A counterfeit credential authenticating Gmail and other sensitive Google services was the result of a network intrusion suffered by DigiNotar, the parent company of the Netherlands-based certificate authority said in a press release that raised disturbing new questions about security on the internet. Tuesday's disclosure by …
On OS X, open Keychain Access, type DigiNotar into the search box and you can find the root certificate that way.
Double click on it, and click the arrow next to 'Trust' if that section's not expanded. Change the drop down next to 'When using this certificate' from 'System default' to 'Never trust' and close the window. You'll be prompted for an admin password.
Not just Safari and if you are symbian user
It will also work for any browser/application which wisely uses central os x security system for dealing with ssl.
While there, I would also enable certificate revocation system (at right most tab at prefs) which comes disabled by default for an unknown, weird reason. That will enable dynamic disabling of rogue certs.
Symbian phones also uses OS X like central repository for certificates. It is at settings-->general-->security-->certificate management.
I couldn't find the certs on E71 but it is an old phone. It will help mail, opera mobile, uc web and several other apps. They all use the system's own infrastructure.
In fact, if you have anything other than computer, fix it first. As f-secure says, devices are way easier to phish user.
And on Windows ...
Use the following on all your PCs and servers ... (ought to work on all OS versions >= XP)
# sha1 hash is for DigiNotar Root CA
certmgr.exe -del -c -sha1 "c060ed44cbd881bd0ef86c0ba287ddcf8167478c" -s -r localMachine Root
# sha1 hash is for DigiNotar Root CA G2
certmgr.exe -del -c -sha1 "43d9bcb568e039d073a74a71d8511f7476089cc3" -s -r localMachine Root
to expunge the offending CA root certs from the system wide trusted root list.
There's a plugin for Firefox that "implements ''pinning'' for Firefox/Mozilla/SeaMonkey roughly as now recommended in the User Interface Guidelines of the World Wide Web Consortium (W3C). "
Certificate Patrol: http://patrol.psyced.org/
Safari on Mac
You need to go to keychain access, search for digino, get info and say 'never trust' or delete it
SSL has failen
"So for now, users would be well-served by removing DigiNotar's root-signing key from all applications they use to access the internet." - well, I did this long time ago. Just like I removed "TÜRKTRUST", "ApplicationCA - Japanese Government", etc...
Who chose which companies I should trust?
I couldn't find DigiNotar in the list of CAs supported by Opera. So Opera users might be safe. (Don't quote me on that; I'm not an expert.)
(Menu:) Settings -> (Menu Item:) Preferences -> (Tab:) Advanced -> (List Entry:) Security -> (Button:) Manage Certificates -> (Tab:) Authorities
Opera is actually pretty strange in being mum on this. They definitely ADDED DigiNotar certificate, as these posts on their blog confirm:
But there appears to be no mention of its removal.
Unfortunately you seem to be wrong. But I don't blame you. Opera does install CA certs on demand. I didn't have their cert. But after visiting https://www.diginotar.com/ (any site signed by them should work), which redirected me back to http, I found it on the authorities tab.
There are no DigiNotar certificates in my copy of Opera 11.50
How Opera works:
Whilst all browsers support revokation, only Opera does the full deal including dealing with blocked revokation responses. Opera also has an online repository of blacklisted root CA's which your browser will periodically check.
This is why Chrome and Firefox have issued emergency updates and Opera does not need to.
Opera Users (v2)
Thanks for everybody's comments. Here's what I conclude.
- Anonymous Coward @20:52 is right: Opera seems to download certs on demand. I went to https://www.diginotar.com/ and ended up with the cert in my cache. (If I'd been more awake, I would have checked.)
- So I followed the original set of links (up to Manage Certificates -> Authorities) *selected* the DigiNotar certificate, clicked (Button:) "View" and unchecked the "Allow connections to sites using this certificate" checkbox. We'll see how that goes.
- The links provided by Anonymous Coward @20:40 make me think Opera has some "potential" to download the root CA, but doesn't do so until actually asked. But who knows.
- Mike Judge and others posting the url of this blog: http://my.opera.com/securitygroup/blog/2011/08/30/when-certificate-authorities-are-hacked-2
For that to work, DigiNotar have to realise the certificate has been issued fraudulently and revoke it. Then, in a corner case, Opera gives you a bit of extra protection. However when the revocation url isn't blocked, I would also expect Firefox and Chrome to automatically check for revocations. (But then I use Opera because I've found my high expectations frequently unsatisfied by other browsers...)
Paris, because she *always* satisfies expectations. Particularly, particularly high ones.
Any customer going to their site and trying to buy a certificate won't see any warning... All their certificate-ordering systems seem to be working as normal - I didn't go through the later steps, but I can imagine it would be rather annoying for will-be customers.
Insecure by commercially-driven default
What about those CAs that sell the authority to make trusted-by-default certificates for any domain? Press their palms with silver and you too can use man-in-the-middle attacks within your company and elsewhere. That's why add-ons like Certificate Patrol exist.
Inadvertently give authority away and you're blacklisted and ruined, if you're small enough. However, if you sell the certificates deliberately, the industry accepts that's just business as usual.
Maybe this incident will open more eyes and put pressure on Mozilla to be less trusting by default. That, in turn, may then put pressure on Microsoft and Apple.
are you referring to
BlueCoat? This is their business model.
DigiNotar today but Diginotomorrow
I expect Diginotar will probably just close up shop and re-open under a new name and start selling certs again within a few weeks.
More than likely taking quite a few genuine website certs offline in the process.
A note from Opera
And checking on Windows (7)...
I'm the nut who uses Windows 7 with a regular user account and password secured the administrator account. I like this behavior because I hardly need admin credentials and the need to type in a password makes me better aware that I'm doing something special (instead of clicking "ok" all the time).
If you're like me you cannot use the control panel to get access to the certificate store. If you do you'll see that its read only. Hopefully you won't consider starting Internet Explorer as administrator; here's what you'd better do:
Start -> Accessories -> Right click command prompt and use "Run as administrator"
Here you type: "mmc certmgr.msc"
In the program screen which follows you can get an overview of all certificates and even remove the ones you don't need anymore (like I do with the root certificates which have expired). You need the extra command line step because the certificate repository can be accessed by everyone. So trying to directly start certmgr.msc will also end you with read-only access due to lack of admin privileges.
"by checking a cryptographic hash of an SSL certificate's public key."
So to validate a potentially broken third-party encryption, we are told to use yet another third-party encryption... and how do we know we can trust the "cryptographic hash"? Oh, it is approved by Google... hang on, weren't the dodgy certificates supposedly "approved by google"?
...there's a hole in my bucket, dear Liza, dear Liza...
Then fix it, dear Henry, dear Henry...
Thumbs up because I haven't heard that song in decades, and since I'm currently engaged in tracking down all the songs I can remember from my childhood, you just reminded me that I'd forgotten that one, and several others associated with it in my memory, like "Manah-manah" and "You are my sunshine". Thanks for the memory jog! ;)
It does make sense. In stead of relying on just the certificate send to you by the server and your local CA list it adds an extra check on top of that. You get everything you had before, plus the additional verification that the certificate is indeed the one Google bought and not one which was illegally obtained somehow.
It is a bit of hack, and it won't scale to be usable for the internet at large, but it works. This bogus certificate was detected because of that feature and might have gone unnoticed a bit longer otherwise.
I think this is enough proof
that SSL on its own is broken, and the world now needs something new. 247 bogus certificates? And they're just the ones in the media. It would be naive to think that there are not more fraudulent certs out there, a lot more... How can we trust SSL now?
What did this allow them to do?
The faked certificates allowed websites to pretend to be authentic? Does anyone know how these were actually used? I see Iran mentioned, but no details of what was really done with these certs.
And I also dont see the usual finger pointing we see everytime the US is targettted by an intrusion. Who would want to target Iranians? Hmmm....
Remember, remember, Crypto AG...
Who would want to target Iranians?
The Iranian Government, perhaps.
RE "Who would want to target Iranians?"
"The Iranian Government, perhaps"
Which they can perfectly well do (and certainly do do) from within Iran's own networks.
Indeed, the usual speculation appears to be strangely missing.
"A spokesman for DigiNotar told The Register that it would “be difficult” for him to respond to questions about the security breach and the resulting effects it has on end users. This only seems to reinforce the notion that CAs see themselves as too big to fail and aren't accountable to end users."
It would certainly be difficult if he strongly suspects that the breach was the work of an intelligence agency from a "friendly power". Especially if that power had a lot of influence over control of the net. He might very well feel that keeping stumm under the circumstances might be the lesser of the two evils and that he just has to swallow the fact that the rest of the industry are not too impressed by the lack of information from the company. He indeed may fear that they will end up very "accountable" but for the wrong reasons and not to the end users in the industry.
Like this ...
>> The faked certificates allowed websites to pretend to be authentic? Does anyone know how these were actually used?
I can't say how they *were* used, only how they *could* be used.
Without SSL, anyone who controls the digital path between your computer and another site can intercept the connection and pretend to be the other site. Having done this, the options are quite varied - they could forward all the traffic so the site still works but they can read it all in transit , or they could completely replace some or all of the information (ie feed you false pages). This si the basis of a Man In The Middle (MITM) attack - you sit in between two communicating parties and spy on or even alter the messages being passed.
SSL is supposed to stop this, because your client software (browser, email program, whatever) and the site negotiate a secure connection and your end can verify the credentials by following the cryptographic chain back to a root certificate. The MITM attacker won't have a valid certificate, and your client software can then flag up the "there's something wrong with the security" alerts.
But, if you've managed to get a fake but valid SSL certificate, then when you do your MITM attack, you do have a valid certificate, and so the end user never gets any alerts. This means if you are a government intent of suppressing dissent, you can eavesdrop on (in this case, it seems emails) that your citizens think are secure (the service is off-shore in a country hostile to your government, and the traffic is protected in transit by SSL).
Obviously, if you are planning an uprising and think your communications channel is secure, then you are likely to divulge details that would be useful to those that you are planning to rise up against.
re:RE "Who would want to target Iranians?
So you're suggesting that the Iranian Government uses Gmail and Google Docs to do it's secret business. Seriously, even if they did, the CIA, NSA, whatever must have a dozen more effective and less clumsy (meaning you will never find out about them) methods to snatch the information.
And yes, the Iranian Government certainly does monitor it's own networks. But here's the thing: the Iranian opposition movement contains some very smart people and there are a lot of them. The Ayatollahs' boys aren't fully in control and they know it. This is just the sort of stunt they are likley to try.
@Simon Hobson - thanks, but more questions
I mostly get what you are saying about the MITM. But, how does one fake gmail SSL cert work in practice?
- if I've never connected my browser to gmail before, I understand that a suitably compromised network can use the hacked cert to dupe me into believing me <=> gmail is encrypted and private. Which it isn't.
- but if I have already had connections to gmail, using a non-Diginotar, un-compromised, cert, can the network somehow dupe my machine into ditching my previous certs and relying on hacked ones instead?
i.e. what is the bigger context of this hack? Assuming a potentially fully hostile ISP in a place like Iran? What about if your network and ISP are benign and well-intentioned? How can those certs be used to compromise you, in that case?
(Need a question mark icon, guys. Not just the Paris one)
Digital Death Penalty...
... for all CA companies who refuse to disclose the full details of any breach.
Everyone and their dog are removing the DigiNotar certs now, causing SSL sites of all their customers to trigger a "potentially insecure" warning. And I hope they get sued for that by their customers.
I have punted the DigiNotar cert, just as I did with Comodo, and I don't hesitate to do this to all root-level certs of all companies who are less than completely open about all breaches. And when I get a SSL warning because of that, I stop using the site/service that uses it, and make sure that let the owner know.
Vote with your feet, people.
Removed the DigiNotar trusted root from Chrome.
DigiNotar was automatically and silently back in my trusted roots list.
- YARR! Pirates walk the plank: DMCA magnets sink in Google results
- Pics Whisper tracks its users. So we tracked down its LA office. This is what happened next
- Review Xperia Z3: Crikey, Sony – ANOTHER flagship phondleslab?
- Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
- Human spacecraft dodge COMET CHUNKS pelting off Mars