Fraudulent *.google.com Certificate

Johnathan Nightingale

65

Update (Sept. 6, 2011 @10:37 a.m. PT):

New security updates for Firefox are now available.

Update (8.30.11 @ 11:25 p.m. PT)

Mozilla just released an update to Firefox for Desktop, Thunderbird and SeaMonkey. Updates are now available for:
•    Firefox for Windows, Mac and Linux (final release)
•    Firefox for Windows, Mac and Linux (3.6.21 final release)
•    Firefox Aurora for Windows, Mac and Linux
•    Firefox Nightly for Windows, Mac and Linux
•    SeaMonkey (2.3.2)
•    Thunderbird (6.0.1)

We strongly recommend that all users upgrade to these releases.

If you already have Firefox, you will receive an automated update notification within 24 to 48 hours. Users can also manually check for updates if they do not want to wait for the automatic update.

New versions of Firefox for Mobile (final release and Beta), Firefox Beta for Desktop and Thunderbird will be released shortly.

Issue

Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc. This is not a Firefox-specific issue, and the certificate has now been revoked by its issuer, DigiNotar. This should protect most users.

Impact to users

Users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site. We have received reports of these certificates being used in the wild.

Status

Because the extent of the mis-issuance is not clear, we are releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9), Thunderbird (3.1.13, and 6.0.1) and SeaMonkey (2.3.2) shortly that will revoke trust in the DigiNotar root and protect users from this attack. We encourage all users to keep their software up-to-date by regularly applying security updates. Users can also manually disable the DigiNotar root through the Firefox preferences.

Credit

This issue was reported to us by Google, Inc.

 

Johnathan Nightingale
Director of Firefox Development

 

65 responses

  1. GLaDOS wrote on :

    @Jacob Appelbaum, @Sahand

    Why would Iranians be punished with jail, torture or even a death sentence?

    I’m not understanding the connection between this CA root certificate being revoked and Iranians being jailed, tortured, or even killed. Could somebody please explain this?

    What does one have to do with the other?

  2. Lode V wrote on :

    @Daniel Veditz
    Regarding the outside company they are bringing in to perform a technical audit, this raises a few questions.
    Has Diginotar/Vasco agreed (to the Dutch Government) to cooperate with this technical audit?
    What is the scope of this ‘technical audit’?
    Is there a ‘timeline’ with a deadline for this company to report their results to the Dutch government?
    And has the Dutch Goverment promised you to disclose (all) the results to you?

    This Dutch website about security issues
    https://secure.security.nl/artikel/38302/1/247_certificaten_bij_DigiNotar-hack_aangemaakt.html
    says 247 certificates are blacklisted.

    Here
    http://www.theregister.co.uk/2011/08/30/google_chrome_certificate_blacklist/
    and here
    http://pastebin.com/EaJJt1Yj
    I read also about many revoked certificates

    And here
    https://threatpost.com/en_us/blogs/dutch-government-scrambling-reassure-citizens-about-security-digital-id-system-083011
    doubts about believing (earlier) audit in / by Diginotar which missed breaches in security.
    Diginotar issued a statement Tuesday asserting that a forensic examination conducted by Fox-IT indicated that only one of its CA root servers had been compromised and that all the fraudulent certificates issued had come from a Sub Root of that server. Other DigiNotar root servers were untouched, inlcuding those that make up the PKIoverheid infrastructure that are used to generate the DigID certificates, Diginotar said.

    This Diginotar statement (in dutch)
    http://www.diginotar.nl/Actueel/tabid/264/articleType/ArticleView/articleId/327/Default.aspx
    says DigiNotar has asked again the independent company Fox-IT, specialized in IT security, to audit her systems for possible risks to rule out possible risks for the future. The results of this audit/research will be made public as soon as possible.

    This is Fox-IT (not the pdf software :-)
    http://www.fox-it.com/en/about-fox-it

    This Diginotar statement is not fully clear
    The word ‘again’ in the statement suggest one or two meanings:
    1: again an audit
    or
    2: again an audit by Fox-IT

    On
    https://secure.security.nl/artikel/38321/Ook_Mozilla_doelwit_van_DigiNotar-hackers.html
    an Anonymous says in dutch: “the first audit was done by PWC (PriceWaterhouseCoopers) gedaan. Now Fox-IT has been asked to perform a (real) audit.”

    Also I originally thought “they are bringing in an outside company to perform a technical audit” meant the Dutch government hired this outside company.

    But now Diginotar said they (Diginotar) hired the independent company Fox-IT.

    Logius, the digital government service of the Netherlands Ministry of the Interior and Kingdom Relations (BZK), says here
    http://www.logius.nl/actueel/item/titel/pkioverheid-certificaten-van-diginotar-nog-steeds-vertrouwd/
    in dutch, dated August 31, 2011:

    Update: At this moment Fox-IT is conducting an investigation at DigiNotar. A first report is expected to be ready at the end of the week.

    GOVCERT.NL is part of Logius.
    https://www.govcert.nl/english/organisation/_logius/landing.html

    GOVCERT says in dutch, dated August 30, 2011:
    https://www.govcert.nl/actueel/Nieuws/frauduleus-uitgegeven-beveiligingscertificaat.html

    Diginotar is at this moment busy with further investigating the fraude.

    So the Dutch government is not leading or hiring the external Fox-IT auditers.
    Diginotar hired hemselves the external Fox-IT auditers to audit her systems for possible risks to rule out possible risks for the future.

    Says very little about investigating the past……

    There is in Dutch a proverb which translates to:
    Trust/reputation comes on foot, but leaves on horseback.

    I’m afraid the Diginotar reputation left in a FormulaOne Car.

    @kasperl
    Vertrouwen komt te voet, maar gaat te paard.

  3. Blah wrote on :

    Lesson learned:

    If you’re gonna issue a bogus cert, make sure its for a Mozilla owned domain and not for a Google owned domain.

  4. Lode V wrote on :

    The dutch equivalent of the BBC World Service
    Radio Netherlands Worldwide
    reports
    Dutch government stops using Diginotar for PKI Overheid Certificates

    http://www.rnw.nl/english/bulletin/security-dutch-government-websites-jeopardy

    The Dutch Interior Minister Piet Hein Donner has given a press conference in the early hours of Saturday morning after an internet security firm appears to have been hacked by Iranian hackers.

    The Dutch internet solicitors’ firm Diginotar supplies certification for secure sites which guarantee their reliability. However, Iranian hackers have reportedly managed to surpass the certification system so that the Iranian authorities can read gmail and google messages of people in Iran.

    According to a computer expert on Dutch public broadcaster NOS, the government can no longer guarantee the security of its websites. This means, for instance, that the internet identification site DigID is no longer reliable, which citizens use for various government services.

    Government sites have not been shut down, but visitors to the sites will be warned that the sites are not secure.

    Diginotar has been reportedly aware of the problem since 19 June, but did not report it to the authorities. The Dutch authorities were informed by an Iranian source.

    The minister has announced measures to hand over control of internet security to a different firm, which may take a few days, according to the minister.

    (nc)

    (c) Radio Netherlands Worldwide

  5. Matt McCutchen wrote on ::

    Opera is claiming that their users were protected because the SSL badge turns off if OCSP is unreachable (http://my.opera.com/securitygroup/blog/2011/08/30/when-certificate-authorities-are-hacked-2). That’s “rubbish”, as Adam Langley would say. I pointed them to https://bugzilla.mozilla.org/show_bug.cgi?id=327181#c14.

  6. Daniel Veditz wrote on :

    > There’s no indication in all of this (probably due to a lack of
    > disclosure by DigiNotar) that anything has been done about the
    > fraudulent certificate for Mozilla that DigiNotar also issued.

    DigiNotar did give us a list of the fraudulent certificates that they caught and revoked, including several variants on an addons.mozilla.org certificate. Neither we nor they know which ones they did NOT catch (only that there are some out there). They can’t revoke certs they don’t know about; the only remaining way to invalidate those certificates is to invalidate the root.

  7. theappalasian wrote on :

    @blah That’s rather unfair. Mozilla did right. DigiNotar was incompetent. The Dutch government even revoked it’s own certs. What more validation do you need?

  8. Jan Ostemor wrote on :

    @Daniel Veditz

    > The Dutch government, the owner of the Staat der Nederlanden roots, asked that we
    > not revoke their certs.

    So you decided to trust some politicians? Never heard that politicians sometimes not exactly tell the truth? You have a compromised registrar, you have root certs from that registrar, and yet you trust a few politicians if they telly you “don’t worry, everything is fine”? Stupid.

    Which interests do you represent? The interests of the worldwide users of firefox, their lives sometimes being in danger, or the interests of some who-gives-a-toss government?

    This is not a question of being fair, this is a question of being firm.

    Cut out the cancer to make sure it doesn’t do any damage any more. Stop working in the interests of governments and CAs. Start, just once, start working in the interests of your users.

  9. brian wrote on :

    @52 (GlaDOS):

    I’m not understanding the connection between this CA root certificate being revoked and Iranians being jailed, tortured, or even killed. Could somebody please explain this?

    Have you not been paying attention? The Iranian government is presently (and has been for a few decades) violently suppressing any dissent amongst its citizens. By the means listed above.

    Being able to do MitM attacks allows the Iranian government to intercept what people THINK are secure communications and use them to root out dissenters more easily.

  10. David Bernier wrote on :

    I support Mozilla’s decision to revoke the
    trust in the DigiNotar-issued SSL certificates.

    I think it’s a very good pro-active security
    decision. It’s unfortunate for DigiNotar,
    but in my view is justified by the risks that
    would follow from doing nothing.

  11. Tom wrote on :

    to me, it looks like “mozilla” screwed up with FF build 3.6.22.. with FF build 3.6.22, it looks like there are “server exceptions” for FRAUDULENT “usertrust” certificates, where fraudulent “usertrust” certificates will be trusted, automatically, overriding any security-checks-because of the “server exceptions” which were added to FF build 3.6.22..

    i am referring to the “server exceptions” in “FF/tools/options/advanced/view certificates/servers”..

  12. Fred5 wrote on :

    @Tom

    I am using Firefox 6.0.2 and have “The USERTRUST Network” certificates listed under the “Others” tab om my MacBook Air and the same is listed under the “Servers” tab on my Mac Desktop.

    Diginotar and Diginotar B.V. are listed under the “Authorities” tab on both.

    Could Mozilla please clarify exactly what the updates were supposed to do and verify that this is indeed what is happening upon upgrade.

  13. dan wrote on :

    @Daniel Veditz:

    I’ve updated to the latest Firefox (6.02) a few days ago. I found I couldn’t distrust DigiNotar as reported by some of my caring forummers.

    Also, I tend to conclude that you (and Mozilla) is not trying to protect your users, rather, you’re trying to protect governments and politicians who seldom browse the internet anyway. Those politicians in turn will deplete your customer base, because either they’ll be jailing or torturing us (i.e. no internet access), or better still, we’ll be shot dead. (btw, i’m NOT an iranian, but understand how it feels like if I were put in the same situation)

    I repeat. I’ve updated to Firefox 6.02 a few days ago. But today, I’ve just downloaded Google Chrome. And it’s the first time ever I’ll be using Chrome. And I’ll probably be sticking with Chrome until they start making screwed up decisions as to support governments instead of its users (hopefully not!).

  14. i am real wrote on :

    @Daniel Veditz:

    I’ve updated to the latest Firefox (6.02) a few days ago. I found I couldn’t distrust DigiNotar as reported by some of my caring forummers.

    Also, I tend to conclude that you (and Mozilla) is not trying to protect your users, rather, you’re trying to protect governments and politicians who seldom browse the internet anyway. Those politicians in turn will deplete your customer base, because either they’ll be jailing or torturing us (i.e. no internet access), or better still, we’ll be shot dead. (btw, i’m NOT an iranian, but understand how it feels like if I were put in the same situation)

    I repeat. I’ve updated to Firefox 6.02 a few days ago. But today, I’ve just downloaded Google Chrome. And it’s the first time ever I’ll be using Chrome. And I’ll probably be sticking with Chrome until they start making screwed up decisions as to support governments instead of its users (hopefully not!).

More comments: 1 2