News:

So the widespread use of emojis these days kinda makes forum smileys pointless, yeah?

Main Menu

Legality of ISP's doing MITM on encryption?

Started by Joe, September 30, 2008, 12:05:53 AM

Previous topic - Next topic

0 Members and 3 Guests are viewing this topic.

Joe

I was talking with Sidoh involving avoiding packet shaping by using an SSH tunnel, and I mentioned that they could MITM your tunnel and shape the packets that way. Does anyone know of the legality of MITM'ing your encrypted connections (SSH / HTTPS / etc)?
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.


rabbit

It depends.  By ECPA, they aren't allowed to interfere with any information in transit until it reaches its destination server, but due to the way that TCP/IP works, it's fairly likely that the data will go through at least one of their servers (as a legit "destination"), which makes ECPA pretty much worthless.  Even then, they can usually get away with it because MITM is really hard to detect.

Joe

I'll probably exchange fingerprints with iago via AIM / text message and check that out. :)
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.


iago

Your ISP just phoned me up, something about wanting me to give them their public key instead of my own..


Newby

Can't you verify fingerprints... ?

Really, SSH seems to be built to prevent this.
- Newby
http://www.x86labs.org

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote from: Rule on June 30, 2008, 01:13:20 PM
Quote from: CrAz3D on June 30, 2008, 10:38:22 AM
I'd bet that you're currently bloated like a water ballon on a hot summer's day.

That analogy doesn't even make sense.  Why would a water balloon be especially bloated on a hot summer's day? For your sake, I hope there wasn't too much logic testing on your LSAT. 

Sidoh

Quote from: Newby on September 30, 2008, 03:17:38 PM
Can't you verify fingerprints... ?

Really, SSH seems to be built to prevent this.

If you've received the server's key across a trustworthy medium, then you're almost definitely in the clear.  SSH complains loudly if it gets a conflicting key.  Otherwise, MITM is still easily possible, I think.

For SSL, there are CAs that verify the authenticity of a third party's public key.  However, I don't think there's anything that prevents the ISP from being the MITM in that exchange as well.  Am I wrong?

iago

Quote from: Sidoh on September 30, 2008, 04:07:35 PM
Quote from: Newby on September 30, 2008, 03:17:38 PM
Can't you verify fingerprints... ?

Really, SSH seems to be built to prevent this.

If you've received the server's key across a trustworthy medium, then you're almost definitely in the clear.  SSH complains loudly if it gets a conflicting key.  Otherwise, MITM is still easily possible, I think.
That's correct. That's why Joe talked about exchanging keys through a different medium (aim, text message), which is why I made the joke about his ISP phoning me. :)

Quote from: Sidoh on September 30, 2008, 04:07:35 PM
For SSL, there are CAs that verify the authenticity of a third party's public key.  However, I don't think there's anything that prevents the ISP from being the MITM in that exchange as well.  Am I wrong?
You have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know.

Of course, if the cert was compromised and revoked, odds are you'd never know because nobody checks the revocation lists.

Sidoh

Quote from: iago on September 30, 2008, 05:05:35 PM
You have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know.

Of course, if the cert was compromised and revoked, odds are you'd never know because nobody checks the revocation lists.

Ah, sure.  Of course this all assumes you're visiting sites which have certificates signed by a CA.  I guess this is usually the case, but I've seen a number of sites of "lesser caliber" that have self-signed certs.

Joe

Quote from: iago on September 30, 2008, 05:05:35 PM
You have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know.

Unless they compromised the Firefox installer I downloaded over non-HTTPS.
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.


rabbit

Quote from: Sidoh on September 30, 2008, 05:22:53 PM
Quote from: iago on September 30, 2008, 05:05:35 PM
You have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know.

Of course, if the cert was compromised and revoked, odds are you'd never know because nobody checks the revocation lists.

Ah, sure.  Of course this all assumes you're visiting sites which have certificates signed by a CA.  I guess this is usually the case, but I've seen a number of sites of "lesser caliber" that have self-signed certs.
Or maybe they are self signed because people don't feel like shelling out $700 to a signing company for a "legitimate" SSL cert.  Also, by that logic, VeriSign is a "lesser caliber" site, since it's signed its own cert.

Sidoh

Quote from: rabbit on September 30, 2008, 09:58:40 PM
Quote from: Sidoh on September 30, 2008, 05:22:53 PM
Quote from: iago on September 30, 2008, 05:05:35 PM
You have the CA's public key stored locally, and you verify the signature when you connect to it. So if somebody is MITMing that, you know.

Of course, if the cert was compromised and revoked, odds are you'd never know because nobody checks the revocation lists.

Ah, sure.  Of course this all assumes you're visiting sites which have certificates signed by a CA.  I guess this is usually the case, but I've seen a number of sites of "lesser caliber" that have self-signed certs.
Or maybe they are self signed because people don't feel like shelling out $700 to a signing company for a "legitimate" SSL cert.  Also, by that logic, VeriSign is a "lesser caliber" site, since it's signed its own cert.

It's not that much.  When I purchased one for a client, it was <$100.  If you're a big company, having the ability to ensure your customers that their information is kept safe in-transit is extremely important, and I don't think it's wise to undermine that importance.

Your last inference is flawed.  I didn't say every site that doesn't have a cert signed by a CA is of "lesser caliber".  I said there exist "lesser caliber" sites that don't have certs signed by a CA.

Camel

I think this is moot: The FCC forbade Comcast from looking at data to determine how to shape it. They are allowed to shape, but not based on what the data is, only on the quantity.

So, if your ISP is shaping, an encrypted tunnel will not help you.

<Camel> i said what what
<Blaze> in the butt
<Camel> you want to do it in my butt?
<Blaze> in my butt
<Camel> let's do it in the butt
<Blaze> Okay!

Sidoh

Quote from: Camel on October 01, 2008, 02:46:23 PM
I think this is moot: The FCC forbade Comcast from looking at data to determine how to shape it. They are allowed to shape, but not based on what the data is, only on the quantity.

So, if your ISP is shaping, an encrypted tunnel will not help you.

Ah, that is interesting.