HTTPS but NOT encrypted?

Question

I'm accessing Bing (https://www.bing.com) from within China. I got the following information:

How could this happen? HTTPS but not encrypted, and with SSL certificate?

Here is the packet capture using wireshark. Bing's IP is 202.89.233.101 .

A new capture.

on the same machine what do you get when you ping bing.com ? — elsadek, Oct 24 '17 at 06:06
@dandavis what kind of cert? I did install some certs into trusted root CA, but that is for sstp vpn. — Ryan, Oct 24 '17 at 07:19
Possible duplicate of [What does this Https - "not fully secure" warning mean?](https://security.stackexchange.com/questions/147928/what-does-this-https-not-fully-secure-warning-mean) — User1, Oct 24 '17 at 15:27
This does not look like a 'not fully secure' warning. This looks like a 'not encrypted' warning. But with a SSL cert. — Jeremy French, Oct 25 '17 at 09:13

Tobi Nary · Answer 1 · 2017-10-25T08:22:22.070

23

Edit for the pcap: my theory does not hold; the other points are still valid.

I will keep my original, speculational, answer, but TL;DR: if resources are loaded via http, such a warning is warranted.

As the comments go, this seems to be a warning about non-https resources used on the website. This might trigger warnings of that kind and for a good reason:

If scripts are loaded in such a way, a man in the middle can inject scripts that compromise every interaction with such a website (and even more, in case of an exploit being available to the attacker for your browser). Additionally, even other resources could lead to code being executed that was not intended to run in that context.

Now my original answer: This might be a downgrade attack that is allowed by Microsoft.

First off: TLS has two different purposes:

to authenticate the server (and optionally the client) via a public key infrastructure.
to evaluate which encryption capabilities server and client share and choose one of them over an insecure connection.

While the server has been authenticated, it seems that the server and you have established a plain text „encryption“.

Secondly: this might be useful if the client (or server) has very limited computational capabilities. As a mean to allowing access (availability) over secrecy, this can be useful.

Thirdly, my speculation: In this case, it is possible that bing is only allowed operation in China as long as the great firewall can look inside the traffic. Thus, Microsoft might have chosen availability over secrecy, making use of the plain text option to allow for deep packet inspection by the GFC.

edited Oct 25 '17 at 08:22

answered Oct 24 '17 at 07:06

Tobi Nary

14,352
8
44
58

6

For those who are interested: There are two Bings in China, one called China Bing and the other International Bing. Both are censored but if I access international Bing i can get normal encryption. – Ryan Oct 24 '17 at 07:34
See it here: https://imgur.com/a/KJE9S – Ryan Oct 24 '17 at 07:41
That seems to concur with my suspicions. – Tobi Nary Oct 24 '17 at 07:42
@SmokeDispenser: *plain text „encryption“* - are you referring to weak or null ciphers inside TLS? I've never seen a browser which supports these. – Steffen Ullrich Oct 24 '17 at 07:58
@SteffenUllrich yes, I‘m assuming a null cipher. I guess a company that is in control of the browser might add support for this special case. – Tobi Nary Oct 24 '17 at 08:00
@Ryan: can you do a packet capture (wireshark or similar) so that one can see what is going on at the network level? I would be very surprised if their was a weak or null cipher involved. – Steffen Ullrich Oct 24 '17 at 08:02
@SteffenUllrich I updated my question to include the packet capture. – Ryan Oct 24 '17 at 08:41
Also @SmokeDispenser . – Ryan Oct 24 '17 at 08:42
3

@Ryan: thanks. There is one TCP connection to bing.com in this file (stream 2). But the capture is in the middle of the connection only so that no TLS handshake can be seen. Thus one can not see which cipher gets used. But the application data inside the SSL frames don't look plain text at all. Apart from that the cipher can not really depend on the URL path. I rather suggest that the message you see comes from including some `http://` resource inside `https://`. – Steffen Ullrich Oct 24 '17 at 09:19
@SteffenUllrich sorry I attached a new capture this time. It should now include the handshake. – Ryan Oct 24 '17 at 09:33
It seems if i just simply press F5 in IE it will not re-establish the connection? – Ryan Oct 24 '17 at 09:37
2

@Ryan: The new handshake shows clearly the use of a strong cipher (TLS_ECDHE_RSA_WIDTH_AES_128_GCM_SHA256). Based on this I don't believe the theory with using weak or null ciphers. And no, F5 does not mean that the underlying TCP/TLS connections gets recreated, but only that the HTTP request is resent which might be done using an established connection. – Steffen Ullrich Oct 24 '17 at 09:41
1

@SteffenUllrich The cause might be mixed content. Please review my answer below. – Ryan Oct 24 '17 at 09:58
@Ryan: so I've guessed correctly. To cite my comment: *"I rather suggest that the message you see comes from including some http:// resource inside https://"*. – Steffen Ullrich Oct 24 '17 at 11:00

score 11 · Accepted Answer · edited Oct 25 '17 at 19:01

11

It's not only in Edge, but also IE and Chrome. The reason is now clear: MS does serve content over insecure connections, at least in China. As the Mixed content warnings at the bottom right of the screen shot below indicate, the page requests images over HTTP, making it insecure:

edited Oct 25 '17 at 19:01

PJTraill

143
7

answered Oct 24 '17 at 09:56

Ryan

451
1
4
13

How does the screenshot prove your point? All I am seeing is "mixed content" warnings. – Flimm Oct 24 '17 at 13:34
1

I had a similar question about Pandora on Firefox. [This answer](https://superuser.com/a/776611/210293) was helpful in understanding things. – David Starkey Oct 24 '17 at 14:25
9

@Flimm1 It is loading mixed content, look at the bottom right. There is source code on the page that is specifically requesting content from an http source, making it insecure. – Caimen Oct 24 '17 at 15:33

John Wu · Answer 3 · 2017-10-25T02:38:38.197

How could this happen? HTTPS but not encrypted, and with SSL certificate?

There are three ways I can think of that this could happen.

The server is purposefully configured with a null protocol, which is technically allowed under HTTPS, although highly discouraged.
The server is configured with a proper encryption protocol, but has a weakness that allows a hacker to launch a downgrade attack. Such a weakness was found a year or two ago in OpenSSL (see this article) which is a very popular code base on which many web servers are based. There are other attacks as well.
You are in a network environment (which might be all of China) where connections to Bing are intercepted and you are served content with a certificate that is not the original certificate. This sort of setup is common in corporate environments (see this question for details). It would require that your laptop contain a root certificate that is controlled by the party that is performing the interception, e.g. a Chinese CA, which could then issue a certificate that looks exactly like it is owned by Bing.

score 1 · Answer 4 · answered Oct 24 '17 at 05:48

1

“Secure” HTTPS means an encrypted connection between the browser and the web server. That's it. That only ensures that the data traveling between your browser and the web server is safe. It does not cover all the spectrum of security.

The site is practically loading mixed content, some content such as images and CSS will be loaded over an insecure channel while the main site content is served secured over HTTPS. As an example, if any of the content uses "form action="http" instead of "form action="https", this contributes to the possibility of site being compromised. In your specific case, there's additionally adobe flash. As long as you have flash content, so practically security is dead anyway. Adobe Flash runs inside the same process and memory as the web browser and frequent bugs in it give hackers lots of easy opportunities to gain access to memory. They then can jump to a specific memory address and do anything from there.

As for the SSL, When you request a HTTPS connection to a website, the website will initially send its SSL certificate to your browser. This certificate contains the public key needed to start the secure session. Based on this initial exchange, your browser and the website then initiate the 'SSL handshake'. The SSL handshake involves the generation of shared secrets to establish a uniquely secure connection between yourself and the website. A lot of things can go wrong here and the secure connection is no longer happening. Many times, it can be due to a compromised browser but it can be because of problems in the site also.

answered Oct 24 '17 at 05:48

Overmind

8,829
3
19
28

2

Microsoft doesn't deliver _mixed content over insecure channel_ – elsadek Oct 24 '17 at 06:04
Yes it often did. – Overmind Oct 24 '17 at 06:35
I turned off Flash in Edge. – Ryan Oct 24 '17 at 07:28
2

@elsadek it might not be true in China. See my answer. – Ryan Oct 24 '17 at 09:56
Note that use of SSL/TLS doesn't guarantee encryption. The null cipher is a perfectly valid one as far as TLS is concerned. Indeed, this is, by necessity, the default selection until another cipher suite is negotiated in the handshaking. – reirab Oct 24 '17 at 15:04
@reirab: Technically, that's true, but most clients and servers will [refuse](https://crypto.stackexchange.com/a/9427) to negotiate a null cipher unless explicitly configured to do so. – Ilmari Karonen Oct 24 '17 at 16:53
1

Why is this downvoted? The only point of disagreement I see in the comments is about mixed content, but the OP's own answer shows there is mixed content. – ShreevatsaR Oct 24 '17 at 18:47
1

@reirab: Null cipher is no longer considered valid; any client or server that offers or accepts it is buggy. – R.. GitHub STOP HELPING ICE Oct 24 '17 at 19:13

HTTPS but NOT encrypted?

4 Answers4