And what's the deal with bitcoin.org and the armory site where people getting their bitcoin software from are not using any security/encryption at all to protect the transfer?
Any MITM could interfere to send a malware program instead of the real ones, to steal all the unsuspecting downloader's coin (potentially millions).
Is there any discussion of this lack of security in the heart of BTC?
Topic: All SSL Certificates can be spoofed: TURKTRUST (Read 1325 times)
The only correct way to do such security is to receive the certificate fingerprint directly from the party or have someone you trust provide it to you.
This is kind-of the way it is done with the CA system except you are trusting the CAs because the browser providers put some default providers in there because... Well, do you know why? Do you know what requirements the browser providers make of the CAs to warrant them giving them your trust by proxy?
The truth is that it's a pretty shoddy system and definitely a result of convenience over security. I still use it because risks are low and I don't consider other options to be realistically worth the hassle. So convenience over security for me too but I'm doing it by choice. There are many (most) people out there who are unaware of the implications.
This is kind-of the way it is done with the CA system except you are trusting the CAs because the browser providers put some default providers in there because... Well, do you know why? Do you know what requirements the browser providers make of the CAs to warrant them giving them your trust by proxy?
The truth is that it's a pretty shoddy system and definitely a result of convenience over security. I still use it because risks are low and I don't consider other options to be realistically worth the hassle. So convenience over security for me too but I'm doing it by choice. There are many (most) people out there who are unaware of the implications.
1) So a phishing site could have an ssl cert that appears to be Paypal.com (for example), is that a 'practical' use of this info?
That's one concern, but the main concern is that your ISP or someone else between you and PayPal on the network could intercept your PayPal password.
I am sure some one (maybe some government) will do that.
1) So a phishing site could have an ssl cert that appears to be Paypal.com (for example), is that a 'practical' use of this info?
That's one concern, but the main concern is that your ISP or someone else between you and PayPal on the network could intercept your PayPal password.
1) So a phishing site could have an ssl cert that appears to be Paypal.com (for example), is that a 'practical' use of this info?
2) DNS has been mentioned: If my DNS is secure then people land at the correct site and see my genuine cert. I'm more concerned that the move to TLS1.1 never happened, TLS1.0 is hackable.
2) DNS has been mentioned: If my DNS is secure then people land at the correct site and see my genuine cert. I'm more concerned that the move to TLS1.1 never happened, TLS1.0 is hackable.
The CA system is garbage. I use Certificate Patrol and Perspectives to protect against this kind of thing. I wish I could disable all CAs, but Firefox is bad at handling this.
My favorite idea for replacing the CA system is to put certificates in DNSSEC-protected DNS records. Then only people you have agreements with can screw you: your registrar, register, and ICANN.
My favorite idea for replacing the CA system is to put certificates in DNSSEC-protected DNS records. Then only people you have agreements with can screw you: your registrar, register, and ICANN.
In this way, CA may not be better than manually confirm each certificate yourself (except maybe first time visit a website and use CA to match the name you want to visit)
Anyway, i never realized this before.
When I brought this up in the payment protocol thread why was I shouted down for this being a purely theoretical problem?
The CA system is garbage. I use Certificate Patrol and Perspectives to protect against this kind of thing. I wish I could disable all CAs, but Firefox is bad at handling this.
My favorite idea for replacing the CA system is to put certificates in DNSSEC-protected DNS records. Then only people you have agreements with can screw you: your registrar, register, and ICANN.
My favorite idea for replacing the CA system is to put certificates in DNSSEC-protected DNS records. Then only people you have agreements with can screw you: your registrar, register, and ICANN.
There are thousands of SSL certificate authorities.
Any of them can issue a valid SSL certificate for any website.
So the current trust system is a single point of failure, yes. Any of the certificate authorities can make a certificate for any website.
Any of them can issue a valid SSL certificate for any website.
So the current trust system is a single point of failure, yes. Any of the certificate authorities can make a certificate for any website.
So if I understand it right, a single point of failure of the current certificate authority structure can make anyone impersonate anyone else ?
Here's my (poor) attempt to explain what this is all about:
There are fake google.com SSL certificates being used to steal passwords and break into accounts.
Microsoft Security Advisory 2798897: Fraudulent Digital Certificates Could Allow Spoofing
This will probably cause the centralized authority to take further action to restrict the freedom of the net. Proposals like TLSA / CAA put too much power in the hands of the DNS registrars.
This is not the first time the CA trust system for all SSL certificates has been broken wide open. This talk from 28C3 describes another bad one.
Namecoin, despite its weaknesses, might just have a chance!
There are fake google.com SSL certificates being used to steal passwords and break into accounts.
Microsoft Security Advisory 2798897: Fraudulent Digital Certificates Could Allow Spoofing
This will probably cause the centralized authority to take further action to restrict the freedom of the net. Proposals like TLSA / CAA put too much power in the hands of the DNS registrars.
This is not the first time the CA trust system for all SSL certificates has been broken wide open. This talk from 28C3 describes another bad one.
Namecoin, despite its weaknesses, might just have a chance!
Brian Krebs, former Washington Post reporter, now a recognized blogger in computer security reports:
Turkish Registrar Enabled Phishers to Spoof Google
Turkish government agency spoofed Google certificate "accidentally"
Note that the fake intermediate CA files have been in the wild for 5 months! The ability to impersonate any SSL server is worth in excess of $25,000 on the black market.
Turkish Registrar Enabled Phishers to Spoof Google
Turkish government agency spoofed Google certificate "accidentally"
Note that the fake intermediate CA files have been in the wild for 5 months! The ability to impersonate any SSL server is worth in excess of $25,000 on the black market.
Jump to: