Coffeehouse Thread

9 posts

Man-in-the-Middle attack

Back to Forum: Coffeehouse
  • cheong

    http://gaurangkp.wordpress.com/2013/01/09/nokia-https-mitm/

    Just want to know if there's similar problem in other Nokia phones... just like the WinPhone series for example?

    I think updates from Windows Marketplace can be trusted because Microsoft will have staffs to check, but how about the softwares preinstalled on the phone? Does Microsoft have measures to prevent these things be added?

    Btw, if they're possible to hijack HTTPS traffic, I've think perhaps updates from Windows MarketPlace can be manipulated to bypass guard by Microsoft (but replacing contents for update through their proxy to another modified version), am I right?

    Recent Achievement unlocked: Code Avenger Tier 4/6: You see dead program. A lot!
    Last modified
  • evildictait​or

    , cheong wrote

    I think updates from Windows Marketplace can be trusted because Microsoft will have staffs to check, but how about the softwares preinstalled on the phone? Does Microsoft have measures to prevent these things be added?

    Btw, if they're possible to hijack HTTPS traffic, I've think perhaps updates from Windows MarketPlace can be manipulated to bypass guard by Microsoft (but replacing contents for update through their proxy to another modified version), am I right?

    1. The software pre-installed on your phone is pre-installed by Nokia anyway, so if Nokia were able to MitM to install stuff on your phone is no enhancement of their current privilege

    2. Windows Updates (including core phone OS updates) are all digitally signed back to Microsoft. Even if someone MitMs SSL traffic between you and Microsoft and swaps out the update for a malicious one it will fail the digital signature check and be rejected by the handset.

     

    The main worry is that someone who was able to hack into the Nokia proxy would be able to see your GMail/Hotmail/Banking passwords and credit card numbers.

  • magicalclick

    I am using IE instead, does it matter? Sounds like it only matters to Nokia browser. Am I right?

    Leaving WM on 5/2018 if no apps, no dedicated billboards where I drive, no Store name.
    Last modified
  • androidi

    If this is about that story I read earlier, it has to do with attempting similar sort of "acceleration" as the Amazon browser does. Technically the idea is sound since if you do most of the web page requests with lower latency and then push them to the phone in one roundtrip, that should make web loading 10-1000x faster depending on the latencies involved. For HTTPS though, it should be option for the user to "opt-in" whether they want to get similar acceleration for the secured sites.

    The only way banks could *try* to enforce that there is no MITM, is by shipping/physically handing out some sort of USB device where the access to the bank information was en/decrypted but unless that device plugs between your keyboard and the computer, it would still be quite vulnerable for sniffing (they should just hand out a custom smartphone when you open account). I know one bank which requires users to install Java runtime (while experts have for years complained that it's full of exploits, requiring additional measures to attempt to secure it if you have to install it) that they use to run a custom en/decryption at the client computer. This is much better than using the Windows API's which are easily sniffed but the fact they made it with Java makes it stink since most users won't know or bother even the most basic level of securing JRE once installed (namely, turning it off for everything but the bank that needs it or installing it in a VM).

    When it comes to real security, you need a way for the system to inform that an attacker is studying it. If the security system is not "obscurity based" then there's likely less need to study it in order to break it and you may not get any warning before the attack takes place. This and ability to isolate the system during the reverse engineering phase, is what makes even the most "sophisticated" security systems worth nothing. The only good security is the kind that the attacker cannot study without getting noticed and there has to be reason to study and that's why I prefer security by obscurity in addition to the "mathematically sound security", which really is only secure if you assume the attacker is some empty pockets thief that can't afford hundred thousand custom designed chips (or cloud compute time) to crack your stuff.

     

     

  • GoddersUK

    , androidi wrote

    The only way banks could *try* to enforce that there is no MITM, is by shipping/physically handing out some sort of USB device where the access to the bank information was en/decrypted but unless that device plugs between your keyboard and the computer, it would still be quite vulnerable for sniffing (they should just hand out a custom smartphone when you open account). I know one bank which requires users to install Java runtime (while experts have for years complained that it's full of exploits, requiring additional measures to attempt to secure it if you have to install it) that they use to run a custom en/decryption at the client computer. This is much better than using the Windows API's which are easily sniffed but the fact they made it with Java makes it stink since most users won't know or bother even the most basic level of securing JRE once installed (namely, turning it off for everything but the bank that needs it or installing it in a VM).

    http://news.bbc.co.uk/1/hi/programmes/click_online/9768132.stm

    When it comes to real security, you need a way for the system to inform that an attacker is studying it. If the security system is not "obscurity based" then there's likely less need to study it in order to break it and you may not get any warning before the attack takes place. This and ability to isolate the system during the reverse engineering phase, is what makes even the most "sophisticated" security systems worth nothing. The only good security is the kind that the attacker cannot study without getting noticed and there has to be reason to study and that's why I prefer security by obscurity in addition to the "mathematically sound security", which really is only secure if you assume the attacker is some empty pockets thief that can't afford hundred thousand custom designed chips (or cloud compute time) to crack your stuff.

    I wouldn't write it off that easily. http://news.techworld.com/security/3228701/fbi-hackers-fail-to-crack-truecrypt/

  • cheong

    , magicalclick wrote

    I am using IE instead, does it matter? Sounds like it only matters to Nokia browser. Am I right?

    Seems to be it, but it's theoretically possible for them to alter your "Automatic proxy detection" setting on their "factory default" too.

    Recent Achievement unlocked: Code Avenger Tier 4/6: You see dead program. A lot!
    Last modified
  • cheong

    , evildictait​or wrote

    1. The software pre-installed on your phone is pre-installed by Nokia anyway, so if Nokia were able to MitM to install stuff on your phone is no enhancement of their current privilege

    That's the part I originally worried about. If it's OEM PC I would wipe it clean and reinstall everything anyway so it would be non-issue for me, but there's no way provided to install a clean copy of WinRT. Because of this exact reason, I decided to give out extra bucks to get my phone from vendors instead of my current phone service carrier to get rid of crap-wares that could be found installed on the phone.

    2. Windows Updates (including core phone OS updates) are all digitally signed back to Microsoft. Even if someone MitMs SSL traffic between you and Microsoft and swaps out the update for a malicious one it will fail the digital signature check and be rejected by the handset.

    Oh, I forgot about that piece of detail in marketplace release process. I guess I can say we are safe now?

    Recent Achievement unlocked: Code Avenger Tier 4/6: You see dead program. A lot!
    Last modified
  • evildictait​or

    The only way banks could *try* to enforce that there is no MITM, is by shipping/physically handing out some sort of USB device where the access to the bank information was en/decrypted

    Or they could just send you their pubic key. All of the major problems with SSL and MitM are all to do with the public key distribution mechanism of SSL, not to do with the encryption part.

    but unless that device plugs between your keyboard and the computer, it would still be quite vulnerable for sniffing (they should just hand out a custom smartphone when you open account). I know one bank which requires users to install Java runtime (while experts have for years complained that it's full of exploits, requiring additional measures to attempt to secure it if you have to install it) that they use to run a custom en/decryption at the client computer. This is much better than using the Windows API's which are easily sniffed but the fact they made it with Java makes it stink since most users won't know or bother even the most basic level of securing JRE once installed (namely, turning it off for everything but the bank that needs it or installing it in a VM).

    None of those things affect the encryption between you and the bank. If your machine has malware on it, it can impersonate you. That's the tragic thing about viruses. 

    When it comes to real security, you need a way for the system to inform that an attacker is studying it. If the security system is not "obscurity based" then there's likely less need to study it in order to break it and you may not get any warning before the attack takes place. This and ability to isolate the system during the reverse engineering phase, is what makes even the most "sophisticated" security systems worth nothing. The only good security is the kind that the attacker cannot study without getting noticed and there has to be reason to study and that's why I prefer security by obscurity in addition to the "mathematically sound security", which really is only secure if you assume the attacker is some empty pockets thief that can't afford hundred thousand custom designed chips (or cloud compute time) to crack your stuff.

    If your attacker can afford hundreds of thousands of custom designed chips to "crack your stuff", they aren't after your bank account details, because they already have enough money.

    Also, I see that argument a lot from people who build their own encryption because "obscurity is necessary". Nine times out of ten the encryption can be broken on the back of an envelope.

    Use RSA/AES. It's better, it's more secure, and there's people who know what they're doing accrediting it as secure.

  • androidi

    @evildictaitor:

    Little clarification on what I was thinking when I wrote that:

    Those people who don't need the money are likely after information and thus may have resources to get past security systems that they are able to study in isolation. eg. if they can find without you knowing it what software or hardware you use because that information was not obscured, then they can acquire that soft/hardware and study it for weaknesses.

    The idea about using a keyboard with included encryption device has the weakness that while it can send things encrypted, how would it display the decrypted things while the sniffer/spyware is taking screenshots etc.

    So the best solution seems to be a smartphone which is somehow verified to be clean and then locked such that only new decryption and encryption keys can be added into it, but nothing else can be saved, modified on it and nothing on it could be read without tearing it apart - it would have the option to write encrypted or decrypted data elsewhere but the decryption key could come with encrypted metadata that told whether the decrypted content would be allowed to be written off-device after decryption (leaving only open the "video capture the device screen" or "sniff the bus" holes).

     

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.