[tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
For those who haven't been following, check out https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it You should pay special attention if you're in an environment where your ISP (or your government!) might try a man-in-the-middle attack on your interactions with https://www.torproject.org/. We stepped up our schedule for switching the Tor Browser Bundle to Firefox 6 (which we can build from source on all platforms, and thus remove the offending CA ourselves). New bundles are out now: https://blog.torproject.org/blog/new-tor-browser-bundles-4 Perhaps now is a great time for you to learn how to verify the signatures on Tor packages you download: https://www.torproject.org/docs/verifying-signatures --Roger signature.asc Description: Digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
- Original Message - From: Roger Dingledine Sent: 09/01/11 03:47 PM To: tor-talk@lists.torproject.org Subject: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others) For those who haven't been following, check out https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it You should pay special attention if you're in an environment where your ISP (or your government!) might try a man-in-the-middle attack on your interactions with https://www.torproject.org/. We stepped up our schedule for switching the Tor Browser Bundle to Firefox 6 (which we can build from source on all platforms, and thus remove the offending CA ourselves). New bundles are out now: https://blog.torproject.org/blog/new-tor-browser-bundles-4 Perhaps now is a great time for you to learn how to verify the signatures on Tor packages you download: https://www.torproject.org/docs/verifying-signatures --Roger Hello Roger. Is it possible to check the signatures for the Browser bundle, which I use on a USB with Windows but check the signatures from my Mac? I only use internet cafe computers as they are so readily available where I live, are much faster t han what I have been able to purchase for an ISP provider from my home and many times just isn't working. Don't know if that is possible to do from Mac on .exe files or whatever. Not real savvy here. Sorry. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/2/2011 7:55 AM, Achter Lieber wrote: - Original Message - From: Roger Dingledine Sent: 09/01/11 03:47 PM To: tor-talk@lists.torproject.org Subject: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others) New bundles are out now: https://blog.torproject.org/blog/new-tor-browser-bundles-4 Perhaps now is a great time for you to learn how to verify the signatures on Tor packages you download: https://www.torproject.org/docs/verifying-signatures Is it really a risk, d/l Tor or TBB directly from Tor Project's site, that verifying signatures is necessary? What is the reasoning here - if getting files from Tor Project server? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/2/2011 9:57 AM, David Carlson wrote: On 9/2/2011 9:28 AM, Joe Btfsplk wrote: Is it really a risk, d/l Tor or TBB directly from Tor Project's site, that verifying signatures is necessary? What is the reasoning here - if getting files from Tor Project server? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk I believe that the point of Roger's message was that you or I may not really be downloading the package from TorProject, if we are using SSL that is authenticated to a fake certificate. Thanks. I'm sure many would appreciate a bit more explanation what "...if we are using SSL that is authenticated..." means, in this case. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/2/2011 9:28 AM, Joe Btfsplk wrote: > On 9/2/2011 7:55 AM, Achter Lieber wrote: >> - Original Message - >> From: Roger Dingledine >> Sent: 09/01/11 03:47 PM >> To: tor-talk@lists.torproject.org >> Subject: [tor-talk] Dutch CA issues fake *.torproject.org cert (among >> many others) >> >> New bundles are out now: >> https://blog.torproject.org/blog/new-tor-browser-bundles-4 Perhaps >> now is a great time for you to learn how to verify the signatures on >> Tor packages you download: >> https://www.torproject.org/docs/verifying-signatures > Is it really a risk, d/l Tor or TBB directly from Tor Project's site, > that verifying signatures is necessary? What is the reasoning here - > if getting files from Tor Project server? > > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > I believe that the point of Roger's message was that you or I may not really be downloading the package from TorProject, if we are using SSL that is authenticated to a fake certificate. I do not use a Mac, but I was able to use GPA and Kleopatra in Windows to verify that the bundles I downloaded were signed by Erinn. In < https://www.torproject.org/docs/verifying-signatures> the procedure for verification spelled out for use on a Mac should work to verify files containing Windows code.The procedure applies to the verification computer, not the target computer. David Carlson 0xDC7C8BF3.asc Description: application/pgp-keys ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
Joe Btfsplk writes: > Is it really a risk, d/l Tor or TBB directly from Tor Project's > site, that verifying signatures is necessary? What is the reasoning > here - if getting files from Tor Project server? How do you know it was really the Tor Project server? -- Seth Schoen Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/2/2011 12:11 PM, Seth David Schoen wrote: Joe Btfsplk writes: Is it really a risk, d/l Tor or TBB directly from Tor Project's site, that verifying signatures is necessary? What is the reasoning here - if getting files from Tor Project server? How do you know it was really the Tor Project server? I'm not sure. How do I know when I open an HTTPS bookmark link to my bank, that it's my bank? I don't go through a (manual) signature verification process when signing in, or d/l anything from a bank, CC or investment company. Are you answering a question w/ a question? I asked 1st :) ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
According to a number of bloggers(1), torproject.org was include among those domains targeted in the certificate breach. In at least the case of Google, these certificates have been offered to Iranian Internet users by a number of ISPs, in a number of city. Risk is a product of situation, and if you are in Iran, Syria, Belarus, et al, I would exercise at least that level of caution. (1) http://www.nu.nl/internet/2603449/mogelijk-nepsoftware-verspreid-naast-aftappen-gmail.html On Fri, Sep 2, 2011 at 1:11 PM, Seth David Schoen wrote: > Joe Btfsplk writes: > > > Is it really a risk, d/l Tor or TBB directly from Tor Project's > > site, that verifying signatures is necessary? What is the reasoning > > here - if getting files from Tor Project server? > > How do you know it was really the Tor Project server? > > -- > Seth Schoen > Senior Staff Technologist https://www.eff.org/ > Electronic Frontier Foundation https://www.eff.org/join > 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On Fri, Sep 02, 2011 at 01:31:53PM -0400, col...@averysmallbird.com wrote 4.5K bytes in 109 lines about: : According to a number of bloggers(1), torproject.org was include among those Here's another blogger for your list, https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it -- Andrew pgp key: 0x74ED336B ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/2/2011 4:46 PM, and...@torproject.org wrote: On Fri, Sep 02, 2011 at 01:31:53PM -0400, col...@averysmallbird.com wrote 4.5K bytes in 109 lines about: : According to a number of bloggers(1), torproject.org was include among those Here's another blogger for your list, https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it Thanks for all replies on this. I read over several linked articles. Honestly, many avg users won't / can't take time to read it all & may not understand it. Question - obviously, Tor isn't the only software or site that could be targeted. What's to prevent necessity of verifying signatures on every d/l software, even mainstream, major developers (if they made it possible)? And if they don't, why wouldn't users of other software be at same risk? Just because we haven't heard about XYZ software & fake certificates, does that mean anything? Sure, verifying Tor may be prudent, but what if users have to verify signatures on all software (if available)? Unless it becomes a more automated process, avg users wouldn't devote that kind of time. I'm just asking here - other than entities (gov'ts?) targeting anonymity software (for now) what prevents this issue from becoming widespread? If I download an update from MS - how do I know it's the authentic pkg from the real MS? There's no authentication (or even check sums) for d/l Firefox, IE. Only a small % of all developers offer these capabilities. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
Joe Btfsplk wrote: I'm just asking here - other than entities (gov'ts?) targeting anonymity software (for now) what prevents this issue from becoming widespread? If I download an update from MS - how do I know it's the authentic pkg from the real MS? There's no authentication (or even check sums) for d/l Firefox, IE. Only a small % of all developers offer these capabilities. I agree that all projects ought to offer digital signatures for their downloads (or at least a digitally signed list of cryptographically secure hashes values -- no MD5s please!) and far too few projects do. But I do wonder if you are wrong about Firefox not supplying hash values. I know SeaMonkey (also hosted by Mozilla although not an official Mozilla project) offers hashes, but you have to go looking for them. I suspect the same is true for FF although I don't know if I have ever looked. Of course while I consider them (slightly) better than nothing, hash values alone won't thwart a determined and knowledgeable attacker. Jim ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
Roger Dingledine wrote: Perhaps now is a great time for you to learn how to verify the signatures on Tor packages you download: https://www.torproject.org/docs/verifying-signatures I don't have a solution to this problem but I am raising it in case somebody else does. It's great that you not only sign your packages but that the page above also lists the fingerprints of the signing keys. But in case of a man-in-the-middle attack (or a compromised website) the attacker could provide his own signatures for trojaned packages and then display a page that shows the signature for *his* signing key(s) in place of those for the real keys. I presume the general method of solving this for PGP keys is to create a chain of trust by signing the keys. But it is not clear to me how that would work for a project like Tor that distributes software to all comers where "signing parties" and the like are out of the question. Jim ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
> I'm just asking here - other than entities (gov'ts?) targeting anonymity > software (for now) what prevents this issue from becoming widespread? > If I download an update from MS - how do I know it's the authentic pkg > from the real MS? There's no authentication (or even check sums) for > d/l Firefox, IE. Only a small % of all developers offer these > capabilities. Hi, AFAIK Microsoft does an automated hash or signature check in the background to test that your downloaded packages are unmanipulated. Mozilla offers you md5 sums and - more recommended - sha1 sums along with the offical key to check the integrity of downloads: http://releases.mozilla.org/pub/mozilla.org/firefox/releases/6.0.1/ Greetings, Netizio ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/3/11, Julian Yon wrote: > On 03/09/11 15:59, Jim wrote: >> I don't have a solution to this problem but I am raising it in case >> somebody else does. It's great that you not only sign your packages but >> that the page above also lists the fingerprints of the signing keys. >> But in case of a man-in-the-middle attack (or a compromised website) the >> attacker could provide his own signatures for trojaned packages and then >> display a page that shows the signature for *his* signing key(s) in >> place of those for the real keys. > > There's no general solution as this is a bootstrapping problem. Is there a solution for this specific case? Someone claiming to be Roger Dingledine included a PGP signature block in the msg that started this thread. Nobody's responded "Hey! That wasn't me!!" or "That's not my PGP sig!" so it seems safe enough to trust that sig. Is there a secure way to get from that PGP sig to whatever's necessary for verifying a TOR package one just downloaded? Lee > However > anyone experienced enough to be responsible for signing releases of a > project such as Tor will undoubtedly have left traces elsewhere on the > net (unless they're working anonymously). For instance, they may be a > Debian developer, or have a Twitter account. By comparing fingerprints > or contact details published on different websites you can confirm that > they belong to the same person and therefore haven't been tampered with. > Deciding whether that person *should* be signing packages is a separate > problem, but which can be approached in a similar manner. Once you've > verified a key to your satisfaction, then add it to your keyring and > lsign it (that's "lsign", not "sign"). If ever a future download fails > verification because you don't trust the key, and you haven't been > notified of a change in signing key, then you know something is amiss. > > The real problem is in educating people that it's a good idea to go > through this rigmarole. I'd love to see a solution to that. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 03/09/11 15:59, Jim wrote: > I don't have a solution to this problem but I am raising it in case > somebody else does. It's great that you not only sign your packages but > that the page above also lists the fingerprints of the signing keys. > But in case of a man-in-the-middle attack (or a compromised website) the > attacker could provide his own signatures for trojaned packages and then > display a page that shows the signature for *his* signing key(s) in > place of those for the real keys. There's no general solution as this is a bootstrapping problem. However anyone experienced enough to be responsible for signing releases of a project such as Tor will undoubtedly have left traces elsewhere on the net (unless they're working anonymously). For instance, they may be a Debian developer, or have a Twitter account. By comparing fingerprints or contact details published on different websites you can confirm that they belong to the same person and therefore haven't been tampered with. Deciding whether that person *should* be signing packages is a separate problem, but which can be approached in a similar manner. Once you've verified a key to your satisfaction, then add it to your keyring and lsign it (that's "lsign", not "sign"). If ever a future download fails verification because you don't trust the key, and you haven't been notified of a change in signing key, then you know something is amiss. The real problem is in educating people that it's a good idea to go through this rigmarole. I'd love to see a solution to that. Julian signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/3/11, Joe Btfsplk wrote: > On 9/2/2011 4:46 PM, and...@torproject.org wrote: >> On Fri, Sep 02, 2011 at 01:31:53PM -0400, col...@averysmallbird.com wrote >> 4.5K bytes in 109 lines about: >> : According to a number of bloggers(1), torproject.org was include among >> those >> >> Here's another blogger for your list, >> https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it > Thanks for all replies on this. I read over several linked articles. > Honestly, many avg users won't / can't take time to read it all & may > not understand it. > > Question - obviously, Tor isn't the only software or site that could be > targeted. What's to prevent necessity of verifying signatures on every > d/l software, even mainstream, major developers (if they made it > possible)? And if they don't, why wouldn't users of other software be > at same risk? Just because we haven't heard about XYZ software & fake > certificates, does that mean anything? Sure, verifying Tor may be > prudent, but what if users have to verify signatures on all software (if > available)? These are all rhetorical questions - right? > Unless it becomes a more automated process, avg users > wouldn't devote that kind of time. And your point is ... what? I used to not bother locking my car at home. Someone stole everything in my car one night so now I always lock it. ^shrug^ If the average user gets concerned enough about security they'll take the time. > I'm just asking here - other than entities (gov'ts?) targeting anonymity > software (for now) what prevents this issue from becoming widespread? I haven't heard of anyone being able to create a fake cert. As far as I know, they've all been bought or stolen from trusted CAs. So how much do you trust all those CAs in your browser certificate store? After the Comodo [? from memory - not bothering to check] certificate kerfluffle I deleted all the non-US CAs from IE. > If I download an update from MS - how do I know it's the authentic pkg > from the real MS? http://www.truecrypt.org/digital-sig-note > There's no authentication (or even check sums) for > d/l Firefox, IE. There is on Windows .. see the truecrypt page. > Only a small % of all developers offer these capabilities. if you're concerned about it, ask the developers to offer the capabilities. Lee ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/3/2011 11:00 AM, Netizio wrote: I'm just asking here - other than entities (gov'ts?) targeting anonymity software (for now) what prevents this issue from becoming widespread? If I download an update from MS - how do I know it's the authentic pkg from the real MS? There's no authentication (or even check sums) for d/l Firefox, IE. Only a small % of all developers offer these capabilities. Hi, AFAIK Microsoft does an automated hash or signature check in the background to test that your downloaded packages are unmanipulated. Mozilla offers you md5 sums and - more recommended - sha1 sums along with the offical key to check the integrity of downloads: http://releases.mozilla.org/pub/mozilla.org/firefox/releases/6.0.1/ Greetings, Netizio Thanks Netizio & others. Clarification - check sums & verifying signatures are completely different animals - yes? I'm getting more educated on signature verification, but more questions are popping up as well. Netizio, when you're right, you're right. I had never seen the page for mozilla w/ a "key", MD5s, SHA1s. You don't see it on their main d/l page - least I never have. I'm asking these questions, because others that don't know are afraid to raise their hands. What you don't know CAN hurt you. I haven't used signature verification before, but my education field is about as technical as it gets. My 1st impression w/ the process (& instructions on Tor page - verifying signatures) is, it will be over the avg users' heads, or more trouble / effort than they're willing to exert (possibly to their detriment). I haven't tried the steps listed on Tor site, but seems pretty straight forward. Q-1: on the Mozilla link above, the "Key" says This file contains the PGP keys of various developers that work on Mozilla and its subprojects (such as Firefox and Thunderbird). Obviously, they assume anyone looking at that page & info will know exactly what to do w/ it. I don't. Would the process of using the data on their "Key" page be same as described on Tor Project's "Verifying Signatures" page? Jeroen, thanks for links, but I was talking about more automated signature verification. I think those were more for check sums - yes? Still, good info. Lee: These are all rhetorical questions - right? No. I understand Tor Project's main concern is Tor / TBB. I fail to understand why the issue / problem being discussed is in any way limited to Tor or a few softwares. It seems like if it is, or could be a serious concern for Tor users, it could be for users of any software. My contention was, few are going to go to the trouble to verify signatures, by the process that currently exists (if signatures for everything existed - & it appears they SHOULD - but don't). So, either it's a major concern & a LOT of people are going to get "infected" because they can't follow the procedures to verify signatures , or they won't take the time; OR it's not that big a risk for avg users. I might use the process, but a lot of people won't even understand the words, much less take the time. Boiled down: if it's a truly important step before installing any software, major developers need to make the verification process easier / more automated for avg users. If it's as serious & imminent a danger as the bloggers & some Tor developers indicated, either major software developers will find a way to protect avg users, or the internet could eventually become like walking the streets of El Paso & Juarez, alone at night. For those not familiar, I've been told by people w/ family there or have visited, drug cartels have basically taken over & no "decent' folk are out after dark. Lee: Only a small % of all developers offer these capabilities. if you're concerned about it, ask the developers to offer the capabilities. Should I be concerned? Are you? Is Tor or browsers the only software susceptible to fake certificates? Mozilla / Google have taken corrective steps. What about all the other apps? I have no idea how concerned I should be, but snippy answers don't contribute to the discussion. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/3/11, Joe Btfsplk wrote: [.. snip stuff addressed to others ..] > Lee: >> These are all rhetorical questions - right? > No. I understand Tor Project's main concern is Tor / TBB. I fail to > understand why the issue / problem being discussed is in any way limited > to Tor or a few softwares. My understanding is that the issue is common to all 'secured' web sites. HTTP is trivially subverted; HTTPS needs a valid cert or the user clicking past a "No, I don't care about my security; go there anyway" warning before it can be subverted. > It seems like if it is, or could be a > serious concern for Tor users, it could be for users of any software. My solution is to not download software over tor and verify the downloaded software. Sometimes it isn't possible to verify the software & sometimes I don't bother verifying.. depends on how I feel at the moment. > My contention was, few are going to go to the trouble to verify > signatures, by the process that currently exists (if signatures for > everything existed - & it appears they SHOULD - but don't). > > So, either it's a major concern For it to be a major concern, an attacker would have to a) have a valid certificate b) man-in-the-middle your traffic. What are the chances of someone other than the site owner getting a valid cert for the site? In Google's case, apparently 100% What are the chances of someone MITMing your traffic? If you use TOR, 100% So how highly do you rate the probability of a tor exit node maliciously altering your traffic? > & a LOT of people are going to get > "infected" because they can't follow the procedures to verify signatures > , or they won't take the time; OR it's not that big a risk for avg > users. Going back to the 1st msg in the thread: > You should pay special attention if you're in an environment where your > ISP (or your government!) might try a man-in-the-middle attack ... It depends on what you think the chances of someone doing a MITM attack. > I might use the process, but a lot of people won't even > understand the words, much less take the time. Boiled down: if it's a > truly important step before installing any software, major developers > need to make the verification process easier / more automated for avg users. Microsoft & FF seem to have already done that. Use the defaults and neither asks if you want to upgrade/install patches. (I could be wrong there - I do my best to disable automatic updates on everything) > If it's as serious & imminent a danger as the bloggers & some Tor > developers indicated, either major software developers will find a way > to protect avg users, I think microsoft already has - looks like all their software is digitally signed. > or the internet could eventually become like > walking the streets of El Paso & Juarez, alone at night. For those not > familiar, I've been told by people w/ family there or have visited, drug > cartels have basically taken over & no "decent' folk are out after dark. > > Lee: >> Only a small % of all developers offer these capabilities. >> if you're concerned about it, ask the developers to offer the >> capabilities. > Should I be concerned? That's a decision you have to make for yourself. > Are you? Enough that I don't download software when using TOR. Sometimes I verify signatures, sometimes I don't bother. I am very picky about where I download software from tho. But realize that isn't a guarantee.. sourceforge got hacked not that long ago & that's one of the sites I do get software from. > Is Tor or browsers the only software > susceptible to fake certificates? Any "secure" (https://) site certainly is; dunno if that's all though. > Mozilla / Google have taken > corrective steps. What about all the other apps? dunno > I have no idea how > concerned I should be, but snippy answers don't contribute to the > discussion. It would be nice if someone who actually knew all this stuff would give a long answer. I've been reading blogs, same as you, and come to my own conclusions and made my own decisions regarding 'safe behavior'. Do I think I'm "safe"? No. But in full-out paranoid mode I can't think of anything that would make me safe, so I go with what I consider reasonable precautions. Lee ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 03/09/11 19:36, Lee wrote: > Is there a solution for this specific case? Someone claiming to be > Roger Dingledine included a PGP signature block in the msg that > started this thread. Nobody's responded "Hey! That wasn't me!!" or > "That's not my PGP sig!" so it seems safe enough to trust that sig. > > Is there a secure way to get from that PGP sig to whatever's necessary > for verifying a TOR package one just downloaded? In this specific case, if a download is signed by Erinn Clark, you can establish a chain of trust from Roger to Erinn e.g. Roger 63FEE659 -> Matt 5FA14861 -> Andrew 31B0974B -> Erinn 63FEE659 Note that I constructed this chain by hand as a (hopefully correct) example; there will typically be more than one chain possible. It is the job of software to find one for you based on whom you already trust. If the package had been signed by someone like me, a recluse whom nobody trusts, you'd be out of luck. But if I'm claiming to be releasing software on behalf of a team, that should ring alarm bells for you. Does that answer your question? Julian signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On Sat, Sep 03, 2011 at 02:27:47PM -0500, joebtfs...@gmx.com wrote 4.2K bytes in 84 lines about: : is about as technical as it gets. My 1st impression w/ the process : (& instructions on Tor page - verifying signatures) is, it will be : over the avg users' heads, or more trouble / effort than they're : willing to exert (possibly to their detriment). I haven't tried the : steps listed on Tor site, but seems pretty straight forward. We made them copy and paste so new users can do it. I've watched people in trainings successfully verify the signatures. we need a better model for osx and windows, as neither system comes with gpg. Installing gobs of software that doesn't come with verification to verify tor is sort of comical. : down: if it's a truly important step before installing any : software, major developers need to make the verification process : easier / more automated for avg users. The other side to this is that users who do verify the software they download will hopefully be vocal when the software fails to verify. -- Andrew pgp key: 0x74ED336B ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On Sat, Sep 03, 2011 at 04:51:49PM -0400, ler...@gmail.com wrote 4.3K bytes in 111 lines about: : My understanding is that the issue is common to all 'secured' web : sites. HTTP is trivially subverted; HTTPS needs a valid cert or the : user clicking past a "No, I don't care about my security; go there : anyway" warning before it can be subverted. Just a fine point here, treat SSL as encryption between you and something on the other end, not as authentication of the other end (nor you if have client certs installed). -- Andrew pgp key: 0x74ED336B ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On Sat, Sep 03, 2011 at 02:36:54PM -0400, ler...@gmail.com wrote 2.2K bytes in 43 lines about: : Is there a solution for this specific case? Someone claiming to be : Roger Dingledine included a PGP signature block in the msg that : started this thread. Nobody's responded "Hey! That wasn't me!!" or : "That's not my PGP sig!" so it seems safe enough to trust that sig. : Is there a secure way to get from that PGP sig to whatever's necessary : for verifying a TOR package one just downloaded? This is what the pgp web of trust is about. you can either meet roger, or erinn, or me, or mikeperry, or jacob, etc and have us physically hand you our pgp fingerprints. Or you can trust someone who has met us and signed our keys, that you then trust. Or trust someone who has trusted someone who has met us and trusted us. Trust is like onions, onions have layers. Trust is not like parfaits. https://secure.wikimedia.org/wikipedia/en/wiki/Web_of_trust -- Andrew pgp key: 0x74ED336B ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/3/2011 3:51 PM, Lee wrote: On 9/3/11, Joe Btfsplk wrote: No. I understand Tor Project's main concern is Tor / TBB. I fail to understand why the issue / problem being discussed is in any way limited to Tor or a few softwares. My understanding is that the issue is common to all 'secured' web sites. HTTP is trivially subverted; HTTPS needs a valid cert or the user clicking past a "No, I don't care about my security; go there anyway" warning before it can be subverted. Lee, you bring up an interesting point about certificate warnings & ignoring them. Sometimes I get from Firefox 5, 6 - the warnings, "We can't verify the authenticity of the certificate." It may give a reason - like it's expired. Quite often these are bank / investment / insurance sites. Sometimes, the warning comes from Kaspersky IS. Either way, it sometimes turns out - if I call CS, they "are aware of the problem" - like expired certificate. I guess they don't really keep up w/ it. But, it could just as easily be someone faking it. AFAIK, an avg user has no way to tell if it's a fake or if a site let certificate expire, except call CS. My guess is most "avg" users think, "I know I typed the correct address, & it says "HTTPS" at the top, so I'm safe." Wrong. From the very beginning of HTTPS & certificates, I wondered what will prevent people from eventually faking some part or another of the "system." I guess it's statistically safer than plain HTTP, but not foolproof by any stretch. Yet, sites promote it as being totally safe. I can't even convince several financial sites to allow more than 10 PW chars, & to allow special characters. It doesn't happen every wk, but often enough to be a PITA. It also seems to happen when I really need to transact business - Murphy's law. For these warnings (esp. about expired certs) - I don't know if there's a way for users to verify / resolve questions, except talking to IT dept of the company - if avail. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 07/09/11 19:40, Joe Btfsplk wrote: > I can't even convince several financial sites to allow more than 10 PW > chars, & to allow special characters. My bank forces me to enter part of my password using unobscured dropdowns "for security". Sure, it avoids keyloggers, but what about *someone standing behind me*? /facepalm Julian signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 07/09/11 21:42, Marsh Ray wrote: > Do they have a gun? Otherwise, cover the screen with your hand or ask > them to look away. > > Realistically, this is nowhere near the biggest threat these days. It's > mostly a holdover from security guidance from shared computing labs and > pre-internet days. > > Yes, be aware of your physical surroundings. No, don't think that it > keeps you one bit safe online, unless you're that special case where > your adversary is physically present. There's no need to be patronising. I have plenty of security experience. Shared environments are not a thing of the past, certainly not in the UK, and a physically present adversary is a real threat for many people. Not everyone can be told to look away (unless you like time in hospital), and if you can use a drop-down with your screen covered then I applaud you. And online-banking isn't aimed at experts, it's used by "normal" people. It's so easy to mitigate this specific threat in software that it is negligent not to do so. Julian signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 09/07/2011 03:19 PM, Julian Yon wrote: My bank forces me to enter part of my password using unobscured dropdowns "for security". Sure, it avoids keyloggers, but what about *someone standing behind me*? Do they have a gun? Otherwise, cover the screen with your hand or ask them to look away. Realistically, this is nowhere near the biggest threat these days. It's mostly a holdover from security guidance from shared computing labs and pre-internet days. Yes, be aware of your physical surroundings. No, don't think that it keeps you one bit safe online, unless you're that special case where your adversary is physically present. - Marsh ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 09/07/2011 04:48 PM, Julian Yon wrote: There's no need to be patronising. I have plenty of security experience. Sorry, wasn't trying to be patronizing. Just trying to give my opinion plainly. This is where, IMHO, computer security people can maybe take a step back. Sure we should all remind each other that it's easy to get engrossed in the computer screen that we forget what's going on around us and who may be watching. But everyone in the world has experience managing their own personal space and physical security. Computing devices are ordinary physical objects now. Computer security people may not be any better qualified to advise on personal physical security (and maybe we come across as a little patronizing too). Shared environments are not a thing of the past, certainly not in the UK, and a physically present adversary is a real threat for many people. Right. I'm just not particularly qualified to advise about that kind of threat. Not everyone can be told to look away (unless you like time in hospital), and if you can use a drop-down with your screen covered then I applaud you. And online-banking isn't aimed at experts, it's used by "normal" people. It's so easy to mitigate this specific threat in software that it is negligent not to do so. Realistically today the bank may have thousands of customers with malicious keyloggers for every one who is protected by an obscured display. This was not the case just a few years ago, the threat has changed. The keylogger threat might be somewhat mitigated with the UI changes, but the UI is largely incapable of restoring a user's physical security. - Marsh ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 07/09/11 23:19, Marsh Ray wrote: > Realistically today the bank may have thousands of customers with > malicious keyloggers for every one who is protected by an obscured > display. This was not the case just a few years ago, the threat has > changed. The keylogger threat might be somewhat mitigated with the UI > changes, but the UI is largely incapable of restoring a user's physical > security. I should point out I'm no stranger to keyloggers. I may have written and deployed such a tool in the past... Nevertheless, I struggle to see how malware that can intercept keystrokes in a browser couldn't, with a little more effort, intercept form data instead. This would render the simplistic approach of dropdown character selection useless. Some banks here use some form of two-factor authentication, which I think is a much better idea. Sadly, my bank isn't one of them. Julian signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 9/7/2011 3:42 PM, Marsh Ray wrote: On 09/07/2011 03:19 PM, Julian Yon wrote: My bank forces me to enter part of my password using unobscured dropdowns "for security". Sure, it avoids keyloggers, but what about *someone standing behind me*? Do they have a gun? Otherwise, cover the screen with your hand or ask them to look away. Realistically, this is nowhere near the biggest threat these days. It's mostly a holdover from security guidance from shared computing labs and pre-internet days. Yes, be aware of your physical surroundings. No, don't think that it keeps you one bit safe online, unless you're that special case where your adversary is physically present. - Marsh Respectfully, I think some may have missed the point of (part of) my earlier comments & Julian's about PWs. Admittedly, we got off topic. It has nothing to do w/ Tor or fake certificates. So, for me, feel free to drop the topic about lack of PW security. But, the WHOLE point of my comments was (certificates, PWs, whatever), corporations say they are using highly secure methods & technology online, when in fact they often aren't. And yes, I have complained & gotten the canned replies, "we take customers' security & online safety very seriously & use high security standards..." My point was (& I think Julian's) was, aside from certificate issues, various practices of many sites where security is vitally important, their WORDS "~ we take customers' security & online safety very seriously & use high security standards...," and their ACTIONS don't match. It's not a matter of if one * could * "cover their screen" when typing an exposed PW, it's that it's generally a bad idea, that could be easily corrected. Limiting PWs to 10 alpha numeric chars (w/ NO spec. chars) is a bad idea & AFAIK, there's no reason a multi bill. corp. like Vanguard invstmts couldn't allow more chars & special chars. I also asked a question about options for users, when they are confronted w/ a warning that the site's certificate authenticity can't be verified? If it's your bank & you need to transact business - THAT day - what can you do except call & * maybe * talk to IT? If they can confirm they're aware of problem, one could probably feel safe in accessing the site anyway. What if you can't reach IT? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
On 08/09/11 15:20, Joe Btfsplk wrote: > My point was (& I think Julian's) was, aside from certificate issues, > various practices of many sites where security is vitally important, > their WORDS "~ we take customers' security & online safety very > seriously & use high security standards...," and their ACTIONS don't > match. Yes, I was agreeing with your point. I do have an awful habit of getting sidetracked though. Julian signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 09/01/2011 10:47 AM, Roger Dingledine wrote: > For those who haven't been following, check out > https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it > > You should pay special attention if you're in an environment where your > ISP (or your government!) might try a man-in-the-middle attack on your > interactions with https://www.torproject.org/. > > We stepped up our schedule for switching the Tor Browser Bundle to Firefox > 6 (which we can build from source on all platforms, and thus remove the > offending CA ourselves). New bundles are out now: > https://blog.torproject.org/blog/new-tor-browser-bundles-4 A pity that #3555 was not implemented at the time (even if the likelihood to make any difference is only given if the user actually toggled and is in disabled mode). -BEGIN PGP SIGNATURE- iF4EAREKAAYFAk5ybi8ACgkQyM26BSNOM7Y9xQD+JY3XoT87ga3x4U+ngXLn6M6F 2SajaDdAsC8E/g8XlVIBALqFxpiYjk45L9oT5dtGbmW7lWnFG1nu47oauievRc3W =8kK+ -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Dutch CA issues fake *.torproject.org cert (among many others)
Hi, How can someone verify the downloaded Torbutton file? https://www.torproject.org/torbutton/index.html.en I did not see any way to do that. Thanks, M 2011/9/15 tagnaq > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On 09/01/2011 10:47 AM, Roger Dingledine wrote: > > For those who haven't been following, check out > > > https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it > > > > You should pay special attention if you're in an environment where your > > ISP (or your government!) might try a man-in-the-middle attack on your > > interactions with https://www.torproject.org/. > > > > We stepped up our schedule for switching the Tor Browser Bundle to > Firefox > > 6 (which we can build from source on all platforms, and thus remove the > > offending CA ourselves). New bundles are out now: > > https://blog.torproject.org/blog/new-tor-browser-bundles-4 > > A pity that #3555 was not implemented at the time (even if the > likelihood to make any difference is only given if the user actually > toggled and is in disabled mode). > -BEGIN PGP SIGNATURE- > > iF4EAREKAAYFAk5ybi8ACgkQyM26BSNOM7Y9xQD+JY3XoT87ga3x4U+ngXLn6M6F > 2SajaDdAsC8E/g8XlVIBALqFxpiYjk45L9oT5dtGbmW7lWnFG1nu47oauievRc3W > =8kK+ > -END PGP SIGNATURE- > ___ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- Michael Gomboc www.viajando.at pgp-id: 0x5D41FDF8 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
