LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 08-20-2002, 08:00 AM   #1
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Rep: Reputation: 56
A simple fix for Konqueror, a huge design flaw for MS Windows ...


Hi, guys it may suit better in secuity forum, but the linux security issue here is small and can be fixed in a minute by d/l the latest konqueror patch. So read on, and express your opinions. Before we start a little clarification - this excert is from an e-mail I receive every week - one of the companies requirements, unfortunately I couldn't find the source directly to include just a link, so I include the whole message:
Quote:
An SSL Vulnerability for the Masses
By Brian Hatch

Those of you following the news have probably heard about a recent SSL
authentication bug [1] in Internet Explorer discovered by Mike Benham.
This would be an excellent time to laugh at yet another Windows bug if
it weren't for the fact that this same bug is found in Konqueror, the
KDE browser. To understand the bug, let's take a look at how a browser
correctly authenticates a Web server.

The Web server has a public and private key installed that it uses for
encryption and authentication. When the browser connects, the Web server
presents it's public key. Certificate Authority -- an overpaid entity
such as VeriSign that says, "Yes, this key belongs to this site" --
signs this public key. (For more details about what SSL does and does
not protect, even when implemented properly, see [2].)

The browser has a hard-coded list of acceptable Certificate Authorities.
It will check the CA signature that is part of the server's certificate
and verify that it is signed by one of these trusted CAs. If it is not,
either the connection is dropped or you are assaulted with a series of
warning dialogs.

Some site certificates are not signed directly by a CA key, but by
intermediary CAs as part of a certificate chain. For example if you have
a trusted Certificate Authority, "Foo Security, Inc.", and that CA has
signed an Intermediate Certificate Authority for "Bar None Security",
then Bar is allowed to sign server certificates such as www.example.com.
This certificate chain would look something like this:

Certificate Type Trust Level
www.example.com: server cert Signed by Bar None Security
Bar None Security: Intermediate CA Signed by Foo Security, Inc
Foo Security, Inc: Root CA Implicit trust - installed in
browser

The problem with IE and Konqueror is that they simply verified that cert
Foo signed cert Bar, which signed www.example.com. They did not verify
that Bar was an Intermediate Certificate Authority. What does this mean?
If I had a valid certificate for some domain, say www.my_domain.com, I
can use it to sign any server certificate I want. For example:

www.big_bank.net: server cert Signed by www.my_domain.com
www.my_domain.com: server cert Signed by Foo Security, Inc
Foo Security, Inc: Root CA Implicit trust - installed in
browser

So, what to do? Well Konqueror had a fix available in an hour and a
half. If you're using the CVS version of KDE, recompile Konqueror and
you'll be all set. The fix is part of KDE 3.0.3, which is being released
pretty soon. Most Linux distributions either have or are preparing
updated packages.

If you're using IE then you have a longer wait in front of you.
Microsoft says that the bug is in the OS, not in IE. The certificate
checking code is not part of the CryptoAPI, a cryptography library used
by several other Microsoft programs, so the bug only affects IE. Why the
code isn't in the CrytoAPI, I can't imagine. And why the broken code -
which is in the OS, not in IE -- would only affect IE, I'll leave to
your imagination. But expect to wait a while. Microsoft doesn't see
broken SSL as a pressing security problem.

To read more about this vulnerability, see Benham's original BugTraq
post [1]. He also provides a proof-of-concept tool, sslsniff [3] that
can transparently perform man-in-the-middle attacks on SSL sessions.
This tool differs from the webmitm [4] tool that is part of Dug Song's
dsniff package, which uses a randomly generated SSL certificate and thus
sets off many warning dialog boxes on most browsers.


NOTES:

[1] http://www.thoughtcrime.org/ie.html
[2] http://www.hackinglinuxexposed.com/a.../20020423.html
[3] http://www.thoughtcrime.org/ie-ssl-chain.txt
[4] http://monkey.org/~dugsong/dsniff/
The author of this article is Brian Hatch - a Chief Hacker at Onsite and author of Hacking Linux Exposed and Building Linux VPN. Enjoy the reading, and if you are running a konq browser just download a simple fix from a local kde mirror or from your dstro's mirror site; if you are a hard a$$ windows user, then wait till Bill releases Universal Service Pack release 5466.56 to force you to buy new MS operating system - MS Windows with Frame and Shades.
Good day everyone.
 
Old 08-21-2002, 10:49 AM   #2
MasterC
LQ Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu ; CentOS ; Raspbian
Posts: 12,613

Rep: Reputation: 69
ba ha ha ha, with Frames and Shades! Good one Boris. That's some good reading, and very informative, thanks.
 
Old 08-21-2002, 02:35 PM   #3
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Original Poster
Rep: Reputation: 56
And how's that for a change http://www.microsoft.com/technet/tre...ews/IARWSV.asp
they say it is difficult, the technique describe at http://www.thoughtcrime.org/ie.html doesn't seem like a difficult one, prunks
Whatever, I am happy I don't fall prey for bill
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Sloooow konqueror. How do I fix? tux_me Linux - Software 2 09-19-2005 12:45 PM
Huge icons in Konqueror stonehurstX11 Mandriva 1 05-28-2004 11:15 PM
Konqueror tries to drag directory after one click. Is there a fix? andrewstr Linux - Software 5 12-22-2003 04:31 AM
Simple fix for this site Ztyx LQ Suggestions & Feedback 75 10-09-2002 06:42 PM
I torched my fonts in Konqueror, how do I fix them? BBlalock Linux - Newbie 2 04-09-2002 06:20 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 08:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration