Entries tagged as cccamp11
certificate algorithm android browser ca cacert ccc certificateauthority cloudflare cryptography dell edellroot eff encryption facebook hash https maninthemiddle observatory openleaks openssl privatekey pss rsa security sha1 sha256 ssl superfish symantec taz tls transvalid updates vulnerability windowsxp x509 0days 27c3 addresssanitizer adguard adobe aead aes afra aiglx altushost antivir antivirus aok apache apt asan auskunftsanspruch axfr azure badkeys barcamp bash berlin berserk bias bigbluebutton bleichenbacher blog bodensee botnetz braunschweig bsi bsideshn bufferoverflow bugbounty bundesdatenschutzgesetz bundestrojaner bundesverfassungsgericht busby bypass c cbc cellular cfb chcounter chrome chromium clamav clang clickjacking cmi cms code compiz conflictofinterest cookie crash crypto csrf cve darmstadt datenschutz deb debian deolalikar diffiehellman dingens diploma diplomarbeit distributions dns domain drupal easterhegg email english eplus fedora fileexfiltration firefox firewall fortigate fortinet forwardsecrecy freak freesoftware freewvs frequency fsfe ftp fuzzing gajim gallery gcc gentoo ghost gimp git glibc gnupg gnutls gobi google gpg gsm gsoc gstreamer hackerone hacking hannover heartbleed helma http infoleak informationdisclosure internetscan ircbot itsecurity jabber javascript jodconverter joomla karlsruhe kaspersky key keyexchange komodia leak lessig libreoffice linux luckythirteen malware mantis math md5 memorysafety mephisto microsoft milleniumproblems mitm mobilephones modulobias moodle mozilla mpaa mplayer mrmcd mrmcd100b mrmcd101b multimedia mysql napster nessus netfiltersdk newspaper nist nss ntp ntpd onlinedurchsuchung openbsc openbts openpgp openvas osmocombb otr owncloud packagemanagement padding panda papierlos password passwordalert passwort passwörter pdo pgp phishing php pnp poodle privacy privdog protocolfilters provablesecurity python rand random rc2 redhat rhein rpm rsapss rss s9y salinecourier schlüssel science serendipity server session sha2 sha512 shellbot shellshock sicherheit signatures slides smime snallygaster sni sniffing spam sqlinjection squirrelmail staatsanwaltschaft stacktrace study stuttgart subdomain sunras support talk thesis tlsdate toendacms überwachung ubuntu unicef unicode update useafterfree userdir utf-8 verschlüsselung virus vlc vortrag vulnerabilities web webapps webmontag websecurity wiesbaden windows wiretapping wordpress xgl xine xmpp xsa xss zerodays zugangsdaten zzuf calendar cccamp cccamp15 certificates ipv6 letsencrypt libressl nginx ocsp ocspstapling openbsd planet revocation stadtmitte informationsfreiheit unserwasser volksbegehren wasser
Friday, August 12. 2011
OpenLeaks doing strange things with SSL
OpenLeaks is a planned platform like WikiLeaks, founded by ex-Wikileaks member Daniel Domscheit-Berg. It's been announced a while back and a beta is currently presented in cooperation with the newspaper taz during the Chaos Communication Camp (where I am right now).I had a short look and found some things noteworthy:
The page is SSL-only, any connection attempt with http will be forwarded to https. When I opened the page in firefox, I got a message that the certificate is not valid. That's obviously bad, although most people probably won't see this message.
What is wrong here is that an intermediate certificate is missing - we have a so-called transvalid certificate (the term "transvalid" has been used for it by the EFF SSL Observatory project). Firefox includes the root certificate from Go Daddy, but the certificate is signed by another certificate which itself is signed by the root certificate. To make this work, one has to ship the so-called intermediate certificate when opening an SSL connection.
The reason why most people won't see this warning and why it probably went unnoticed is that browsers remember intermediate certificates. If someone ever was on a webpage which uses the Go Daddy intermediate certificate, he won't see this warning. I saw it because I usually don't use Firefox and it had a rather fresh configuration.
There was another thing that bothered me: On top of the page, there's a line "Before submitting anything verify that the fingerprints of the SSL certificate match!" followed by a SHA-1 certificate fingerprint. Beside the fact that it's english on a german page, this is a rather ridiculous suggestion. Checking a fingerprint of an SSL connection against one you got through exactly that SSL connection is bogus. Checking a certificate fingerprint doesn't make any sense if you got it through a connection that was secured with that certificate. If checking a fingerprint should make sense, it has to come through a different channel. Beside that, nowhere is explained how a user should do that and what a fingerprint is at all. I doubt that this is of any help for the targetted audience by a whistleblower platform - it will probably only confuse people.
Both issues give me the impression that the people who designed OpenLeaks don't really know how SSL works - and that's not a good sign.