05 Nov 2013
In August of this year, Ladar Levison shut down his email service, Lavabit, in an attempt to avoid complying with a US government request for his users’ emails. To defy the US government’s gag order and shut down his service took great courage, and I believe that Ladar deserves our support in his legal defense of that decision.
There is now an effort underway to restart the Lavabit project, however, which might be a good opportunity to take a critical look at the service itself. After all, how is it possible that a service which wasn’t supposed to have access to its users’ emails found itself in a position where it had no other option but to shut down in an attempt to avoid complying with a request for the contents of its users’ emails?
12 Jun 2013
Suddenly, it feels like 2000 again. Back then, surveillance programs like Carnivore, Echelon, and Total Information Awareness helped spark a surge in electronic privacy awareness. Now a decade later, the recent discovery of programs like PRISM, Boundless Informant, and FISA orders are catalyzing renewed concern.
13 May 2013
Last week I was contacted by an agent of Mobily, one of two telecoms operating in Saudi Arabia, about a surveillance project that they’re working on in that country. Having published two reasonably popular MITM tools, it’s not uncommon for me to get emails requesting that I help people with their interception projects. I typically don’t respond, but this one (an email titled “Solution for monitoring encrypted data on telecom”) caught my eye.
19 Mar 2013
Last week I saw a tweet about Guardian Project’s “StrongTrustManager,” which was built for increasing the security of SSL connections in Android. It’s part of their OnionKit library, and their app Gibberbot uses it to secure its XMPP connections.
I recently released an Android library that provides simple SSL pinning support, and have previously written about the great opportunity we have for mobile apps to sidestep the many problems plaguing us with CA certificates, so I was excited to see something else out there.
Since I had just released something similar, I went to look at what the Guardian Project implementation provides, and incidentally ended up discovering a few security vulnerabilities. I’ve decided to write them up here, since they’ve turned out to be fairly common problems amongst TLS implementations, and might be of some value to document.
07 Jan 2013
To my great surprise, young people now somewhat frequently contact me in order to solicit career advice. They are usually in college or highschool, and want to know what the best next steps are for a career in security or software development.
This is, honestly, a really complicated question, mostly because I’m usually concerned that the question itself might be the wrong one to be asking. What I want to say, more often than not, is something along the lines of don’t do it; when I got out of highschool and focused on the answer to that same question, it was very nearly one of the biggest mistakes of my life.
Since I get these inquiries fairly regularly, I thought I’d write something here that I can use as a sort of canonical starting point for a response.
27 Nov 2012
I don’t really know who Dustin Curtis is, but he blogs a lot, and those blog entries often end up on Hacker News. Not too long ago, he wrote a blog post titled “The Best,” in which he explains that he has nice stuff. That in fact, everything he owns is actually the very best of its kind.
Dustin’s blog post culminates in the triumph of his quest for the perfect set of flatware. Apparently, this is what the perfect collection of forks, knives, and spoons looks like, which we can assume Dustin Curtis has in his kitchen drawer at this very moment:
13 Dec 2011
When it comes to designing secure protocols, I have a principle that goes like this: if you have to perform any cryptographic operation before verifying the MAC on a message you’ve received, it will somehow inevitably lead to doom.
05 Dec 2011
From Swindle To Hazard
In recent months, Comodo has been hacked repeatedly, DigiNotar was compromised, and the security of CAs as a whole has been found to be not altogether inspiring. The consensus finally seems to be shifting from the notion that CAs are merely a ripoff, to the notion that they are a ripoff, a security problem, and that we want them dead as immediately as possible. The only question that remains is how to replace them.
24 Jul 2011
BasicConstraints Back Then
In one week it will have been 9 years since I first published sslsniff — way back in 2002! While sslsniff has evolved to be a general-purpose MITM tool for SSL connections, I originally published it as a proof of concept exploit for the BasicConstraints vulnerability that I released along with it.
11 Apr 2011
In the early 90’s, at the dawn of the World Wide Web, some engineers at Netscape developed a protocol for making secure HTTP requests, and what they came up with was called SSL. Given the relatively scarce body of knowledge concerning secure protocols at the time, as well the intense pressure everyone at Netscape was working under, their efforts can only be seen as incredibly heroic. It’s amazing that SSL has endured for as long as it has, in contrast to a number of other protocols from the same vintage. We’ve definitely learned a lot since then, though, but the thing about protocols and APIs is that there’s very little going back.