Certified Lies: Big Brother In Your Browser

Government capable of wiretapping millions of encrypted sessions, including those secured by IE, Microsoft’s SSL, others.

You probably feel safe when you see the padlock on your browser window indicating secure communication with your bank or e-mail account. You probably think your users are safe if they are accessing your network over your SSL VPN. What if instead of worrying about man-in-the-middle attacks, it became government-spy-in-the-middle eavesdropping? Is Big Brother spying on you? Before I'm done showing you these surveillance products, you will probably be ticked for both security and privacy reasons.

*Note and hint that the country information ("US") shown by the browsers refers to the corporation that obtained the certificate (Bank of America), not the location of the Certificate Authority (CA).

The Extended Validation Certificates (EV) produces the green bar in most modern browsers. In a purely hypothetical example, the U.S. government can force a Public Key Infrastructure (PKI) to give them a publicly trusted certification for www.amazon.com. They then poison your DNS and route your traffic for www.amazon.com to a site they own that has the fake certification installed, explains Tyson Kopczynski, a security/PKI consultant and another Microsoft Subnet blogger. Your browser then gives you that pretty green bar or little lock and you think everything is cool, safe and secure. Or... they can put a device between you and your target and then perform SSL interception.

Two researchers, Chris Soghoian and Sid Stamm reported on an industry claim that governments could get "court orders" giving them access to falsified cryptographic credentials (spy certs). If National Strategy for Trusted Identities in Cyberspace (NSTIC) is implemented, the threat seems to intensify if the government itself is running the PKI.

What this means is that an eavesdropper who can obtain fake certificates from any CA can successfully impersonate every encrypted website you might visit. And you have no way of knowing that you haven’t landed on the authentic, actual site. Most browsers silently accept new certificates from any valid authority, even sites for which certificates have already been obtained. An eavesdropper with fake certificates and access to a target's net connection can quietly negotiate a "man-in-the-middle" (MITM) attack, observing and recording all encrypted web traffic while the user is clueless that it's happening.

Are there really eavesdroppers out there -- spies or law enforcement agencies using spy certificates to intercept encrypted web traffic? Are there really wiretapping conventions for eavesdroppers? Oh yes, the next is in October 2010, but IIS World Americas is open only to "law enforcement, intelligence, homeland security analysts and telecom operators responsible for lawful interception, electronic investigations and network intelligence." There are many vendors of products that assist the government in spying, but the HACKING TEAM and Packet Forensics are two that should send an eerie eavesdropping chill up your spine.

Here's an FYI about the HACKING TEAM:

Remote Control System V6 (RCS) is a premier, integrated, multi-OS platform for remotely attacking, infecting and controlling target computers and mobile phones. RCS FULLY SUPPORTS XP, Vista, 7, MacOS, iPhone and Symbian - It is INVISIBLE to most protection systems available in the market - It is a PROVEN technology: it is being used by Agencies worldwide since 2003 - Target monitoring includes Skype, chat, mail, web, removable media, encrypted communications, PGP, GSM-cell GEO-tracking, GPS GEO-tracking, voice calls, etc.

Let's focus on Packet Forensics for now. Packet Forensics offers a 5-series device that is a 4 square inch "turnkey intercept solution" surveillance product, “using `man-in-the-middle' to intercept TLS or SSL.” It's marketed and sold to law enforcement and intelligence agencies in the US and foreign countries, designed to collect encrypted SSL traffic based on forged "look-alike" certificates obtained from cooperative CA. In the image, please note the parenthesis around (potentially by court order) as if it is not entirely important...

According to the Packet Forensics flyer: "Packet Forensics' devices are designed to be inserted-into and removed-from busy networks without causing any noticeable interruption [. . . ] This allows you to conditionally intercept web, e-mail, VoIP and other traffic at-will, even while it remains protected inside an encrypted tunnel on the wire [. . . ] To use our product in this scenario, [government] users have the ability to import a copy of any legitimate key they obtain (potentially by court order) or they can generate `look-alike' keys designed to give the subject a false sense of confidence in its authenticity [. . . ] Your investigative staff will collect its best evidence while users are lulled into a false sense of security afforded by web, e-mail or VOIP encryption [. . . ] In under five minutes, they can be configured and installed [. . . ] they're disposable -- that means less risk to [government] personnel."

Microsoft's documentation shows that it has adopted a more cautious approach in trusting CAs than its competitors; a fresh installation of Windows 7 will list 15 CAs in the operating system's Trusted Root Store. Sadly, however, this interface is terribly misleading as it doesn't reveal the fact that Microsoft has opted to trust 264 different CAs. This means any web browser that depends upon Microsoft's Trusted Root Store (such as Internet Explorer, Chrome and Safari for Windows) ultimately trusts 264 different CAs to issue certificates without warning. Firefox is the only major browser to maintain its own database of trusted CAs. Each of the 264 root CAs trusted by Microsoft, the 166 root CAs trusted by Apple, and the 144 root CAs trusted by Firefox are capable of issuing certificates for any website, in any country or top level domain. You don't think the government will use their own CA which could be tracked back to them if discovered, do you?

To be fair, however, all encrypted streams that travel over the Internet are susceptible to government spying, not just those that use Microsoft technology.

How does this affect you? Many information-hungry governments routinely compel companies to assist them with surveillance. ISPs and telecommunications carriers are frequently required to violate their customers' privacy by providing the government with email communications, telephone calls, search engine records, financial transactions and geo-location information. A few examples of this electronic surveillance by law enforcement include: a consumer electronics company that was forced to remotely enable the microphones in a suspect's car dashboard GPS navigation unit in order to covertly record their conversations, as well as a secure email provider that was required to place a covert back door in its product in order to steal users' encryption keys. And who can forget the NSA's wiretapping?

In regard to Packet Forensics and Big Brother in your browser, EFF's Senior Staff Technologist Seth Schoen advises, “HTTPS Everywhere does not address this threat. We have been doing other research to try to investigate this concern. There are several Firefox plugins that try to use information other than CA-issued certificates to validate web sites' keys -- for instance, Perspectives, Monkeysphere, CertPatrol, and Petnames. The general problem is that right now these approaches sometimes call for considerably more effort on the part of the user. Under certain assumptions, this might be unavoidable."

Schoen has written more about these issues, including, Behind the Padlock Icon: Certificate Authorities' Mysterious Role in Internet Security.

Researchers, Chris Soghoian and Sid Stamm, are working on a Firefox plugin. Until then, I'm using Certificate Patrol to help detect a MITM attack.

Electronic surveillance is happening all around you, all the time, and perhaps to you. If surveillance devices like Packet Forensics is around for law enforcement and national intelligence agencies, then you can be sure that cyber-criminals are using them too. I would have said these devices are used by bad guys and good guys, but if The Law is spying on you then it's hard for me to call them "the good guys."

According to Cisco, there are 35 billion devices connected to the Internet. How many of those are being eavesdropped upon? Next time you see the padlock on your browser, will you still feel like your important communications are secure? Do you feel like your privacy is truly private?

Copyright © 2010 IDG Communications, Inc.

8 pitfalls that undermine security program success