[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] 1) Torproject certificate, 2) SSL authentication compromised, 3) "Exit browser" idea, 4) I am working on something similar to Tor

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] 1) Torproject certificate, 2) SSL authentication compromised, 3) "Exit browser" idea, 4) I am working on something similar to Tor
From: Seth David Schoen <schoen@xxxxxxx>
Date: Wed, 8 Jan 2014 21:03:16 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 09 Jan 2014 00:11:52 -0500
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=kFy9z8iEPr33BpCKsnVnmIP6BNMQRRMqlfbTblhS2fM=; b=cipb9BwjVviTRjjr+TirrfzQF66i1PYyl9lZvZve+PT6BW5crb6g/3IvCzHycW6nMUQgQRTogt1tNxWDqgxGCBQyLaaTX8kcvWy2m+V9V+AWV+v7h41msJW5p7+Q/yXgJZX3H0Uj86q5ux+SLOs9pEovO0N7nOZbe6TWrFHFq5Q=;
In-reply-to: <52CE0611.7050308@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <52CE0611.7050308@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)

TheMindwareGroup writes:

> All it would take is for them to put really fast servers (and we know
> they are doing this with QUANTUM servers) at key high traffic junctions
> on the internet, and in secret at every ISP using a sub CA root
> certificate to transparently access *ALL* SSL streams passing through
> that point.

If this were done to all connections, it would be noticed very quickly.
The browser sees the presented certificate and can log it and perform
other analysis.  The default behavior of most browsers is not to warn
the user, provided the cert appears valid.  But there are some users
who are using browsers and clients that have other behaviors and will,
for example,

- compare the cert to the certs seen by other users, or
- automatically log the cert, or
- automatically send a copy of the cert to third parties, or
- notify the user if the cert is different from the previously
  observed cert for this server, or
- notify the user if the cert is different from values this server
  told the client to expect, or
- notify the user if the cert is different from values that the
  client was told to expect by the original software developer

In addition, some people are running bots that check the certs that
appear to be presented when HTTPS sites are accessed over Tor, and
compare these to the certs that appear to be presented when these
sites are access directly.

Collectively, these kinds of mechanisms mean that a wide-scale and
indiscriminate attack using fake certs would probably not stay
undetected for very long.  Hopefully, the probability of detecting
such an attack quickly will go up over time as more users adopt
software that has new mechanisms like this.

That does _not_ mean that these attacks never occur or don't succeed
against some users, just that they probably aren't occurring against
the general public (or the general population of Tor users, at least
not for the most popular HTTPS sites).  But we can always do more to
try to detect attacks.

-- 
Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] 1) Torproject certificate, 2) SSL authentication compromised, 3) "Exit browser" idea, 4) I am working on something similar to Tor
  - From: Max Jakob Maass

References:
- Re: [tor-talk] 1) Torproject certificate, 2) SSL authentication compromised, 3) "Exit browser" idea, 4) I am working on something similar to Tor
  - From: TheMindwareGroup

Prev by Author: Re: [tor-talk] !!! Important please read. !!!
Next by Author: Re: [tor-talk] [IDEA] Google App Engine, Tor Hidden Service Viewer
Previous by thread: Re: [tor-talk] 1) Torproject certificate, 2) SSL authentication compromised, 3) "Exit browser" idea, 4) I am working on something similar to Tor
Next by thread: Re: [tor-talk] 1) Torproject certificate, 2) SSL authentication compromised, 3) "Exit browser" idea, 4) I am working on something similar to Tor
Index(es):
- Author
- Thread