Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Certificate Authorities Vulnerability?

  • 02-05-2009 5:11am
    #1
    Black Swan
    Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,532 CMod ✭✭✭✭


    Browsers like IE8 have "Trusted Root Certification Authorities" listed within the Internet Options>Content>Certificates window. This helps the user ensure that when conducting credit card purchases online that they are in fact dealing with the seller they claim to be, and not being spoofed by some criminal?

    For example, if buying online from Sony.com, Verisign verifies (as a CA... certification authority) that you are in fact connected with Sony.com, and that Sony is legitimate by Verisign's authentication procedures (Verisign is listed in IE8's list of Trusted Root Certification Authorities, along with the Verisign certificate and public key, and Sony actually uses them as their certificate CA).

    This raises a potential vulnerability question? If some black hat hacker, perhaps using a trojan, could add their false certificate authority name to IE8's Trusted Root Certification Authority list, then they could spoof a seller site and obtain credit card information, along with other ID theft information?

    What security safeguards exist for IE8 to prevent this hack?


Comments

  • #2
    Martyr
    Closed Accounts Posts: 1,567 ✭✭✭Martyr


    all i would say is that IE8 isn't ready yet and would advise against using it :D


  • #3
    Black Swan
    Moderators, Category Moderators, Science, Health & Environment Moderators, Society & Culture Moderators Posts: 47,532 CMod ✭✭✭✭Black Swan


    Martyr wrote: »
    all i would say is that IE8 isn't ready yet and would advise against using it :D
    What about Firefox's list of CAs found at Tools>Options>Advanced>View Certificates>Authorities? Is FF3.0.10 more or less vulnerable, compared with IE8, for the same reasons given in the OP?


  • #4
    Martyr
    Closed Accounts Posts: 1,567 ✭✭✭Martyr


    yeah, you could add your root certificate to browser list.
    use some mitm attack, just not sure if it would work, probably would.

    if you created your own ca with openssl, then got it installed in the victims browser, that would probably work some way.

    legitimate server -> attacker (decrypt with real cert)
    attacker(encrypt with bogus) -> victim (decrypt with bogus)

    never tried to see how that would work.


Advertisement