OpenLeaks doing strange things with SSL

Friday, August 12. 2011, 17:26

OpenLeaks is a planned platform like WikiLeaks, founded by ex-Wikileaks member Daniel Domscheit-Berg. It's been announced a while back and a beta is currently presented in cooperation with the newspaper taz during the Chaos Communication Camp (where I am right now).

I had a short look and found some things noteworthy:
The page is SSL-only, any connection attempt with http will be forwarded to https. When I opened the page in firefox, I got a message that the certificate is not valid. That's obviously bad, although most people probably won't see this message.

What is wrong here is that an intermediate certificate is missing - we have a so-called transvalid certificate (the term "transvalid" has been used for it by the EFF SSL Observatory project). Firefox includes the root certificate from Go Daddy, but the certificate is signed by another certificate which itself is signed by the root certificate. To make this work, one has to ship the so-called intermediate certificate when opening an SSL connection.

The reason why most people won't see this warning and why it probably went unnoticed is that browsers remember intermediate certificates. If someone ever was on a webpage which uses the Go Daddy intermediate certificate, he won't see this warning. I saw it because I usually don't use Firefox and it had a rather fresh configuration.

There was another thing that bothered me: On top of the page, there's a line "Before submitting anything verify that the fingerprints of the SSL certificate match!" followed by a SHA-1 certificate fingerprint. Beside the fact that it's english on a german page, this is a rather ridiculous suggestion. Checking a fingerprint of an SSL connection against one you got through exactly that SSL connection is bogus. Checking a certificate fingerprint doesn't make any sense if you got it through a connection that was secured with that certificate. If checking a fingerprint should make sense, it has to come through a different channel. Beside that, nowhere is explained how a user should do that and what a fingerprint is at all. I doubt that this is of any help for the targetted audience by a whistleblower platform - it will probably only confuse people.

Both issues give me the impression that the people who designed OpenLeaks don't really know how SSL works - and that's not a good sign.

Computer culture, Cryptography, English, Security | Comments (6) | Trackbacks (2)

Defined tags for this entry: cccamp11, certificate, openleaks, security, ssl, taz, transvalid

Related entries by tags:

Trackbacks

Trackback specific URI for this entry

PingBack

Weblog: techrights.org
Tracked: Aug 16, 13:54

PingBack

Weblog: thing2thing.com
Tracked: Aug 17, 14:40

Comments

Display comments as (Linear | Threaded)

I'm not saying that i trust openleaks technicians, but trusting SSL for something like this today is the worst mistake you can ever make. SSL is broken, for too many years, stop talking like is a good thing because it only adds a security sense that is not there.

#1 g on 2011-08-15 20:12

no, ssl is not that broken, it works pretty well on most browser.

but the ssl certificate chain management is broken in a "human" way : too many authorities can sign too many domain names with too few controls (see the conference "is ssliverse a safe place" from EFF at the CCC Conference)

but yes, the point of this article stays : openleaks don't know ssl well, which make me fear for the security of submitted material ...

#2 vince on 2011-08-15 22:24

soll jetzt fuer jede test page ein teures cert angeschafft werden?

#3 onkel nr on 2011-08-17 18:50

Ich glaube Du hast das Problem nicht ganz verstanden:
Sie hatten ein "teures" Cert. Sie haben es nur nicht korrekt installiert.

#3.1 Hanno (Link) on 2011-08-19 09:06

I don't agree that the message "Before submitting anything verify that the fingerprints of the SSL certificate match!" is completely useless. Seein a matching fingerprint certainly doesn't mean that the line is secure as it might be changed. But seeing a non-matching fingerprint warns me that the connection is rigged. This actually happend to me!

https://twitter.com/#!/lostgen/status/101956044925845504

#4 lostgen (Link) on 2011-08-22 11:05

Lostgen, if your connection were compromised, a smart attacker would have changed the fingerprint as well. This implies you will never see a non-matching fingerprint when your connection is compromised by a man-in-the-middle attack.

I'd suggest to armor-sign the fingerprint with PGP (this will even be ok over the very same ssl-connection) - as long as you have verified the key before at least once.

Also, you might want to try perspectives (http://www.heise.de/security/artikel/Perspectives-und-Co-271022.html). It will cross-check the certificate you see with recently-seen certificates by you and others.

#4.1 Ben (Link) on 2011-09-02 09:24

Add Comment

Name
Email
Homepage
In reply to
Comment	Enclosing asterisks marks text as bold (word), underscore are made via _word_. E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
	Remember Information? Subscribe to this entry

Search

About me

Twitter/identi.ca

Anzeigen

Events

Archives

Categories

Feeds

Tags

Creative Commons

OpenLeaks doing strange things with SSL

Friday, August 12. 2011, 17:26