, process it on their server and
>> then send you back an "optimized" page.
>
> Oh, I see.  So basically they are breaking the implied promise of the https
> component of the URL.
>
> In words, if one sticks https at the front of the URL, we are instructing
> the browser as our agent to connect securely with the server using SSL, and
> to check the certs are in sync.
>
> The browser is deciding it has a better idea, and is redirecting that URL to
> a cloud server somewhere.
>
> (I'm still just trying to understand the model.  Yes, I'm surprised, I had
> never previously heard of this.)
It's right up there with the PenTesters using BurpSuite to to destroy
a secure channel. I look at the PenTest reports and shake my head in
disbelief that no one took exception to what the PenTesters did....

> One could interpret the browser as being a combined service between the
> client on the phone, and the cloud support services, sure.
>
> I think this interpretation would be unusual to any ordinary user.  At a
> contractual level, it would also need to be agreed by both ends.  We can
> easily ensure the end-users' agreement by means of the phone agreement, but
> it is less easy to imply the banks' agreement.
Absolutely - users have been trained otherwise. No layman would expect
it if the padlock is displayed.

What do we do about the developers? Security Professionals?

>> Some of these browsers let you turn off the "optimizations" for SSL pages.
>> The Amazon Silk browser does.
Odd, but its apparently been "fixed". Why fix something that's not
broken? http://falkvinge.net/2013/01/11/death-twitches-nokia-caught-wiretapping-encrypted-traffic-from-its-handsets/

Jeff



More information about the cryptography mailing list