Forgot your password?
typodupeerror
Networking Censorship

Cyberoam Packet Inspection Devices Open Traffic To Third Parties 29

Posted by Unknown Lamer
from the security-through-oh-screw-it dept.
New submitter jetcityorange tipped us to a nasty security flaw in Cyberoam packet inspection devices. The devices are used by employers and despotic governments alike to intercept communications; in the case of employers probably for relatively mundane purposes (no torrenting at work). However, the CA key used to issue fake certificates so that the device can intercept SSL traffic is the same on every device, allowing every Cyberoam device to intercept traffic that passed through any other one. But that's not all: "It is therefore possible to intercept traffic from any victim of a Cyberoam device with any other Cyberoam device - or, indeed, to extract the key from the device and import it into other DPI devices, and use those for interception. Perhaps ones from more competent vendors."
This discussion has been archived. No new comments can be posted.

Cyberoam Packet Inspection Devices Open Traffic To Third Parties

Comments Filter:
  • by Coeurderoy (717228) on Wednesday July 04, 2012 @12:15PM (#40542787)

    after all their clients are either incompetent or evil....

    What would be really interesting would be a simple consumer level tool to detect DPI with crypto interception...
    So at least you know how much your ISP loves you....

    • by Coeurderoy (717228) on Wednesday July 04, 2012 @12:16PM (#40542799)

      I do apologize, I should have written something real useful like "first post", but it is the first time it happens to me, so I forgot :)

    • by russotto (537200)

      What would be really interesting would be a simple consumer level tool to detect DPI with crypto interception... So at least you know how much your ISP loves you....

      Just use a browser. Theoretically your ISP could intercept all the ways you could acquire a browser over their network and install their cert in each, but you could use a browser acquired elsewhere. Then go to any secure site and if you get a certificate warning, be suspicious.

    • by fluffy99 (870997)

      after all their clients are either incompetent or evil....

      What would be really interesting would be a simple consumer level tool to detect DPI with crypto interception...
      So at least you know how much your ISP loves you....

      Well the fake certificates will only work if you trust the certificate the box is using to generate the fakes. Seems rather trivial to check your root/trusted certificates, eh?

      • well the typical consumer has clicked: yes, yes, yes, yes ... a couple of month ago...
        And does not understand how any of this works...

        So a tools that tells him or her ... "I see a spy siting about ==> here" sniffing your youtube/facebook/etc... transaction would be
        more helpful than being satisfied that you can :
        If you use firefox do Edit/Preferences/Advanced/View certificate and see if any seems suspicious, btw it could probably even be called something like "Best Verisign for Trust in Your Region" or "Z

        • by fluffy99 (870997)

          If you're using IE, just click the little padlock and see who signed the certificate. In firefox, you click to the left of the URL. Of course it's a few more clicks to see the actual chain. FF also shows you the intermediate cert and not the root like IE.

          You're probably right though, that some quick utility to make it idiot proof would be helpful.

  • This is suprising? (Score:5, Insightful)

    by houstonbofh (602064) on Wednesday July 04, 2012 @12:17PM (#40542813)
    People are surprised that a device that hacks it's way in to ssl communication is insecure? Contrary to popular belief, people that specialise in tearing down walls are not the best wall builders.
  • Derp! (Score:5, Insightful)

    by girlintraining (1395911) on Wednesday July 04, 2012 @12:31PM (#40542935)
    This just in: End to end encryption which does not form trust via a third party (like a certificate authority) still the best way of securing communications. The certificate authority system has been flawed from day one. IPSEC is still the way to go, along with secure DNS, but as you will note... companies and governments have been dragging their feet on it. A good indication that something is secure is that laws are passed against its use.
    • >IPSEC is still the way to go
      As long as you really know who you are communicating with. And as long as the whole network supports all the weird NAT out there. And as long as you really have it configured right. Oh never mind.
      >A good indication that something is secure is that laws are passed against its use.
      Thats some mighty secure methamphetamine you got there...
  • by Animats (122034) on Wednesday July 04, 2012 @12:37PM (#40542997) Homepage

    I don't think this is a cert issuer trusted by major browsers. Unless some "toolbar" or a corporate installation has managed to put this cert into your browser (which happens), this attack may be ineffective against browsers.

  • I fail to see how this device would intercept my dual certificate handshaking, but also WHY no everyone out there thinks that one-way SSL certification makes your connection secure!!!
    • by stanlyb (1839382)
      Or if i want to make myself clear, here is one sample:
      FILENAME=server
      openssl genrsa -out $FILENAME.key 1024
      openssl req -new -key $FILENAME.key -x509 -days 3653 -out $FILENAME.crt
      cat $FILENAME.key $FILENAME.crt >$FILENAME.pem
      chmod 600 $FILENAME.key $FILENAME.pem



      FILENAME=client
      openssl genrsa -out $FILENAME.key 1024
      openssl req -new -key $FILENAME.key -x509 -days 3653 -out $FILENAME.crt
      cat $FILENAME.key $FILENAME.crt >$FILENAME.pem
      chmod 600 $FILENAME.key $FILENAME.pem


      CLIENT SIDE
      • by durdur (252098)

        Only a very tiny percentage of traffic on the web uses client authentication. Yes, it is secure. But if you have a lot of clients then certificate management becomes a major issue.

  • Most companies that do this type of SSL inspection at their Internet gateways can get Internet Explorer (and such companies often standardize on IE) on the user's PCs to trust the fake certificate by pushing the fake Certificate Authority Root Cert through their Active Directory.
    • by DarkOx (621550)

      Yes, but you push your own root certificate form your own CA. Then you generate the remote server certificates using that or a subordinate CA. What you don't do is use some certificate that came on your SSL intercept box, because if you do the private key is um, not private. If your SSL intercept solution does not allow you to setup your own trusted root find a new one.

      This is whole problem is one born of simple incompetence.

There is no opinion so absurd that some philosopher will not express it. -- Marcus Tullius Cicero, "Ad familiares"

Working...