August 21, 2014

Once Bitten, Twice Shy – Mozilla Tell CAs to Audit Their Systems

(LiveHacking.Com) - Mozilla has sent a message to all the certificate authorities which participate in the Mozilla root certificate program. It has requested that all participating CA’s complete and audit of their PKI systems by September 16, 2011.

This call to review and confirm the integrity of their certificate systems comes after Mozilla removed the DigiNotar root certificate in response to their failure to promptly detect, contain, and notify Mozilla of a security breach regarding their root and subordinate certificates.

As part of the audit Mozilla are asking that each CA confirm that it has automatic blocks in place for high-profile domain names (including those targeted in the DigiNotar and Comodo attacks this year). Plus the CA needs to further confirm its process for manually verifying such requests, when blocked.

Mozilla also have reminded the CAs that participation in Mozilla’s root program is at its sole discretion. Which is code for, comply or we will kick you out. However the message does change it tone a little by underlining Mozilla’s commitment to working with CAs as partners, “to foster open and frank communication, and to be diligent in looking for ways to improve.”

Fraudulent Google.com Digital Certificate in the Wild

(LiveHacking.Com) - It has come to light that at least one fraudulent digital certificate has been issued by DigiNotar, a root certificate authority, for Google.com. The digital certificate affects the main domain and all the subdomains of Google.com and could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users.

The problem for users is that because the certificate is valid,  the web browser will not display a warning message if a user went to a fake website signed with this certificate.

Microsoft have responded to the news by removing the DigiNotar root certificate from the Microsoft Certificate Trust List. It is likely that others like Apple and Mozilla will also block this certificate in the near future.

This isn’t the firs time that a fake certificate for Google.com has been issued by a certificate authority. Back in March of this year several false certificates where issued for popular domains, including Google.com, when a hacker breached the security at Comodo.

It’s unclear, at this time, how the certificate was obtained, but it is known that DigiNotar has revoked the digital certificate in question.

Honest Achmed’s Used Cars and Certificates Wants To Become a Trusted Certificate Authority

On the lighter side of things, a request to add Honest Achmed’s root certificate to Mozilla has been rejected. A humorous request was made to Mozilla to add “Honest Achmed’s Used Cars and Certificates” as a trusted root certificate. Clearly the request is a poke at Comodo who recently suffered a security breach which resulted in several fraudulent certificates being generated. This in turn then forced all the major browsers and operating systems to release updates which blacklisted the fake certificates.

According to the request “Achmed’s business plan is to sell a sufficiently large number of certificates as quickly as possible in order to become too big to fail (see “regulatory capture”), at which point most of the rest of this application will become
irrelevant.” And that the “purpose of this certificate is to allow Honest Achmed to sell bucketloads of other certificates and make a lot of money.”

The Comodo security breach actually took place at one of Comodo sub CAs and so in the section on “Sub CAs Operated by 3rd Parties” the request states that Honest Achmed’s uncles may invite some of their friends to issue certificates as well, in particular their cousins Refik and Abdi or “RA” as they’re known. Honest Achmed’s uncles assure us that their RA can be trusted, apart from that one time when they lent them the keys to the car, but that was a one-off that
won’t happen again.” But that “Honest Achmed promises to studiously verify that payment from anyone requesting a certificate clears before issuing it (except for his uncles, who are good for credit). Achmed guarantees that no certificate will be issued without payment having been received, as per the old latin proverb ‘nil certificati sine lucre’.”

Apple Updates OS X, Safari and iOS

Microsoft released a bumper set of security fixes on Tuesday and today it was Apple’s turn with fixes for OS X, Safari and iOS. The update for OS X was to block the fraudulent SSL certificates stolen from Comodo (better late than never), Safari 5.0.5 fixes two vulnerabilities in WebKit and iOS has been updated to 4.3.2 to block the stolen Comodo certificates and to fix other vulnerabilities.

Security Update 2011-002 applies to Mac OS X v10.5.8 and Mac OS X v10.6.7 and does nothing else other than to blacklist the fraudulent Comodo certificates.

Safari has been updated to 5.0.5 for Mac OS X v10.5.8, Mac OS X v10.6.5 or later, Windows 7, Vista and XP. Two vulnerabilities have been fixed in WebKit:

  • An integer overflow issue existed in the handling of nodesets. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
  • A use after free issue existed in the handling of text nodes. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

iOS 4.3.2 fixed the same to flaws listed above (as Safari on the desktop shares a lot of the same code as Safari that is built into iOS, blocked the Comodo certificates and fixed a vulnerability in libxslt and one in QuickLook:

  • libxslt’s implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap, which may aid in bypassing address space layout randomization protection. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers.
  • A memory corruption issue existed in QuickLook’s handling of Microsoft Office files. Viewing a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution.

The latter problem is likely to be the one used by Charlie Miller at this years Pwn20wn contest.

Comodo Saga Continues – Two More Registration Authorities Hacked

As the fallout from the Comodo security breach continues to widen, it has now been reported by Comodo that two more registration authorities (RA) have since been compromised, and consequently their RA privileges withdrawn, however no fraudulent certificates have been issued.

Robin Alden, CTO for Comodo, revealed details of the further breaches while responding to questions on mozilla.dev.security.policy. In the same reply he also pointed out that Comodo’s “CA systems have not been compromised” and also that Comodo’s “HSMs and key material have not been compromised.”

The Comodo hacker himself is also being more talkative. He has given Errata Security the private key he used to fraudulently issue SSL certificates for existing domains like mail.google.com and addons.mozilla.org. The private key has been verified and declared as valid. Errata Security have also exchanged emails with the hacker where he confirms that he worked alone and does not work for the Iranian government:

“I don’t have any relation with Basij or gov. I don’t say that all hackers are connected to CIA, I just say to people who I really think they are, see: http://cryptome.org/0003/tor-spy.htm

Lone Hacker Claims He Stole SSL Certificates From Comodo

An Iranian hacker has claimed that he single handedly compromised an affiliate of Comodo and created fraudulent SSL certificates for existing domains including mail.google.com, www.google.com, login.yahoo.com and addons.mozilla.org.

It was known that the attack could have come from Iran (as the IP addresses used during the attack belonged to an Iranian ISP) but it was unclear if these addresses were the real the originating addresses or part of a false trail. It was also suggested that the attack was state sponsored due to the nature of the attack and because of the domain names chosen for the fake SSL certificates.

However the hacker says “I’m not a group of hacker, I’m single hacker with experience of 1000 hackers, I’m single programmer with experience of 1000 programmers, I’m single planner/project manager with experience of 1000 project managers, so you are right, it’s managed by a group of hackers, but it was only I with experience of 1000 hackers.”

The hacker, who claims to be 21, goes on a say that the attack was because of Stuxnet, “When USA and Israel creates Stuxnet, nobody talks about it, nobody blamed, nothing happened at all, so when I sign certificates nothing should happen, I say that, when I sign certificates nothing should happen. It’s a simple deal.”

The initial post was then followed up with a sample of code which the author claims to be source code from the compromised Comodo reseller.

“Initially it was unclear if this guy was for real, and of course it is still impossible to tell” said Chester Wisniewski from Sophos. “The one remaining mystery is this: If it was a lone hacker making a point, why issue certificates for these specific websites, all related to secure communication methods often used by dissidents to organize protests and share news with the world?”

Fraudulent SSL Certificates In Wild That Could Allow Spoofing

It has been revealed that an affiliate of Comodo, a security company, was compromised resulting in the fraudulent issue of nine SSL certificates for existing domains including mail.google.com, www.google.com, login.yahoo.com and addons.mozilla.org. These certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users.

Comodo is reporting that the compromise was detected within hours and the certificates revoked immediately. However Microsoft, Google and Mozilla have updated their web browsers to ensure that these fraudulent certificates are rejected.

Mozilla has updated Firefox 4.0, 3.6, and 3.5 while Microsoft has released updates for various platforms according to Microsoft Knowledge Base Article 2524375 and they are also supplying additional information in Microsoft Security Advisory 2524375. At the end of last week Google released Chrome 10.0.648.151 to “blacklists a small number of HTTPS certificates” which is almost certainly connected to this incident.

It is worth noting that none of Comodo’s root keys, intermediate CAs or secure hardware were compromised and that Comodo quickly reported the incident to the owners of the domains affected as well as informing the major browser providers and the relevant government authorities.

It is interesting to note that the two IP addresses involved are assigned to Iranian ISPs, but this may just be the result of an attacker attempting to lay a false trail. However government attacks against social networking sites are not new. A few months ago it was reported that the Tunisian Internet Agency was harvesting passwords and usernames of bloggers, reporters, political activists, and protesters by injecting hidden JavaScript into many popular site login pages.