I'm writing this post from chrome. If I go to a HTTPS site after this, the public keys built into the version of chrome I'm using will be used to verify the site's signature (unless I misunderstand). Since I downloaded chrome over the internet, how could I have prevented against a man in the middle attack? For example, suppose an attacker can insert himself in the connection close to the chrome download server. He could insert fake keys into the downloading packages and then send those downstream to the users. Obviously this is very hypothetical, but from a theoretical point of view I guess what I'm asking is how can keys be distributed over an unsafe network? How do you know the person you're downloading the keys from is who they say they are without getting a key from someone else, where you face the same problem?
- 205
- 2
- 3
- 11
- 496
- 3
- 12
-
3two words: lenovo superfish - trust on this point is a real concern – schroeder May 27 '15 at 03:18
-
Your operating system comes with a set of trusted certificate authorities out of the box. Do you trust your OS? Did it come preloaded from a manufacturer, or on physical media directly from the developer? Or did you download it from a torrent site? As schroeder mentioned above, Lenovo included a piece of malware named Superfish which subverted the CA chain of trust. – Motoma May 27 '15 at 14:44
-
@Motoma I use Ubuntu which I downloaded online. Theoretically it could have been intercepted and replaced with a version with bad certificates – Elliot Gorokhovsky May 27 '15 at 15:01
-
@RenéG: My point here is that the trust used in your browser extends back to the method you used to install the OS you're using. You downloaded Ubuntu from another OS--hopefully you trusted the CAs in that OS, downloaded over HTTPS, and validated the signature on the ISO when you were done. In that situation, you'd be pretty sure that the CAs in your current OS were valid. If not, you might worry that the CAs in your previous OS had been compromised and injected false CAs into your current OS when you downloaded it, and now is using those false certs to spy on you. – Motoma May 27 '15 at 17:01
-
Read my answer here: http://security.stackexchange.com/questions/110914/https-is-able-to-prevent-arp-poison-attack-in-lan – Rui F Ribeiro Jan 17 '16 at 14:51
2 Answers
It's not theoretical at all. The NSA has a program called Quantum Insert that injects packets into users web sessions, and can redirect downloads to an NSA site that contains whatever the NSA chose to put in the download. It's certainly possible they could do what you're describing to a browser download.
There's a great essay on how it works at http://www.wired.com/2013/11/this-is-how-the-internet-backbone-has-been-turned-into-a-weapon/
To protect against this kind of attack, you need to make sure you're downloading the browser with https. As long as the browser you're downloading with isn't compromised, and you're connecting via https (and you check the URL you're downloading from is legit and https), then packet injection like Quantum Insert, or some other form of redirection isn't possible.
- 21,530
- 8
- 50
- 76
-
I am afraid to disagree HTTPS is secure to whoever has control of your backbone, and specially when not using VPN. You are lulled in a false sense of security. Please do read on. http://security.stackexchange.com/questions/110914/https-is-able-to-prevent-arp-poison-attack-in-lan – Rui F Ribeiro Jan 17 '16 at 14:53
-
@RuiFRibeiro It's true that https is likely secure against NSA spying. However, when you go to a website, do you always notice whether the links are HTTPS or not? It's trivial to bring up a fake version of the website you're viewing and put in your own links that point to a hostile site. Remember that NSA doesn't take the direct approach, they try to sneak around the corner and hide in the shadows. – Steve Sether Jan 18 '16 at 14:42
-
I do agree they have indeed many methods. about HTTPS, lenovo can do it, firewalls in corporate settings can do it, Kazakhstan does it, I can do it in an entreprise setting, and NSA with probable access to several root CAs cannot do it? ...hmmm Have you read my link? It does not seems so. It is talking how you can do it in Linux too. http://www.zdnet.com/article/how-the-nsa-and-your-boss-can-intercept-and-break-ssl/ – Rui F Ribeiro Jan 18 '16 at 14:51
the public keys built into the version of chrome
Chrome has no internal certificate trust store. It uses the operating system's trust store. (Firefox on the other hand has its own certificate trust store.) -- But I guess if you assume a hacked version of Chrome, then anything is possible.
Since I downloaded chrome over the internet, how could I have prevented against a man in the middle attack?
Chrome downloads default to HTTPS AFAIK. So if you trusted HTTPS before, then you might as well trust it afterwards.
Also: Otherwise: Upload your Chrome installer to https://virustotal.com/ (if you still trust any HTTPS site that is.)
If you're on Windows: Check the digital signature of ChromeSetup.exe (if you still trust your OS to not lie to you there.)
If you don't trust your OS far enough to not lie to you in these respects, then you're out of luck.
I guess what I'm asking is how can keys be distributed over an unsafe network?
You can't. Trust has to start somewhere. Not if that unsafe network is your only means of communication and you don't trust anyone.
- 17,923
- 1
- 51
- 86