Apple has finally purged the imprimatur of disgraced web authentication authority DigiNotar from its Mac operating system. In an update released Friday, Apple removed multiple DigiNotar root certificates from the Lion and Snow Leopard versions of Mac OS X. The move came nine days after the discovery that the Netherlands-based …
All PowerPC users at risk
If EV cert really gets ignored at trust setting level, manual intervention won't matter too.
So, as this update (which is absolutely trivial) is not available for OS X 10.5.8, there is a OS wide risk.
Either switch to Firefox 3 latest for browser and Thunderbird/whatever doesn't mail client (or webmail) which DOESN'T TRUST TO OS FOR SSL or, switch to a powerpc supporting linux.
It is the degree of security problem Apple created, punishing their customers who hasn't abandoned their working powerpc machines and still keeps buying stuff from Apple.
Flash lack of updates won't bother PPC users as there is no idiot around who will spare time to code a universal worm/trojan payload. This issue however, can effect all banking, mail and whatever uses SSL. If you connect to some machine in a remote country thinking it is google and give your password, your cpu doesn't matter.
They are also so disconnected from real World and American/UK policy. Do you think opressed Iranians (who are said to be real target) can afford or even buy latest Mac? No. They have a huge powerpc population. They are risking their lives. Yes, regime guard whatever comes and you disappear type threat.
I wonder if it is possible to setup "must be passed" (Symbian app install) policy in OCSP and pointing their (ssl provider) ocsp server (or *.server.nl) to 127.0.0.1 ? Shame on Apple making me think of such crazy primitive hacks.
XP did get the root cert update btw.
Not just PowerPC users, I know several PowerMac owners who are still using Leopard because software they depend on won't install on Snow Leopard, so they're screwed too.
And yes, XP got the patch.
"Users of Google's Android OS for smartphones also remain wide open."
Not true, as of course you can install any browser you wish on Android, and many do (Opera being the most popular mobile browser in the world).
Guess what, Opera users are automatically protected.
Google Chrome is said to have fix
We are getting used to privacy issues with Google and now, they ignore security threats especially on mobile devices?
F-Secure has an interesting point. Small screen devices, especially phone format are way more vulnerable to this kind of attacks because of screen estate issues. Of course, they make the point so they can sell their mobile security but nevertheless, they are right when you think about it.
So, Android should have a very public update before anything else. It has huge marketshare.
I am using Symbian and as you probably know, we don't expect any kind of "good behaviour" from such a CEO.
However, if I was using Android, I would be flaming both Google and my phone vendor right now. It is Linux on that level and everyone has sort of idea how easy to fix Linux for such issues. Android is heading to be Windows for devices in sense of marketshare, hope it won't end up security wise.
CRL and OCSP
Were the DigiNotar certificates ever revoked via CRL (Certificate Revocation List) and/or OCSP (Online Certificate Status Protocol)? If so, then why fuss at Apple?
Perhaps Apple should be knocked for not enabling OCSP and/or CRL by default but its pretty darn easy for users to do this themselves. I didn't bother to test DigiNotar before nuking their root CA's in my systems.
How to: Keychain Access -> Preferences -> Certificates. Change both OCSP and CRL from "Off" to "Best Attempt". Apple suggests OCSP for the Priority setting.
Do they forget it off?
Seriously, I can't find a single reason (including bandwidth usage) why Apple and several others disable ocsp by default?
I first saw ocsp (and TLS) on Opera 3.6 , it is that old. Even my "dead" Symbian phone has the functionality and Nokia, who is always paranoid about data usage, turned it on.
Anyone who can really tell a reason? I mean, a person who actually knows the protocol and what kind of harm it can do. Note I am on EDGE bandwidth so, please don't even mention data/bandwidth usage.
double post but needed info
BTW, from what I read, the EV kind of certificates (which are also stolen) do bypass the ocsp/crl because of a glitch in OS X.
Apple fixed it for people who throws away working computers yearly. Not for people who does actual work, hundred g4 mini configurations, photographers etc. That is the part drove me nuts.
Someone leaked source. It says "FIXME", issue existed since os x 10.0! As Apple is more interested in these innocent comment leaks rather than pave the way to the ultimate security scandal, I won't post the link.
Seriously, it took almost a decade to make MS take security seriously, it even needed CEO's public letter. For Apple and their "fans" who are busy thumbing down anyhing mentioning Apple, situation is hopeless.
There's a paper http://www.thoughtcrime.org/papers/ocsp-attack.pdf on how the protocol can be MITM attacked.
Rather than bandwidth usage, resource usage of the server running the OCSP service might be an issue if you get millions of requests. If it takes a while to respond, people will complain their browsing is slow (you're waiting for OCSP to respond before trusting the site). If it fails to respond at all, do you block access to the site? (That'll be disabled if people want to get to their stuff). Or allow access, risking people going to a site that shouldn't be trusted?
Is this why my iPad has just had an update thrown at it? The update said fixes a certificate security issue, but that was about all. 2+2= and all that...
Re: ios 4.3.5
Please keep up with the news, iOS4.3.5 has been out for since 25th July and is unrelated to the DigiNotar debacle.
It did however fix an equally important flaw in the way communications are handled between the device and secure sites.
A Downvote for a question? Seriously?
Thanks for the info AC, the update must have slipped by me, as it's been a busy 6 weeks for me since schools finished in july.
But which f*C@%ng idiot downvoted me for asking a question to which I didn't know the answer? I was actually hoping that Apple had fixed the issue on iOS as well as the update info wasn't very specific. Hey, I don't like the fact that they haven't fixed it yet either, but that's no call to take it out on me!
El reg, if this is the response of your commentards, forums attached to a story ain't the way to go - no one will ask anything as they'll end up flamed to a crisp.
Downvoted for whinging.
Whatever the up-votes or down-votes, you should still install iOS 4.3.5, because it patches a very serious security hole - just not the one opened by DigiNotar.
Don't sweat it, you mistakenly admitted to owning an Apple product, on a news article about Apple products. This automatically gets you down-votes from a certain kind of Android fanboy, who loves reading about Apple.
It also goes back the other way as well though, just read the comments on an Android story.
The reason that Apple haven't updated the iOS certs is because it's never a small patch. As with any minor amendment Apple want to make, it's a ~600MB download. So major testing required as anything going wrong will brick the entire device.
Another triumph for simplicity...
The only one to blame...
Is you, yourself and YOU. ...and DigiNotar.
This is ridiculous IMO. No, I'm not an Apple fanboy; my personal stance on Apple is that its usually overpriced stuff and although I never owned an Apple product I still dare question some of it.
But that is not the frickin' point, yet that's what I think is driving people towards being so negative here.
If you care so much about security, at least some claim as much, then why do you even bother waiting for some big company to "fix your system" when all you had to do was telling your OS not to trust those certificates anymore ?
That's stupid! If you really think this to be that important then the first thing you should have done was opening up your certificate manager to revoke trust in these root certificates, it really is that simple. Security doesn't start with trust in your OS or the support you get for it; it starts with YOU understanding how your OS actually works. No, not in every detail; but the main aspects in the very least.
On Linux you either tell your browser to do this or you remove the stuff from /etc/ssl/certs. On Windows you simply open the system certificate manager (or through the Internet explorer) and either remove said certs or disable their functionality ('purposes'). Its not that hard, honest. On Apple; sorry, I don't know. And yes; despite my earlier stated opinion I'm still curious how that might work. You will never see me putting Apple or its products down in any way, that's stupid too.
Sure; I agree that the companies who support our OS or browser also have a responsibility here. But I don't think its fair to claim that stuff like this needs to be changed ASAP and to ridicule them when they took their time.
Because the REAL blame here isn't with the browsers but with the people behind said certificate. You see; browsers normally don't NEED to remove a certificate in order for it to get revoked, if you think so you have no clue how this thing even works. A CA normally also supplies a so called CRL location with its certificates. A so called Certificate Revocation List. Which can be used to revoke a certificate "just like that".
"But if the certificate itself got hacked like here you're screwed anyway!". Not true. The /certificate/ and the /certification process/ got compromised, yes. But I didn't read anything about the DigiNotar webservers (for example). Did you know that a certificate can contain "CRL distribution point" locations? Which can also be web based locations? Did you know that many certificate based software has been developed with the ability to check up on those locations ?
For the non techies: What this basically means is that with the distribution of a certificate you also maintain a revocation list which tells the world which certificates are no longer trusted by you. So in an incident like this all you had to do was revoke trust yourself and put that revocation online ASAP.
Funny how hardly anyone uses those revocation distribution points. Funny how MS even /enforced/ its usage on Windows server 2003 through its CA service (enforced and /fully/ supported it). Funny how some of their certificates do include this small tidbit.
My stance on all this; you're barking up the wrong tree, this is a goose chase. The only one to really blame here is Diginotar for not taking action and responsibility themselves. And all those naysayers who are now barking at Apple. If it was so bad then you should have those certs removed yourself, easy as that.
If you blindly trust a company or organization to keep you safe then you're deluding yourself IMO. Sometimes you have no choice, absolutely true, but that isn't the case here.
You do got a point there...
Anyone can simply remove DigiNotar's CA from the Root Certificate store; not just in desktop OSes either. My BB can perfectly delete root CA certs as well. Are the iOS devices able to do this, or is this another of those cases there "Apple knows better" trumps security issues???
If the latter, Apple is fully responsible for this blunder, because the user can't distrust DigiNotar. BTW, I didn't find ay diginotar root certs on my BB...
I revoked my trust of DigiNotar as soon as the story broke. Logged in to my admin account, opened Keychain access, changed all Diginotar certs to "not trusted for all users". Job done. I still installed the patch yesterday though.
Missing the point
You're missing the point, dude. You know how to revoke a certificate, and so do I, but my parents do not. Neither do the rest of my family, or most of my friends.
The sad truth is, 90%+ of users have not the foggiest idea how their PC or smartphone works, and aren't about to learn. So who protects them? A lot of security software, AV, anti-malware, etc, exists to protect the clueless.
No that is the point...
But I admit it got a bit buried in the rant. CRL; Certificate Revocation List. If a CA sets up such a list and maintains it then he can immediately revoke whatever he has signed off to. And because such lists can even be distributed by means of http can be instantaneous.
Any SSL client environment supports this (or used to) by first checking the list's ID's before deciding whether or not to accept the certificate. Hence my opinion that the CA's themselves are the ones mostly to blame here. It seems only Verisign once actively used CRL lists.
supports =/= actually use
implements =/= implements properly
most OCSP implementations can be defeated by the number "3"
This is the OS / browser vendor responsibility (Apple)
/etc/ssl/certs contains only the symlinks. The actual certs Mozilla uses are stored in /usr/share/ca-certificates/mozilla . If you remove them remove both the symlink and the file. Both Chrome and Opera seem to use Mozilla's certs on Linux. But there is no guarantee if you remove them whether or not they will show back up in the next Mozilla update.
I really think this should not be dumped at the normal user's feet. It would be like me handing shell_user some malware and expecting him to analyze it without me giving him some instructions first. You can actually do more harm than good without the appropriate instructions. What if the certificate you removed keeps getting restored with each update? One guy removed this bogus Turkish certificate from Mozilla Firefox only to have it constantly restored every time the browser got updated. Chrome seems to update at least once a week on Windows. Chrome updates for Linux are better but you can count on at least monthly updates. Firefox on any OS isn't far behind Chrome on Windows. Actually, most Linux distros go through 2-3 OS updates per year now! I am beginning to think most Linux people just tinker with the OS and never use it to get real work done any more. But Windows mobile phone, iPhone and Android users don't have much control over it anyway. Apple has basically abandoned its PowerPC users. Most people can't afford a new machine more often than every 3-5 years. So if anybody has instructions for old PowerPC users speak up now. But these mobile phone users are at the mercy of the OS / browser creators. I think shell-user forgot about them.
Linux - maybe one more symlink & file
The following information is volatile and will probably be obsolete after 2011 A.D. If you use Firefox 5.0+ (maybe also 4.x - I never used it) on some versions of Linux there MAY also be this symlink: /etc/ssl/ca-bundle.pem. It is there in Firefox 6.02 on the only distro I have that is post 3.x. If it is there it points to a file that merges all of the individual certificates in the pem files in /usr/share/ca-certificates/mozilla/ into one file. My symlink points to /var/lib/ca-certificates/ca-bundle.pem. You may or may not have this symlink and even if you do the file may be some place else. If you are going to hack this make a backup of this file first. Then edit this file and remove the certificate for each of the pem files in /usr/share/ca-certificates/mozilla/ you are going move to a safe backup area. Delete all of the certs that match between the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" (inclusive). I would remove just the symlinks in /etc/ssl/certs. You can always recreate them. Move the pem files in /usr/share/ca-certificates/mozilla/ to a safe backup area. There is still no guarantee your alterations won't be wiped out in the next update and you may foul things up. Why do you think I gave you a method so you can go back like you never did anything? All I omit are the instructions on how to do that. Am I going to do it? NO! Even if it works I get tired of the next update wiping out my changes on this and lots of other stuff. I suspect Macintosh / Safari may have something just as convoluted. It may even have a database.
For a power user like me that regularly uses some sort of binary editor (hexedit, okteta, ghex2, et al) and has even altered /boot/grub/stage2 files to get things to work because of a fouled up post OS install of grub, no problem. Yes, I dd'd the first 16384 bytes of the disk to put things back if I had to. I had to restore the disk's MBR and partition table it to its original condition until I replaced the faulty stage2 file with one that worked. Thanks goodness I created a boot floppy and made sure it worked first.
You should have observed the students in my college classes struggling with vim / vi or emacs. These are people majoring in Computer Science and the class was a Junior / Senior level class but mostly they used Windows except for one Unix class at the Sophmore level. Now do you REALLY want novice users messing around with this, especially without telling them what they need to modify? Power users? Yes if you tell them how to do it. Maybe if you don't tell them how to do it. Novice users? NO!
Apple needs to provide out of band patches for this cert stuff for their older OS users. They also need it for their iPhone users. Microsoft is providing it for their XP users and phone users. At the very minimum they need to provide instructions. But that is NOT Apple's way of doing things. They want to do as much as possible for the user. In fact they do too much in the case of their backing up every file you open on Lion which may be one of reasons their OpenLDAP implentation on Lion is vulnerable in a corporate setting. Apple doesn't take security seriously past the kernel. Right now they are leaving all their customers in Iran vulnerable to government eavesdropping without updated certs. Some of these people may even be in danger of being tortured or black-listed for life just because Apple doesn't take security seriously. I repeat - revoking these certificates en-masse or even one at a time is the responsibility of the OS and browser providers.
@ShelLuser rant ...
@ShelLuser: "Is you, yourself and YOU. ...and DigiNotar" ...
totally ignorged rant ...
Then like, what's your reaction doing here? ;-)
While I am aware that Opera desperately needs the publicity in order to attract users, I don't think spamming unrelated threads is the right message.
All the best,
That's right! We don't want answers, we want more whinging!
Geez, people these days! Why, if I had a security problem with a browser on a device, I would never want to know about an alternate browser that doesn't have that problem! What kind of maroon would think I would want to
1: install an alternate browser, like firefox on my Windows desktop?
2: use something that suffers from low end-user adoption rates, like my Linux install?
Security Schmurity! We want the same as everyone else!
Easy-to-use fix for early OS X
There's an installer package available at
to do all the fiddly certificate stuff. It is not as simple as changing all Diginotar certs to "not trusted for all users" - apparently that triggers a bug which will leave you even more vulnerable, if I read correctly.