Security Now 243
Episode 243 |
Topic: Subverted SSL Recorded: April 7, 2010 Published: April 8, 2010 Duration: 1:39:29 |
Contents
Security Now 243: Subverted SSL
News & Errata
09:25 - 12:40
- Firefox has been updated to 3.6.3 to fix a memory corruption flaw
- It also fixes an information leak vulnerability where a website could determine which websites you have visited through checking the colour of links
12:39 - 14:24
- Java has been updated to fix multiple remote code execution vulnerabilities
14:25 - 15:47
- Quicktime has been updated on Windows to v7.6.6
15:48 - 24:04
- Adobe PDF's by design are able to launch other system executables in order to display embedded content
- Hackers can manipulate the warning message Adobe displays before launching the application to deceive users
- This also affects Foxit Reader
- Launching embedded executable from PDF document using features of the PDF language, without exploiting vulnerabilities: [1]
- Preventing Adobe Reader from launching executables: [2]
27:33 - 56:29
- UPS's online tracking system crashed on iPad release day due to everyone checking the status of there order
- Steve has now ordered the top of the range 3G iPad
- He says it needs a case with a stand
- Wifi connects quickly
- The battery life is great
- There is a fantastic PDF reader called 'Good Reader'
- The rotation lock is good
- The iBook store currently has a weak collection of books
- You cant hold the iPad in one hand it is too heavy
- The mail app is also good
- Steve also likes 'Puzzle Maniak'
01:32:18 - 01:39:00
- Steve is annoyed by the lack of Flash on the iPad
Spinrite Story
56:30 - 58:23 Anon(A CEO) (Unknown)
A customer used Spinrite to fix a dead hard drive and saved $30,000 worth of orders that were not backed up
Subverted SSL
58:24 - 01:32:18
- Microsoft stores trusted Certificate Authorities(CA) in the Windows Trusted Store
- If you go to a website whose web certificate is signed by someone not currently in your instance of Windows, down in the Windows crypto system, it will see that you're asking about a certificate it doesn't currently have. So it contacts Microsoft and grabs the certificate that you're asking for on the fly.
- All browsers on Windows use this store of trusted CA's apart from Firefox
- A researcher was at a conference where they saw in sort of the trade show portion of the conference a very disturbing booth from a company called Packet Forensics.
- Packet Forensics was advertising a little turnkey network appliance which was able to perform SSL man-in-the-middle attacks
- A country could force a CA operating in its country to issue a certificate for any website in the world
- Then when a user visits the fake website it would appear to be the real website as is has a certificate signed by a trusted CA
- The researchers believe this sort of attack is happening right now
- There are so many trusted CA's in our browsers we have no idea which ones to trust
- Christopher Soghoian's paper Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL
- Microsoft Windows Root Certificate Program members (November 2009)
Sponsors
GoToMeeting
- GoToMeeting.com/SecurityNow
- G2M #2
- Ad Times: 0:42-0:54 and 6:31-8:57
Astaro
- Astaro.com
- Ad Times: 0:55-1:09 and 24:22-27:27
Production Information
- Edited by: Tony
- Notes:
![]() |
This area is for use by TWiT staff only. Please do not add or edit any content within this section. |