CA hack: more bogus certificates
Dutch SSL Certificate Authority (CA) DigiNotar is still keeping a low profile regarding the extent of the recently disclosed intrusion by hackers. The source code of the Chromium browser project, on which Google Chrome is based, has now provided some evidence of the extent of the compromise: its list of blocked certificates has grown from 10 to 257. A source code comment makes it clear that the newly added certificates were issued by DigiNotar. Whether the blocked certificates affect further popular web sites remains unknown. In addition to the CA's root certificate, the Chromium developers have also blacklisted two intermediate certificates derived from it.
While other browser makers such as Mozilla and Google released updated versions of their browsers, Opera's security team announced that it sees no need to respond with an update: bogus certificates don't present a problem for Opera, because the browser uses a Certificate Revocation List (CRL) to check the validity of a certificate before it accesses a HTTPS page. The CRL contains certificates that have been revoked by the issuing authority. If Opera finds the certificate on the list, the connection is marked as insecure. Although all other browsers also use CRLs, some simply give up and consider a connection secure when they can't reach the list.
During a Man-in-the-middle (MITM) attack an attacker can, therefore, simply block the browser's CRL access and deliver the revoked certificate unnoticed. This has now forced browser developers who put user convenience before the strict interpretation of the list to release updates. Windows versions since Vista have used a whitelist of trustworthy CAs, the "Microsoft Certificate Trust List", which is maintained by Microsoft. The hacked CA has already been removed from that list.
Internet Explorer also uses the list and, in theory, the list is designed to be updated automatically, but this didn't happen on some of the computers at heise Security's editorial office (The H's associates in Germany), and IE 9 consequently accepted DigiNotar's root certificate without warning on these computers. Separate security updates are to be released for Windows XP and Windows Server 2003.
Mikko Hypponen from F-Secure writes that DigiNotar doesn't appear to have taken security matters too seriously. The security specialist said that text files he discovered on the CA's web server indicate that the server has been compromised repeatedly by various hacker groups since 2009. Sophos says that the authority has been lax about the problem that all browsers now display a warning when a page with a DigiNotar certificate is visited: the CA reportedly said that 99.9 per cent of warnings can safely be ignored.