[conspire] Critical browser-cerificate problem
Rick Moen
rick at linuxmafia.com
Wed Mar 23 14:37:40 PDT 2011
Here's a long but fascinating story, the bottom line of which
is that (1) you need to fix your Web browsers immediately so
they will not blithely accept fraudulent SSL certificates for
important Web sites as valid, and (2) it illustrates why the
whole 'trust this site certificate because it's signed by the good guys'
model is snake-oil, and always has been.
(The latter point is not news to those who've been paying attention.
For more, see the relevant chapter in Bruce Schneier's layman-level book
on security, _Beyond Fear_.)
https://blog.torproject.org/category/tags/ssl-tls-ca-tor-certificates-torbrowser
There are Firefox / Seamonkey / etc. updates out.
One of the impersonated Web sites is addons.mozilla.org . Those who
either attended my Firefox talk at SVLUG, or read my article on the
subject, will remember my stressing reasons why you should _avoid_
trusting sites like addons.mozilla.org and always if humanly possible
favour distro-mediated software distribution channels over upstream
sources. The current security meltdown is yet another example of why.
In general, given that Web browsers are stuck using the 'trust it; it's
signed' crypto model, there needs to be a _lot_ more scrutiny of
certificate authorities whose root keys are bundled into browsers, and
also (as the above page stresses) all browsers should hard-fail on
certificate revocation errors. Linux distro package maintainers are the
most likely places for this to happen.
More information about the conspire
mailing list