this assumes your software / os checks for revoked certificates?
Dirtbags dressed up malware as legit app using Sony crypto-certs
Miscreants were quick to capitalize on the theft of Sony's cryptographic certificates – used to sign a software nasty to make it look legit. An analysis of malware dubbed Destover was published by Kaspersky Lab on Tuesday, and shows the code was signed using a private certificate belonging to Sony to evade malware filters. …
COMMENTS
-
-
-
Friday 12th December 2014 18:46 GMT Michael Wojcik
Or is connected to the net when the malware is run.
When Windows updates its copy of the relevant CRL, you mean. CRL updates aren't necessarily done at time-of-use.
Now, had you been talking about OCSP...
Of course, the broader point remains. The commercial X.509 PKI system is wildly broken, and revocation is one of the areas in which it's especially wildly broken. Neither CRLs nor OCSP work very well. The mechanisms are fragile, many of the failure modes are unsafe and silent, the incentives are perverse, and most users have not a fucking clue how the whole horrible mess is supposed to work (and why should they?).
-
-
-
Friday 12th December 2014 18:50 GMT Michael Wojcik
IE settings
This used to be a tick box option in IE IIRC.
You've neatly identified a number of the problems with a typical X.509 PKI implementation:
- IE had multiple checkbox options for PKI, buried in the "advanced settings" where few dared to tread. Some were for CRLs; some were for OCSP. How many people knew what they all meant, and knew how in practice they were likely to interact with real-world threats? Almost none.
- IE settings are per-user, so to use them to improve organizational security, you have to enforce them with group policies or the like. How many system administrators get around to doing that - assuming they understand the problem in the first place?
- IE PKI settings don't control what Windows does with code-signing certificates, so they wouldn't have helped with this attack anyway.
Putting a GUI on top of end-user PKI configuration does not significantly improve security.
-
-
-
Friday 12th December 2014 18:59 GMT Michael Wojcik
Re: Sony
That's a tempting response. But multiple successful attacks like this over the years have shown that the X.509 PKI simply does not work in practice.
People who control the signing keys for well-known CA roots and intermediaries cannot be trusted to keep those keys under their control and only sign legitimate requests. End users who use (often unwittingly) certificates to authenticate input do not enforce good certificate hygiene - which is not surprising, since it's 1) barely understood, 2) generally infeasible (as it requires incessant vigilance), and 3) sometimes outright impossible.
Sony may be the foolish-looking victim of the week, but there have been many before them, and there will be many after them.
Public X.509 PKI is broken and cannot be fixed. The best you can do is decide whether your threat model accommodates it - whether you can say, "we have nothing of sufficient value to make it worth the attacker's cost to break our PKI using any of the many vulnerabilities in the public PKI hierarchy". If the answer to that is "no", you'd better roll your own, and lock it down tightly. (And that's going to be expensive if it's done right.)
-