完美的中间人攻击 MITM attacks

Mozilla的Firefox 3浏览器中有一项功能是要求用户核查未知发行者的SSL证书。因为中间人（Man-In-The-Middle，简写MITM）攻击已被广泛使用，Mozilla看似荒谬的做法可以阻止用户连接到错误网站和向攻击者透露宝贵的私人信息。 但最新的研究发现，信任的SSL证书也完全能被实施中间人攻击。数字证书服务商Comodo公司的转售证书可以不经过任何检查就被使用，Mozilla的开发者用户组也在讨论这一问题。
MITM attacks - do they really happen?
Posted by Eddy Nigg
October 18, 2008
(If you happen to know what an MITM attack is, fast forward to here)
The man-in-the-middle (MITM) attack is the attempt by an attacker to implant himself between the client (browser, mail client, IM client) and a server serving some web page or other content. The attacker receives all requests and responses to and from the server, reads the content and passes it along to either side. Any proxy server works more or less this way and there is nothing wrong with it - except in case the user happens to access his banking or Paypal account, reads some confidential email etc…By implanting himself in the middle, the attacker is able to read the user and password pairs and gains the ability to access those accounts.
Good practice has it, that any HTML form should submit data only via a secured connection, that is, the web site should have directed the user to the SSL protocol (encrypted) and a digital certificate should secure that connection. Supposed that the certificate belonging to the web site owner is issued by a known certification authority, the browser will accept it and let the user proceed - by indicating in some form at the user interface, that the connection is secured. The certification authority verifies to a reasonable extend, that only the owner of that specific web site and domain name can receive such a digital certificate for his specific site. And this in turn allows the user to submit his private information (including login credentials) encrypted to the intended target.
If an attacker attempts to implant himself between the client and server, he’ll have to pass the information along without being able to intercept, decrypt and read the content OR the attacker can present a fake certificate to the user instead. The client software like a browser, will detect however that the digital certificate is not issued from a known authority and raise a red flag. The user is being protected from such an attempt and should neither connect to that site anymore nor submit any information. Instead he should check his Internet connection and internal network for clues…
Ever since Firefox version 3 appeared, complaints about the handling of invalid certificates or incorrectly configured web sites have been mounting at Mozilla. I have extensively blogged about the approach Firefox took in this respect. Scores of bug reports addressing this issue have been filed at Bugzilla, the bug tracking tool of Mozilla. Johnathan Nightingale’s Blog (a user interface specialist of Mozilla) has been swamped with comments about how Firefox sucks when encountering incorrectly secured web sites.
Basically Firefox complains load and clear when self-signed digital certificates are used by web site owners, instead of those offered by legitimate authorities. Many computer geeks, which make up part of the Mozilla community, happen to prefer those self-signed certificates and this is also the crowd making most of the noise! Johnathan’s SSL Question Corner tries to explain - I’d say with limited success - why Mozilla implemented such a rigorous approach towards those self-signed certificates and otherwise incorrectly configured web sites with its new Firefox Browser. Some comments from beneath that article might give you an understanding how these so-called knowledgeable ones accepted this change in the browser. – Warning, some comments use inappropriate language!
Firefox tries to prevent a user from connecting to the wrong site and from revealing his precious information to an attacker. But do this attacks really happen? Or can they be dismissed as the complaining, freedom-seeking geek-crowd suggests?
Apparently MITM attacks are in the wild and they use illegitimate, self-signed certificates for their attacks. A few days ago this bug report was filed with Bugzilla. The connection of this unlucky reporter was hitchhiked as she was using a wireless internet access point. It didn’t prevent her to click all her way through the warnings and error messages in order to access those sites, thinking it’s Firefox’s fault - would she have inspected the digital certificates used by those sites, she might have understood that she was mislead and attacked. Or maybe not - because one needs a basic understanding about how digital certificates behave and how they are chained to a valid anchor (certification authority certificate root). And perhaps the error reporting of Firefox isn’t stern enough yet in order to protect the average user! 99.9% of Firefox’s millions of users don’t have the required understanding and knowledge about digital certificates, not speaking about how secure connections work at all.

Dear beloved Mozilla community and brave know-all, freedom-loving geeks, please get yourself legitimate SSL certificates for your sites - you can get them freely from StartCom without paying a dime. Help to protect the other 99.9% users which have less knowledge than you and make the Internet a better place!
Information and Links
Join the fray by commenting, tracking what others have to say, or linking to it from your blog.
Information
October 18th, 2008
4 Responses
Feeds and Links
Comment Feed
From This Author
Del.icio.us
Digg
Technorati
Categories and Tags
Mozilla
PKI
Privacy
attacks, certificates, man-in-the-middle
Other Posts
Your Digital Identity Card
Enjoy your fruits apple
Write a Comment
Take a moment to comment and tell us what you think. Some basic HTML is allowed for formatting.
You must be logged in to post a comment. Click here to login.

Reader Comments
Comment Number:
1
Written by:
Wes Kussmaul
Posted on:
October 20, 2008 at 3:17 pm
So there’s a problem of education, not only among users but among members of the various open source project communities. What’s the plan for educating them? What’s the plan to deal with the public consequences of having audience members who refuse to be educated? Just saying “they ought to do this and this” is not a solution to the fact that they don’t know enough to do this and this.
Comment Number:
2
Written by:
Eddy Nigg
Posted on:
October 21, 2008 at 2:11 am
Correct. Sending out a message is exactly what I’m doing here. It’s part of the educational process. There are no magic bullets, but 8000 people have read this post by now (after three days). It’s my contribution towards this end.
Comment Number:
3
Written by:
fiction
Posted on:
Yesterday at 8:45 am
I am really happy about the radical solution Firefox 3 has done. This makes it impossible for dummy users to just click “OK” and “Next”. They either think the site doesn’t work or get help from somebody who understands things.
The next step in that direction is removing all “trusted CA’s” built-in and let the user add those whom he trusts. Of course there can be a default setting for beginners, but in that case a big warning needs to be displayed. And for every site he visits a big popup should appear “using default CA list, which might not be completely secure”. That should disappear after the user opens edits the CA list.
Self-signed certificates are not illegitimate! It just means there is no CA and people need to verify if they trust the certificate itself versus verifying the upper level).For my local webmail I am completely happy with a self-signed certificate or something issued by my local CA (done with a few OpenSSL scripts).
One can always compare the certificate with the saved one or check the fingerprints.
Of course I wouldn’t dare to offer a public service this way. This looks unprofessional and is also prone to attacks. But the MITM attacks are possible just because of the stupidity of the users (which can get fooled by a different certificate for the same common name), not because a self-signed certificate is used itself. As you pointed out you can also get a “legitimate” bad certificate.
All in all your blog entries, apart from putting up a serious issue, sound more like advertisements for your “StartSSL” offers. Congratulations on your increased revenue after you managed to get slashdotted.
BTW: The passwords sent in the registration phase on your wordpress blog don’t work. Feel free to delete the users “fiction” and “fiction2″.
Comment Number:
4
Written by:
Eddy Nigg
Posted on:
Yesterday at 3:07 pm
Of course I believe that what we do and the way we do it (including offering the low assurance certificate for free) is the right thing. If it wouldn’t, I would change it. Yes, I want potential subscribers to use our services - which is, I guess, legitimate to do. However the recent storm of exposure didn’t increase the issuance of certificates nor revenue.Having said that, StartCom has a very steady stream of existing and new subscribers, many are exposed to certificates the first time. Others are coming back already for years. Those realized that there is a very good CA which provides an efficient service with very reasonable fees - if at all. Cheers!