Hacker News new | ask | show | jobs
by chflags 3627 days ago
"... breaks the trust model of SSL/TLS,"

Certainly some of the encryption one can get via SSL/TLS is worth something. (But then one could use that encryption outside of TLS, too.)

And maybe some elements of the protocol are worth something.

But on the open internet is the "trust model" really worth anything?

It is so ridiculously easy to subvert. Cloudflare does it on a mass scale.

But one does not need to be Cloudflare to do it. The "incovenience" of subverting SSL/TLS is minimal.

Any website who is delegating their DNS to some third party is potentially vulnerable not to mention any user who is delegating their DNS lookups to a third party. Those are very large numbers.

Note I said open internet. I am not referring to internal networks.

Also - Question for the author: Was the archiving of dnshistory.org successful? Did they recently shut down and use Cloudflare to block ArchiveTeam?
2 comments
jsn 3627 days ago
Not sure I understand what you are saying. If you are saying that "Any website who is delegating their DNS to some third party is potentially vulnerable" to subverting SSL/TLS, then you are absolutely wrong. Malicious DNS can help the attacker to insert her servers between the user and the web service the user is trying to access, but it doesn't subvert TLS/SSL man-in-the-middle protection in any way.
link
cherioo 3627 days ago
Malicious DNS can request cert for the domain via e.g. let's encrypt, then it can do whatever it wants.
link
jsn 3627 days ago
My understanding is that it doesn't apply at least to EV certificates. Also, the parent says that "any user who is delegating their DNS lookups to a third party", but that can't apply to such users either.
link
joepie91_ 3627 days ago
> But on the open internet is the "trust model" really worth anything?

It is. I'd be the first to admit that the CA model is absolutely not a solution that works well overall[1], but regardless of that, it's very hard to get away with a non-targeted attack on TLS (eg. by compromising a CA). Only targeted attacks are really viable, dragnet surveillance is not.

The problem with the way CloudFlare breaks the trust model, is that it's broken for everybody - not just high-risk individuals in a targeted attack, but every single person that talks to a site going through CF. It's completely viable to do dragnet surveillance or modification without anybody realizing it, and this makes it a much bigger breach than the CA model.

> Any website who is delegating their DNS to some third party is potentially vulnerable not to mention any user who is delegating their DNS lookups to a third party. Those are very large numbers.

Not without making a lot of noise. In the context of not having a good way to establish trust for previously unknown entities (Web-of-Trust doesn't really work there), the best we can do - at least, until we find a better solution - is making tampering as public and noisy as possible, so that it becomes risky for a malicious actor to carry out large-scale attacks.

Keep in mind that DNS requests are not directly done by clients, but rather through hierarchical caching resolvers - assuming that CAs used something like Google's DNS servers, an attacker on the DNS provider's network would have to spoof the DNS responses to Google, and as such have a very large portion of the internet end up on the wrong DNS record.

With the amount of DNS history services and security companies monitoring DNS discrepancies, it'd be pretty much impossible to get away with this quietly. Any attempt at subverting the verification process by changing DNS records would immediately show up everywhere.

> Also - Question for the author: Was the archiving of dnshistory.org successful? Did they recently shut down and use Cloudflare to block ArchiveTeam?

Unfortunately, our archival effort was interrupted by the operators of dnshistory.org enabling "I'm Under Attack" mode. We did not have enough time to implement the bypass before the service shut down (although it is what caused me to write the bypass code linked from the article).

I have to say it was a rather strange case anyway. We'd contacted them well in advance - multiple times, I believe - to ask about obtaining a copy of their data (which would mean we didn't have to scrape their servers), and they'd completely ignored the messages.

Only after we'd contacted them to ask about the block, did they reply with a biting message about "causing issues for other users on the site". Why they thought the impending shutdown and removal wouldn't cause issues for their users, I don't know.

[1]: http://cryto.net/~joepie91/blog/2015/05/01/on-mozillas-force...

link
chflags 3625 days ago
I agree with the distinction you make between targeted and non-targeted. But I think being able to easily accomplish targeted attacks on SSL/TLS is a cause for concern -- and indeed that's what I'm thinking of. My thought is that it should not be possible for users to place such trust in something that is so easily subverted. As for DNS, I see no reason why one cannot encrypt DNS packets to prevent tampering. If users ignorantly want to use third party caches (which opens up more problems than just the one you mentioned), even when it's so easy to run a local cache, then we see arguments for another "trust model", e.g., DNSSEC, etc. Same problems.
link