Controversial Surveillance Firm Blue Coat Was Granted a Powerful Encryption Certificate (vice.com) 114
Joseph Cox, reporting for Motherboard (edited for clarity): A controversial surveillance company called Blue Coat Systems -- whose products have been detected in Iran and Sudan -- was recently issued a powerful encryption certificate by Symantec. The certificate, and the authority that comes with it, could allow Blue Coat Systems to more easily snoop on encrypted traffic. But Symantec downplayed concern from the security community. Blue Coat, which sells web-monitoring software, was granted the power in September last year, but it was only widely noticed this week. The company's devices are used by both government and commercial customers for keeping tabs on networks or conducting surveillance. In Syria, the technology has been used to censor web sites and monitor the communications of dissidents, activists and journalists.Blue Coat assures that it is not going to utilize the certificates to snoop on us. The Register reports: We asked Blue Coat how it planned to use its new powers -- and we were assured that its intermediate certificate was only used for internal testing and that the certificate is no longer in use. "Symantec has reviewed the intermediate CA issued to Blue Coat and determined it was used appropriately," the two firms said in a statement. "Consistent with their protocols, Symantec maintained full control of the private key and Blue Coat never had access to it. Blue Coat has confirmed it was used for internal testing and has since been discontinued. Therefore, rumors of misuse are unfounded."
LOL! Sure, whatever you say! (Score:5, Insightful)
"Blue Coat assures that it is not going to utilize the certificates to snoop on us."
Oh, heaven forbid, I'm sure any concern about this is just due to paranoia.
No way anyone would ever misuse power like this, and certainly not a company that sells web-monitoring software. Why, the very thought is just too silly to contemplate!
*cough*
Re: (Score:2)
Can anyone explain to me what a "powerful" certificate is?
Re: (Score:2)
Re: (Score:2, Informative)
It's not a wildcard certificate, it's a certificate-signing-certificate, that effectively makes them a Certificate Agency. It's not a browser-trusted certificate so any site using a certificate signed by it would also have to have Synamtec's certificate (which is a trusted certificate) presented as part of a trust chain in order for your browser to trust it (which is actually standard procedure for a lot of certs like Comodo or SSL Everywhere). In some ways this makes it worse: if it was a root certificat
It will be an Intermediate Certificate (Score:4, Insightful)
Basically the way this works is that Symantec have one single "Master" certificate, aka the "Root Certificate" for the CA. However, instead of using this one single digital key to sign all the certificates that all of Symantec's clients request, they actually use a series of "Intermediate Certificates". Think of this like a directory hierarchy with a root folder, some Top Level Directories, then a bunch of directories below that. Same deal.
This structure allows Symantec to grant the right to sign certificates based on logical groups or clusters; it also allows them to "bulk disallow" everything signed by the intermediate certificate by revoking that one file. Obviously, as the OP pointed out, an Intermediate is still allowed to "sign" certificates, with those produced having the full authority of being produced by Symantec.
What this would allow BlueCoat to do would be to sign any number of certificates as if they were signed by Symantec themselves. Bearing in mind, as others have pointed out, that BlueCoat sell filtering proxy servers and SSL interceptors, what this would allow them to do would be to effectively run "official" MitM (Man in the Middle) interceptions, in a pretty-much indetectable way, against any web site that uses Symantec Certificates.
There's quite rightly a fair bit of alarm in many posts here, suggesting that this would allow BlueCoat to spy on end users. However, the most likely scenario is that BlueCoat are using the certificates to upgrade the capabilities of their corporate proxy/filter/accelerator products for their large corporate clients. Big companies have a major issue with the leakage of proprietary information being sent off-network under the guise of SSL traffic; there are all sorts of malware packages that use SSL to communicate with their CNC hosts... In other words, there are many companies that want to have the ability to monitor even the SSL-protected traffic generated by their employees when those individuals access the web. I love a good conspiracy theory as much as the next tekkie, but in this case I suspect the actual implementation is only really of interest to you if you work for a large corporate and they haven't actually *told* you that they are doing this.
However, as other posters have pointed out, this isn't the whole story; this technology can be placed elsewhere in the network, for example within an ISP infrastructure, so it can equally easily be used to monitor private individuals.
So, if you don't want your colleagues in SecOps [at work] to know what you've got in your bank account, don't log into your online banking from work...
I'm not entirely sure of this, but because this specific story relates to Symantec certificates [i.e. the old Verisign business] I don't think the impact would be quite so relevant if you use certs from elsewhere. For maximum security, of course, I guess you could simply download OpenCA, build an air-gapped machine, install and run the OpenCA on something not connected to any other network, and get your signed certificates to the outside world by installing a CD-R burner on your CA hardware and then cutting a CD or DVD each time you create a certificate. Yes, you could use a USB key if you really wanted to, but since we all know how easy it is to infect a thumb drive, that doesn't make any sense.
Re: (Score:2)
That was a good description.
It's kind of ironic how "untrusted" self-signed certificates are becoming conceptually more secure than sign certificates. With most modern devices and some hoop-jumping, using self signed certificates isn't hard and can be made as transparent as commercial certificates.
That being said, I do think "the system" (the amorphous conglomeration of browser makers, most commercial software, etc) engages in something of a conspiracy to make it a confusing nuisance to use them. I'm kind
Re: (Score:2)
Is it really a conspiracy, or is it that certificate management in browsers is hard? I recall, a few years ago, when someone spotted that there was a bug in the
Re: (Score:2)
Since this is Slashdot, I shouldn't have maybe used the word "conspiracy". Rather than a deliberate plot by nefarious actors, what I meant was more of a series of like coincidental attitudes that treated signed certificates as more trustworthy and subsequent lack of tools and interfaces to make self-signed certificates easy and obvious to use.
Since I get paid to work with MS products, I setup my own CA with Windows Server and use it to generate certificates for use with anything that needs a certificate.
My Turn For A Conspiracy Theory... (Score:2)
Either that or the companies running commercial CAs put a lot of effort into that meme... There is a *lot* of money in Certificate Authorities... Mark Shuttleworth sold his CA business to Verisign back in the day for $
Re: (Score:1)
I call bullshit on Symantec's claim that they know what BlueCoat did with the suspected Intermediate Certificate Symantec gave BlueCoat.
It is entirely possible [it's just software and a bunch of data files, after all] to create a certificate and then wipe all evidence from any generated log files. The only log or record of certificates that I am aware that current processing demands is the list of *revoked* certificates that is maintained by the CA and used for OCSP (Online Certifi
Re: (Score:2)
In some ways this makes it worse: if it was a root certificate you could disable it in your browser. To block it you have to disable Symantec's cert and lose trust in all the other certs Symantec signed.
Given Symantec's actions I wouldn't consider this "worse".
Remove the Symatic Root CA (Score:5, Insightful)
I'd say the Symantec root CA should be removed from browsers. Only substantial action will teach them to take their great responsibility as a CA seriously.
Re: (Score:2)
I'd say the Symantec root CA should be removed from browsers. Only substantial action will teach them to take their great responsibility as a CA seriously.
Under the current US dysfunctional "justice" system and the various anti-terrorism laws, Acts, and other legislation passed over the last 2 decades publicly and by "legislation by judicial actions/decisions" through the secret courts, even calling for such an action could possibly be prosecuted as "advocating an attack on information/communication infrastructure vital to national security".
TPTB don't take kindly to people who call for the public to change their locks so that TPTB's extra-legal "skeleton ke
Re: (Score:1)
This is the solution that the whole CA model of trust is built around.
We can go in and delete the offending root cert from our browsers now, but the masses are dependent on Google, Mozilla, Microsoft and Apple to choose whom to trust for them.
Re: (Score:2)
I concur.
Re: (Score:2)
Until the browser makers remove the Symantec root Certificates, how can a consumer like myself remove those certificates from my own web browsers?
Re:inflamatory headline is inflamatory (Score:5, Insightful)
if your NSM can't see SSL then you don't have NSM.
It's the other way around: if your SSL doesn't protect you from some crap MITM box, then you don't have SSL.
If you say that a company should be able to snoop on all connections of their employees, that's trivial to do. Just install the company's CA root on every employee's machine. But you want to do this to innocent third parties, don't you? Tough cookies then. I see no legitimate reason for SSL interception without the owner's consent. Ever.
Re: (Score:1)
Such a copout answer. When it is your network, you deserve to control it.
Re: (Score:2)
> What about devices that won't let you add a new cert?
Those devices belong in their own firewalled-off VLAN, off your local network.
Even if you do MITM the SSL connection to a IoT device, what makes you think its cleartext underneath? Instead, there may well be another layer of Base64-encoded PKI message-exchange going on between the rogue IoT device and an external CnC server. The 'cleartext' won't trigger alerts because it does not match credit-card patterns or other detection patterns set in the info
Re: (Score:1)
You are assuming that its about blacklisting known bad patterns. For devices like that, the opposite is true - its about whitelisting known good patterns.
Re: (Score:2)
That's still only getting consent from one party. There's a huge pile of laws broken for sniffing encrypted traffic when the second party does not agree. Of course you the
Re: (Score:2)
That's disturbing... (Score:2)
Re: (Score:2)
Re: (Score:2)
They aren't shady. My company does the same thing.
Your company has suspected illegal business with Iran?
Re: (Score:2)
Re: (Score:2)
they ARE shady.
I had an interview with them a long long time ago. I did not go past the interview. they were 'proud' to show me a thing they called the 'cone of slience' (yes, like from the old 'get smart' tv show). the way it was explained to me, heads of state and other big wigs could come in and talk freely without any risk of anyone recording or listening (one of THOSE special rooms) and they could ask the account reps for ANYTHING and if there was enough money and power behind it, they'd get that bi
the certificate system does not provide security (Score:2, Insightful)
not real security anyway. it may suffice for everyday mundane purposes for the little people, but people who need real security all use self-signed certificates and the corresponding cumbersome process to exchange them.
Bullshit (Score:1, Troll)
Really? a "powerful crypto certificate"?
Suddenly we are in the world of snowcrash and shadowrun? Wiz man I got a cert that can break the pentagon firewalls!
Slashdot, Fiction for wannabe nerds, News for the internet people that will believe anything.
Re: (Score:3)
The article uses dumbed-down speech for normals in a way that's confusing to us. For Slashdot crowd, it'd be better to say "wildcard intermediate CA" outright -- most readers will understand, the rest can blargh the meaning from context and comments.
Re: (Score:2)
They can not do ANYTHING except convince your browser that the connection to that domain is secire, and there are TONS of them already issued. Yet the article makes it sound like it breaks something.
The whole article is horrible in every single way and is designed to scaremonger.
Understanding PKI (Score:1)
Symantec maintained full control of the private key and Blue Coat never had access to it.
Someone doesn't understand public key encryption at all.
Without the private key, the public key is of absolutely no value to Blue Coat.
They use the private key to sign other keys or to simply put themselves in a Man In The Middle scenario without being easily detectable (you'll get no warning visiting www.google.com even if they are spying on you thanks to Symantec)
Re:Understanding PKI (Score:5, Informative)
You will get a warning if you visit using Chrome or any other browser that supports key pinning / Strict Transport Security (HSTS). There are enough people using Chrome/Firefox for this to be an early warning system.
Jason
Re: (Score:3)
From what I understand, HSTS does not provide protection from a trusted certificate, it just prevents ssl stripping proxies.
Re: (Score:3)
Key pinning works well only for google.com and a handful of other sides that are hardcoded in Chrome (and I think Firefox too). Enabling HSTS is a security/privacy hole so that's no answer.
Re: (Score:1)
The most important comment for this article.
Made by an AC, sitting with a score of zero when it should by +5E12 informative.
Wrong subject (Score:4, Insightful)
This story isn't about Bluecoat per se, it's a story about Symantec selling out our trust - I have no reason to believe that they have not sold out to so to many other companies and regimes and organizations beside Bluecoat.
For a company that trades on being trustworthy they sure know how to destroy confidence.
Re: (Score:2)
Since when has Symantec (or any CA) been trustworthy?
Why do you place any trust in them? Do you know who their directors are? Do you trust these people? Why?
This is not a story (Score:2)
There are over 650 entities across the globe that can sign SSL certificates for any domain they want. For less than 6 figures USD you can buy an intermediate cert yourself. Not to mention that unless you ask for something like google.com or something similarly high profile, you can just *buy* a site certificate for sites you don't own from less-than-thorough CAs.
How is it special that Bluecoat can sign their own (maybe - assuming Symantec is not to be believed on who had the keys)? Most of the government ac
Watching the watchers (Score:3)
Is it just me, or does it seem awfully odd that we have targeted recipients of these types of certs, while seemingly ignoring the issuer, assuming they would never be involved in misuse or abuse of certs?
In other words, who's watching the watchers? Do Symantec employees go through an extensive background investigation (to include financials to prevent coercion), polygraph testing, and subjected to massive audits? If not, given the power they wield, why?
Re: (Score:2, Informative)
Symantec's Certification Authority personnel (as opposed to say, some lass who answers the phone on the front desk) will be operating according to a three ringer binder, and the procedures in that binder are subject to audit by their external auditors. For Symantec that auditor is the management consultancy KPMG.
Some of what's in the three ring binder will be set out in the CP / CPS documents published on their web site, the rest isn't, but typically
* Background check - yes
* Polygraph - probably not, unless
Certs Are Broken (Score:2)
The whole concept of a certificate authority is broken, by design.
Use self-signed certs.
Users must accept a cert on first use.
Users must be presented with a dialog if it ever changes, showing the new cert's info, thumbprint, etc., with options to accept/reject.
Individual certs can specify revocation lists if they want. Upon revocation, users should be presented with a dialog, as with a change to a cert.
Ideally, all of this would be bidirectional. Servers and clients authenticating each other. Yes, I woul
Re: (Score:2)
Last month, when I established a relationship between another server to do our nightly data dumps (they changed servers, so we had to update certs).
I'd not only be willing to do it for other things, I'd be first in line. From my banks to Slashdot.
Re: (Score:2)
Would it be possible to establish additional trust mechanisms, like this?
Establish a service which crawls the internet weekly, and keeps a hash of all new certs seen. Let there be multiple such services run by independent groups. Let such services also keep track of certs that have been revoked.
Then modify an open-source browser to emit queries to one or more such services, asking if the hash of the cert in question is OK.
This allows the users to choose who they trust. It would detect most MITM attacks, as
Re: (Score:2)
We have Firefox with its own cert store separate from the OS's.
We have cert pinning in Windows.
I don't know of a public service that tracks certs, but it could be done. You'd have to trust that service though, which is the same exact problem of trusting a cert authority.
How powerfull, actually? (Score:2)
From the article:
What does this mean? Could it be that they only can issue certificates for "*.bluecoat.com"?
If so, what is the problem?
Re: (Score:1)
No. What's happening is a language gap between what the certificate means (which you and I can verify) and what Symantec did (for which we have only their word)
The intermediate certificate, which is what you'll see at the end of those crt.sh links, says this:
* I am issued by VeriSign Class 3 Public Primary Certification Authority - G5
(Most modern web browsers trust this and several other Verisign CA keys, today they are all in the hands of Symantec, but the name is part of the certificate so Symantec can't
Re: (Score:2)
There's not a lot of press on the topic coming out of Iran, Saudi Arabia etc which is the sort of place where I'd expect something as flexible as this to be deployed.
Use your powers (Score:2)
I'm sure a lot of individuals who peruse this site every day are in a position to recommend and recommend AGAINST vendors. If enough of us at the Fortune X companies blackballed Bluecoat/Symantec/others of that ilk, one would think that would make a difference. After all, NOT buying that $20-50M satchell of poo in favor of another vendor with more transparency times 100's of the largest corporations might make a difference.\
Frankly, if I said "no Bluecoat" tomorrow, I doubt it would even be questioned.
Re: (Score:2)
Sure we trust you ROTFL (Score:1)
Why haven't we worked to replace CAs yet? (Score:2)
There are a number of proposals out there that would allow you to distribute public keys for web sites in a way that removes the reliance on CAs for security.
Storing things in DNS and securing that with DNSSEC being one. The EFF has a proposal out there (cant remember what it's called) for this as well.
And there is a proposal that replaced CAs with a system where the certificate can be signed by multiple entities and then the client decides whether to trust the certificate based on whether it trusts the ent
Re:Simple question (Score:5, Insightful)
Re: (Score:2)
"The Treadstone Project has actually already been terminated..."
Re: (Score:2, Interesting)
If they were using it for internal use, and all the PCs they were using it with were under their control, they could have easily made their own certificates that would be limited in use to their own PCs only. So why ask for a certificate that can spoof any website and will be trusted by every PC?
Simple Answer: Because corporations want it.
Blue Coat is a company that sells network security products. Many companies use their products for proxy services, etc. Most security products have problems scanning content that is encrypted using SSL. Having the ability to act as a MIM allows the proxy services, WAN acceleration boxes, etc. access to the content for processing. Companies today are hyper-concerned about losing Intellectual Property and with ensuring that employees are not doing anything at w
Re: (Score:3)
Except if you're scanning your company machines, you can do exactly what the OP said Blue Coat should have done. Issue your own cert, and make all your workstations trust it.
Re: (Score:2)
Except if you're scanning your company machines, you can do exactly what the OP said Blue Coat should have done. Issue your own cert, and make all your workstations trust it.
Except that wouldn't work with BYOD, thus the need for a certificate like this so that everything Just Works.
Exactly. Rolling your own certs sounds good until you get into the logistics and the complexity of implementing it on an Enterprise scale. Most Enterprises come to the same conclusion and pay for corporate root certificates from Symantec, etc. for their internal PKI infrastructure. It turns out that it's cheaper than the cost of support to handle all of the one-off situations that rolling your own causes. Everything just works.
Re: (Score:1)
If one Android phone "BYOD" saw a certificate, any certificate, signed by this Intermediate, it would get flagged and probably show up in Google's CT logs.
That's the thing about BYOD. As well as not installing your bullshit fake roots, the devices some employee brings in to work aren't running your "no tale-telling" hack to shut up all the warnings and diagnostics when bad things happen so you can pretend it's secure.
And what do you know, NOTHING in the CT logs. Why? Well I guess it could be the that the Li
Re: (Score:2)
This is completely wrong. I work for a very large corporation which uses Blue Coat proxies, and they absolutely do not have trusted root certificates they can just use (amongst other things, this would lead to Symantec's cross-signing being revoked).
They do the thing any IT department can do, which is everyone either runs a pre-built image with the proxy certificates baked in, or people (like me) who get dev machines end up dropping them in to suppress the "invalid cert" warnings.
Re: (Score:2)
Well, if you want to secure mobile devices you go with a mobile device management solution which would put your corporate cert on their phone and force it to use the proxy. It'd also help protect them when they're not on the corporate WiFi.
Re: (Score:3)
Simple answer, because the tinfoil hat club has been proven right over and over again in the 21st century.
Sad but true.
Re:Simple question (Score:4, Informative)
I don't think that the tinfoil hat club has been right. In fact, the surveillance and control has been worse than most claims of the tinfoil hat club.
Re: (Score:2)
Why the fuck has this site descended into rampant tinfoil hat paranoia?
Because in the past 5 years the tinfoil hat paranoia was shown to be anything but.
This is the new norm. Assume the worst and you're most likely right.