Hello Everyone, After inspecting the SSL hijacking attempts collected by Zemana IntelliGuard we have come across the list companies who is installing a Root CA on user's PCs with the same private key thus making their users vulnerable to MitM attacks. http://cdn9.zemana.com/tmp/RootCAList1.htm
Can you give some more info? What is the reason they do this, and can't these companies be trusted anymore?
The reason is to see and/or modify SSL/TLS traffic, and that will be likely to e.g. scan SSL traffic for malware/exploit (some AV), inject ads (Superfish), monitor/modify contents as you like (Fiddler, Proxomitron), monitor and control internet by users (common in corporation), etc. Trust or not is what YOU have to decide. I dislike all those MITM attempts unless I myself did, and I know when it comes to crypt even well-known security vendor don't follow best practice. So crypt is good indicator to see how a company is serious about security. Bitdefender's MITM proxy used (and may still use) terrible encryption. Kaspersky have/had long been used Heartbleed vulnerable component in their Android app long after HB was published (this is why I quit to use their app). NVT-ERP uses broken MD5 for file identification as well as path. All these are terrible. I think you misunderstand. It's not much about malicious or legitimate, it's more about vunlerability. Superfish happened to use it for adware purpose, but this matter go much further than that. They could be much better while still being adware and still do MITM if they used individually different keys, used latest crypt module rather than dated nss3.dll, strictly verified certificates, and asked user if he want to do MITM (IMO, the problem is most people won't understand). These things are what you have to check if you still want to use products with MITM, regardless of if the vendor is reputable or not. IMO, any products shouldn't use MITM unless they explains it and its user can understand. IOW, only programs for advanced user should use MITM, other software shouldn't. Leaving those decission for common PC user is irresponsible. If you care about security, check all certificates on all your system (OS'root CA and each SSL facing program's if the program have its own cert store like Firefox and plesto Opera) at least once, prefarably more. Also always manually check SSL certificate when you connect to sensitive site. If you followed this, you couldn't be vulnerable by this messing. Also it's worthwhile learning about crypt which is very fundamental in internet security. Not all crypt-related attack require malware (some MITM, Heartbleed, etc.), so if you only care about malware, you can't be fully protected.
That's quite a list. I don't think intercepting HTTPS traffic using a self-signed root certificate with the same private key is a good idea. That just makes it easier for possible attackers to spoof any HTTPS website, if they are able to extract and crack the password somewhat like the one described here: http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html
Zemana AntiMalware 2.7.2.440 reported "Replay Media Catcher 6 SSL Scanner CA", which is not in this list. Should I worry about this? This is what the publisher said about the version 5 root CA: https://replaymediacatcher.zendesk....94-What-is-the-HTTPS-SSL-scanning-certificate
Exactly this. Thank you Emre for the list and thank you Yuki for the excellent explanation of the problem.
Why is an old Symantec CA in there?!?!? Looks like it is linked to SEP (Symantec Endpoint Protection).. Very alarming to have that in a corporate product, maybe it's old? Also note Utiltool/Sophos/Spyware Terminator and Lavasoft all using Superfish. I wonder what the Lavasoft fans will say about that here?
It's funny how this is getting so much publicity, and companies are grandstanding over it. All of the malware, transparent proxy nonsense we see everyday, and this one is picked out. Largely because it impacted one of the largest PC makers in the world I guess. With all of the issues around privacy/security, companies should realize they can't hide this stuff for long anymore. I found steady streams on my network going to Mixpanel, despite no known Mixpanel applications. UTM logs showed it was from my sons Android, and I narrowed down the application. I think people need to start paying attention to companies like Mixpanel that mine data from sensitive applications/devices. Untangle blocks Mixpanel at the router - by the way - under the category 'marketing'. Once these lesser known data mining firms become well recognized, and blocked, things will improve. ONLY EMSISOFT blocks Mixpanel at the desktop level right now... Still curious about why Symantec is using SuperFish CA (it's old though)
IMO, the more important issue here is whether the user is made aware of the certificate install, informed of its function, or given a choice in the matter. 142395 mentioned Proxomitrons certificate. In order for Proxomitron to filter HTTPS (not enabled by default), the user has to choose to install Proxomitrons certificate and set its permissions. Unlike SuperFish and others, the process is completely transparent and under the users control. The term MITM has been given a very narrow definition in these discussions. It's used to describe anything between your browser and HTTPS sites that can decrypt the traffic, regardless of whether it's on your PC or between you and the site on the web. This is misleading. Who decided that only your browser can legitimately decrypt HTTPS traffic? Software other than your browser on your PC that decrypts HTTPS is a local proxy. If you choose to install it, knowing its abilities, it's not a "man in the middle". It's part of the client. If it's installed without your knowledge, then it's another matter. The real issue is who controls it and why it's there.
I want to find out more about why this is happening with Symantec. Granted, it's 2005 CA, and appears linked to SEP. If I find that certificate on my machines with Norton, I am shelving Norton immediately and reverting to Trend.
Probably because it's a corp and probably also has Komodia installed to decrypt SSL traffic. Standard corp procedure via splash screen at boot time stating everything you do is monitored and there is no privacy guaranty?
I can check when I get time. We have a good number of clients on SEP. But Norton 2015 has very similar technologies, and doesn't need SuperFish to handle SSL. So I am confused.
This CERT appears no longer used with Symantec. I checked multiple Symantec systems today, it was nowhere to be found.
Actual matter is it's hard for most people to correctly understand the risk of MITM technique even when they themselves chose it. Many of those programs, including Proxomitron, Kaspersky AV, ESET, etc. don't MITM TLS by default but don't give much info about its risk when chosen. I had been Proxomitron (and Privoxy too) user, but have never enabled SSL/TLS inspection and IIRC dev didn't recommend too. There won't be many program which is on per with browser about SSL authentication. Using different keys is just a least ground which somehow many of those MITM programs' vendor emhasize to show their program is different from Superfish. How can I tell if it do better authentication than browser and my eyes? Expiration date and revocation are checked so it's okay? Does all of them use the same cert store in OS or in browser like Firefox so that if I disabled some certs it's reflected in the MITM program? Does they use same strong encryption as browser (I know in most case the answer is no.)? I disable some cipher suites and old protocols on my browsers, is it reflected to the program? Does they disable TLS compression to prevent CRIME? How about TLS fall back? How about TLS channel ID? Forced OCSP? OCSP stapling (not much about security, but about privacy)? HSTS and HPKP (Chrome uses HKPK for some measure sites by default)? Too many things to consider. Call me as paranoid, but I'm not comfortable if I can't control my SSL connection and can't know who I'm connecting to. SSL is very foundation in internet security. As to usage of the term MITM, it should be determined if there's sth btwn end terminals, it's not necessarily is browser but anything btwn them can be called MITM, but shouldn't be based on if it is on your PC. If such def is admitted even malware can be excluded from MITM (I know difference btwn MITM & MITB, I'm strictly speaking about MITM), but remember MITM itself is not necessarily negative word (MITM attack is nagative word). If you're web developer and your site employ SSL, you may want to investigate your site by MITM. MITM are also used in many corporation as well as parental control. MITM have many legitimate use. The problem is, again, most people don't understand the risk and those programs fails to correctly inform them.
Norton uses plugin based approach against threat from SSL, but if you install additional parental control component IIRC it can inspect SSL by MITM (I forgot if it is only for paid version). Maybe same for corporate product line (monitoring employee)?