NYLXS - Free Software Events

Sun Nov 24 15:36:32 2024

EVENTS

FREE
SOFTWARE
INSTITUTE

POLITICS

JOBS

MEMBERS'
CORNER

MAILING
LIST

NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2015-03-01

HANGOUT

2024-11-24 | 2024-10-24 | 2024-09-24 | 2024-08-24 | 2024-07-24 | 2024-06-24 | 2024-05-24 | 2024-04-24 | 2024-03-24 | 2024-02-24 | 2024-01-24 | 2023-12-24 | 2023-11-24 | 2023-10-24 | 2023-09-24 | 2023-08-24 | 2023-07-24 | 2023-06-24 | 2023-05-24 | 2023-04-24 | 2023-03-24 | 2023-02-24 | 2023-01-24 | 2022-12-24 | 2022-11-24 | 2022-10-24 | 2022-09-24 | 2022-08-24 | 2022-07-24 | 2022-06-24 | 2022-05-24 | 2022-04-24 | 2022-03-24 | 2022-02-24 | 2022-01-24 | 2021-12-24 | 2021-11-24 | 2021-10-24 | 2021-09-24 | 2021-08-24 | 2021-07-24 | 2021-06-24 | 2021-05-24 | 2021-04-24 | 2021-03-24 | 2021-02-24 | 2021-01-24 | 2020-12-24 | 2020-11-24 | 2020-10-24 | 2020-09-24 | 2020-08-24 | 2020-07-24 | 2020-06-24 | 2020-05-24 | 2020-04-24 | 2020-03-24 | 2020-02-24 | 2020-01-24 | 2019-12-24 | 2019-11-24 | 2019-10-24 | 2019-09-24 | 2019-08-24 | 2019-07-24 | 2019-06-24 | 2019-05-24 | 2019-04-24 | 2019-03-24 | 2019-02-24 | 2019-01-24 | 2018-12-24 | 2018-11-24 | 2018-10-24 | 2018-09-24 | 2018-08-24 | 2018-07-24 | 2018-06-24 | 2018-05-24 | 2018-04-24 | 2018-03-24 | 2018-02-24 | 2018-01-24 | 2017-12-24 | 2017-11-24 | 2017-10-24 | 2017-09-24 | 2017-08-24 | 2017-07-24 | 2017-06-24 | 2017-05-24 | 2017-04-24 | 2017-03-24 | 2017-02-24 | 2017-01-24 | 2016-12-24 | 2016-11-24 | 2016-10-24 | 2016-09-24 | 2016-08-24 | 2016-07-24 | 2016-06-24 | 2016-05-24 | 2016-04-24 | 2016-03-24 | 2016-02-24 | 2016-01-24 | 2015-12-24 | 2015-11-24 | 2015-10-24 | 2015-09-24 | 2015-08-24 | 2015-07-24 | 2015-06-24 | 2015-05-24 | 2015-04-24 | 2015-03-24 | 2015-02-24 | 2015-01-24 | 2014-12-24 | 2014-11-24 | 2014-10-24 | 2014-09-24 | 2014-08-24 | 2014-07-24 | 2014-06-24 | 2014-05-24 | 2014-04-24 | 2014-03-24 | 2014-02-24 | 2014-01-24 | 2013-12-24 | 2013-11-24 | 2013-10-24 | 2013-09-24 | 2013-08-24 | 2013-07-24 | 2013-06-24 | 2013-05-24 | 2013-04-24 | 2013-03-24 | 2013-02-24 | 2013-01-24 | 2012-12-24 | 2012-11-24 | 2012-10-24 | 2012-09-24 | 2012-08-24 | 2012-07-24 | 2012-06-24 | 2012-05-24 | 2012-04-24 | 2012-03-24 | 2012-02-24 | 2012-01-24 | 2011-12-24 | 2011-11-24 | 2011-10-24 | 2011-09-24 | 2011-08-24 | 2011-07-24 | 2011-06-24 | 2011-05-24 | 2011-04-24 | 2011-03-24 | 2011-02-24 | 2011-01-24 | 2010-12-24 | 2010-11-24 | 2010-10-24 | 2010-09-24 | 2010-08-24 | 2010-07-24 | 2010-06-24 | 2010-05-24 | 2010-04-24 | 2010-03-24 | 2010-02-24 | 2010-01-24 | 2009-12-24 | 2009-11-24 | 2009-10-24 | 2009-09-24 | 2009-08-24 | 2009-07-24 | 2009-06-24 | 2009-05-24 | 2009-04-24 | 2009-03-24 | 2009-02-24 | 2009-01-24 | 2008-12-24 | 2008-11-24 | 2008-10-24 | 2008-09-24 | 2008-08-24 | 2008-07-24 | 2008-06-24 | 2008-05-24 | 2008-04-24 | 2008-03-24 | 2008-02-24 | 2008-01-24 | 2007-12-24 | 2007-11-24 | 2007-10-24 | 2007-09-24 | 2007-08-24 | 2007-07-24 | 2007-06-24 | 2007-05-24 | 2007-04-24 | 2007-03-24 | 2007-02-24 | 2007-01-24 | 2006-12-24 | 2006-11-24 | 2006-10-24 | 2006-09-24 | 2006-08-24 | 2006-07-24 | 2006-06-24 | 2006-05-24 | 2006-04-24 | 2006-03-24 | 2006-02-24 | 2006-01-24 | 2005-12-24 | 2005-11-24 | 2005-10-24 | 2005-09-24 | 2005-08-24 | 2005-07-24 | 2005-06-24 | 2005-05-24 | 2005-04-24 | 2005-03-24 | 2005-02-24 | 2005-01-24 | 2004-12-24 | 2004-11-24 | 2004-10-24 | 2004-09-24 | 2004-08-24 | 2004-07-24 | 2004-06-24 | 2004-05-24 | 2004-04-24 | 2004-03-24 | 2004-02-24 | 2004-01-24 | 2003-12-24 | 2003-11-24 | 2003-10-24 | 2003-09-24 | 2003-08-24 | 2003-07-24 | 2003-06-24 | 2003-05-24 | 2003-04-24 | 2003-03-24 | 2003-02-24 | 2003-01-24 | 2002-12-24 | 2002-11-24 | 2002-10-24 | 2002-09-24 | 2002-08-24 | 2002-07-24 | 2002-06-24 | 2002-05-24 | 2002-04-24 | 2002-03-24 | 2002-02-24 | 2002-01-24 | 2001-12-24 | 2001-11-24 | 2001-10-24 | 2001-09-24 | 2001-08-24 | 2001-07-24 | 2001-06-24 | 2001-05-24 | 2001-04-24 | 2001-03-24 | 2001-02-24 | 2001-01-24 | 2000-12-24 | 2000-11-24 | 2000-10-24 | 2000-09-24 | 2000-08-24 | 2000-07-24 | 2000-06-24 | 2000-05-24 | 2000-04-24 | 2000-03-24 | 2000-02-24 | 2000-01-24 | 1999-12-24

Key: Value:

MESSAGE

DATE	2015-03-01
FROM	Ruben Safir
SUBJECT	Re: [NYLXS - HANGOUT] Lenovo Superfish
On 03/01/2015 06:08 PM, Ruben Safir wrote: > On 03/01/2015 02:26 PM, Paul Robert Marino wrote: Superfish Adware is NOT guilty, it is the Jews fault. It was some other application designed to intercept your data stream and replace it with some customized version of their own which is at fault. These people can't even think straight. Up is Down and Left is Right. >> Hey every one bad news about this. >> Any one on my Facebook feed would have noticed this on day1 of the story. >> I did some research and SuperFish is a 3rd party company which has >> contracts with several Android and IPhone app developers. >> there have been several unconfirmed reports on non-Lenovo Android >> devices failing on the test pages, in other words they were infected >> too. > https://blog.filippo.io/komodia-superfish-ssl-validation-is-broken > > Filippo.io > > Filippo Valsorda , 20 Feb 2015 > > > Komodia/Superfish SSL Validation is broken > > /If you are on the ball already and just want the new vulnerability, > scroll to the "client side SSL verification" section./ tl;dr The > Komodia/Superfish proxy can be made to allow self-signed certificates > without warnings. > > > Recap > > Some Lenovo laptops shipped > > with Superfish preinstalled - an ad > injecting software. How it performs ad injection is by using a SSL > interception engine by Komodia > . > > The software is spectacularly bad, and uses the same key on all > computers, which was extracted easily > , > allowing hackers to intercept the secure connections of anyone who has > Superfish installed. I made a online test, Badfish > . > > But Superfish is not the only one > > using the Komodia engine. All softwares that do share the same problem, > and their keys can be extracted easily > (same password: > "komodia"). > > However, that's not even necessary, because Komodia is horribly broken. > > > How Komodia works > > A brief step back to understand how Komodia does SSL/TLS interception > and what that means. > > On installation the Komodia software will install a root CA > certificate in the system trust store. > > Then when a user tries to visit a HTTPS website, the software will > intercept the connection and place itself between the browser and the > server. > > It will then connect to the server as a client, and relay data between > the two. As a certificate to the client it will present a copy of the > server certificate, with a different public key and signed by the root > it installed. > > In short, a Man in the Middle attack. > > What we all realized in horror is that the root private key is the same > on all machines, so anyone can take that and sign fake certificates to > use in MitM attacks. > > (For the record, this could have been a bit less bad if the proxy client > rejected its own certificate, but whatever.) > > Note that this also means that the actual HTTPS connection is handled by > the Komodia proxy client - that is, it's the Komodia software that will > connect to the server over the Internet. And it's not that good at it: > it will use obsolete cryptography, for example > . > > Anyway, we thought things couldn't get worse. But. > > > Komodia client side SSL verification > > At this point a legit doubt is: what will the Komodia proxy client do > when it sees a invalid/untrusted/self-signed certificate? Because > copying it, changing its public key and signing it would /turn it into a > valid one without warnings/. > > Turns out that if a certificate fails validation the Komodia proxy will > still re-sign it (making it trusted), but change the domain name so > that a warning is triggered in the browser. > > See in the picture below how the certificate name became > \|verify_fail.events.ccc.de\| to "propagate" the failure to the browser. > > Hm, still bad since the user/browser will receive fake information on > why the certificate is invalid, but clever. > > However. > > The Komodia proxy copies the server certificate almost entirely... What > will it do with alternative names? > > Alternative names are a X509 extension that allows to specify in a > special field other domains for which the certificate is valid. > > Boom. The Komodia proxy will take a self-signed certificate, leave the > alternate names untouched and sign it with their root. The browser will > think it's a completely valid certificate. > > So all you need to do to bypass verification is put the target domain in > the alternate field, instead of in the main one that will be changed on > failure. > > An attacker can intercept any https connection, present a self-signed > certificate to the client and browsers will show a green lock because > Komodia will sign it for them. > > > Consequences > > This means that whoever has Komodia software running on their system > will accept ANY certificate that has the domain name in the alternates. > > No need to extract root keys from each software, this allows MitM > against all Komodia-using software at the same time. > > It's catastrophic. > It's the only way all this mess could have been even worse. > > They can change the keys, or start doing the sane thing and generate a > keypair for each device, but /this bug will still allow MitM attacks/. > And with this attackers don't even need to know what software you are > running, it's a catch-all against the Komodia engine itself. > > So all the users out there with Komodia-powered Parental Control > software or adware have their banking connections easily intercepted. > Well, good job. > > Yes, a online test is coming. Meanwhile, I serve such a cert at > san.filippo.io . > > UPDATE: my online test now checks for all > Komodia-powered software with the trick above. > > > Conclusions > > First, don't make intercepting proxies. They are impossible to write > correctly, and by their very nature lower the security of the whole > Internet. > > Second, the Komodia one is a particularly bad one, and they should feel > bad. > > Third, Komodia should be punished for jeopardizing the users, like > probably all the companies that didn't do due diligence here. > > More rants on Twitter . > > > >