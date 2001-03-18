from the Danger-Will-Robinson!-Danger! dept.
[Ed note: After this story was submitted, it became known that there was a remote code execution (RCE) vulnerability on the Trustico web site which allowed malicious users to run arbitrary code as root on the server. Story at Ars Technica: Trustico website goes dark after someone drops critical flaw on Twitter. Link to the tweet. As of the time of this writing, the Trustico web site is unavailable. --martyb]
23,000 HTTPS certs will be axed in next 24 hours after private keys leak
Customers of HTTPS certificate reseller Trustico are reeling after being told their website security certs – as many as 23,000 – will be rendered useless within the next 24 hours.
This is allegedly due to a security blunder in which the private keys for said certificates ended up in an email sent by Trustico. Those keys are supposed to be secret, and only held by the cert owners, and certainly not to be disclosed in messages. In the wrong hands, they can be used by malicious websites to masquerade as legit operations.
Unless the affected certificates are replaced in time, visitors to websites using Trustico-sold HTTPS certs will be turned away by their browsers, due to the digital certificates being revoked.
The whole situation is a mess, and possibly the result of a turf war. Here's what we've managed to ascertain.
What is Trustico?
Trustico, based in Croydon, UK, touted SSL/TLS certificates, which are used by websites to encrypt and secure their connections. It resold certs from the Symantec brand umbrella: Symantec, GeoTrust, Thawte, and RapidSSL. This umbrella is now owned and operated by DigiCert.
If you wanted to buy, say, a RapidSSL-issued certificate, you could do so via Trustico. The HTTPS cert ultimately leads back, along a chain of trust, to DigiCert, a root certificate authority trusted by web browsers and other software. In turn, a website presenting the Trustico-sold cert is trusted, its traffic secured using encryption, and the reassuring green padlock is displayed in visitors' browsers.
Why are the certificates being revoked?
According to DigiCert's chief product officer Jeremy Rowley earlier today, Trustico told DigiCert in early February that its resold certificates had been in some way "compromised," and that the certs needed to be mass revoked as a result.
DigiCert staff, we're told, asked Trustico for more information on this security mishap. The reseller replied it had a copy of the private keys, which is usually grounds for revocation, and thus insisted that DigiCert revoke the certificates.
When pressed for evidence, Trustico on Wednesday simply emailed DigiCert 23,000 certificates' private keys as proof it held this information, it is claimed. This forced DigiCert's hand: under the rulebook of standards set by the elders of the certificate security and browser worlds, the Trustico-sold certificates had to be revoked as a precaution within 24 hours. Specifically, the ones with their private keys in the email will be canceled.
(Score: 4, Interesting) by requerdanos on Friday March 02, @12:13AM (3 children)
Naming a company like that--if any of this be true--"Trustico" would be as bad as having a group that attacks peoples' rights under the GPL and sues those who notice, and naming it something stupid like "Open Source Security Inc. [soylentnews.org]"
(Score: 0) by Anonymous Coward on Friday March 02, @12:52AM (1 child)
It's just like "Truthiness" [wikipedia.org]
(Score: 5, Insightful) by bob_super on Friday March 02, @01:08AM
Patriot Act.
(Score: 0) by Anonymous Coward on Friday March 02, @06:44AM
(Score: 0) by Anonymous Coward on Friday March 02, @12:23AM (5 children)
Apparently someone figured out they were running their web server as root as well earlier today. I think that company is basically done. If you have your cert through them ask for a refund and go elsewhere...
(Score: 5, Insightful) by requerdanos on Friday March 02, @12:37AM
Not only that, but vulnerable to XSS such that you could request that it run arbitrary commands as root and it would happily comply.
According to the Ars story [arstechnica.com], the security researcher that published the vulnerability publicly didn't want to do so on general principle, but Trustico has been threatening to sue people who allege that their security is anything less than super-perfect, and he didn't want to just "allege".
Also, people or companies that sue or who threaten to sue others that see them doing wrong and mention the fact usually deserve everything that comes their way.
(Score: 3, Insightful) by NewNic on Friday March 02, @12:55AM (3 children)
Let's Encrypt works well and the price is right!
(Score: 4, Interesting) by requerdanos on Friday March 02, @01:59AM (2 children)
Not only that, but installing it from scratch on your* server takes less than five minutes from start to finish.
"The Secret" to installing Let's Encrypt! Is to install certbot [eff.org], and run it, and it does everything for you. All you do is answer a few easy questions and watch it start working**.
- Gets you a certificate for Apache or Nginx
- Installs it
- Sets up a cron job to auto-renew your certificate
- Optionally (it asks you) configures your domain to forward all http requests to https
Just that simple.
-----
* "your" server is one on which you have a root shell. http://lowendbox.com [lowendbox.com] knows where you can get one for pocket change.
** subject to terms and provisions of murphy's law
(Score: 0) by Anonymous Coward on Friday March 02, @08:19AM (1 child)
You forgot a few steps there.
1: Download random software from untrustworthy website[1]
2: Install random software.
3: Buy and install antivirus software.
4: Lose fight against malware.
5: Reinstall.
6: Admit that downloading random software from untrustworthy websites is exactly what we've been warning Windows users about since Windows 95.
[1] Any websites that recommends downloading random software from an untrusted website is automatically untrustworthy. That their protocol is so deliberately complicated to make it futile to try writing a simple shell script so that people are forced to download their untrustworthy software just makes it worse.
(Score: 2) by KiloByte on Friday March 02, @08:30AM
You mean [debian.org]? A client much better than the official one; here's [angband.pl] my doc.
Ceterum censeo systemd esse delendam.
(Score: 1, Interesting) by Anonymous Coward on Friday March 02, @12:37AM (5 children)
Is this why Slashdot login is currently messed up?
(Score: 5, Funny) by Anonymous Coward on Friday March 02, @12:49AM (1 child)
Fuck beta.
(Score: 0) by Anonymous Coward on Friday March 02, @01:01AM
But where else will beta males and soy boys go?
(Score: 3, Interesting) by Valkor on Friday March 02, @01:29AM
My bookmark to it still has ?nobeta=1 at the end.
(Score: 0) by Anonymous Coward on Friday March 02, @01:49AM
As is the norm, a poll will be conducted, and the current state of affairs on that particular greenscreen will be pinned on Cowboy Neal.
(Score: 2) by SomeGuy on Friday March 02, @02:34AM
The other day when I happened to try and bring up Slashdot it was rejecting HTTPS connections to some older browsers. It may have also been trying to force HTTPS, I can't remember. Speculated it might be part of the TLS apocalypse: http://tenfourfox.blogspot.com/2018/02/the-tls-apocalypse-reaches-power-macs.html [blogspot.com] Although checking now, it seems to be working again. Rarely bother with that site though.
(Score: 2) by fadrian on Friday March 02, @12:53AM
Revocation of keys is better than any of the alternatives. The company will lose about half its customers due to irritation of bad security, inconvenience of dealing with revoked keys, etc. Seems like the universe is in balance to me.
That is all.
(Score: 2) by pipedwho on Friday March 02, @12:57AM (4 children)
When you get a server certificate signed by a CA, only the server should ever have access to the private key. You send the public key in the cert for signing by the CA. At no point does the private key of the local HTTPS server leave the server itself (or secure enclave / hardware security module / etc).
Maybe they meant that the private signing key of the CA was exposed? Or are they running all these thousands of HTTPS servers on their own hardware and somehow had access to all the locally held private keys? Or are they doing something totally and utterly stupid and just creating key-pairs and sending both the public and private parts to the client when they purchase a 'cert'?
Someone please help me out and explain this properly.
(Score: 3, Informative) by Anonymous Coward on Friday March 02, @01:06AM (1 child)
Trustico had a web app to "help" generate the private keys for their customers. [reddit.com] That's the least of their problems ATM. [theregister.co.uk]
Clownworld!
(Score: 2) by pipedwho on Friday March 02, @02:46AM
Clownworld alright! That is truly imbecilic.
(Score: 2) by Whoever on Friday March 02, @05:45AM (1 child)
Lots of SSL certificate vendors will generate a private key for you.
(Score: 2) by pipedwho on Friday March 02, @07:48AM
That is a Security Fail 101
(Score: 2, Insightful) by Anonymous Coward on Friday March 02, @01:01AM (9 children)
That's some serious koolaid y'all are drinkin'. Really, man, save your energy...
(Score: 1, Insightful) by Anonymous Coward on Friday March 02, @01:15AM (8 children)
Seems to be an attempt an centralization, 95% of the stuff I run has zero requirement for encryption.
(Score: 3, Interesting) by frojack on Friday March 02, @01:28AM (7 children)
Right, but then Google plans to start blackballing web sites behind Danger Will Robinson language in a month or two.
As others are sure to point out it makes it hard for anyone to mess with the data being sent to insert ads or what ever.
Not that the web content needs to be secret.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Friday March 02, @01:40AM
E-Commerce and medical stuff does, small business sites not so much. You see I agree with encryption but the inability to self-sign without a browser warning is the clue.
(Score: 4, Interesting) by fyngyrz on Friday March 02, @01:51AM (4 children)
They've been throwing frightware for a while within the context of GMail. Its been telling me for months that my own web sites are "untrusted."
They are looking in the wrong place in that regard. I trust my own HTTP sites considerably more than I trust HTTPS Google, or HTTPS GMail specifically, for that matter. My primary areas of concern with my sites are where they interact... with Google.
That's what happens when a web/app company gets too much power. They become corrupt, and begin to force their ideas on everyone else. That goes for major web browser vendors as well. Some of those ideas can be highly toxic to the web and to the users of the web. Like this one.
Many web sites simply don't need to be HTTPS. Forcing them into it is despicable.
On the plus side, this is a market opportunity for someone to go after handling searching and ad vending better more responsibly, so there's that.
The eyes are the windows to the soul.
Sunglasses are the window shades.
(Score: 1, Touché) by Anonymous Coward on Friday March 02, @02:07AM
Didn't you get the memo, anything unapproved by elitist fart-sniffers is "fake news". [collective-evolution.com] Where did you get those silly beliefs you could form your own opinion and express it publicly?
(Score: 1, Interesting) by Anonymous Coward on Friday March 02, @02:40AM (2 children)
"Forcing" websites to be encrypted helps the users. If the majority of web sites require HTTPS, then anyone parsing my traffic (either passively or actively) can't tell what I'm looking at. Let's say a website only has a HTTP route, and I click on it, but it turns out to have content that "I'm not supposed to viewing" then there's nothing I can do afterwards to encrypt that session.
Same applies to protecting the users from malicious (including ads and other generally annoying) insertions into the HTML stream by active attackers in the routing path.
It is not a major hurdle to go from HTTP to HTTPS for any decent web server. The real problem is the monetary requirement to get certs issued. I'm all for a web of trust type model - even amongst CAs, where the browser can display a star rating on "how trusted" the site/cert actually is. If a CA sends a representative to visit your premises and brings back a bunch of physical proof you are who you say you are, they're 4096 bit cert might get a 5 star rating. Web of trust style certs with good multi-point verified reputation might get you 4 stars. If it's one of the rubber stamping CAs (eg. pay them and they issue no questions asked), then you might get 2 stars. Three stars if they at least come back to verify your website is using their newly issued cert. If it's Trustico or a self-signed cert, it gets 0 stars and a warning.
(Score: 0) by Anonymous Coward on Friday March 02, @08:29AM
That's going to require a compete demolition and rebuild of the current CA model. Looking through the list of CAs the browsers accept, I don't see a single one that would have any trustworthiness in a web of trust type model.
(Score: 0) by Anonymous Coward on Friday March 02, @08:45AM
In that case the people running the websites (whether they are bad guys or the FBI running a trap) are the ones you don't want to know that you accidentally stumbled upon that site.
Encryption is not going to help you.
(Score: 0) by Anonymous Coward on Friday March 02, @08:23AM
Except for anyone the browser trusts as a CA. Including ISPs such as the one I have, and that company that decided a few years ago to break DNS for advertising purposes... What was their name again? Oh year, Verisign.
(Score: 5, Informative) by Anonymous Coward on Friday March 02, @01:29AM (3 children)
This won't do any good on Chrome and certain other browsers. They don't check OCSP or CRLs; but instead use a thing called the CRLsets. This can (and does) result in people going to insecure websites. For example, https://revoked.grc.com/ [grc.com] and the revoked certs from the Let's Encrypt test suit work perfectly fine in Chrome. This means that these certificates are a risk to users until they expire.
(Score: 2) by deimios on Friday March 02, @04:02AM (2 children)
I am getting NET::ERR_CERT_REVOKED on this page with Chrome.
(Score: 0) by Anonymous Coward on Friday March 02, @04:38AM (1 child)
Interesting, I've tried it on the latest Chrome on both my machines and that link works just fine, as does https://revoked-isrgrootx1.letsencrypt.org/ [letsencrypt.org] and most of the revoked pages on https://www.digicert.com/digicert-root-certificates.htm [digicert.com] but https://revoked.badssl.com/ [badssl.com] does raise a revoked error. This is on both Chrome OS and Mac. Maybe it is some combination of non-default settings, different CRLsets, or platform. FWIW, all of them error when browsing with Firefox.
(Score: 2) by FatPhil on Friday March 02, @09:10AM
Paging Honest Akhmed...
I was worried about my command. I was the scientist of the Holy Ghost.