[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How evil is TLS cert collection?

On Sat, 4 Jun 2011 12:56:15 -0700
Mike Perry <mikeperry@xxxxxxxxxx> wrote:

> Thus spake Robert Ransom (rransom.8774@xxxxxxxxx):
> > On Sat, 4 Jun 2011 12:09:52 -0700
> > Mike Perry <mikeperry@xxxxxxxxxx> wrote:
> > 
> > > Thus spake Robert Ransom (rransom.8774@xxxxxxxxx):
> > 
> > > > My understanding was that EFF would query DNS for a hostname, and if
> > > > the hostname does not exist, assume that it's private.  (This should
> > > > scare you even more.)
> > > 
> > > EFF only needs to do this query if the browser could not (because it
> > > was using an HTTP proxy without a SOCKS proxy). Does this scare you
> > > less or more? I'm getting confused by the reactions in this thread.
> > 
> > If EFF needs to perform a DNS query on each hostname it receives a
> > certificate for, EFF will leak information to an attacker watching its
> > servers.  If EFF tries to not log hostnames which do not exist, EFF
> > will leak a user's request time *every time* that it receives a
> > certificate associated with a non-existent hostname.
> I think you missed the first half of my email where I explicitly said
> EFF shouldn't need to do this under normal circumstances. It only
> needs to do this when the browser fails to do so itself. Do you expect
> this to be common?

Firefox cannot resolve hostnames to IP addresses when it is using *any*
proxy.  Anyone who uses an SSH tunnel as a SOCKS to connect to an
intranet will risk this leakage, and SSH tunnels can be made fairly
easy to use.  I have no information on how widely used that
configuration is.

> The observatory itself could also be running a tor client for these
> resolutions, just in case they do end up being common.

That would be a Good Thing, just to decrease the incentive for
attackers to monitor EFF's Internet connection.

> P.S. When the browser does attempt to do these resolutions, should
> they be done via Tor or via whatever local resolver/proxy was used to
> access the domain? Doing it via Tor exposes potentially private names
> to exits, but doing it locally will fail to detect attacks where the
> MITM is able to operate on the user's own infrastructure (because they
> can just make sure that the domains they MITM resolve to RFC1918).

Either way, the attacker wins -- if you resolve hostnames over Tor, the
attacker can use a homoglyph or near-homoglyph of a target hostname for
its attack, and simply not allow DNS servers accessible outside its
victim network to see the attack hostname.

Robert Ransom

Attachment: signature.asc
Description: PGP signature

tor-talk mailing list