Topic: Cloudflare - page 2. (Read 14889 times)

I dont save it, but I can assure that when bitcointalk.org was under cloudflare a valid SSL certificate was been served.

Did anyone actually save a MITM cert? I only have a few reports of unusual behavior -- nothing too solid. Personally, I observed 108.162.197.161 proxying the traffic verbatim, without touching the cert.

Theymos, any chance you could contact Globalsign — cloudflare's CA partner— and point out we believe their relationship with cloudflare may have been used to fraudulently issue a certificate for bitcointalk.org, ask them if they did— and if they did, to please list that certificate in their CRLs?

Looks like there is no way to escape a "cloudflare mediated attack": short of

(1) Get a shiny new SSL cert with a CA that has a strong security policy. (e.g. won't give certs to cloudflare), the current one may be adequate
(2) Get browser vendors to pin that CA for this domain.
(3) HSTS the site.


(2) would be a somewhat amusing discussion. As Bitcointalk is a much lower traffic than most of the other sites that have been CA pinned in chrome. OTOH, we can point out that a redirect to cloudflare attack was actually performed on us, ... while most of the other pinned sites are not known to have been attacked.

Because there isn't any functional alternative at the moment. But the only thing its used for is so you can have a "payment requests signed by XYZ.com", thats it. In not case is it weaker than not having it, excluding arguments perhaps about false senses of security. The payment protocol stuff is fully extensible so if someone shows up with a more useful PKI it can easily be added.

Seriously, I'm one of the last guys to think the situation with x509 isn't a complete farce but I don't see any problem with the payment protocol supporting x509 signing of invoices. You'd not adding to the quality of discourse with that "wonder why" bullshit. Especially because there are a lot of ignorant people out there who have absolutely no idea how it works and think that supporting CA authentication of a signing key will somehow make all their transactions visible to the CA or other such threats that don't exist.

Hah, guess I re-quoted my misquote and dropped this bit :-)

(emphasis added)


Uh…. isn't that exactly what I said?



Gee I wonder why.

Yet it's being built right into bitcoin-qt... :-(

I just did, you're partly right, I'm partly right too.



I think this is where you're wrong, I'd assume (the reference doesn't say) that the CA wouldn't sign the certificate without at least the DNS of the domain pointing to CF. They wouldn't simply sign *any* certificate.

Could have been achieved with any CA that validates ownership of domains with the insertion of some validation token at an arbitrary URL on said domain.

That's not even necessary in this case. Most CAs will verify you only by sending an email to something like [email protected]. But if the attacker controls the DNS, then they can receive mail at such email addresses.

The CA system sucks in general. I actually used to have all CAs disabled in Firefox, but Firefox (especially newer versions) handles this really badly, so I couldn't do it anymore.

Read up.  Globalsign issues certificates directly to cloudflare, signing a cloudflare-generated keypair.

The entire X.509 edifice is a complete joke.  Or an NSA honeypot.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Here's what we think happened:

8-14 hours ago, an attacker used a flaw in the forum's AnonymousSpeech registrar to change the forum's DNS to point to 108.162.197.161 (exact details unknown). Sirius noticed this 8 hours ago and immediately transferred bitcointalk.org to a different registrar. However, such changes take about 24 hours to propagate.

Because the HTTPS protocol is pretty terrible, this alone could have allowed the attacker to intercept and modify encrypted forum transmissions, allowing them to see passwords sent during login, authentication cookies, PMs, etc. Your password only could have been intercepted if you actually entered it while the forum was affected. I invalidated all security codes, so you're not at risk of having your account stolen if you logged in using the "remember me" feature without actually entering your password.

For the next ~20 hours, you should only log into the forum if you're quite sure that you're talking to the correct server. This can be done by adding '109.201.133.195 bitcointalk.org' to your hosts file (remember to remove it later!), or by using some browser plugin to ensure that you're talking to the server with TLS certificate SHA1 fingerprint of:
29:0E:CC:82:2B:3C:CE:0A:73:94:35:A0:26:15:EC:D3:EB:1F:46:6B

Simultaniously, the forum has been the target of a massive DDoS attack. These two events are probably related, though I'm not yet sure why an attacker would do both of these things at once.
-----BEGIN PGP SIGNATURE-----

iF4EAREIAAYFAlKb2nkACgkQxlVWk9q1kefhTwD+Ni5k7CUrHjvzG29wO3Gx4Am+
MV5tdw8zE1AAWvbstt8BAIrndOXCYmawoXN+VeSZkLXHnCyQbR8IOftQnpl2aXYs
=465T
-----END PGP SIGNATURE-----

Bullshit.

I warned about this EIGHT MONTHS AGO.

Oh well, at least bitcointalk is doing something about it (albeit belatedly)… as opposed to pretty much every single exchange, which continues to ignore the problem.

Either you remember incorrectly or Theymos is wrong (probably the former).

Cloudflare talked a major CA into issuing a certificate for any domain with a cloudflare-generated keypair; all they check is that you've pointed your DNS records at cloudflare.

So, what's the story here ?

Also :


No you're not, you want to check your account for changes, payout addresses especially and any other sensitive information that might have been altered without your knowledge.

It was pointing to random servers through cloudflare. If you visited the forum and saw it connect through cloudflare, you should scan your computer for viruses.

Thanks!
Any clue about what happened?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This is being undone. It'll take 24 hours for the changes to propagate. Downtime may occur. Even if the forum is not down for you, I recommend adding this to your hosts file:
109.201.133.195 bitcointalk.org

(Make sure to remove it in a few weeks, though, or else the forum will go down for you next time we change IPs.)
-----BEGIN PGP SIGNATURE-----

iF4EAREIAAYFAlKbexcACgkQxlVWk9q1kedVmgD+Jd4c22Bpur9IPTdba8hK78lE
Ht2LBa+EXWNyAQ5JdesA/2nq7nps7SGm8zGqJUrUXtyNutcfVClUMl4VwHg1WZ9R
=QYwE
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I didn't order this change. It may just be a miscommunication, but it may also be part of a MITM attack.

The fingerprint of the forum's TLS certificate is:
29:0E:CC:82:2B:3C:CE:0A:73:94:35:A0:26:15:EC:D3:EB:1F:46:6B

Has anyone observed a different certificate?
-----BEGIN PGP SIGNATURE-----

iF4EAREIAAYFAlKbehcACgkQxlVWk9q1kefriQEAvOCK5o1Eb45+Yk+3Oib51Xyn
a1GRdw2UqFeqDWeDJ/gA/3agXFUacZhfO0PCW3FW4iRG4I7/agUbl/fQDko8KPHy
=ioA0
-----END PGP SIGNATURE-----